2009-01-04 17:08:55 +01:00
|
|
|
|
PolarSSL ChangeLog
|
|
|
|
|
|
2010-02-18 19:16:31 +01:00
|
|
|
|
= Version 0.12.2 released on XXXXXXXX
|
2010-02-18 20:37:19 +01:00
|
|
|
|
Changes
|
|
|
|
|
* Added option parsing for host and port selection to
|
|
|
|
|
ssl_client2
|
2010-02-18 22:26:15 +01:00
|
|
|
|
* Added support for GeneralizedTime in X509 parsing
|
2010-02-18 20:37:19 +01:00
|
|
|
|
|
2010-02-18 19:16:31 +01:00
|
|
|
|
Bug fixes
|
|
|
|
|
* Fixed bug resulting in failure to send the last
|
|
|
|
|
certificate in the chain in ssl_write_certificate() and
|
|
|
|
|
ssl_write_certificate_request() (Found by fatbob)
|
|
|
|
|
|
2009-10-04 17:15:34 +02:00
|
|
|
|
= Version 0.12.1 released on 2009-10-04
|
2009-10-03 22:05:57 +02:00
|
|
|
|
Changes
|
|
|
|
|
* Coverage test definitions now support 'depends_on'
|
|
|
|
|
tagging system.
|
|
|
|
|
* Tests requiring specific hashing algorithms now honor
|
|
|
|
|
the defines.
|
|
|
|
|
|
2009-10-03 22:09:14 +02:00
|
|
|
|
Bug fixes
|
2009-10-04 17:15:34 +02:00
|
|
|
|
* Changed typo in #ifdef in x509parse.c (found
|
2009-10-03 22:09:14 +02:00
|
|
|
|
by Eduardo)
|
|
|
|
|
|
2009-07-28 22:27:03 +02:00
|
|
|
|
= Version 0.12.0 released on 2009-07-28
|
2009-06-28 23:50:27 +02:00
|
|
|
|
Features
|
|
|
|
|
* Added CMake makefiles as alternative to regular Makefiles.
|
|
|
|
|
* Added preliminary Code Coverage tests for AES, ARC4,
|
2009-07-11 00:38:58 +02:00
|
|
|
|
Base64, MPI, SHA-family, MD-family, HMAC-SHA-family,
|
2009-07-11 20:39:36 +02:00
|
|
|
|
Camellia, DES, 3-DES, RSA PKCS#1, XTEA, Diffie-Hellman
|
|
|
|
|
and X509parse.
|
2009-06-28 23:50:27 +02:00
|
|
|
|
|
2009-07-19 22:36:27 +02:00
|
|
|
|
Changes
|
2009-07-28 22:11:54 +02:00
|
|
|
|
* Error codes are not (necessarily) negative. Keep
|
2009-07-19 22:36:27 +02:00
|
|
|
|
this is mind when checking for errors.
|
|
|
|
|
* RSA_RAW renamed to SIG_RSA_RAW for consistency.
|
2009-07-19 22:41:06 +02:00
|
|
|
|
* Fixed typo in name of POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE.
|
2009-07-27 23:03:45 +02:00
|
|
|
|
* Changed interface for AES and Camellia setkey functions
|
|
|
|
|
to indicate invalid key lengths.
|
2009-07-19 22:29:42 +02:00
|
|
|
|
|
2009-06-20 10:22:43 +02:00
|
|
|
|
Bug fixes
|
2009-07-19 22:50:11 +02:00
|
|
|
|
* Fixed include location of endian.h on FreeBSD (found by
|
|
|
|
|
Gabriel)
|
2009-07-27 23:09:47 +02:00
|
|
|
|
* Fixed include location of endian.h and name clash on
|
|
|
|
|
Apples (found by Martin van Hensbergen)
|
2009-07-11 22:40:58 +02:00
|
|
|
|
* Fixed HMAC-MD2 by modifying md2_starts(), so that the
|
2009-07-11 22:44:12 +02:00
|
|
|
|
required HMAC ipad and opad variables are not cleared.
|
|
|
|
|
(found by code coverage tests)
|
2009-07-11 18:35:32 +02:00
|
|
|
|
* Prevented use of long long in bignum if
|
|
|
|
|
POLARSSL_HAVE_LONGLONG not defined (found by Giles
|
2009-07-11 20:39:36 +02:00
|
|
|
|
Bathgate).
|
2009-06-20 10:22:43 +02:00
|
|
|
|
* Fixed incorrect handling of negative strings in
|
|
|
|
|
mpi_read_string() (found by code coverage tests).
|
2009-07-11 00:38:58 +02:00
|
|
|
|
* Fixed segfault on handling empty rsa_context in
|
|
|
|
|
rsa_check_pubkey() and rsa_check_privkey() (found by
|
2009-07-11 20:39:36 +02:00
|
|
|
|
code coverage tests).
|
2009-06-20 12:31:06 +02:00
|
|
|
|
* Fixed incorrect handling of one single negative input
|
|
|
|
|
value in mpi_add_abs() (found by code coverage tests).
|
2009-06-20 12:50:55 +02:00
|
|
|
|
* Fixed incorrect handling of negative first input
|
|
|
|
|
value in mpi_sub_abs() (found by code coverage tests).
|
2009-06-23 21:46:08 +02:00
|
|
|
|
* Fixed incorrect handling of negative first input
|
|
|
|
|
value in mpi_mod_mpi() and mpi_mod_int(). Resulting
|
2009-07-11 20:39:36 +02:00
|
|
|
|
change also affects mpi_write_string() (found by code
|
|
|
|
|
coverage tests).
|
2009-06-25 23:25:49 +02:00
|
|
|
|
* Corrected is_prime() results for 0, 1 and 2 (found by
|
|
|
|
|
code coverage tests).
|
2009-07-11 23:06:01 +02:00
|
|
|
|
* Fixed Camellia and XTEA for 64-bit Windows systems.
|
2009-06-20 10:22:43 +02:00
|
|
|
|
|
2009-05-17 12:27:03 +02:00
|
|
|
|
= Version 0.11.1 released on 2009-05-17
|
|
|
|
|
* Fixed missing functionality for SHA-224, SHA-256, SHA384,
|
|
|
|
|
SHA-512 in rsa_pkcs1_sign()
|
|
|
|
|
|
2009-05-03 15:12:27 +02:00
|
|
|
|
= Version 0.11.0 released on 2009-05-03
|
2009-01-29 23:24:33 +01:00
|
|
|
|
* Fixed a bug in mpi_gcd() so that it also works when both
|
|
|
|
|
input numbers are even and added testcases to check
|
2009-03-28 19:54:06 +01:00
|
|
|
|
(found by Pierre Habouzit).
|
2009-02-09 23:32:35 +01:00
|
|
|
|
* Added support for SHA-224, SHA-256, SHA-384 and SHA-512
|
|
|
|
|
one way hash functions with the PKCS#1 v1.5 signing and
|
|
|
|
|
verification.
|
2009-03-28 18:52:44 +01:00
|
|
|
|
* Fixed minor bug regarding mpi_gcd located within the
|
|
|
|
|
POLARSSL_GENPRIME block.
|
2009-03-28 19:54:06 +01:00
|
|
|
|
* Fixed minor memory leak in x509parse_crt() and added better
|
|
|
|
|
handling of 'full' certificate chains (found by Mathias
|
|
|
|
|
Olsson).
|
2009-04-19 20:44:26 +02:00
|
|
|
|
* Centralized file opening and reading for x509 files into
|
|
|
|
|
load_file()
|
2009-04-19 20:55:16 +02:00
|
|
|
|
* Made definition of net_htons() endian-clean for big endian
|
|
|
|
|
systems (Found by Gernot).
|
2009-04-19 23:17:09 +02:00
|
|
|
|
* Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
|
|
|
|
|
padlock and timing code.
|
2009-05-03 15:12:27 +02:00
|
|
|
|
* Fixed an off-by-one buffer allocation in ssl_set_hostname()
|
|
|
|
|
responsible for crashes and unwanted behaviour.
|
|
|
|
|
* Added support for Certificate Revocation List (CRL) parsing.
|
2009-05-03 12:18:48 +02:00
|
|
|
|
* Added support for CRL revocation to x509parse_verify() and
|
|
|
|
|
SSL/TLS code.
|
2009-05-03 18:06:43 +02:00
|
|
|
|
* Fixed compatibility of XTEA and Camellia on a 64-bit system
|
|
|
|
|
(found by Felix von Leitner).
|
2009-01-29 23:24:33 +01:00
|
|
|
|
|
2009-01-15 20:45:54 +01:00
|
|
|
|
= Version 0.10.0 released on 2009-01-12
|
2009-01-04 19:15:48 +01:00
|
|
|
|
* Migrated XySSL to PolarSSL
|
|
|
|
|
* Added XTEA symmetric cipher
|
2009-01-11 00:31:23 +01:00
|
|
|
|
* Added Camellia symmetric cipher
|
2009-01-11 21:26:11 +01:00
|
|
|
|
* Added support for ciphersuites: SSL_RSA_CAMELLIA_128_SHA,
|
|
|
|
|
SSL_RSA_CAMELLIA_256_SHA and SSL_EDH_RSA_CAMELLIA_256_SHA
|
2009-01-12 22:50:17 +01:00
|
|
|
|
* Fixed dangerous bug that can cause a heap overflow in
|
|
|
|
|
rsa_pkcs1_decrypt (found by Christophe Devine)
|
2009-01-04 17:08:55 +01:00
|
|
|
|
|
|
|
|
|
================================================================
|
|
|
|
|
XySSL ChangeLog
|
2009-01-03 22:22:43 +01:00
|
|
|
|
|
|
|
|
|
= Version 0.9 released on 2008-03-16
|
|
|
|
|
|
|
|
|
|
* Added support for ciphersuite: SSL_RSA_AES_128_SHA
|
|
|
|
|
* Enabled support for large files by default in aescrypt2.c
|
|
|
|
|
* Preliminary openssl wrapper contributed by David Barrett
|
|
|
|
|
* Fixed a bug in ssl_write() that caused the same payload to
|
|
|
|
|
be sent twice in non-blocking mode when send returns EAGAIN
|
|
|
|
|
* Fixed ssl_parse_client_hello(): session id and challenge must
|
|
|
|
|
not be swapped in the SSLv2 ClientHello (found by Greg Robson)
|
|
|
|
|
* Added user-defined callback debug function (Krystian Kolodziej)
|
|
|
|
|
* Before freeing a certificate, properly zero out all cert. data
|
|
|
|
|
* Fixed the "mode" parameter so that encryption/decryption are
|
|
|
|
|
not swapped on PadLock; also fixed compilation on older versions
|
|
|
|
|
of gcc (bug reported by David Barrett)
|
|
|
|
|
* Correctly handle the case in padlock_xcryptcbc() when input or
|
|
|
|
|
ouput data is non-aligned by falling back to the software
|
|
|
|
|
implementation, as VIA Nehemiah cannot handle non-aligned buffers
|
|
|
|
|
* Fixed a memory leak in x509parse_crt() which was reported by Greg
|
|
|
|
|
Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to
|
|
|
|
|
Matthew Page who reported several bugs
|
|
|
|
|
* Fixed x509_get_ext() to accept some rare certificates which have
|
|
|
|
|
an INTEGER instead of a BOOLEAN for BasicConstraints::cA.
|
|
|
|
|
* Added support on the client side for the TLS "hostname" extension
|
|
|
|
|
(patch contributed by David Patino)
|
|
|
|
|
* Make x509parse_verify() return BADCERT_CN_MISMATCH when an empty
|
|
|
|
|
string is passed as the CN (bug reported by spoofy)
|
|
|
|
|
* Added an option to enable/disable the BN assembly code
|
|
|
|
|
* Updated rsa_check_privkey() to verify that (D*E) = 1 % (P-1)*(Q-1)
|
|
|
|
|
* Disabled obsolete hash functions by default (MD2, MD4); updated
|
|
|
|
|
selftest and benchmark to not test ciphers that have been disabled
|
|
|
|
|
* Updated x509parse_cert_info() to correctly display byte 0 of the
|
|
|
|
|
serial number, setup correct server port in the ssl client example
|
|
|
|
|
* Fixed a critical denial-of-service with X.509 cert. verification:
|
|
|
|
|
peer may cause xyssl to loop indefinitely by sending a certificate
|
|
|
|
|
for which the RSA signature check fails (bug reported by Benoit)
|
|
|
|
|
* Added test vectors for: AES-CBC, AES-CFB, DES-CBC and 3DES-CBC,
|
|
|
|
|
HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
|
|
|
|
|
* Fixed HMAC-SHA-384 and HMAC-SHA-512 (thanks to Josh Sinykin)
|
|
|
|
|
* Modified ssl_parse_client_key_exchange() to protect against
|
|
|
|
|
Daniel Bleichenbacher attack on PKCS#1 v1.5 padding, as well
|
|
|
|
|
as the Klima-Pokorny-Rosa extension of Bleichenbacher's attack
|
|
|
|
|
* Updated rsa_gen_key() so that ctx->N is always nbits in size
|
|
|
|
|
* Fixed assembly PPC compilation errors on Mac OS X, thanks to
|
|
|
|
|
David Barrett and Dusan Semen
|
|
|
|
|
|
|
|
|
|
= Version 0.8 released on 2007-10-20
|
|
|
|
|
|
|
|
|
|
* Modified the HMAC functions to handle keys larger
|
|
|
|
|
than 64 bytes, thanks to Stephane Desneux and gary ng
|
|
|
|
|
* Fixed ssl_read_record() to properly update the handshake
|
|
|
|
|
message digests, which fixes IE6/IE7 client authentication
|
|
|
|
|
* Cleaned up the XYSSL* #defines, suggested by Azriel Fasten
|
|
|
|
|
* Fixed net_recv(), thanks to Lorenz Schori and Egon Kocjan
|
|
|
|
|
* Added user-defined callbacks for handling I/O and sessions
|
|
|
|
|
* Added lots of debugging output in the SSL/TLS functions
|
|
|
|
|
* Added preliminary X.509 cert. writing by Pascal Vizeli
|
|
|
|
|
* Added preliminary support for the VIA PadLock routines
|
|
|
|
|
* Added AES-CFB mode of operation, contributed by chmike
|
|
|
|
|
* Added an SSL/TLS stress testing program (ssl_test.c)
|
|
|
|
|
* Updated the RSA PKCS#1 code to allow choosing between
|
|
|
|
|
RSA_PUBLIC and RSA_PRIVATE, as suggested by David Barrett
|
|
|
|
|
* Updated ssl_read() to skip 0-length records from OpenSSL
|
|
|
|
|
* Fixed the make install target to comply with *BSD make
|
|
|
|
|
* Fixed a bug in mpi_read_binary() on 64-bit platforms
|
|
|
|
|
* mpi_is_prime() speedups, thanks to Kevin McLaughlin
|
|
|
|
|
* Fixed a long standing memory leak in mpi_is_prime()
|
|
|
|
|
* Replaced realloc with malloc in mpi_grow(), and set
|
|
|
|
|
the sign of zero as positive in mpi_init() (reported
|
|
|
|
|
by Jonathan M. McCune)
|
|
|
|
|
|
|
|
|
|
= Version 0.7 released on 2007-07-07
|
|
|
|
|
|
|
|
|
|
* Added support for the MicroBlaze soft-core processor
|
|
|
|
|
* Fixed a bug in ssl_tls.c which sometimes prevented SSL
|
|
|
|
|
connections from being established with non-blocking I/O
|
|
|
|
|
* Fixed a couple bugs in the VS6 and UNIX Makefiles
|
|
|
|
|
* Fixed the "PIC register ebx clobbered in asm" bug
|
|
|
|
|
* Added HMAC starts/update/finish support functions
|
|
|
|
|
* Added the SHA-224, SHA-384 and SHA-512 hash functions
|
|
|
|
|
* Fixed the net_set_*block routines, thanks to Andreas
|
|
|
|
|
* Added a few demonstration programs: md5sum, sha1sum,
|
|
|
|
|
dh_client, dh_server, rsa_genkey, rsa_sign, rsa_verify
|
|
|
|
|
* Added new bignum import and export helper functions
|
|
|
|
|
* Rewrote README.txt in program/ssl/ca to better explain
|
|
|
|
|
how to create a test PKI
|
|
|
|
|
|
|
|
|
|
= Version 0.6 released on 2007-04-01
|
|
|
|
|
|
|
|
|
|
* Ciphers used in SSL/TLS can now be disabled at compile
|
|
|
|
|
time, to reduce the memory footprint on embedded systems
|
|
|
|
|
* Added multiply assembly code for the TriCore and modified
|
|
|
|
|
havege_struct for this processor, thanks to David Pati<74>o
|
|
|
|
|
* Added multiply assembly code for 64-bit PowerPCs,
|
|
|
|
|
thanks to Peking University and the OSU Open Source Lab
|
|
|
|
|
* Added experimental support of Quantum Cryptography
|
|
|
|
|
* Added support for autoconf, contributed by Arnaud Cornet
|
|
|
|
|
* Fixed "long long" compilation issues on IA-64 and PPC64
|
|
|
|
|
* Fixed a bug introduced in xyssl-0.5/timing.c: hardclock
|
|
|
|
|
was not being correctly defined on ARM and MIPS
|
|
|
|
|
|
|
|
|
|
= Version 0.5 released on 2007-03-01
|
|
|
|
|
|
|
|
|
|
* Added multiply assembly code for SPARC and Alpha
|
|
|
|
|
* Added (beta) support for non-blocking I/O operations
|
|
|
|
|
* Implemented session resuming and client authentication
|
|
|
|
|
* Fixed some portability issues on WinCE, MINIX 3, Plan9
|
|
|
|
|
(thanks to Benjamin Newman), HP-UX, FreeBSD and Solaris
|
|
|
|
|
* Improved the performance of the EDH key exchange
|
|
|
|
|
* Fixed a bug that caused valid packets with a payload
|
|
|
|
|
size of 16384 bytes to be rejected
|
|
|
|
|
|
|
|
|
|
= Version 0.4 released on 2007-02-01
|
|
|
|
|
|
|
|
|
|
* Added support for Ephemeral Diffie-Hellman key exchange
|
|
|
|
|
* Added multiply asm code for SSE2, ARM, PPC, MIPS and M68K
|
|
|
|
|
* Various improvement to the modular exponentiation code
|
|
|
|
|
* Rewrote the headers to generate the API docs with doxygen
|
|
|
|
|
* Fixed a bug in ssl_encrypt_buf (incorrect padding was
|
|
|
|
|
generated) and in ssl_parse_client_hello (max. client
|
|
|
|
|
version was not properly set), thanks to Didier Rebeix
|
|
|
|
|
* Fixed another bug in ssl_parse_client_hello: clients with
|
|
|
|
|
cipherlists larger than 96 bytes were incorrectly rejected
|
|
|
|
|
* Fixed a couple memory leak in x509_read.c
|
|
|
|
|
|
|
|
|
|
= Version 0.3 released on 2007-01-01
|
|
|
|
|
|
|
|
|
|
* Added server-side SSLv3 and TLSv1.0 support
|
|
|
|
|
* Multiple fixes to enhance the compatibility with g++,
|
|
|
|
|
thanks to Xos<6F> Ant<6E>n Otero Ferreira
|
|
|
|
|
* Fixed a bug in the CBC code, thanks to dowst; also,
|
|
|
|
|
the bignum code is no longer dependant on long long
|
|
|
|
|
* Updated rsa_pkcs1_sign to handle arbitrary large inputs
|
|
|
|
|
* Updated timing.c for improved compatibility with i386
|
|
|
|
|
and 486 processors, thanks to Arnaud Cornet
|
|
|
|
|
|
|
|
|
|
= Version 0.2 released on 2006-12-01
|
|
|
|
|
|
|
|
|
|
* Updated timing.c to support ARM and MIPS arch
|
|
|
|
|
* Updated the MPI code to support 8086 on MSVC 1.5
|
|
|
|
|
* Added the copyright notice at the top of havege.h
|
|
|
|
|
* Fixed a bug in sha2_hmac, thanks to newsoft/Wenfang Zhang
|
|
|
|
|
* Fixed a bug reported by Adrian R<>egsegger in x509_read_key
|
|
|
|
|
* Fixed a bug reported by Torsten Lauter in ssl_read_record
|
|
|
|
|
* Fixed a bug in rsa_check_privkey that would wrongly cause
|
|
|
|
|
valid RSA keys to be dismissed (thanks to oldwolf)
|
|
|
|
|
* Fixed a bug in mpi_is_prime that caused some primes to fail
|
|
|
|
|
the Miller-Rabin primality test
|
|
|
|
|
|
|
|
|
|
I'd also like to thank Youn<75>s Hafri for the CRUX linux port,
|
|
|
|
|
Khalil Petit who added XySSL into pkgsrc and Arnaud Cornet
|
|
|
|
|
who maintains the Debian package :-)
|
|
|
|
|
|
|
|
|
|
= Version 0.1 released on 2006-11-01
|
|
|
|
|
|