Commit graph

820 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 7afdb88216 Test and fix x509_oid functions 2014-04-04 16:34:30 +02:00
Manuel Pégourié-Gonnard 13a1ef8600 Misc selftest adjustements 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard 470fc935b5 Add timing_self_test() with consistency tests 2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard b28487db1f Start printing extensions in x509_crt_info() 2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard 887aa5b381 Fix include path in ecdsa.h 2014-04-04 13:57:20 +02:00
Manuel Pégourié-Gonnard e442111e29 Fix typo which broke ENTROPY_FORCE_SHA256 2014-04-02 13:50:05 +02:00
Manuel Pégourié-Gonnard a27cd4c62e Fix ENTROPY_LEN check 2014-04-02 13:46:29 +02:00
Manuel Pégourié-Gonnard eb82a74ed2 Fix header issue with default malloc() 2014-04-02 13:43:48 +02:00
Manuel Pégourié-Gonnard dd75c3183b Remove potential timing leak in ecdsa_sign() 2014-03-31 11:55:42 +02:00
Paul Bakker 96d5265315 Made ready for release 1.3.5 2014-03-26 16:55:50 +01:00
Manuel Pégourié-Gonnard 7a2aba8d81 Deprecate some non-PK compatibility functions
(Should have been deprecated in 1.3.0 already.)
2014-03-26 12:58:52 +01:00
Paul Bakker 66ff70dd48 Support for seed file writing and reading in Entropy 2014-03-26 11:58:07 +01:00
Paul Bakker 766a5d0206 Updated documentation for seed functions w.r.t. return values 2014-03-26 11:51:25 +01:00
Manuel Pégourié-Gonnard 6fac3515d0 Make support for SpecifiedECDomain optional 2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard 5246ee5c59 Work around compressed EC public key in some cases 2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard eab20d2a9c Implement parsing SpecifiedECParameters 2014-03-19 15:51:12 +01:00
Paul Bakker a4b0343edf Merged massive SSL Testing improvements 2014-03-14 16:30:36 +01:00
Manuel Pégourié-Gonnard a612b44cc5 Fix typo in doc 2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard 5d917ff6a8 Add a 'sni' option to ssl_server2 2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard 274a12e17c Fix bug with ssl_cache and max_entries=0 2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard e3b3d19e5a Improve doc of pk_parse_* functions 2014-03-13 19:27:34 +01:00
Manuel Pégourié-Gonnard e2ce2112ac Update doc of ssl_set_authmode() 2014-03-13 19:25:07 +01:00
Manuel Pégourié-Gonnard bb4dd37044 Add a warning against compression in config.h 2014-03-13 19:25:06 +01:00
Alex Wilson 7349142ce7 Don't try to use MIPS32 asm macros on MIPS64
The MIPS32 bn_mul asm code causes segfaults on MIPS64 and failing
tests. Until someone has time to fix this up, MIPS64 platforms should
fall back to the C implementation (which works fine).
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 9a6e93e7a4 Reserve -1 as an error code (used in programs) 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 844a4c0aef Fix RSASSA-PSS example programs 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 83cdffc437 Forbid sequence number wrapping 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 9533765b25 Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 6304f786e0 Add x509_time_future() 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard 1ec220b002 Add missing #ifdefs in aes.h 2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard c9093085ed Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
2014-02-12 09:39:59 +01:00
Paul Bakker 2ceda57989 Ability to force the Entropy module to use SHA-256 as its basis
By default the SHA-512 module is used if both are available. On some
systems, SHA-256 is the better choice.

Contributed by: Gergely Budai
2014-02-06 15:55:25 +01:00
Paul Bakker f2561b3f69 Ability to provide alternate timing implementation 2014-02-06 15:32:26 +01:00
Paul Bakker 47703a0a80 More entropy functions made thread-safe (add_source, update_manual, gather) 2014-02-06 15:01:20 +01:00
Paul Bakker 6a28e722c9 Merged platform compatibility layer 2014-02-06 13:44:19 +01:00
Paul Bakker 71dfa861a6 Made valid prototypes by adding ( void ) as parameter prototype 2014-02-06 13:20:18 +01:00
Paul Bakker a9066cf8f1 Include stdlib in the right spot 2014-02-06 13:20:18 +01:00
Paul Bakker defc0ca337 Migrated the Memory layer to the Platform layer
Deprecated POLARSSL_MEMORY_C and placed placeholder for memory.h to make
sure current code will not break on new version.
2014-02-06 13:20:17 +01:00
Paul Bakker b2f66c9158 Only include platform files when needed 2014-02-06 13:20:16 +01:00
Paul Bakker 747a83a0f7 Platform abstraction layer for memory, printf and fprintf 2014-02-06 13:15:25 +01:00
Paul Bakker ab50d8d30c Merged RSA-PSS support in Certificate, CSR and CRL 2014-02-06 13:14:56 +01:00
Manuel Pégourié-Gonnard 792657045b Disable ecp_set_curve() for compatibility 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard ab24010b54 Enforce our choice of allowed curves. 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard 7f38ed0bfa ssl_set_curves is no longer ECDHE only 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard cd49f76898 Make ssl_set_curves() work client-side too. 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard ac7194133e Renamings and other fixes 2014-02-06 10:28:38 +01:00
Gergely Budai e40c469ad3 The default ECDH curve list will be dynamically built in the ecp module based on ecp_supported_curves[]. 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard de05390c85 Rename ecdh_curve_list to curve_list 2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard 5de2580563 Make ssl_set_ecdh_curves() a compile-time option 2014-02-06 10:28:38 +01:00
Gergely Budai 987bfb510b Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves. 2014-02-06 10:28:38 +01:00