Paul Bakker
|
23f3680898
|
- Added proper support for TLS 1.2 signature_algorithm extension on server
side
- Minor const changes to other extension parsing functions
|
2012-09-28 14:15:14 +00:00 |
|
Paul Bakker
|
1d29fb5e33
|
- Added option to add minimum accepted SSL/TLS protocol version
|
2012-09-28 13:28:45 +00:00 |
|
Paul Bakker
|
62f2deef8b
|
- Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS
|
2012-09-28 07:31:51 +00:00 |
|
Paul Bakker
|
da7e3f225a
|
- Added RFC 3526 2048-bit and 3072-bit MODP groups
|
2012-09-28 07:18:17 +00:00 |
|
Paul Bakker
|
915275ba78
|
- Revamped x509_verify() and the SSL f_vrfy callback implementations
|
2012-09-28 07:10:55 +00:00 |
|
Paul Bakker
|
5701cdcd02
|
- Added ServerName extension parsing (SNI) at server side
|
2012-09-27 21:49:42 +00:00 |
|
Paul Bakker
|
f918310193
|
- Autosize POLARSSL_MPI_RW_BUFFER_SIZE at compile time
|
2012-09-27 20:42:35 +00:00 |
|
Paul Bakker
|
eb2c658163
|
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
|
2012-09-27 19:15:01 +00:00 |
|
Paul Bakker
|
5531c6d92c
|
- Change buffer size on mpi_write_file() to cover larger size MPIs
|
2012-09-26 19:20:46 +00:00 |
|
Paul Bakker
|
a864f2ee51
|
- Removed trailing semicolon
|
2012-09-26 08:29:20 +00:00 |
|
Paul Bakker
|
0a59707523
|
- Added simple SSL session cache implementation
- Revamped session resumption handling
|
2012-09-25 21:55:46 +00:00 |
|
Paul Bakker
|
29b64761fd
|
- Added predefined DHM groups from RFC 5114
|
2012-09-25 09:36:44 +00:00 |
|
Paul Bakker
|
d0f6fa7bdc
|
- Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
|
2012-09-17 09:18:12 +00:00 |
|
Paul Bakker
|
48916f9b67
|
- Added Secure Renegotiation (RFC 5746)
|
2012-09-16 19:57:18 +00:00 |
|
Paul Bakker
|
f518b16f97
|
- Added PKCS#5 PBKDF2 key derivation function
|
2012-08-23 13:03:18 +00:00 |
|
Paul Bakker
|
894dece46c
|
- Cleaner return value (for C++)
|
2012-08-23 08:34:32 +00:00 |
|
Paul Bakker
|
b68cad6cc7
|
- Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
|
2012-08-23 08:34:18 +00:00 |
|
Paul Bakker
|
5552c8c0b3
|
- Updated documentation
|
2012-07-05 13:31:54 +00:00 |
|
Paul Bakker
|
6132d0aa93
|
- Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
|
2012-07-04 17:10:40 +00:00 |
|
Paul Bakker
|
a9379c0ed1
|
- Added base blowfish algorithm
|
2012-07-04 11:02:11 +00:00 |
|
Paul Bakker
|
2770fbd651
|
- Added DEFLATE compression support as per RFC3749 (requires zlib)
|
2012-07-03 13:30:23 +00:00 |
|
Paul Bakker
|
4f9a7bb7fd
|
- Added Thumb assembly optimizations
|
2012-07-02 08:36:36 +00:00 |
|
Paul Bakker
|
8d914583f3
|
- Added X509 CA Path support
|
2012-06-04 12:46:42 +00:00 |
|
Paul Bakker
|
f6198c1513
|
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
|
2012-05-16 08:02:29 +00:00 |
|
Paul Bakker
|
186751d9dd
|
- Moved out_msg to out_hdr + 32 to support hardware acceleration
|
2012-05-08 13:16:14 +00:00 |
|
Paul Bakker
|
6b906e5095
|
- Const correctness mpi_get_bit()
- Documentation mpi_lsb(), mpi_msb()
|
2012-05-08 12:01:43 +00:00 |
|
Paul Bakker
|
05ef835b6a
|
- Added support for Hardware Acceleration hooking in SSL/TLS
|
2012-05-08 09:17:57 +00:00 |
|
Paul Bakker
|
c9b3e1e783
|
- Fixed typo
|
2012-04-26 18:59:23 +00:00 |
|
Paul Bakker
|
84bef1db2c
|
- Fixed DHM length to correct one
|
2012-04-20 13:42:02 +00:00 |
|
Paul Bakker
|
380da53c48
|
- Abstracted checksum updating during handshake
|
2012-04-18 16:10:25 +00:00 |
|
Paul Bakker
|
ca4ab49158
|
- Added GCM ciphersuites to TLS implementation
|
2012-04-18 14:23:57 +00:00 |
|
Paul Bakker
|
d8ef167833
|
- Updated for latest GCM error
|
2012-04-18 14:17:32 +00:00 |
|
Paul Bakker
|
0a9251870a
|
- Report unexpected_message if unknown record type is received
|
2012-04-16 06:46:41 +00:00 |
|
Paul Bakker
|
10cd225962
|
- Added support for the SHA256 ciphersuites of AES and Camellia
|
2012-04-12 21:26:34 +00:00 |
|
Paul Bakker
|
c3f177a77b
|
- Added client side support for signature_algorithm extension and affiliated handling
|
2012-04-11 16:11:49 +00:00 |
|
Paul Bakker
|
1ef83d66dd
|
- Initial bare version of TLS 1.2
|
2012-04-11 12:09:53 +00:00 |
|
Paul Bakker
|
e93dfa72a5
|
- Added hex documentation for alerts
|
2012-04-10 08:03:03 +00:00 |
|
Paul Bakker
|
56a7684023
|
- Added alternative for SHA1 signature structure to check for (without NULL)
|
2012-03-22 15:31:27 +00:00 |
|
Paul Bakker
|
89e80c9a43
|
- Added base Galois/Counter mode (GCM) for AES
|
2012-03-20 13:50:09 +00:00 |
|
Paul Bakker
|
3cac5e012b
|
- x509_write_cert_req() now supports all available hash functions
|
2012-02-16 14:08:06 +00:00 |
|
Paul Bakker
|
058881547f
|
- Certificate Requests written now have the Email address written in IA5String
|
2012-02-16 10:26:57 +00:00 |
|
Paul Bakker
|
bdb912db69
|
- Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
- Added key_app_writer example application
- Added cert_req example application
|
2012-02-13 23:11:30 +00:00 |
|
Paul Bakker
|
1504af585c
|
- Removed redundant POLARSSL_DEBUG_MSG define
|
2012-02-11 16:17:43 +00:00 |
|
Paul Bakker
|
a8cd239d6b
|
- Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
|
2012-02-11 16:09:32 +00:00 |
|
Paul Bakker
|
fab5c829e7
|
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
|
2012-02-06 16:45:10 +00:00 |
|
Paul Bakker
|
e708e5c901
|
- Always return 0 fixed in doc for havege_random()
|
2012-02-03 08:13:57 +00:00 |
|
Paul Bakker
|
3c18a830b3
|
- Made changes for 1.1.1 release
|
2012-01-23 09:44:43 +00:00 |
|
Paul Bakker
|
6621987e1c
|
- Made better fix to issue of defined long long type for bignum code
|
2012-01-22 20:38:13 +00:00 |
|
Paul Bakker
|
cf0360a14e
|
- Fixed compiler error on 64-bit systems not using GCC
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
|
2012-01-20 10:08:14 +00:00 |
|
Paul Bakker
|
8913f82c26
|
- Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared
|
2012-01-14 18:07:41 +00:00 |
|