Paul Bakker 
							
						 
					 
					
						
						
							
						
						9af723cee7 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cef4ad2509 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						c16f4e1f78 
					 
					
						
						
							
							Move RC4 ciphersuites down the list  
						
						
						
						
					 
					
						2014-04-30 16:27:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						280f95bd00 
					 
					
						
						
							
							Add #ifs arround ssl_ciphersuite_uses_XXX()  
						
						
						
						
					 
					
						2014-01-22 12:56:37 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						25781b22e3 
					 
					
						
						
							
							Add ECDH_RSA and ECDH_ECDSA ciphersuites  
						
						... 
						
						
						
						(not implemented yet) 
						
						
					 
					
						2013-12-17 11:32:31 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						20b9af7998 
					 
					
						
						
							
							Fix min_version (TLS 1.0) for ECDHE-PSK suites  
						
						
						
						
					 
					
						2013-11-26 14:31:44 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a5bdfcde53 
					 
					
						
						
							
							Relax some SHA2 ciphersuite's version requirements  
						
						... 
						
						
						
						Changed:
- PSK ciphersuites (RFC 5487, section 3)
- ECDHE-PSK ciphersuites (RFC 5489, section 3)
- Additional Camellia ciphersuites (RFC 6367, sec 3.3)
Unchanged:
- all GCM ciphersuites
- Camellia ciphersuites from RFC 5932 (sec. 3.3.2)
- ECC-SHA2 ciphersuites from RFC 5289 (unclear)
- SHA2 from RFC 5246 (TLS 1.2, no precision) 
						
						
					 
					
						2013-11-26 13:59:43 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						6edcd41c0a 
					 
					
						
						
							
							Addition conditions for UEFI environment under MSVC  
						
						
						
						
					 
					
						2013-10-29 15:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						fa6a620b75 
					 
					
						
						
							
							Defines for UEFI environment under MSVC added  
						
						
						
						
					 
					
						2013-10-29 14:05:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1642122f8b 
					 
					
						
						
							
							Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer  
						
						
						
						
					 
					
						2013-10-28 14:38:35 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						21ef42f257 
					 
					
						
						
							
							Don't select a PSK ciphersuite if no key available  
						
						
						
						
					 
					
						2013-10-28 14:00:45 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						98d9a2c061 
					 
					
						
						
							
							Fix missing or wrong ciphersuite definitions  
						
						
						
						
					 
					
						2013-10-25 18:03:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6fb0f745be 
					 
					
						
						
							
							Rank GCM before CBC in ciphersuite_preference  
						
						
						
						
					 
					
						2013-10-25 17:08:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8d01eea7af 
					 
					
						
						
							
							Add Camellia-GCM ciphersuites  
						
						
						
						
					 
					
						2013-10-25 16:46:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						f34673e37b 
					 
					
						
						
							
							Merged RSA-PSK key-exchange and ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:46:41 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						376e8153a0 
					 
					
						
						
							
							Merged ECDHE-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:45:36 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ef0eb1ebd8 
					 
					
						
						
							
							Add two missing RSA-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-14 19:34:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						057e0cf263 
					 
					
						
						
							
							Fix ciphersuites dependencies on MD5 and SHA1  
						
						
						
						
					 
					
						2013-10-14 14:26:04 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						225d6aa786 
					 
					
						
						
							
							Add ECDHE_PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-11 19:07:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9654fb156f 
					 
					
						
						
							
							Fix missing MSVC define  
						
						
						
						
					 
					
						2013-10-11 09:17:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1a483833b3 
					 
					
						
						
							
							SSL_TLS doesn't depend on PK any more  
						
						... 
						
						
						
						(But PK does depend on RSA or ECP.) 
						
						
					 
					
						2013-09-20 12:29:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						51451f8d26 
					 
					
						
						
							
							Replace EC flag with ssl_ciphersuite_uses_ec()  
						
						
						
						
					 
					
						2013-09-18 14:35:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f7dc378ead 
					 
					
						
						
							
							Make CBC an option, step 1: ssl ciphersuites  
						
						
						
						
					 
					
						2013-09-13 15:37:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						bc4b7f08ba 
					 
					
						
						
							
							Fix possible race in ssl_list_ciphersuites()  
						
						... 
						
						
						
						Thread A: executing for loop of ssl_list_ciphersuites()
Thread B: call ssl_list_cipher_suites(), see init == 0
Thread A: return, start using the result
Thread B: memset(0) on the list used by thread A 
						
						
					 
					
						2013-09-08 20:07:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						57a8783364 
					 
					
						
						
							
							Make more room for ciphersuites  
						
						
						
						
					 
					
						2013-08-27 22:21:21 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						09edda888e 
					 
					
						
						
							
							Check key type against selected key exchange  
						
						
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						32ea60a127 
					 
					
						
						
							
							Declare ECDSA key exchange and ciphersuites  
						
						... 
						
						
						
						Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it. 
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						0f2f0bfc87 
					 
					
						
						
							
							CAMELLIA-based PSK and DHE-PSK ciphersuites added  
						
						
						
						
					 
					
						2013-07-26 15:04:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9e36f0475f 
					 
					
						
						
							
							SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly  
						
						... 
						
						
						
						The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules. 
						
						
					 
					
						2013-06-30 14:34:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						40afb4ba13 
					 
					
						
						
							
							Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487  
						
						
						
						
					 
					
						2013-04-19 22:03:30 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a1bf92ddb4 
					 
					
						
						
							
							Added PSK NULL ciphers from RFC4785  
						
						
						
						
					 
					
						2013-04-19 20:47:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						e07f41d4be 
					 
					
						
						
							
							Introduced defines to control availability of specific SSL Key Exchange  
						
						... 
						
						
						
						methods.
Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc 
						
						
					 
					
						2013-04-19 09:08:57 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						ed27a041e4 
					 
					
						
						
							
							More granular define selections within code to allow for smaller code  
						
						... 
						
						
						
						sizes 
						
						
					 
					
						2013-04-18 23:12:34 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d4a56ec6bf 
					 
					
						
						
							
							Added pre-shared key handling for the client side of SSL / TLS  
						
						... 
						
						
						
						Client side handling of the pure PSK ciphersuites is now in the base
code. 
						
						
					 
					
						2013-04-18 23:12:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						27714b1aa1 
					 
					
						
						
							
							Added Camellia ECDHE-based CBC ciphersuites  
						
						... 
						
						
						
						Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 
						
						
					 
					
						2013-04-07 23:07:12 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a54e493bc0 
					 
					
						
						
							
							Added ECDHE-based SHA256 and SHA384 ciphersuites  
						
						... 
						
						
						
						Added TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ciphersuites 
						
						
					 
					
						2013-03-20 15:31:54 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						41c83d3f67 
					 
					
						
						
							
							Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS  
						
						... 
						
						
						
						Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included. 
						
						
					 
					
						2013-03-20 14:39:14 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						68884e3c09 
					 
					
						
						
							
							Moved to advanced ciphersuite representation and more dynamic SSL code  
						
						
						
						
					 
					
						2013-03-13 14:48:32 +01:00