Commit graph

250 commits

Author SHA1 Message Date
Paul Bakker c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker 1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker f34cf85534 - Fixed too restrictive test 2012-04-10 07:48:40 +00:00
Paul Bakker 96d42da8fe - Removed debug value 2012-04-05 13:22:07 +00:00
Paul Bakker c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker 452d532955 - Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST) 2012-04-05 12:07:34 +00:00
Paul Bakker 6126481796 - Added compat for sun in net.c 2012-04-03 07:54:30 +00:00
Paul Bakker 56a7684023 - Added alternative for SHA1 signature structure to check for (without NULL) 2012-03-22 15:31:27 +00:00
Paul Bakker 0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker f9169629c9 - Removed unused variables 2012-03-20 15:05:51 +00:00
Paul Bakker 89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker b6ad62dd21 - Added missing x509write.c 2012-03-20 13:41:33 +00:00
Paul Bakker 02f61692ef - Removed trailing char 2012-03-15 10:54:25 +00:00
Paul Bakker f654371b2b - Only include dependencies when required 2012-03-05 14:01:29 +00:00
Paul Bakker ad8d354a1a - Updated RFC ref 2012-02-16 15:28:14 +00:00
Paul Bakker 3cac5e012b - x509_write_cert_req() now supports all available hash functions 2012-02-16 14:08:06 +00:00
Paul Bakker 058881547f - Certificate Requests written now have the Email address written in IA5String 2012-02-16 10:26:57 +00:00
Paul Bakker bdb912db69 - Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker 048d04ef4b - AES code only check for Padlock once 2012-02-12 17:31:04 +00:00
Paul Bakker 39dfdaca8f - Fixed mpi_fill_random() to fill and create right size MPI 2012-02-12 17:17:27 +00:00
Paul Bakker 8afa70dcd5 - Clean Subject Alternative Name data 2012-02-11 18:42:45 +00:00
Paul Bakker 57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker 1504af585c - Removed redundant POLARSSL_DEBUG_MSG define 2012-02-11 16:17:43 +00:00
Paul Bakker a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker 3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker 17caec12af - Changed back statement 2012-01-22 20:37:32 +00:00
Paul Bakker e88186d2ff - Fixed selftest for CTR_DRBG 2012-01-22 20:29:47 +00:00
Paul Bakker cf0360a14e - Fixed compiler error on 64-bit systems not using GCC
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
2012-01-20 10:08:14 +00:00
Paul Bakker ec1b9842c4 - Fixed type of length in get_pkcs_padding() 2012-01-14 18:24:43 +00:00
Paul Bakker 87e5cdad5b - Fixed warning for t if no debugging defined 2012-01-14 18:14:15 +00:00
Paul Bakker ed375caa3b - Fixed signed status of ret 2012-01-14 18:10:38 +00:00
Paul Bakker 8913f82c26 - Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared 2012-01-14 18:07:41 +00:00
Paul Bakker b15b851d6d - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) 2012-01-13 13:44:06 +00:00
Paul Bakker 394c56f854 - Support for FreeBSD _SOCKLEN_T_DECLARED 2011-12-20 12:19:03 +00:00
Paul Bakker 43655f46b0 - Added option to prevent default entropy sources from loading (POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) 2011-12-15 20:11:16 +00:00
Paul Bakker 28c7e7f6fa - Added HAVEGE as a default entropy source 2011-12-15 19:49:30 +00:00
Paul Bakker b1dee1cfd2 - Changed commands to lowercase where it was not the case 2011-12-11 11:29:51 +00:00
Paul Bakker 55d3fd9aff - Enlarged maximum size of DHM a client accepts to 512 bytes 2011-12-11 11:13:05 +00:00
Paul Bakker 69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker 18d32911c0 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work 2011-12-10 21:42:49 +00:00
Paul Bakker bd4a9d0cda - Changed entropy accumulator to have per-source thresholds 2011-12-10 17:02:19 +00:00
Paul Bakker c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker 9304880e8a - Fixed correct printing of serial number '00' 2011-12-05 14:38:06 +00:00
Paul Bakker c8ffbe7706 - Corrected removal of leading '00:' in printing serial numbers in certificates and CRLs 2011-12-05 14:22:49 +00:00
Paul Bakker 6bcfc67cd2 - Prevented warning from unused parameter data 2011-12-05 13:54:00 +00:00
Paul Bakker fc754a9178 - Addedd writing and updating of seedfiles as functions to CTR_DRBG 2011-12-05 13:23:51 +00:00
Paul Bakker 1c70d409ad - Added better handling of missing session struct 2011-12-04 22:30:17 +00:00
Paul Bakker 4f229e5d83 - Fixed define for Windows time functions 2011-12-04 22:11:35 +00:00
Paul Bakker 4f5ae803fa - Fixed MS Visual C++ name clash with int64 in sha4.h 2011-12-04 22:10:28 +00:00