Paul Bakker 
							
						 
					 
					
						
						
							
						
						e47b34bdc8 
					 
					
						
						
							
							Removed further timing differences during SSL message decryption in ssl_decrypt_buf()  
						
						... 
						
						
						
						New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.
The additional MAC checks further straighten out the timing differences. 
						
						
					 
					
						2013-02-27 14:48:00 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						2ca8ad10a1 
					 
					
						
						
							
							Made x509parse.c also work with missing hash header files  
						
						
						
						
					 
					
						2013-02-19 13:17:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						86f04f400b 
					 
					
						
						
							
							Fixed comment  
						
						
						
						
					 
					
						2013-02-14 11:20:09 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c0463502ff 
					 
					
						
						
							
							Fixed memory leak in ssl_free() and ssl_reset() for active session  
						
						
						
						
					 
					
						2013-02-14 11:19:38 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f35b739dff 
					 
					
						
						
							
							Add a few check for context validity.  
						
						
						
						
					 
					
						2013-02-11 22:12:39 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						424fda5d7b 
					 
					
						
						
							
							Add ecdh_calc_secret()  
						
						
						
						
					 
					
						2013-02-11 22:05:42 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						5cceb41d2c 
					 
					
						
						
							
							Add ecdh_{make,read}_public()  
						
						
						
						
					 
					
						2013-02-11 21:51:45 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						854fbd7ba2 
					 
					
						
						
							
							Add ecdh_read_params().  
						
						
						
						
					 
					
						2013-02-11 21:32:24 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						13724765b2 
					 
					
						
						
							
							Add ecdh_make_server_params (untested yet)  
						
						
						
						
					 
					
						2013-02-10 15:01:54 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						63533e44c2 
					 
					
						
						
							
							Create ecdh_context structure  
						
						
						
						
					 
					
						2013-02-10 14:22:44 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						98f51815d6 
					 
					
						
						
							
							Fix ecp_tls_read_point's signature  
						
						
						
						
					 
					
						2013-02-10 13:38:29 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7c145c6418 
					 
					
						
						
							
							Fix ecp_tls_read_group's signature  
						
						
						
						
					 
					
						2013-02-10 13:20:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						46106a9d75 
					 
					
						
						
							
							Add tests for (and fix bug in) ecp_tls_write_group  
						
						
						
						
					 
					
						2013-02-10 12:51:17 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						420f1eb675 
					 
					
						
						
							
							Fix ecp_tls_write_point's signature  
						
						
						
						
					 
					
						2013-02-10 12:22:46 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b325887fad 
					 
					
						
						
							
							Add ecp_tls_write_group()  
						
						
						
						
					 
					
						2013-02-10 12:06:19 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7e86025f32 
					 
					
						
						
							
							Rename ecp_*_binary to ecp_point_*_binary  
						
						
						
						
					 
					
						2013-02-10 10:58:48 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d84895dc22 
					 
					
						
						
							
							Supress 'format' argument to ecp_read_binary.  
						
						... 
						
						
						
						And adjust error codes for ecp_*_binary while at it. 
						
						
					 
					
						2013-02-10 10:53:04 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						0079405918 
					 
					
						
						
							
							Add functions for read/write ECPoint records  
						
						
						
						
					 
					
						2013-02-09 19:00:07 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1a96728964 
					 
					
						
						
							
							Add function parsing a TLS ECParameters record  
						
						
						
						
					 
					
						2013-02-09 17:53:31 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c7a2da437e 
					 
					
						
						
							
							Updated for PolarSSL 1.2.5  
						
						
						
						
					 
					
						2013-02-02 19:23:57 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						40865c8e5d 
					 
					
						
						
							
							Added sending of alert messages in case of decryption failures as per RFC  
						
						... 
						
						
						
						The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder. 
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d66f070d49 
					 
					
						
						
							
							Disable debug messages that can introduce a timing side channel.  
						
						... 
						
						
						
						Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail. 
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						4582999be6 
					 
					
						
						
							
							Fixed timing difference resulting from badly formatted padding.  
						
						
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						8fe40dcd7d 
					 
					
						
						
							
							Allow enabling of dummy error_strerror() to support some use-cases  
						
						... 
						
						
						
						Enable a dummy error function to make use of error_strerror() in
third party libraries easier.
Disable if you run into name conflicts and want to really remove the
error_strerror() 
						
						
					 
					
						2013-02-02 12:43:08 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						3aeb5a7192 
					 
					
						
						
							
							Add ECDSA signature primitive.  
						
						
						
						
					 
					
						2013-01-26 19:11:28 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b309ab2936 
					 
					
						
						
							
							Add ECDSA sign primitive  
						
						
						
						
					 
					
						2013-01-26 19:11:28 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						2aea1416f9 
					 
					
						
						
							
							Add skeleton ecdsa.[ch]  
						
						
						
						
					 
					
						2013-01-26 19:11:28 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6545ca7bed 
					 
					
						
						
							
							Add ECDH primitives  
						
						
						
						
					 
					
						2013-01-26 19:11:24 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						0bad5c2381 
					 
					
						
						
							
							Add skeleton ecdh.[ch]  
						
						
						
						
					 
					
						2013-01-26 15:30:46 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						45a035a9ac 
					 
					
						
						
							
							Add ecp_gen_keypair()  
						
						
						
						
					 
					
						2013-01-26 14:42:45 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						14c56a3378 
					 
					
						
						
							
							Updated for PolarSSL 1.2.4  
						
						
						
						
					 
					
						2013-01-25 17:11:37 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1961b709d8 
					 
					
						
						
							
							Added ssl_handshake_step() to allow single stepping the handshake  
						
						... 
						
						
						
						process
Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted. 
						
						
					 
					
						2013-01-25 14:49:24 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9c94cddeae 
					 
					
						
						
							
							Correctly handle CertificateRequest with empty DN list in <= TLS 1.1  
						
						
						
						
					 
					
						2013-01-22 14:21:49 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						cf4365f560 
					 
					
						
						
							
							Updated error codes for ECP  
						
						
						
						
					 
					
						2013-01-16 17:00:43 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a95919b4c7 
					 
					
						
						
							
							Added ECP files to Makefiles as well  
						
						
						
						
					 
					
						2013-01-16 17:00:05 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						5e402d88ea 
					 
					
						
						
							
							Added ecp_read_binary().  
						
						
						
						
					 
					
						2013-01-16 16:31:54 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						37d218a8e3 
					 
					
						
						
							
							Added support for writing points compressed  
						
						
						
						
					 
					
						2013-01-16 16:31:54 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e19feb5b46 
					 
					
						
						
							
							Added ecp_write_binary().  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1c33057a63 
					 
					
						
						
							
							Added ecp_check_pubkey().  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						3680c82c5a 
					 
					
						
						
							
							Made choice of w safer and more optimal  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cdd44324e9 
					 
					
						
						
							
							Added ecp_normalize_many() for faster precompute()  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b63f9e98f5 
					 
					
						
						
							
							Made ecp_mul() faster and truly SPA resistant  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7652a593d6 
					 
					
						
						
							
							Added a precompute() function for fast mult  
						
						
						
						
					 
					
						2013-01-16 16:31:53 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						855560758c 
					 
					
						
						
							
							Added function preparing for faster multiplication  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b4a310b472 
					 
					
						
						
							
							Added a selftest about SPA resistance  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9674fd0d5e 
					 
					
						
						
							
							Added ecp_sub() as a variant of ecp_add()  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1c2782cc7c 
					 
					
						
						
							
							Changed to jacobian coordinates everywhere  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						773ed546a2 
					 
					
						
						
							
							Added a nbits member to ecp_group  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						4bdd47d2cb 
					 
					
						
						
							
							Multiplication by negative is now forbidden  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8433824d5f 
					 
					
						
						
							
							Added fast mod_p192  
						
						
						
						
					 
					
						2013-01-16 16:31:52 +01:00