yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 01:31:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
1754 commits 88 branches 205 tags 69 MiB
Commit graph

1114 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 1032c1d3ec Fix some dependencies and warnings in small config 2013-09-19 10:49:00 +02:00
Paul Bakker 5ad403f5b5 Prepared for 1.3.0 RC0 2013-09-18 21:21:30 +02:00
Paul Bakker 6db455e6e3 PSK callback added to SSL server 2013-09-18 21:14:58 +02:00
Manuel Pégourié-Gonnard ff29f9c825 Compute public key if absent when reading EC key 2013-09-18 16:13:02 +02:00
Manuel Pégourié-Gonnard da179e4870 Add ecp_curve_list(), hide ecp_supported_curves 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard dace82f805 Refactor cipher information management 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard a310459f5c Fix a few things that broke with RSA compiled out 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard 161ef968db Cache pre-computed points for ecp_mul() 
Up to 1.25 speedup on ECDSA sign for small curves, but mainly useful as a
preparation for fixed-point mult (a few prototypes changed in constness).
 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard 56cd319f0e Add human-friendly name in ecp_curve_info 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard a79d123a55 Make ecp_supported_curves constant 2013-09-18 14:35:57 +02:00
Manuel Pégourié-Gonnard 51451f8d26 Replace EC flag with ssl_ciphersuite_uses_ec() 2013-09-18 14:35:56 +02:00
Manuel Pégourié-Gonnard 15d5de1969 Simplify usage of DHM blinding 2013-09-18 14:35:55 +02:00
Manuel Pégourié-Gonnard c83e418149 Prepare for ECDH point blinding just in case 2013-09-18 14:35:54 +02:00
Manuel Pégourié-Gonnard c972770f78 Prepare ecp_group for future extensions 2013-09-18 14:35:53 +02:00
Manuel Pégourié-Gonnard 456d3b9b0b Make ECP error codes more specific 2013-09-18 14:35:53 +02:00
Manuel Pégourié-Gonnard 568c9cf878 Add ecp_supported_curves and simplify some code 2013-09-18 14:34:34 +02:00
Manuel Pégourié-Gonnard 7038039f2e Dissociate TLS and internal EC curve identifiers 
Allows to add new curves before they get a TLS number
 2013-09-18 14:34:34 +02:00
Manuel Pégourié-Gonnard a97c015f89 Rm useless/wrong DHM lenght test 2013-09-18 14:34:33 +02:00
Manuel Pégourié-Gonnard 4cf0686d6d Remove spurious '+ 3' in ecdsa_write_signature() 2013-09-18 14:34:33 +02:00
Manuel Pégourié-Gonnard dd0f57f186 Check key size in cipher_setkey() 2013-09-18 14:34:32 +02:00
Paul Bakker b6b0956631 Rm of memset instead of x509_crt_init() 2013-09-18 14:32:52 +02:00
Paul Bakker c559c7a680 Renamed x509_cert structure to x509_crt for consistency 2013-09-18 14:32:52 +02:00
Paul Bakker 9556d3d650 Renamed x509_crt_write.c and x509_csr_write.c 2013-09-18 13:50:13 +02:00
Paul Bakker ddf26b4e38 Renamed x509parse_* functions to new form 
e.g. x509parse_crtfile -> x509_crt_parse_file
 2013-09-18 13:46:23 +02:00
Paul Bakker 369d2eb2a2 Introduced x509_crt_init(), x509_crl_init() and x509_csr_init() 2013-09-18 12:01:43 +02:00
Paul Bakker 86d0c1949e Generalized function names of x509 functions not parse-specific 
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
 2013-09-18 12:01:42 +02:00
Paul Bakker 5187656211 Renamed X509 / X509WRITE error codes to generic (non-cert-specific) 2013-09-17 14:36:05 +02:00
Paul Bakker 36713e8ed9 Fixed bunch of X509_PARSE related defines / dependencies 2013-09-17 13:25:29 +02:00
Paul Bakker e9e6ae338b Moved x509_self_test() from x509_crt.c to x509.c and fixed mem-free bug 2013-09-16 22:55:51 +02:00
Paul Bakker da7711594e Changed pk_parse_get_pubkey() to pk_parse_subpubkey() 2013-09-16 22:45:03 +02:00
Paul Bakker d1a983fe77 Removed x509parse key functions and moved them to compat-1.2.h 2013-09-16 22:26:53 +02:00
Paul Bakker 7c6b2c320e Split up X509 files into smaller modules 2013-09-16 21:41:54 +02:00
Paul Bakker cff6842b39 POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-16 13:36:18 +02:00
Paul Bakker 77e23fb0e0 Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00
Paul Bakker 40ce79f1e6 Moved DHM parsing from X509 module to DHM module 2013-09-15 17:43:54 +02:00
Paul Bakker 3e41fe8938 Remove printf when RSA selftest is skipped 2013-09-15 17:42:50 +02:00
Paul Bakker dce7fdcbc9 Fixed warnings in case POLARSSL_PEM_C is not defined 2013-09-15 17:15:26 +02:00
Paul Bakker 2292d1fad0 Fixed warnings in case POLARSSL_X509_PARSE_C is not defined 2013-09-15 17:06:49 +02:00
Paul Bakker 4606c7317b Added POLARSSL_PK_PARSE_C and POLARSSL_PK_WRITE_C 2013-09-15 17:04:23 +02:00
Paul Bakker c7bb02be77 Moved PK key writing from X509 module to PK module 2013-09-15 14:54:56 +02:00
Paul Bakker 1a7550ac67 Moved PK key parsing from X509 module to PK module 2013-09-15 13:47:30 +02:00
Manuel Pégourié-Gonnard 92cb1d3a91 Make CBC an option, step 3: individual ciphers 2013-09-13 17:25:43 +02:00
Manuel Pégourié-Gonnard 989ed38de2 Make CBC an option, step 2: cipher layer 2013-09-13 15:48:40 +02:00
Manuel Pégourié-Gonnard f7dc378ead Make CBC an option, step 1: ssl ciphersuites 2013-09-13 15:37:03 +02:00
Manuel Pégourié-Gonnard b72b4edec1 Fix memory leak in DHM 2013-09-13 13:55:26 +02:00
Manuel Pégourié-Gonnard 4fe9200f47 Fix memory leak in GCM by adding gcm_free() 2013-09-13 13:45:58 +02:00
Manuel Pégourié-Gonnard 735b8fcb0b Fix blunder in 8a109f1 2013-09-13 12:57:23 +02:00
Paul Bakker 9013af76a3 Merged major refactoring of x509write module into development 
This refactoring adds support for proper CSR writing and X509
certificate generation / signing
 2013-09-12 11:58:04 +02:00
Manuel Pégourié-Gonnard bb323ffc7c Complete EC support in x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard 31e59400d2 Add missing f_rng/p_rng arguments to x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard 53c642504e Use PK internally for x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard f38e71afd5 Convert x509write_crt interface to PK 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard 6de63e480d Add EC support to x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard 7f1f0926e4 Add test for x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard 0088c69fbf Complete x509write_csr support for EC key 
No automated test yet (complicated by the fact that ECDSA signatures are not
deterministic), tested using cert_req (and openssl for verification).
 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard edda9041fc Adapt asn1_write_algorithm_identifier() to params 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard 3837daec9e Add EC support to x509write_pubkey 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard e1f821a6eb Adapt x509write_pubkey interface to use PK 
key_app_writer will be fixed later
 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard ee73179b2f Adapt x509write_csr prototypes for PK 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard 8053da4057 x509write_csr() now fully using PK internally 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard d4eb5b5196 Add references 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard 27d87fa6c4 Fix many off-by-one errors 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard 6dcf0bfcf4 Use x509write_pubkey_der() when applicable 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard 5353a03eb9 x509write_csr using PK internally (WIP) 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard 85dfe08b31 Merge duplicated else/#else branch 2013-09-12 11:57:00 +02:00
Paul Bakker 18f0341aed Typo in comments in ctr_drbg.c 2013-09-11 11:05:56 +02:00
Manuel Pégourié-Gonnard da7317ed00 Use asn1_free_named_data_list() when relevant 2013-09-10 15:52:52 +02:00
Paul Bakker c0dcf0ceb1 Merged blinding additions for EC, RSA and DHM into development 2013-09-10 14:44:27 +02:00
Paul Bakker 36b7e1efe7 Merged GCM refactoring into development 
GCM is now independent of AES and can be used as a mode for any
cipher-layer supported 128-bit based block cipher
 2013-09-10 14:41:05 +02:00
Paul Bakker 2a6a3a7e69 Better checking on cipher_info_from_values() 2013-09-10 14:29:28 +02:00
Paul Bakker a0558e0484 Check that the cipher GCM receives is a 128-bit-based cipher 2013-09-10 14:25:51 +02:00
Manuel Pégourié-Gonnard 8a109f106d Optimize RSA blinding by caching-updating values 2013-09-10 13:55:36 +02:00
Manuel Pégourié-Gonnard ea53a55c0f Refactor to prepare for RSA blinding optimisation 2013-09-10 13:55:35 +02:00
Paul Bakker 1c3853b953 oid_get_oid_by_*() now give back oid length as well 2013-09-10 11:43:44 +02:00
Paul Bakker 003dbad250 Fixed file descriptor leak in x509parse_crtpath() 2013-09-09 17:26:14 +02:00
Paul Bakker a5943858d8 x509_verify() now case insensitive for cn (RFC 6125 6.4) 2013-09-09 17:21:45 +02:00
Paul Bakker f9f377e652 CSR Parsing (without attributes / extensions) implemented 2013-09-09 15:35:10 +02:00
Paul Bakker d4bf870ff5 Allow spaces after the comma when converting X509 names 2013-09-09 13:59:11 +02:00
Paul Bakker 52be08c299 Added support for writing Key Usage and NS Cert Type extensions 2013-09-09 12:38:45 +02:00
Paul Bakker cd35803684 Changes x509_csr to x509write_csr 2013-09-09 12:38:45 +02:00
Paul Bakker 5f45e62afe Migrated from x509_req_name to asn1_named_data structure 2013-09-09 12:02:36 +02:00
Paul Bakker c547cc992e Added generic asn1_free_named_data_list() 2013-09-09 12:01:23 +02:00
Paul Bakker 59ba59fa30 Generalized x509_set_extension() behaviour to asn1_store_named_data() 2013-09-09 11:34:44 +02:00
Paul Bakker 43aff2aec4 Moved GCM to use cipher layer instead of AES directly 2013-09-09 00:10:27 +02:00
Paul Bakker f46b6955e3 Added cipher_info_from_values() to cipher layer (Search by ID+keylen+mode) 2013-09-09 00:08:26 +02:00
Paul Bakker 5e0efa7ef5 Added POLARSSL_MODE_ECB to the cipher layer 2013-09-08 23:04:04 +02:00
Manuel Pégourié-Gonnard 9f5a3c4a0a Fix possible memory error. 2013-09-08 20:08:59 +02:00
Manuel Pégourié-Gonnard bfb355c33b Fix memory leak on missed session reuse 2013-09-08 20:08:36 +02:00
Manuel Pégourié-Gonnard bc4b7f08ba Fix possible race in ssl_list_ciphersuites() 
Thread A: executing for loop of ssl_list_ciphersuites()
Thread B: call ssl_list_cipher_suites(), see init == 0
Thread A: return, start using the result
Thread B: memset(0) on the list used by thread A
 2013-09-08 20:07:48 +02:00
Paul Bakker 9c208aabc8 Use ASN1_UTC_TIME in some cases 2013-09-08 15:44:31 +02:00
Manuel Pégourié-Gonnard 032c34e206 Don't use DH blinding for ephemeral DH 2013-09-07 13:06:27 +02:00
Paul Bakker 15162a054a Writing of X509v3 extensions supported 
Standard extensions already in: basicConstraints, subjectKeyIdentifier
and authorityKeyIdentifier
 2013-09-06 19:27:21 +02:00
Paul Bakker 329def30c5 Added asn1_write_bool() 2013-09-06 16:34:38 +02:00
Paul Bakker 9397dcb0e8 Base X509 certificate writing functinality 2013-09-06 10:36:28 +02:00
Manuel Pégourié-Gonnard d13a4099dd GCM ciphersuites using only cipher layer 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard b8bd593741 Restrict cipher_update() for GCM 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard 226d5da1fc GCM ciphersuites partially using cipher layer 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard 1af50a240b Cipher: test multiple cycles 
GCM-cipher: just trust the user to call update_ad at the right time
 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard ed8a02bfae Simplify DH blinding a bit 2013-09-04 17:18:28 +02:00
Paul Bakker 45125bc160 Changes to handle merged enhancements 2013-09-04 16:48:22 +02:00
Manuel Pégourié-Gonnard 143b5028a5 Implement DH blinding 2013-09-04 16:29:59 +02:00
Paul Bakker c049955b32 Merged new cipher layer enhancements 2013-09-04 16:12:55 +02:00
Manuel Pégourié-Gonnard 2d627649bf Change dhm_calc_secret() prototype 2013-09-04 14:22:07 +02:00
Manuel Pégourié-Gonnard ce4112538c Fix RC4 key length in cipher 2013-09-04 12:29:26 +02:00
Manuel Pégourié-Gonnard 83f3fc0d77 Add AES-192-GCM 2013-09-04 12:14:13 +02:00
Manuel Pégourié-Gonnard 43a4780b03 Ommit AEAD functions if GCM not defined 2013-09-03 19:28:35 +02:00
Manuel Pégourié-Gonnard aa9ffc5e98 Split tag handling out of cipher_finish() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard 2adc40c346 Split cipher_update_ad() out or cipher_reset() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard a235b5b5bd Fix iv_len interface. 
cipher_info->iv_size == 0 is no longer ambiguous, and
cipher_get_iv_size() always returns something useful to generate an IV.
 2013-09-03 13:25:52 +02:00
Manuel Pégourié-Gonnard 9c853b910c Split cipher_set_iv() out of cipher_reset() 2013-09-03 13:04:44 +02:00
Manuel Pégourié-Gonnard 07de4b1d08 Implement randomized coordinates in ecp_mul() 2013-09-02 16:26:04 +02:00
Manuel Pégourié-Gonnard c75c56fef7 Fix off-by-one error in ecdsa_write_signature() 
Made some signature fail with 521-bit curve
 2013-09-02 16:25:37 +02:00
Paul Bakker ea6ad3f6e5 ARC4 ciphersuites using only cipher layer 2013-09-02 14:57:01 +02:00
Manuel Pégourié-Gonnard e09d2f8261 Change ecp_mul() prototype to allow randomization 
(Also improve an error code while at it.)
 2013-09-02 14:29:09 +02:00
Paul Bakker eb851f6cd5 Merged current cipher enhancements for ARC4 and AES-GCM 2013-09-01 15:49:38 +02:00
Manuel Pégourié-Gonnard 9241be7ac5 Change cipher prototypes for GCM 2013-08-31 18:07:42 +02:00
Paul Bakker cca5b81d18 All CBC ciphersuites via the cipher layer 2013-08-31 17:40:26 +02:00
Paul Bakker da02a7f45e AES_CBC ciphersuites now run purely via cipher layer 2013-08-31 17:25:14 +02:00
Manuel Pégourié-Gonnard 20d6a17af9 Make GCM tag check "constant-time" 2013-08-31 16:37:46 +02:00
Manuel Pégourié-Gonnard 07f8fa5a69 GCM in the cipher layer, step 1 
- no support for additional data
- no support for tag
 2013-08-31 16:08:22 +02:00
Manuel Pégourié-Gonnard b5e85885de Handle NULL as a stream cipher for more uniformity 2013-08-30 17:11:28 +02:00
Manuel Pégourié-Gonnard 37e230c022 Add arc4 support in the cipher layer 2013-08-30 17:11:28 +02:00
Paul Bakker f451bac000 Blinding RSA only active when f_rng is provided 2013-08-30 15:48:53 +02:00
Paul Bakker 48377d9834 Configuration option to enable/disable POLARSSL_PKCS1_V15 operations 2013-08-30 13:41:14 +02:00
Paul Bakker aab30c130c RSA blinding added for CRT operations 2013-08-30 11:03:09 +02:00
Paul Bakker 548957dd49 Refactored RSA to have random generator in every RSA operation 
Primarily so that rsa_private() receives an RNG for blinding purposes.
 2013-08-30 10:30:02 +02:00
Paul Bakker ca174fef80 Merged refactored x509write module into development 2013-08-28 16:32:51 +02:00
Paul Bakker 9659dae046 Some extra code defined out 2013-08-28 16:21:34 +02:00
Manuel Pégourié-Gonnard c852a68b96 More robust selection of ctx_enc size 2013-08-28 13:13:30 +02:00
Manuel Pégourié-Gonnard cffe4a65bd Move "constant" code outside a loop 2013-08-28 13:13:20 +02:00
Paul Bakker 577e006c2f Merged ECDSA-based key-exchange and ciphersuites into development 
Conflicts:
	include/polarssl/config.h
	library/ssl_cli.c
	library/ssl_srv.c
	library/ssl_tls.c
 2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard 57a8783364 Make more room for ciphersuites 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard db77175e99 Make ecdsa_verify() return value more explicit 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard 9cc6f5c61b Fix some hash debugging 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard 4bd1284f59 Fix ECDSA hash selection bug with TLS 1.0 and 1.1 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard 9c9812a299 Fix bug introduced in dbf69cf 
(Was writing outside array bounds.)
 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard df0142bd17 Fix some dependencies in tests 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard 2fb15f694c Un-rename ssl_set_own_cert_alt() 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard e511ffca50 Allow compiling without RSA or DH 
Only library and programs now, need to check test suites later.
 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard ee98f8e7a3 Add EC certificates in certs.c 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard f484282e96 Rm a few unneeded tests 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard d11eb7c789 Fix sig_alg extension on client. 
Temporary solution on server.
 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard bfe32efb9b pk_{sign,verify}() now accept hash_len = 0 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard a20c58c6f1 Use convert functions for SSL_SIG_* and SSL_HASH_* 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard c40b4c3708 Add configuration item for the PK module 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 0d42049440 Merge code for RSA and ECDSA in SSL 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 070cc7fd21 Use the new PK RSA-alt interface 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 12c1ff0ecb Add RSA-alt to the PK layer 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard a2d3f22007 Add and use pk_encrypt(), pk_decrypt() 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 8df2769178 Introduce pk_sign() and use it in ssl 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 583b608401 Fix some return values 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 76c18a1a77 Add client support for ECDSA client auth 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard abae74c4a0 Add server support for ECDHE_ECDSA key exchange 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard ac75523593 Adapt ssl_set_own_cert() to generic keys 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard 09edda888e Check key type against selected key exchange 2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard 20846b1a50 Add client support for ECDHE_ECDSA key exchange 2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard efebb0a394 Refactor ssl_parse_server_key_exchange() a bit 2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard 32ea60a127 Declare ECDSA key exchange and ciphersuites 
Also fix bug in ssl_list_ciphersuites().

For now, disable it on server.
Client will offer it but fail if server selects it.
 2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard 0b03200e96 Add server-side support for ECDSA client auth 2013-08-27 22:21:19 +02:00
Paul Bakker 0be444a8b1 Ability to disable server_name extension (RFC 6066) 2013-08-27 21:55:01 +02:00
Paul Bakker d2f068e071 Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually 2013-08-27 21:19:20 +02:00
Paul Bakker fb08fd2e23 Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available 2013-08-27 15:06:54 +02:00
Paul Bakker 9852d00de6 Moved asn1write funtions to use asn1_write_raw_buffer() 2013-08-26 17:56:37 +02:00
Paul Bakker 7accbced87 Doxygen documentation added to asn1write.h 2013-08-26 17:37:18 +02:00
Paul Bakker f3df61ad10 Generalized PEM writing in x509write module for RSA keys as well 2013-08-26 17:37:18 +02:00
Paul Bakker 135f1e9c70 Move PEM conversion of DER data to x509write module 2013-08-26 17:37:18 +02:00
Paul Bakker 624d03a3f7 Fixed length of key_usage bitstring to 7 bits 2013-08-26 17:37:18 +02:00
Paul Bakker 1c0e550e21 Added support for Netscape Certificate Types in CSR writing 
Further generalization of extension adding / replacing in the CSR
structure
 2013-08-26 17:37:18 +02:00
Paul Bakker e5eae76bf0 Generalized the x509write_csr_set_key_usage() function and key_usage 
storage
 2013-08-26 17:37:18 +02:00
Paul Bakker 6db915b5a9 Added asn1_write_raw_buffer() 2013-08-26 17:37:17 +02:00
Manuel Pégourié-Gonnard 0a20171d52 Fix compiler warning from gcc -Os 2013-08-26 14:31:43 +02:00
Manuel Pégourié-Gonnard 70f1768b9d Make two format strings literal 
Fixes clang warning
 2013-08-26 14:31:33 +02:00
Manuel Pégourié-Gonnard c6554aab3d Check length of session tickets we write 2013-08-26 14:26:33 +02:00
Manuel Pégourié-Gonnard 38d1eba3b5 Move verify_result from ssl_context to session 2013-08-26 14:26:02 +02:00
Paul Bakker fde4270186 Added support for writing key_usage extension 2013-08-25 14:47:27 +02:00
Paul Bakker 598e450538 Added asn1_write_bitstring() and asn1_write_octet_string() 2013-08-25 14:46:39 +02:00
Paul Bakker 0e06c0fdb4 Assigned error codes to the error defines 2013-08-25 11:21:30 +02:00
Paul Bakker 82e2945ed2 Changed naming and prototype convention for x509write functions 
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
 2013-08-25 11:01:31 +02:00
Paul Bakker 2130796658 Switched order of storing x509_req_names to match inputed order 2013-08-25 10:51:18 +02:00
Paul Bakker 8eabfc1461 Rewrote x509 certificate request writing to use structure for storing 2013-08-25 10:51:18 +02:00
Manuel Pégourié-Gonnard fff80f8879 PK: use NULL for unimplemented operations 2013-08-20 20:46:05 +02:00
Manuel Pégourié-Gonnard f73da02962 PK: change pk_verify arguments (md_info "optional") 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard ab46694558 Change pk_set_type to pk_init_ctx for consistency 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard ac4cd36297 PK rsa_verify: check signature length 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 15699380e5 Small PK cleanups 
- better error codes
- rm now-useless include
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 3fb5c5ee1c PK: rename members for consistency CIPHER, MD 
Also add pk_get_name() to remove a direct access to pk_type
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 09162ddcaa PK: reuse some eckey functions for ecdsa 
Also add some forgotten 'static' while at it.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard c6ac8870d5 Nicer interface between PK and debug. 
Finally get rid of pk_context.type member, too.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard b3d9187cea PK: add nice interface functions 
Also fix a const-corectness issue.
 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 765db07dfb PK: use alloc and free function pointers 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 3053f5bcb4 Get rid of pk_wrap_rsa() 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard f8c948a674 Add name and get_size() members in PK 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard 835eb59c6a PK: fix support for ECKEY_DH 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard f18c3e0378 Add a PK can_do() method and simplify code 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard d73b3c13be PK: use wrappers and function pointers for verify 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard f499993cb2 Add ecdsa_from_keypair() 
Also fix bug/limitation in mpi_copy: would segfault if src just initialised
and not set to a value yet. (This case occurs when copying a context which
contains only the public part of the key, eg.)
 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard cc0a9d040d Fix const-correctness of rsa_*_verify() 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard f84b4d6498 Check sig_pk for signature verification 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard 96d5912088 Implement EC cert and crl verification 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard 211a64c79f Add eckey to ecdsa conversion in the PK layer 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard b4d69c41f8 Prepare for EC cert & crl validation 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard e09631b7c4 Create ecp_group_copy() and use it 2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard 8eebd012b9 Add an ecdsa_genkey() function 2013-08-20 20:08:28 +02:00
Manuel Pégourié-Gonnard b694b4896c Add ecdsa_{read,write}_signature() 2013-08-20 20:04:16 +02:00
Paul Bakker 3a074a7996 Actually skip certificate if we do not understand hash type 2013-08-20 12:45:03 +02:00
Paul Bakker dc4baf11ab Removed errant printf in x509parse_self_test() 2013-08-20 12:44:33 +02:00
Paul Bakker 42c3ccf36e Fixed potential negative value misinterpretation in load_file() 2013-08-19 14:29:31 +02:00
Paul Bakker 75c1a6f97c Fixed potential heap buffer overflow on large hostname setting 2013-08-19 14:25:29 +02:00
Paul Bakker 694d3aeb47 Fixed potential heap buffer overflow on large file reading 2013-08-19 14:23:38 +02:00
Paul Bakker 5fd4917d97 Add missing ifdefs in ssl modules 2013-08-19 13:30:28 +02:00
Paul Bakker 04376b1419 Fixed memory leak in ssl_parse_server_key_exchange from missing 
md_free_ctx()
 2013-08-16 14:45:26 +02:00
Manuel Pégourié-Gonnard 298aae4524 Adapt core OID functions to embeded null bytes 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard c13c0d4524 Add a length check in rsa_get_pubkey() 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 56a487a17f Minor ecdsa cleanups 
- point_format is of no use
- d was init'ed and free'd twice
 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 686bfae244 Fix memory error in x509_get_attr_type_value 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard ba77bbf840 Fix memory error in asn1_get_alg() 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 06dab806ce Fix memory error in asn1_get_bitstring_null() 
When *len is 0, **p would be read, which is out of bounds.
 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard 0b2726732e Fix ifdef conditions for EC-related extensions. 
Was alternatively ECP_C and ECDH_C.
 2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard 5734b2d358 Actually use the point format selected for ECDH 2013-08-16 13:56:16 +02:00
Manuel Pégourié-Gonnard 7b19c16b74 Handle suported_point_formats in ServerHello 2013-08-16 13:56:16 +02:00
Manuel Pégourié-Gonnard 6b8846d929 Stop advertising support for compressed points 
(We can only write them, not read them.)
 2013-08-16 13:56:16 +02:00
Paul Bakker 1f2bc6238b Made support for the truncated_hmac extension configurable 2013-08-15 13:45:55 +02:00
Paul Bakker 05decb24c3 Made support for the max_fragment_length extension configurable 2013-08-15 13:33:48 +02:00
Paul Bakker 606b4ba20f Session ticket expiration checked on server 2013-08-15 11:42:48 +02:00
Paul Bakker f0e39acb58 Fixed unitialized n when resuming a session 2013-08-15 11:40:48 +02:00
Paul Bakker a503a63b85 Made session tickets support configurable from config.h 2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard 56dc9e8bba Authenticate session tickets. 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard 990c51a557 Encrypt session tickets 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard 779e42982c Start adding ticket keys (only key_name for now) 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard aa0d4d1aff Add ssl_set_session_tickets() 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 306827e3bc Prepare ticket structure for securing 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 06650f6a37 Fix reusing session more than once 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard 593058e35e Don't renew ticket when the current one is OK 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard c086cce3d3 Don't cache empty session ID nor resumed session 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 7cd5924cec Rework NewSessionTicket handling in state machine 
Fixes bug: NewSessionTicket was ommited in resumed sessions.
 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 3ffa3db80b Fix server session ID handling with ticket 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 72882b2079 Relax limit on ClientHello size 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 609bc81a76 ssl_srv: read & write ticket, unsecure for now 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 94f6a79cde Auxiliary functions to (de)serialize ssl_session 2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard 7a358b8580 ssl_srv: write & parse session ticket ext & msg 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 6377e41ef5 Complete client support for session tickets 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard a5cc6025e7 Parse NewSessionTicket message 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 60182ef989 ssl_cli: write & parse session ticket extension 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 75d440192c Introduce ticket field in session structure 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 5f280cc6cf Implement saving peer cert as part of session. 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard 747180391d Add ssl_get_session() to save session on client 2013-08-14 14:08:03 +02:00
Paul Bakker 48e93c84b7 Made padding modes configurable from config.h 2013-08-14 14:02:48 +02:00
Paul Bakker 1a45d91cf2 Restructured cipher_set_padding_mode() to use switch statement 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard ebdc413f44 Add 'no padding' mode 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard 0e7d2c0f95 Add zero padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard 8d4291b52a Add zeros-and-length (ANSI X.923) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard 679f9e90ad Add one-and-zeros (ISO/IEC 7816-4) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard b7d24bc7ca Fix bug in get_pkcs_padding(): cannot be 0-length 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard ac56a1aec4 Make cipher_set_padding() actually work 
(Only one padding mode recognized yet.)
 2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard d5fdcaf9e5 Add cipher_set_padding() (no effect yet) 
Fix pattern in tests/.gitignore along the way.
 2013-08-14 14:02:46 +02:00
Paul Bakker 0f2f0bfc87 CAMELLIA-based PSK and DHE-PSK ciphersuites added 2013-07-26 15:04:03 +02:00
Paul Bakker b548d773b3 Fixed memory leak in ecdh_compute_shared() in case of error 2013-07-26 14:22:19 +02:00
Paul Bakker cca998a4c5 Fixed memory leak in ecdsa_sign() / ecdsa_verify() in case of error 2013-07-26 14:22:16 +02:00
Paul Bakker 1e6a175362 Support for AIX header locations in net.c module 2013-07-26 14:10:22 +02:00
Paul Bakker 52cf16caeb Fixed multiple use of GCM-context bug due to split-up of GCM functions 2013-07-26 13:56:22 +02:00
Paul Bakker d9ca94a677 Updated merged pk.c and x509parse.c changes with new memory allocation functions 2013-07-25 11:25:09 +02:00
Paul Bakker 8c1ede655f Changed prototype for ssl_set_truncated_hmac() to allow disabling 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard 277f7f23e2 Implement hmac truncation 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard 57c2852807 Added truncated hmac negociation (without effect) 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard e980a994f0 Add interface for truncated hmac 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard e048b67d0a Misc minor fixes 
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
 2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard ed4af8b57c Move negotiated max fragment length to session 
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
 2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard 581e6b6d6c Prepare migrating max fragment length to session 
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
 2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard 6b4f237f6a Forbid setting max_frag_len > MAX_CONTENT_LEN 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard 30dc7ef3ad Reset max_fragment_length in ssl_session_reset() 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard 7bb7899121 Send max_fragment_length extension (server) 2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard f11a6d78c7 Rework server extensions writing 2013-07-18 11:23:38 +02:00
Manuel Pégourié-Gonnard de600e571a Read max_fragment_length extension (client) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard a052849640 Send max_fragment_length extension (client) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 48f8d0dbbd Read max_fragment_length extension (server) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 787b658bb3 Implement max_frag_len write restriction 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard 8b46459ae5 Add ssl_set_max_frag_len() 2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard c2c90031ec Fix pk_set_type() behaviour for unkown type 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 14d8564402 Fix overflow check in oid_get_numeric_string() 
(The fix in 791eed3 was wrong.)
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard fd5164e283 Fix some more ifdef's RSA/EC, in pk and debug 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard ab2d9836b4 Fix some ifdef's in x509parse 
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974)
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 96f3a4e1b3 Rm ecp_keypair.alg 
Avoid duplicating information already present in pk_context.
 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 8b863cd641 Merge EC & RSA versions of x509_parse_key() 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard 6e88202a95 Merge EC & RSA versions of parse_pkcs8_unencrypted 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard a2d4e644ac Some more EC pubkey parsing refactoring 
Fix a bug in pk_rsa() and pk_ec() along the way
 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard 1c808a011c Refactor some EC key parsing code 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard 991d0f5aca Remove rsa member from x509_cert structure 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard ff56da3a26 Fix direct uses of x509_cert.rsa, now use pk_rsa() 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 893879adbd Adapt debug_print_crt() for EC keys 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 5b18fb04ca Fix bug in x509_get_{ecpubkey,subpubkey}() 
- 'p' was not properly updated
- also add a few more checks while at it
 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard 360a583029 Adapt x509parse_cert_info() for EC 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 674b2243eb Prepare transition from x509_cert.rsa to pk 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard a155513e7b Rationalize use of x509_get_alg variants 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7a287c409e Rename x509_get_algid() to x509_get_pk_alg() 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7c5819eb1e Fix warnings (enum value missing from switch/case) 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 1e60cd09b0 Expand oid_get_sig_alg() for ECDSA-based algs 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 4fa0476675 Use new x509_get_pubkey() in x509parse_public_key() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard c296c5925e Introduce generic x509_get_pubkey() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 094ad9e512 Rename x509_get_pubkey to _rsa and split it up 2013-07-17 15:59:40 +02:00