Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								de9b363fbd 
								
							 
						 
						
							
							
								
								Merge branch mbedtls-1.3 into development  
							
							... 
							
							
							
							* commit '95f0089':
  Update Changelog for DH params
  Add test case for dh params with privateValueLength
  accept PKCS#3 DH parameters with privateValueLength included
Conflicts:
	library/dhm.c 
							
						 
						
							2015-04-17 20:07:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Daniel Kahn Gillmor 
							
						 
						
							
							
							
							
								
							
							
								2ed81733a6 
								
							 
						 
						
							
							
								
								accept PKCS#3 DH parameters with privateValueLength included  
							
							... 
							
							
							
							library/dhm.c: accept (and ignore) optional privateValueLength for
PKCS#3 DH parameters.
PKCS#3 defines the ASN.1 encoding of a DH parameter set like this:
----------------
DHParameter ::= SEQUENCE {
  prime INTEGER, -- p
  base INTEGER, -- g
  privateValueLength INTEGER OPTIONAL }
The fields of type DHParameter have the following meanings:
     o    prime is the prime p.
     o    base is the base g.
     o    privateValueLength is the optional private-value
          length l.
----------------
See: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc
This optional parameter was added in PKCS#3 version 1.4, released
November 1, 1993.
dhm.c currently doesn't cope well with PKCS#3 files that have this
optional final parameter included. i see errors like:
------------
dhm_parse_dhmfile returned -0x33E6
Last error was: -0x33E6 - DHM - The ASN.1 data is not formatted correctly : ASN1 - Actual length differs from expected lengt
------------
You can generate PKCS#3 files with this final parameter with recent
versions of certtool from GnuTLS:
 certtool --generate-dh-params > dh.pem 
							
						 
						
							2015-04-15 13:27:13 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2cf5a7c98e 
								
							 
						 
						
							
							
								
								The Great Renaming  
							
							... 
							
							
							
							A simple execution of tmp/invoke-rename.pl 
							
						 
						
							2015-04-08 13:25:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								998930ae0d 
								
							 
						 
						
							
							
								
								Replace non-ascii characters in source files  
							
							
							
						 
						
							2015-04-03 13:48:06 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7f8099773e 
								
							 
						 
						
							
							
								
								Rename include directory to mbedtls  
							
							
							
						 
						
							2015-03-10 11:23:56 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fe44643b0e 
								
							 
						 
						
							
							
								
								Rename website and repository  
							
							
							
						 
						
							2015-03-06 13:17:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								981732bb8e 
								
							 
						 
						
							
							
								
								Fix missing/misplaced #include's  
							
							
							
						 
						
							2015-02-17 15:47:31 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Mansour Moufid 
							
						 
						
							
							
							
							
								
							
							
								c531b4af3c 
								
							 
						 
						
							
							
								
								Apply the semantic patch rm-malloc-cast.cocci.  
							
							... 
							
							
							
							for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done 
							
						 
						
							2015-02-16 10:43:52 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Rich Evans 
							
						 
						
							
							
							
							
								
							
							
								00ab47026b 
								
							 
						 
						
							
							
								
								cleanup library and some basic tests. Includes, add guards to includes  
							
							
							
						 
						
							2015-02-10 11:28:46 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								860b51642d 
								
							 
						 
						
							
							
								
								Fix url again  
							
							
							
						 
						
							2015-01-28 17:12:07 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								085ab040aa 
								
							 
						 
						
							
							
								
								Fix website url to use https.  
							
							
							
						 
						
							2015-01-23 11:06:27 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								9698f5852c 
								
							 
						 
						
							
							
								
								Remove maintainer line.  
							
							
							
						 
						
							2015-01-23 10:59:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								19f6b5dfaa 
								
							 
						 
						
							
							
								
								Remove redundant "all rights reserved"  
							
							
							
						 
						
							2015-01-23 10:54:00 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								a658a4051b 
								
							 
						 
						
							
							
								
								Update copyright  
							
							
							
						 
						
							2015-01-23 09:55:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								967a2a5f8c 
								
							 
						 
						
							
							
								
								Change name to mbed TLS in the copyright notice  
							
							
							
						 
						
							2015-01-22 14:28:16 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b196fc23b1 
								
							 
						 
						
							
							
								
								Fix dhm_selftest() return value  
							
							
							
						 
						
							2014-07-09 16:53:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8f870b047c 
								
							 
						 
						
							
							
								
								Add dhm_init()  
							
							
							
						 
						
							2014-07-09 10:19:23 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								66d5d076f7 
								
							 
						 
						
							
							
								
								Fix formatting in various code to match spacing from coding style  
							
							
							
						 
						
							2014-06-17 17:06:47 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3461772559 
								
							 
						 
						
							
							
								
								Introduce polarssl_zeroize() instead of memset() for zeroization  
							
							
							
						 
						
							2014-06-14 16:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b9e4e2c97a 
								
							 
						 
						
							
							
								
								Fix formatting: fix some 'easy' > 80 length lines  
							
							
							
						 
						
							2014-05-01 14:18:25 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9af723cee7 
								
							 
						 
						
							
							
								
								Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
							
							
							
						 
						
							2014-05-01 13:03:14 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								cef4ad2509 
								
							 
						 
						
							
							
								
								Adapt sources to configurable config.h name  
							
							
							
						 
						
							2014-04-30 16:40:20 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3d8fb63e11 
								
							 
						 
						
							
							
								
								Added missing MPI_CHK around mpi functions  
							
							
							
						 
						
							2014-04-17 12:42:41 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3fec220a33 
								
							 
						 
						
							
							
								
								Add test for dhm_parse_dhmfile  
							
							
							
						 
						
							2014-04-04 16:42:44 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								648656a628 
								
							 
						 
						
							
							
								
								Fix error code in dhm_selftest()  
							
							
							
						 
						
							2014-03-13 19:25:06 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								7dc4c44267 
								
							 
						 
						
							
							
								
								Library files moved to use platform layer  
							
							
							
						 
						
							2014-02-06 13:20:16 +01:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								d61cc3b246 
								
							 
						 
						
							
							
								
								Possible naming collision in dhm_context  
							
							
							
						 
						
							2013-10-11 09:38:49 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								15d5de1969 
								
							 
						 
						
							
							
								
								Simplify usage of DHM blinding  
							
							
							
						 
						
							2013-09-18 14:35:55 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								cff6842b39 
								
							 
						 
						
							
							
								
								POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C  
							
							
							
						 
						
							2013-09-16 13:36:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								40ce79f1e6 
								
							 
						 
						
							
							
								
								Moved DHM parsing from X509 module to DHM module  
							
							
							
						 
						
							2013-09-15 17:43:54 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b72b4edec1 
								
							 
						 
						
							
							
								
								Fix memory leak in DHM  
							
							
							
						 
						
							2013-09-13 13:55:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ed8a02bfae 
								
							 
						 
						
							
							
								
								Simplify DH blinding a bit  
							
							
							
						 
						
							2013-09-04 17:18:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								143b5028a5 
								
							 
						 
						
							
							
								
								Implement DH blinding  
							
							
							
						 
						
							2013-09-04 16:29:59 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								2d627649bf 
								
							 
						 
						
							
							
								
								Change dhm_calc_secret() prototype  
							
							
							
						 
						
							2013-09-04 14:22:07 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								48f7a5d724 
								
							 
						 
						
							
							
								
								DHE-PSK based ciphersuite support added and cleaner key exchange based  
							
							... 
							
							
							
							code selection
The base RFC 4279 DHE-PSK ciphersuites are now supported and added.
The SSL code cuts out code not relevant for defined key exchange methods 
							
						 
						
							2013-04-19 20:47:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b5b20f19e7 
								
							 
						 
						
							
							
								
								- Extra sanity check for input added  
							
							
							
						 
						
							2012-09-16 15:07:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								aec37cb653 
								
							 
						 
						
							
							
								
								- Added extra sanity check to DHM values  
							
							
							
						 
						
							2012-04-26 18:59:59 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								901c65620e 
								
							 
						 
						
							
							
								
								- Fill full buffer (Wrong parameter usage)  
							
							
							
						 
						
							2012-04-20 13:25:38 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								13ed9ab921 
								
							 
						 
						
							
							
								
								- Removed unused variable  
							
							
							
						 
						
							2012-04-16 09:43:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1ef83d66dd 
								
							 
						 
						
							
							
								
								- Initial bare version of TLS 1.2  
							
							
							
						 
						
							2012-04-11 12:09:53 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a3d195c41f 
								
							 
						 
						
							
							
								
								- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs  
							
							
							
						 
						
							2011-11-27 21:07:34 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								9d781407bc 
								
							 
						 
						
							
							
								
								- A error_strerror function() has been added to translate between error codes and their description.  
							
							... 
							
							
							
							- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers. 
							
						 
						
							2011-05-09 16:17:09 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								6c591fab72 
								
							 
						 
						
							
							
								
								- mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases.  
							
							
							
						 
						
							2011-05-05 11:49:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a755ca1bbe 
								
							 
						 
						
							
							
								
								- Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity  
							
							
							
						 
						
							2011-04-24 09:11:17 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								23986e5d5d 
								
							 
						 
						
							
							
								
								- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops  
							
							
							
						 
						
							2011-04-24 08:57:21 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								99a03afc22 
								
							 
						 
						
							
							
								
								- Fixed possible uninitialized values  
							
							
							
						 
						
							2011-04-01 11:39:39 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								287781a965 
								
							 
						 
						
							
							
								
								-  Added mpi_fill_random() for centralized filling of big numbers with random data (Fixed ticket  #10 )  
							
							
							
						 
						
							2011-03-26 13:18:49 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								345a6fee91 
								
							 
						 
						
							
							
								
								- Replaced function that fixes man-in-the-middle attack  
							
							... 
							
							
							
							- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3 
							
						 
						
							2011-02-28 21:20:02 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								c47840efd5 
								
							 
						 
						
							
							
								
								- Updated sanity checks  
							
							
							
						 
						
							2011-02-20 16:37:30 +00:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								b96f154e51 
								
							 
						 
						
							
							
								
								- Fixed copyright message  
							
							
							
						 
						
							2010-07-18 20:36:00 +00:00