Paul Bakker
f34673e37b
Merged RSA-PSK key-exchange and ciphersuites
2013-10-15 12:46:41 +02:00
Paul Bakker
376e8153a0
Merged ECDHE-PSK ciphersuites
2013-10-15 12:45:36 +02:00
Paul Bakker
a7ea6a5a18
config.h is more script-friendly
2013-10-15 11:55:10 +02:00
Manuel Pégourié-Gonnard
0fae60bb71
Implement RSA-PSK key exchange
2013-10-14 19:34:48 +02:00
Paul Bakker
be089b0483
Introduced POLARSSL_HAVE_READDIR_R for systems without it
2013-10-14 15:51:50 +02:00
Manuel Pégourié-Gonnard
057e0cf263
Fix ciphersuites dependencies on MD5 and SHA1
2013-10-14 14:26:04 +02:00
Manuel Pégourié-Gonnard
225d6aa786
Add ECDHE_PSK ciphersuites
2013-10-11 19:07:56 +02:00
Manuel Pégourié-Gonnard
3ce3bbdc00
Add support for ECDHE_PSK key exchange
2013-10-11 18:16:35 +02:00
Manuel Pégourié-Gonnard
b8012fca5f
Adjust dependencies
2013-10-10 15:40:49 +02:00
Manuel Pégourié-Gonnard
8195c1a567
Add identifiers for Brainpool curves
2013-10-10 12:56:00 +02:00
Paul Bakker
6838bd1d73
Clarified threading issues
2013-09-30 15:24:33 +02:00
Paul Bakker
2466d93546
Threading abstraction layer added
2013-09-28 15:00:02 +02:00
Manuel Pégourié-Gonnard
cbf3ef3861
RSA and ECDSA key exchanges don't depend on CRL
2013-09-24 21:25:53 +02:00
Paul Bakker
c27c4e2efb
Support faulty X509 v1 certificates with extensions
...
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
2013-09-23 15:01:36 +02:00
Manuel Pégourié-Gonnard
fe28646f72
Fix references to x509parse in config.h
2013-09-20 16:51:13 +02:00
Manuel Pégourié-Gonnard
09fff7ee25
Cosmetics in config.h
2013-09-20 16:51:13 +02:00
Manuel Pégourié-Gonnard
1a483833b3
SSL_TLS doesn't depend on PK any more
...
(But PK does depend on RSA or ECP.)
2013-09-20 12:29:15 +02:00
Manuel Pégourié-Gonnard
1032c1d3ec
Fix some dependencies and warnings in small config
2013-09-19 10:49:00 +02:00
Paul Bakker
f20ba4b7b6
Minor typo in config.h
2013-09-16 22:46:20 +02:00
Paul Bakker
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
Paul Bakker
cff6842b39
POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C
2013-09-16 13:36:18 +02:00
Paul Bakker
4606c7317b
Added POLARSSL_PK_PARSE_C and POLARSSL_PK_WRITE_C
2013-09-15 17:04:23 +02:00
Manuel Pégourié-Gonnard
92cb1d3a91
Make CBC an option, step 3: individual ciphers
2013-09-13 17:25:43 +02:00
Manuel Pégourié-Gonnard
f7dc378ead
Make CBC an option, step 1: ssl ciphersuites
2013-09-13 15:37:03 +02:00
Paul Bakker
9013af76a3
Merged major refactoring of x509write module into development
...
This refactoring adds support for proper CSR writing and X509
certificate generation / signing
2013-09-12 11:58:04 +02:00
Manuel Pégourié-Gonnard
0237620a78
Fix some dependencies declaration
2013-09-12 11:57:02 +02:00
Paul Bakker
dcbfdcc177
Updated doxygen documentation in header files and HTML pages
2013-09-10 16:16:50 +02:00
Paul Bakker
eba3ccf785
Typo in config.h
2013-09-09 15:56:09 +02:00
Paul Bakker
48377d9834
Configuration option to enable/disable POLARSSL_PKCS1_V15 operations
2013-08-30 13:41:14 +02:00
Paul Bakker
577e006c2f
Merged ECDSA-based key-exchange and ciphersuites into development
...
Conflicts:
include/polarssl/config.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard
51be559c53
Fix PKCS#11 deps: now goes through PK
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
c40b4c3708
Add configuration item for the PK module
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
32ea60a127
Declare ECDSA key exchange and ciphersuites
...
Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it.
2013-08-27 22:21:19 +02:00
Paul Bakker
0be444a8b1
Ability to disable server_name extension (RFC 6066)
2013-08-27 21:55:01 +02:00
Paul Bakker
d2f068e071
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
2013-08-27 21:19:20 +02:00
Paul Bakker
fb08fd2e23
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
2013-08-27 15:06:54 +02:00
Manuel Pégourié-Gonnard
4846f5ecbc
ecdsa now depends on ASN.1 parse & write
2013-08-20 20:04:16 +02:00
Paul Bakker
04784f57e4
Added config check for SSL/TLS module that depends on cipher layer
2013-08-19 13:31:39 +02:00
Paul Bakker
59da0a46a4
Added config check for POLARSSL_SSL_SESSION_TICKETS
2013-08-19 13:27:17 +02:00
Paul Bakker
1f2bc6238b
Made support for the truncated_hmac extension configurable
2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3
Made support for the max_fragment_length extension configurable
2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f
Session ticket expiration checked on server
2013-08-15 11:42:48 +02:00
Paul Bakker
a503a63b85
Made session tickets support configurable from config.h
2013-08-14 14:26:03 +02:00
Paul Bakker
48e93c84b7
Made padding modes configurable from config.h
2013-08-14 14:02:48 +02:00
Paul Bakker
fa9b10050b
Also compiles / runs without time-based functions in OS
...
Can now run without need of time() / localtime() and gettimeofday()
2013-07-03 17:22:32 +02:00
Paul Bakker
ecd54fb897
Disable POLARSSL_TIMING_C by default (only required for HAVEGE)
2013-07-03 17:22:31 +02:00
Paul Bakker
6e339b52e8
Memory-allocation abstraction layer and buffer-based allocator added
2013-07-03 17:22:31 +02:00
Paul Bakker
9e36f0475f
SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
...
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker
5dc6b5fb05
Made supported curves configurable
2013-06-29 23:26:34 +02:00
Paul Bakker
e2ab84f4a1
Renamed error_strerror() to the less conflicting polarssl_strerror()
...
Ability to keep old function error_strerror() as well with
POLARSSL_ERROR_STRERROR_BC. Also works with
POLARSSL_ERROR_STRERROR_DUMMY.
2013-06-29 18:35:41 +02:00