Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b06819bb5d 
								
							 
						 
						
							
							
								
								- Adapted CMake files for the PKCS#11 support  
							
							
							
						 
						
							2011-01-18 16:18:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d61e7d98cb 
								
							 
						 
						
							
							
								
								- Cleaned up warning-generating code  
							
							
							
						 
						
							2011-01-18 16:17:47 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								43b7e35b25 
								
							 
						 
						
							
							
								
								- Support for PKCS#11 through the use of the pkcs11-helper library  
							
							
							
						 
						
							2011-01-18 15:27:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0f5f72e949 
								
							 
						 
						
							
							
								
								- Fixed doxygen syntax to standard '\' instead of '@'  
							
							
							
						 
						
							2011-01-18 14:58:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3cccddb238 
								
							 
						 
						
							
							
								
								- Fixed identification of non-critical CA certificates  
							
							
							
						 
						
							2011-01-16 21:46:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b619499eb3 
								
							 
						 
						
							
							
								
								- x509parse_time_expired() checks time now in addition to the existing date check  
							
							
							
						 
						
							2011-01-16 21:40:22 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a056efc8f9 
								
							 
						 
						
							
							
								
								- Fixed serial length check  
							
							
							
						 
						
							2011-01-16 21:38:35 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								dd47699ba5 
								
							 
						 
						
							
							
								
								- Moved storing of a printable serial into a separate function  
							
							
							
						 
						
							2011-01-16 21:34:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								72f6266f02 
								
							 
						 
						
							
							
								
								- Improved information provided about current Hashing, Cipher and Suite capabilities  
							
							
							
						 
						
							2011-01-16 21:27:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								76fd75a3de 
								
							 
						 
						
							
							
								
								- Improved certificate validation and validation against the available CRLs  
							
							
							
						 
						
							2011-01-16 21:12:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								43ca69c38a 
								
							 
						 
						
							
							
								
								- Added function for stringified SSL/TLS version  
							
							
							
						 
						
							2011-01-15 17:35:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f87fb6896 
								
							 
						 
						
							
							
								
								- Support for DES weak keys and parity bits added  
							
							
							
						 
						
							2011-01-15 17:32:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								74111d30b7 
								
							 
						 
						
							
							
								
								- Improved X509 certificate parsing to include extended certificate fields, such as Key Usage  
							
							
							
						 
						
							2011-01-15 16:57:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b63b0afc05 
								
							 
						 
						
							
							
								
								- Added verification callback in certificate verification chain in order to allow external blacklisting  
							
							
							
						 
						
							2011-01-13 17:54:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1b57b06751 
								
							 
						 
						
							
							
								
								- Added reading of DHM context from memory and file  
							
							
							
						 
						
							2011-01-06 15:48:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8123e9d8f1 
								
							 
						 
						
							
							
								
								- Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT)  
							
							
							
						 
						
							2011-01-06 15:37:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								6d46812123 
								
							 
						 
						
							
							
								
								- Fixed typo  
							
							
							
						 
						
							2011-01-06 15:35:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1737385e04 
								
							 
						 
						
							
							
								
								- Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT)  
							
							
							
						 
						
							2011-01-06 14:20:01 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b94081bfc1 
								
							 
						 
						
							
							
								
								- Make A only smaller if it is larger than |X| - 1  
							
							
							
						 
						
							2011-01-05 15:53:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9d3a7e4188 
								
							 
						 
						
							
							
								
								- Added CMake option USE_SHARED_POLARSSL_LIBRARY to allow for building of shared PolarSSL library  
							
							
							
						 
						
							2011-01-05 15:24:43 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								547f73d66f 
								
							 
						 
						
							
							
								
								- Added install targets to the CMake files  
							
							
							
						 
						
							2011-01-05 15:07:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								21eb2802fe 
								
							 
						 
						
							
							
								
								- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.  
							
							... 
							
							
							
							Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily. 
							
						 
						
							2010-08-16 11:10:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								61c324bbdd 
								
							 
						 
						
							
							
								
								- Enabled TLSv1.1 support in server as well  
							
							
							
						 
						
							2010-07-29 21:09:03 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2e11f7d966 
								
							 
						 
						
							
							
								
								- Added support for TLS v1.1  
							
							... 
							
							
							
							- Renamed some SSL defines to prevent future naming confusion 
							
						 
						
							2010-07-25 14:24:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b96f154e51 
								
							 
						 
						
							
							
								
								- Fixed copyright message  
							
							
							
						 
						
							2010-07-18 20:36:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								84f12b76fc 
								
							 
						 
						
							
							
								
								- Updated Copyright to correct entity  
							
							
							
						 
						
							2010-07-18 10:13:04 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ff7fe670bb 
								
							 
						 
						
							
							
								
								- Minor DHM code cleanup/comments  
							
							
							
						 
						
							2010-07-18 09:45:05 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								545570e208 
								
							 
						 
						
							
							
								
								- Added initialization for RSA where needed  
							
							
							
						 
						
							2010-07-18 09:00:25 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b572adf5e6 
								
							 
						 
						
							
							
								
								- Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context  
							
							... 
							
							
							
							- Expanded ssl_client2 arguments for more flexibility
 - rsa_check_private() now supports PKCS1v2 keys as well
 - Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator 
							
						 
						
							2010-07-18 08:29:32 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								08f3c30547 
								
							 
						 
						
							
							
								
								- Enlarged buffer to allow better debugging.  
							
							
							
						 
						
							2010-07-08 06:54:25 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3ac1b2d952 
								
							 
						 
						
							
							
								
								- Added runtime and compiletime version information  
							
							
							
						 
						
							2010-06-18 22:47:29 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								77a43580da 
								
							 
						 
						
							
							
								
								- Added support for the  SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites  
							
							
							
						 
						
							2010-06-15 21:32:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								699fbbcf29 
								
							 
						 
						
							
							
								
								- Added missing const fixes  
							
							
							
						 
						
							2010-03-24 07:15:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								57b7914445 
								
							 
						 
						
							
							
								
								- String peer_cn in ssl context made const as well.  
							
							
							
						 
						
							2010-03-24 06:51:15 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ad7eca201d 
								
							 
						 
						
							
							
								
								- Reverted Makefile (Unmerged CMake fault)  
							
							
							
						 
						
							2010-03-24 06:46:47 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2908713af1 
								
							 
						 
						
							
							
								
								- Corrected behaviour  
							
							
							
						 
						
							2010-03-21 21:03:34 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								fc8c4360b8 
								
							 
						 
						
							
							
								
								- Updated copyright line to 2010  
							
							
							
						 
						
							2010-03-21 17:37:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f3c39c194 
								
							 
						 
						
							
							
								
								- Removed copyright line for Christophe Devine for clarity  
							
							
							
						 
						
							2010-03-21 17:30:05 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								7d3b661bfe 
								
							 
						 
						
							
							
								
								- Added reset functionality for HMAC context. Speed-up for some use-cases.  
							
							
							
						 
						
							2010-03-21 16:23:13 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								baad6504d4 
								
							 
						 
						
							
							
								
								- Changed ARC4 to use seperate input/output buffer  
							
							
							
						 
						
							2010-03-21 15:42:15 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								f3ccc68100 
								
							 
						 
						
							
							
								
								- Fixed cipher interface for encrypt/decrypt functions  
							
							
							
						 
						
							2010-03-18 21:21:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								27d661657b 
								
							 
						 
						
							
							
								
								- Added x509_get_sig_alg() to allow easy future X509 signature algorithm determination expansion  
							
							
							
						 
						
							2010-03-17 06:56:01 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								41d13f4af8 
								
							 
						 
						
							
							
								
								- Found algorithmic bug in mpi_is_prime()  
							
							
							
						 
						
							2010-03-16 21:26:36 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								4ed999c4b2 
								
							 
						 
						
							
							
								
								- Added fixes for compiler warnings on a Mac  
							
							
							
						 
						
							2010-03-16 21:16:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ff60ee6c2a 
								
							 
						 
						
							
							
								
								- Added const-correctness to main codebase  
							
							
							
						 
						
							2010-03-16 21:09:09 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9120018f3d 
								
							 
						 
						
							
							
								
								- Added support for GeneralizedTime in X509 certificates  
							
							
							
						 
						
							2010-02-18 21:26:15 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f76115340 
								
							 
						 
						
							
							
								
								- Fixed bug resulting in failure to send the last certificate in the chain in ssl_write_certificate() and ssl_write_certificate_request()  
							
							
							
						 
						
							2010-02-18 18:16:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								fe1aea7877 
								
							 
						 
						
							
							
								
								- Fixed typo in MD4 define  
							
							
							
						 
						
							2009-10-03 20:09:14 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								de4d2eae95 
								
							 
						 
						
							
							
								
								- Added handling of missing POLARSSL_MD5_C define and POLARSSL_SHA1_c define  
							
							
							
						 
						
							2009-10-03 19:58:52 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								77b385e91a 
								
							 
						 
						
							
							
								
								- Updated copyright messages on all relevant files  
							
							
							
						 
						
							2009-07-28 17:23:11 +00:00