Manuel Pégourié-Gonnard
|
d1c1ba90ca
|
First version of ecp_mul_comb()
|
2013-11-21 21:56:20 +01:00 |
|
Paul Bakker
|
08b028ff0f
|
Prevent unlikely NULL dereference
|
2013-11-19 10:42:37 +01:00 |
|
Paul Bakker
|
b076314ff8
|
Makefile now produces a .so.X with SOVERSION in it
|
2013-11-05 11:27:12 +01:00 |
|
Paul Bakker
|
f4dc186818
|
Prep for PolarSSL 1.3.2
|
2013-11-04 17:29:42 +01:00 |
|
Paul Bakker
|
0333b978fa
|
Handshake key_cert should be set on first addition to the key_cert chain
|
2013-11-04 17:08:28 +01:00 |
|
Paul Bakker
|
993e386a73
|
Merged renegotiation refactoring
|
2013-10-31 14:32:38 +01:00 |
|
Paul Bakker
|
37ce0ff185
|
Added defines around renegotiation code for SSL_SRV and SSL_CLI
|
2013-10-31 14:32:04 +01:00 |
|
Manuel Pégourié-Gonnard
|
31ff1d2e4f
|
Safer buffer comparisons in the SSL modules
|
2013-10-31 14:23:12 +01:00 |
|
Manuel Pégourié-Gonnard
|
6d8404d6ba
|
Server: enforce renegotiation
|
2013-10-30 16:48:10 +01:00 |
|
Manuel Pégourié-Gonnard
|
9c1e1898b6
|
Move some code around, improve documentation
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
214eed38c7
|
Make ssl_renegotiate the only interface
ssl_write_hello_request() is no private
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
caed0541a0
|
Allow ssl_renegotiate() to be called in a loop
Previously broken if waiting for network I/O in the middle of a re-handshake
initiated by the client.
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
e5e1bb972c
|
Fix misplaced initialisation
|
2013-10-30 16:46:46 +01:00 |
|
Manuel Pégourié-Gonnard
|
f3dc2f6a1d
|
Add code for testing server-initiated renegotiation
|
2013-10-30 16:46:46 +01:00 |
|
Paul Bakker
|
0d7702c3ee
|
Minor change that makes life easier for static analyzers / compilers
|
2013-10-29 16:18:35 +01:00 |
|
Paul Bakker
|
6edcd41c0a
|
Addition conditions for UEFI environment under MSVC
|
2013-10-29 15:44:13 +01:00 |
|
Paul Bakker
|
7b0be68977
|
Support for serialNumber, postalAddress and postalCode in X509 names
|
2013-10-29 14:24:37 +01:00 |
|
Paul Bakker
|
fa6a620b75
|
Defines for UEFI environment under MSVC added
|
2013-10-29 14:05:38 +01:00 |
|
Manuel Pégourié-Gonnard
|
178d9bac3c
|
Fix ECDSA corner case: missing reduction mod N
No security issue, can cause valid signatures to be rejected.
Reported by DualTachyon on github.
|
2013-10-29 13:40:17 +01:00 |
|
Paul Bakker
|
60b1d10131
|
Fixed spelling / typos (from PowerDNS:codespell)
|
2013-10-29 10:02:51 +01:00 |
|
Paul Bakker
|
50dc850c52
|
Const correctness
|
2013-10-28 21:19:10 +01:00 |
|
Paul Bakker
|
6a6087e71d
|
Added missing inline definition for MSCV and ARM environments
|
2013-10-28 18:53:08 +01:00 |
|
Paul Bakker
|
7bc745b6a1
|
Merged constant-time padding checks
|
2013-10-28 14:40:26 +01:00 |
|
Paul Bakker
|
1642122f8b
|
Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer
|
2013-10-28 14:38:35 +01:00 |
|
Paul Bakker
|
3f917e230d
|
Merged optimizations for MODP NIST curves
|
2013-10-28 14:18:26 +01:00 |
|
Manuel Pégourié-Gonnard
|
1001e32d6f
|
Fix return value of ecdsa_from_keypair()
|
2013-10-28 14:01:08 +01:00 |
|
Manuel Pégourié-Gonnard
|
21ef42f257
|
Don't select a PSK ciphersuite if no key available
|
2013-10-28 14:00:45 +01:00 |
|
Manuel Pégourié-Gonnard
|
3daaf3d21d
|
X509 key identifiers depend on SHA1
|
2013-10-28 13:58:32 +01:00 |
|
Paul Bakker
|
45a2c8d99a
|
Prevent possible alignment warnings on casting from char * to 'aligned *'
|
2013-10-28 12:57:08 +01:00 |
|
Paul Bakker
|
677377f472
|
Server does not send out extensions not advertised by client
|
2013-10-28 12:54:26 +01:00 |
|
Manuel Pégourié-Gonnard
|
e68bf171eb
|
Make get_zeros_padding() constant-time
|
2013-10-27 18:26:39 +01:00 |
|
Manuel Pégourié-Gonnard
|
6c32990114
|
Make get_one_and_zeros_padding() constant-time
|
2013-10-27 18:25:03 +01:00 |
|
Manuel Pégourié-Gonnard
|
d17df51277
|
Make get_zeros_and_len_padding() constant-time
|
2013-10-27 17:32:43 +01:00 |
|
Manuel Pégourié-Gonnard
|
f8ab069d6a
|
Make get_pkcs_padding() constant-time
|
2013-10-27 17:25:57 +01:00 |
|
Manuel Pégourié-Gonnard
|
a8a25ae1b9
|
Fix bad error codes
|
2013-10-27 13:48:15 +01:00 |
|
Manuel Pégourié-Gonnard
|
7109624aef
|
Skip MAC computation/check when GCM is used
|
2013-10-25 19:31:25 +02:00 |
|
Manuel Pégourié-Gonnard
|
8866591cc5
|
Don't special-case NULL cipher in ssl_tls.c
|
2013-10-25 18:42:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
126a66f668
|
Simplify switching on mode in ssl_tls.c
|
2013-10-25 18:33:32 +02:00 |
|
Manuel Pégourié-Gonnard
|
98d9a2c061
|
Fix missing or wrong ciphersuite definitions
|
2013-10-25 18:03:18 +02:00 |
|
Manuel Pégourié-Gonnard
|
6fb0f745be
|
Rank GCM before CBC in ciphersuite_preference
|
2013-10-25 17:08:15 +02:00 |
|
Manuel Pégourié-Gonnard
|
8d01eea7af
|
Add Camellia-GCM ciphersuites
|
2013-10-25 16:46:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
e0dca4ad78
|
Cipher layer: check iv_len more carefully
|
2013-10-24 17:03:39 +02:00 |
|
Manuel Pégourié-Gonnard
|
dae7093875
|
gcm_selftest depends on AES
|
2013-10-24 15:06:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
87181d1deb
|
Add Camellia-GCM to th cipher layer
|
2013-10-24 14:02:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
13e0d449f7
|
Add Camellia-GCM test vectors
https://tools.ietf.org/html/draft-kato-ipsec-camellia-gcm-03#section-4
|
2013-10-24 13:24:25 +02:00 |
|
Manuel Pégourié-Gonnard
|
9fcceac943
|
Add a comment about modules coupling
|
2013-10-23 20:56:12 +02:00 |
|
Manuel Pégourié-Gonnard
|
b21c81fb41
|
Use less memory in fix_negative()
|
2013-10-23 20:45:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
cae6f3ed45
|
Reorganize code in ecp.c
|
2013-10-23 20:19:57 +02:00 |
|
Manuel Pégourié-Gonnard
|
5779cbe582
|
Make mod_p{224,256,384] a bit faster
Speedup is roughly 25%, giving a 6% speedup on ecp_mul() for these curves.
|
2013-10-23 20:17:00 +02:00 |
|
Manuel Pégourié-Gonnard
|
c04c530a98
|
Make NIST curves optimisation an option
|
2013-10-23 16:11:52 +02:00 |
|