Manuel Pégourié-Gonnard
e89bcf05da
Write new DTLS handshake fields correctly
2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard
0619348288
Add explicit counter in DTLS record header
2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard
7ee6f0e6e5
Preparation: allow {in,out}_ctr != {in,out}_buf
2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard
abc7e3b4ba
Handle DTLS version encoding and fix some checks
2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard
864a81fdc0
More ssl_set_XXX() functions can return BAD_INPUT
2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard
b21ca2a69f
Adapt version-handling functions to DTLS
2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard
0b1ff29328
Add basic flags for DTLS
2014-10-21 16:30:03 +02:00
Paul Bakker
9e4ff953de
Clarified len parameter of ssl_read()
2014-09-24 11:13:11 +02:00
Manuel Pégourié-Gonnard
44ade654c5
Implement (partial) renego delay on client
2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard
6591962f06
Allow delay on renego on client
...
Currently unbounded: will be fixed later
2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard
55e4ff2ace
Tune comments
2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard
8d4ad07706
SHA-2 ciphersuites now require TLS 1.x
2014-08-14 11:34:34 +02:00
Paul Bakker
accaffe2c3
Restructure ssl_handshake_init() and small fixes
2014-07-09 10:19:24 +02:00
Manuel Pégourié-Gonnard
08e81e0c8f
Change selection of hash algorithm for TLS 1.2
2014-07-08 14:20:26 +02:00
Paul Bakker
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
Manuel Pégourié-Gonnard
481fcfde93
Make PSK_LEN configurable and adjust PMS size
2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard
a9964dbcd5
Add ssl_set_renegotiation_enforced()
2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard
c27807dd1e
Make SSL_BUFFER_LEN overhead depend more on config
2014-06-30 17:27:49 +02:00
Manuel Pégourié-Gonnard
08485cca81
Fix SSL_BUFFER_LEN
2014-06-25 11:26:12 +02:00
Paul Bakker
b9e4e2c97a
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
Manuel Pégourié-Gonnard
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
Paul Bakker
088c5c5f18
POLARSSL_CONFIG_OPTIONS has been removed. Values are set individually
...
For the Platform module this requires the introduction of
POLARSSL_PLATFORM_NO_STD_FUNCTIONS to allow not performing the default
assignments.
2014-04-25 11:11:10 +02:00
Paul Bakker
043a2e26d0
Merge verification of the keyUsage extension in X.509 certificates
2014-04-09 15:55:08 +02:00
Manuel Pégourié-Gonnard
7f2a07d7b2
Check keyUsage in SSL client and server
2014-04-09 15:50:57 +02:00
Paul Bakker
75342a65e4
Fixed typos in code
2014-04-09 15:49:57 +02:00
Manuel Pégourié-Gonnard
89e35798ae
Implement ALPN server-side
2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard
0b874dc580
Implement ALPN client-side
2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard
7e250d4812
Add ALPN interface
2014-04-04 17:10:40 +02:00
Manuel Pégourié-Gonnard
7a2aba8d81
Deprecate some non-PK compatibility functions
...
(Should have been deprecated in 1.3.0 already.)
2014-03-26 12:58:52 +01:00
Manuel Pégourié-Gonnard
a612b44cc5
Fix typo in doc
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
e2ce2112ac
Update doc of ssl_set_authmode()
2014-03-13 19:25:07 +01:00
Manuel Pégourié-Gonnard
83cdffc437
Forbid sequence number wrapping
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
ab24010b54
Enforce our choice of allowed curves.
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
7f38ed0bfa
ssl_set_curves is no longer ECDHE only
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
cd49f76898
Make ssl_set_curves() work client-side too.
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
de05390c85
Rename ecdh_curve_list to curve_list
2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard
5de2580563
Make ssl_set_ecdh_curves() a compile-time option
2014-02-06 10:28:38 +01:00
Gergely Budai
987bfb510b
Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves.
2014-02-06 10:28:38 +01:00
Paul Bakker
cf1d73b213
Clarified ssl_set_ciphersuites() doc for influencing preference as well
2014-01-14 14:08:13 +01:00
Paul Bakker
956c9e063d
Reduced the input / output overhead with 200+ bytes and covered corner
...
case
The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.
Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.
We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
2013-12-30 15:00:51 +01:00
Manuel Pégourié-Gonnard
c72ac7c3ef
Fix SSLv3 handling of SHA-384 suites
...
Fixes memory corruption, introduced in
a5bdfcd
(Relax some SHA2 ciphersuite's version requirements)
2013-12-17 10:18:25 +01:00
Paul Bakker
a9a028ebd0
SSL now gracefully handles missing RNG
2013-11-21 17:31:06 +01:00
Steffan Karger
28d81a009c
Fix pkcs11.c to conform to PolarSSL 1.3 API.
...
This restores previous functionality, and thus still allows only RSA to be
used through PKCS#11.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Signed-off-by: Paul Bakker <p.j.bakker@polarssl.org>
2013-11-20 16:13:27 +01:00
Paul Bakker
993e386a73
Merged renegotiation refactoring
2013-10-31 14:32:38 +01:00
Manuel Pégourié-Gonnard
31ff1d2e4f
Safer buffer comparisons in the SSL modules
2013-10-31 14:23:12 +01:00
Manuel Pégourié-Gonnard
6d8404d6ba
Server: enforce renegotiation
2013-10-30 16:48:10 +01:00
Manuel Pégourié-Gonnard
9c1e1898b6
Move some code around, improve documentation
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
214eed38c7
Make ssl_renegotiate the only interface
...
ssl_write_hello_request() is no private
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
caed0541a0
Allow ssl_renegotiate() to be called in a loop
...
Previously broken if waiting for network I/O in the middle of a re-handshake
initiated by the client.
2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard
f3dc2f6a1d
Add code for testing server-initiated renegotiation
2013-10-30 16:46:46 +01:00
Paul Bakker
60b1d10131
Fixed spelling / typos (from PowerDNS:codespell)
2013-10-29 10:02:51 +01:00
Paul Bakker
1642122f8b
Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer
2013-10-28 14:38:35 +01:00
Paul Bakker
677377f472
Server does not send out extensions not advertised by client
2013-10-28 12:54:26 +01:00
Manuel Pégourié-Gonnard
a8a25ae1b9
Fix bad error codes
2013-10-27 13:48:15 +01:00
Paul Bakker
f34673e37b
Merged RSA-PSK key-exchange and ciphersuites
2013-10-15 12:46:41 +02:00
Paul Bakker
376e8153a0
Merged ECDHE-PSK ciphersuites
2013-10-15 12:45:36 +02:00
Manuel Pégourié-Gonnard
8a3c64d73f
Fix and simplify *-PSK ifdef's
2013-10-14 19:54:10 +02:00
Manuel Pégourié-Gonnard
1b62c7f93d
Fix dependencies and related issues
2013-10-14 14:02:19 +02:00
Manuel Pégourié-Gonnard
bd1ae24449
Factor PSK pms computation to ssl_tls.c
2013-10-14 13:17:36 +02:00
Paul Bakker
1677033bc8
TLS compression only allocates working buffer once
2013-10-11 09:59:44 +02:00
Paul Bakker
6838bd1d73
Clarified threading issues
2013-09-30 15:24:33 +02:00
Manuel Pégourié-Gonnard
8372454615
Rework SNI to fix memory issues
2013-09-24 22:30:56 +02:00
Manuel Pégourié-Gonnard
705fcca409
Adapt support for SNI to recent changes
2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
d09453c88c
Check our ECDSA cert(s) against supported curves
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
3ebb2cdb52
Add support for multiple server certificates
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
834ea8587f
Change internal structs for multi-cert support
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
cbf3ef3861
RSA and ECDSA key exchanges don't depend on CRL
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
1a483833b3
SSL_TLS doesn't depend on PK any more
...
(But PK does depend on RSA or ECP.)
2013-09-20 12:29:15 +02:00
Manuel Pégourié-Gonnard
1032c1d3ec
Fix some dependencies and warnings in small config
2013-09-19 10:49:00 +02:00
Paul Bakker
6db455e6e3
PSK callback added to SSL server
2013-09-18 21:14:58 +02:00
Paul Bakker
c559c7a680
Renamed x509_cert structure to x509_crt for consistency
2013-09-18 14:32:52 +02:00
Paul Bakker
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
Paul Bakker
dcbfdcc177
Updated doxygen documentation in header files and HTML pages
2013-09-10 16:16:50 +02:00
Manuel Pégourié-Gonnard
7da0a38d43
Rm some includes that are now useless
2013-09-05 17:06:11 +02:00
Manuel Pégourié-Gonnard
226d5da1fc
GCM ciphersuites partially using cipher layer
2013-09-05 17:06:10 +02:00
Paul Bakker
da02a7f45e
AES_CBC ciphersuites now run purely via cipher layer
2013-08-31 17:25:14 +02:00
Manuel Pégourié-Gonnard
c852a68b96
More robust selection of ctx_enc size
2013-08-28 13:13:30 +02:00
Paul Bakker
577e006c2f
Merged ECDSA-based key-exchange and ciphersuites into development
...
Conflicts:
include/polarssl/config.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard
acc7505a35
Temporary fix for size of cipher contexts
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
2fb15f694c
Un-rename ssl_set_own_cert_alt()
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
a20c58c6f1
Use convert functions for SSL_SIG_* and SSL_HASH_*
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
0d42049440
Merge code for RSA and ECDSA in SSL
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
070cc7fd21
Use the new PK RSA-alt interface
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
8df2769178
Introduce pk_sign() and use it in ssl
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
ac75523593
Adapt ssl_set_own_cert() to generic keys
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
0b03200e96
Add server-side support for ECDSA client auth
2013-08-27 22:21:19 +02:00
Paul Bakker
0be444a8b1
Ability to disable server_name extension (RFC 6066)
2013-08-27 21:55:01 +02:00
Paul Bakker
d2f068e071
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
2013-08-27 21:19:20 +02:00
Paul Bakker
fb08fd2e23
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
2013-08-27 15:06:54 +02:00
Manuel Pégourié-Gonnard
38d1eba3b5
Move verify_result from ssl_context to session
2013-08-26 14:26:02 +02:00
Manuel Pégourié-Gonnard
b3d9187cea
PK: add nice interface functions
...
Also fix a const-corectness issue.
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
0b2726732e
Fix ifdef conditions for EC-related extensions.
...
Was alternatively ECP_C and ECDH_C.
2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard
5734b2d358
Actually use the point format selected for ECDH
2013-08-16 13:56:16 +02:00
Paul Bakker
1f2bc6238b
Made support for the truncated_hmac extension configurable
2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3
Made support for the max_fragment_length extension configurable
2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f
Session ticket expiration checked on server
2013-08-15 11:42:48 +02:00
Paul Bakker
a503a63b85
Made session tickets support configurable from config.h
2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard
56dc9e8bba
Authenticate session tickets.
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557
Encrypt session tickets
2013-08-14 14:08:07 +02:00