Paul Bakker 
							
						 
					 
					
						
						
							
						
						68884e3c09 
					 
					
						
						
							
							Moved to advanced ciphersuite representation and more dynamic SSL code  
						
						
						
						
					 
					
						2013-03-13 14:48:32 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c9118b433b 
					 
					
						
						
							
							Renamed hash structures to ctx  
						
						
						
						
					 
					
						2013-03-13 11:48:39 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						92be97b8e6 
					 
					
						
						
							
							Align data with future location based on IV size  
						
						
						
						
					 
					
						2013-03-13 11:46:00 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						07eb38ba31 
					 
					
						
						
							
							Update ssl_hw_record_init() to receive keylen, ivlen and maclen as well  
						
						... 
						
						
						
						Added ssl_hw_record_activate() 
						
						
					 
					
						2013-03-13 11:44:40 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c7878113cb 
					 
					
						
						
							
							Do not set done in case of a fall-through  
						
						
						
						
					 
					
						2013-03-13 11:44:40 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5bd422937a 
					 
					
						
						
							
							Reverted commit  186751d9dd and made out_hdr and out_msg back-to-back again  
						
						
						
						
					 
					
						2013-03-13 11:44:40 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						926c8e49fe 
					 
					
						
						
							
							Fixed possible NULL pointer exception in ssl_get_ciphersuite()  
						
						
						
						
					 
					
						2013-03-06 18:01:03 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						e47b34bdc8 
					 
					
						
						
							
							Removed further timing differences during SSL message decryption in ssl_decrypt_buf()  
						
						... 
						
						
						
						New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.
The additional MAC checks further straighten out the timing differences. 
						
						
					 
					
						2013-02-27 14:48:00 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						86f04f400b 
					 
					
						
						
							
							Fixed comment  
						
						
						
						
					 
					
						2013-02-14 11:20:09 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c0463502ff 
					 
					
						
						
							
							Fixed memory leak in ssl_free() and ssl_reset() for active session  
						
						
						
						
					 
					
						2013-02-14 11:19:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						40865c8e5d 
					 
					
						
						
							
							Added sending of alert messages in case of decryption failures as per RFC  
						
						... 
						
						
						
						The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder. 
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d66f070d49 
					 
					
						
						
							
							Disable debug messages that can introduce a timing side channel.  
						
						... 
						
						
						
						Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail. 
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						4582999be6 
					 
					
						
						
							
							Fixed timing difference resulting from badly formatted padding.  
						
						
						
						
					 
					
						2013-02-02 19:04:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1961b709d8 
					 
					
						
						
							
							Added ssl_handshake_step() to allow single stepping the handshake  
						
						... 
						
						
						
						process
Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted. 
						
						
					 
					
						2013-01-25 14:49:24 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						769075dfb6 
					 
					
						
						
							
							Fixed dependency on POLARSSL_SHA4_C in ssl modules  
						
						
						
						
					 
					
						2012-11-24 11:26:46 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						645ce3a2b4 
					 
					
						
						
							
							- Moved ciphersuite naming scheme to IANA reserved names  
						
						
						
						
					 
					
						2012-10-31 12:32:41 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b0550d90c9 
					 
					
						
						
							
							- Added ssl_get_peer_cert() to SSL API  
						
						
						
						
					 
					
						2012-10-30 07:51:03 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						23f3680898 
					 
					
						
						
							
							- Added proper support for TLS 1.2 signature_algorithm extension on server  
						
						... 
						
						
						
						side
 - Minor const changes to other extension parsing functions 
						
						
					 
					
						2012-09-28 14:15:14 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1d29fb5e33 
					 
					
						
						
							
							- Added option to add minimum accepted SSL/TLS protocol version  
						
						
						
						
					 
					
						2012-09-28 13:28:45 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						62f2deef8b 
					 
					
						
						
							
							- Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS  
						
						
						
						
					 
					
						2012-09-28 07:31:51 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						915275ba78 
					 
					
						
						
							
							- Revamped x509_verify() and the SSL f_vrfy callback implementations  
						
						
						
						
					 
					
						2012-09-28 07:10:55 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5701cdcd02 
					 
					
						
						
							
							- Added ServerName extension parsing (SNI) at server side  
						
						
						
						
					 
					
						2012-09-27 21:49:42 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						eb2c658163 
					 
					
						
						
							
							- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS  
						
						
						
						
					 
					
						2012-09-27 19:15:01 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						0a59707523 
					 
					
						
						
							
							- Added simple SSL session cache implementation  
						
						... 
						
						
						
						- Revamped session resumption handling 
						
						
					 
					
						2012-09-25 21:55:46 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d0f6fa7bdc 
					 
					
						
						
							
							- Sending of handshake_failures during renegotiation added  
						
						... 
						
						
						
						- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION 
						
						
					 
					
						2012-09-17 09:18:12 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						48916f9b67 
					 
					
						
						
							
							- Added Secure Renegotiation (RFC 5746)  
						
						
						
						
					 
					
						2012-09-16 19:57:18 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5f70b25c9b 
					 
					
						
						
							
							- Correctly handle SHA256 ciphersuites in SSLv3  
						
						... 
						
						
						
						- Moved ssl3_prf to separate function (no exceptions) 
						
						
					 
					
						2012-09-13 14:23:06 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b68cad6cc7 
					 
					
						
						
							
							- Made cipersuites in ssl context const (no intention to modify)  
						
						... 
						
						
						
						- Adjusted ssl_set_ciphersuites() to match 
						
						
					 
					
						2012-08-23 08:34:18 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						2770fbd651 
					 
					
						
						
							
							- Added DEFLATE compression support as per RFC3749 (requires zlib)  
						
						
						
						
					 
					
						2012-07-03 13:30:23 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						186751d9dd 
					 
					
						
						
							
							- Moved out_msg to out_hdr + 32 to support hardware acceleration  
						
						
						
						
					 
					
						2012-05-08 13:16:14 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						05ef835b6a 
					 
					
						
						
							
							- Added support for Hardware Acceleration hooking in SSL/TLS  
						
						
						
						
					 
					
						2012-05-08 09:17:57 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						380da53c48 
					 
					
						
						
							
							- Abstracted checksum updating during handshake  
						
						
						
						
					 
					
						2012-04-18 16:10:25 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						ca4ab49158 
					 
					
						
						
							
							- Added GCM ciphersuites to TLS implementation  
						
						
						
						
					 
					
						2012-04-18 14:23:57 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						0a9251870a 
					 
					
						
						
							
							- Report unexpected_message if unknown record type is received  
						
						
						
						
					 
					
						2012-04-16 06:46:41 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						10cd225962 
					 
					
						
						
							
							- Added support for the SHA256 ciphersuites of AES and Camellia  
						
						
						
						
					 
					
						2012-04-12 21:26:34 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						1ef83d66dd 
					 
					
						
						
							
							- Initial bare version of TLS 1.2  
						
						
						
						
					 
					
						2012-04-11 12:09:53 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						f34cf85534 
					 
					
						
						
							
							- Fixed too restrictive test  
						
						
						
						
					 
					
						2012-04-10 07:48:40 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						452d532955 
					 
					
						
						
							
							- Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST)  
						
						
						
						
					 
					
						2012-04-05 12:07:34 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						fab5c829e7 
					 
					
						
						
							
							- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!  
						
						
						
						
					 
					
						2012-02-06 16:45:10 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b15b851d6d 
					 
					
						
						
							
							- Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket  #47 , found by Hugo Leisink)  
						
						
						
						
					 
					
						2012-01-13 13:44:06 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						69e095cc15 
					 
					
						
						
							
							- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.  
						
						... 
						
						
						
						- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly 
						
						
					 
					
						2011-12-10 21:55:01 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						6c0ceb3f9a 
					 
					
						
						
							
							-  Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error  
						
						
						
						
					 
					
						2011-12-04 12:24:18 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						a3d195c41f 
					 
					
						
						
							
							- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs  
						
						
						
						
					 
					
						2011-11-27 21:07:34 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						490ecc8c3e 
					 
					
						
						
							
							- Added ssl_set_max_version() to set the client's maximum sent version number  
						
						
						
						
					 
					
						2011-10-06 13:04:09 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						7eb013face 
					 
					
						
						
							
							- Added ssl_session_reset() to allow re-use of already set non-connection specific context information  
						
						
						
						
					 
					
						2011-10-06 12:37:39 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						8934a98f82 
					 
					
						
						
							
							- Fixed memcpy() that had possible overlapping areas to memmove()  
						
						
						
						
					 
					
						2011-08-05 11:11:53 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						39bb418d93 
					 
					
						
						
							
							- Made second argument of f_send() prototype and of net_send() const  
						
						
						
						
					 
					
						2011-06-21 07:36:43 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						887bd502d2 
					 
					
						
						
							
							- Undid fix for ssl_write that introduced a true bug when buffers are running full.  
						
						
						
						
					 
					
						2011-06-08 13:10:54 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						831a755d9e 
					 
					
						
						
							
							- Changed behaviour of net_recv(), ssl_fetch_input() and ssl_read(). net_recv() now  returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake.  
						
						... 
						
						
						
						- Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN 
						
						
					 
					
						2011-05-18 13:32:51 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9d781407bc 
					 
					
						
						
							
							- A error_strerror function() has been added to translate between error codes and their description.  
						
						... 
						
						
						
						- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers. 
						
						
					 
					
						2011-05-09 16:17:09 +00:00