mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-06 06:45:48 +00:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	a77edade0c	Clean up unneeded things	2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard	4063ceb281	Make hmac_ctx optional Note from future self: actually md_init_ctx will be re-introduced with the same signature later, and a new function with the additional argument will be added.	2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard	dfb3dc8b53	Make ipad/opad dynamic and more opaque	2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard	4da88c50c1	Remove specific xxx_hmac functions	2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard	7da726bb53	Remove calls to xxx_hmac() from SSL modules	2015-03-25 21:55:56 +01:00
Manuel Pégourié-Gonnard	0a8896ad6f	Remove references to xxx_hmac() from MD layer	2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard	8379a82a76	Implement hmac in the MD layer	2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard	ca878dbaa5	Make md_info_t an opaque structure - more freedom for us to change it in the future - enforces hygiene - performance impact of making accessors no longer inline should really be negligible	2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard	9325b26b42	Fix warning with mingw32 Apparently it thinks getsockopt()'s should be a char , while it's a void according to POSIX. Casting to void * avoids the warning.	2015-03-25 21:37:15 +01:00
Manuel Pégourié-Gonnard	9a65e80e4f	Properly mark ssl_set_bio() as deprecated	2015-03-25 18:09:46 +01:00
Manuel Pégourié-Gonnard	e424d0814d	Refresh generated file after merge	2015-03-23 14:31:50 +01:00
Manuel Pégourié-Gonnard	8a80318df2	Merge branch 'mbedtls-1.3' into development * mbedtls-1.3: Update generated file Update Changelog for deprecation config flags Fix tests to work with DEPRECATED_REMOVED Add POLARSSL_DEPRECATED_{WARNING,REMOVED} Suppress clang warning we don't want	2015-03-23 14:31:25 +01:00
Manuel Pégourié-Gonnard	bf8f7febd8	Update generated file	2015-03-23 14:24:06 +01:00
Manuel Pégourié-Gonnard	c70581c272	Add POLARSSL_DEPRECATED_{WARNING,REMOVED}	2015-03-23 14:11:11 +01:00
Manuel Pégourié-Gonnard	85b6600ab2	Suppress clang warning we don't want	2015-03-23 12:03:49 +01:00
Manuel Pégourié-Gonnard	849b174e57	Disable RC4 by default in the library	2015-03-20 19:14:19 +00:00
Manuel Pégourié-Gonnard	391af97a71	Re-remove file after merge failure (my fault)	2015-03-20 18:31:01 +00:00
Manuel Pégourié-Gonnard	9395298d12	Fix use of deprecated function in the library	2015-03-20 18:23:52 +00:00
Manuel Pégourié-Gonnard	47723147f5	Remove functions deprecated in 1.3	2015-03-20 18:21:12 +00:00
Manuel Pégourié-Gonnard	9658391073	Fix use of deprecated function in the library	2015-03-20 18:19:32 +00:00
Manuel Pégourié-Gonnard	7c4e60fa7d	Merge branch 'mbedtls-1.3' into development * mbedtls-1.3: Mark a few additional deprecations Use proper doxygen markup to mark deprecations Add -fdata-sections in memory.sh too	2015-03-20 17:30:31 +00:00
Manuel Pégourié-Gonnard	71432849ed	Use proper doxygen markup to mark deprecations	2015-03-20 17:26:50 +00:00
Manuel Pégourié-Gonnard	a78b218042	Fix contness of debug_print_buf()	2015-03-19 17:16:11 +00:00
Manuel Pégourié-Gonnard	6e0643762d	Reverse meaning of OID_CMP	2015-03-19 16:54:56 +00:00
Manuel Pégourié-Gonnard	852a6d3d8f	Rename ssl.renegotiation to ssl.renego_status	2015-03-19 16:15:20 +00:00
Manuel Pégourié-Gonnard	240b092a6c	Drop dummy self_test functions	2015-03-19 15:30:28 +00:00
Manuel Pégourié-Gonnard	8d92cedd11	Fix constness issue in pkcs5_pbes2()	2015-03-19 15:21:13 +00:00
Manuel Pégourié-Gonnard	0db107e4ba	Fix pk_can_do() constness issue	2015-03-19 14:01:57 +00:00
Manuel Pégourié-Gonnard	fa8aebcbcc	Fix a constness issue	2015-03-19 13:38:17 +00:00
Manuel Pégourié-Gonnard	35f1d7f0aa	Update signature of mpi_mul_mpi()	2015-03-19 12:42:40 +00:00
Manuel Pégourié-Gonnard	8ee08a259a	Update generated file	2015-03-13 16:33:40 +00:00
Manuel Pégourié-Gonnard	cc0d084820	Merge branch 'mbedtls-1.3' into development * mbedtls-1.3: Actually use armcc for the armcc test ^^' Add more -O level variety in all.sh Document recent make changes build: Makefile: cleanup CFLAGS build: Makefile: cleanup LDFLAGS build: Makefile: simplify root Makefile build: Makefile: remove bashism Conflicts: programs/Makefile	2015-03-13 16:32:40 +00:00
Alon Bar-Lev	f7a9f30348	build: Makefile: cleanup CFLAGS CFLAGS are reserved for external interaction via make variable, the following should work: $ make CFLAGS="-O3" $ CFLAGS="-O3" make 1. Move internal flags to LOCAL_CFLAGS 2. Respect external CFLAGS 3. CFLAGS should be last compiler flags. 4. Default CFLAGS is -O optimization, remove OFLAGS. 5. Add WARNING_CFLAGS to control warning setting and enable to remove if compiler does not support flags. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>	2015-03-13 13:34:25 +00:00
Alon Bar-Lev	ada4105ba2	build: Makefile: cleanup LDFLAGS LDFLAGS are reserved for external interaction via make variable, the following should work: $ make LDFLAGS="-L/xxx" $ LDFLAGS="-L/xxx" make 1. Move internal flags to LOCAL_LDFLAGS 2. Respect external LDFLAGS 3. LDFLAGS should be last linkage flags. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>	2015-03-13 13:34:25 +00:00
Manuel Pégourié-Gonnard	a06d7fe3fe	Avoid possible spurious warning with gcc -Os Outline: if( condition ) foo = value; /* stuff that does not change condition / if( condition ) / use foo / else / don't use foo */ For some reason, it appears to only kick in with -Os with gcc 4.9.3	2015-03-13 11:14:31 +00:00
Pascal Junod	b99183dfc6	Added more constant-time code and removed biases in the prime number generation routines.	2015-03-11 16:49:45 +01:00
Manuel Pégourié-Gonnard	b6b16bddc3	Drop pbkdf2 module (superseded by pkcs5)	2015-03-11 11:31:51 +00:00
Manuel Pégourié-Gonnard	f9c1387b9d	Drop POLARSSL_ERROR_STRERROR_BC	2015-03-11 10:59:38 +00:00
Manuel Pégourié-Gonnard	57a26da593	Merge branch 'mbedtls-1.3' into development * mbedtls-1.3: Use link-time garbage collection in memory.sh scripts/memory.sh only work on Linux Add missing 'const' on selftest data Use only headers for doxygen (no doc in C files) Add missing extern "C" guard in aesni.h Fix compile error with renego disabled Remove slow PKCS5 test Stop checking key-cert match systematically Make tests/*.sh runnable from anywhere Update visual C files	2015-03-11 10:30:21 +00:00
Manuel Pégourié-Gonnard	28122e4329	Add missing 'const' on selftest data	2015-03-11 09:13:42 +00:00
Manuel Pégourié-Gonnard	51bccd3889	Fix compile error with renego disabled	2015-03-10 16:09:08 +00:00
Manuel Pégourié-Gonnard	73ed39d4b1	Remove slow PKCS5 test	2015-03-10 15:59:22 +00:00
Manuel Pégourié-Gonnard	f427f8854a	Stop checking key-cert match systematically	2015-03-10 15:35:29 +00:00
Manuel Pégourié-Gonnard	69849f8595	Drop renego state from context if no renego support	2015-03-10 11:54:02 +00:00
Manuel Pégourié-Gonnard	d2b35ec3d3	Fix bug in no-renego option	2015-03-10 11:40:43 +00:00
Manuel Pégourié-Gonnard	9db41f0996	Refresh generated file	2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard	7f8099773e	Rename include directory to mbedtls	2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard	129db08c90	Rm polarssl compat targets from Makefiles	2015-03-10 11:23:56 +00:00
Manuel Pégourié-Gonnard	ed99d70309	Rename macro to avoid possible future collision	2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard	2f5a1b4e55	Rename SSL_RENEGOTIATION macro - new name is more explicit - avoids collision with POLARSSL_SSL_RENEGOTIATION config flag when prefixing will be applied	2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard	9b6699066e	Fix typos in macro names	2015-03-09 13:05:06 +00:00
Manuel Pégourié-Gonnard	e4d4890350	Finish renaming website	2015-03-06 13:40:52 +00:00
Manuel Pégourié-Gonnard	998897be3d	Merge branch 'mbedtls-1.3' into development * mbedtls-1.3: Rename website and repository Move private macro from header to C file Add some missing 'static' on a few objects Fix whitespace issues Minor portability fix in benchmark	2015-03-06 13:25:41 +00:00
Manuel Pégourié-Gonnard	fe44643b0e	Rename website and repository	2015-03-06 13:17:10 +00:00
Manuel Pégourié-Gonnard	1dd1674559	Move private macro from header to C file	2015-03-06 12:01:27 +00:00
Manuel Pégourié-Gonnard	385069f17d	Add some missing 'static' on a few objects	2015-03-06 12:01:27 +00:00
Manuel Pégourié-Gonnard	cabf4b83ab	Merge branch 'development' into dtls * development: Fix -fPIC when cross-compiling to windows	2015-02-18 18:14:53 +00:00
Manuel Pégourié-Gonnard	02ba5785bf	Fix -fPIC when cross-compiling to windows	2015-02-18 13:42:26 +00:00
Manuel Pégourié-Gonnard	4e41c99ed8	Merge branch 'development' into dtls * development: Avoid possible dangling pointers Conflicts: library/ssl_tls.c	2015-02-18 10:39:49 +00:00
Manuel Pégourié-Gonnard	f7db5e0a4a	Avoid possible dangling pointers If the allocation fails, we don't really want ssl->in_ctr = 8 lying around.	2015-02-18 10:32:41 +00:00
Manuel Pégourié-Gonnard	cd4cd1dd26	Merge branch 'development' into dtls * development: Fix the fix to ssl_set_psk() Update Changelog Finish fixing memleak in ssl_server2 arg parsing Fix another potential memory leak found by find-mem-leak.cocci. Add a rule for another type of memory leak to find-mem-leak.cocci. Fix a potential memory leak found by find-mem-leak.cocci. Add a semantic patch to find potential memory leaks. Fix whitespace of `369e6c20`. Apply the semantic patch rm-malloc-cast.cocci. Add a semantic patch to remove casts of malloc.	2015-02-18 10:25:16 +00:00
Manuel Pégourié-Gonnard	f45850c493	Fix the fix to ssl_set_psk() - possible for the first malloc to fail and the second to succeed - missing = NULL assignment	2015-02-18 10:23:52 +00:00
Manuel Pégourié-Gonnard	ac08b543db	Merge remote-tracking branch 'rasp/mem-leak' into development * rasp/mem-leak: Fix another potential memory leak found by find-mem-leak.cocci. Add a rule for another type of memory leak to find-mem-leak.cocci. Fix a potential memory leak found by find-mem-leak.cocci. Add a semantic patch to find potential memory leaks. Fix whitespace of `369e6c20`. Apply the semantic patch rm-malloc-cast.cocci. Add a semantic patch to remove casts of malloc. Conflicts: programs/ssl/ssl_server2.c	2015-02-18 10:07:22 +00:00
Mansour Moufid	f81088bb80	Fix a potential memory leak found by find-mem-leak.cocci.	2015-02-17 13:10:21 -05:00
Manuel Pégourié-Gonnard	b251a20a7e	Merge branch 'development' into dtls * development: Fix missing/misplaced #include's	2015-02-17 15:48:15 +00:00
Manuel Pégourié-Gonnard	981732bb8e	Fix missing/misplaced #include's	2015-02-17 15:47:31 +00:00
Manuel Pégourié-Gonnard	394608ee00	Fix misplaced includes	2015-02-17 15:20:11 +00:00
Manuel Pégourié-Gonnard	d901d17817	Merge branch 'development' into dtls * development: (100 commits) Update Changelog for the mem-measure branch Fix issues introduced when rebasing Fix compile error in memory_buffer_alloc_selftest Code cosmetics Add curve25519 to ecc-heap.sh Add curve25519 to the benchmark program Fix compile issue when buffer_alloc not available New script ecc-heap.sh Fix unused variable issue in some configs Rm usunused member in private struct Add heap usage for PK in benchmark Use memory_buffer_alloc() in benchmark if available Only define mode_func if mode is enabled (CBC etc) PKCS8 encrypted key depend on PKCS5 or PKCS12 Disable SRV_C for client measurement Output stack+heap usage with massif Enable NIST_OPTIM by default for config-suite-b Refactor memory.sh Adapt memory.sh to config-suite-b Adapt mini-client for config-suite-b.h ... Conflicts: ChangeLog include/polarssl/net.h library/Makefile library/error.c library/ssl_tls.c programs/Makefile programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c tests/Makefile	2015-02-16 18:44:39 +00:00
Manuel Pégourié-Gonnard	491a3fe057	Fix compile error in memory_buffer_alloc_selftest	2015-02-16 17:28:11 +00:00
Manuel Pégourié-Gonnard	0da7b040d1	Rm usunused member in private struct	2015-02-16 17:28:10 +00:00
Manuel Pégourié-Gonnard	50da0482e0	Add heap usage for PK in benchmark	2015-02-16 17:28:10 +00:00
Manuel Pégourié-Gonnard	b8ca723154	Only define mode_func if mode is enabled (CBC etc)	2015-02-16 17:23:59 +00:00
Manuel Pégourié-Gonnard	a2424a045a	PKCS8 encrypted key depend on PKCS5 or PKCS12	2015-02-16 17:22:47 +00:00
Manuel Pégourié-Gonnard	aff2976d10	Merge branch 'build' into development * build: build: make: support windows cross compile	2015-02-16 15:26:09 +00:00
Manuel Pégourié-Gonnard	09eb14c01e	Revert "Require unix-utils in path for windows make" This reverts commit `5d46cca09a`. In preparation of merging an external contribution that superseedes this Conflicts: ChangeLog	2015-02-16 15:25:31 +00:00
Manuel Pégourié-Gonnard	f812054d00	Revert "Replace SONAME with SOVERSION in makefile" This reverts commit `418080010a`. In preparation of merging one external contribution that supersedes this.	2015-02-16 15:24:17 +00:00
Mansour Moufid	99b9259f76	Fix whitespace of `369e6c20`.	2015-02-16 10:43:52 +00:00
Mansour Moufid	c531b4af3c	Apply the semantic patch rm-malloc-cast.cocci. for dir in library programs; do spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \ --in-place; done	2015-02-16 10:43:52 +00:00
Manuel Pégourié-Gonnard	d48bf6892c	Write literal byte more clearly	2015-02-16 09:13:40 +00:00
Manuel Pégourié-Gonnard	85fadb749c	Make loop bound more obvious Helps static analyzers and does not decrease human readability.	2015-02-16 09:13:40 +00:00
Manuel Pégourié-Gonnard	6fdc4cae53	Fix potential signedness issue	2015-02-16 09:13:40 +00:00
Mansour Moufid	bd1d44e251	Fix whitespace of `369e6c20`.	2015-02-15 17:51:07 -05:00
Mansour Moufid	369e6c20b3	Apply the semantic patch rm-malloc-cast.cocci. for dir in library programs; do spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \ --in-place; done	2015-02-15 17:49:11 -05:00
Alon Bar-Lev	18ba0cce8b	build: make: support windows cross compile Add WINDOWS_BUILD macro to enable Windows build on *NIX host. Add optional suffix for executables. Fix shared object suffix logic to support multiple suffixes. Fix soname handling to always match output. WINDOWS macro sets WINDOWS_BUILD. WINDOWS_BUILD sets .exe executable suffix. WINDOWS_BUILD shared mode creates dll import library. WINDOWS_BUILD shared mode link against dll. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>	2015-02-14 01:20:17 +02:00
Manuel Pégourié-Gonnard	0928640095	Update generated files	2015-02-13 15:18:33 +00:00
Manuel Pégourié-Gonnard	ac1f76c362	Merge remote-tracking branch 'rich/platform' into development * rich/platform: Remove dependency on sscanf in lib x509 Fix extra guard in memory_buffer_alloc rebase from development implemented macro overriding for polarssl_* library functions fix bug introduced by the addition of snprintf and assert macro which caused tests to fail without polarssl_platform_c defined add initial symbols to config and checks to check_config to allow use of macros to define standard functions reformat and arrange additions to config alphabetically add missing checks to check_config add macro definition of assert using polarssl_exit modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit add POLARSSL_PLATFORM_EXIT_ALT modify scripts/* and tests/* to use polarssl_snprintf modify programs/.c to use polarssl_snprintf modify library/debug.c to use polarssl_snprintf modify library/x509.c to use polarssl_snprintf modify library/net.c to use polarssl_snprintf modify oid.c to use polarssl_snprintf add platform_set_snprintf Conflicts: library/memory_buffer_alloc.c programs/pkey/pk_sign.c programs/pkey/pk_verify.c programs/pkey/rsa_sign_pss.c programs/pkey/rsa_verify_pss.c programs/ssl/ssl_client2.c programs/ssl/ssl_pthread_server.c programs/test/benchmark.c programs/test/ssl_cert_test.c	2015-02-13 15:11:24 +00:00
Rich Evans	7d5a55a365	Remove dependency on sscanf in lib x509	2015-02-13 13:50:26 +00:00
Rich Evans	c8ada6d410	Fix extra guard in memory_buffer_alloc	2015-02-13 13:50:26 +00:00
Rich Evans	77d3638497	modify library/memory_buffer_alloc.c, benchmark.c and the tests main code to use polarssl_exit	2015-02-13 13:50:26 +00:00
Rich Evans	c39cb4986b	add POLARSSL_PLATFORM_EXIT_ALT	2015-02-13 13:50:26 +00:00
Rich Evans	2387c7d105	modify library/debug.c to use polarssl_snprintf	2015-02-13 13:50:26 +00:00
Rich Evans	fac657fd52	modify library/x509*.c to use polarssl_snprintf	2015-02-13 13:50:25 +00:00
Rich Evans	a18b11f285	modify library/net.c to use polarssl_snprintf	2015-02-13 13:50:25 +00:00
Rich Evans	8f3a9436a9	modify oid.c to use polarssl_snprintf	2015-02-13 13:50:25 +00:00
Rich Evans	46b0a8d15a	add platform_set_snprintf	2015-02-13 13:50:25 +00:00
Rich Evans	36796df815	Added missing stdio in lib x509.c needed for sscanf	2015-02-13 13:50:05 +00:00
Rich Evans	d08a605dac	Remove platform guard in mem buffer alloc	2015-02-13 13:50:05 +00:00
Manuel Pégourié-Gonnard	3cfb34564f	Avoid warning from mingw for shared library	2015-02-13 13:34:08 +00:00
Manuel Pégourié-Gonnard	418080010a	Replace SONAME with SOVERSION in makefile - avoids duplication - fixes warning about redefined rule with WINDOWS=1	2015-02-13 13:15:13 +00:00
Manuel Pégourié-Gonnard	5d46cca09a	Require unix-utils in path for windows make	2015-02-13 12:02:45 +00:00
Manuel Pégourié-Gonnard	d72704b0d5	Remove work-around for alleged compiler bug It turns out the problem was with the way the reporter was invoking its toolchain, not the toolchain itself.	2015-02-12 09:38:54 +00:00
Manuel Pégourié-Gonnard	2ee8d24ca2	Simplify some constant-time code Some people recommend using bit operations to avoid the compiler producing a branch on `ret != 0`, but: - this makes the code less readable, - here I got a warning from some compilers about unsigned unary minus - and anyway modern compilers don't produce a branch here, checked on x64 and arm with various -O values.	2015-02-11 15:29:15 +00:00
Manuel Pégourié-Gonnard	06d7519697	Fix msvc warning	2015-02-11 14:54:11 +00:00
Manuel Pégourié-Gonnard	fba22fdc7e	Avoid warning from ar	2015-02-11 14:24:47 +00:00
Manuel Pégourié-Gonnard	6d71e4e6c3	Fix one more warning on windows	2015-02-11 12:54:35 +00:00
Manuel Pégourié-Gonnard	dda5213982	Fix harmless warnings with mingw in timing.c	2015-02-11 12:33:40 +00:00
Manuel Pégourié-Gonnard	38433535e3	Fix hardclock() with mingw64	2015-02-11 12:33:40 +00:00
Manuel Pégourié-Gonnard	a273371fc4	Fix "int vs enum" warnings from armcc v5 enumerated type mixed with another type	2015-02-10 17:34:48 +01:00
Manuel Pégourié-Gonnard	7f84905552	Fix two warnings from armcc v5 assignment in condition	2015-02-10 17:34:35 +01:00
Manuel Pégourié-Gonnard	45ec8da7e5	Fix missing include in i386-specific file	2015-02-10 13:50:47 +00:00
Manuel Pégourié-Gonnard	0c851ee1c8	Fix missing include in non-default things	2015-02-10 12:47:52 +00:00
Rich Evans	ce2f237697	change test function includes to use one convention	2015-02-10 11:28:46 +00:00
Rich Evans	00ab47026b	cleanup library and some basic tests. Includes, add guards to includes	2015-02-10 11:28:46 +00:00
Manuel Pégourié-Gonnard	f7d2bbaa62	Merge branch 'development' into dtls * development: Add missing guards for gnuTLS Prepare for mbed TLS 1.3.10 release Fix potential timing issue in RSA pms handling Conflicts: ChangeLog doxygen/input/doc_mainpage.h doxygen/mbedtls.doxyfile include/polarssl/version.h library/CMakeLists.txt library/ssl_srv.c tests/suites/test_suite_version.data visualc/VS2010/mbedTLS.vcxproj visualc/VS6/mbedtls.dsp visualc/VS6/mbedtls.dsw	2015-02-09 11:42:40 +00:00
Paul Bakker	daae3b749b	Prepare for mbed TLS 1.3.10 release	2015-02-08 15:49:54 +01:00
Peter Dettman	ce661b2cb8	Perf: rewrite of ecp_double_jac - Improve optimization for special case A == -3. - Add optimization for special case A == 0. - Use alternative base formula, saving several additions. - Reduce temp variables to 4 (from 6).	2015-02-07 14:43:51 +07:00
Manuel Pégourié-Gonnard	6674cce892	Fix potential timing issue in RSA pms handling	2015-02-06 11:36:56 +00:00
Manuel Pégourié-Gonnard	4eaf8f02bb	Merge branch 'development' into dtls * development: Support composite RDNs in X.509 certs parsing	2015-02-05 11:01:37 +00:00
Manuel Pégourié-Gonnard	555fbf8758	Support composite RDNs in X.509 certs parsing	2015-02-04 17:11:55 +00:00
Manuel Pégourié-Gonnard	3d2c4b70f2	Fix url in new files	2015-01-29 11:34:14 +00:00
Manuel Pégourié-Gonnard	2a0718d947	Merge branch 'development' into dtls * development: (46 commits) Fix url again Fix small bug in base64_encode() Fix depend that was checked but not documented Fix dependency that was not checked Minor gitginore fixes Move some ignore patterns to subdirectories Ignore CMake/MSVC-related build files. Re-categorize changelog entry Fix misattribution Minor nits with stdout/stderr. Add cmake compatibility targets Add script for polarssl symlink creation Fix more stdio inclusion issues Add debug info for cert/suite selection Fix possible portability issue Fix bug in ssl_get_verify_result() aescrypt2.c local char array not initial Update Changelog Fix mips64 bignum implementation Fix usage string of ssl_client2 ... Conflicts: include/polarssl/ssl.h library/CMakeLists.txt library/Makefile programs/Makefile programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c visualc/VS2010/PolarSSL.sln visualc/VS2010/mbedTLS.vcxproj visualc/VS6/mbedtls.dsp visualc/VS6/mbedtls.dsw	2015-01-29 11:29:12 +00:00
Manuel Pégourié-Gonnard	860b51642d	Fix url again	2015-01-28 17:12:07 +00:00
Manuel Pégourié-Gonnard	65fc6a886a	Fix small bug in base64_encode()	2015-01-28 16:49:26 +00:00
Manuel Pégourié-Gonnard	78dbeeffd3	Minor gitginore fixes	2015-01-28 15:34:01 +00:00
Manuel Pégourié-Gonnard	3f738ca40a	Move some ignore patterns to subdirectories	2015-01-28 15:33:23 +00:00
Manuel Pégourié-Gonnard	2a9c8b62bf	Add cmake compatibility targets	2015-01-28 15:21:25 +00:00
Manuel Pégourié-Gonnard	7cbe1318d8	Fix more stdio inclusion issues	2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard	607d663b41	Add debug info for cert/suite selection	2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard	ceedb8292e	Fix possible portability issue The & 0xFF should not be necessary on platforms with 8-bit chars, but one user reported having problems with his compiler on such a platform.	2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard	e89163c0a8	Fix bug in ssl_get_verify_result()	2015-01-28 15:28:30 +01:00
Manuel Pégourié-Gonnard	e94e6e5b9c	Fix stdio (non-)inclusion issues.	2015-01-28 15:28:28 +01:00
Manuel Pégourié-Gonnard	9014b6f227	Rename project in CMake TODO: to create symlinks to the old names!	2015-01-27 15:44:46 +00:00
Manuel Pégourié-Gonnard	145422f74d	Make now creates libmbedtls.so with polarssl link	2015-01-27 11:36:50 +01:00
Manuel Pégourié-Gonnard	04a81d5c65	Fix issue in previous commit Even with shared we need to build the static library since programs are using it.	2015-01-27 11:36:41 +01:00
Manuel Pégourié-Gonnard	acdb9b9525	Fix unchecked error code on Windows	2015-01-23 17:50:34 +00:00
Manuel Pégourié-Gonnard	cfa9a45dd6	Rename in cmake help strings	2015-01-23 13:33:31 +00:00
Manuel Pégourié-Gonnard	c26a092b50	Rename static lib name with make	2015-01-23 12:57:33 +00:00
Manuel Pégourié-Gonnard	c5d68e5b70	Fix dependency declaration	2015-01-23 12:37:21 +00:00
Manuel Pégourié-Gonnard	dba564bc79	Fix files that are not in development	2015-01-23 11:37:14 +00:00
Manuel Pégourié-Gonnard	df6411d8d8	Merge branch 'development' into dtls * development: Fix website url to use https. Remove maintainer line. Remove redundant "all rights reserved"	2015-01-23 11:23:08 +00:00
Manuel Pégourié-Gonnard	085ab040aa	Fix website url to use https.	2015-01-23 11:06:27 +00:00
Manuel Pégourié-Gonnard	9698f5852c	Remove maintainer line.	2015-01-23 10:59:00 +00:00
Manuel Pégourié-Gonnard	19f6b5dfaa	Remove redundant "all rights reserved"	2015-01-23 10:54:00 +00:00
Manuel Pégourié-Gonnard	a34aa70b23	Update version_features	2015-01-23 10:27:36 +00:00
Manuel Pégourié-Gonnard	177b73045a	Regenerate version_features	2015-01-23 10:26:11 +00:00
Manuel Pégourié-Gonnard	eab72e2ced	Merge branch 'development' into dtls * development: Update copyright Fix issue in compat.sh Rename doxyfile Rename to mbed TLS in tests/ Rename to mbed TLS in examples Remove old test certificates. Rename to mbed TLS in the documentation/comments Change name to mbed TLS in the copyright notice Conflicts: doxygen/input/doc_mainpage.h doxygen/mbedtls.doxyfile include/polarssl/version.h tests/compat.sh	2015-01-23 10:23:17 +00:00
Manuel Pégourié-Gonnard	a658a4051b	Update copyright	2015-01-23 09:55:24 +00:00
Manuel Pégourié-Gonnard	b4fe3cb1fa	Rename to mbed TLS in the documentation/comments	2015-01-22 16:11:05 +00:00
Manuel Pégourié-Gonnard	967a2a5f8c	Change name to mbed TLS in the copyright notice	2015-01-22 14:28:16 +00:00
Manuel Pégourié-Gonnard	3a173f497b	Merge branch 'development' into dtls * development: Fix error code description. generate_errors.pl now errors on duplicate codes Avoid nested if's without braces. Move renego SCSV after actual ciphersuites Fix send_close_notify usage. Rename variable for clarity Improve script portability Conflicts: library/ssl_srv.c programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c tests/ssl-opt.sh	2015-01-22 13:30:33 +00:00
Manuel Pégourié-Gonnard	11c919208d	Fix error code description.	2015-01-22 13:22:12 +00:00
Manuel Pégourié-Gonnard	59c6f2ef21	Avoid nested if's without braces. Creates a potential for confusing code if we later want to add an else clause.	2015-01-22 11:06:40 +00:00
Manuel Pégourié-Gonnard	5d9cde25da	Move renego SCSV after actual ciphersuites	2015-01-22 10:49:41 +00:00
Manuel Pégourié-Gonnard	67505bf9e8	Merge branch 'development' into dtls * development: Adapt tests to new defaults/errors. Fix typos/cosmetics in Changelog Disable RC4 by default in example programs. Add ssl_set_arc4_support() Set min version to TLS 1.0 in programs Conflicts: include/polarssl/ssl.h library/ssl_cli.c library/ssl_srv.c tests/compat.sh	2015-01-21 13:57:33 +00:00
Manuel Pégourié-Gonnard	bfccdd3c92	Merge commit '36adc36' into dtls * commit '36adc36': Add support for getrandom() Use library default for trunc-hmac in ssl_client2 Make truncated hmac a runtime option server-side Fix portability issue in script Specific error for suites in common but none good Prefer SHA-1 certificates for pre-1.2 clients Some more refactoring/tuning. Minor refactoring Conflicts: include/polarssl/error.h include/polarssl/ssl.h library/error.c	2015-01-21 13:48:45 +00:00
Manuel Pégourié-Gonnard	0017c2be48	Merge commit '9835bc0' into dtls * commit '9835bc0': Fix racy test. Fix stupid error in previous commit Don't check errors on ssl_close_notify() Fix char signedness issue Fix issue with non-blocking I/O & record splitting Fix warning Conflicts: programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c	2015-01-21 13:42:16 +00:00
Manuel Pégourié-Gonnard	8fbb01ec84	Merge commit 'b2eaac1' into dtls * commit 'b2eaac1': Stop assuming chars are signed Add tests for CBC record splitting Fix tests that were failing with record splitting Allow disabling record splitting at runtime Add 1/n-1 record splitting Enhance doc on ssl_write() Conflicts: include/polarssl/ssl.h programs/ssl/ssl_client2.c programs/ssl/ssl_server2.c	2015-01-21 13:37:08 +00:00
Manuel Pégourié-Gonnard	b89c4f35a1	Fixes for the renego-option merge	2015-01-21 13:24:10 +00:00
Manuel Pégourié-Gonnard	0af1ba3521	Merge commit 'f6080b8' into dtls * commit 'f6080b8': Fix warning in reduced configs Adapt to "negative" switch for renego Add tests for periodic renegotiation Make renego period configurable Auto-renegotiate before sequence number wrapping Update Changelog for compile-option renegotiation Switch from an enable to a disable flag Save 48 bytes if SSLv3 is not defined Make renegotiation a compile-time option Add tests for renego security enforcement Conflicts: include/polarssl/ssl.h library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c programs/ssl/ssl_server2.c tests/ssl-opt.sh	2015-01-21 11:54:33 +00:00
Manuel Pégourié-Gonnard	edb7ed3a43	Merge commit 'd7e2483' into dtls * commit 'd7e2483': (57 commits) Skip signature_algorithms ext if PSK only Fix bug in ssl_client2 reconnect option Cosmetics in ssl_server2 Improve debugging message. Fix net_usleep for durations greater than 1 second Use pk_load_file() in X509 Create ticket keys only if enabled Fix typo in #ifdef Clarify documentation a bit Fix comment on resumption Update comment from draft to RFC Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c Add recursion.pl to all.sh Allow x509_crt_verify_child() in recursion.pl Set a compile-time limit to X.509 chain length Fix 3DES -> DES in all.sh (+ time estimates) Add curves.pl to all.sh Rework all.sh to use MSan instead of valgrind Fix depends on individual curves in tests Add script to test depends on individual curves ... Conflicts: CMakeLists.txt programs/ssl/ssl_client2.c	2015-01-20 16:52:28 +00:00
Manuel Pégourié-Gonnard	f9c8a606b5	Merge commit '8b9bcec' into dtls * commit '8b9bcec': Stop assuming chars are signed Fix len miscalculation in buffer-based allocator Fix NULL dereference in buffer-based allocator Add test_suite_memory_buffer_alloc Add memory_buffer_alloc_self_test() Fix missing bound check Add test for ctr_drbg_update() input sanitizing Refactor for clearer correctness/security Stop assuming chars are signed Conflicts: library/ssl_tls.c	2015-01-20 16:38:39 +00:00
Paul Bakker	5b8f7eaa3e	Merge new security defaults for programs (RC4 disabled, SSL3 disabled)	2015-01-14 16:26:54 +01:00
Paul Bakker	36adc3631c	Merge support for getrandom() call	2015-01-14 16:19:59 +01:00
Paul Bakker	c82b7e2003	Merge option to disable truncated hmac on the server-side	2015-01-14 16:16:55 +01:00
Paul Bakker	e522d0fa57	Merge smarter certificate selection for pre-TLS-1.2 clients	2015-01-14 16:12:48 +01:00
Manuel Pégourié-Gonnard	a852cf4833	Fix issue with non-blocking I/O & record splitting	2015-01-13 20:56:15 +01:00
Manuel Pégourié-Gonnard	d5746b36f9	Fix warning	2015-01-13 20:33:24 +01:00
Paul Bakker	f3561154ff	Merge support for 1/n-1 record splitting	2015-01-13 16:31:34 +01:00
Paul Bakker	f6080b8557	Merge support for enabling / disabling renegotiation support at compile-time	2015-01-13 16:18:23 +01:00
Paul Bakker	d7e2483bfc	Merge miscellaneous fixes into development	2015-01-13 16:04:38 +01:00
Manuel Pégourié-Gonnard	5dd28ea432	Fix len miscalculation in buffer-based allocator	2015-01-13 14:58:01 +01:00
Manuel Pégourié-Gonnard	547ff6618f	Fix NULL dereference in buffer-based allocator	2015-01-13 14:58:01 +01:00
Manuel Pégourié-Gonnard	5ba1d52f96	Add memory_buffer_alloc_self_test()	2015-01-13 14:58:00 +01:00
Manuel Pégourié-Gonnard	5cb4b31057	Fix missing bound check	2015-01-13 14:58:00 +01:00
Manuel Pégourié-Gonnard	bd47a58221	Add ssl_set_arc4_support() Rationale: if people want to disable RC4 but otherwise keep the default suite list, it was cumbersome. Also, since it uses a global array, ssl_list_ciphersuite() is not a convenient place. So the SSL modules look like the best place, even if it means temporarily adding one SSL setting.	2015-01-13 13:03:06 +01:00
Manuel Pégourié-Gonnard	352143fa1e	Refactor for clearer correctness/security	2015-01-13 12:02:55 +01:00
Manuel Pégourié-Gonnard	f3c500fe47	Fix bug on OS X (BSD?) in net_accept() for UDP	2015-01-12 19:02:15 +01:00
Manuel Pégourié-Gonnard	18292456c5	Add support for getrandom()	2015-01-09 14:34:13 +01:00
Manuel Pégourié-Gonnard	e117a8fc0d	Make truncated hmac a runtime option server-side Reading the documentation of ssl_set_truncated_hmac() may give the impression I changed the default for clients but I didn't, the old documentation was wrong.	2015-01-09 12:52:20 +01:00
Manuel Pégourié-Gonnard	f01768c55e	Specific error for suites in common but none good	2015-01-08 17:06:16 +01:00
Manuel Pégourié-Gonnard	df331a55d2	Prefer SHA-1 certificates for pre-1.2 clients	2015-01-08 16:43:07 +01:00
Manuel Pégourié-Gonnard	6458e3b743	Some more refactoring/tuning.	2015-01-08 14:16:56 +01:00
Manuel Pégourié-Gonnard	846ba473af	Minor refactoring	2015-01-08 13:54:38 +01:00
Manuel Pégourié-Gonnard	cfa477ef2f	Allow disabling record splitting at runtime	2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard	d76314c44c	Add 1/n-1 record splitting	2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard	d94232389e	Skip signature_algorithms ext if PSK only	2014-12-02 11:57:29 +01:00
Manuel Pégourié-Gonnard	eaecbd3ba8	Fix warning in reduced configs	2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard	837f0fe831	Make renego period configurable	2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard	b445805283	Auto-renegotiate before sequence number wrapping	2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard	6186019d5d	Save 48 bytes if SSLv3 is not defined	2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard	615e677c0b	Make renegotiation a compile-time option	2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard	60346be2a3	Improve debugging message. This actually prints only the payload, not the potential IV and/or MAC, so (to me at least) it's much less confusing	2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard	e423246e7f	Fix net_usleep for durations greater than 1 second	2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard	9439f93ea4	Use pk_load_file() in X509 Saves a bit of ROM. X509 depends on PK anyway.	2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard	2457fa0915	Create ticket keys only if enabled	2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard	d16d1cb96a	Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c	2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard	fd6c85c3eb	Set a compile-time limit to X.509 chain length	2014-11-20 16:37:41 +01:00
Manuel Pégourié-Gonnard	6ed2d92629	Make x509_crl_parse() iterative	2014-11-20 16:36:07 +01:00
Manuel Pégourié-Gonnard	426d4ae7ff	Split x509_crl_parse_der() out of x509_crl_parse()	2014-11-20 16:36:07 +01:00
Manuel Pégourié-Gonnard	8c9223df84	Add text view to debug_print_buf()	2014-11-19 13:21:38 +01:00
Manuel Pégourié-Gonnard	0975ad928d	Merge branch 'etm' into dtls * etm: Fix some more warnings in reduced configs Fix typo causing MSVC errors	2014-11-17 15:07:17 +01:00
Manuel Pégourié-Gonnard	8e4b3374d7	Fix some more warnings in reduced configs	2014-11-17 15:06:13 +01:00
Manuel Pégourié-Gonnard	98aa19148c	Adjust warnings in different modes	2014-11-14 16:45:48 +01:00
Manuel Pégourié-Gonnard	e5b0fc1847	Make malloc-init script a bit happier	2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard	f631bbc1da	Make x509_string_cmp() iterative	2014-11-13 12:42:06 +01:00
Manuel Pégourié-Gonnard	8a5e3d4a40	Forbid repeated X.509 extensions	2014-11-12 18:13:58 +01:00
Manuel Pégourié-Gonnard	d681443f69	Fix potential stack overflow	2014-11-12 01:25:31 +01:00
Manuel Pégourié-Gonnard	b134060f90	Fix memory leak with crafted X.509 certs	2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard	0369a5291b	Fix uninitialised pointer dereference	2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard	e959979621	Fix ECDSA sign buffer size	2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard	b31b61b9e8	Fix potential undefined behaviour in Camellia	2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard	7c13d69cb5	Fix dependency issues	2014-11-12 00:01:34 +01:00
Manuel Pégourié-Gonnard	a1efcb084f	Implement pk_check_pair() for RSA-alt	2014-11-08 18:00:22 +01:00
Manuel Pégourié-Gonnard	27e3edbe2c	Check key/cert pair in ssl_set_own_cert()	2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard	70bdadf54b	Add pk_check_pair()	2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard	30668d688d	Add ecp_check_pub_priv()	2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard	2f8d1f9fc3	Add rsa_check_pub_priv()	2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard	e10e06d863	Blind RSA operations even without CRT	2014-11-06 18:25:44 +01:00
Manuel Pégourié-Gonnard	d056ce0e3e	Use seq_num as AEAD nonce by default	2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard	f9d778d635	Merge branch 'etm' into dtls * etm: Fix warning in reduced config Update Changelog for EtM Keep EtM state across renegotiations Adjust minimum length for EtM Don't send back EtM extension if not using CBC Fix for the RFC erratum Implement EtM Preparation for EtM Implement initial negotiation of EtM Conflicts: include/polarssl/check_config.h	2014-11-06 01:36:32 +01:00
Manuel Pégourié-Gonnard	56d985d0a6	Merge branch 'session-hash' into dtls * session-hash: Update Changelog for session-hash Make session-hash depend on TLS versions Forbid extended master secret with SSLv3 compat.sh: allow git version of gnutls compat.sh: make options a bit more robust Implement extended master secret Add negotiation of Extended Master Secret Conflicts: include/polarssl/check_config.h programs/ssl/ssl_server2.c	2014-11-06 01:25:09 +01:00
Manuel Pégourié-Gonnard	9d7821d774	Fix warning in reduced config	2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard	fedba98ede	Merge branch 'fb-scsv' into dtls * fb-scsv: Update Changelog for FALLBACK_SCSV Implement FALLBACK_SCSV server-side Implement FALLBACK_SCSV client-side	2014-11-05 16:12:09 +01:00
Manuel Pégourié-Gonnard	1a03473576	Keep EtM state across renegotiations	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	b575b54cb9	Forbid extended master secret with SSLv3	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	169dd6a514	Adjust minimum length for EtM	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	78e745fc0a	Don't send back EtM extension if not using CBC	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	08558e5b46	Fix for the RFC erratum	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	313d796e80	Implement EtM	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	0098e7dc70	Preparation for EtM	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	699cafaea2	Implement initial negotiation of EtM Not implemented yet: - actually using EtM - conditions on renegotiation	2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard	01b2699198	Implement FALLBACK_SCSV server-side	2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard	ada3030485	Implement extended master secret	2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard	1cbd39dbeb	Implement FALLBACK_SCSV client-side	2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard	367381fddd	Add negotiation of Extended Master Secret (But not the actual thing yet.)	2014-11-05 16:00:49 +01:00
Paul Bakker	f2a459df05	Preparation for PolarSSL 1.4.0	2014-10-21 16:40:54 +02:00
Manuel Pégourié-Gonnard	6b875fc7e5	Fix potential memory leak (from clang-analyzer)	2014-10-21 16:33:00 +02:00
Manuel Pégourié-Gonnard	df3acd82e2	Limit HelloRequest retransmission if not enforced	2014-10-21 16:32:58 +02:00
Manuel Pégourié-Gonnard	26a4cf63ec	Add retransmission of HelloRequest	2014-10-21 16:32:57 +02:00
Manuel Pégourié-Gonnard	74a1378175	Avoid false positive in ssl-opt.sh with memcheck	2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard	8e704f0f74	DTLS depends on TIMING_C for now	2014-10-21 16:32:56 +02:00
Manuel Pégourié-Gonnard	b0643d152d	Add ssl_set_dtls_badmac_limit()	2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard	9b35f18f66	Add ssl_get_record_expansion()	2014-10-21 16:32:55 +02:00
Manuel Pégourié-Gonnard	37e08e1689	Fix max_fragment_length with DTLS	2014-10-21 16:32:53 +02:00
Manuel Pégourié-Gonnard	23cad339c4	Fail cleanly on unhandled case	2014-10-21 16:32:52 +02:00
Manuel Pégourié-Gonnard	fc572dd4f6	Retransmit only on last message from prev flight Be a good network citizen, try to avoid causing congestion by causing a retransmission explosion.	2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard	8a7cf2543a	Add a few #ifdefs	2014-10-21 16:32:51 +02:00
Manuel Pégourié-Gonnard	ba958b8bdc	Add test for server-initiated renego Just assuming the HelloRequest isn't lost for now	2014-10-21 16:32:50 +02:00
Manuel Pégourié-Gonnard	46fb942046	Fix warning about function that should be static	2014-10-21 16:32:49 +02:00
Manuel Pégourié-Gonnard	f1e9b09a0c	Fix missing #ifdef's	2014-10-21 16:32:48 +02:00
Manuel Pégourié-Gonnard	4e2f245752	Fix timer issues - timer not firing when constantly receiving bad messages - timer not reset on failed reads - timer incorrectly restarted on resend during read	2014-10-21 16:32:47 +02:00
Manuel Pégourié-Gonnard	df9a0a8460	Drop unexpected ApplicationData This is likely to happen on resumption if client speaks first at the application level.	2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard	6b65141718	Implement ssl_read() timeout (DTLS only for now)	2014-10-21 16:32:46 +02:00
Manuel Pégourié-Gonnard	2707430a4d	Fix types and comments about read_timeout	2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard	6c1fa3a184	Fix misplaced initialisation of timeout	2014-10-21 16:32:45 +02:00
Manuel Pégourié-Gonnard	c8d8e97cbd	Move to milliseconds in recv_timeout()	2014-10-21 16:32:44 +02:00
Manuel Pégourié-Gonnard	905dd2425c	Add ssl_set_handshake_timeout()	2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard	0ac247fd88	Implement timeout back-off (fixed range for now)	2014-10-21 16:32:43 +02:00
Manuel Pégourié-Gonnard	579950c2bb	Fix bug with non-blocking I/O and cookies	2014-10-21 16:32:42 +02:00
Manuel Pégourié-Gonnard	7de3c9eecb	Count timeout per flight, not per message	2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard	db2858ce96	Preparation for timers Currently directly using timing.c, plan to use callbacks later to loosen coupling, but first just get things working.	2014-10-21 16:32:41 +02:00
Manuel Pégourié-Gonnard	08a1d4bce1	Fix bug with client auth with DTLS	2014-10-21 16:32:39 +02:00
Manuel Pégourié-Gonnard	23b7b703aa	Fix issue with renego & resend	2014-10-21 16:32:38 +02:00
Manuel Pégourié-Gonnard	f03c7aa469	Add replay detection in parse_client_hello()	2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard	2739313cea	Make anti-replay a runtime option	2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard	8464a46b6b	Make DTLS_ANTI_REPLAY depends on PROTO_DTLS	2014-10-21 16:32:35 +02:00
Manuel Pégourié-Gonnard	246c13a05f	Fix epoch checking	2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard	b47368a00a	Add replay detection	2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard	4956fd7437	Test and fix anti-replay functions	2014-10-21 16:32:34 +02:00
Manuel Pégourié-Gonnard	7a7e140d4e	Add functions for replay protection	2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard	ea22ce577e	Rm unneeded counter increment with DTLS	2014-10-21 16:32:33 +02:00
Manuel Pégourié-Gonnard	abf16240dd	Add ability to resend last flight	2014-10-21 16:32:31 +02:00
Manuel Pégourié-Gonnard	cd32a50d67	Fix NewSesssionTicket vs ChangeCipherSpec bug Since we were cheating on state, ssl_read_record() wasn't able to drop out-of-sequence ChangeCipherSpec messages. Cheat a bit less.	2014-10-21 16:32:31 +02:00
Manuel Pégourié-Gonnard	767c69561b	Drop out-of-sequence ChangeCipherSpec messages	2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard	93017de47e	Minor optim: don't resend on duplicated HVR	2014-10-21 16:32:29 +02:00
Manuel Pégourié-Gonnard	c715aed744	Fix epoch swapping	2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard	6a2bdfaf73	Actually resend flights	2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard	5d8ba53ace	Expand and fix resend infrastructure	2014-10-21 16:32:28 +02:00
Manuel Pégourié-Gonnard	ffa67be698	Infrastructure for buffering & resending flights	2014-10-21 16:32:27 +02:00
Manuel Pégourié-Gonnard	9d9b003a9a	Add net_recv_timeout()	2014-10-21 16:32:26 +02:00
Manuel Pégourié-Gonnard	8fa6dfd560	Introduce f_recv_timeout callback	2014-10-21 16:32:26 +02:00
Manuel Pégourié-Gonnard	e6bdc4497c	Merge I/O contexts into one	2014-10-21 16:32:25 +02:00
Manuel Pégourié-Gonnard	f4acfe1808	Document previous API changes in this branch	2014-10-21 16:32:23 +02:00
Manuel Pégourié-Gonnard	d92d6a1b5b	ssl_parse_server_key_exchange() cleanups	2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard	5ee96546de	Add length checks in parse_certificate_verify()	2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard	72226214b1	Merge checks in ssl_parse_certificate_verify()	2014-10-21 16:30:32 +02:00
Manuel Pégourié-Gonnard	ca6440b246	Small cleanups in parse_finished()	2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard	624bcb5260	No memmove: done, rm temporary things	2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard	000d5aec13	No memmove: parse_new_session_ticket()	2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard	0b3400dafa	No memmove: ssl_parse_server_hello()	2014-10-21 16:30:31 +02:00
Manuel Pégourié-Gonnard	069eb79043	No memmove: ssl_parse_hello_verify_request()	2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard	04c1b4ece1	No memmove: certificate_request + server_hello_done	2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard	f4830b5092	No memmove: ssl_parse_server_key_exchange()	2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard	4528f3f5c0	No memmove: parse_certificate_verify()	2014-10-21 16:30:30 +02:00
Manuel Pégourié-Gonnard	2114d724dc	No memmove: ssl_parse_client_key_exchange()	2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard	f49a7daa1a	No memmove: ssl_parse_certificate()	2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard	4abc32734e	No memmove: ssl_parse_finished()	2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard	f899583f94	Prepare moving away from memmove() on incoming HS	2014-10-21 16:30:29 +02:00
Manuel Pégourié-Gonnard	4a1753657c	Fix missing return in error check	2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard	19d438f4ff	Get rid of memmove for DTLS in parse_client_hello()	2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard	63eca930d7	Drop invalid records with DTLS	2014-10-21 16:30:28 +02:00
Manuel Pégourié-Gonnard	167a37632d	Split two functions out of ssl_read_record()	2014-10-21 16:30:27 +02:00
Manuel Pégourié-Gonnard	990f9e428a	Handle late handshake messages gracefully	2014-10-21 16:30:26 +02:00
Manuel Pégourié-Gonnard	60ca5afaec	Drop records from wrong epoch	2014-10-21 16:30:25 +02:00
Manuel Pégourié-Gonnard	1aa586e41d	Check handshake message_seq field	2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard	9d1d7196e4	Check length before reading handshake header	2014-10-21 16:30:24 +02:00
Manuel Pégourié-Gonnard	d9ba0d96b6	Prepare for checking incoming handshake seqnum	2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard	ac03052f22	Fix segfault with some very short fragments	2014-10-21 16:30:23 +02:00
Manuel Pégourié-Gonnard	64dffc5d14	Make handshake reassembly work with openssl	2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard	502bf30fb5	Handle reassembly of handshake messages Works only with GnuTLS for now, OpenSSL packs other records in the same datagram after the last fragmented one, which we don't handle yet. Also, ssl-opt.sh fails the tests with valgrind for now: we're so slow with valgrind that gnutls-serv retransmits some messages, and we don't handle duplicated messages yet.	2014-10-21 16:30:22 +02:00
Manuel Pégourié-Gonnard	ed79a4bb14	Prepare for DTLS handshake reassembly	2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard	edcbe549fd	Reorder checks in ssl_read_record	2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard	0557bd5fa4	Fix message_seq with server-initiated renego	2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard	c392b240c4	Fix server-initiated renegotiation with DTLS	2014-10-21 16:30:21 +02:00
Manuel Pégourié-Gonnard	30d16eb429	Fix client-initiated renegotiation with DTLS	2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard	b35fe5638a	Fix HelloVerifyRequest version handling	2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard	562eb787ec	Add and use POLARSSL_ERR_SSL_BUFFER_TOO_SMALL	2014-10-21 16:30:20 +02:00
Manuel Pégourié-Gonnard	bef8f09899	Make cookie timeout configurable	2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard	e90308178f	Add timestamp/serial to cookies, with timeout	2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard	445a1ec6cd	Change internal names	2014-10-21 16:30:19 +02:00
Manuel Pégourié-Gonnard	29ad7e8fc0	Add check for missing ssl_set_client_transport_id()	2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard	a64acd4f84	Add separate SSL_COOKIE_C define	2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard	7d38d215b1	Allow disabling HelloVerifyRequest	2014-10-21 16:30:18 +02:00
Manuel Pégourié-Gonnard	e4de06145a	Fix cookie context usage	2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard	232edd46be	Move cookie callbacks implementation to own module	2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard	d485d194f9	Move to a callback interface for DTLS cookies	2014-10-21 16:30:17 +02:00
Manuel Pégourié-Gonnard	d7f9bc5091	Refactor cookie to prepare for external callbacks Also adds flexibility to the verification process.	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	82202f0a9c	Make DTLS_HELLO_VERIFY a compile option	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	98545f128a	Generate random key for HelloVerifyRequest	2014-10-21 16:30:16 +02:00
Manuel Pégourié-Gonnard	dd3cdb0fbc	Start using client IP in HelloVerifyRequest Dummy fixed key for now.	2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard	43c021874d	Add ssl_set_client_transport_id()	2014-10-21 16:30:15 +02:00
Manuel Pégourié-Gonnard	fb2d22371f	Reuse random when responding to a verify request	2014-10-21 16:30:14 +02:00
Manuel Pégourié-Gonnard	b760f001d7	Extract generate client random to a function	2014-10-21 16:30:14 +02:00
Manuel Pégourié-Gonnard	2c9ee81f6e	Start adding srv support for hello verify request Dummy fixed content for now. Also, seems to be a race condition in the way the socket is closed and reopened, leading to a few "random" failures in compat.sh. A fix is planned for later.	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	a0e1632b79	Do not use compression with DTLS	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	5d53cbef3a	Fix length check in ssl_write_ticket()	2014-10-21 16:30:13 +02:00
Manuel Pégourié-Gonnard	879a4f9623	Abort on DTLS epoch wrap	2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard	805e2300af	Fix error message and return code	2014-10-21 16:30:12 +02:00
Manuel Pégourié-Gonnard	67427c07b2	Fix checksum computation with HelloVerifyRequest	2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard	74848811b4	Implement HelloVerifyRequest on client	2014-10-21 16:30:11 +02:00
Manuel Pégourié-Gonnard	b2f3be8757	Support multiple records in one datagram	2014-10-21 16:30:10 +02:00
Manuel Pégourié-Gonnard	34c1011b3d	Fix a few warnings in reduced configs	2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard	fe98aceb70	Adapt ssl_fetch_input() for UDP	2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard	f5a1312eaa	Add UDP support to the NET module	2014-10-21 16:30:09 +02:00
Manuel Pégourié-Gonnard	d6b721c7ee	More ssl_parse_client_hello() adjustments	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	4128aa71ee	Add the 'cookie' field of DTLS ClientHello	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	8933a65d5c	Rework ssl_parse_client_hello() a bit - make it more linear - check lengths better - prepare for optional "cookie" field	2014-10-21 16:30:08 +02:00
Manuel Pégourié-Gonnard	e89bcf05da	Write new DTLS handshake fields correctly	2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard	ce441b3442	Add space for new DTLS fields in handshake	2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard	a59543af30	Minor refactoring in ssl_read_record()	2014-10-21 16:30:07 +02:00
Manuel Pégourié-Gonnard	f302fb52e1	Fix hmac computation for DTLS	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	5afb167e2c	Implement DTLS epochs	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	0619348288	Add explicit counter in DTLS record header	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	507e1e410a	Prep: allow {in,out}_len != {in,out}_hdr + 3	2014-10-21 16:30:06 +02:00
Manuel Pégourié-Gonnard	7ee6f0e6e5	Preparation: allow {in,out}_ctr != {in,out}_buf	2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard	abc7e3b4ba	Handle DTLS version encoding and fix some checks	2014-10-21 16:30:05 +02:00
Manuel Pégourié-Gonnard	864a81fdc0	More ssl_set_XXX() functions can return BAD_INPUT	2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard	b21ca2a69f	Adapt version-handling functions to DTLS	2014-10-21 16:30:04 +02:00
Manuel Pégourié-Gonnard	d66645130c	Add a ciphersuite NODTLS flag	2014-10-21 16:30:03 +02:00
Manuel Pégourié-Gonnard	0b1ff29328	Add basic flags for DTLS	2014-10-21 16:30:03 +02:00
Paul Bakker	82788fb63b	Fix minor style issues	2014-10-20 13:59:19 +02:00
Paul Bakker	9eac4f7c4e	Prepare for release 1.3.9	2014-10-20 13:56:15 +02:00
Manuel Pégourié-Gonnard	f7cdbc0e87	Fix potential bad read of length	2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard	ef9a6aec51	Allow comparing name with mismatched encodings	2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard	88421246d8	Rename a function	2014-10-17 12:42:30 +02:00
Manuel Pégourié-Gonnard	43c3b28ca6	Fix memory leak with crafted ClientHello	2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard	5d8618539f	Fix memory leak while parsing some X.509 certs	2014-10-17 12:41:41 +02:00
Manuel Pégourié-Gonnard	64938c63f0	Accept spaces at end of line/buffer in base64	2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard	7f4ed67a97	Fix compile error with armcc in mpi_is_prime()	2014-10-15 22:06:46 +02:00
Paul Bakker	5a5fa92bfe	x509_crt_parse() did not increase total_failed on PEM error Result was that PEM errors in files with multiple certificates were not detectable by the user.	2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard	480905d563	Fix selection of hash from sig_alg ClientHello ext.	2014-08-30 14:19:59 +02:00
Sander Niemeijer	ef5087d150	Added explicit casts to prevent compiler warnings when trying to build for iOS	2014-08-21 23:48:14 +02:00
Manuel Pégourié-Gonnard	8ef7088bb9	Use polarssl_zeroize() in asn1parse too	2014-08-21 18:15:09 +02:00
Peter Vaskovic	a676acf66b	Fix missing curly braces.	2014-08-21 17:56:25 +02:00
Manuel Pégourié-Gonnard	a13500fdf7	Fix bug with ssl_close_notify and non-blocking I/O	2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard	44ade654c5	Implement (partial) renego delay on client	2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard	f07f421759	Fix server-initiated renego with non-blocking I/O	2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard	6591962f06	Allow delay on renego on client Currently unbounded: will be fixed later	2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard	f26a1e8602	ssl_read() stops returning non-application data	2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard	55e4ff2ace	Tune comments	2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard	462906f955	Do no test net_usleep() when not defined	2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard	192253aaa9	Fix buffer size in pk_write_*_pem()	2014-08-14 11:34:35 +02:00
Alfred Klomp	b308dd72d9	timing.c: avoid referencing garbage value Found with Clang's `scan-build` tool. When get_timer() is called with `reset` set to 1, the value of t->start.tv_sec is used as a rvalue without being initialized first. This is relatively harmless because the result of get_timer() is not used by the callers when called in "reset mode". However, scan-build prints a warning. Silence the warning by only calculating the delta on non-reset runs, returning zero otherwise.	2014-08-14 11:34:35 +02:00
Alfred Klomp	7ee55624fb	gcm.c: remove dead store Found with Clang's `scan-build` tool. The value written to `hi` is never used, resulting in a warning. Remove the dead store to get rid of the warning.	2014-08-14 11:34:35 +02:00
Alfred Klomp	1b4eda3af9	pkcs5.c: fix dead store: return proper exit status Found with Clang's `scan-build` tool. The error value assigned to `ret` is not returned, meaning that the selftest always succeeds. Ensure the error value is propagated back to the caller.	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	8d77eeeaf6	Fix integer suffix rejected by some MSVC versions	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	9a6b442cee	Fix non-blocking sockets in net_accept()	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	a04fa4fa04	RSA-PSK key exchange requires TLS 1.x It's not clear if, with SSL3, one should include send the two length bytes for EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	8d4ad07706	SHA-2 ciphersuites now require TLS 1.x	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	2fbf311391	Fix dependency issue in memory_buffer_alloc	2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard	97884a31cb	Fix printf format warnings in memory_buffer_alloc	2014-08-14 11:34:33 +02:00
Manuel Pégourié-Gonnard	86bbc7fc30	Fix typo causing compile error with NULL cipher	2014-08-14 11:34:33 +02:00
Paul Bakker	8dcb2d7d7e	Support escaping of commas in x509_string_to_names()	2014-08-11 11:59:52 +02:00
Paul Bakker	21e081b068	Prevent (incorrect) compiler warning	2014-07-24 10:38:01 +02:00
Paul Bakker	6c343d7d9a	Fix mpi_write_string() to write "00" as hex output for empty MPI	2014-07-10 15:27:10 +02:00
Paul Bakker	5b11d026cd	Fix dependencies and includes without FS_IO and PLATFORM_C	2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard	b196fc23b1	Fix dhm_selftest() return value	2014-07-09 16:53:29 +02:00
Paul Bakker	968afaa06f	ssl_key_cert not available in all configurations	2014-07-09 11:34:48 +02:00
Paul Bakker	ec3a617d40	Make ready for release of 1.3.8 and soversion 7	2014-07-09 10:21:28 +02:00
Paul Bakker	84bbeb58df	Adapt cipher and MD layer with _init() and _free()	2014-07-09 10:19:24 +02:00
Paul Bakker	accaffe2c3	Restructure ssl_handshake_init() and small fixes	2014-07-09 10:19:24 +02:00
Paul Bakker	a317a98221	Adapt programs / test suites	2014-07-09 10:19:24 +02:00
Paul Bakker	8f870b047c	Add dhm_init()	2014-07-09 10:19:23 +02:00
Paul Bakker	fff0366bba	Add ctr_drbg_free()	2014-07-09 10:19:23 +02:00
Paul Bakker	5b4af39a36	Add _init() and _free() for hash modules	2014-07-09 10:19:23 +02:00
Paul Bakker	c7ea99af4f	Add _init() and _free() for cipher modules	2014-07-09 10:19:22 +02:00
Manuel Pégourié-Gonnard	d27680bd5e	Clarify code using PSK callback	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	0698f7c21a	Rm duplicate entry in oid_md_alg	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	14beb08542	Fix missing const	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	ba782bbc4b	Save some space in ECP curve tables	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	67dbe1ef44	Better length checking in ecp_point_read_binary()	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	08e81e0c8f	Change selection of hash algorithm for TLS 1.2	2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard	bd77254b18	md_list() starting with strongest hash	2014-07-08 13:03:02 +02:00
Paul Bakker	8fb99abaac	Merge changes for leaner memory footprint	2014-07-04 15:02:19 +02:00
Paul Bakker	b9e08b086b	Merge server-side enforced renegotiation requests	2014-07-04 15:01:37 +02:00
Paul Bakker	d598318661	Fix base64_decode() to return and check length correctly	2014-07-04 15:01:00 +02:00
Manuel Pégourié-Gonnard	481fcfde93	Make PSK_LEN configurable and adjust PMS size	2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard	dfc7df0bec	Add SSL_CIPHERSUITES config option	2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard	a9964dbcd5	Add ssl_set_renegotiation_enforced()	2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard	791684c058	Save RAM when only a few ciphersuites are defined	2014-06-30 19:07:01 +02:00
Manuel Pégourié-Gonnard	31855456f9	Fix clang's check mode again	2014-06-25 15:59:50 +02:00
Manuel Pégourié-Gonnard	bee8ded03a	Fix warning depending on configuration	2014-06-25 12:22:59 +02:00
Manuel Pégourié-Gonnard	01edb1044c	Add POLARSSL_REMOVE_RC4_CIPHERSUITES	2014-06-25 11:27:59 +02:00
Paul Bakker	2a45d1c8bb	Merge changes to config examples and configuration issues	2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard	dd0c0f33c0	Better usage of dhm_calc_secret in SSL	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	8df68632e8	Fix bug in DHE-PSK PMS computation	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	5c1f032653	Abort handshake if no point format in common	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	fd35af1579	Fix off-by-one error in point format parsing	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	87a8ffeaba	Padlock asm using \n\t too	2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard	0534fd4c1a	Change asm format to \n\t in aesni.c too	2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard	03576887c2	Remove misplaced debugging message	2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard	42b5374523	Switch CCM and GCM in default suite order The upcoming BCP document recommends GCM as the default.	2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard	d249b7ab9a	Restore ability to trust non-CA selfsigned EE cert	2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard	c4eff16516	Restore ability to use v1 CA if trusted locally	2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard	eaa76f7e20	Fix computation of minlen for encrypted packets	2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard	e800cd81d7	Re-arrange some code in ssl_derive_keys()	2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard	b46e6adb9c	Check input lengths in GCM	2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard	0bcc4e1df7	Fix length checking for AEAD ciphersuites	2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard	66e20c6318	Fix warning and typo->error.	2014-06-24 17:47:40 +02:00
Manuel Pégourié-Gonnard	ac2ccf897c	Fix CCM ciphersuites definition: PSK <-> DHE-PSK!	2014-06-24 15:48:01 +02:00
Manuel Pégourié-Gonnard	8f625632bb	Fix dependencies: GCM != AEAD != CCM	2014-06-24 15:26:28 +02:00
Manuel Pégourié-Gonnard	5bfd968e01	Fix warning with TLS 1.2 without RSA or ECDSA	2014-06-24 15:18:11 +02:00
Paul Bakker	1c98ff96b5	Merge more test improvements and tests Conflicts: tests/suites/test_suite_cipher.blowfish.data	2014-06-24 11:12:00 +02:00
Paul Bakker	91c301abbe	Zeroize values in PKCS#12 operations	2014-06-24 11:09:39 +02:00
Manuel Pégourié-Gonnard	398c57b0b3	Blowfish accepts variable key len in cipher layer	2014-06-24 11:01:33 +02:00
Manuel Pégourié-Gonnard	f3b47243df	Split x509_csr_parse_der() out of x509_csr_parse()	2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard	4d2a8eb6ff	SSL modules now using x509_crt_parse_der() Avoid uselessly trying to decode PEM.	2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard	b912616081	Rm unused functions in cipher_wrap You can't initialise a context with DES_CFB or DES_CTR.	2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard	1c082f34f3	Update description and references for X.509 files	2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard	edc3ab20e2	Small cleanup: less side-effects pkcs5_parse_pbkdf2_params() used to modify params.p, which does not look clean, even if the function is static and params.p isn't use afterwards.	2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard	90dac90f53	Small code simplification in pkcs5_pbes2()	2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard	66aca931bc	Add tests for pkcs5_pbes2	2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard	2a8afa98e2	pkcs5_self_test depends on SHA1	2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard	f3e5c22f4d	Refactor x509_string_to_names(): data in a table	2014-06-23 11:52:58 +02:00
Manuel Pégourié-Gonnard	81754a0c35	Create a 'flags' field in cipher_info	2014-06-23 11:33:18 +02:00
Paul Bakker	66d5d076f7	Fix formatting in various code to match spacing from coding style	2014-06-17 17:06:47 +02:00
Paul Bakker	db20c10423	Add #endif comments for #endif more than 10 lines from #if / #else	2014-06-17 14:34:44 +02:00
Paul Bakker	d8bb82665e	Fix code styling for return statements	2014-06-17 14:06:49 +02:00
Paul Bakker	3461772559	Introduce polarssl_zeroize() instead of memset() for zeroization	2014-06-14 16:46:03 +02:00
Paul Bakker	14877e6250	Remove unused 'ret' variable	2014-06-12 23:01:18 +02:00
Paul Bakker	c2ff2083ee	Merge parsing and verification of RSASSA-PSS in X.509 modules	2014-06-12 22:02:47 +02:00
Paul Bakker	508e573231	Merge tests for asn1write, XTEA and Entropy modules	2014-06-12 21:26:33 +02:00
Manuel Pégourié-Gonnard	3ac6a2b9a7	Same as previous commit with Camellia	2014-06-12 21:16:02 +02:00
Manuel Pégourié-Gonnard	afd5a08e33	Minor tune-up in aes code un-duplicate a check, and remove useless default case, mainly so that these lines don't appear as uncovered	2014-06-12 21:15:55 +02:00
Manuel Pégourié-Gonnard	e1ac0f8c5d	Add back timing selftest with new hardclock test	2014-06-12 21:15:50 +02:00
Manuel Pégourié-Gonnard	7792198a46	Normalize some error messages	2014-06-12 21:15:44 +02:00
Manuel Pégourié-Gonnard	4dd73925ab	Add entropy_self_test()	2014-06-10 15:38:43 +02:00
Paul Bakker	d6917f0eb3	Add LINK_WITH_PTHREAD to CMakeList for explicitly adding pthread linking	2014-06-09 23:46:41 +02:00
Manuel Pégourié-Gonnard	d1539b1e88	Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT	2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard	88aa6e0b58	Fix potential memory leak in RSASSA-PSS verify	2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard	0eaa8beb36	Fix signedness warning	2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard	53882023e7	Also verify CRLs signed with RSASSA-PSS	2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard	46db4b070c	Use pk_verify_ext() in x509_crt.c	2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard	bf696d030b	Make sig_opts non-optional in X509 structures This simplifies the code.	2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard	dddbb1d1eb	Rm sig_params from various X509 structures	2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard	9113603b6b	Use sig_opts in x509_sig_alg_gets()	2014-06-05 15:41:39 +02:00
Manuel Pégourié-Gonnard	f75f2f7c46	Add sig_opts member to X509 structures	2014-06-05 15:14:59 +02:00
Manuel Pégourié-Gonnard	20422e9a3a	Add pk_verify_ext()	2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard	5ec628a2b9	Add rsa_rsassa_pss_verify_ext()	2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard	920e1cd5e2	Add basic PSS cert verification Still todo: - handle MGF-hash != sign-hash - check effective salt len == announced salt len - add support in the PK layer so that we don't have to bypass it here	2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard	e6d1d82b66	Relax checks on RSA mode for public key operations	2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard	78117d57b0	Consider trailerField a constant	2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard	cac31eed9e	Factor common code for printing sig_alg	2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard	cf975a3857	Factor out some common code	2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard	39868ee301	Parse CSRs signed with RSASSA-PSS	2014-06-02 16:10:30 +02:00
Manuel Pégourié-Gonnard	8e42ff6bde	Parse CRLs signed with RSASSA-PSS	2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard	9df5c96214	Fix dependencies	2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard	9c9cf5b51e	More checks for length match in rsassa-pss params	2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard	e76b750b69	Finish parsing RSASSA-PSS parameters	2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard	f346bab139	Start parsing RSASSA-PSS parameters	2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard	59a75d5b9d	Basic parsing of certs signed with RSASSA-PSS	2014-06-02 16:10:29 +02:00
Peter Vaskovic	7015de7e67	Fix WSAStartup return value check. SOCKET_ERROR was not a valid return value. WSAStartup returns 0 on success, so check that instead.	2014-05-28 11:40:51 +02:00
Paul Bakker	14b16c62e9	Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker) Move strlen out of for loop. Remove redundant null checks before free.	2014-05-28 11:34:33 +02:00
Peter Vaskovic	8ebfe084ab	Fix minor format string inconsistency.	2014-05-28 11:12:51 +02:00
Peter Vaskovic	c2bbac968b	Fix misplaced parenthesis.	2014-05-28 11:06:31 +02:00
Peter Vaskovic	541529e770	Remove unused arrays.	2014-05-28 11:04:48 +02:00
Paul Bakker	b5212b436f	Merge CCM cipher mode and ciphersuites Conflicts: library/ssl_tls.c	2014-05-22 15:30:31 +02:00
Paul Bakker	0f651c7422	Stricter check on SSL ClientHello internal sizes compared to actual packet size	2014-05-22 15:12:19 +02:00
Brian White	12895d15f8	Fix less-than-zero checks on unsigned numbers	2014-05-22 13:52:53 +02:00
Manuel Pégourié-Gonnard	82a5de7bf7	Enforce alignment even if buffer is not aligned	2014-05-22 13:52:49 +02:00
Manuel Pégourié-Gonnard	fe671f4aeb	Add markers around generated code in error.c	2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard	8ff17c544c	Add missing DEBUG_RET on cipher failures	2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard	61edffef28	Normalize "should never happen" messages/errors	2014-05-22 13:52:47 +02:00
Manuel Pégourié-Gonnard	2e5ee32033	Implement CCM and CCM_8 ciphersuites	2014-05-20 16:29:34 +02:00
Manuel Pégourié-Gonnard	5efd772ef0	Small readability improvement	2014-05-14 14:10:37 +02:00
Manuel Pégourié-Gonnard	6768da9438	Register CCM ciphersuites (not implemented yet)	2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard	41936957b3	Add AES-CCM and CAMELLIA-CCM to the cipher layer	2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard	de7bb44004	Use cipher_auth_{en,de}crypt() in ssl_tls.c	2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard	4562ffe2e6	Add cipher_auth_{en,de}crypt()	2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard	8764d271fa	Use cipher_crypt() in ssl_tls.c	2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard	3c1d150b3d	Add cipher_crypt()	2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard	0f6b66dba1	CCM operations allow input == output	2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard	aed6065793	CCM source cosmetics/tune-ups - source a bit shorter - generated code slightly smaller - preserving performance	2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard	ce77d55023	Implement ccm_auth_decrypt()	2014-05-07 12:13:13 +02:00
Manuel Pégourié-Gonnard	002323340a	Refactor to prepare for CCM decryption	2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard	637eb3d31d	Add ccm_encrypt_and_tag()	2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard	9fe0d13e8d	Add ccm_init/free()	2014-05-06 12:12:45 +02:00
Manuel Pégourié-Gonnard	a6916fada8	Add (placeholder) CCM module	2014-05-06 11:28:09 +02:00
Paul Bakker	5593f7caae	Fix typo in debug_print_msg()	2014-05-06 10:29:28 +02:00
Paul Bakker	da13016d84	Prepped for 1.3.7 release	2014-05-01 14:27:19 +02:00
Paul Bakker	c37b0ac4b2	Fix typo in bignum.c	2014-05-01 14:19:23 +02:00
Paul Bakker	b9e4e2c97a	Fix formatting: fix some 'easy' > 80 length lines	2014-05-01 14:18:25 +02:00
Paul Bakker	9af723cee7	Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)	2014-05-01 13:03:14 +02:00
Paul Bakker	c3f89aa26c	Removed word 'warning' from PKCS#5 selftest (buildbot warning as a result)	2014-05-01 10:56:03 +02:00
Paul Bakker	9bb04b6389	Removed redundant code in mpi_fill_random()	2014-05-01 09:47:02 +02:00
Paul Bakker	2ca1dc8958	Updated error.c and version_features.c based on changes	2014-05-01 09:46:38 +02:00
Markus Pfeiffer	a26a005acf	Make compilation on DragonFly work	2014-04-30 16:52:28 +02:00
Paul Bakker	2a024ac86a	Merge dependency fixes	2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard	cef4ad2509	Adapt sources to configurable config.h name	2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard	c16f4e1f78	Move RC4 ciphersuites down the list	2014-04-30 16:27:06 +02:00
Paul Bakker	8eab8d368b	Merge more portable AES-NI	2014-04-30 16:21:08 +02:00
Paul Bakker	33dc46b080	Fix bug with mpi_fill_random() on big-endian	2014-04-30 16:20:39 +02:00
Paul Bakker	f96f7b607a	On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings	2014-04-30 16:02:38 +02:00
Paul Bakker	6384440b13	Better support for the different Attribute Types from IETF PKIX (RFC 5280)	2014-04-30 15:34:12 +02:00
Paul Bakker	1a1fbba1ae	Sanity length checks in ssl_read_record() and ssl_fetch_input() Both are already covered in other places, but not in a clear fashion. So for instance Coverity thinks the value is still tainted.	2014-04-30 14:48:51 +02:00
Paul Bakker	24f37ccaed	rsa_check_pubkey() now allows an E up to N	2014-04-30 13:43:51 +02:00
Paul Bakker	0f90d7d2b5	version_check_feature() added to check for compile-time options at run-time	2014-04-30 11:49:44 +02:00
Paul Bakker	a70366317d	Improve interop by not writing ext_len in ClientHello / ServerHello when 0 The RFC also indicates that without any extensions, we should write a struct {} (empty) not an array of length zero.	2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard	3d41370645	Fix hash dependencies in X.509 tests	2014-04-29 15:29:41 +02:00
Manuel Pégourié-Gonnard	3a306b9067	Fix misplaced #endif in ssl_tls.c	2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard	b1fd397be6	Adapt AES-NI code to "old" binutil versions	2014-04-26 17:17:31 +02:00
Paul Bakker	c73079a78c	Add debug_set_threshold() and thresholding of messages	2014-04-25 16:58:16 +02:00
Paul Bakker	92478c37a6	Debug module only outputs full lines instead of parts	2014-04-25 16:58:15 +02:00
Paul Bakker	eaebbd5eaa	debug_set_log_mode() added to determine raw or full logging	2014-04-25 16:58:14 +02:00
Paul Bakker	61885c7f7f	Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites In case full SSL frames arrived, they were rejected because an overly strict padding check.	2014-04-25 12:59:51 +02:00
Paul Bakker	4ffcd2f9c3	Typo in PKCS#11 module	2014-04-25 11:44:12 +02:00
Paul Bakker	10a9dd35ea	Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c	2014-04-25 11:27:16 +02:00
Paul Bakker	0767e67d17	Add support for 'emailAddress' to x509_string_to_names()	2014-04-18 14:11:37 +02:00
Paul Bakker	c70e425a73	Only iterate over actual certificates in ssl_write_certificate_request()	2014-04-18 13:50:19 +02:00
Paul Bakker	f4cf80b86f	Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code	2014-04-17 17:24:29 +02:00
Paul Bakker	4f42c11846	Remove arbitrary maximum length for cipher_list and content length	2014-04-17 15:37:39 +02:00
Paul Bakker	d893aef867	Force default value to curve parameter	2014-04-17 14:45:34 +02:00
Paul Bakker	93389cc620	Remove const indicator	2014-04-17 14:44:38 +02:00
Paul Bakker	874bd64b28	Check setsockopt() return value in net_bind()	2014-04-17 12:43:05 +02:00
Paul Bakker	3d8fb63e11	Added missing MPI_CHK around mpi functions	2014-04-17 12:42:41 +02:00
Paul Bakker	a9c16d2825	Removed unused cur variable in x509_string_to_names()	2014-04-17 12:42:18 +02:00
Paul Bakker	0e4f9115dc	Fix iteration counter	2014-04-17 12:39:05 +02:00
Paul Bakker	784b04ff9a	Prepared for version 1.3.6	2014-04-11 15:33:59 +02:00
Manuel Pégourié-Gonnard	9655e4597a	Reject certificates with times not in UTC	2014-04-11 13:59:36 +02:00
Manuel Pégourié-Gonnard	0776a43788	Use UTC to heck certificate validity	2014-04-11 13:59:31 +02:00
Paul Bakker	52c5af7d2d	Merge support for verifying the extendedKeyUsage extension in X.509	2014-04-11 13:58:57 +02:00
Manuel Pégourié-Gonnard	78848375c0	Declare EC constants as 'const'	2014-04-11 13:58:41 +02:00
Paul Bakker	1630058dde	Potential buffer overwrite in pem_write_buffer() fixed Length indication when given a too small buffer was off. Added regression test in test_suite_pem to detect this.	2014-04-11 13:58:05 +02:00
Manuel Pégourié-Gonnard	0408fd1fbb	Add extendedKeyUsage checking in SSL modules	2014-04-11 11:09:09 +02:00
Manuel Pégourié-Gonnard	7afb8a0dca	Add x509_crt_check_extended_key_usage()	2014-04-11 11:09:00 +02:00
Paul Bakker	d6ad8e949b	Make ssl_check_cert_usage() dependent on POLARSSL_X509_CRT_PARSE_C	2014-04-09 17:24:14 +02:00
Paul Bakker	a77de8c841	Prevent warnings in ssl_check_cert_usage() if keyUsage checks are off	2014-04-09 16:39:35 +02:00
Paul Bakker	043a2e26d0	Merge verification of the keyUsage extension in X.509 certificates	2014-04-09 15:55:08 +02:00
Manuel Pégourié-Gonnard	a9db85df73	Add tests for keyUsage with client auth	2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard	490047cc44	Code cosmetics	2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard	312010e6e9	Factor common parent checking code	2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard	f93a3c4335	Check the CA bit on trusted CAs too	2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard	99d4f19111	Add keyUsage checking for CAs	2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard	3fed0b3264	Factor some common code in x509_verify{,_child}	2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard	7f2a07d7b2	Check keyUsage in SSL client and server	2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard	603116c570	Add x509_crt_check_key_usage()	2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard	2abed84225	Specific return code for PK sig length mismatch	2014-04-09 15:50:00 +02:00
Manuel Pégourié-Gonnard	35e95ddca4	Add special return code for ecdsa length mismatch	2014-04-09 15:49:59 +02:00
Paul Bakker	ddd427a8fc	Fixed spacing in entropy_gather()	2014-04-09 15:49:57 +02:00
Paul Bakker	75342a65e4	Fixed typos in code	2014-04-09 15:49:57 +02:00
Manuel Pégourié-Gonnard	0f79babd4b	Disable timing_selftest() for now	2014-04-09 15:49:51 +02:00
Paul Bakker	17b85cbd69	Merged additional tests and improved code coverage Conflicts: ChangeLog	2014-04-08 14:38:48 +02:00
Paul Bakker	0763a401a7	Merged support for the ALPN extension	2014-04-08 14:37:12 +02:00
Paul Bakker	4224bc0a4f	Prevent potential NULL pointer dereference in ssl_read_record()	2014-04-08 14:36:50 +02:00
Manuel Pégourié-Gonnard	8c045ef8e4	Fix embarrassing X.509 bug introduced in `9533765`	2014-04-08 11:55:03 +02:00
Manuel Pégourié-Gonnard	f6521de17b	Add ALPN tests to ssl-opt.sh Only self-op for now, required peer versions are a bit high: - OpenSSL 1.0.2-beta - GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)	2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard	89e35798ae	Implement ALPN server-side	2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard	0b874dc580	Implement ALPN client-side	2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard	0148875cfc	Add tests and fix bugs for RSA-alt contexts	2014-04-04 17:46:46 +02:00
Manuel Pégourié-Gonnard	7e250d4812	Add ALPN interface	2014-04-04 17:10:40 +02:00
Manuel Pégourié-Gonnard	79e58421be	Also test net_usleep in timing_selttest()	2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard	3fec220a33	Add test for dhm_parse_dhmfile	2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard	7afdb88216	Test and fix x509_oid functions	2014-04-04 16:34:30 +02:00
Manuel Pégourié-Gonnard	d6aebe108a	Add 'volatile' to hardclock()'s asm Prevents calls from being optimised away in timing_self_test(). (Should no be a problem for calls from other files.)	2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard	13a1ef8600	Misc selftest adjustements	2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard	470fc935b5	Add timing_self_test() with consistency tests	2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard	487588d0bf	Whitespace fixes	2014-04-04 16:33:01 +02:00
Paul Bakker	e4205dc50a	Merged printing of X509 extensions	2014-04-04 15:36:10 +02:00
Paul Bakker	5ff3f9134b	Small fix for EFI build under Windows in x509_crt.c	2014-04-04 15:08:20 +02:00
Manuel Pégourié-Gonnard	0db29b05b5	More compact code using macros	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	7b30cfc5b0	x509_crt_info() list output cosmectics	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	f6f4ab40d3	Print extended key usage in x509_crt_info()	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	65c2ddc318	Print key_usage in x509_crt_info()	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	bce2b30855	Print subject alt name in x509_crt_info()	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	919f8f5829	Print NS Cert Type in x509_crt_info()	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	b28487db1f	Start printing extensions in x509_crt_info()	2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard	74bc68ac62	Fix default #define for malloc/free	2014-04-02 13:20:00 +02:00
Paul Bakker	75a2860f26	Potential memory leak in mpi_exp_mod() when error occurs during calculation of RR.	2014-03-31 12:08:17 +02:00
Manuel Pégourié-Gonnard	dd75c3183b	Remove potential timing leak in ecdsa_sign()	2014-03-31 11:55:42 +02:00
Manuel Pégourié-Gonnard	5b8c409f53	Fix a warning (theoretical uninitialised variable)	2014-03-27 21:10:56 +01:00
Manuel Pégourié-Gonnard	969ccc6289	Fix length checking of various ClientKeyExchange's	2014-03-27 21:10:56 +01:00
Paul Bakker	96d5265315	Made ready for release 1.3.5	2014-03-26 16:55:50 +01:00
Paul Bakker	5fff23b92a	x509_get_current_time() uses localtime_r() to prevent thread issues	2014-03-26 15:34:54 +01:00
Paul Bakker	4c284c9141	Removed LCOV directives from code	2014-03-26 15:33:05 +01:00
Paul Bakker	77f4f39ea6	Make sure no random pointer occur during failed malloc()'s	2014-03-26 15:30:20 +01:00
Paul Bakker	db1f05985e	Add a check for buffer overflow to pkcs11_sign() pkcs11_sign() reuses *sig to store the header and hash, but those might be larger than the actual sig, causing a buffer overflow. An overflow can occur when using raw sigs with hashlen > siglen, or when the RSA key is less than 664 bits long (or less when using hashes shorter than SHA512) As siglen is always within the 'low realm' < 32k, an overflow of asnlen + hashlen is not possible.	2014-03-26 15:14:21 +01:00
Paul Bakker	91c61bc4fd	Further tightened the padlen check to prevent underflow / overflow	2014-03-26 15:14:20 +01:00
Manuel Pégourié-Gonnard	c042cf0013	Fix broken tests due to changed error code Introduced in `5246ee5c59`	2014-03-26 14:12:20 +01:00
Manuel Pégourié-Gonnard	b2bf5a1bbb	Fix possible buffer overflow with PSK	2014-03-26 12:58:50 +01:00
Manuel Pégourié-Gonnard	fdddac90a6	Fix stupid bug in rsa_copy()	2014-03-26 12:58:49 +01:00
Manuel Pégourié-Gonnard	f84f799bcf	Tune debug_print_ret format	2014-03-26 12:58:46 +01:00
Paul Bakker	b13d3ffb80	Provide no info from entropy_func() on future entropy	2014-03-26 12:51:25 +01:00
Paul Bakker	66ff70dd48	Support for seed file writing and reading in Entropy	2014-03-26 11:58:07 +01:00
Paul Bakker	3f0be61a27	Merged support for parsing EC keys that use SpecifiedECDomain	2014-03-26 11:30:39 +01:00
Manuel Pégourié-Gonnard	9592485d0c	Fix some MSVC12 conversion warnings	2014-03-21 12:03:07 +01:00
Manuel Pégourié-Gonnard	3b6269aa08	Fix warnings on MinGW	2014-03-21 12:03:03 +01:00
Manuel Pégourié-Gonnard	6fac3515d0	Make support for SpecifiedECDomain optional	2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard	5246ee5c59	Work around compressed EC public key in some cases	2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard	eab20d2a9c	Implement parsing SpecifiedECParameters	2014-03-19 15:51:12 +01:00
Paul Bakker	6c1f69b879	MinGW32 static build should link to windows libs and libz	2014-03-17 15:11:13 +01:00
Paul Bakker	3d6504a935	ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr	2014-03-17 13:41:51 +01:00
Manuel Pégourié-Gonnard	2eea29238c	Make the compiler work-around more specific	2014-03-14 18:23:26 +01:00
Paul Bakker	a4b0343edf	Merged massive SSL Testing improvements	2014-03-14 16:30:36 +01:00
Manuel Pégourié-Gonnard	bb8661e006	Work around a compiler bug on OS X.	2014-03-14 09:21:20 +01:00
Manuel Pégourié-Gonnard	d701c9aec9	Fix memory leak in server with expired tickets	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	84c30c7e83	Fix memory leak in ssl_cache	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	145dfcbfc2	Fix bug with NewSessionTicket and non-blocking I/O	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	96ea2f2557	Add tests for SNI	2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard	8520dac292	Add tests for auth_mode	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	da6b4d3e8c	Change RSA embedded cert to a localhost cert	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	dfbf9c711d	Fix bug in m_sleep()	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	274a12e17c	Fix bug with ssl_cache and max_entries=0	2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard	f7c52014ec	Add basic tests for session resumption	2014-03-14 08:41:00 +01:00
hasufell	3c6409b066	CMake: allow to build both shared and static at once This allows for more fine-grained control. Possible combinations: * static off, shared on * static on, shared off * static on, shared on The static library is always called "libpolarssl.a" and is only used for linking of tests and internal programs if the shared lib is not being built. Default is: only build static lib.	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	9a6e93e7a4	Reserve -1 as an error code (used in programs)	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	844a4c0aef	Fix RSASSA-PSS example programs	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	83cdffc437	Forbid sequence number wrapping	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	3c599f11b0	Avoid possible segfault on bad server ciphersuite	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	9533765b25	Reject certs and CRLs from the future	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	6304f786e0	Add x509_time_future()	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	29dcc0b93c	Fix depend issues in test suites for cipher modes	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	1ec220b002	Add missing #ifdefs in aes.h	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	648656a628	Fix error code in dhm_selftest()	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	796c6f3aff	Countermeasure against "triple handshake" attack	2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard	fdf3f0e671	Avoid "unreachable code" warning	2014-03-11 13:47:05 +01:00
Manuel Pégourié-Gonnard	2a2ae642d8	Fix forgotten curves in #ifdef	2014-02-24 10:29:21 +01:00
Manuel Pégourié-Gonnard	6b1e207081	Fix verion-major intolerance	2014-02-12 10:14:54 +01:00
Manuel Pégourié-Gonnard	c9093085ed	Revert "Merged RSA-PSS support in Certificate, CSR and CRL" This reverts commit `ab50d8d30c`, reversing changes made to `e31b1d992a`.	2014-02-12 09:39:59 +01:00
Manuel Pégourié-Gonnard	6df09578bb	Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of generic" This reverts commit `9eae7aae80`.	2014-02-12 09:29:05 +01:00
Paul Bakker	f2561b3f69	Ability to provide alternate timing implementation	2014-02-06 15:32:26 +01:00
Paul Bakker	47703a0a80	More entropy functions made thread-safe (add_source, update_manual, gather)	2014-02-06 15:01:20 +01:00
Paul Bakker	9eae7aae80	Mutex call in x509_crt.c depended on PTHREAD specific instead of generic threading	2014-02-06 14:51:53 +01:00
Paul Bakker	6a28e722c9	Merged platform compatibility layer	2014-02-06 13:44:19 +01:00
Paul Bakker	0910f32ee3	Fixed compile warning (in test-ref-configs)	2014-02-06 13:41:18 +01:00
Paul Bakker	119602bdde	Typo fix in memory_buffer_alloc.c	2014-02-06 13:20:19 +01:00
Paul Bakker	defc0ca337	Migrated the Memory layer to the Platform layer Deprecated POLARSSL_MEMORY_C and placed placeholder for memory.h to make sure current code will not break on new version.	2014-02-06 13:20:17 +01:00
Paul Bakker	7dc4c44267	Library files moved to use platform layer	2014-02-06 13:20:16 +01:00
Paul Bakker	747a83a0f7	Platform abstraction layer for memory, printf and fprintf	2014-02-06 13:15:25 +01:00
Paul Bakker	ab50d8d30c	Merged RSA-PSS support in Certificate, CSR and CRL	2014-02-06 13:14:56 +01:00
Manuel Pégourié-Gonnard	f07031aa98	debug_ecp: don't print Z, always 1	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	f6dc5e1d16	Remove temporary debug code	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	c3f6b62ccc	Print curve name instead of size in debugging Also refactor server-side curve selection	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	ab24010b54	Enforce our choice of allowed curves.	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	7f38ed0bfa	ssl_set_curves is no longer ECDHE only	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	cd49f76898	Make ssl_set_curves() work client-side too.	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	ac7194133e	Renamings and other fixes	2014-02-06 10:28:38 +01:00
Gergely Budai	e40c469ad3	The default ECDH curve list will be dynamically built in the ecp module based on ecp_supported_curves[].	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	de05390c85	Rename ecdh_curve_list to curve_list	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	5de2580563	Make ssl_set_ecdh_curves() a compile-time option	2014-02-06 10:28:38 +01:00
Gergely Budai	987bfb510b	Added the possibility to define the allowed curves for ECDHE handshake. It also defines the preference of the curves.	2014-02-06 10:28:38 +01:00
Manuel Pégourié-Gonnard	fbf0915404	Fix bug in RSA PKCS#1 v1.5 "reversed" operations	2014-02-05 17:01:24 +01:00
Paul Bakker	5fb8efe71e	Merged HMAC-DRBG code	2014-02-05 15:55:18 +01:00
Manuel Pégourié-Gonnard	6e8e34d61e	Fix ecp_gen_keypair() Too few tries caused failures for some curves (esp. secp224k1)	2014-02-05 15:53:45 +01:00
Manuel Pégourié-Gonnard	b05db2a6aa	Save memory by not storing the HMAC key	2014-02-01 11:38:05 +01:00
Manuel Pégourié-Gonnard	cf38367f45	Fix HMAC_DRBG and RIPEMD160 error codes	2014-02-01 10:24:53 +01:00
Manuel Pégourié-Gonnard	446ee6618f	Add LCOV_EXCLUDE_LINE on some IO errors	2014-02-01 10:08:26 +01:00
Manuel Pégourié-Gonnard	b3b205e081	Clean up details in ctr_drbg_selftest()	2014-01-31 12:04:06 +01:00
Manuel Pégourié-Gonnard	79afaa0551	Add hmac_drbg_selftest()	2014-01-31 11:52:14 +01:00
Manuel Pégourié-Gonnard	48bc3e81da	Add hmac_drbg_{write,update}_seed_file()	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	efc8d8078b	Use safer names for macros	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	6e897c2a59	Add more checks and references	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	d742a032f4	Use md_hmac_reset() when possible	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	658dbed080	Add automatic periodic reseeding	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	af786ff6cc	Add hmac_drbg_set_prediction_resistance()	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	8fc484d1df	Add hmac_drbg_reseed()	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	4e669c614d	Add hmac_drbg_set_entropy_len()	2014-01-30 23:17:33 +01:00
Manuel Pégourié-Gonnard	fe34a5fb83	Add entropy callbacks to HMAC_DRBG	2014-01-30 15:06:40 +01:00
Manuel Pégourié-Gonnard	8208d167da	Add hmac_random_with_add()	2014-01-30 12:19:26 +01:00
Manuel Pégourié-Gonnard	7845fc06c9	Use new HMAC_DRBG module for deterministic ECDSA	2014-01-30 10:58:48 +01:00
Manuel Pégourié-Gonnard	490bdf3928	Add minimalistic HMAC_DRBG implementation (copied from ECDSA)	2014-01-30 10:58:48 +01:00
Paul Bakker	2aca241425	Ready for release 1.3.4	2014-01-27 11:59:30 +01:00
Paul Bakker	42099c3155	Revert "Add pk_rsa_set_padding() and rsa_set_padding()" This reverts commit `b4fae579e8`. Conflicts: library/pk.c tests/suites/test_suite_pk.data tests/suites/test_suite_pk.function	2014-01-27 11:59:29 +01:00
Manuel Pégourié-Gonnard	27b93ade6e	Factor common code for printing sig_alg	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	5cac583482	Factor out some common code	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	41cae8e1f9	Parse CSRs signed with RSASSA-PSS	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	5eeb32b552	Parse CRLs signed with RSASSA-PSS	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	ce7c6fd433	Fix dependencies	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	b7de86d834	More checks for length match in rsassa-pss params	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	3c1e8b539c	Finish parsing RSASSA-PSS parameters	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	d9fd87be33	Start parsing RSASSA-PSS parameters	2014-01-25 12:48:58 +01:00
Manuel Pégourié-Gonnard	b1d4eb16e4	Basic parsing of certs signed with RSASSA-PSS	2014-01-25 12:48:58 +01:00
Paul Bakker	556efba51c	Added AES CFB8 mode	2014-01-24 15:38:12 +01:00
Paul Bakker	80025417eb	net_is_block() renamed to net_would_block() and corrected behaviour on non-blocking sockets net_would_block() now does not return 1 if the socket is blocking.	2014-01-23 21:00:57 +01:00
Paul Bakker	c2024f4592	Added MPI_CHK around unguarded mpi calls	2014-01-23 21:00:57 +01:00
Manuel Pégourié-Gonnard	8e205fc0bc	Fix potential buffer overflow in suported_curves_ext	2014-01-23 17:27:10 +01:00
Paul Bakker	9f3c7d7278	Added missing POLARSSL_ECDSA_DETERMINISTIC around ecdsa_write_signature_det()	2014-01-23 16:11:14 +01:00
Paul Bakker	18e9f3282b	Added missing static to md_info_by_size() in ecdsa.c	2014-01-23 16:08:38 +01:00
Paul Bakker	bf98c3dd11	Merged deterministic ECDSA Conflicts: library/ecdsa.c	2014-01-23 15:48:01 +01:00
Manuel Pégourié-Gonnard	dfab4c1193	Add forgotten #ifdef and depends_on	2014-01-22 16:01:06 +01:00
Paul Bakker	5862eee4ca	Merged RIPEMD-160 support	2014-01-22 14:18:34 +01:00
Paul Bakker	61b699ed1b	Renamed RMD160 to RIPEMD160	2014-01-22 14:17:31 +01:00
Paul Bakker	0ac99ca7bc	Merged support for secp224k1, secp192k1 and secp25k1	2014-01-22 13:10:48 +01:00
Manuel Pégourié-Gonnard	b4fae579e8	Add pk_rsa_set_padding() and rsa_set_padding()	2014-01-22 13:03:27 +01:00
Manuel Pégourié-Gonnard	7c59363a85	Remove a few dead stores	2014-01-22 13:02:39 +01:00
Manuel Pégourié-Gonnard	9e987edf9f	Fix potential memory leak in bignum selftest	2014-01-22 12:59:04 +01:00
Manuel Pégourié-Gonnard	fd6a191381	Fix misplaced initialisation. If one of the calls to mpi_grow() before setting Apos would fail, then mpi_free( &Apos ) would be executed without Apos being initialised.	2014-01-22 12:57:04 +01:00
Manuel Pégourié-Gonnard	073f0fa2fb	Fix missing error checking in gcm	2014-01-22 12:56:51 +01:00
Manuel Pégourié-Gonnard	280f95bd00	Add #ifs arround ssl_ciphersuite_uses_XXX()	2014-01-22 12:56:37 +01:00
Manuel Pégourié-Gonnard	7cfdcb8c7f	Add a length check in ssl_derive_keys()	2014-01-22 12:56:22 +01:00
Manuel Pégourié-Gonnard	9af7d3a35b	Add fast reduction for the other Koblitz curves	2014-01-18 17:48:00 +01:00
Manuel Pégourié-Gonnard	8887d8d37c	Add mod_p256k1 Makes secp256k1 about 4x faster	2014-01-17 23:17:10 +01:00
Manuel Pégourié-Gonnard	ea499a7321	Add support for secp192k1	2014-01-17 21:41:39 +01:00
Manuel Pégourié-Gonnard	0a56c2c698	Fix bug in ecdh_calc_secret() Only affects curves with nbits != pbits (currently only secp224k1)	2014-01-17 21:41:39 +01:00
Manuel Pégourié-Gonnard	5304812b2d	Fix theoretical compliance issue in ECDSA The issue would happen for curves whose bitlength is not a multiple of eight (the only case is NIST P-521) with hashes that are longer than the bitlength of the curve: since the wides hash is 512 bits long, this can't happen. Fixing however as a matter of principle and readability.	2014-01-17 21:41:39 +01:00
Manuel Pégourié-Gonnard	18e3ec9b4d	Add support for secp224k1	2014-01-17 21:41:39 +01:00
Manuel Pégourié-Gonnard	e4d47a655b	Add RIPEMD-160 to the generic MD layer	2014-01-17 20:41:32 +01:00
Manuel Pégourié-Gonnard	ff40c3ac34	Add HMAC support to RIPEMD-160	2014-01-17 20:04:59 +01:00
Manuel Pégourié-Gonnard	cab4a8807c	Add RIPEMD-160 (core functions)	2014-01-17 14:04:25 +01:00
Manuel Pégourié-Gonnard	9bcff3905b	Add OIDs and TLS IDs for prime Koblitz curves	2014-01-10 18:32:31 +01:00
Manuel Pégourié-Gonnard	f51c8fc353	Add support for secp256k1 arithmetic	2014-01-10 18:17:18 +01:00
Manuel Pégourié-Gonnard	65ad3e4daf	Use deterministic ECDSA in the PK layer	2014-01-07 16:19:28 +01:00
Manuel Pégourié-Gonnard	5e6edcfd96	Add fallback for md_alg == NONE to ecdsa_sign_det()	2014-01-07 16:19:28 +01:00
Manuel Pégourié-Gonnard	937340bce0	Add ecdsa_write_signature_det()	2014-01-06 15:29:03 +01:00
Manuel Pégourié-Gonnard	f42bca6da0	Little HMAC_DRBG refactoring	2014-01-06 15:29:03 +01:00
Manuel Pégourié-Gonnard	4daaef7e27	Add ecdsa_sign_det() with test vectors	2014-01-06 15:29:03 +01:00
Manuel Pégourié-Gonnard	461d416892	Add minified HMAC_DRBG for deterministic ECDSA	2014-01-06 11:01:38 +01:00
Manuel Pégourié-Gonnard	e7072f8d11	Fix theoretical compliance issue in ECDSA The issue would happen for curves whose bitlength is not a multiple of eight (the only case is NIST P-521) with hashes that are longer than the bitlength of the curve: since the wides hash is 512 bits long, this can't happen. Fixing however as a matter of principle and readability.	2014-01-06 11:01:38 +01:00
Manuel Pégourié-Gonnard	c9573998ca	Fix unchecked error codes in ecp_gen_keypair()	2014-01-06 11:01:38 +01:00
Manuel Pégourié-Gonnard	79f73b96d9	Remove bias in EC private key generation	2014-01-06 10:19:35 +01:00
Paul Bakker	c78c8422c2	Added failure stub for uninitialized POLARSSL_THREADING_ALT functions	2013-12-31 11:55:27 +01:00
Paul Bakker	a8fd3e31ed	Removed POLARSSL_THREADING_DUMMY option	2013-12-31 11:54:08 +01:00
Paul Bakker	4de44aa0ae	Rewrote check to prevent read of uninitialized data in rsa_rsassa_pss_verify()	2013-12-31 11:43:01 +01:00
Paul Bakker	6992eb762c	Fixed potential overflow in certificate size in ssl_write_certificate()	2013-12-31 11:38:33 +01:00
Paul Bakker	6ea1a95ce8	Added missing MPI_CHK() around some statements	2013-12-31 11:17:14 +01:00
Paul Bakker	5bc07a3d30	Prepped for 1.3.3	2013-12-31 10:57:44 +01:00
Paul Bakker	00f5c52bfe	Added cast to socket() return value to prevent Windows warning	2013-12-31 10:45:16 +01:00
Paul Bakker	c73879139e	Merged ECP memory usage optimizations	2013-12-31 10:33:47 +01:00
Paul Bakker	53e1513fea	Initialize ebx and edx in padlock functions	2013-12-31 09:46:09 +01:00
Manuel Pégourié-Gonnard	26bc1c0f5d	Fix a few unchecked return codes in EC	2013-12-30 19:33:33 +01:00
Paul Bakker	93759b048f	Made AES-NI bit-size specific key expansion functions static	2013-12-30 19:20:06 +01:00
Manuel Pégourié-Gonnard	9e4191c3e7	Add another option to reduce EC memory usage Also document speed/memory trade-offs better.	2013-12-30 19:16:05 +01:00
Manuel Pégourié-Gonnard	70896a023e	Add statistics about number of allocated blocks	2013-12-30 19:16:05 +01:00
Paul Bakker	ec4bea7eee	Forced cast to unsigned int for %u format in ecp_selftest()	2013-12-30 19:04:47 +01:00
Manuel Pégourié-Gonnard	1f789b8348	Lessen peak memory usage in EC by freeing earlier Cuts peak usage by 25% :)	2013-12-30 17:36:54 +01:00
Manuel Pégourié-Gonnard	72c172a13d	Save some small memory allocations inside ecp_mul()	2013-12-30 16:04:55 +01:00
Paul Bakker	f0fc2a27b0	Properly put the pragma comment for the MSVC linker in defines	2013-12-30 15:42:43 +01:00
Paul Bakker	92bcadb110	Removed 'z' length modifier from low-value size_t in ecp_selftest()	2013-12-30 15:37:17 +01:00
Paul Bakker	e7f5133590	Fixed superfluous return value in aesni.c	2013-12-30 15:32:02 +01:00
Paul Bakker	0d0de92156	Only specify done label in aes.c when AES-NI is possible	2013-12-30 15:29:04 +01:00
Paul Bakker	956c9e063d	Reduced the input / output overhead with 200+ bytes and covered corner case The actual input / output buffer overhead is only 301 instead of 512. This requires a proper check on the padding_idx to prevent out of bounds reads. Previously a remote party could potentially trigger an access error and thus stop the application when sending a malicious packet having MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of . This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1 for 256 bytes (including fake padding check). Or 13 + 32 bytes over the buffer length. We now reset padding_idx to 0, if it's clear that it will never be a valid padding (padlen > msg_len \|\| msg_len + padlen + 256 > buffer_len)	2013-12-30 15:00:51 +01:00
Manuel Pégourié-Gonnard	d4588cfb6a	aesni_gcm_mult() now returns void	2013-12-30 13:54:23 +01:00
Manuel Pégourié-Gonnard	bfa3c9a85f	Remove temporary code	2013-12-30 13:53:58 +01:00
Manuel Pégourié-Gonnard	23c2f6fee5	Add AES-NI key expansion for 192 bits	2013-12-29 16:05:22 +01:00
Manuel Pégourié-Gonnard	4a5b995c26	Add AES-NI key expansion for 256 bits	2013-12-29 13:50:32 +01:00
Manuel Pégourié-Gonnard	47a3536a31	Add AES-NI key expansion for 128 bits	2013-12-29 13:28:59 +01:00
Manuel Pégourié-Gonnard	01e31bbffb	Add support for key inversion using AES-NI	2013-12-28 16:22:08 +01:00
Manuel Pégourié-Gonnard	80637c7520	Use aesni_gcm_mult() if available	2013-12-26 16:09:58 +01:00
Manuel Pégourié-Gonnard	d333f67f8c	Add aesni_gcm_mult()	2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard	9d57482280	Add comments on GCM multiplication	2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard	8eaf20b18d	Allow detection of CLMUL	2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard	5b685653ef	Add aesni_crypt_ecb() and use it	2013-12-25 13:03:26 +01:00
Manuel Pégourié-Gonnard	92ac76f9db	Add files for (upcoming) AES-NI support	2013-12-25 13:03:26 +01:00
Paul Bakker	1e5369c7fa	Variables in proper block or within proper defines in ssl_decrypt_buf()	2013-12-19 16:40:57 +01:00
Paul Bakker	0c0476f92d	Disable ecp_use_curve25519() if not POLARSSL_ECP_DP_M255_ENABLED	2013-12-19 16:20:53 +01:00
Paul Bakker	1a56fc96a3	Fixed x509_crt_parse_path() bug on Windows platforms	2013-12-19 13:52:33 +01:00
Manuel Pégourié-Gonnard	1321135758	Fix MingW version issue	2013-12-17 17:38:55 +01:00
Manuel Pégourié-Gonnard	ee5db1d6b9	Fix typo in previous commit	2013-12-17 16:46:19 +01:00
Manuel Pégourié-Gonnard	6a398d4234	Add missing header for windows	2013-12-17 16:10:58 +01:00
Manuel Pégourié-Gonnard	173402bb61	net_prepare() returns int	2013-12-17 15:57:05 +01:00
Paul Bakker	5a607d26b7	Merged IPv6 support in the NET module	2013-12-17 14:34:19 +01:00
Manuel Pégourié-Gonnard	fd6b4cc1db	Add forgotten SO_REUSEADDR option	2013-12-17 13:59:01 +01:00
Paul Bakker	5ab68ba679	Merged storing curves fully in ROM	2013-12-17 13:11:18 +01:00
Paul Bakker	fdf946928d	Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuites	2013-12-17 13:10:27 +01:00
Paul Bakker	77e257e958	Fixed bad check for maximum size of fragment length index	2013-12-17 13:09:12 +01:00
Paul Bakker	6c21276342	Place olen initalization after reference check in cipher_update()	2013-12-17 13:09:12 +01:00
Paul Bakker	6f0636a09f	Potential memory leak in ssl_ticket_keys_init()	2013-12-17 13:09:12 +01:00
Manuel Pégourié-Gonnard	6e315a9009	Adapt net_accept() to IPv6	2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard	389ce63735	Add IPv6 support to net_bind()	2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard	10934de1ca	Adapt net_connect() for IPv6	2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard	2e5c3163db	Factor our some code in net.c	2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard	5538970d32	Add server support for ECDH key exchanges	2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard	d18cc57962	Add client-side support for ECDH key exchanges	2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard	cdff3cfda3	Add ecdh_get_params() to import from an EC key	2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard	25781b22e3	Add ECDH_RSA and ECDH_ECDSA ciphersuites (not implemented yet)	2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard	69ab354239	Fix bug from stupid typo	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	14a96c5d8b	Avoid wasting memory with some curves	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	95b45b7bb2	Rename macros	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	baee5d4157	Add previously forgotten #ifdef's	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	81e1b102dc	Rm a few unneeded variables	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	1f82b041e7	Adapt ecp_group_free() to static constants	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	73cc01d7fa	Remove last non-static parts of known EC groups	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	731d08b406	Start using constants from ROM for EC groups	2013-12-17 11:27:20 +01:00
Manuel Pégourié-Gonnard	c72ac7c3ef	Fix SSLv3 handling of SHA-384 suites Fixes memory corruption, introduced in `a5bdfcd` (Relax some SHA2 ciphersuite's version requirements)	2013-12-17 10:18:25 +01:00
Paul Bakker	fef3c5a652	Fixed typo in POLARSSL_PKCS1_V15 in rsa.c	2013-12-11 13:36:30 +01:00
Manuel Pégourié-Gonnard	93f41dbdfd	Fix possible issue in corner-case for ecp_mul_mx()	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	7a949d3f5b	Update comments	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	d962273594	Add #ifdef's for curve types	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	7c94d8bcab	WIP #ifdef's	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	b6f45a616c	Avoid potential leak in ecp_mul_mxz()	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	a60fe8943d	Add mpi_safe_cond_swap()	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	97871ef236	Some operations are not supported with Curve25519	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	3d7053a2bb	Add ecp_mod_p255(): Curve25519 about 4x faster now	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	357ff65a51	Details in ecp_mul_mxz()	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	fe0af405f9	Adapt ecp_gen_keypair() to Curve25519	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	9a4a5ac4de	Fix bug in mpi_set_bit	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	a0179b8c4a	Change ecp_mul to handle Curve25519 too	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	312d2e8ea2	Adapt key checking functions for Curve25519	2013-12-05 15:58:38 +01:00
Manuel Pégourié-Gonnard	661536677b	Add Curve25519 to known groups	2013-12-05 15:58:37 +01:00
Manuel Pégourié-Gonnard	3afa07f05b	Add coordinate randomization for Curve25519	2013-12-05 15:58:37 +01:00
Manuel Pégourié-Gonnard	d9ea82e7d9	Add basic arithmetic for Curve25519	2013-12-05 15:58:37 +01:00
Manuel Pégourié-Gonnard	3c0b4ea97e	Rename a few functions	2013-12-05 15:58:37 +01:00
Paul Bakker	498fd354c6	Added missing inline definition for other platforms to ecp_curves.c	2013-12-02 22:17:24 +01:00
Manuel Pégourié-Gonnard	d5e0fbe1a3	Remove now useless function	2013-12-02 17:20:39 +01:00
Manuel Pégourié-Gonnard	3ee90003c9	Make internal functions static again + cosmetics	2013-12-02 17:14:48 +01:00
Manuel Pégourié-Gonnard	9854fe986b	Convert curve constants to binary Makes source longer but resulting binary smaller	2013-12-02 17:07:30 +01:00
Manuel Pégourié-Gonnard	32b04c1237	Split ecp.c	2013-12-02 16:36:11 +01:00
Manuel Pégourié-Gonnard	43863eeffc	Declare internal variables static in ecp.c	2013-12-02 16:34:24 +01:00
Manuel Pégourié-Gonnard	d35e191434	Drop useless include in ecp.c	2013-12-02 16:34:24 +01:00
Paul Bakker	9dc53a9967	Merged client ciphersuite order preference option	2013-12-02 14:56:27 +01:00
Paul Bakker	014f143c2a	Merged EC key generation support	2013-12-02 14:55:09 +01:00
Paul Bakker	4040d7e95c	Merged more constant-time checking in RSA	2013-12-02 14:53:23 +01:00
Manuel Pégourié-Gonnard	1a9f2c7245	Add option to respect client ciphersuite order	2013-11-30 18:30:06 +01:00
Manuel Pégourié-Gonnard	011a8db2e7	Complete refactoring of ciphersuite choosing	2013-11-30 18:11:07 +01:00
Manuel Pégourié-Gonnard	3252560e68	Move some functions up	2013-11-30 17:50:32 +01:00
Manuel Pégourié-Gonnard	59b81d73b4	Refactor ciphersuite selection for version > 2	2013-11-30 17:46:04 +01:00
Manuel Pégourié-Gonnard	0267e3dc9b	Add ecp_curve_info_from_name()	2013-11-30 15:10:14 +01:00
Manuel Pégourié-Gonnard	104ee1d1f6	Add ecp_genkey(), prettier wrapper	2013-11-30 14:35:07 +01:00
Manuel Pégourié-Gonnard	27290daf3b	Check PKCS 1.5 padding in a more constant-time way (Avoid branches that depend on secret data.)	2013-11-30 13:36:53 +01:00
Manuel Pégourié-Gonnard	ab44d7ecc3	Check OAEP padding in a more constant-time way	2013-11-30 13:13:05 +01:00
Manuel Pégourié-Gonnard	a5cfc35db2	RSA-OAEP decrypt: reorganise code	2013-11-29 11:58:13 +01:00
Manuel Pégourié-Gonnard	5ad68e42e5	Mutex x509_crt_parse_path() when pthreads is used	2013-11-28 18:07:39 +01:00
Manuel Pégourié-Gonnard	964bf9b92f	Quit using readdir_r() Prone to buffer overflows on some platforms.	2013-11-28 18:07:39 +01:00
Paul Bakker	76f03118c4	Only compile with -Wmissing-declarations and -Wmissing-prototypes in library, not tests and programs	2013-11-28 17:20:04 +01:00
Paul Bakker	88cd22646c	Merged ciphersuite version improvements	2013-11-26 15:22:19 +01:00
Manuel Pégourié-Gonnard	da1ff38715	Don't accept CertificateRequest with PSK suites	2013-11-26 15:19:57 +01:00
Manuel Pégourié-Gonnard	dc953e8c41	Add missing defines/cases for RSA_PSK key exchange	2013-11-26 15:19:57 +01:00
Manuel Pégourié-Gonnard	c57b654a3e	Use t_uint rather than uintXX_t when appropriate	2013-11-26 15:19:56 +01:00
Paul Bakker	3209ce3692	Merged ECP improvements	2013-11-26 15:19:17 +01:00
Manuel Pégourié-Gonnard	20b9af7998	Fix min_version (TLS 1.0) for ECDHE-PSK suites	2013-11-26 14:31:44 +01:00
Manuel Pégourié-Gonnard	a5bdfcde53	Relax some SHA2 ciphersuite's version requirements Changed: - PSK ciphersuites (RFC 5487, section 3) - ECDHE-PSK ciphersuites (RFC 5489, section 3) - Additional Camellia ciphersuites (RFC 6367, sec 3.3) Unchanged: - all GCM ciphersuites - Camellia ciphersuites from RFC 5932 (sec. 3.3.2) - ECC-SHA2 ciphersuites from RFC 5289 (unclear) - SHA2 from RFC 5246 (TLS 1.2, no precision)	2013-11-26 13:59:43 +01:00
Manuel Pégourié-Gonnard	96c7a92b08	Change mpi_safe_cond_assign() for more const-ness	2013-11-25 18:28:53 +01:00
Paul Bakker	e4c71f0e11	Merged Prime generation improvements	2013-11-25 14:27:28 +01:00
Paul Bakker	45f457d872	Reverted API change for mpi_is_prime()	2013-11-25 14:26:52 +01:00
Paul Bakker	8fc30b178c	Various const fixes	2013-11-25 13:29:43 +01:00
Manuel Pégourié-Gonnard	ddf7615d49	gen_prime: check small primes early (3x speed-up)	2013-11-22 19:58:22 +01:00
Manuel Pégourié-Gonnard	378fb4b70a	Split mpi_is_prime() and make its first arg const	2013-11-22 19:40:32 +01:00
Manuel Pégourié-Gonnard	0160eacc82	gen_prime: ensure X = 2 mod 3 -> 2.5x speedup	2013-11-22 17:54:59 +01:00
Manuel Pégourié-Gonnard	711507a726	gen_prime: ensure X = 3 mod 4 always (2x speed-up)	2013-11-22 17:35:28 +01:00
Manuel Pégourié-Gonnard	3e3d2b818c	Fix bug in mpi_safe_cond_assign()	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	918148193d	Enhance ecp_selftest	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	d728350cee	Make memory access pattern constant	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	aade42fd88	Change method for making M odd in ecp_mul() - faster - avoids M >= N (if m = N-1 or N-2)	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	36daa13d76	Misc details	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	469a209334	Rm subtraction from ecp_add_mixed()	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	01fca5e882	Do point inversion without leaking information	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	71c2c21601	Add mpi_safe_cond_assign()	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	44aab79022	Update bibliographic references	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	7f762319ad	Use mpi_shrink() in ecp_precompute()	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	5868163e07	Add mpi_shrink()	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	e282012219	Spare some memory	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	edc1a1f482	Small code cleanups	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	ff27b7c968	Tighten ecp_mul() validity checks	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	09ceaf49d0	Rm multiplication using NAF Comb method is at most 1% slower for random points, and is way faster for fixed point (repeated).	2013-11-21 21:56:38 +01:00
Manuel Pégourié-Gonnard	04a0225388	Optimize w in the comb method	2013-11-21 21:56:37 +01:00
Manuel Pégourié-Gonnard	70c14372c6	Add coordinate randomization back	2013-11-21 21:56:37 +01:00
Manuel Pégourié-Gonnard	c30200e4ce	Fix bound issues	2013-11-21 21:56:37 +01:00
Manuel Pégourié-Gonnard	101a39f55f	Improve comb method (less precomputed points)	2013-11-21 21:56:37 +01:00
Manuel Pégourié-Gonnard	d1c1ba90ca	First version of ecp_mul_comb()	2013-11-21 21:56:20 +01:00
Paul Bakker	a9a028ebd0	SSL now gracefully handles missing RNG	2013-11-21 17:31:06 +01:00
Paul Bakker	f2b4d86452	Fixed X.509 hostname comparison (with non-regular characters) In situations with 'weird' certificate names or hostnames (containing non-western allowed names) the check would falsely report a name or wildcard match.	2013-11-21 17:30:23 +01:00
Steffan Karger	c245834bc4	Link against ZLIB when zlib is used Signed-off-by: Paul Bakker <p.j.bakker@polarssl.org>	2013-11-20 16:45:48 +01:00
Steffan Karger	28d81a009c	Fix pkcs11.c to conform to PolarSSL 1.3 API. This restores previous functionality, and thus still allows only RSA to be used through PKCS#11. Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Signed-off-by: Paul Bakker <p.j.bakker@polarssl.org>	2013-11-20 16:13:27 +01:00
Paul Bakker	08b028ff0f	Prevent unlikely NULL dereference	2013-11-19 10:42:37 +01:00
Paul Bakker	b076314ff8	Makefile now produces a .so.X with SOVERSION in it	2013-11-05 11:27:12 +01:00
Paul Bakker	f4dc186818	Prep for PolarSSL 1.3.2	2013-11-04 17:29:42 +01:00
Paul Bakker	0333b978fa	Handshake key_cert should be set on first addition to the key_cert chain	2013-11-04 17:08:28 +01:00
Paul Bakker	993e386a73	Merged renegotiation refactoring	2013-10-31 14:32:38 +01:00
Paul Bakker	37ce0ff185	Added defines around renegotiation code for SSL_SRV and SSL_CLI	2013-10-31 14:32:04 +01:00
Manuel Pégourié-Gonnard	31ff1d2e4f	Safer buffer comparisons in the SSL modules	2013-10-31 14:23:12 +01:00
Manuel Pégourié-Gonnard	6d8404d6ba	Server: enforce renegotiation	2013-10-30 16:48:10 +01:00
Manuel Pégourié-Gonnard	9c1e1898b6	Move some code around, improve documentation	2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard	214eed38c7	Make ssl_renegotiate the only interface ssl_write_hello_request() is no private	2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard	caed0541a0	Allow ssl_renegotiate() to be called in a loop Previously broken if waiting for network I/O in the middle of a re-handshake initiated by the client.	2013-10-30 16:48:09 +01:00
Manuel Pégourié-Gonnard	e5e1bb972c	Fix misplaced initialisation	2013-10-30 16:46:46 +01:00
Manuel Pégourié-Gonnard	f3dc2f6a1d	Add code for testing server-initiated renegotiation	2013-10-30 16:46:46 +01:00
Paul Bakker	0d7702c3ee	Minor change that makes life easier for static analyzers / compilers	2013-10-29 16:18:35 +01:00
Paul Bakker	6edcd41c0a	Addition conditions for UEFI environment under MSVC	2013-10-29 15:44:13 +01:00
Paul Bakker	7b0be68977	Support for serialNumber, postalAddress and postalCode in X509 names	2013-10-29 14:24:37 +01:00
Paul Bakker	fa6a620b75	Defines for UEFI environment under MSVC added	2013-10-29 14:05:38 +01:00
Manuel Pégourié-Gonnard	178d9bac3c	Fix ECDSA corner case: missing reduction mod N No security issue, can cause valid signatures to be rejected. Reported by DualTachyon on github.	2013-10-29 13:40:17 +01:00
Paul Bakker	60b1d10131	Fixed spelling / typos (from PowerDNS:codespell)	2013-10-29 10:02:51 +01:00
Paul Bakker	50dc850c52	Const correctness	2013-10-28 21:19:10 +01:00
Paul Bakker	6a6087e71d	Added missing inline definition for MSCV and ARM environments	2013-10-28 18:53:08 +01:00
Paul Bakker	7bc745b6a1	Merged constant-time padding checks	2013-10-28 14:40:26 +01:00
Paul Bakker	1642122f8b	Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer	2013-10-28 14:38:35 +01:00
Paul Bakker	3f917e230d	Merged optimizations for MODP NIST curves	2013-10-28 14:18:26 +01:00
Manuel Pégourié-Gonnard	1001e32d6f	Fix return value of ecdsa_from_keypair()	2013-10-28 14:01:08 +01:00
Manuel Pégourié-Gonnard	21ef42f257	Don't select a PSK ciphersuite if no key available	2013-10-28 14:00:45 +01:00
Manuel Pégourié-Gonnard	3daaf3d21d	X509 key identifiers depend on SHA1	2013-10-28 13:58:32 +01:00
Paul Bakker	45a2c8d99a	Prevent possible alignment warnings on casting from char * to 'aligned *'	2013-10-28 12:57:08 +01:00
Paul Bakker	677377f472	Server does not send out extensions not advertised by client	2013-10-28 12:54:26 +01:00
Manuel Pégourié-Gonnard	e68bf171eb	Make get_zeros_padding() constant-time	2013-10-27 18:26:39 +01:00
Manuel Pégourié-Gonnard	6c32990114	Make get_one_and_zeros_padding() constant-time	2013-10-27 18:25:03 +01:00
Manuel Pégourié-Gonnard	d17df51277	Make get_zeros_and_len_padding() constant-time	2013-10-27 17:32:43 +01:00
Manuel Pégourié-Gonnard	f8ab069d6a	Make get_pkcs_padding() constant-time	2013-10-27 17:25:57 +01:00
Manuel Pégourié-Gonnard	a8a25ae1b9	Fix bad error codes	2013-10-27 13:48:15 +01:00
Manuel Pégourié-Gonnard	7109624aef	Skip MAC computation/check when GCM is used	2013-10-25 19:31:25 +02:00
Manuel Pégourié-Gonnard	8866591cc5	Don't special-case NULL cipher in ssl_tls.c	2013-10-25 18:42:44 +02:00
Manuel Pégourié-Gonnard	126a66f668	Simplify switching on mode in ssl_tls.c	2013-10-25 18:33:32 +02:00
Manuel Pégourié-Gonnard	98d9a2c061	Fix missing or wrong ciphersuite definitions	2013-10-25 18:03:18 +02:00
Manuel Pégourié-Gonnard	6fb0f745be	Rank GCM before CBC in ciphersuite_preference	2013-10-25 17:08:15 +02:00
Manuel Pégourié-Gonnard	8d01eea7af	Add Camellia-GCM ciphersuites	2013-10-25 16:46:05 +02:00
Manuel Pégourié-Gonnard	e0dca4ad78	Cipher layer: check iv_len more carefully	2013-10-24 17:03:39 +02:00
Manuel Pégourié-Gonnard	dae7093875	gcm_selftest depends on AES	2013-10-24 15:06:33 +02:00
Manuel Pégourié-Gonnard	87181d1deb	Add Camellia-GCM to th cipher layer	2013-10-24 14:02:40 +02:00
Manuel Pégourié-Gonnard	13e0d449f7	Add Camellia-GCM test vectors https://tools.ietf.org/html/draft-kato-ipsec-camellia-gcm-03#section-4	2013-10-24 13:24:25 +02:00
Manuel Pégourié-Gonnard	9fcceac943	Add a comment about modules coupling	2013-10-23 20:56:12 +02:00
Manuel Pégourié-Gonnard	b21c81fb41	Use less memory in fix_negative()	2013-10-23 20:45:04 +02:00
Manuel Pégourié-Gonnard	cae6f3ed45	Reorganize code in ecp.c	2013-10-23 20:19:57 +02:00
Manuel Pégourié-Gonnard	5779cbe582	Make mod_p{224,256,384] a bit faster Speedup is roughly 25%, giving a 6% speedup on ecp_mul() for these curves.	2013-10-23 20:17:00 +02:00
Manuel Pégourié-Gonnard	c04c530a98	Make NIST curves optimisation an option	2013-10-23 16:11:52 +02:00
Manuel Pégourié-Gonnard	0f9149cb0a	Add mod_p384	2013-10-23 15:06:37 +02:00
Manuel Pégourié-Gonnard	ec655c908c	Add mod_p256	2013-10-23 14:50:39 +02:00
Manuel Pégourié-Gonnard	210b458ddc	Document and slightly reorganize mod_pXXX	2013-10-23 14:27:58 +02:00
Manuel Pégourié-Gonnard	2a08c0debc	mod_p224 now working with 8-bit and 16-bit ints	2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard	a47e7058ea	mod_p224 now endian-neutral	2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard	e783f06f73	Start working on mod_p224 (Prototype, works only on 32-bit and little-endian 64-bit.)	2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard	cc67aee9c8	Make ecp_mod_p521 a bit faster	2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard	c9e387ca9e	Optimize ecp_modp() Makes it 22% faster, for a 5% gain on ecp_mul()	2013-10-23 13:24:55 +02:00
Manuel Pégourié-Gonnard	d1e7a45fdd	Rework ecp_mod_p192() On x86_64, this makes it 5x faster, and ecp_mul() 17% faster for this curve. The code is shorter too.	2013-10-23 13:24:55 +02:00

... 17 18 19 20 21 ...

2788 commits