Commit graph

4324 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 360a583029 Adapt x509parse_cert_info() for EC 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 674b2243eb Prepare transition from x509_cert.rsa to pk 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard a155513e7b Rationalize use of x509_get_alg variants 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7a287c409e Rename x509_get_algid() to x509_get_pk_alg() 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 7c5819eb1e Fix warnings (enum value missing from switch/case) 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard 1e60cd09b0 Expand oid_get_sig_alg() for ECDSA-based algs 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 4fa0476675 Use new x509_get_pubkey() in x509parse_public_key() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard c296c5925e Introduce generic x509_get_pubkey() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 094ad9e512 Rename x509_get_pubkey to _rsa and split it up 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard f16ac763f6 Simplify length mismatch check in x509_get_pubkey 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 20c12f6b5f Factor more code into x509_get_pubkey() 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard 788db112a5 Get rid of x509_cert.pkoid
Unused, comment did not match reality, and will soon be superseeded by the
'type' field of the pk_context which will replace rsa_context.
2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard 374e4b87d4 pk_set_type() cannot be used to reset key type 2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard 0a64e8f1fd Rework algorithmIdentifier parsing 2013-07-17 15:59:39 +02:00
Paul Bakker f4a1427ae7 base64_decode() also forcefully returns on dst == NULL 2013-07-16 17:48:58 +02:00
Paul Bakker 61d113bb7b Init and free new contexts in the right place for SSL to prevent
memory leaks
2013-07-16 17:48:58 +02:00
Manuel Pégourié-Gonnard 7d4e5b739e Simplify password check in pem_read_buffer() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard 791eed3f33 Fix portability issue in oid_get_numeric_string() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00
Manuel Pégourié-Gonnard 81c313ccc6 Add #ifdef's on RSA and EC in PK 2013-07-09 10:49:09 +02:00
Manuel Pégourié-Gonnard 1f73a65c06 Fix ommission in pk_free(). 2013-07-09 10:42:13 +02:00
Manuel Pégourié-Gonnard 7a6c946446 Fix error code in pk.h 2013-07-09 10:37:27 +02:00
Manuel Pégourié-Gonnard 8838099330 Add x509parse_{,public}_key{,file}()
Also make previously public *_ec functions private.
2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard 12e0ed9115 Add pk_context and associated functions 2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard d4ec21dd47 Add a check for multiple curve specification 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 80300ad0d9 Add checks for pk_alg.
Used to be implicitly done by oid_get_pk_alg().
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 9c1cf459dd Implement x509parse_key_pkcs8_encrypted_der_ec() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard a5d9974423 Split up x509_parse_pkcs8_encrypted_der() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 416fa8fde5 Implement x509parse_key_pkcs8_unencrypted_der_ec() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f8648d51b1 Fix undocumented feature of pem_read_buffer()
Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear.
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard e366342233 Implement x509parse_key_sec1_der() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 15e8b82724 Fill in x509parse_key_ec using stub function 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 73c0cda346 Complete x509parse_public_key_ec()
Warning: due to a bug in oid_descriptor_from_buf(), keys associated to some
curves (secp224r1, secp384r1, secp521r1) are incorrectly rejected,
since their namedCurve OID contains a nul byte.
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f838eeda09 Add x509_get_ecparams() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard f0b30d0542 Add oid_get_ec_grp() and associated data 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 5a9b82e234 Make oid_get_pk_alg handle EC algorithms 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard dffba8f63e Fix bug in oid_get_numeric_string()
Overflow check was done too early, causing many false positives.
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 444b42710a Optionally allow parameters in x509_get_tag() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 26833c2fc6 Add stubs for x509parse_key_ec and co. 2013-07-08 15:31:19 +02:00
Manuel Pégourié-Gonnard 4250a1f818 Fix a comment and some whitespace 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard ba4878aa64 Rename x509parse_key & co with _rsa suffix 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard c8dc295e83 Add ecp_check_prvkey, with test
Also group key checking and generation functions in ecp.h and ecp.c.
2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard b8c6e0e3e9 Add ecp_keypair struct, init/free and constants 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard 7c8934ea0e Add ecdsa_init and ecdsa_free 2013-07-08 15:30:23 +02:00
Paul Bakker 1ef120f5fd Updated buffer-allocator with free-block-list to speed up searches 2013-07-03 17:22:32 +02:00
Paul Bakker 41350a9a7e Fixed spaces in memory_buffer_alloc.c 2013-07-03 17:22:32 +02:00
Paul Bakker fa9b10050b Also compiles / runs without time-based functions in OS
Can now run without need of time() / localtime() and gettimeofday()
2013-07-03 17:22:32 +02:00
Paul Bakker 891998e0c3 Added extra debug information to memory_buffer_alloc_status() 2013-07-03 17:22:31 +02:00
Paul Bakker bd5524471a Removed memory leak in PKCS#12 code 2013-07-03 17:22:31 +02:00
Paul Bakker 4632083c78 Removed memory leaks in PKCS#5 functions 2013-07-03 17:22:31 +02:00
Paul Bakker 6e339b52e8 Memory-allocation abstraction layer and buffer-based allocator added 2013-07-03 17:22:31 +02:00
Paul Bakker f863485fea Remove memory leak in PKCS#5 self test 2013-07-03 13:31:52 +02:00
Paul Bakker abf2f8fcf9 zlib compression/decompression skipped on empty blocks 2013-06-30 14:57:46 +02:00
Paul Bakker e5bffc319d Removed redundant includes 2013-06-30 14:53:06 +02:00
Paul Bakker d2681d82e2 Renamed sha2.{c,h} to sha256.{c,h} and sha4.{c,h} to sha512.{c,h} 2013-06-30 14:49:12 +02:00
Paul Bakker 9e36f0475f SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker 3866b9f4b5 Removed redundant inclusion 2013-06-30 12:53:14 +02:00
Paul Bakker fd3eac5786 Cleaned up ECP error codes 2013-06-29 23:31:33 +02:00
Paul Bakker 5dc6b5fb05 Made supported curves configurable 2013-06-29 23:26:34 +02:00
Paul Bakker e2ab84f4a1 Renamed error_strerror() to the less conflicting polarssl_strerror()
Ability to keep old function error_strerror() as well with
POLARSSL_ERROR_STRERROR_BC. Also works with
POLARSSL_ERROR_STRERROR_DUMMY.
2013-06-29 18:35:41 +02:00
Paul Bakker 2fbefde1d8 Client and server now filter sent and accepted ciphersuites on minimum
and maximum protocol version
2013-06-29 18:35:40 +02:00
Paul Bakker 59c28a2723 SSL v2 handshake should also handle dynamic ciphersuites 2013-06-29 18:35:40 +02:00
Paul Bakker f8d018a274 Made asn1_get_alg() and asn1_get_alg_null() as generic functions
A generic function for retrieving the AlgorithmIdentifier structure with
its parameters and adapted X509, PKCS#5 and PKCS#12 to use them.
2013-06-29 18:35:40 +02:00
Paul Bakker ce6ae233cb Macro-ized the final internal OID functions 2013-06-29 18:35:40 +02:00
Paul Bakker 47fce02bd8 Defines around module-dependent OIDs 2013-06-29 18:35:40 +02:00
Paul Bakker 7749a22974 Moved PKCS#12 cipher layer based PBE detection to use OID database 2013-06-29 18:32:16 +02:00
Paul Bakker dd1150e846 Macro-ized single and double attribute functions in OID database 2013-06-28 17:20:22 +02:00
Paul Bakker bd51ad538d Re-ordered OID internals. Made macro for oid_XXX_from_asn1() functions 2013-06-28 16:54:23 +02:00
Paul Bakker 9b5e885611 PKCS#5 PBES2 now uses OID database for algorithm detection 2013-06-28 16:12:50 +02:00
Paul Bakker c5a79cca53 Fixed compiler warnings for unused parameter ssl 2013-06-26 15:08:35 +02:00
Paul Bakker b9d3cfa114 Split up GCM into a start/update/finish cycle 2013-06-26 15:08:29 +02:00
Paul Bakker 534f82c77a Made ctr_drbg_init_entropy_len() non-static and defined 2013-06-25 16:47:55 +02:00
Paul Bakker b6c5d2e1a6 Cleanup up non-prototyped functions (static) and const-correctness
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
2013-06-25 16:25:17 +02:00
Paul Bakker 169b7f4a13 Fixed gcm.c formatting (removed redundant spaces) 2013-06-25 15:06:54 +02:00
Paul Bakker bda7cb76fa Fixed minor comment typo
(cherry picked from commit da7fdbd534)
2013-06-25 15:06:54 +02:00
Paul Bakker 38b50d73a1 Moved PKCS#12 PBE functions to cipher / md layer where possible
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
(cherry picked from commit 14a222cef2)
2013-06-25 15:06:53 +02:00
Paul Bakker 0e34235644 Fixed values for 2-key Triple DES in cipher layer
(cherry picked from commit 2be71faae4)
2013-06-25 15:06:53 +02:00
Paul Bakker a4232a7ccb x509parse_crt() and x509parse_crt_der() return X509 password related codes
POLARSSL_ERR_X509_PASSWORD_MISMATCH is returned instead of
POLARSSL_ERR_PEM_PASSWORD_MISMATCH and
POLARSSL_ERR_X509_PASSWORD_REQUIRED instead of
POLARSSL_ERR_PEM_PASSWORD_REQUIRED

Rationale: For PKCS#8 encrypted keys the same are returned
(cherry picked from commit b495d3a2c7)
2013-06-25 15:06:53 +02:00
Paul Bakker 72823091c2 Removed redundant free()s
(cherry picked from commit 1fc7dfe2e2)
2013-06-25 15:06:53 +02:00
Paul Bakker cf445ffc4e Added missing free()
(cherry picked from commit ff3a4b010b)
2013-06-25 15:06:53 +02:00
Paul Bakker 28144decef PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly
returned in case of an encryption failure in the padding. The
POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM
formatted private keys as for DER formatted ones it is impossible to
distinguish if a DER blob is PKCS#8 encrypted or not.
(cherry picked from commit 1fd4321ba2)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker b0c19a4b3d PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module.
(cherry picked from commit 19bd297dc8)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker fc4f46fa9a Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
(cherry picked from commit 52b845be34)
2013-06-25 15:06:52 +02:00
Paul Bakker 531e294313 Fixed location of brackets in pkcs12.c
(cherry picked from commit 67812d396c)
2013-06-25 15:06:52 +02:00
Paul Bakker 2c8cdd201f x509parse_crtpath() is now reentrant and uses more portable stat()
Moved from readdir() to readdir_r() and use stat instead of the less
portable d_type from struct dirent.
(cherry picked from commit cbfcaa9206)
2013-06-25 15:06:51 +02:00
Paul Bakker 42c6581110 Changed x509parse_crt_der() to support adding to chain.
Removed chain functionality from x509parse_crt() as x509parse_crt_der()
now handles that much cleaner.
(cherry picked from commit d6d4109adc)
2013-06-25 15:06:51 +02:00
Paul Bakker 90995b5ce3 Added mechanism to provide alternative cipher / hash implementations
All symmetric cipher algorithms and hash algorithms now include support
for a POLARSSL_XXX_ALT flag that prevents the definition of the
algorithm context structure and all 'core' functions.
(cherry picked from commit 4087c47043)
2013-06-25 15:06:51 +02:00
Paul Bakker f1f21fe825 Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
(cherry picked from commit cf6e95d9a8)

Conflicts:
	scripts/generate_errors.pl
2013-06-25 15:06:51 +02:00
Paul Bakker e2f5040876 Internally split up x509parse_key()
Split up x509parse_key() into a (PEM) handler function and specific
DER parser functions for the PKCS#1 (x509parse_key_pkcs1_der()) and
unencrypted PKCS#8 (x509parse_key_pkcs8_unencrypted_der()) private
key formats.
(cherry picked from commit 65a1909dc6)

Conflicts:
	library/x509parse.c
2013-06-25 15:06:50 +02:00
Paul Bakker 89ecb2d074 ssl_parse_certificate() now calls x509parse_crt_der() directly
(cherry picked from commit 1922a4e6aa)
2013-06-24 19:09:25 +02:00
Paul Bakker 5ed3b34e22 x509parse_crt() now better handles PEM error situations
Because of new pem_read_buffer() handling of when it writes use_len,
x509parse_crt() is able to better handle situations where a PEM blob
results in an error but the other blobs can still be parsed.
(cherry picked from commit 6417186365)
2013-06-24 19:09:25 +02:00
Paul Bakker 00b2860e8d pem_read_buffer() already update use_len after header and footer are read
After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
(cherry picked from commit 9255e8300e)
2013-06-24 19:09:25 +02:00
Paul Bakker 3c2122ff9d Fixed const correctness issues that have no impact on the ABI
(cherry picked from commit eae09db9e5)

Conflicts:
	library/gcm.c
2013-06-24 19:09:24 +02:00
Paul Bakker 2013950545 Secure renegotiation extension should only be sent in case client supports secure renegotiation
(cherry picked from commit 7c3c3899cf)
2013-06-24 19:09:24 +02:00
Paul Bakker 73d4431ccd Fixed parse error in ssl_parse_certificate_request() 2013-05-22 13:56:26 +02:00
Paul Bakker f6a19bd728 Possible resource leak on FILE* removed in X509 parse 2013-05-14 13:26:51 +02:00
Paul Bakker c72d3f7d85 Possible resource leak on FILE* removed in CTR_DRBG 2013-05-14 13:22:41 +02:00
Paul Bakker 40afb4ba13 Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487 2013-04-19 22:03:30 +02:00
Paul Bakker a1bf92ddb4 Added PSK NULL ciphers from RFC4785 2013-04-19 20:47:26 +02:00
Paul Bakker 48f7a5d724 DHE-PSK based ciphersuite support added and cleaner key exchange based
code selection

The base RFC 4279 DHE-PSK ciphersuites are now supported and added.

The SSL code cuts out code not relevant for defined key exchange methods
2013-04-19 20:47:26 +02:00
Paul Bakker 188c8de430 Only allow missing SereverKeyExchange message in bare PSK mode 2013-04-19 09:13:37 +02:00
Paul Bakker e07f41d4be Introduced defines to control availability of specific SSL Key Exchange
methods.

Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc
2013-04-19 09:08:57 +02:00
Paul Bakker ed27a041e4 More granular define selections within code to allow for smaller code
sizes
2013-04-18 23:12:34 +02:00
Paul Bakker 73a899a9eb Changed error code message to also cover missing pre-shared key 2013-04-18 23:12:34 +02:00
Paul Bakker fbb17804d8 Added pre-shared key handling for the server side of SSL / TLS
Server side handling of the pure PSK ciphersuites is now in the base
code.
2013-04-18 23:12:33 +02:00
Paul Bakker 70df2fbaa5 Split parts of ssl_parse_client_key_exchange() into separate functions
Made ssl_parse_client_dh_public(), ssl_parse_cient_ecdh_public() and
ssl_parse_encrypted_pms_secret() in preparation for PSK-related code
2013-04-18 23:12:33 +02:00
Paul Bakker d4a56ec6bf Added pre-shared key handling for the client side of SSL / TLS
Client side handling of the pure PSK ciphersuites is now in the base
code.
2013-04-18 23:12:33 +02:00
Paul Bakker f7abd422dc Removed extra spaces on end of lines 2013-04-16 18:09:45 +02:00
Paul Bakker 29e1f12f6b split parts of ssl_parse_server_key_exchange() into separate functions
Made ssl_parse_server_dh_params(), ssl_parse_server_ecdh_params() and
ssl_parse_signature_algorihm() in preparation for PSK-related code
2013-04-16 18:09:45 +02:00
Paul Bakker 8f4ddaeea9 Ability to specify allowed ciphersuites based on the protocol version.
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int *[4]'.

The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
(cherry picked from commit a62729888b)

Conflicts:
	ChangeLog
	library/ssl_srv.c
	library/ssl_tls.c
2013-04-16 18:09:45 +02:00
Paul Bakker 0ecdb23eed Cleanup of the GCM code
Removed unused variable 'v'

orig_len and orig_add_len are now uint64_t to support larger than 2^29
data sizes
2013-04-09 11:36:42 +02:00
Paul Bakker a280d0f2b9 Fixed compiler warning for possible uninitialized ret 2013-04-08 13:40:17 +02:00
Paul Bakker 27714b1aa1 Added Camellia ECDHE-based CBC ciphersuites
Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384
2013-04-07 23:07:12 +02:00
Paul Bakker bfe671f2d5 Blowfish has default of 128-bit keysize in cipher layer 2013-04-07 22:35:44 +02:00
Paul Bakker c70b982056 OID functionality moved to a separate module.
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).

As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.

All OID definitions have been moved to oid.h
All OID matching code is in the OID module.

The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.

The SSL layer cleanup up as a result and adapted to use the MD layer.

The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.

The X509 writer cleaned up and adapted to use the MD layer.

Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
Paul Bakker 37de6bec16 Const correctness added for asn1write functions 2013-04-07 13:11:31 +02:00
Paul Bakker 3b6a07b745 Prevented compiler warning on uninitialized end 2013-03-21 11:56:50 +01:00
Paul Bakker d3edc86720 Moved writing of client extensions to separate functions in ssl_cli.c 2013-03-20 16:07:17 +01:00
Paul Bakker a54e493bc0 Added ECDHE-based SHA256 and SHA384 ciphersuites
Added TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ciphersuites
2013-03-20 15:31:54 +01:00
Paul Bakker b7149bcc90 Corrected behaviour for CBC-based suites using the SHA384 MAC and PRF 2013-03-20 15:30:09 +01:00
Paul Bakker 41c83d3f67 Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
2013-03-20 14:39:14 +01:00
Paul Bakker 00c1f43743 Merge branch 'ecc-devel-mpg' into development 2013-03-13 16:31:01 +01:00
Paul Bakker d589a0ddb6 Modified Makefiles to include new files and and config.h to PolarSSL standard 2013-03-13 16:30:17 +01:00
Paul Bakker 68884e3c09 Moved to advanced ciphersuite representation and more dynamic SSL code 2013-03-13 14:48:32 +01:00
Paul Bakker c9118b433b Renamed hash structures to ctx 2013-03-13 11:48:39 +01:00
Paul Bakker 09d67258a2 Modified to work in-place 2013-03-13 11:46:00 +01:00
Paul Bakker 92be97b8e6 Align data with future location based on IV size 2013-03-13 11:46:00 +01:00
Paul Bakker 07eb38ba31 Update ssl_hw_record_init() to receive keylen, ivlen and maclen as well
Added ssl_hw_record_activate()
2013-03-13 11:44:40 +01:00
Paul Bakker c7878113cb Do not set done in case of a fall-through 2013-03-13 11:44:40 +01:00
Paul Bakker 5bd422937a Reverted commit 186751d9dd and made out_hdr and out_msg back-to-back again 2013-03-13 11:44:40 +01:00
Paul Bakker fae35f0601 Functions in cipher_wrap.c marked static 2013-03-13 10:33:51 +01:00
Paul Bakker d1df02a8a3 Functions inside md_wrap.c now marked static 2013-03-13 10:31:31 +01:00
Paul Bakker ac0fba5389 Added missing header for MD2 and made code compile with missing header
files
2013-03-13 10:28:40 +01:00
Paul Bakker 1bd3ae826c Added md_process() to MD layer for generic internal access to hash
process functions

Access to process functions is needed to reduce possible timing attacks
on SSL MAC checks. As SSL is set to move to using the dynamic MD layer,
the MD layer needs access to these process functions as well.
2013-03-13 10:26:44 +01:00
Paul Bakker 90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00
Paul Bakker e81beda60f The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain)
The real peer certificate is copied into a x509_buf in the
ssl_cache_entry and reinstated upon cache retrieval. The information
about the rest of the certificate chain is lost in the process.

As the handshake (and certificate verification) has already been
performed, no issue is foreseen.
2013-03-06 18:01:03 +01:00
Paul Bakker 78a8c71993 Re-added support for parsing and handling SSLv2 Client Hello messages
If the define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is enabled,
the SSL Server module can handle the old SSLv2 Client Hello messages.

It has been updated to deny SSLv2 Client Hello messages during
renegotiation.
2013-03-06 18:01:03 +01:00
Paul Bakker 37286a573b Fixed net_bind() for specified IP addresses on little endian systems 2013-03-06 18:01:03 +01:00
Paul Bakker 926c8e49fe Fixed possible NULL pointer exception in ssl_get_ciphersuite() 2013-03-06 18:01:03 +01:00
Paul Bakker 8804f69d46 Removed timing differences due to bad padding from RSA decrypt for
PKCS#1 v1.5 operations
2013-03-06 18:01:03 +01:00
Paul Bakker a43231c5a5 Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt() 2013-03-06 18:01:02 +01:00
Paul Bakker b386913f8b Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions
Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and
rsa_rsaes_pkcs1_v15_encrypt()
Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and
rsa_rsaes_pkcs1_v15_decrypt()
Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and
rsa_rsassa_pkcs1_v15_sign()
Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and
rsa_rsassa_pkcs1_v15_verify()

The original functions exist as generic wrappers to these functions.
2013-03-06 18:01:02 +01:00
Paul Bakker 8ddb645ad3 Added conversion to int for a t_uint value to prevent compiler warnings
On 64-bit platforms t_uint can be larger than int resulting in compiler
warnings on some platforms (MS Visual Studio)
2013-03-06 18:00:54 +01:00
Paul Bakker 3d2dc0f8e5 Corrected GCM counter incrementation to use only 32-bits instead of 128-bits
Using 32-bits has the possibility to overwrite the IV in the first 12
bytes of the Y variable.

Found by Yawning Angel
2013-02-28 10:55:39 +01:00
Paul Bakker e47b34bdc8 Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
2013-02-27 14:48:00 +01:00
Paul Bakker 2ca8ad10a1 Made x509parse.c also work with missing hash header files 2013-02-19 13:17:38 +01:00
Paul Bakker 86f04f400b Fixed comment 2013-02-14 11:20:09 +01:00
Paul Bakker c0463502ff Fixed memory leak in ssl_free() and ssl_reset() for active session 2013-02-14 11:19:38 +01:00
Manuel Pégourié-Gonnard f35b739dff Add a few check for context validity. 2013-02-11 22:12:39 +01:00
Manuel Pégourié-Gonnard 424fda5d7b Add ecdh_calc_secret() 2013-02-11 22:05:42 +01:00
Manuel Pégourié-Gonnard 5cceb41d2c Add ecdh_{make,read}_public() 2013-02-11 21:51:45 +01:00
Manuel Pégourié-Gonnard 854fbd7ba2 Add ecdh_read_params(). 2013-02-11 21:32:24 +01:00
Manuel Pégourié-Gonnard 13724765b2 Add ecdh_make_server_params (untested yet) 2013-02-10 15:01:54 +01:00
Manuel Pégourié-Gonnard 63533e44c2 Create ecdh_context structure 2013-02-10 14:22:44 +01:00
Manuel Pégourié-Gonnard 98f51815d6 Fix ecp_tls_read_point's signature 2013-02-10 13:38:29 +01:00
Manuel Pégourié-Gonnard 7c145c6418 Fix ecp_tls_read_group's signature 2013-02-10 13:20:52 +01:00
Manuel Pégourié-Gonnard 46106a9d75 Add tests for (and fix bug in) ecp_tls_write_group 2013-02-10 12:51:17 +01:00
Manuel Pégourié-Gonnard 420f1eb675 Fix ecp_tls_write_point's signature 2013-02-10 12:22:46 +01:00
Manuel Pégourié-Gonnard b325887fad Add ecp_tls_write_group() 2013-02-10 12:06:19 +01:00
Manuel Pégourié-Gonnard 7e86025f32 Rename ecp_*_binary to ecp_point_*_binary 2013-02-10 10:58:48 +01:00
Manuel Pégourié-Gonnard d84895dc22 Supress 'format' argument to ecp_read_binary.
And adjust error codes for ecp_*_binary while at it.
2013-02-10 10:53:04 +01:00
Manuel Pégourié-Gonnard 0079405918 Add functions for read/write ECPoint records 2013-02-09 19:00:07 +01:00
Manuel Pégourié-Gonnard 1a96728964 Add function parsing a TLS ECParameters record 2013-02-09 17:53:31 +01:00
Paul Bakker c7a2da437e Updated for PolarSSL 1.2.5 2013-02-02 19:23:57 +01:00
Paul Bakker 40865c8e5d Added sending of alert messages in case of decryption failures as per RFC
The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder.
2013-02-02 19:04:13 +01:00
Paul Bakker d66f070d49 Disable debug messages that can introduce a timing side channel.
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
2013-02-02 19:04:13 +01:00
Paul Bakker 4582999be6 Fixed timing difference resulting from badly formatted padding. 2013-02-02 19:04:13 +01:00
Paul Bakker 8fe40dcd7d Allow enabling of dummy error_strerror() to support some use-cases
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
2013-02-02 12:43:08 +01:00
Manuel Pégourié-Gonnard 3aeb5a7192 Add ECDSA signature primitive. 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard b309ab2936 Add ECDSA sign primitive 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard 2aea1416f9 Add skeleton ecdsa.[ch] 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard 6545ca7bed Add ECDH primitives 2013-01-26 19:11:24 +01:00
Manuel Pégourié-Gonnard 0bad5c2381 Add skeleton ecdh.[ch] 2013-01-26 15:30:46 +01:00
Manuel Pégourié-Gonnard 45a035a9ac Add ecp_gen_keypair() 2013-01-26 14:42:45 +01:00
Paul Bakker 14c56a3378 Updated for PolarSSL 1.2.4 2013-01-25 17:11:37 +01:00
Paul Bakker 1961b709d8 Added ssl_handshake_step() to allow single stepping the handshake
process

Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted.
2013-01-25 14:49:24 +01:00
Paul Bakker 9c94cddeae Correctly handle CertificateRequest with empty DN list in <= TLS 1.1 2013-01-22 14:21:49 +01:00
Paul Bakker cf4365f560 Updated error codes for ECP 2013-01-16 17:00:43 +01:00
Paul Bakker a95919b4c7 Added ECP files to Makefiles as well 2013-01-16 17:00:05 +01:00
Manuel Pégourié-Gonnard 5e402d88ea Added ecp_read_binary(). 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard 37d218a8e3 Added support for writing points compressed 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard e19feb5b46 Added ecp_write_binary(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard 1c33057a63 Added ecp_check_pubkey(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard 3680c82c5a Made choice of w safer and more optimal 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard cdd44324e9 Added ecp_normalize_many() for faster precompute() 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard b63f9e98f5 Made ecp_mul() faster and truly SPA resistant 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard 7652a593d6 Added a precompute() function for fast mult 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard 855560758c Added function preparing for faster multiplication 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard b4a310b472 Added a selftest about SPA resistance 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 9674fd0d5e Added ecp_sub() as a variant of ecp_add() 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 1c2782cc7c Changed to jacobian coordinates everywhere 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 773ed546a2 Added a nbits member to ecp_group 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 4bdd47d2cb Multiplication by negative is now forbidden 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 8433824d5f Added fast mod_p192 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 4712325777 Clarifications in comments; code cosmetics & style 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard dada4da33f Moved domain paramaters to ecp.c 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 62aad14139 Added slot for fast modp, with mod_p521 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 84d1aea1ac Now reducing mod p after every single operation 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard e0c16922f9 Point multiplication using Jacobian coordinates 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 7e0adfbcc5 Replaced add_generic with add_mixed 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 989c32bc3e Replaced double_generic with double_jac 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 27b1ba8be0 Changed ecp_mul() to always add the same point 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard d070f51224 Started introducting Jacobian coordinates 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard 4b8c3f2a1c Moved tests from selftest to tests/test_suite_ecp 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard a5402fee04 Added ecp_use_known_dp() 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard efaa31e9ae Implemented multiplication 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard b4ab8a8137 Fixed memory leak due to typo 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard de532ee73f Implemented generic doubling 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard ab38b70816 Fixed add_generic 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard b505c2796c Got first tests working, fixed ecp_copy() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard d0dc6317e1 Added a few test cases for addition 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 847395a8a9 Added ecp_XXX_read_string() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 7cfcea349c Documented error codes properly 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard ae180d0f20 Got started on ecp_add(): generic case done 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 883f313516 Added ecp_copy() (for points) 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 5179e463d5 Allowed point at infinity, supressed ecp_double() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 1e8c8ecd95 Implemented ecp_{point,group}_free() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard 39d2adbbd0 Added (skeleton) ecp.[ch] 2013-01-16 16:31:48 +01:00
Paul Bakker 21dca69ef0 Handle future version properly in ssl_write_certificate_request() 2013-01-03 11:41:08 +01:00
Paul Bakker 02303e8be4 Moved md_init_ctx() calls around to minimize exit points 2013-01-03 11:08:31 +01:00
Paul Bakker 40628bad98 Memory leak when using RSA_PKCS_V21 operations fixed 2013-01-03 10:50:31 +01:00
Paul Bakker fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker bc3d98469f Fixed multiple DN size 2012-11-26 16:12:02 +01:00
Paul Bakker df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Paul Bakker 3497d8c7bf Do not check sig on trust-ca (might not be top) 2012-11-24 11:53:17 +01:00
Paul Bakker 769075dfb6 Fixed dependency on POLARSSL_SHA4_C in ssl modules 2012-11-24 11:26:46 +01:00
Paul Bakker 78ce507988 Fixed typo 2012-11-23 14:23:53 +01:00
Paul Bakker 926af7582a Fixed client certificate handling with TLS 1.2 2012-11-23 13:38:07 +01:00
Manuel Pégourié-Gonnard e44ec108be Fixed segfault in mpi_shift_r()
Fixed memory leak in test_suite_mpi
Amended ChangeLog
2012-11-18 23:15:02 +01:00
Paul Bakker 90f309ffe7 Added proper gitignores for linux compilation 2012-11-17 00:04:49 +01:00
Paul Bakker 43ae298410 - Fixed argument types 2012-11-14 12:14:19 +00:00
Paul Bakker 34d8dbcc6d - Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0) 2012-11-14 12:11:38 +00:00
Paul Bakker e0f41f3086 - Updated version to 1.2.1 2012-11-13 12:55:02 +00:00
Paul Bakker 9daf0d0651 - Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 2012-11-13 12:13:27 +00:00
Paul Bakker 96c4ed8134 - Proper building of shared lib when SHARED defined 2012-11-13 10:37:52 +00:00
Paul Bakker 644db3893a - Added SHARED define for building with -fPIC 2012-11-13 10:35:00 +00:00
Paul Bakker f02c5642d0 - Allow R and A to point to same mpi in mpi_div_mpi 2012-11-13 10:25:21 +00:00
Paul Bakker 36c4a678a6 - Fixed off-by-one loop 2012-11-09 15:30:07 +00:00
Paul Bakker 096348fa79 - Fixed comments / typos 2012-11-07 20:05:38 +00:00
Paul Bakker fc975dc592 - Small Windows VC6 fixes 2012-11-02 12:51:23 +00:00
Paul Bakker d9374b05d6 - Moved mpi_inv_mod() outside POLARSSL_GENPRIME 2012-11-02 11:02:58 +00:00
Paul Bakker 7a2538ee38 - Fixes for MSVC6 2012-11-02 10:59:36 +00:00
Paul Bakker 645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker bb0139c924 - Moved to more flexible define structure
- Added exception for OpenBSD on Sparc64 (no privilege for call)
2012-10-31 09:53:08 +00:00
Paul Bakker 35a7fe52f3 - Prevent compiler warning 2012-10-31 09:07:14 +00:00
Paul Bakker 8611e73dd3 - Fixed infinite loop 2012-10-30 07:52:29 +00:00
Paul Bakker b0550d90c9 - Added ssl_get_peer_cert() to SSL API 2012-10-30 07:51:03 +00:00
Paul Bakker d2c167e9a8 - And fixed order 2012-10-30 07:49:19 +00:00
Paul Bakker 98fe5eaf47 - Removed snprintf altogether for critical code paths 2012-10-24 11:17:48 +00:00
Paul Bakker 331f5630e9 - Do not use sprintf(), use snprintf() instead. 2012-10-24 10:16:39 +00:00
Paul Bakker ba26e9ebfd - Cache now only allows a maximum of entries in cache for preventing memory overrun 2012-10-23 22:18:28 +00:00
Paul Bakker f1ab0ec1ff - Changed default compiler flags to include -O2 2012-10-23 12:12:53 +00:00
Paul Bakker 67f9d534ee - Removed code breaking strict-aliasing 2012-10-23 11:49:05 +00:00
Paul Bakker 81420abcb6 - properly print minimum version 2012-10-23 10:31:15 +00:00
Paul Bakker c110d025c2 - Added extra check to prevent crash on failed memory allocation 2012-10-19 12:15:08 +00:00
Paul Bakker 0be82f20a9 - Updated rsa_pkcs1_verify() and rsa_pkcs1_sign() to use appropriate buffer size for max MPIs 2012-10-03 20:36:33 +00:00
Paul Bakker 36fec23dc2 - Updated to 1.2.0 2012-10-02 15:40:44 +00:00
Paul Bakker 62261d6bd6 - Rewrote bignum type definition #ifdef tree to work better on all
systems
2012-10-02 12:19:31 +00:00
Paul Bakker 3338b792da - Fixed WIN32 version of x509parse_crtpath() 2012-10-01 21:13:10 +00:00
Paul Bakker d6f17b492f - Moved definition to top to prevent MS VC compiler warning 2012-10-01 20:58:19 +00:00
Paul Bakker 5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker 0e19e9ff1c - Minor define change to prevent warning 2012-10-01 11:02:48 +00:00
Paul Bakker 993d11dd05 - Send ClientHello with 'minimal version' 2012-09-28 15:00:12 +00:00
Paul Bakker 23f3680898 - Added proper support for TLS 1.2 signature_algorithm extension on server
side
 - Minor const changes to other extension parsing functions
2012-09-28 14:15:14 +00:00
Paul Bakker 1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker 62f2deef8b - Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS 2012-09-28 07:31:51 +00:00
Paul Bakker 915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker 5701cdcd02 - Added ServerName extension parsing (SNI) at server side 2012-09-27 21:49:42 +00:00
Paul Bakker eb2c658163 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS 2012-09-27 19:15:01 +00:00
Paul Bakker 321df6fb80 - Expanded rsa_check_privkey() to check DP, DQ and QP as well 2012-09-27 13:21:34 +00:00
Paul Bakker 5531c6d92c - Change buffer size on mpi_write_file() to cover larger size MPIs 2012-09-26 19:20:46 +00:00
Paul Bakker 49d75678a5 - Support INTEGRITY OS 2012-09-26 15:22:07 +00:00
Paul Bakker d14277d7de - Added PBKDF2 error code 2012-09-26 15:19:05 +00:00
Paul Bakker 0a59707523 - Added simple SSL session cache implementation
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker b00ca42f2a - Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob 2012-09-25 12:10:00 +00:00
Paul Bakker 29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker d0f6fa7bdc - Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker 2d319fdfcb - Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover. 2012-09-16 21:34:26 +00:00
Paul Bakker 48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker b5b20f19e7 - Extra sanity check for input added 2012-09-16 15:07:49 +00:00
Paul Bakker 5f70b25c9b - Correctly handle SHA256 ciphersuites in SSLv3
- Moved ssl3_prf to separate function (no exceptions)
2012-09-13 14:23:06 +00:00
Paul Bakker ec636f3bdd - Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation) 2012-09-09 19:17:02 +00:00
Paul Bakker 94a6796179 - Correctly handle MS certificate's key usage bits 2012-08-23 13:03:52 +00:00
Paul Bakker f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker 535e97dbab - Better checking for reading over buffer boundaries
- Zeroize altSubjectName chain memory before use
2012-08-23 10:49:55 +00:00
Paul Bakker b68cad6cc7 - Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
2012-08-23 08:34:18 +00:00
Paul Bakker bb51f0cb3d - Only include md.h if needed by POLARSSL_PKCS1_V21 2012-08-23 07:46:58 +00:00
Paul Bakker 6a2f857b08 - Added DragonflyBSD support 2012-08-23 07:45:37 +00:00
Paul Bakker 3c16db9a10 - Fixed potential memory zeroization on miscrafted RSA key 2012-07-05 13:58:08 +00:00
Paul Bakker 6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker 83f00bba9c - Updated strerror codes for SSL Compression and Blowfish 2012-07-04 11:08:50 +00:00
Paul Bakker a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker 2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker cefb396a77 - Handle empty certificate subject names 2012-06-27 11:51:09 +00:00
Paul Bakker e4791f3936 - Bugfix for Windows in cert path handling 2012-06-04 21:29:15 +00:00
Paul Bakker 67820bd38e - Only include padlock header when POLARSSL_PADLOCK_C is defined 2012-06-04 12:47:23 +00:00
Paul Bakker 8d914583f3 - Added X509 CA Path support 2012-06-04 12:46:42 +00:00
Paul Bakker e6ee41f932 - Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
2012-05-19 08:43:48 +00:00
Paul Bakker 50546921ac - Moved to prevent uninitialized exit var 2012-05-19 08:40:49 +00:00
Paul Bakker f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker 2a5c7a87af - Add Windows required library 2012-05-10 21:54:28 +00:00
Paul Bakker 62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker 4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker 7e2c728178 - Updated to support NetBSD 2012-05-08 13:23:16 +00:00
Paul Bakker 186751d9dd - Moved out_msg to out_hdr + 32 to support hardware acceleration 2012-05-08 13:16:14 +00:00
Paul Bakker 3aac1daf1d - Added exception error parsing when FATAL ssl message is received 2012-05-08 13:12:27 +00:00
Paul Bakker 6b906e5095 - Const correctness mpi_get_bit()
- Documentation mpi_lsb(), mpi_msb()
2012-05-08 12:01:43 +00:00
Paul Bakker 05ef835b6a - Added support for Hardware Acceleration hooking in SSL/TLS 2012-05-08 09:17:57 +00:00
Paul Bakker 430ffbe564 - Fixed potential heap corruption in x509_name allocation 2012-05-01 08:14:20 +00:00
Paul Bakker aec37cb653 - Added extra sanity check to DHM values 2012-04-26 18:59:59 +00:00
Paul Bakker 279432a7c0 - Fixed size of clean 2012-04-26 10:09:35 +00:00
Paul Bakker 901c65620e - Fill full buffer (Wrong parameter usage) 2012-04-20 13:25:38 +00:00
Paul Bakker 380da53c48 - Abstracted checksum updating during handshake 2012-04-18 16:10:25 +00:00
Paul Bakker ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker d8ef167833 - Updated for latest GCM error 2012-04-18 14:17:32 +00:00
Paul Bakker fc5183cf5d - Added input checking and more efficient buffer overlap use 2012-04-18 14:17:01 +00:00
Paul Bakker 369e14bbf1 - Small code rewrite 2012-04-18 14:16:09 +00:00
Paul Bakker 030277ab1e - Updated error.c to include GCM errors 2012-04-17 12:24:26 +00:00
Paul Bakker 13ed9ab921 - Removed unused variable 2012-04-16 09:43:49 +00:00
Paul Bakker 0a9251870a - Report unexpected_message if unknown record type is received 2012-04-16 06:46:41 +00:00
Paul Bakker 10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker bf63b36127 - Updated comments 2012-04-12 20:44:34 +00:00
Paul Bakker c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker 1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker f34cf85534 - Fixed too restrictive test 2012-04-10 07:48:40 +00:00
Paul Bakker 96d42da8fe - Removed debug value 2012-04-05 13:22:07 +00:00
Paul Bakker c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker 452d532955 - Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST) 2012-04-05 12:07:34 +00:00
Paul Bakker 6126481796 - Added compat for sun in net.c 2012-04-03 07:54:30 +00:00
Paul Bakker 56a7684023 - Added alternative for SHA1 signature structure to check for (without NULL) 2012-03-22 15:31:27 +00:00
Paul Bakker 0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker f9169629c9 - Removed unused variables 2012-03-20 15:05:51 +00:00
Paul Bakker 89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker b6ad62dd21 - Added missing x509write.c 2012-03-20 13:41:33 +00:00
Paul Bakker 02f61692ef - Removed trailing char 2012-03-15 10:54:25 +00:00
Paul Bakker f654371b2b - Only include dependencies when required 2012-03-05 14:01:29 +00:00
Paul Bakker ad8d354a1a - Updated RFC ref 2012-02-16 15:28:14 +00:00
Paul Bakker 3cac5e012b - x509_write_cert_req() now supports all available hash functions 2012-02-16 14:08:06 +00:00
Paul Bakker 058881547f - Certificate Requests written now have the Email address written in IA5String 2012-02-16 10:26:57 +00:00
Paul Bakker bdb912db69 - Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker 048d04ef4b - AES code only check for Padlock once 2012-02-12 17:31:04 +00:00
Paul Bakker 39dfdaca8f - Fixed mpi_fill_random() to fill and create right size MPI 2012-02-12 17:17:27 +00:00
Paul Bakker 8afa70dcd5 - Clean Subject Alternative Name data 2012-02-11 18:42:45 +00:00
Paul Bakker 57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker 1504af585c - Removed redundant POLARSSL_DEBUG_MSG define 2012-02-11 16:17:43 +00:00
Paul Bakker a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker 3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker 17caec12af - Changed back statement 2012-01-22 20:37:32 +00:00
Paul Bakker e88186d2ff - Fixed selftest for CTR_DRBG 2012-01-22 20:29:47 +00:00
Paul Bakker cf0360a14e - Fixed compiler error on 64-bit systems not using GCC
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
2012-01-20 10:08:14 +00:00
Paul Bakker ec1b9842c4 - Fixed type of length in get_pkcs_padding() 2012-01-14 18:24:43 +00:00
Paul Bakker 87e5cdad5b - Fixed warning for t if no debugging defined 2012-01-14 18:14:15 +00:00
Paul Bakker ed375caa3b - Fixed signed status of ret 2012-01-14 18:10:38 +00:00
Paul Bakker 8913f82c26 - Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared 2012-01-14 18:07:41 +00:00
Paul Bakker b15b851d6d - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) 2012-01-13 13:44:06 +00:00
Paul Bakker 394c56f854 - Support for FreeBSD _SOCKLEN_T_DECLARED 2011-12-20 12:19:03 +00:00
Paul Bakker 43655f46b0 - Added option to prevent default entropy sources from loading (POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) 2011-12-15 20:11:16 +00:00
Paul Bakker 28c7e7f6fa - Added HAVEGE as a default entropy source 2011-12-15 19:49:30 +00:00
Paul Bakker b1dee1cfd2 - Changed commands to lowercase where it was not the case 2011-12-11 11:29:51 +00:00
Paul Bakker 55d3fd9aff - Enlarged maximum size of DHM a client accepts to 512 bytes 2011-12-11 11:13:05 +00:00
Paul Bakker 69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker 18d32911c0 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work 2011-12-10 21:42:49 +00:00
Paul Bakker bd4a9d0cda - Changed entropy accumulator to have per-source thresholds 2011-12-10 17:02:19 +00:00
Paul Bakker c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker 9304880e8a - Fixed correct printing of serial number '00' 2011-12-05 14:38:06 +00:00
Paul Bakker c8ffbe7706 - Corrected removal of leading '00:' in printing serial numbers in certificates and CRLs 2011-12-05 14:22:49 +00:00
Paul Bakker 6bcfc67cd2 - Prevented warning from unused parameter data 2011-12-05 13:54:00 +00:00
Paul Bakker fc754a9178 - Addedd writing and updating of seedfiles as functions to CTR_DRBG 2011-12-05 13:23:51 +00:00
Paul Bakker 1c70d409ad - Added better handling of missing session struct 2011-12-04 22:30:17 +00:00
Paul Bakker 4f229e5d83 - Fixed define for Windows time functions 2011-12-04 22:11:35 +00:00
Paul Bakker 4f5ae803fa - Fixed MS Visual C++ name clash with int64 in sha4.h 2011-12-04 22:10:28 +00:00
Paul Bakker 6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker 6083fd252d - Added a generic entropy accumulator that provides support for adding custom entropy sources and added some generic and platform dependent entropy sources 2011-12-03 21:45:14 +00:00
Paul Bakker 1bc9efc00a - Fixed const correctness
- Added ctr_drbg_update for non-fixed data lengths
 - Fixed void pointer arithmetic
2011-12-03 11:29:32 +00:00
Paul Bakker cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker 23fd5ea667 - Fixed a potential loop bug 2011-11-29 15:56:12 +00:00
Paul Bakker 2bc7cf16fe - Cleaned up and further documented CTR_DRBG code 2011-11-29 10:50:51 +00:00
Paul Bakker a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker 880ac7eb95 - Added handling for CTR_DRBG module 2011-11-27 14:50:49 +00:00
Paul Bakker 0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker 03c7c25243 - * If certificate serial is longer than 32 octets, serial number is now appended with '....' after first 28 octets 2011-11-25 12:37:37 +00:00
Paul Bakker fe3256e54b - Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44) 2011-11-25 12:11:43 +00:00
Paul Bakker b6d5f08051 - Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory trade-off 2011-11-25 11:52:11 +00:00
Paul Bakker cce9d77745 - Lots of minimal changes to better support WINCE as a build target 2011-11-18 14:26:47 +00:00
Paul Bakker 33008eef64 - Cleaned up define 2011-11-18 12:58:25 +00:00
Paul Bakker dceecd80f7 - Adapted error generation to include ASN.1 changes and have Windows snprintf macro 2011-11-15 16:38:34 +00:00
Paul Bakker 1fe7d9baf9 - Fixed incorrect behaviour in case of RSASSA-PSS with a salt length smaller than the hash length. (Closes ticket #41) 2011-11-15 15:26:03 +00:00
Paul Bakker cebdf17159 - Allowed X509 key usage parsing to accept 4 byte values instead of the standard 1 byte version sometimes used by Microsoft. (Closes ticket #38) 2011-11-11 15:01:31 +00:00
Paul Bakker 2028156556 - Fixed typos in copied text (Fixed ticket #39) 2011-11-11 10:34:04 +00:00
Paul Bakker efc302964c - Extracted ASN.1 parsing code from the X.509 parsing code. Added new module. 2011-11-10 14:43:23 +00:00
Paul Bakker b125ed8fc6 - Fixed typo in doxygen tag 2011-11-10 13:33:51 +00:00
Paul Bakker ca41010b68 - Expanded clobber list on i386 RDTSC call 2011-10-19 14:27:36 +00:00
Paul Bakker 2a1c5f5382 - Minor code cleanup 2011-10-19 14:15:17 +00:00
Paul Bakker fae618fa8b - Updated tests to reflect recent changes 2011-10-12 11:53:52 +00:00
Paul Bakker b5a11ab80b - Added a separate CRL entry extension parsing function 2011-10-12 09:58:41 +00:00
Paul Bakker fbc09f3cb6 - Added an EXPLICIT tag number parameter to x509_get_ext() 2011-10-12 09:56:41 +00:00
Paul Bakker 3329d1f805 - Fixed a bug where the CRL parser expected an EXPLICIT ASN.1 tag before version numbers 2011-10-12 09:55:01 +00:00
Paul Bakker c4909d95f1 - Inceased maximum size of ASN1 length reads to 32-bits 2011-10-12 09:52:22 +00:00
Paul Bakker fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker 490ecc8c3e - Added ssl_set_max_version() to set the client's maximum sent version number 2011-10-06 13:04:09 +00:00
Paul Bakker 7eb013face - Added ssl_session_reset() to allow re-use of already set non-connection specific context information 2011-10-06 12:37:39 +00:00
Paul Bakker adb7ce16c0 - Fixed unconverted t_dbl into t_udbl 2011-08-23 14:55:55 +00:00
Paul Bakker 33aac37d53 - Added correct SONAME to Makefile builds as well 2011-08-13 11:47:41 +00:00
Paul Bakker 8934a98f82 - Fixed memcpy() that had possible overlapping areas to memmove() 2011-08-05 11:11:53 +00:00
Paul Bakker 968bc9831b - Preparations for v1.0.0 release of PolarSSL 2011-07-27 17:03:00 +00:00
Paul Bakker 5c721f98fd - Introduced POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION flag to continue parsing when encountering a critical flag that's not supported by PolarSSL
- Minor Fix in ASN.1 comments of PrivateKeyInfo
2011-07-27 16:51:09 +00:00
Paul Bakker 9db7742adb - Fixed error file after changed codes 2011-07-13 11:47:32 +00:00
Paul Bakker ed56b224de - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
Paul Bakker 3783d6d812 - Do not build shared version by default 2011-07-13 11:25:36 +00:00
Paul Bakker b8213a1298 - Minor update in types to prevent compiler warning under VS2010 2011-07-11 08:16:18 +00:00
Paul Bakker 73206954d4 - Made des_key_check_weak() conform to other functions in return values.
- Added documentation for des_key_check_weak() and des_key_check_key_parity()
2011-07-06 14:37:33 +00:00
Paul Bakker c43e326dca - Generalized CMakefile 2011-07-06 14:36:44 +00:00
Paul Bakker 684ddce18c - Minor fixer to remove compiler warnings for ARMCC 2011-07-01 09:25:54 +00:00
Paul Bakker 1fad5bfb19 - Added define for OpenBSD (sys/endian.h) 2011-07-01 09:07:24 +00:00
Paul Bakker a585beb87e - Introduced windows DLL build and SYS_LDFLAGS 2011-06-21 08:59:44 +00:00
Paul Bakker 39bb418d93 - Made second argument of f_send() prototype and of net_send() const 2011-06-21 07:36:43 +00:00
Paul Bakker 9c021adeff - Added regular error codes for generic message digest layer 2011-06-09 15:55:11 +00:00
Paul Bakker ff61a78a27 - Added and updated cipher error codes and documentation 2011-06-09 15:42:02 +00:00
Paul Bakker 343a870daa - Expanded generic cipher layer with support for CTR and CFB128 modes of operation. 2011-06-09 14:27:58 +00:00
Paul Bakker 1ef71dffc7 - Updated unsignedness in some missed cases 2011-06-09 14:14:58 +00:00
Paul Bakker 27fdf46d16 - Removed deprecated casts to int for now unsigned values 2011-06-09 13:55:13 +00:00
Paul Bakker 887bd502d2 - Undid fix for ssl_write that introduced a true bug when buffers are running full. 2011-06-08 13:10:54 +00:00
Paul Bakker 828acb2234 - Updated for release 0.99-pre5 2011-05-27 09:25:42 +00:00
Paul Bakker 5690efccc4 - Fixed a whole bunch of dependencies on defines between files, examples and tests 2011-05-26 13:16:06 +00:00
Paul Bakker 192381aa89 - Made listen backlog number a define 2011-05-20 12:31:31 +00:00
Paul Bakker 2f5947e1f6 - Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions. 2011-05-18 15:47:11 +00:00
Paul Bakker 831a755d9e - Changed behaviour of net_recv(), ssl_fetch_input() and ssl_read(). net_recv() now returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake.
- Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN
2011-05-18 13:32:51 +00:00
Paul Bakker 9d781407bc - A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker 6c591fab72 - mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases. 2011-05-05 11:49:20 +00:00
Paul Bakker f968857a82 - Removed conversions to int when not needed to prevent signed / unsigned situations
- Maximized mpi limb size
2011-05-05 10:00:45 +00:00
Paul Bakker 31cacd7cf8 - Re-organized object files 2011-04-25 15:31:41 +00:00
Paul Bakker 335db3f121 - Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO 2011-04-25 15:28:35 +00:00
Paul Bakker f4f6968a86 - Improved compile-time compatibility with mingw32 64-bit versions 2011-04-24 16:08:12 +00:00
Paul Bakker 2eee902be3 - Better timer for Windows platforms
- Made alarmed volatile for better Windows compatibility
2011-04-24 15:28:55 +00:00
Paul Bakker a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker 23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker e91d01e144 - Fixed typo 2011-04-19 15:55:50 +00:00
Paul Bakker b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker af5c85fc10 - Improved portability with Microsoft Visual C 2011-04-18 03:47:52 +00:00
Paul Bakker a493ad4539 - Dropped designated initializers as they are not supported on Microsoft Visual C 2011-04-18 03:29:41 +00:00
Paul Bakker eaa89f8366 - Do not depend on dhm code if POLARSSL_DHM_C not defined 2011-04-04 21:36:15 +00:00
Paul Bakker 3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker 99a03afc22 - Fixed possible uninitialized values 2011-04-01 11:39:39 +00:00
Paul Bakker 0216cc1bee - Added flag to disable Chinese Remainder Theorem when using RSA private operation (POLARSSL_RSA_NO_CRT) 2011-03-26 13:40:23 +00:00
Paul Bakker 287781a965 - Added mpi_fill_random() for centralized filling of big numbers with random data (Fixed ticket #10) 2011-03-26 13:18:49 +00:00
Paul Bakker 66b78b2d16 - Added missing rsa_init() call in x509parse_self_test() 2011-03-25 14:22:50 +00:00
Paul Bakker 53019ae6f7 - RSASSA-PSS verification now properly handles salt lengths other than hlen 2011-03-25 13:58:48 +00:00
Paul Bakker 1fd00bfe82 - Fixed bug in ssl_write() when flushing old data (Fixes ticket #18) 2011-03-14 20:50:15 +00:00
Paul Bakker be4e7dca08 - Debug print of MPI now removes leading zero octets and displays actual bit size of the value 2011-03-14 20:41:31 +00:00
Paul Bakker 9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker fea43a2501 - Re-added removed dhm test values 2011-03-08 13:58:16 +00:00
Paul Bakker 646f65c9bd - Fixed faulty test server key 2011-03-02 14:47:44 +00:00
Paul Bakker 345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker 5a1494fb30 - Added pem to library 2011-02-25 09:48:49 +00:00
Paul Bakker 1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker c47840efd5 - Updated sanity checks 2011-02-20 16:37:30 +00:00
Paul Bakker e2a39cc0fa - Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket #12) 2011-02-20 13:49:27 +00:00
Paul Bakker 9e7606fcd8 - Updated certificates for new test versions 2011-02-20 13:34:20 +00:00
Paul Bakker 400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker 96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker 46eb13828e - Makefiles now respect external CFLAGS and LDFLAGS. Closes ticket #2 2011-01-30 17:10:13 +00:00
Paul Bakker cdf07e9979 - Information about missing or non-verified client certificate is not provided as well. 2011-01-30 17:05:13 +00:00
Paul Bakker 9fc4659b30 - Preparing for Release of 0.99 prerelease 1 2011-01-30 16:59:02 +00:00
Paul Bakker e3166ce040 - Renamed ciphers member of ssl_context and cipher member of ssl_session to ciphersuites and ciphersuite respectively. This clarifies the difference with the generic cipher layer and is better naming altogether
- Adapted in the rest of using code as well
2011-01-27 17:40:50 +00:00
Paul Bakker dbee2cad7d - Removed application code from library source file 2011-01-27 16:38:52 +00:00
Paul Bakker f3b86c1e62 - Updated Doxygen documentation generation and documentation on small parts 2011-01-27 15:24:17 +00:00
Paul Bakker 562535d11b - Split current md_starts() and md_hmac_starts() functionality into separate md_init_ctx() for allocating the context and the existing starts() functions to initialize the message digest for use. 2011-01-20 16:42:01 +00:00
Paul Bakker a885d6835f - Require different input and output buffer in cipher_update()
- Fixed style typos
2011-01-20 16:35:05 +00:00
Paul Bakker e9426948fa - Added extra compiler warnings by default 2011-01-18 16:28:42 +00:00
Paul Bakker b06819bb5d - Adapted CMake files for the PKCS#11 support 2011-01-18 16:18:38 +00:00
Paul Bakker d61e7d98cb - Cleaned up warning-generating code 2011-01-18 16:17:47 +00:00
Paul Bakker 43b7e35b25 - Support for PKCS#11 through the use of the pkcs11-helper library 2011-01-18 15:27:19 +00:00
Paul Bakker 0f5f72e949 - Fixed doxygen syntax to standard '\' instead of '@' 2011-01-18 14:58:55 +00:00
Paul Bakker 3cccddb238 - Fixed identification of non-critical CA certificates 2011-01-16 21:46:31 +00:00
Paul Bakker b619499eb3 - x509parse_time_expired() checks time now in addition to the existing date check 2011-01-16 21:40:22 +00:00
Paul Bakker a056efc8f9 - Fixed serial length check 2011-01-16 21:38:35 +00:00
Paul Bakker dd47699ba5 - Moved storing of a printable serial into a separate function 2011-01-16 21:34:59 +00:00
Paul Bakker 72f6266f02 - Improved information provided about current Hashing, Cipher and Suite capabilities 2011-01-16 21:27:44 +00:00
Paul Bakker 76fd75a3de - Improved certificate validation and validation against the available CRLs 2011-01-16 21:12:10 +00:00
Paul Bakker 43ca69c38a - Added function for stringified SSL/TLS version 2011-01-15 17:35:19 +00:00
Paul Bakker 1f87fb6896 - Support for DES weak keys and parity bits added 2011-01-15 17:32:24 +00:00
Paul Bakker 74111d30b7 - Improved X509 certificate parsing to include extended certificate fields, such as Key Usage 2011-01-15 16:57:55 +00:00
Paul Bakker b63b0afc05 - Added verification callback in certificate verification chain in order to allow external blacklisting 2011-01-13 17:54:59 +00:00
Paul Bakker 1b57b06751 - Added reading of DHM context from memory and file 2011-01-06 15:48:19 +00:00
Paul Bakker 8123e9d8f1 - Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 15:37:30 +00:00
Paul Bakker 6d46812123 - Fixed typo 2011-01-06 15:35:45 +00:00
Paul Bakker 1737385e04 - Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 14:20:01 +00:00
Paul Bakker b94081bfc1 - Make A only smaller if it is larger than |X| - 1 2011-01-05 15:53:06 +00:00
Paul Bakker 9d3a7e4188 - Added CMake option USE_SHARED_POLARSSL_LIBRARY to allow for building of shared PolarSSL library 2011-01-05 15:24:43 +00:00
Paul Bakker 547f73d66f - Added install targets to the CMake files 2011-01-05 15:07:54 +00:00
Paul Bakker 21eb2802fe - Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 11:10:02 +00:00
Paul Bakker 61c324bbdd - Enabled TLSv1.1 support in server as well 2010-07-29 21:09:03 +00:00
Paul Bakker 2e11f7d966 - Added support for TLS v1.1
- Renamed some SSL defines to prevent future naming confusion
2010-07-25 14:24:53 +00:00
Paul Bakker b96f154e51 - Fixed copyright message 2010-07-18 20:36:00 +00:00
Paul Bakker 84f12b76fc - Updated Copyright to correct entity 2010-07-18 10:13:04 +00:00
Paul Bakker ff7fe670bb - Minor DHM code cleanup/comments 2010-07-18 09:45:05 +00:00
Paul Bakker 545570e208 - Added initialization for RSA where needed 2010-07-18 09:00:25 +00:00
Paul Bakker b572adf5e6 - Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context
- Expanded ssl_client2 arguments for more flexibility
 - rsa_check_private() now supports PKCS1v2 keys as well
 - Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator
2010-07-18 08:29:32 +00:00
Paul Bakker 08f3c30547 - Enlarged buffer to allow better debugging. 2010-07-08 06:54:25 +00:00
Paul Bakker 3ac1b2d952 - Added runtime and compiletime version information 2010-06-18 22:47:29 +00:00
Paul Bakker 77a43580da - Added support for the SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites 2010-06-15 21:32:46 +00:00
Paul Bakker 699fbbcf29 - Added missing const fixes 2010-03-24 07:15:41 +00:00
Paul Bakker 57b7914445 - String peer_cn in ssl context made const as well. 2010-03-24 06:51:15 +00:00
Paul Bakker ad7eca201d - Reverted Makefile (Unmerged CMake fault) 2010-03-24 06:46:47 +00:00
Paul Bakker 2908713af1 - Corrected behaviour 2010-03-21 21:03:34 +00:00
Paul Bakker fc8c4360b8 - Updated copyright line to 2010 2010-03-21 17:37:16 +00:00
Paul Bakker 1f3c39c194 - Removed copyright line for Christophe Devine for clarity 2010-03-21 17:30:05 +00:00
Paul Bakker 7d3b661bfe - Added reset functionality for HMAC context. Speed-up for some use-cases. 2010-03-21 16:23:13 +00:00
Paul Bakker baad6504d4 - Changed ARC4 to use seperate input/output buffer 2010-03-21 15:42:15 +00:00
Paul Bakker f3ccc68100 - Fixed cipher interface for encrypt/decrypt functions 2010-03-18 21:21:02 +00:00
Paul Bakker 27d661657b - Added x509_get_sig_alg() to allow easy future X509 signature algorithm determination expansion 2010-03-17 06:56:01 +00:00
Paul Bakker 41d13f4af8 - Found algorithmic bug in mpi_is_prime() 2010-03-16 21:26:36 +00:00
Paul Bakker 4ed999c4b2 - Added fixes for compiler warnings on a Mac 2010-03-16 21:16:16 +00:00
Paul Bakker ff60ee6c2a - Added const-correctness to main codebase 2010-03-16 21:09:09 +00:00
Paul Bakker 9120018f3d - Added support for GeneralizedTime in X509 certificates 2010-02-18 21:26:15 +00:00
Paul Bakker 1f76115340 - Fixed bug resulting in failure to send the last certificate in the chain in ssl_write_certificate() and ssl_write_certificate_request() 2010-02-18 18:16:31 +00:00
Paul Bakker fe1aea7877 - Fixed typo in MD4 define 2009-10-03 20:09:14 +00:00
Paul Bakker de4d2eae95 - Added handling of missing POLARSSL_MD5_C define and POLARSSL_SHA1_c define 2009-10-03 19:58:52 +00:00
Paul Bakker 77b385e91a - Updated copyright messages on all relevant files 2009-07-28 17:23:11 +00:00
Paul Bakker c6ce838d8f - Better handling of extension parsing 2009-07-27 21:34:45 +00:00
Paul Bakker b3bb6c0c66 - Fixed include location of endian.h and name clash on Apples (found by Martin van Hensbergen) 2009-07-27 21:09:47 +00:00
Paul Bakker 2a1fadffd7 - Increased size of generated value X 2009-07-27 21:05:24 +00:00
Paul Bakker 2b222c830b - Changed interface for AES and Camellia setkey functions to indicate invalid key lengths. 2009-07-27 21:03:45 +00:00
Paul Bakker 9be19375e5 - Fill base data for x509_crl_entry in CRL correctly
- Internal structure of sequences is not optional anymore (as per RFC)
 - nextUpdate handles optionality correct if no revokedCertificates are present.
 - x509parse_crl_info handles the case of no entries correctly
2009-07-27 20:21:53 +00:00
Paul Bakker c2547b0034 - Surpress warning of unused 'mode' parameter in Camellia 2009-07-20 20:40:52 +00:00
Paul Bakker 635f4b4cf9 - Updated error check on optional nextUpdate in CRL 2009-07-20 20:34:41 +00:00
Paul Bakker 854963cee3 - Fixed include location of endian.h on FreeBSD (found by Gabriel) 2009-07-19 20:50:11 +00:00
Paul Bakker 38e2b482ff - Fixed typo in name of POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE. 2009-07-19 20:41:06 +00:00
Paul Bakker fc22c441bc - Renamed RSA_RAW to SIG_RSA_RAW for consistency in the code. 2009-07-19 20:36:27 +00:00
Paul Bakker 1e27bb24bc - Added newline at end of CRL info 2009-07-19 20:25:25 +00:00
Paul Bakker 2fd71f0757 - Fixed HMAC-MD2 by modifying md2_starts(), so that the required HMAC ipad and opad variables are not cleared! 2009-07-11 20:40:58 +00:00
Paul Bakker 396c52f711 - Updated and cleaned CMakeList 2009-07-11 19:54:40 +00:00
Paul Bakker 37940d9ff6 - Added test coverage for X509parse
- Fixed segfault in rsa_check_privkey() and rsa_check_pubkey() and added test
2009-07-10 22:38:58 +00:00
Paul Bakker 1973e4c582 - Fixed selftest of X509parse code 2009-07-10 22:32:40 +00:00
Paul Bakker 367dae44b2 - Added CMake makefiles as alternative to regular Makefiles.
- Added preliminary Code Coverage tests for AES, ARC4, Base64, MPI, SHA-family, MD-family and  HMAC-SHA-family.
2009-06-28 21:50:27 +00:00
Paul Bakker 48eab260e9 - Corrected is_prime() results for 0, 1 and 2 (found by code coverage tests) 2009-06-25 21:25:49 +00:00
Paul Bakker ce40a6d21d - Fixed incorrect handling of negative first input value in mpi_mod_mpi() and mpi_mod_int(). Resulting change also affects mpi_write_string() (found by code coverage tests). 2009-06-23 19:46:08 +00:00
Paul Bakker 1ef7a53fa2 - Fixed incorrect handling of negative first input value in mpi_sub_abs() (found by code coverage tests). 2009-06-20 10:50:55 +00:00
Paul Bakker f7ca7b99dd - Fixed incorrect handling of one single negative input value in mpi_add_abs() (found by code coverage tests). 2009-06-20 10:31:06 +00:00
Paul Bakker 05feca6f7c - Fixed incorrect handling of negative strings in mpi_read_string() (found by code coverage tests). 2009-06-20 08:22:43 +00:00
Paul Bakker cde51572df - Fixed missing support for SHA2 in rsa_pkcs1_sign() 2009-05-17 10:11:56 +00:00
Paul Bakker c81f6c3f06 - Made Camellia use uint32_t for 64-bit compatibility 2009-05-03 13:09:15 +00:00
Paul Bakker 0fdf3cacf2 - Modified XTEA to use uint32_t instead of unsigned long 2009-05-03 12:54:07 +00:00
Paul Bakker 40ea7de46d - Added CRL revocation support to x509parse_verify()
- Fixed an off-by-one allocation in ssl_set_hostname()
 - Added CRL support to SSL/TLS code
2009-05-03 10:18:48 +00:00
Paul Bakker 7d06ad2b52 - Fixed formatting 2009-05-02 15:53:56 +00:00
Paul Bakker d98030e7d6 - Added prelimenary CRL parsing and info support 2009-05-02 15:13:40 +00:00
Paul Bakker 34a9056f39 - POLARSSL_HAVE_ASM also used in padlock and timing code. 2009-04-19 21:17:09 +00:00
Paul Bakker 1d4f30ca4d - Made net_htons() endian-clean for big endian. 2009-04-19 18:55:16 +00:00
Paul Bakker 2b245ebd9f - Moved file loading to load_file 2009-04-19 18:44:26 +00:00
Paul Bakker 7c6d4a4e6b - Fixed new logic on certificate chains in x509parse_verify() 2009-03-28 20:35:47 +00:00
Paul Bakker e9581d66b0 - Fixed logic error on end of 'full' chain 2009-03-28 20:29:25 +00:00
Paul Bakker 320a4b59a8 - Added input handling for x509parse_crt()
- Prevented memory leak by only adding new certificate if needed in x509parse_crt()
 - Add certificate before parsing if chain is 'full' in x509parse_crt()
2009-03-28 18:52:39 +00:00
Paul Bakker ef75f25be7 - Proper sequence of ciphersuites 2009-03-28 18:43:23 +00:00
Paul Bakker 026c03b7f4 - Made changes for better compatibility with old-style C compilers 2009-03-28 17:53:03 +00:00
Paul Bakker 70b3eed2aa - Moved mpi_gcd() outside of the POLARSSL_GENPRIME define. Is needed in rsa.c for normal use. 2009-03-14 18:01:25 +00:00
Paul Bakker 8cda68bcdc - Updated certificates to PolarSSL certificates 2009-02-10 22:19:29 +00:00
Paul Bakker 4593aeadaf - Added support for RFC4055 SHA2 and SHA4 signature algorithms for
use with PKCS#1 v1.5 signing and verification.
 - Added extra certificates to test-ca and test code to further test
   functionality of SHA2 and SHA4 signing and verification.
 - Updated other program files accordingly
2009-02-09 22:32:35 +00:00
Paul Bakker 3681b118ec - Enlarged debug buffer to facilitate long certificate values and filenames 2009-02-07 17:14:21 +00:00
Paul Bakker 2da561c2a1 - Moved debug message in ssl_free() before clearing of ssl context 2009-02-05 18:00:28 +00:00
Paul Bakker 4e0d7ca233 - Fixed a bug in mpi_gcd() that prevented correct funtioning when both input numbers are even. 2009-01-29 22:24:33 +00:00
Paul Bakker 785a9eeece - Added email address to header license information 2009-01-25 14:15:10 +00:00
Paul Bakker 864801ef41 - Added license replacement script 2009-01-25 11:59:46 +00:00
Paul Bakker fa049dba45 - Added POLARSSL_CAMELLIA_SMALL_MEMORY define for SBOX'es 2009-01-12 22:12:03 +00:00
Paul Bakker 060c56871c - Fixed possible heap overflow in pkcs1_decrypt on data larger than output
buffer after padding. For instance the premaster decryption in
   ssl_parse_client_key_exchange() in ssl_serv.c (Thanks to Christophe
   Devine)
2009-01-12 21:48:39 +00:00
Paul Bakker c32c6b56ca - Minimally optimized camellia_feistel()
- Removed debug code
2009-01-11 21:36:43 +00:00
Paul Bakker b5ef0bada4 - Added SSL_RSA_CAMELLIA_128_SHA, SSL_RSA_CAMELLIA_256_SHA, SSL_EDH_RSA_CAMELLIA_256_SHA ciphersuites to SSL 2009-01-11 20:25:36 +00:00
Paul Bakker 38119b18d6 - Added first version of Camellia 2009-01-10 23:31:23 +00:00
Paul Bakker 7a7c78fd02 - Added XTEA Algorithm (Not used in SSL) 2009-01-04 18:15:48 +00:00
Paul Bakker e0ccd0a7c3 - Updated Copyright notices 2009-01-04 16:27:10 +00:00
Paul Bakker 40e46940df - First replacement of xyssl by polarssl where needed 2009-01-03 21:51:57 +00:00
Paul Bakker 5121ce5bdb - Renamed include directory to polarssl 2009-01-03 21:22:43 +00:00