Paul Bakker
|
0e19e9ff1c
|
- Minor define change to prevent warning
|
2012-10-01 11:02:48 +00:00 |
|
Paul Bakker
|
993d11dd05
|
- Send ClientHello with 'minimal version'
|
2012-09-28 15:00:12 +00:00 |
|
Paul Bakker
|
23f3680898
|
- Added proper support for TLS 1.2 signature_algorithm extension on server
side
- Minor const changes to other extension parsing functions
|
2012-09-28 14:15:14 +00:00 |
|
Paul Bakker
|
1d29fb5e33
|
- Added option to add minimum accepted SSL/TLS protocol version
|
2012-09-28 13:28:45 +00:00 |
|
Paul Bakker
|
5d19f86fdd
|
- Added comment
|
2012-09-28 07:33:00 +00:00 |
|
Paul Bakker
|
cbbd9998da
|
- SSL/TLS now has default group
|
2012-09-28 07:32:06 +00:00 |
|
Paul Bakker
|
62f2deef8b
|
- Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS
|
2012-09-28 07:31:51 +00:00 |
|
Paul Bakker
|
da7e3f225a
|
- Added RFC 3526 2048-bit and 3072-bit MODP groups
|
2012-09-28 07:18:17 +00:00 |
|
Paul Bakker
|
915275ba78
|
- Revamped x509_verify() and the SSL f_vrfy callback implementations
|
2012-09-28 07:10:55 +00:00 |
|
Paul Bakker
|
819370c7b7
|
- Removed lowercasing of parameters
|
2012-09-28 07:04:41 +00:00 |
|
Paul Bakker
|
5701cdcd02
|
- Added ServerName extension parsing (SNI) at server side
|
2012-09-27 21:49:42 +00:00 |
|
Paul Bakker
|
f918310193
|
- Autosize POLARSSL_MPI_RW_BUFFER_SIZE at compile time
|
2012-09-27 20:42:35 +00:00 |
|
Paul Bakker
|
31417a71f8
|
- Fixed tests for enhanced rsa_check_privkey()
|
2012-09-27 20:41:37 +00:00 |
|
Paul Bakker
|
eb2c658163
|
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
|
2012-09-27 19:15:01 +00:00 |
|
Paul Bakker
|
321df6fb80
|
- Expanded rsa_check_privkey() to check DP, DQ and QP as well
|
2012-09-27 13:21:34 +00:00 |
|
Paul Bakker
|
5ef9db2ae3
|
- Added rsa_check_privkey() check to rsa_sign
|
2012-09-27 13:19:22 +00:00 |
|
Paul Bakker
|
db2509c9cd
|
- Added password and password_file options for reading private keys
|
2012-09-27 12:44:31 +00:00 |
|
Paul Bakker
|
5531c6d92c
|
- Change buffer size on mpi_write_file() to cover larger size MPIs
|
2012-09-26 19:20:46 +00:00 |
|
Paul Bakker
|
49d75678a5
|
- Support INTEGRITY OS
|
2012-09-26 15:22:07 +00:00 |
|
Paul Bakker
|
d14277d7de
|
- Added PBKDF2 error code
|
2012-09-26 15:19:05 +00:00 |
|
Paul Bakker
|
d43241060b
|
- Removed clutter from my_dhm values
|
2012-09-26 08:29:38 +00:00 |
|
Paul Bakker
|
a864f2ee51
|
- Removed trailing semicolon
|
2012-09-26 08:29:20 +00:00 |
|
Paul Bakker
|
0a59707523
|
- Added simple SSL session cache implementation
- Revamped session resumption handling
|
2012-09-25 21:55:46 +00:00 |
|
Paul Bakker
|
1a0f552030
|
- Fixed test for 'trust extension' change
|
2012-09-25 21:53:55 +00:00 |
|
Paul Bakker
|
b00ca42f2a
|
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
|
2012-09-25 12:10:00 +00:00 |
|
Paul Bakker
|
4811b56524
|
- Added util/CMakelists.txt
|
2012-09-25 11:45:38 +00:00 |
|
Paul Bakker
|
29b64761fd
|
- Added predefined DHM groups from RFC 5114
|
2012-09-25 09:36:44 +00:00 |
|
Paul Bakker
|
b60b95fd7f
|
- Added first version of ssl_server2 example application
|
2012-09-25 09:05:17 +00:00 |
|
Paul Bakker
|
995a215eac
|
- Added credits
|
2012-09-25 08:19:56 +00:00 |
|
Paul Bakker
|
0f409a1911
|
- Added missing subdirectory line for util
|
2012-09-25 08:19:18 +00:00 |
|
Paul Bakker
|
d0f6fa7bdc
|
- Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
|
2012-09-17 09:18:12 +00:00 |
|
Paul Bakker
|
17a9790918
|
- Added regression check for latest mpi_add_abs() issue
|
2012-09-17 08:44:35 +00:00 |
|
Paul Bakker
|
d4c2bd79fe
|
- Added bug
|
2012-09-16 21:35:30 +00:00 |
|
Paul Bakker
|
2d319fdfcb
|
- Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover.
|
2012-09-16 21:34:26 +00:00 |
|
Paul Bakker
|
48916f9b67
|
- Added Secure Renegotiation (RFC 5746)
|
2012-09-16 19:57:18 +00:00 |
|
Paul Bakker
|
b5b20f19e7
|
- Extra sanity check for input added
|
2012-09-16 15:07:49 +00:00 |
|
Paul Bakker
|
0c93d126bc
|
- Ability to define openssl at top
- Also add SHA256 ciphersuites in non-tls 1.2 modes
|
2012-09-13 14:26:09 +00:00 |
|
Paul Bakker
|
5f70b25c9b
|
- Correctly handle SHA256 ciphersuites in SSLv3
- Moved ssl3_prf to separate function (no exceptions)
|
2012-09-13 14:23:06 +00:00 |
|
Paul Bakker
|
ec636f3bdd
|
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
|
2012-09-09 19:17:02 +00:00 |
|
Paul Bakker
|
68b6d88f5e
|
- Clear all memory
|
2012-09-08 14:04:13 +00:00 |
|
Paul Bakker
|
94a6796179
|
- Correctly handle MS certificate's key usage bits
|
2012-08-23 13:03:52 +00:00 |
|
Paul Bakker
|
f518b16f97
|
- Added PKCS#5 PBKDF2 key derivation function
|
2012-08-23 13:03:18 +00:00 |
|
Paul Bakker
|
535e97dbab
|
- Better checking for reading over buffer boundaries
- Zeroize altSubjectName chain memory before use
|
2012-08-23 10:49:55 +00:00 |
|
Paul Bakker
|
9195662a4c
|
- Added test for no-subject certificates with altSubjectNames
|
2012-08-23 10:46:54 +00:00 |
|
Paul Bakker
|
894dece46c
|
- Cleaner return value (for C++)
|
2012-08-23 08:34:32 +00:00 |
|
Paul Bakker
|
b68cad6cc7
|
- Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
|
2012-08-23 08:34:18 +00:00 |
|
Paul Bakker
|
835b29e7c3
|
- Should not be debug_level 5 in repo (reset to 0)
|
2012-08-23 08:31:59 +00:00 |
|
Paul Bakker
|
bb51f0cb3d
|
- Only include md.h if needed by POLARSSL_PKCS1_V21
|
2012-08-23 07:46:58 +00:00 |
|
Paul Bakker
|
6a2f857b08
|
- Added DragonflyBSD support
|
2012-08-23 07:45:37 +00:00 |
|
Paul Bakker
|
3c16db9a10
|
- Fixed potential memory zeroization on miscrafted RSA key
|
2012-07-05 13:58:08 +00:00 |
|