Commit graph

96 commits

Author SHA1 Message Date
Paul Bakker a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker 23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker 3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker 287781a965 - Added mpi_fill_random() for centralized filling of big numbers with random data (Fixed ticket #10) 2011-03-26 13:18:49 +00:00
Paul Bakker 98675496e1 - Added information about changed behaviour of x509parse_key() 2011-03-26 13:17:12 +00:00
Paul Bakker e77db2e119 - Added bugfix info for previous checkin 2011-03-25 14:01:32 +00:00
Paul Bakker 1fd00bfe82 - Fixed bug in ssl_write() when flushing old data (Fixes ticket #18) 2011-03-14 20:50:15 +00:00
Paul Bakker be4e7dca08 - Debug print of MPI now removes leading zero octets and displays actual bit size of the value 2011-03-14 20:41:31 +00:00
Paul Bakker 9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker 345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker 1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker e2a39cc0fa - Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket #12) 2011-02-20 13:49:27 +00:00
Paul Bakker 400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker a9507c063b - Added crl_app program to allow easy reading and printing of X509 CRLs from file 2011-02-12 15:27:28 +00:00
Paul Bakker 96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker 9fc4659b30 - Preparing for Release of 0.99 prerelease 1 2011-01-30 16:59:02 +00:00
Paul Bakker e3166ce040 - Renamed ciphers member of ssl_context and cipher member of ssl_session to ciphersuites and ciphersuite respectively. This clarifies the difference with the generic cipher layer and is better naming altogether
- Adapted in the rest of using code as well
2011-01-27 17:40:50 +00:00
Paul Bakker 20a7808d13 - Addec crypt_and_hash example program of the generic hash and cipher layers 2011-01-21 09:32:12 +00:00
Paul Bakker 43b7e35b25 - Support for PKCS#11 through the use of the pkcs11-helper library 2011-01-18 15:27:19 +00:00
Paul Bakker b619499eb3 - x509parse_time_expired() checks time now in addition to the existing date check 2011-01-16 21:40:22 +00:00
Paul Bakker 72f6266f02 - Improved information provided about current Hashing, Cipher and Suite capabilities 2011-01-16 21:27:44 +00:00
Paul Bakker 76fd75a3de - Improved certificate validation and validation against the available CRLs 2011-01-16 21:12:10 +00:00
Paul Bakker 43ca69c38a - Added function for stringified SSL/TLS version 2011-01-15 17:35:19 +00:00
Paul Bakker 1f87fb6896 - Support for DES weak keys and parity bits added 2011-01-15 17:32:24 +00:00
Paul Bakker 74111d30b7 - Improved X509 certificate parsing to include extended certificate fields, such as Key Usage 2011-01-15 16:57:55 +00:00
Paul Bakker b63b0afc05 - Added verification callback in certificate verification chain in order to allow external blacklisting 2011-01-13 17:54:59 +00:00
Paul Bakker 1b57b06751 - Added reading of DHM context from memory and file 2011-01-06 15:48:19 +00:00
Paul Bakker 8123e9d8f1 - Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 15:37:30 +00:00
Paul Bakker 1737385e04 - Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 14:20:01 +00:00
Paul Bakker 37ca75d6f2 - Added Doxygen source code documentation parts (donated by Fox-IT) 2011-01-06 12:28:03 +00:00
Paul Bakker 99ed6788b2 - Changed line endings and encodings to unix and utf-8 2011-01-05 14:48:42 +00:00
Paul Bakker 5c10b54fb2 - Added release date for 0.14.0 2010-08-16 12:01:43 +00:00
Paul Bakker 21eb2802fe - Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 11:10:02 +00:00
Paul Bakker 2e11f7d966 - Added support for TLS v1.1
- Renamed some SSL defines to prevent future naming confusion
2010-07-25 14:24:53 +00:00
Paul Bakker a0f082c574 - Rewrite ChangeLog 2010-07-18 10:14:07 +00:00
Paul Bakker b572adf5e6 - Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context
- Expanded ssl_client2 arguments for more flexibility
 - rsa_check_private() now supports PKCS1v2 keys as well
 - Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator
2010-07-18 08:29:32 +00:00
Paul Bakker 4c14a258fe - Fixed out of source build for tests with CMake 2010-06-18 22:54:05 +00:00
Paul Bakker 690b93d91a - Made Makefile cleaner 2010-06-18 16:42:26 +00:00
Paul Bakker 77a43580da - Added support for the SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites 2010-06-15 21:32:46 +00:00
Paul Bakker 699fbbcf29 - Added missing const fixes 2010-03-24 07:15:41 +00:00
Paul Bakker aed271ed03 - Fixed ChangeLog 2010-03-24 06:55:38 +00:00
Paul Bakker 09d87fcd99 - Added release date for 0.13.0 2010-03-21 16:23:50 +00:00
Paul Bakker 7d3b661bfe - Added reset functionality for HMAC context. Speed-up for some use-cases. 2010-03-21 16:23:13 +00:00
Paul Bakker baad6504d4 - Changed ARC4 to use seperate input/output buffer 2010-03-21 15:42:15 +00:00
Paul Bakker f3ccc68100 - Fixed cipher interface for encrypt/decrypt functions 2010-03-18 21:21:02 +00:00
Paul Bakker 4fc45522f1 - Added cert_app application 2010-03-18 20:11:58 +00:00
Paul Bakker 9f335d5bc1 - Added attribution for fix from FrankDeB 2010-03-17 18:19:37 +00:00
Paul Bakker 27d661657b - Added x509_get_sig_alg() to allow easy future X509 signature algorithm determination expansion 2010-03-17 06:56:01 +00:00
Paul Bakker 41d13f4af8 - Found algorithmic bug in mpi_is_prime() 2010-03-16 21:26:36 +00:00