Commit graph

6418 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
c554e9acf1 Added test vectors from RFC 5903 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard
b63f9e98f5 Made ecp_mul() faster and truly SPA resistant 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard
b4a310b472 Added a selftest about SPA resistance 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
9674fd0d5e Added ecp_sub() as a variant of ecp_add() 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
1c2782cc7c Changed to jacobian coordinates everywhere 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
4bdd47d2cb Multiplication by negative is now forbidden 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
8433824d5f Added fast mod_p192 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
e739f0133b Added test vectors from RFC 5114 to test suite 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard
4b8c3f2a1c Moved tests from selftest to tests/test_suite_ecp 2013-01-16 16:31:50 +01:00
Paul Bakker
58ef6ec613 Cleaner test-memory cleanups 2013-01-03 11:33:48 +01:00
Paul Bakker
fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker
df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Paul Bakker
1eeceaeac8 More expansive testing 2012-11-23 14:25:34 +01:00
Manuel Pégourié-Gonnard
e44ec108be Fixed segfault in mpi_shift_r()
Fixed memory leak in test_suite_mpi
Amended ChangeLog
2012-11-18 23:15:02 +01:00
Paul Bakker
90f309ffe7 Added proper gitignores for linux compilation 2012-11-17 00:04:49 +01:00
Paul Bakker
e0f41f3086 - Updated version to 1.2.1 2012-11-13 12:55:02 +00:00
Paul Bakker
9daf0d0651 - Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 2012-11-13 12:13:27 +00:00
Paul Bakker
f02c5642d0 - Allow R and A to point to same mpi in mpi_div_mpi 2012-11-13 10:25:21 +00:00
Paul Bakker
645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker
f1ab0ec1ff - Changed default compiler flags to include -O2 2012-10-23 12:12:53 +00:00
Paul Bakker
8f387e6605 - Updated trunk base version to 1.2.0 for prerelease 1 2012-10-02 15:26:45 +00:00
Paul Bakker
5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker
915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker
31417a71f8 - Fixed tests for enhanced rsa_check_privkey() 2012-09-27 20:41:37 +00:00
Paul Bakker
1a0f552030 - Fixed test for 'trust extension' change 2012-09-25 21:53:55 +00:00
Paul Bakker
17a9790918 - Added regression check for latest mpi_add_abs() issue 2012-09-17 08:44:35 +00:00
Paul Bakker
0c93d126bc - Ability to define openssl at top
- Also add SHA256 ciphersuites in non-tls 1.2 modes
2012-09-13 14:26:09 +00:00
Paul Bakker
68b6d88f5e - Clear all memory 2012-09-08 14:04:13 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
9195662a4c - Added test for no-subject certificates with altSubjectNames 2012-08-23 10:46:54 +00:00
Paul Bakker
6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker
a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker
92eeea4627 - Modified CMakeLists to support zlib 2012-07-03 15:10:33 +00:00
Paul Bakker
2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker
f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker
40dd5303c2 - Fixed test on Big Endian systems (Fixed Ticket #54) 2012-05-15 15:02:38 +00:00
Paul Bakker
62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker
cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker
4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker
d14cd35ece - Adapted Makefile for buildbot 2012-05-08 15:39:50 +00:00
Paul Bakker
02adedb0b1 - Added casting to prevent warnings on some compilers 2012-05-08 13:35:48 +00:00
Paul Bakker
ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker
10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker
398cb514e2 - Allow to test for multiple modes 2012-04-10 08:22:31 +00:00
Paul Bakker
c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker
0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker
89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker
6d6205091b - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
Paul Bakker
b08e6843c2 - Removed test memory leaks 2012-02-11 18:43:20 +00:00
Paul Bakker
57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker
3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker
69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker
18d32911c0 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work 2011-12-10 21:42:49 +00:00
Paul Bakker
c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker
c0a1a319df - Moved test to entropy and CTR_DRBG 2011-12-04 17:12:15 +00:00
Paul Bakker
6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker
cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker
a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker
0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker
fae618fa8b - Updated tests to reflect recent changes 2011-10-12 11:53:52 +00:00
Paul Bakker
fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker
968bc9831b - Preparations for v1.0.0 release of PolarSSL 2011-07-27 17:03:00 +00:00
Paul Bakker
73043766c7 - Fixed CMakeLists.txt for new suites with multiple data files 2011-07-13 15:03:10 +00:00
Paul Bakker
46c1794110 - Split cipher test suite into three different sets
- Adapted test source code generation accordingly
2011-07-13 14:54:54 +00:00
Paul Bakker
26b41a8370 - Fixed compiler warning 2011-07-13 14:53:58 +00:00
Paul Bakker
eaf90d9a9c - Removed unused but initialized variables 2011-07-13 14:21:52 +00:00
Paul Bakker
36f1b197ca - Added test for PKCS#8 wrapped private and public keys 2011-07-13 11:32:29 +00:00
Paul Bakker
ed56b224de - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
Paul Bakker
a585beb87e - Introduced windows DLL build and SYS_LDFLAGS 2011-06-21 08:59:44 +00:00
Paul Bakker
c65ab340a7 - Fixed error code 2011-06-09 15:44:37 +00:00
Paul Bakker
343a870daa - Expanded generic cipher layer with support for CTR and CFB128 modes of operation. 2011-06-09 14:27:58 +00:00
Paul Bakker
1ef71dffc7 - Updated unsignedness in some missed cases 2011-06-09 14:14:58 +00:00
Paul Bakker
cd43a0beec - Adjusted to use proper size_t arguments 2011-06-09 13:55:44 +00:00
Paul Bakker
828acb2234 - Updated for release 0.99-pre5 2011-05-27 09:25:42 +00:00
Paul Bakker
d7d8dbe3bf - Fixed two typos 2011-05-26 15:29:38 +00:00
Paul Bakker
c3f5656ff6 - Fixed dependency of MD4 and MD2 of POLARSSL_FS_IO 2011-05-26 14:38:05 +00:00
Paul Bakker
5690efccc4 - Fixed a whole bunch of dependencies on defines between files, examples and tests 2011-05-26 13:16:06 +00:00
Paul Bakker
c8cad6af29 - Upgraded to version 1.6.1 of FCTX 2011-05-25 11:35:09 +00:00
Paul Bakker
02722ea867 - Added missing semicolon 2011-05-25 11:34:44 +00:00
Paul Bakker
2f5947e1f6 - Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions. 2011-05-18 15:47:11 +00:00
Paul Bakker
9d781407bc - A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker
6c591fab72 - mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases. 2011-05-05 11:49:20 +00:00
Paul Bakker
335db3f121 - Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO 2011-04-25 15:28:35 +00:00
Paul Bakker
f4a3f301fd - Updated for migration to size_t 2011-04-24 15:53:29 +00:00
Paul Bakker
a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker
23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker
1be81a4e5f - Removed test for MD2 certificate as OpenSSL does not support it anymore 2011-04-23 14:46:28 +00:00
Paul Bakker
b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker
3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker
579923c51b - The config header file is now always included in all tests 2011-03-26 13:39:34 +00:00
Paul Bakker
be4e7dca08 - Debug print of MPI now removes leading zero octets and displays actual bit size of the value 2011-03-14 20:41:31 +00:00
Paul Bakker
b3dcbc18f6 - Made function resilient to endianness differences. 2011-03-13 16:57:25 +00:00
Paul Bakker
4cce2bbd5a - Renamed rnd_info structure to correct rnd_buf_info structure 2011-03-13 16:56:35 +00:00
Paul Bakker
4fa1a76c92 - Added dependency on helpers.function 2011-03-13 16:56:11 +00:00
Paul Bakker
997bbd10d8 - Removed dependency of tests on rand()
- Added pseudo-random helper function
2011-03-13 15:45:42 +00:00
Paul Bakker
9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker
345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker
1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker
c43481aa82 - Release memory used 2011-02-20 16:34:26 +00:00
Paul Bakker
2544a04918 - Replaced with current value of the certificate after certificate replacement 2011-02-20 13:52:44 +00:00
Paul Bakker
400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker
96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker
896b3be1d1 - Added proper dependencies 2011-02-06 13:12:25 +00:00
Paul Bakker
46eb13828e - Makefiles now respect external CFLAGS and LDFLAGS. Closes ticket #2 2011-01-30 17:10:13 +00:00
Paul Bakker
9fc4659b30 - Preparing for Release of 0.99 prerelease 1 2011-01-30 16:59:02 +00:00
Paul Bakker
bbf2f63e92 - Added missing dependency on POLARSSL_DEBUG_C 2011-01-21 10:51:24 +00:00
Paul Bakker
562535d11b - Split current md_starts() and md_hmac_starts() functionality into separate md_init_ctx() for allocating the context and the existing starts() functions to initialize the message digest for use. 2011-01-20 16:42:01 +00:00
Paul Bakker
5a62408629 - Fixed compiler warnings 2011-01-18 16:31:52 +00:00
Paul Bakker
e9426948fa - Added extra compiler warnings by default 2011-01-18 16:28:42 +00:00
Paul Bakker
b06819bb5d - Adapted CMake files for the PKCS#11 support 2011-01-18 16:18:38 +00:00
Paul Bakker
43b7e35b25 - Support for PKCS#11 through the use of the pkcs11-helper library 2011-01-18 15:27:19 +00:00
Paul Bakker
76fd75a3de - Improved certificate validation and validation against the available CRLs 2011-01-16 21:12:10 +00:00
Paul Bakker
1f87fb6896 - Support for DES weak keys and parity bits added 2011-01-15 17:32:24 +00:00
Paul Bakker
f92d7a8c81 - Fixed faulty dependency in test 2011-01-15 17:05:17 +00:00
Paul Bakker
b63b0afc05 - Added verification callback in certificate verification chain in order to allow external blacklisting 2011-01-13 17:54:59 +00:00
Paul Bakker
8123e9d8f1 - Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 15:37:30 +00:00
Paul Bakker
1737385e04 - Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 14:20:01 +00:00
Paul Bakker
7c8fc71aea - Updated compile-time and run-time version number and test 2010-08-16 12:41:27 +00:00
Paul Bakker
a802e1ac10 - Updated to new rsa_init, rsa_gen_key prototypes 2010-08-16 11:56:45 +00:00
Paul Bakker
ebcef6d4e8 - Updated test to conform to new prototype of rsa_init, rsa_pkcs1_encrypt and rsa_gen_key 2010-08-16 11:10:49 +00:00
Paul Bakker
f0ba6a479a - Removed unused variable 2010-07-18 19:47:37 +00:00
Paul Bakker
a665685abf - Added rsa random deadlock test 2010-07-18 19:47:14 +00:00
Paul Bakker
545570e208 - Added initialization for RSA where needed 2010-07-18 09:00:25 +00:00
Paul Bakker
4c14a258fe - Fixed out of source build for tests with CMake 2010-06-18 22:54:05 +00:00
Paul Bakker
3ac1b2d952 - Added runtime and compiletime version information 2010-06-18 22:47:29 +00:00
Paul Bakker
baad6504d4 - Changed ARC4 to use seperate input/output buffer 2010-03-21 15:42:15 +00:00
Paul Bakker
f3ccc68100 - Fixed cipher interface for encrypt/decrypt functions 2010-03-18 21:21:02 +00:00
Paul Bakker
ff60ee6c2a - Added const-correctness to main codebase 2010-03-16 21:09:09 +00:00
Paul Bakker
9120018f3d - Added support for GeneralizedTime in X509 certificates 2010-02-18 21:26:15 +00:00
Paul Bakker
7d7f4f4ad4 - Added test_suite_debug to the Makefile 2010-02-18 18:26:04 +00:00
Paul Bakker
1f76115340 - Fixed bug resulting in failure to send the last certificate in the chain in ssl_write_certificate() and ssl_write_certificate_request() 2010-02-18 18:16:31 +00:00
Paul Bakker
c847f070e5 - Added extra test cases 2010-01-18 21:26:30 +00:00
Paul Bakker
c1f3caacf2 - Added config.h to requirements for testing 2009-10-04 15:25:48 +00:00
Paul Bakker
76791f7c32 - Rewrote sign and verify tests to handle missing algorithm definitions 2009-10-03 20:02:00 +00:00
Paul Bakker
46b8071641 - Added 'depends_on' for tests dependent on specific hash algorithms 2009-10-03 20:01:39 +00:00
Paul Bakker
ccff1671ae cat ../svn-commit.2.tmp 2009-10-03 19:57:10 +00:00
Paul Bakker
d947d765e0 - Better implemented 'make check' in normal Makefile 2009-07-28 20:16:47 +00:00
Paul Bakker
9794cb4f03 - Addec 'make check' to the standard Makefile 2009-07-28 18:55:00 +00:00
Paul Bakker
c6ce838d8f - Better handling of extension parsing 2009-07-27 21:34:45 +00:00
Paul Bakker
2b222c830b - Changed interface for AES and Camellia setkey functions to indicate invalid key lengths. 2009-07-27 21:03:45 +00:00
Paul Bakker
33768bf19b - Created better DHM tests 2009-07-27 20:37:44 +00:00
Paul Bakker
e4ff413890 - Added extra coverage tests 2009-07-27 20:22:10 +00:00
Paul Bakker
345fb49cb7 - Added extra coverage and regression tests 2009-07-20 21:26:07 +00:00
Paul Bakker
6b0fa4f33b - Added extra regression and coverage tests for ASN parsing of CRL and Key data 2009-07-20 20:35:41 +00:00
Paul Bakker
38e2b482ff - Fixed typo in name of POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE. 2009-07-19 20:41:06 +00:00
Paul Bakker
fc22c441bc - Renamed RSA_RAW to SIG_RSA_RAW for consistency in the code. 2009-07-19 20:36:27 +00:00
Paul Bakker
c26a189189 - Added extra X509 regression and coverage tests 2009-07-19 20:30:14 +00:00
Paul Bakker
b2c38f54b4 - Added a lot of ASN1 Certificate parsing tests 2009-07-19 19:36:15 +00:00
Paul Bakker
94101362e8 - Added test for larger that 64 byte hmac-md2 key 2009-07-19 19:35:51 +00:00
Paul Bakker
821fb08b53 - Added extra tests (result of coverage) 2009-07-12 13:26:42 +00:00
Paul Bakker
4d6b31a999 - Added extra certificates and tests 2009-07-12 11:11:06 +00:00
Paul Bakker
ba48cb2fee - Added and modified tests (result from coverage) 2009-07-12 11:01:32 +00:00
Paul Bakker
71d59fb4b4 - Added extra tests (result from coverage) 2009-07-12 11:00:55 +00:00
Paul Bakker
9863ca5001 - Added non-OpenSSL HMAC-MD2 hashes. They seem to be correct and OpenSSL wrong 2009-07-11 20:42:12 +00:00
Paul Bakker
0049c2fd19 - Added Makefile for tests 2009-07-11 19:15:43 +00:00
Paul Bakker
69998dd2c8 - Made code compliant with ISO99 (no-declaration-after-statement) 2009-07-11 19:15:20 +00:00
Paul Bakker
5946fd9124 - Added further coverage tests for Base64 2009-07-11 15:29:30 +00:00
Paul Bakker
37940d9ff6 - Added test coverage for X509parse
- Fixed segfault in rsa_check_privkey() and rsa_check_pubkey() and added test
2009-07-10 22:38:58 +00:00
Paul Bakker
7d8a100783 - Added handling of escaped colon's in input 2009-07-10 22:36:06 +00:00
Paul Bakker
5c60de2beb - Added preliminary test cases for DHM 2009-07-08 19:47:36 +00:00
Paul Bakker
f725a88e54 - Added test suite for XTEA 2009-07-08 06:43:10 +00:00
Paul Bakker
42a29bf7bf - Added test suite for RSA and PKCS#1 2009-07-07 20:18:41 +00:00
Paul Bakker
e896feafbe - Added additional cases for MPI, MDx
- Added test case set for Camellia, DES and 3-DES
2009-07-06 06:40:23 +00:00
Paul Bakker
f3eedce885 - Added shax_file tests and data files
- Added tests for shax self_test()
2009-07-05 11:30:16 +00:00
Paul Bakker
3d36082a8d - Added test for self_test() 2009-07-05 11:29:38 +00:00
Paul Bakker
367dae44b2 - Added CMake makefiles as alternative to regular Makefiles.
- Added preliminary Code Coverage tests for AES, ARC4, Base64, MPI, SHA-family, MD-family and  HMAC-SHA-family.
2009-06-28 21:50:27 +00:00