Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								be4e7dca08 
								
							 
						 
						
							
							
								
								- Debug print of MPI now removes leading zero octets and displays actual bit size of the value  
							
							
							
						 
						
							2011-03-14 20:41:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9dcc32236b 
								
							 
						 
						
							
							
								
								- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)  
							
							
							
						 
						
							2011-03-08 14:16:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								fea43a2501 
								
							 
						 
						
							
							
								
								- Re-added removed dhm test values  
							
							
							
						 
						
							2011-03-08 13:58:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								646f65c9bd 
								
							 
						 
						
							
							
								
								- Fixed faulty test server key  
							
							
							
						 
						
							2011-03-02 14:47:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								345a6fee91 
								
							 
						 
						
							
							
								
								- Replaced function that fixes man-in-the-middle attack  
							
							... 
							
							
							
							- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3 
							
						 
						
							2011-02-28 21:20:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5a1494fb30 
								
							 
						 
						
							
							
								
								- Added pem to library  
							
							
							
						 
						
							2011-02-25 09:48:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1946e42dd4 
								
							 
						 
						
							
							
								
								- Made ready for 0.99-pre2 release  
							
							
							
						 
						
							2011-02-25 09:39:39 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								c47840efd5 
								
							 
						 
						
							
							
								
								- Updated sanity checks  
							
							
							
						 
						
							2011-02-20 16:37:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								e2a39cc0fa 
								
							 
						 
						
							
							
								
								-  Do not bail out if no client certificate specified. Try to negotiate anonymous connection (Fixes ticket  #12 )  
							
							
							
						 
						
							2011-02-20 13:49:27 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9e7606fcd8 
								
							 
						 
						
							
							
								
								- Updated certificates for new test versions  
							
							
							
						 
						
							2011-02-20 13:34:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								400ff6f0fd 
								
							 
						 
						
							
							
								
								- Corrected parsing of UTCTime dates before 1990 and after 1950  
							
							... 
							
							
							
							- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates 
							
						 
						
							2011-02-20 10:40:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								96743fc5f5 
								
							 
						 
						
							
							
								
								- Parsing of PEM files moved to separate module (Fixes ticket  #13 ). Also possible to remove PEM support for systems only using DER encoding  
							
							... 
							
							
							
							- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5 )
 - Added tests for encrypted keyfiles 
							
						 
						
							2011-02-12 14:30:57 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								46eb13828e 
								
							 
						 
						
							
							
								
								- Makefiles now respect external CFLAGS and LDFLAGS. Closes ticket  #2  
							
							
							
						 
						
							2011-01-30 17:10:13 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								cdf07e9979 
								
							 
						 
						
							
							
								
								- Information about missing or non-verified client certificate is not provided as well.  
							
							
							
						 
						
							2011-01-30 17:05:13 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9fc4659b30 
								
							 
						 
						
							
							
								
								- Preparing for Release of 0.99 prerelease 1  
							
							
							
						 
						
							2011-01-30 16:59:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								e3166ce040 
								
							 
						 
						
							
							
								
								- Renamed ciphers member of ssl_context and cipher member of ssl_session to ciphersuites and ciphersuite respectively. This clarifies the difference with the generic cipher layer and is better naming altogether  
							
							... 
							
							
							
							- Adapted in the rest of using code as well 
							
						 
						
							2011-01-27 17:40:50 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								dbee2cad7d 
								
							 
						 
						
							
							
								
								- Removed application code from library source file  
							
							
							
						 
						
							2011-01-27 16:38:52 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								f3b86c1e62 
								
							 
						 
						
							
							
								
								- Updated Doxygen documentation generation and documentation on small parts  
							
							
							
						 
						
							2011-01-27 15:24:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								562535d11b 
								
							 
						 
						
							
							
								
								- Split current md_starts() and md_hmac_starts() functionality into separate md_init_ctx() for allocating the context and the existing starts() functions to initialize the message digest for use.  
							
							
							
						 
						
							2011-01-20 16:42:01 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a885d6835f 
								
							 
						 
						
							
							
								
								- Require different input and output buffer in cipher_update()  
							
							... 
							
							
							
							- Fixed style typos 
							
						 
						
							2011-01-20 16:35:05 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								e9426948fa 
								
							 
						 
						
							
							
								
								- Added extra compiler warnings by default  
							
							
							
						 
						
							2011-01-18 16:28:42 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b06819bb5d 
								
							 
						 
						
							
							
								
								- Adapted CMake files for the PKCS#11 support  
							
							
							
						 
						
							2011-01-18 16:18:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d61e7d98cb 
								
							 
						 
						
							
							
								
								- Cleaned up warning-generating code  
							
							
							
						 
						
							2011-01-18 16:17:47 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								43b7e35b25 
								
							 
						 
						
							
							
								
								- Support for PKCS#11 through the use of the pkcs11-helper library  
							
							
							
						 
						
							2011-01-18 15:27:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0f5f72e949 
								
							 
						 
						
							
							
								
								- Fixed doxygen syntax to standard '\' instead of '@'  
							
							
							
						 
						
							2011-01-18 14:58:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3cccddb238 
								
							 
						 
						
							
							
								
								- Fixed identification of non-critical CA certificates  
							
							
							
						 
						
							2011-01-16 21:46:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b619499eb3 
								
							 
						 
						
							
							
								
								- x509parse_time_expired() checks time now in addition to the existing date check  
							
							
							
						 
						
							2011-01-16 21:40:22 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a056efc8f9 
								
							 
						 
						
							
							
								
								- Fixed serial length check  
							
							
							
						 
						
							2011-01-16 21:38:35 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								dd47699ba5 
								
							 
						 
						
							
							
								
								- Moved storing of a printable serial into a separate function  
							
							
							
						 
						
							2011-01-16 21:34:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								72f6266f02 
								
							 
						 
						
							
							
								
								- Improved information provided about current Hashing, Cipher and Suite capabilities  
							
							
							
						 
						
							2011-01-16 21:27:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								76fd75a3de 
								
							 
						 
						
							
							
								
								- Improved certificate validation and validation against the available CRLs  
							
							
							
						 
						
							2011-01-16 21:12:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								43ca69c38a 
								
							 
						 
						
							
							
								
								- Added function for stringified SSL/TLS version  
							
							
							
						 
						
							2011-01-15 17:35:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f87fb6896 
								
							 
						 
						
							
							
								
								- Support for DES weak keys and parity bits added  
							
							
							
						 
						
							2011-01-15 17:32:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								74111d30b7 
								
							 
						 
						
							
							
								
								- Improved X509 certificate parsing to include extended certificate fields, such as Key Usage  
							
							
							
						 
						
							2011-01-15 16:57:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b63b0afc05 
								
							 
						 
						
							
							
								
								- Added verification callback in certificate verification chain in order to allow external blacklisting  
							
							
							
						 
						
							2011-01-13 17:54:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1b57b06751 
								
							 
						 
						
							
							
								
								- Added reading of DHM context from memory and file  
							
							
							
						 
						
							2011-01-06 15:48:19 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8123e9d8f1 
								
							 
						 
						
							
							
								
								- Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT)  
							
							
							
						 
						
							2011-01-06 15:37:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								6d46812123 
								
							 
						 
						
							
							
								
								- Fixed typo  
							
							
							
						 
						
							2011-01-06 15:35:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1737385e04 
								
							 
						 
						
							
							
								
								- Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT)  
							
							
							
						 
						
							2011-01-06 14:20:01 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b94081bfc1 
								
							 
						 
						
							
							
								
								- Make A only smaller if it is larger than |X| - 1  
							
							
							
						 
						
							2011-01-05 15:53:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9d3a7e4188 
								
							 
						 
						
							
							
								
								- Added CMake option USE_SHARED_POLARSSL_LIBRARY to allow for building of shared PolarSSL library  
							
							
							
						 
						
							2011-01-05 15:24:43 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								547f73d66f 
								
							 
						 
						
							
							
								
								- Added install targets to the CMake files  
							
							
							
						 
						
							2011-01-05 15:07:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								21eb2802fe 
								
							 
						 
						
							
							
								
								- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.  
							
							... 
							
							
							
							Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily. 
							
						 
						
							2010-08-16 11:10:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								61c324bbdd 
								
							 
						 
						
							
							
								
								- Enabled TLSv1.1 support in server as well  
							
							
							
						 
						
							2010-07-29 21:09:03 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2e11f7d966 
								
							 
						 
						
							
							
								
								- Added support for TLS v1.1  
							
							... 
							
							
							
							- Renamed some SSL defines to prevent future naming confusion 
							
						 
						
							2010-07-25 14:24:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b96f154e51 
								
							 
						 
						
							
							
								
								- Fixed copyright message  
							
							
							
						 
						
							2010-07-18 20:36:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								84f12b76fc 
								
							 
						 
						
							
							
								
								- Updated Copyright to correct entity  
							
							
							
						 
						
							2010-07-18 10:13:04 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								ff7fe670bb 
								
							 
						 
						
							
							
								
								- Minor DHM code cleanup/comments  
							
							
							
						 
						
							2010-07-18 09:45:05 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								545570e208 
								
							 
						 
						
							
							
								
								- Added initialization for RSA where needed  
							
							
							
						 
						
							2010-07-18 09:00:25 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b572adf5e6 
								
							 
						 
						
							
							
								
								- Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context  
							
							... 
							
							
							
							- Expanded ssl_client2 arguments for more flexibility
 - rsa_check_private() now supports PKCS1v2 keys as well
 - Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator 
							
						 
						
							2010-07-18 08:29:32 +00:00