Commit graph

156 commits

Author SHA1 Message Date
Paul Bakker 915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker 819370c7b7 - Removed lowercasing of parameters 2012-09-28 07:04:41 +00:00
Paul Bakker 5ef9db2ae3 - Added rsa_check_privkey() check to rsa_sign 2012-09-27 13:19:22 +00:00
Paul Bakker db2509c9cd - Added password and password_file options for reading private keys 2012-09-27 12:44:31 +00:00
Paul Bakker d43241060b - Removed clutter from my_dhm values 2012-09-26 08:29:38 +00:00
Paul Bakker 0a59707523 - Added simple SSL session cache implementation
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker 4811b56524 - Added util/CMakelists.txt 2012-09-25 11:45:38 +00:00
Paul Bakker 29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker b60b95fd7f - Added first version of ssl_server2 example application 2012-09-25 09:05:17 +00:00
Paul Bakker 0f409a1911 - Added missing subdirectory line for util 2012-09-25 08:19:18 +00:00
Paul Bakker d0f6fa7bdc - Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker 48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker 835b29e7c3 - Should not be debug_level 5 in repo (reset to 0) 2012-08-23 08:31:59 +00:00
Paul Bakker 3d58fe8af6 - Added Blowfish to benchmarks 2012-07-04 17:15:31 +00:00
Paul Bakker 26c4e3cb0b - Made crypt_and_cipher more robust with other ciphers / hashes 2012-07-04 17:08:33 +00:00
Paul Bakker a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker 92eeea4627 - Modified CMakeLists to support zlib 2012-07-03 15:10:33 +00:00
Paul Bakker 2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker 8d914583f3 - Added X509 CA Path support 2012-06-04 12:46:42 +00:00
Paul Bakker e6ee41f932 - Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
2012-05-19 08:43:48 +00:00
Paul Bakker 4248823f43 - Updated to handle x509parse_crtfile() positive return values 2012-05-16 08:21:05 +00:00
Paul Bakker 62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker 4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker 01cc394848 - Added commandline error code convertor (util/strerror) 2012-05-08 08:36:15 +00:00
Paul Bakker 88f17b8549 - Fixed for new DHM handling (TLS 1.2) 2012-04-26 18:52:13 +00:00
Paul Bakker ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker 0b22e3e989 - Print return codes properly 2012-04-18 14:23:29 +00:00
Paul Bakker 6f3578cfc8 - Report proper error number 2012-04-16 06:46:01 +00:00
Paul Bakker 10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker 570267f01a - print error string in useful format 2012-04-10 08:22:46 +00:00
Paul Bakker c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker b78c74551f - Use standard IV of 12 2012-03-20 15:05:59 +00:00
Paul Bakker 89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker 12f5dbb8b4 - Fixed MD type to SHA1 2012-03-05 13:37:13 +00:00
Paul Bakker 92101f2d02 - Keep requests for future use 2012-02-16 14:09:31 +00:00
Paul Bakker 89f3fc5bf1 - Removed superfluous debugging info 2012-02-16 13:36:38 +00:00
Paul Bakker bdb912db69 - Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker 57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker 13eb9f01cf - Added error exit code 2012-02-06 15:35:10 +00:00
Paul Bakker 1052784054 - Fixed typo 2012-01-14 18:00:00 +00:00
Paul Bakker fb3a83f9e3 - Added appropriate error handling to ctr_drbg_init() 2011-12-15 20:05:53 +00:00
Paul Bakker 3f9b650b4b - Fixed renumber error code for POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR 2011-12-15 19:50:22 +00:00
Paul Bakker b1dee1cfd2 - Changed commands to lowercase where it was not the case 2011-12-11 11:29:51 +00:00
Paul Bakker 69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker b8ba90b316 - Enlarged default CRL size buffer 2011-12-05 14:34:12 +00:00
Paul Bakker fc754a9178 - Addedd writing and updating of seedfiles as functions to CTR_DRBG 2011-12-05 13:23:51 +00:00