Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a658a4051b 
					 
					
						
						
							
							Update copyright  
						
						
						
						
					 
					
						2015-01-23 09:55:24 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b4fe3cb1fa 
					 
					
						
						
							
							Rename to mbed TLS in the documentation/comments  
						
						
						
						
					 
					
						2015-01-22 16:11:05 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						967a2a5f8c 
					 
					
						
						
							
							Change name to mbed TLS in the copyright notice  
						
						
						
						
					 
					
						2015-01-22 14:28:16 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d66645130c 
					 
					
						
						
							
							Add a ciphersuite NODTLS flag  
						
						
						
						
					 
					
						2014-10-21 16:30:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						82788fb63b 
					 
					
						
						
							
							Fix minor style issues  
						
						
						
						
					 
					
						2014-10-20 13:59:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a04fa4fa04 
					 
					
						
						
							
							RSA-PSK key exchange requires TLS 1.x  
						
						... 
						
						
						
						It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues. 
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8d4ad07706 
					 
					
						
						
							
							SHA-2 ciphersuites now require TLS 1.x  
						
						
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						dfc7df0bec 
					 
					
						
						
							
							Add SSL_CIPHERSUITES config option  
						
						
						
						
					 
					
						2014-07-04 14:59:02 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						791684c058 
					 
					
						
						
							
							Save RAM when only a few ciphersuites are defined  
						
						
						
						
					 
					
						2014-06-30 19:07:01 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						01edb1044c 
					 
					
						
						
							
							Add POLARSSL_REMOVE_RC4_CIPHERSUITES  
						
						
						
						
					 
					
						2014-06-25 11:27:59 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						2a45d1c8bb 
					 
					
						
						
							
							Merge changes to config examples and configuration issues  
						
						
						
						
					 
					
						2014-06-25 11:27:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						42b5374523 
					 
					
						
						
							
							Switch CCM and GCM in default suite order  
						
						... 
						
						
						
						The upcoming BCP document recommends GCM as the default. 
						
						
					 
					
						2014-06-25 11:26:13 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ac2ccf897c 
					 
					
						
						
							
							Fix CCM ciphersuites definition: PSK <-> DHE-PSK!  
						
						
						
						
					 
					
						2014-06-24 15:48:01 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d8bb82665e 
					 
					
						
						
							
							Fix code styling for return statements  
						
						
						
						
					 
					
						2014-06-17 14:06:49 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6768da9438 
					 
					
						
						
							
							Register CCM ciphersuites (not implemented yet)  
						
						
						
						
					 
					
						2014-05-14 14:10:36 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b9e4e2c97a 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9af723cee7 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cef4ad2509 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						c16f4e1f78 
					 
					
						
						
							
							Move RC4 ciphersuites down the list  
						
						
						
						
					 
					
						2014-04-30 16:27:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						280f95bd00 
					 
					
						
						
							
							Add #ifs arround ssl_ciphersuite_uses_XXX()  
						
						
						
						
					 
					
						2014-01-22 12:56:37 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						25781b22e3 
					 
					
						
						
							
							Add ECDH_RSA and ECDH_ECDSA ciphersuites  
						
						... 
						
						
						
						(not implemented yet) 
						
						
					 
					
						2013-12-17 11:32:31 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						20b9af7998 
					 
					
						
						
							
							Fix min_version (TLS 1.0) for ECDHE-PSK suites  
						
						
						
						
					 
					
						2013-11-26 14:31:44 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						a5bdfcde53 
					 
					
						
						
							
							Relax some SHA2 ciphersuite's version requirements  
						
						... 
						
						
						
						Changed:
- PSK ciphersuites (RFC 5487, section 3)
- ECDHE-PSK ciphersuites (RFC 5489, section 3)
- Additional Camellia ciphersuites (RFC 6367, sec 3.3)
Unchanged:
- all GCM ciphersuites
- Camellia ciphersuites from RFC 5932 (sec. 3.3.2)
- ECC-SHA2 ciphersuites from RFC 5289 (unclear)
- SHA2 from RFC 5246 (TLS 1.2, no precision) 
						
						
					 
					
						2013-11-26 13:59:43 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						6edcd41c0a 
					 
					
						
						
							
							Addition conditions for UEFI environment under MSVC  
						
						
						
						
					 
					
						2013-10-29 15:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						fa6a620b75 
					 
					
						
						
							
							Defines for UEFI environment under MSVC added  
						
						
						
						
					 
					
						2013-10-29 14:05:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1642122f8b 
					 
					
						
						
							
							Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer  
						
						
						
						
					 
					
						2013-10-28 14:38:35 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						21ef42f257 
					 
					
						
						
							
							Don't select a PSK ciphersuite if no key available  
						
						
						
						
					 
					
						2013-10-28 14:00:45 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						98d9a2c061 
					 
					
						
						
							
							Fix missing or wrong ciphersuite definitions  
						
						
						
						
					 
					
						2013-10-25 18:03:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6fb0f745be 
					 
					
						
						
							
							Rank GCM before CBC in ciphersuite_preference  
						
						
						
						
					 
					
						2013-10-25 17:08:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8d01eea7af 
					 
					
						
						
							
							Add Camellia-GCM ciphersuites  
						
						
						
						
					 
					
						2013-10-25 16:46:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						f34673e37b 
					 
					
						
						
							
							Merged RSA-PSK key-exchange and ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:46:41 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						376e8153a0 
					 
					
						
						
							
							Merged ECDHE-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:45:36 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ef0eb1ebd8 
					 
					
						
						
							
							Add two missing RSA-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-14 19:34:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						057e0cf263 
					 
					
						
						
							
							Fix ciphersuites dependencies on MD5 and SHA1  
						
						
						
						
					 
					
						2013-10-14 14:26:04 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						225d6aa786 
					 
					
						
						
							
							Add ECDHE_PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-11 19:07:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9654fb156f 
					 
					
						
						
							
							Fix missing MSVC define  
						
						
						
						
					 
					
						2013-10-11 09:17:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1a483833b3 
					 
					
						
						
							
							SSL_TLS doesn't depend on PK any more  
						
						... 
						
						
						
						(But PK does depend on RSA or ECP.) 
						
						
					 
					
						2013-09-20 12:29:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						51451f8d26 
					 
					
						
						
							
							Replace EC flag with ssl_ciphersuite_uses_ec()  
						
						
						
						
					 
					
						2013-09-18 14:35:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f7dc378ead 
					 
					
						
						
							
							Make CBC an option, step 1: ssl ciphersuites  
						
						
						
						
					 
					
						2013-09-13 15:37:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						bc4b7f08ba 
					 
					
						
						
							
							Fix possible race in ssl_list_ciphersuites()  
						
						... 
						
						
						
						Thread A: executing for loop of ssl_list_ciphersuites()
Thread B: call ssl_list_cipher_suites(), see init == 0
Thread A: return, start using the result
Thread B: memset(0) on the list used by thread A 
						
						
					 
					
						2013-09-08 20:07:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						57a8783364 
					 
					
						
						
							
							Make more room for ciphersuites  
						
						
						
						
					 
					
						2013-08-27 22:21:21 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						09edda888e 
					 
					
						
						
							
							Check key type against selected key exchange  
						
						
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						32ea60a127 
					 
					
						
						
							
							Declare ECDSA key exchange and ciphersuites  
						
						... 
						
						
						
						Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it. 
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						0f2f0bfc87 
					 
					
						
						
							
							CAMELLIA-based PSK and DHE-PSK ciphersuites added  
						
						
						
						
					 
					
						2013-07-26 15:04:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9e36f0475f 
					 
					
						
						
							
							SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly  
						
						... 
						
						
						
						The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules. 
						
						
					 
					
						2013-06-30 14:34:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						40afb4ba13 
					 
					
						
						
							
							Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487  
						
						
						
						
					 
					
						2013-04-19 22:03:30 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a1bf92ddb4 
					 
					
						
						
							
							Added PSK NULL ciphers from RFC4785  
						
						
						
						
					 
					
						2013-04-19 20:47:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						e07f41d4be 
					 
					
						
						
							
							Introduced defines to control availability of specific SSL Key Exchange  
						
						... 
						
						
						
						methods.
Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc 
						
						
					 
					
						2013-04-19 09:08:57 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						ed27a041e4 
					 
					
						
						
							
							More granular define selections within code to allow for smaller code  
						
						... 
						
						
						
						sizes 
						
						
					 
					
						2013-04-18 23:12:34 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d4a56ec6bf 
					 
					
						
						
							
							Added pre-shared key handling for the client side of SSL / TLS  
						
						... 
						
						
						
						Client side handling of the pure PSK ciphersuites is now in the base
code. 
						
						
					 
					
						2013-04-18 23:12:33 +02:00