Ron Eldor 
							
						 
						
							
							
							
							
								
							
							
								a886ce3c88 
								
							 
						 
						
							
							
								
								Backport 2.1: Check rc of mbedtls_mpi_fill_random  
							
							... 
							
							
							
							Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
Reported and fix suggested by guidovranken in #740  
							
						 
						
							2017-07-20 01:25:53 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								37ff14062e 
								
							 
						 
						
							
							
								
								Change main license to Apache 2.0  
							
							
							
						 
						
							2015-09-04 14:21:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6fb8187279 
								
							 
						 
						
							
							
								
								Update date in copyright line  
							
							
							
						 
						
							2015-07-28 17:11:58 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								53585eeb17 
								
							 
						 
						
							
							
								
								Remove test DHM params from certs.c  
							
							... 
							
							
							
							certs.c belongs to the X.509 library, while DHM belongs to the crypto lib. 
							
						 
						
							2015-06-25 10:59:57 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3335205a21 
								
							 
						 
						
							
							
								
								Avoid in-out length in dhm_calc_secret()  
							
							
							
						 
						
							2015-06-02 16:17:08 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6a8ca33fa5 
								
							 
						 
						
							
							
								
								Rename ERR_xxx_MALLOC_FAILED to ..._ALLOC_FAILED  
							
							
							
						 
						
							2015-05-28 16:25:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7551cb9ee9 
								
							 
						 
						
							
							
								
								Replace malloc with calloc  
							
							... 
							
							
							
							- platform layer currently broken (not adapted yet)
- memmory_buffer_alloc too 
							
						 
						
							2015-05-26 16:04:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0ece0f94f2 
								
							 
						 
						
							
							
								
								Fix checks for nul-termination  
							
							
							
						 
						
							2015-05-12 12:43:54 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								43b37cbc92 
								
							 
						 
						
							
							
								
								Fix use of pem_read_buffer() in PK, DHM and X509  
							
							
							
						 
						
							2015-05-12 11:26:43 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								de9b363fbd 
								
							 
						 
						
							
							
								
								Merge branch mbedtls-1.3 into development  
							
							... 
							
							
							
							* commit '95f0089':
  Update Changelog for DH params
  Add test case for dh params with privateValueLength
  accept PKCS#3 DH parameters with privateValueLength included
Conflicts:
	library/dhm.c 
							
						 
						
							2015-04-17 20:07:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Daniel Kahn Gillmor 
							
						 
						
							
							
							
							
								
							
							
								2ed81733a6 
								
							 
						 
						
							
							
								
								accept PKCS#3 DH parameters with privateValueLength included  
							
							... 
							
							
							
							library/dhm.c: accept (and ignore) optional privateValueLength for
PKCS#3 DH parameters.
PKCS#3 defines the ASN.1 encoding of a DH parameter set like this:
----------------
DHParameter ::= SEQUENCE {
  prime INTEGER, -- p
  base INTEGER, -- g
  privateValueLength INTEGER OPTIONAL }
The fields of type DHParameter have the following meanings:
     o    prime is the prime p.
     o    base is the base g.
     o    privateValueLength is the optional private-value
          length l.
----------------
See: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc
This optional parameter was added in PKCS#3 version 1.4, released
November 1, 1993.
dhm.c currently doesn't cope well with PKCS#3 files that have this
optional final parameter included. i see errors like:
------------
dhm_parse_dhmfile returned -0x33E6
Last error was: -0x33E6 - DHM - The ASN.1 data is not formatted correctly : ASN1 - Actual length differs from expected lengt
------------
You can generate PKCS#3 files with this final parameter with recent
versions of certtool from GnuTLS:
 certtool --generate-dh-params > dh.pem 
							
						 
						
							2015-04-15 13:27:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2cf5a7c98e 
								
							 
						 
						
							
							
								
								The Great Renaming  
							
							... 
							
							
							
							A simple execution of tmp/invoke-rename.pl 
							
						 
						
							2015-04-08 13:25:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								998930ae0d 
								
							 
						 
						
							
							
								
								Replace non-ascii characters in source files  
							
							
							
						 
						
							2015-04-03 13:48:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7f8099773e 
								
							 
						 
						
							
							
								
								Rename include directory to mbedtls  
							
							
							
						 
						
							2015-03-10 11:23:56 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fe44643b0e 
								
							 
						 
						
							
							
								
								Rename website and repository  
							
							
							
						 
						
							2015-03-06 13:17:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								981732bb8e 
								
							 
						 
						
							
							
								
								Fix missing/misplaced #include's  
							
							
							
						 
						
							2015-02-17 15:47:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Mansour Moufid 
							
						 
						
							
							
							
							
								
							
							
								c531b4af3c 
								
							 
						 
						
							
							
								
								Apply the semantic patch rm-malloc-cast.cocci.  
							
							... 
							
							
							
							for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done 
							
						 
						
							2015-02-16 10:43:52 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Rich Evans 
							
						 
						
							
							
							
							
								
							
							
								00ab47026b 
								
							 
						 
						
							
							
								
								cleanup library and some basic tests. Includes, add guards to includes  
							
							
							
						 
						
							2015-02-10 11:28:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								860b51642d 
								
							 
						 
						
							
							
								
								Fix url again  
							
							
							
						 
						
							2015-01-28 17:12:07 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								085ab040aa 
								
							 
						 
						
							
							
								
								Fix website url to use https.  
							
							
							
						 
						
							2015-01-23 11:06:27 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9698f5852c 
								
							 
						 
						
							
							
								
								Remove maintainer line.  
							
							
							
						 
						
							2015-01-23 10:59:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								19f6b5dfaa 
								
							 
						 
						
							
							
								
								Remove redundant "all rights reserved"  
							
							
							
						 
						
							2015-01-23 10:54:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a658a4051b 
								
							 
						 
						
							
							
								
								Update copyright  
							
							
							
						 
						
							2015-01-23 09:55:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								967a2a5f8c 
								
							 
						 
						
							
							
								
								Change name to mbed TLS in the copyright notice  
							
							
							
						 
						
							2015-01-22 14:28:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b196fc23b1 
								
							 
						 
						
							
							
								
								Fix dhm_selftest() return value  
							
							
							
						 
						
							2014-07-09 16:53:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8f870b047c 
								
							 
						 
						
							
							
								
								Add dhm_init()  
							
							
							
						 
						
							2014-07-09 10:19:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								66d5d076f7 
								
							 
						 
						
							
							
								
								Fix formatting in various code to match spacing from coding style  
							
							
							
						 
						
							2014-06-17 17:06:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3461772559 
								
							 
						 
						
							
							
								
								Introduce polarssl_zeroize() instead of memset() for zeroization  
							
							
							
						 
						
							2014-06-14 16:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b9e4e2c97a 
								
							 
						 
						
							
							
								
								Fix formatting: fix some 'easy' > 80 length lines  
							
							
							
						 
						
							2014-05-01 14:18:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9af723cee7 
								
							 
						 
						
							
							
								
								Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
							
							
							
						 
						
							2014-05-01 13:03:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								cef4ad2509 
								
							 
						 
						
							
							
								
								Adapt sources to configurable config.h name  
							
							
							
						 
						
							2014-04-30 16:40:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3d8fb63e11 
								
							 
						 
						
							
							
								
								Added missing MPI_CHK around mpi functions  
							
							
							
						 
						
							2014-04-17 12:42:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3fec220a33 
								
							 
						 
						
							
							
								
								Add test for dhm_parse_dhmfile  
							
							
							
						 
						
							2014-04-04 16:42:44 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								648656a628 
								
							 
						 
						
							
							
								
								Fix error code in dhm_selftest()  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								7dc4c44267 
								
							 
						 
						
							
							
								
								Library files moved to use platform layer  
							
							
							
						 
						
							2014-02-06 13:20:16 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d61cc3b246 
								
							 
						 
						
							
							
								
								Possible naming collision in dhm_context  
							
							
							
						 
						
							2013-10-11 09:38:49 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								15d5de1969 
								
							 
						 
						
							
							
								
								Simplify usage of DHM blinding  
							
							
							
						 
						
							2013-09-18 14:35:55 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								cff6842b39 
								
							 
						 
						
							
							
								
								POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C  
							
							
							
						 
						
							2013-09-16 13:36:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								40ce79f1e6 
								
							 
						 
						
							
							
								
								Moved DHM parsing from X509 module to DHM module  
							
							
							
						 
						
							2013-09-15 17:43:54 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b72b4edec1 
								
							 
						 
						
							
							
								
								Fix memory leak in DHM  
							
							
							
						 
						
							2013-09-13 13:55:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ed8a02bfae 
								
							 
						 
						
							
							
								
								Simplify DH blinding a bit  
							
							
							
						 
						
							2013-09-04 17:18:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								143b5028a5 
								
							 
						 
						
							
							
								
								Implement DH blinding  
							
							
							
						 
						
							2013-09-04 16:29:59 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2d627649bf 
								
							 
						 
						
							
							
								
								Change dhm_calc_secret() prototype  
							
							
							
						 
						
							2013-09-04 14:22:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								48f7a5d724 
								
							 
						 
						
							
							
								
								DHE-PSK based ciphersuite support added and cleaner key exchange based  
							
							... 
							
							
							
							code selection
The base RFC 4279 DHE-PSK ciphersuites are now supported and added.
The SSL code cuts out code not relevant for defined key exchange methods 
							
						 
						
							2013-04-19 20:47:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b5b20f19e7 
								
							 
						 
						
							
							
								
								- Extra sanity check for input added  
							
							
							
						 
						
							2012-09-16 15:07:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								aec37cb653 
								
							 
						 
						
							
							
								
								- Added extra sanity check to DHM values  
							
							
							
						 
						
							2012-04-26 18:59:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								901c65620e 
								
							 
						 
						
							
							
								
								- Fill full buffer (Wrong parameter usage)  
							
							
							
						 
						
							2012-04-20 13:25:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								13ed9ab921 
								
							 
						 
						
							
							
								
								- Removed unused variable  
							
							
							
						 
						
							2012-04-16 09:43:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1ef83d66dd 
								
							 
						 
						
							
							
								
								- Initial bare version of TLS 1.2  
							
							
							
						 
						
							2012-04-11 12:09:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a3d195c41f 
								
							 
						 
						
							
							
								
								- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs  
							
							
							
						 
						
							2011-11-27 21:07:34 +00:00