yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 05:21:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
894 commits 88 branches 205 tags 69 MiB
Commit graph

88 commits

Author SHA1 Message Date
Paul Bakker 407a0da160 Moved __cplusplus extern statement to include struct definitions as well. 2013-06-27 14:29:21 +02:00
Paul Bakker b6c5d2e1a6 Cleanup up non-prototyped functions (static) and const-correctness 
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
 2013-06-25 16:25:17 +02:00
Paul Bakker 9bcf16c55d Centralized module option values in config.h 
Allow user-defined settings without editing header files by using
POLARSSL_CONFIG_OPTIONS in config.h
(cherry picked from commit 6fa5488779)

Conflicts:
	include/polarssl/config.h
 2013-06-25 15:06:53 +02:00
Paul Bakker ed27a041e4 More granular define selections within code to allow for smaller code 
sizes
 2013-04-18 23:12:34 +02:00
Paul Bakker 73a899a9eb Changed error code message to also cover missing pre-shared key 2013-04-18 23:12:34 +02:00
Paul Bakker d4a56ec6bf Added pre-shared key handling for the client side of SSL / TLS 
Client side handling of the pure PSK ciphersuites is now in the base
code.
 2013-04-18 23:12:33 +02:00
Paul Bakker 8f4ddaeea9 Ability to specify allowed ciphersuites based on the protocol version. 
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int *[4]'.

The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
(cherry picked from commit a62729888b)

Conflicts:
	ChangeLog
	library/ssl_srv.c
	library/ssl_tls.c
 2013-04-16 18:09:45 +02:00
Paul Bakker 41c83d3f67 Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS 
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
 2013-03-20 14:39:14 +01:00
Paul Bakker 68884e3c09 Moved to advanced ciphersuite representation and more dynamic SSL code 2013-03-13 14:48:32 +01:00
Paul Bakker 92be97b8e6 Align data with future location based on IV size 2013-03-13 11:46:00 +01:00
Paul Bakker 07eb38ba31 Update ssl_hw_record_init() to receive keylen, ivlen and maclen as well 
Added ssl_hw_record_activate()
 2013-03-13 11:44:40 +01:00
Paul Bakker 5bd422937a Reverted commit 186751d9dd and made out_hdr and out_msg back-to-back again 2013-03-13 11:44:40 +01:00
Paul Bakker 1961b709d8 Added ssl_handshake_step() to allow single stepping the handshake 
process

Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted.
 2013-01-25 14:49:24 +01:00
Paul Bakker 926af7582a Fixed client certificate handling with TLS 1.2 2012-11-23 13:38:07 +01:00
Paul Bakker e667c98fb1 Added p_hw_data to ssl_context for context specific hardware acceleration data 2012-11-20 13:50:22 +01:00
Paul Bakker 1f9d02dc90 Added more notes / comments on own_cert, trust_ca purposes 2012-11-20 10:30:55 +01:00
Paul Bakker 6831c4a1a8 - Fixed typos 2012-11-07 19:46:27 +00:00
Paul Bakker 7c900780d9 - Default to disabled renegotiation 2012-11-04 16:29:08 +00:00
Paul Bakker 7a2538ee38 - Fixes for MSVC6 2012-11-02 10:59:36 +00:00
Paul Bakker 645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker b0550d90c9 - Added ssl_get_peer_cert() to SSL API 2012-10-30 07:51:03 +00:00
Paul Bakker df2bb75c28 - Premaster should have a maximum of MPI size 2012-10-24 14:30:00 +00:00
Paul Bakker 09f097d45f - Added more documentation on disable / enable renegotiation 2012-10-23 11:54:56 +00:00
Paul Bakker 0f5281a35b - Enlarged buffer to fit gcm_context on all platforms 2012-10-23 11:06:25 +00:00
Paul Bakker 5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker 6adff7497a - Fixed typo 2012-10-01 11:03:14 +00:00
Paul Bakker 23f3680898 - Added proper support for TLS 1.2 signature_algorithm extension on server 
side
 - Minor const changes to other extension parsing functions
 2012-09-28 14:15:14 +00:00
Paul Bakker 1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker 62f2deef8b - Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS 2012-09-28 07:31:51 +00:00
Paul Bakker 915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker 5701cdcd02 - Added ServerName extension parsing (SNI) at server side 2012-09-27 21:49:42 +00:00
Paul Bakker eb2c658163 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS 2012-09-27 19:15:01 +00:00
Paul Bakker 0a59707523 - Added simple SSL session cache implementation 
- Revamped session resumption handling
 2012-09-25 21:55:46 +00:00
Paul Bakker d0f6fa7bdc - Sending of handshake_failures during renegotiation added 
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
 2012-09-17 09:18:12 +00:00
Paul Bakker 48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker b68cad6cc7 - Made cipersuites in ssl context const (no intention to modify) 
- Adjusted ssl_set_ciphersuites() to match
 2012-08-23 08:34:18 +00:00
Paul Bakker 2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker 186751d9dd - Moved out_msg to out_hdr + 32 to support hardware acceleration 2012-05-08 13:16:14 +00:00
Paul Bakker 05ef835b6a - Added support for Hardware Acceleration hooking in SSL/TLS 2012-05-08 09:17:57 +00:00
Paul Bakker 380da53c48 - Abstracted checksum updating during handshake 2012-04-18 16:10:25 +00:00
Paul Bakker ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker 0a9251870a - Report unexpected_message if unknown record type is received 2012-04-16 06:46:41 +00:00
Paul Bakker 10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker 1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker e93dfa72a5 - Added hex documentation for alerts 2012-04-10 08:03:03 +00:00
Paul Bakker fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker b15b851d6d - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) 2012-01-13 13:44:06 +00:00
Paul Bakker 69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it. 
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
 2011-12-10 21:55:01 +00:00
Paul Bakker a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00