Manuel Pégourié-Gonnard
e10e06d863
Blind RSA operations even without CRT
2014-11-06 18:25:44 +01:00
Manuel Pégourié-Gonnard
d056ce0e3e
Use seq_num as AEAD nonce by default
2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard
9d7821d774
Fix warning in reduced config
2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard
1a03473576
Keep EtM state across renegotiations
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
169dd6a514
Adjust minimum length for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
78e745fc0a
Don't send back EtM extension if not using CBC
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
08558e5b46
Fix for the RFC erratum
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
313d796e80
Implement EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
0098e7dc70
Preparation for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
b575b54cb9
Forbid extended master secret with SSLv3
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
ada3030485
Implement extended master secret
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
367381fddd
Add negotiation of Extended Master Secret
...
(But not the actual thing yet.)
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
01b2699198
Implement FALLBACK_SCSV server-side
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
1cbd39dbeb
Implement FALLBACK_SCSV client-side
2014-11-05 16:00:49 +01:00
Paul Bakker
82788fb63b
Fix minor style issues
2014-10-20 13:59:19 +02:00
Paul Bakker
9eac4f7c4e
Prepare for release 1.3.9
2014-10-20 13:56:15 +02:00
Manuel Pégourié-Gonnard
f7cdbc0e87
Fix potential bad read of length
2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard
ef9a6aec51
Allow comparing name with mismatched encodings
2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard
88421246d8
Rename a function
2014-10-17 12:42:30 +02:00
Manuel Pégourié-Gonnard
43c3b28ca6
Fix memory leak with crafted ClientHello
2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard
5d8618539f
Fix memory leak while parsing some X.509 certs
2014-10-17 12:41:41 +02:00
Manuel Pégourié-Gonnard
64938c63f0
Accept spaces at end of line/buffer in base64
2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard
7f4ed67a97
Fix compile error with armcc in mpi_is_prime()
2014-10-15 22:06:46 +02:00
Paul Bakker
5a5fa92bfe
x509_crt_parse() did not increase total_failed on PEM error
...
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard
480905d563
Fix selection of hash from sig_alg ClientHello ext.
2014-08-30 14:19:59 +02:00
Sander Niemeijer
ef5087d150
Added explicit casts to prevent compiler warnings when trying to build for iOS
2014-08-21 23:48:14 +02:00
Manuel Pégourié-Gonnard
8ef7088bb9
Use polarssl_zeroize() in asn1parse too
2014-08-21 18:15:09 +02:00
Peter Vaskovic
a676acf66b
Fix missing curly braces.
2014-08-21 17:56:25 +02:00
Manuel Pégourié-Gonnard
a13500fdf7
Fix bug with ssl_close_notify and non-blocking I/O
2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard
44ade654c5
Implement (partial) renego delay on client
2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard
f07f421759
Fix server-initiated renego with non-blocking I/O
2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard
6591962f06
Allow delay on renego on client
...
Currently unbounded: will be fixed later
2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard
f26a1e8602
ssl_read() stops returning non-application data
2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard
55e4ff2ace
Tune comments
2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard
462906f955
Do no test net_usleep() when not defined
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
192253aaa9
Fix buffer size in pk_write_*_pem()
2014-08-14 11:34:35 +02:00
Alfred Klomp
b308dd72d9
timing.c: avoid referencing garbage value
...
Found with Clang's `scan-build` tool.
When get_timer() is called with `reset` set to 1, the value of
t->start.tv_sec is used as a rvalue without being initialized first.
This is relatively harmless because the result of get_timer() is not
used by the callers when called in "reset mode". However, scan-build
prints a warning.
Silence the warning by only calculating the delta on non-reset runs,
returning zero otherwise.
2014-08-14 11:34:35 +02:00
Alfred Klomp
7ee55624fb
gcm.c: remove dead store
...
Found with Clang's `scan-build` tool.
The value written to `hi` is never used, resulting in a warning. Remove
the dead store to get rid of the warning.
2014-08-14 11:34:35 +02:00
Alfred Klomp
1b4eda3af9
pkcs5.c: fix dead store: return proper exit status
...
Found with Clang's `scan-build` tool.
The error value assigned to `ret` is not returned, meaning that the
selftest always succeeds. Ensure the error value is propagated back to
the caller.
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d77eeeaf6
Fix integer suffix rejected by some MSVC versions
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
9a6b442cee
Fix non-blocking sockets in net_accept()
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
a04fa4fa04
RSA-PSK key exchange requires TLS 1.x
...
It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d4ad07706
SHA-2 ciphersuites now require TLS 1.x
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
2fbf311391
Fix dependency issue in memory_buffer_alloc
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
97884a31cb
Fix printf format warnings in memory_buffer_alloc
2014-08-14 11:34:33 +02:00
Manuel Pégourié-Gonnard
86bbc7fc30
Fix typo causing compile error with NULL cipher
2014-08-14 11:34:33 +02:00
Paul Bakker
8dcb2d7d7e
Support escaping of commas in x509_string_to_names()
2014-08-11 11:59:52 +02:00
Paul Bakker
21e081b068
Prevent (incorrect) compiler warning
2014-07-24 10:38:01 +02:00
Paul Bakker
6c343d7d9a
Fix mpi_write_string() to write "00" as hex output for empty MPI
2014-07-10 15:27:10 +02:00
Paul Bakker
5b11d026cd
Fix dependencies and includes without FS_IO and PLATFORM_C
2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard
b196fc23b1
Fix dhm_selftest() return value
2014-07-09 16:53:29 +02:00
Paul Bakker
968afaa06f
ssl_key_cert not available in all configurations
2014-07-09 11:34:48 +02:00
Paul Bakker
ec3a617d40
Make ready for release of 1.3.8 and soversion 7
2014-07-09 10:21:28 +02:00
Paul Bakker
84bbeb58df
Adapt cipher and MD layer with _init() and _free()
2014-07-09 10:19:24 +02:00
Paul Bakker
accaffe2c3
Restructure ssl_handshake_init() and small fixes
2014-07-09 10:19:24 +02:00
Paul Bakker
a317a98221
Adapt programs / test suites
2014-07-09 10:19:24 +02:00
Paul Bakker
8f870b047c
Add dhm_init()
2014-07-09 10:19:23 +02:00
Paul Bakker
fff0366bba
Add ctr_drbg_free()
2014-07-09 10:19:23 +02:00
Paul Bakker
5b4af39a36
Add _init() and _free() for hash modules
2014-07-09 10:19:23 +02:00
Paul Bakker
c7ea99af4f
Add _init() and _free() for cipher modules
2014-07-09 10:19:22 +02:00
Manuel Pégourié-Gonnard
d27680bd5e
Clarify code using PSK callback
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
0698f7c21a
Rm duplicate entry in oid_md_alg
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
14beb08542
Fix missing const
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
ba782bbc4b
Save some space in ECP curve tables
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
67dbe1ef44
Better length checking in ecp_point_read_binary()
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
08e81e0c8f
Change selection of hash algorithm for TLS 1.2
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
bd77254b18
md_list() starting with strongest hash
2014-07-08 13:03:02 +02:00
Paul Bakker
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
Paul Bakker
b9e08b086b
Merge server-side enforced renegotiation requests
2014-07-04 15:01:37 +02:00
Paul Bakker
d598318661
Fix base64_decode() to return and check length correctly
2014-07-04 15:01:00 +02:00
Manuel Pégourié-Gonnard
481fcfde93
Make PSK_LEN configurable and adjust PMS size
2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard
dfc7df0bec
Add SSL_CIPHERSUITES config option
2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard
a9964dbcd5
Add ssl_set_renegotiation_enforced()
2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard
791684c058
Save RAM when only a few ciphersuites are defined
2014-06-30 19:07:01 +02:00
Manuel Pégourié-Gonnard
31855456f9
Fix clang's check mode again
2014-06-25 15:59:50 +02:00
Manuel Pégourié-Gonnard
bee8ded03a
Fix warning depending on configuration
2014-06-25 12:22:59 +02:00
Manuel Pégourié-Gonnard
01edb1044c
Add POLARSSL_REMOVE_RC4_CIPHERSUITES
2014-06-25 11:27:59 +02:00
Paul Bakker
2a45d1c8bb
Merge changes to config examples and configuration issues
2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard
dd0c0f33c0
Better usage of dhm_calc_secret in SSL
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
8df68632e8
Fix bug in DHE-PSK PMS computation
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
5c1f032653
Abort handshake if no point format in common
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
fd35af1579
Fix off-by-one error in point format parsing
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
87a8ffeaba
Padlock asm using \n\t too
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
0534fd4c1a
Change asm format to \n\t in aesni.c too
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
03576887c2
Remove misplaced debugging message
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
42b5374523
Switch CCM and GCM in default suite order
...
The upcoming BCP document recommends GCM as the default.
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a
Restore ability to trust non-CA selfsigned EE cert
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516
Restore ability to use v1 CA if trusted locally
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20
Fix computation of minlen for encrypted packets
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
e800cd81d7
Re-arrange some code in ssl_derive_keys()
2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
b46e6adb9c
Check input lengths in GCM
2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7
Fix length checking for AEAD ciphersuites
2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
66e20c6318
Fix warning and typo->error.
2014-06-24 17:47:40 +02:00
Manuel Pégourié-Gonnard
ac2ccf897c
Fix CCM ciphersuites definition: PSK <-> DHE-PSK!
2014-06-24 15:48:01 +02:00
Manuel Pégourié-Gonnard
8f625632bb
Fix dependencies: GCM != AEAD != CCM
2014-06-24 15:26:28 +02:00
Manuel Pégourié-Gonnard
5bfd968e01
Fix warning with TLS 1.2 without RSA or ECDSA
2014-06-24 15:18:11 +02:00
Paul Bakker
1c98ff96b5
Merge more test improvements and tests
...
Conflicts:
tests/suites/test_suite_cipher.blowfish.data
2014-06-24 11:12:00 +02:00
Paul Bakker
91c301abbe
Zeroize values in PKCS#12 operations
2014-06-24 11:09:39 +02:00
Manuel Pégourié-Gonnard
398c57b0b3
Blowfish accepts variable key len in cipher layer
2014-06-24 11:01:33 +02:00
Manuel Pégourié-Gonnard
f3b47243df
Split x509_csr_parse_der() out of x509_csr_parse()
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
4d2a8eb6ff
SSL modules now using x509_crt_parse_der()
...
Avoid uselessly trying to decode PEM.
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
b912616081
Rm unused functions in cipher_wrap
...
You can't initialise a context with DES_CFB or DES_CTR.
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
1c082f34f3
Update description and references for X.509 files
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
edc3ab20e2
Small cleanup: less side-effects
...
pkcs5_parse_pbkdf2_params() used to modify params.p, which does not look
clean, even if the function is static and params.p isn't use afterwards.
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
90dac90f53
Small code simplification in pkcs5_pbes2()
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
66aca931bc
Add tests for pkcs5_pbes2
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
2a8afa98e2
pkcs5_self_test depends on SHA1
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
f3e5c22f4d
Refactor x509_string_to_names(): data in a table
2014-06-23 11:52:58 +02:00
Manuel Pégourié-Gonnard
81754a0c35
Create a 'flags' field in cipher_info
2014-06-23 11:33:18 +02:00
Paul Bakker
66d5d076f7
Fix formatting in various code to match spacing from coding style
2014-06-17 17:06:47 +02:00
Paul Bakker
db20c10423
Add #endif comments for #endif more than 10 lines from #if / #else
2014-06-17 14:34:44 +02:00
Paul Bakker
d8bb82665e
Fix code styling for return statements
2014-06-17 14:06:49 +02:00
Paul Bakker
3461772559
Introduce polarssl_zeroize() instead of memset() for zeroization
2014-06-14 16:46:03 +02:00
Paul Bakker
14877e6250
Remove unused 'ret' variable
2014-06-12 23:01:18 +02:00
Paul Bakker
c2ff2083ee
Merge parsing and verification of RSASSA-PSS in X.509 modules
2014-06-12 22:02:47 +02:00
Paul Bakker
508e573231
Merge tests for asn1write, XTEA and Entropy modules
2014-06-12 21:26:33 +02:00
Manuel Pégourié-Gonnard
3ac6a2b9a7
Same as previous commit with Camellia
2014-06-12 21:16:02 +02:00
Manuel Pégourié-Gonnard
afd5a08e33
Minor tune-up in aes code
...
un-duplicate a check, and remove useless default case, mainly so that these
lines don't appear as uncovered
2014-06-12 21:15:55 +02:00
Manuel Pégourié-Gonnard
e1ac0f8c5d
Add back timing selftest with new hardclock test
2014-06-12 21:15:50 +02:00
Manuel Pégourié-Gonnard
7792198a46
Normalize some error messages
2014-06-12 21:15:44 +02:00
Manuel Pégourié-Gonnard
4dd73925ab
Add entropy_self_test()
2014-06-10 15:38:43 +02:00
Paul Bakker
d6917f0eb3
Add LINK_WITH_PTHREAD to CMakeList for explicitly adding pthread linking
2014-06-09 23:46:41 +02:00
Manuel Pégourié-Gonnard
d1539b1e88
Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT
2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard
88aa6e0b58
Fix potential memory leak in RSASSA-PSS verify
2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
0eaa8beb36
Fix signedness warning
2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
53882023e7
Also verify CRLs signed with RSASSA-PSS
2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard
46db4b070c
Use pk_verify_ext() in x509_crt.c
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
bf696d030b
Make sig_opts non-optional in X509 structures
...
This simplifies the code.
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
dddbb1d1eb
Rm sig_params from various X509 structures
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
9113603b6b
Use sig_opts in x509_sig_alg_gets()
2014-06-05 15:41:39 +02:00
Manuel Pégourié-Gonnard
f75f2f7c46
Add sig_opts member to X509 structures
2014-06-05 15:14:59 +02:00
Manuel Pégourié-Gonnard
20422e9a3a
Add pk_verify_ext()
2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard
5ec628a2b9
Add rsa_rsassa_pss_verify_ext()
2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard
920e1cd5e2
Add basic PSS cert verification
...
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard
e6d1d82b66
Relax checks on RSA mode for public key operations
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard
78117d57b0
Consider trailerField a constant
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
cac31eed9e
Factor common code for printing sig_alg
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
cf975a3857
Factor out some common code
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
39868ee301
Parse CSRs signed with RSASSA-PSS
2014-06-02 16:10:30 +02:00
Manuel Pégourié-Gonnard
8e42ff6bde
Parse CRLs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
9df5c96214
Fix dependencies
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
9c9cf5b51e
More checks for length match in rsassa-pss params
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
e76b750b69
Finish parsing RSASSA-PSS parameters
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
f346bab139
Start parsing RSASSA-PSS parameters
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
59a75d5b9d
Basic parsing of certs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
Peter Vaskovic
7015de7e67
Fix WSAStartup return value check.
...
SOCKET_ERROR was not a valid return value.
WSAStartup returns 0 on success, so check that instead.
2014-05-28 11:40:51 +02:00
Paul Bakker
14b16c62e9
Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker)
...
Move strlen out of for loop.
Remove redundant null checks before free.
2014-05-28 11:34:33 +02:00
Peter Vaskovic
8ebfe084ab
Fix minor format string inconsistency.
2014-05-28 11:12:51 +02:00
Peter Vaskovic
c2bbac968b
Fix misplaced parenthesis.
2014-05-28 11:06:31 +02:00
Peter Vaskovic
541529e770
Remove unused arrays.
2014-05-28 11:04:48 +02:00
Paul Bakker
b5212b436f
Merge CCM cipher mode and ciphersuites
...
Conflicts:
library/ssl_tls.c
2014-05-22 15:30:31 +02:00
Paul Bakker
0f651c7422
Stricter check on SSL ClientHello internal sizes compared to actual packet size
2014-05-22 15:12:19 +02:00
Brian White
12895d15f8
Fix less-than-zero checks on unsigned numbers
2014-05-22 13:52:53 +02:00
Manuel Pégourié-Gonnard
82a5de7bf7
Enforce alignment even if buffer is not aligned
2014-05-22 13:52:49 +02:00
Manuel Pégourié-Gonnard
fe671f4aeb
Add markers around generated code in error.c
2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard
8ff17c544c
Add missing DEBUG_RET on cipher failures
2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard
61edffef28
Normalize "should never happen" messages/errors
2014-05-22 13:52:47 +02:00
Manuel Pégourié-Gonnard
2e5ee32033
Implement CCM and CCM_8 ciphersuites
2014-05-20 16:29:34 +02:00
Manuel Pégourié-Gonnard
5efd772ef0
Small readability improvement
2014-05-14 14:10:37 +02:00
Manuel Pégourié-Gonnard
6768da9438
Register CCM ciphersuites (not implemented yet)
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
41936957b3
Add AES-CCM and CAMELLIA-CCM to the cipher layer
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
de7bb44004
Use cipher_auth_{en,de}crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
4562ffe2e6
Add cipher_auth_{en,de}crypt()
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
8764d271fa
Use cipher_crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
3c1d150b3d
Add cipher_crypt()
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
0f6b66dba1
CCM operations allow input == output
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
aed6065793
CCM source cosmetics/tune-ups
...
- source a bit shorter
- generated code slightly smaller
- preserving performance
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
ce77d55023
Implement ccm_auth_decrypt()
2014-05-07 12:13:13 +02:00
Manuel Pégourié-Gonnard
002323340a
Refactor to prepare for CCM decryption
2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard
637eb3d31d
Add ccm_encrypt_and_tag()
2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard
9fe0d13e8d
Add ccm_init/free()
2014-05-06 12:12:45 +02:00
Manuel Pégourié-Gonnard
a6916fada8
Add (placeholder) CCM module
2014-05-06 11:28:09 +02:00
Paul Bakker
5593f7caae
Fix typo in debug_print_msg()
2014-05-06 10:29:28 +02:00
Paul Bakker
da13016d84
Prepped for 1.3.7 release
2014-05-01 14:27:19 +02:00
Paul Bakker
c37b0ac4b2
Fix typo in bignum.c
2014-05-01 14:19:23 +02:00
Paul Bakker
b9e4e2c97a
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
Paul Bakker
c3f89aa26c
Removed word 'warning' from PKCS#5 selftest (buildbot warning as a result)
2014-05-01 10:56:03 +02:00
Paul Bakker
9bb04b6389
Removed redundant code in mpi_fill_random()
2014-05-01 09:47:02 +02:00
Paul Bakker
2ca1dc8958
Updated error.c and version_features.c based on changes
2014-05-01 09:46:38 +02:00
Markus Pfeiffer
a26a005acf
Make compilation on DragonFly work
2014-04-30 16:52:28 +02:00
Paul Bakker
2a024ac86a
Merge dependency fixes
2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard
c16f4e1f78
Move RC4 ciphersuites down the list
2014-04-30 16:27:06 +02:00
Paul Bakker
8eab8d368b
Merge more portable AES-NI
2014-04-30 16:21:08 +02:00
Paul Bakker
33dc46b080
Fix bug with mpi_fill_random() on big-endian
2014-04-30 16:20:39 +02:00
Paul Bakker
f96f7b607a
On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
2014-04-30 16:02:38 +02:00
Paul Bakker
6384440b13
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
2014-04-30 15:34:12 +02:00
Paul Bakker
1a1fbba1ae
Sanity length checks in ssl_read_record() and ssl_fetch_input()
...
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
2014-04-30 14:48:51 +02:00
Paul Bakker
24f37ccaed
rsa_check_pubkey() now allows an E up to N
2014-04-30 13:43:51 +02:00
Paul Bakker
0f90d7d2b5
version_check_feature() added to check for compile-time options at run-time
2014-04-30 11:49:44 +02:00
Paul Bakker
a70366317d
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
...
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard
3d41370645
Fix hash dependencies in X.509 tests
2014-04-29 15:29:41 +02:00
Manuel Pégourié-Gonnard
3a306b9067
Fix misplaced #endif in ssl_tls.c
2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard
b1fd397be6
Adapt AES-NI code to "old" binutil versions
2014-04-26 17:17:31 +02:00
Paul Bakker
c73079a78c
Add debug_set_threshold() and thresholding of messages
2014-04-25 16:58:16 +02:00
Paul Bakker
92478c37a6
Debug module only outputs full lines instead of parts
2014-04-25 16:58:15 +02:00
Paul Bakker
eaebbd5eaa
debug_set_log_mode() added to determine raw or full logging
2014-04-25 16:58:14 +02:00
Paul Bakker
61885c7f7f
Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
...
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
2014-04-25 12:59:51 +02:00
Paul Bakker
4ffcd2f9c3
Typo in PKCS#11 module
2014-04-25 11:44:12 +02:00
Paul Bakker
10a9dd35ea
Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c
2014-04-25 11:27:16 +02:00
Paul Bakker
0767e67d17
Add support for 'emailAddress' to x509_string_to_names()
2014-04-18 14:11:37 +02:00
Paul Bakker
c70e425a73
Only iterate over actual certificates in ssl_write_certificate_request()
2014-04-18 13:50:19 +02:00
Paul Bakker
f4cf80b86f
Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code
2014-04-17 17:24:29 +02:00
Paul Bakker
4f42c11846
Remove arbitrary maximum length for cipher_list and content length
2014-04-17 15:37:39 +02:00
Paul Bakker
d893aef867
Force default value to curve parameter
2014-04-17 14:45:34 +02:00
Paul Bakker
93389cc620
Remove const indicator
2014-04-17 14:44:38 +02:00
Paul Bakker
874bd64b28
Check setsockopt() return value in net_bind()
2014-04-17 12:43:05 +02:00
Paul Bakker
3d8fb63e11
Added missing MPI_CHK around mpi functions
2014-04-17 12:42:41 +02:00
Paul Bakker
a9c16d2825
Removed unused cur variable in x509_string_to_names()
2014-04-17 12:42:18 +02:00
Paul Bakker
0e4f9115dc
Fix iteration counter
2014-04-17 12:39:05 +02:00
Paul Bakker
784b04ff9a
Prepared for version 1.3.6
2014-04-11 15:33:59 +02:00
Manuel Pégourié-Gonnard
9655e4597a
Reject certificates with times not in UTC
2014-04-11 13:59:36 +02:00
Manuel Pégourié-Gonnard
0776a43788
Use UTC to heck certificate validity
2014-04-11 13:59:31 +02:00
Paul Bakker
52c5af7d2d
Merge support for verifying the extendedKeyUsage extension in X.509
2014-04-11 13:58:57 +02:00
Manuel Pégourié-Gonnard
78848375c0
Declare EC constants as 'const'
2014-04-11 13:58:41 +02:00
Paul Bakker
1630058dde
Potential buffer overwrite in pem_write_buffer() fixed
...
Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.
2014-04-11 13:58:05 +02:00
Manuel Pégourié-Gonnard
0408fd1fbb
Add extendedKeyUsage checking in SSL modules
2014-04-11 11:09:09 +02:00
Manuel Pégourié-Gonnard
7afb8a0dca
Add x509_crt_check_extended_key_usage()
2014-04-11 11:09:00 +02:00
Paul Bakker
d6ad8e949b
Make ssl_check_cert_usage() dependent on POLARSSL_X509_CRT_PARSE_C
2014-04-09 17:24:14 +02:00
Paul Bakker
a77de8c841
Prevent warnings in ssl_check_cert_usage() if keyUsage checks are off
2014-04-09 16:39:35 +02:00
Paul Bakker
043a2e26d0
Merge verification of the keyUsage extension in X.509 certificates
2014-04-09 15:55:08 +02:00
Manuel Pégourié-Gonnard
a9db85df73
Add tests for keyUsage with client auth
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
490047cc44
Code cosmetics
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
312010e6e9
Factor common parent checking code
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
f93a3c4335
Check the CA bit on trusted CAs too
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
99d4f19111
Add keyUsage checking for CAs
2014-04-09 15:50:58 +02:00
Manuel Pégourié-Gonnard
3fed0b3264
Factor some common code in x509_verify{,_child}
2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
7f2a07d7b2
Check keyUsage in SSL client and server
2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
603116c570
Add x509_crt_check_key_usage()
2014-04-09 15:50:57 +02:00
Manuel Pégourié-Gonnard
2abed84225
Specific return code for PK sig length mismatch
2014-04-09 15:50:00 +02:00
Manuel Pégourié-Gonnard
35e95ddca4
Add special return code for ecdsa length mismatch
2014-04-09 15:49:59 +02:00
Paul Bakker
ddd427a8fc
Fixed spacing in entropy_gather()
2014-04-09 15:49:57 +02:00
Paul Bakker
75342a65e4
Fixed typos in code
2014-04-09 15:49:57 +02:00
Manuel Pégourié-Gonnard
0f79babd4b
Disable timing_selftest() for now
2014-04-09 15:49:51 +02:00
Paul Bakker
17b85cbd69
Merged additional tests and improved code coverage
...
Conflicts:
ChangeLog
2014-04-08 14:38:48 +02:00
Paul Bakker
0763a401a7
Merged support for the ALPN extension
2014-04-08 14:37:12 +02:00
Paul Bakker
4224bc0a4f
Prevent potential NULL pointer dereference in ssl_read_record()
2014-04-08 14:36:50 +02:00
Manuel Pégourié-Gonnard
8c045ef8e4
Fix embarrassing X.509 bug introduced in 9533765
2014-04-08 11:55:03 +02:00
Manuel Pégourié-Gonnard
f6521de17b
Add ALPN tests to ssl-opt.sh
...
Only self-op for now, required peer versions are a bit high:
- OpenSSL 1.0.2-beta
- GnuTLS 3.2.0 (released 2013-05-10) (gnutls-cli only)
2014-04-07 12:42:04 +02:00
Manuel Pégourié-Gonnard
89e35798ae
Implement ALPN server-side
2014-04-07 12:26:35 +02:00
Manuel Pégourié-Gonnard
0b874dc580
Implement ALPN client-side
2014-04-07 10:57:45 +02:00
Manuel Pégourié-Gonnard
0148875cfc
Add tests and fix bugs for RSA-alt contexts
2014-04-04 17:46:46 +02:00
Manuel Pégourié-Gonnard
7e250d4812
Add ALPN interface
2014-04-04 17:10:40 +02:00
Manuel Pégourié-Gonnard
79e58421be
Also test net_usleep in timing_selttest()
2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard
3fec220a33
Add test for dhm_parse_dhmfile
2014-04-04 16:42:44 +02:00
Manuel Pégourié-Gonnard
7afdb88216
Test and fix x509_oid functions
2014-04-04 16:34:30 +02:00
Manuel Pégourié-Gonnard
d6aebe108a
Add 'volatile' to hardclock()'s asm
...
Prevents calls from being optimised away in timing_self_test().
(Should no be a problem for calls from other files.)
2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
13a1ef8600
Misc selftest adjustements
2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
470fc935b5
Add timing_self_test() with consistency tests
2014-04-04 16:33:01 +02:00
Manuel Pégourié-Gonnard
487588d0bf
Whitespace fixes
2014-04-04 16:33:01 +02:00
Paul Bakker
e4205dc50a
Merged printing of X509 extensions
2014-04-04 15:36:10 +02:00
Paul Bakker
5ff3f9134b
Small fix for EFI build under Windows in x509_crt.c
2014-04-04 15:08:20 +02:00
Manuel Pégourié-Gonnard
0db29b05b5
More compact code using macros
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
7b30cfc5b0
x509_crt_info() list output cosmectics
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
f6f4ab40d3
Print extended key usage in x509_crt_info()
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
65c2ddc318
Print key_usage in x509_crt_info()
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
bce2b30855
Print subject alt name in x509_crt_info()
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
919f8f5829
Print NS Cert Type in x509_crt_info()
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
b28487db1f
Start printing extensions in x509_crt_info()
2014-04-04 14:01:39 +02:00
Manuel Pégourié-Gonnard
74bc68ac62
Fix default #define for malloc/free
2014-04-02 13:20:00 +02:00
Paul Bakker
75a2860f26
Potential memory leak in mpi_exp_mod() when error occurs during
...
calculation of RR.
2014-03-31 12:08:17 +02:00
Manuel Pégourié-Gonnard
dd75c3183b
Remove potential timing leak in ecdsa_sign()
2014-03-31 11:55:42 +02:00
Manuel Pégourié-Gonnard
5b8c409f53
Fix a warning (theoretical uninitialised variable)
2014-03-27 21:10:56 +01:00
Manuel Pégourié-Gonnard
969ccc6289
Fix length checking of various ClientKeyExchange's
2014-03-27 21:10:56 +01:00
Paul Bakker
96d5265315
Made ready for release 1.3.5
2014-03-26 16:55:50 +01:00
Paul Bakker
5fff23b92a
x509_get_current_time() uses localtime_r() to prevent thread issues
2014-03-26 15:34:54 +01:00
Paul Bakker
4c284c9141
Removed LCOV directives from code
2014-03-26 15:33:05 +01:00
Paul Bakker
77f4f39ea6
Make sure no random pointer occur during failed malloc()'s
2014-03-26 15:30:20 +01:00
Paul Bakker
db1f05985e
Add a check for buffer overflow to pkcs11_sign()
...
pkcs11_sign() reuses *sig to store the header and hash, but those might
be larger than the actual sig, causing a buffer overflow.
An overflow can occur when using raw sigs with hashlen > siglen, or when
the RSA key is less than 664 bits long (or less when using hashes
shorter than SHA512)
As siglen is always within the 'low realm' < 32k, an overflow of asnlen
+ hashlen is not possible.
2014-03-26 15:14:21 +01:00
Paul Bakker
91c61bc4fd
Further tightened the padlen check to prevent underflow / overflow
2014-03-26 15:14:20 +01:00
Manuel Pégourié-Gonnard
c042cf0013
Fix broken tests due to changed error code
...
Introduced in 5246ee5c59
2014-03-26 14:12:20 +01:00
Manuel Pégourié-Gonnard
b2bf5a1bbb
Fix possible buffer overflow with PSK
2014-03-26 12:58:50 +01:00
Manuel Pégourié-Gonnard
fdddac90a6
Fix stupid bug in rsa_copy()
2014-03-26 12:58:49 +01:00
Manuel Pégourié-Gonnard
f84f799bcf
Tune debug_print_ret format
2014-03-26 12:58:46 +01:00
Paul Bakker
b13d3ffb80
Provide no info from entropy_func() on future entropy
2014-03-26 12:51:25 +01:00
Paul Bakker
66ff70dd48
Support for seed file writing and reading in Entropy
2014-03-26 11:58:07 +01:00
Paul Bakker
3f0be61a27
Merged support for parsing EC keys that use SpecifiedECDomain
2014-03-26 11:30:39 +01:00
Manuel Pégourié-Gonnard
9592485d0c
Fix some MSVC12 conversion warnings
2014-03-21 12:03:07 +01:00
Manuel Pégourié-Gonnard
3b6269aa08
Fix warnings on MinGW
2014-03-21 12:03:03 +01:00
Manuel Pégourié-Gonnard
6fac3515d0
Make support for SpecifiedECDomain optional
2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard
5246ee5c59
Work around compressed EC public key in some cases
2014-03-19 16:50:59 +01:00
Manuel Pégourié-Gonnard
eab20d2a9c
Implement parsing SpecifiedECParameters
2014-03-19 15:51:12 +01:00
Paul Bakker
6c1f69b879
MinGW32 static build should link to windows libs and libz
2014-03-17 15:11:13 +01:00
Paul Bakker
3d6504a935
ssl_init() left a dirty in_ctr pointer on failed allocation of out_ctr
2014-03-17 13:41:51 +01:00
Manuel Pégourié-Gonnard
2eea29238c
Make the compiler work-around more specific
2014-03-14 18:23:26 +01:00
Paul Bakker
a4b0343edf
Merged massive SSL Testing improvements
2014-03-14 16:30:36 +01:00
Manuel Pégourié-Gonnard
bb8661e006
Work around a compiler bug on OS X.
2014-03-14 09:21:20 +01:00
Manuel Pégourié-Gonnard
d701c9aec9
Fix memory leak in server with expired tickets
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
84c30c7e83
Fix memory leak in ssl_cache
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
145dfcbfc2
Fix bug with NewSessionTicket and non-blocking I/O
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
96ea2f2557
Add tests for SNI
2014-03-14 08:41:01 +01:00
Manuel Pégourié-Gonnard
8520dac292
Add tests for auth_mode
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
da6b4d3e8c
Change RSA embedded cert to a localhost cert
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
dfbf9c711d
Fix bug in m_sleep()
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
274a12e17c
Fix bug with ssl_cache and max_entries=0
2014-03-14 08:41:00 +01:00
Manuel Pégourié-Gonnard
f7c52014ec
Add basic tests for session resumption
2014-03-14 08:41:00 +01:00
hasufell
3c6409b066
CMake: allow to build both shared and static at once
...
This allows for more fine-grained control. Possible combinations:
* static off, shared on
* static on, shared off
* static on, shared on
The static library is always called "libpolarssl.a" and is only used
for linking of tests and internal programs if the shared lib is
not being built.
Default is: only build static lib.
2014-03-13 19:25:06 +01:00
Manuel Pégourié-Gonnard
9a6e93e7a4
Reserve -1 as an error code (used in programs)
2014-03-13 19:25:06 +01:00