yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 01:31:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
1364 commits 88 branches 205 tags 69 MiB
Commit graph

844 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 0a20171d52 Fix compiler warning from gcc -Os 2013-08-26 14:31:43 +02:00
Manuel Pégourié-Gonnard 70f1768b9d Make two format strings literal 
Fixes clang warning
 2013-08-26 14:31:33 +02:00
Manuel Pégourié-Gonnard c6554aab3d Check length of session tickets we write 2013-08-26 14:26:33 +02:00
Manuel Pégourié-Gonnard 38d1eba3b5 Move verify_result from ssl_context to session 2013-08-26 14:26:02 +02:00
Paul Bakker fde4270186 Added support for writing key_usage extension 2013-08-25 14:47:27 +02:00
Paul Bakker 598e450538 Added asn1_write_bitstring() and asn1_write_octet_string() 2013-08-25 14:46:39 +02:00
Paul Bakker 0e06c0fdb4 Assigned error codes to the error defines 2013-08-25 11:21:30 +02:00
Paul Bakker 82e2945ed2 Changed naming and prototype convention for x509write functions 
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
 2013-08-25 11:01:31 +02:00
Paul Bakker 2130796658 Switched order of storing x509_req_names to match inputed order 2013-08-25 10:51:18 +02:00
Paul Bakker 8eabfc1461 Rewrote x509 certificate request writing to use structure for storing 2013-08-25 10:51:18 +02:00
Manuel Pégourié-Gonnard fff80f8879 PK: use NULL for unimplemented operations 2013-08-20 20:46:05 +02:00
Manuel Pégourié-Gonnard f73da02962 PK: change pk_verify arguments (md_info "optional") 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard ab46694558 Change pk_set_type to pk_init_ctx for consistency 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard ac4cd36297 PK rsa_verify: check signature length 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 15699380e5 Small PK cleanups 
- better error codes
- rm now-useless include
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 3fb5c5ee1c PK: rename members for consistency CIPHER, MD 
Also add pk_get_name() to remove a direct access to pk_type
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 09162ddcaa PK: reuse some eckey functions for ecdsa 
Also add some forgotten 'static' while at it.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard c6ac8870d5 Nicer interface between PK and debug. 
Finally get rid of pk_context.type member, too.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard b3d9187cea PK: add nice interface functions 
Also fix a const-corectness issue.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 765db07dfb PK: use alloc and free function pointers 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 3053f5bcb4 Get rid of pk_wrap_rsa() 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard f8c948a674 Add name and get_size() members in PK 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 835eb59c6a PK: fix support for ECKEY_DH 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard f18c3e0378 Add a PK can_do() method and simplify code 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard d73b3c13be PK: use wrappers and function pointers for verify 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard f499993cb2 Add ecdsa_from_keypair() 
Also fix bug/limitation in mpi_copy: would segfault if src just initialised
and not set to a value yet. (This case occurs when copying a context which
contains only the public part of the key, eg.)
 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard cc0a9d040d Fix const-correctness of rsa_*_verify() 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard f84b4d6498 Check sig_pk for signature verification 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard 96d5912088 Implement EC cert and crl verification 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard 211a64c79f Add eckey to ecdsa conversion in the PK layer 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard b4d69c41f8 Prepare for EC cert & crl validation 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard e09631b7c4 Create ecp_group_copy() and use it 2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard 8eebd012b9 Add an ecdsa_genkey() function 2013-08-20 20:08:28 +02:00
Manuel Pégourié-Gonnard b694b4896c Add ecdsa_{read,write}_signature() 2013-08-20 20:04:16 +02:00
Paul Bakker 3a074a7996 Actually skip certificate if we do not understand hash type 2013-08-20 12:45:03 +02:00
Paul Bakker dc4baf11ab Removed errant printf in x509parse_self_test() 2013-08-20 12:44:33 +02:00
Paul Bakker 42c3ccf36e Fixed potential negative value misinterpretation in load_file() 2013-08-19 14:29:31 +02:00
Paul Bakker 75c1a6f97c Fixed potential heap buffer overflow on large hostname setting 2013-08-19 14:25:29 +02:00
Paul Bakker 694d3aeb47 Fixed potential heap buffer overflow on large file reading 2013-08-19 14:23:38 +02:00
Paul Bakker 5fd4917d97 Add missing ifdefs in ssl modules 2013-08-19 13:30:28 +02:00
Paul Bakker 04376b1419 Fixed memory leak in ssl_parse_server_key_exchange from missing 
md_free_ctx()
 2013-08-16 14:45:26 +02:00
Manuel Pégourié-Gonnard 298aae4524 Adapt core OID functions to embeded null bytes 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard c13c0d4524 Add a length check in rsa_get_pubkey() 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 56a487a17f Minor ecdsa cleanups 
- point_format is of no use
- d was init'ed and free'd twice
 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 686bfae244 Fix memory error in x509_get_attr_type_value 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard ba77bbf840 Fix memory error in asn1_get_alg() 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 06dab806ce Fix memory error in asn1_get_bitstring_null() 
When *len is 0, **p would be read, which is out of bounds.
 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 0b2726732e Fix ifdef conditions for EC-related extensions. 
Was alternatively ECP_C and ECDH_C.
 2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard 5734b2d358 Actually use the point format selected for ECDH 2013-08-16 13:56:16 +02:00
Manuel Pégourié-Gonnard 7b19c16b74 Handle suported_point_formats in ServerHello 2013-08-16 13:56:16 +02:00
Manuel Pégourié-Gonnard 6b8846d929 Stop advertising support for compressed points 
(We can only write them, not read them.)
 2013-08-16 13:56:16 +02:00
Paul Bakker 1f2bc6238b Made support for the truncated_hmac extension configurable 2013-08-15 13:45:55 +02:00
Paul Bakker 05decb24c3 Made support for the max_fragment_length extension configurable 2013-08-15 13:33:48 +02:00
Paul Bakker 606b4ba20f Session ticket expiration checked on server 2013-08-15 11:42:48 +02:00
Paul Bakker f0e39acb58 Fixed unitialized n when resuming a session 2013-08-15 11:40:48 +02:00
Paul Bakker a503a63b85 Made session tickets support configurable from config.h 2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard 56dc9e8bba Authenticate session tickets. 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard 990c51a557 Encrypt session tickets 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard 779e42982c Start adding ticket keys (only key_name for now) 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard aa0d4d1aff Add ssl_set_session_tickets() 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 306827e3bc Prepare ticket structure for securing 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 06650f6a37 Fix reusing session more than once 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 593058e35e Don't renew ticket when the current one is OK 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard c086cce3d3 Don't cache empty session ID nor resumed session 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 7cd5924cec Rework NewSessionTicket handling in state machine 
Fixes bug: NewSessionTicket was ommited in resumed sessions.
 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 3ffa3db80b Fix server session ID handling with ticket 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 72882b2079 Relax limit on ClientHello size 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 609bc81a76 ssl_srv: read & write ticket, unsecure for now 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 94f6a79cde Auxiliary functions to (de)serialize ssl_session 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 7a358b8580 ssl_srv: write & parse session ticket ext & msg 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 6377e41ef5 Complete client support for session tickets 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard a5cc6025e7 Parse NewSessionTicket message 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 60182ef989 ssl_cli: write & parse session ticket extension 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 75d440192c Introduce ticket field in session structure 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 5f280cc6cf Implement saving peer cert as part of session. 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 747180391d Add ssl_get_session() to save session on client 2013-08-14 14:08:03 +02:00
Paul Bakker 48e93c84b7 Made padding modes configurable from config.h 2013-08-14 14:02:48 +02:00
Paul Bakker 1a45d91cf2 Restructured cipher_set_padding_mode() to use switch statement 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard ebdc413f44 Add 'no padding' mode 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard 0e7d2c0f95 Add zero padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard 8d4291b52a Add zeros-and-length (ANSI X.923) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard 679f9e90ad Add one-and-zeros (ISO/IEC 7816-4) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard b7d24bc7ca Fix bug in get_pkcs_padding(): cannot be 0-length 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard ac56a1aec4 Make cipher_set_padding() actually work 
(Only one padding mode recognized yet.)
 2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard d5fdcaf9e5 Add cipher_set_padding() (no effect yet) 
Fix pattern in tests/.gitignore along the way.
 2013-08-14 14:02:46 +02:00
Paul Bakker 0f2f0bfc87 CAMELLIA-based PSK and DHE-PSK ciphersuites added 2013-07-26 15:04:03 +02:00
Paul Bakker b548d773b3 Fixed memory leak in ecdh_compute_shared() in case of error 2013-07-26 14:22:19 +02:00
Paul Bakker cca998a4c5 Fixed memory leak in ecdsa_sign() / ecdsa_verify() in case of error 2013-07-26 14:22:16 +02:00
Paul Bakker 1e6a175362 Support for AIX header locations in net.c module 2013-07-26 14:10:22 +02:00
Paul Bakker 52cf16caeb Fixed multiple use of GCM-context bug due to split-up of GCM functions 2013-07-26 13:56:22 +02:00
Paul Bakker d9ca94a677 Updated merged pk.c and x509parse.c changes with new memory allocation functions 2013-07-25 11:25:09 +02:00
Paul Bakker 8c1ede655f Changed prototype for ssl_set_truncated_hmac() to allow disabling 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard 277f7f23e2 Implement hmac truncation 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard 57c2852807 Added truncated hmac negociation (without effect) 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard e980a994f0 Add interface for truncated hmac 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard e048b67d0a Misc minor fixes 
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
 2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard ed4af8b57c Move negotiated max fragment length to session 
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
 2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard 581e6b6d6c Prepare migrating max fragment length to session 
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
 2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard 6b4f237f6a Forbid setting max_frag_len > MAX_CONTENT_LEN 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard 30dc7ef3ad Reset max_fragment_length in ssl_session_reset() 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard 7bb7899121 Send max_fragment_length extension (server) 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard f11a6d78c7 Rework server extensions writing 2013-07-18 11:23:38 +02:00
Manuel Pégourié-Gonnard de600e571a Read max_fragment_length extension (client) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard a052849640 Send max_fragment_length extension (client) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 48f8d0dbbd Read max_fragment_length extension (server) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 787b658bb3 Implement max_frag_len write restriction 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 8b46459ae5 Add ssl_set_max_frag_len() 2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard c2c90031ec Fix pk_set_type() behaviour for unkown type 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 14d8564402 Fix overflow check in oid_get_numeric_string() 
(The fix in 791eed3 was wrong.)
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard fd5164e283 Fix some more ifdef's RSA/EC, in pk and debug 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard ab2d9836b4 Fix some ifdef's in x509parse 
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974)
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 96f3a4e1b3 Rm ecp_keypair.alg 
Avoid duplicating information already present in pk_context.
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 8b863cd641 Merge EC & RSA versions of x509_parse_key() 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 6e88202a95 Merge EC & RSA versions of parse_pkcs8_unencrypted 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard a2d4e644ac Some more EC pubkey parsing refactoring 
Fix a bug in pk_rsa() and pk_ec() along the way
 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard 1c808a011c Refactor some EC key parsing code 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard 991d0f5aca Remove rsa member from x509_cert structure 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard ff56da3a26 Fix direct uses of x509_cert.rsa, now use pk_rsa() 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 893879adbd Adapt debug_print_crt() for EC keys 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 5b18fb04ca Fix bug in x509_get_{ecpubkey,subpubkey}() 
- 'p' was not properly updated
- also add a few more checks while at it
 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 360a583029 Adapt x509parse_cert_info() for EC 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 674b2243eb Prepare transition from x509_cert.rsa to pk 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard a155513e7b Rationalize use of x509_get_alg variants 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7a287c409e Rename x509_get_algid() to x509_get_pk_alg() 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7c5819eb1e Fix warnings (enum value missing from switch/case) 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 1e60cd09b0 Expand oid_get_sig_alg() for ECDSA-based algs 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 4fa0476675 Use new x509_get_pubkey() in x509parse_public_key() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard c296c5925e Introduce generic x509_get_pubkey() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 094ad9e512 Rename x509_get_pubkey to _rsa and split it up 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard f16ac763f6 Simplify length mismatch check in x509_get_pubkey 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 20c12f6b5f Factor more code into x509_get_pubkey() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 788db112a5 Get rid of x509_cert.pkoid 
Unused, comment did not match reality, and will soon be superseeded by the
'type' field of the pk_context which will replace rsa_context.
 2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard 374e4b87d4 pk_set_type() cannot be used to reset key type 2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard 0a64e8f1fd Rework algorithmIdentifier parsing 2013-07-17 15:59:39 +02:00
Paul Bakker f4a1427ae7 base64_decode() also forcefully returns on dst == NULL 2013-07-16 17:48:58 +02:00
Paul Bakker 61d113bb7b Init and free new contexts in the right place for SSL to prevent 
memory leaks
 2013-07-16 17:48:58 +02:00
Manuel Pégourié-Gonnard 7d4e5b739e Simplify password check in pem_read_buffer() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard 791eed3f33 Fix portability issue in oid_get_numeric_string() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00
Manuel Pégourié-Gonnard 81c313ccc6 Add #ifdef's on RSA and EC in PK 2013-07-09 10:49:09 +02:00
Manuel Pégourié-Gonnard 1f73a65c06 Fix ommission in pk_free(). 2013-07-09 10:42:13 +02:00
Manuel Pégourié-Gonnard 7a6c946446 Fix error code in pk.h 2013-07-09 10:37:27 +02:00
Manuel Pégourié-Gonnard 8838099330 Add x509parse_{,public}_key{,file}() 
Also make previously public *_ec functions private.
 2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard 12e0ed9115 Add pk_context and associated functions 2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard d4ec21dd47 Add a check for multiple curve specification 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 80300ad0d9 Add checks for pk_alg. 
Used to be implicitly done by oid_get_pk_alg().
 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 9c1cf459dd Implement x509parse_key_pkcs8_encrypted_der_ec() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard a5d9974423 Split up x509_parse_pkcs8_encrypted_der() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 416fa8fde5 Implement x509parse_key_pkcs8_unencrypted_der_ec() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f8648d51b1 Fix undocumented feature of pem_read_buffer() 
Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear.
 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard e366342233 Implement x509parse_key_sec1_der() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 15e8b82724 Fill in x509parse_key_ec using stub function 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 73c0cda346 Complete x509parse_public_key_ec() 
Warning: due to a bug in oid_descriptor_from_buf(), keys associated to some
curves (secp224r1, secp384r1, secp521r1) are incorrectly rejected,
since their namedCurve OID contains a nul byte.
 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f838eeda09 Add x509_get_ecparams() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f0b30d0542 Add oid_get_ec_grp() and associated data 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 5a9b82e234 Make oid_get_pk_alg handle EC algorithms 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard dffba8f63e Fix bug in oid_get_numeric_string() 
Overflow check was done too early, causing many false positives.
 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 444b42710a Optionally allow parameters in x509_get_tag() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 26833c2fc6 Add stubs for x509parse_key_ec and co. 2013-07-08 15:31:19 +02:00
Manuel Pégourié-Gonnard 4250a1f818 Fix a comment and some whitespace 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard ba4878aa64 Rename x509parse_key & co with _rsa suffix 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard c8dc295e83 Add ecp_check_prvkey, with test 
Also group key checking and generation functions in ecp.h and ecp.c.
 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard b8c6e0e3e9 Add ecp_keypair struct, init/free and constants 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard 7c8934ea0e Add ecdsa_init and ecdsa_free 2013-07-08 15:30:23 +02:00
Paul Bakker 1ef120f5fd Updated buffer-allocator with free-block-list to speed up searches 2013-07-03 17:22:32 +02:00
Paul Bakker 41350a9a7e Fixed spaces in memory_buffer_alloc.c 2013-07-03 17:22:32 +02:00
Paul Bakker fa9b10050b Also compiles / runs without time-based functions in OS 
Can now run without need of time() / localtime() and gettimeofday()
 2013-07-03 17:22:32 +02:00
Paul Bakker 891998e0c3 Added extra debug information to memory_buffer_alloc_status() 2013-07-03 17:22:31 +02:00
Paul Bakker bd5524471a Removed memory leak in PKCS#12 code 2013-07-03 17:22:31 +02:00
Paul Bakker 4632083c78 Removed memory leaks in PKCS#5 functions 2013-07-03 17:22:31 +02:00
Paul Bakker 6e339b52e8 Memory-allocation abstraction layer and buffer-based allocator added 2013-07-03 17:22:31 +02:00
Paul Bakker f863485fea Remove memory leak in PKCS#5 self test 2013-07-03 13:31:52 +02:00
Paul Bakker abf2f8fcf9 zlib compression/decompression skipped on empty blocks 2013-06-30 14:57:46 +02:00
Paul Bakker e5bffc319d Removed redundant includes 2013-06-30 14:53:06 +02:00
Paul Bakker d2681d82e2 Renamed sha2.{c,h} to sha256.{c,h} and sha4.{c,h} to sha512.{c,h} 2013-06-30 14:49:12 +02:00
Paul Bakker 9e36f0475f SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly 
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
 2013-06-30 14:34:05 +02:00
Paul Bakker 3866b9f4b5 Removed redundant inclusion 2013-06-30 12:53:14 +02:00
Paul Bakker fd3eac5786 Cleaned up ECP error codes 2013-06-29 23:31:33 +02:00
Paul Bakker 5dc6b5fb05 Made supported curves configurable 2013-06-29 23:26:34 +02:00
Paul Bakker e2ab84f4a1 Renamed error_strerror() to the less conflicting polarssl_strerror() 
Ability to keep old function error_strerror() as well with
POLARSSL_ERROR_STRERROR_BC. Also works with
POLARSSL_ERROR_STRERROR_DUMMY.
 2013-06-29 18:35:41 +02:00
Paul Bakker 2fbefde1d8 Client and server now filter sent and accepted ciphersuites on minimum 
and maximum protocol version
 2013-06-29 18:35:40 +02:00
Paul Bakker 59c28a2723 SSL v2 handshake should also handle dynamic ciphersuites 2013-06-29 18:35:40 +02:00
Paul Bakker f8d018a274 Made asn1_get_alg() and asn1_get_alg_null() as generic functions 
A generic function for retrieving the AlgorithmIdentifier structure with
its parameters and adapted X509, PKCS#5 and PKCS#12 to use them.
 2013-06-29 18:35:40 +02:00
Paul Bakker ce6ae233cb Macro-ized the final internal OID functions 2013-06-29 18:35:40 +02:00
Paul Bakker 47fce02bd8 Defines around module-dependent OIDs 2013-06-29 18:35:40 +02:00
Paul Bakker 7749a22974 Moved PKCS#12 cipher layer based PBE detection to use OID database 2013-06-29 18:32:16 +02:00
Paul Bakker dd1150e846 Macro-ized single and double attribute functions in OID database 2013-06-28 17:20:22 +02:00
Paul Bakker bd51ad538d Re-ordered OID internals. Made macro for oid_XXX_from_asn1() functions 2013-06-28 16:54:23 +02:00
Paul Bakker 9b5e885611 PKCS#5 PBES2 now uses OID database for algorithm detection 2013-06-28 16:12:50 +02:00
Paul Bakker c5a79cca53 Fixed compiler warnings for unused parameter ssl 2013-06-26 15:08:35 +02:00
Paul Bakker b9d3cfa114 Split up GCM into a start/update/finish cycle 2013-06-26 15:08:29 +02:00
Paul Bakker 534f82c77a Made ctr_drbg_init_entropy_len() non-static and defined 2013-06-25 16:47:55 +02:00
Paul Bakker b6c5d2e1a6 Cleanup up non-prototyped functions (static) and const-correctness 
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
 2013-06-25 16:25:17 +02:00
Paul Bakker 169b7f4a13 Fixed gcm.c formatting (removed redundant spaces) 2013-06-25 15:06:54 +02:00
Paul Bakker bda7cb76fa Fixed minor comment typo 
(cherry picked from commit da7fdbd534)
 2013-06-25 15:06:54 +02:00
Paul Bakker 38b50d73a1 Moved PKCS#12 PBE functions to cipher / md layer where possible 
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
(cherry picked from commit 14a222cef2)
 2013-06-25 15:06:53 +02:00
Paul Bakker 0e34235644 Fixed values for 2-key Triple DES in cipher layer 
(cherry picked from commit 2be71faae4)
 2013-06-25 15:06:53 +02:00
Paul Bakker a4232a7ccb x509parse_crt() and x509parse_crt_der() return X509 password related codes 
POLARSSL_ERR_X509_PASSWORD_MISMATCH is returned instead of
POLARSSL_ERR_PEM_PASSWORD_MISMATCH and
POLARSSL_ERR_X509_PASSWORD_REQUIRED instead of
POLARSSL_ERR_PEM_PASSWORD_REQUIRED

Rationale: For PKCS#8 encrypted keys the same are returned
(cherry picked from commit b495d3a2c7)
 2013-06-25 15:06:53 +02:00
Paul Bakker 72823091c2 Removed redundant free()s 
(cherry picked from commit 1fc7dfe2e2)
 2013-06-25 15:06:53 +02:00