Rivoreo Source Code Repositories
src.rivoreo.one
/
security
/
mbedtls
/
520ea911f6de2c04d3d71e02fa8a1cb227a06e0e
/
library
98fe5ea
- Removed snprintf altogether for critical code paths
by Paul Bakker
· 12 years ago
331f563
- Do not use sprintf(), use snprintf() instead.
by Paul Bakker
· 12 years ago
ba26e9e
- Cache now only allows a maximum of entries in cache for preventing memory overrun
by Paul Bakker
· 12 years ago
f1ab0ec
- Changed default compiler flags to include -O2
by Paul Bakker
· 12 years ago
67f9d53
- Removed code breaking strict-aliasing
by Paul Bakker
· 12 years ago
81420ab
- properly print minimum version
by Paul Bakker
· 12 years ago
c110d02
- Added extra check to prevent crash on failed memory allocation
by Paul Bakker
· 12 years ago
0be82f2
- Updated rsa_pkcs1_verify() and rsa_pkcs1_sign() to use appropriate buffer size for max MPIs
by Paul Bakker
· 12 years ago
36fec23
- Updated to 1.2.0
by Paul Bakker
· 12 years ago
62261d6
- Rewrote bignum type definition #ifdef tree to work better on all systems
by Paul Bakker
· 12 years ago
3338b79
- Fixed WIN32 version of x509parse_crtpath()
by Paul Bakker
· 12 years ago
d6f17b4
- Moved definition to top to prevent MS VC compiler warning
by Paul Bakker
· 12 years ago
5c2364c
- Moved from unsigned long to uint32_t throughout code
by Paul Bakker
· 12 years ago
0e19e9f
- Minor define change to prevent warning
by Paul Bakker
· 12 years ago
993d11d
- Send ClientHello with 'minimal version'
by Paul Bakker
· 12 years ago
23f3680
- Added proper support for TLS 1.2 signature_algorithm extension on server
by Paul Bakker
· 12 years ago
1d29fb5
- Added option to add minimum accepted SSL/TLS protocol version
by Paul Bakker
· 12 years ago
62f2dee
- Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS
by Paul Bakker
· 12 years ago
915275b
- Revamped x509_verify() and the SSL f_vrfy callback implementations
by Paul Bakker
· 12 years ago
5701cdc
- Added ServerName extension parsing (SNI) at server side
by Paul Bakker
· 12 years ago
eb2c658
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
by Paul Bakker
· 12 years ago
321df6f
- Expanded rsa_check_privkey() to check DP, DQ and QP as well
by Paul Bakker
· 12 years ago
5531c6d
- Change buffer size on mpi_write_file() to cover larger size MPIs
by Paul Bakker
· 12 years ago
49d7567
- Support INTEGRITY OS
by Paul Bakker
· 12 years ago
d14277d
- Added PBKDF2 error code
by Paul Bakker
· 12 years ago
0a59707
- Added simple SSL session cache implementation
by Paul Bakker
· 12 years ago
b00ca42
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
by Paul Bakker
· 12 years ago
29b6476
- Added predefined DHM groups from RFC 5114
by Paul Bakker
· 12 years ago
d0f6fa7
- Sending of handshake_failures during renegotiation added
by Paul Bakker
· 12 years ago
2d319fd
- Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover.
by Paul Bakker
· 12 years ago
48916f9
- Added Secure Renegotiation (RFC 5746)
by Paul Bakker
· 12 years ago
b5b20f1
- Extra sanity check for input added
by Paul Bakker
· 12 years ago
5f70b25
- Correctly handle SHA256 ciphersuites in SSLv3
by Paul Bakker
· 12 years ago
ec636f3
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
by Paul Bakker
· 12 years ago
94a6796
- Correctly handle MS certificate's key usage bits
by Paul Bakker
· 12 years ago
f518b16
- Added PKCS#5 PBKDF2 key derivation function
by Paul Bakker
· 12 years ago
535e97d
- Better checking for reading over buffer boundaries
by Paul Bakker
· 12 years ago
b68cad6
- Made cipersuites in ssl context const (no intention to modify)
by Paul Bakker
· 12 years ago
bb51f0c
- Only include md.h if needed by POLARSSL_PKCS1_V21
by Paul Bakker
· 12 years ago
6a2f857
- Added DragonflyBSD support
by Paul Bakker
· 12 years ago
3c16db9
- Fixed potential memory zeroization on miscrafted RSA key
by Paul Bakker
· 12 years ago
6132d0a
- Added Blowfish to generic cipher layer
by Paul Bakker
· 12 years ago
83f00bb
- Updated strerror codes for SSL Compression and Blowfish
by Paul Bakker
· 12 years ago
a9379c0
- Added base blowfish algorithm
by Paul Bakker
· 12 years ago
2770fbd
- Added DEFLATE compression support as per RFC3749 (requires zlib)
by Paul Bakker
· 12 years ago
cefb396
- Handle empty certificate subject names
by Paul Bakker
· 12 years ago
e4791f3
- Bugfix for Windows in cert path handling
by Paul Bakker
· 12 years ago
67820bd
- Only include padlock header when POLARSSL_PADLOCK_C is defined
by Paul Bakker
· 12 years ago
8d91458
- Added X509 CA Path support
by Paul Bakker
· 12 years ago
e6ee41f
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
by Paul Bakker
· 13 years ago
5054692
- Moved to prevent uninitialized exit var
by Paul Bakker
· 13 years ago
f6198c1
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
by Paul Bakker
· 13 years ago
2a5c7a8
- Add Windows required library
by Paul Bakker
· 13 years ago
62f88dc
Makefile more compatible with WINDOWS environment
by Paul Bakker
· 13 years ago
cd5b529
- Added automatic WINDOWS define in Makefile
by Paul Bakker
· 13 years ago
4d2c124
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
by Paul Bakker
· 13 years ago
7e2c728
- Updated to support NetBSD
by Paul Bakker
· 13 years ago
186751d
- Moved out_msg to out_hdr + 32 to support hardware acceleration
by Paul Bakker
· 13 years ago
3aac1da
- Added exception error parsing when FATAL ssl message is received
by Paul Bakker
· 13 years ago
6b906e5
- Const correctness mpi_get_bit() - Documentation mpi_lsb(), mpi_msb()
by Paul Bakker
· 13 years ago
05ef835
- Added support for Hardware Acceleration hooking in SSL/TLS
by Paul Bakker
· 13 years ago
430ffbe
- Fixed potential heap corruption in x509_name allocation
by Paul Bakker
· 13 years ago
aec37cb
- Added extra sanity check to DHM values
by Paul Bakker
· 13 years ago
279432a
- Fixed size of clean
by Paul Bakker
· 13 years ago
901c656
- Fill full buffer (Wrong parameter usage)
by Paul Bakker
· 13 years ago
380da53
- Abstracted checksum updating during handshake
by Paul Bakker
· 13 years ago
ca4ab49
- Added GCM ciphersuites to TLS implementation
by Paul Bakker
· 13 years ago
d8ef167
- Updated for latest GCM error
by Paul Bakker
· 13 years ago
fc5183c
- Added input checking and more efficient buffer overlap use
by Paul Bakker
· 13 years ago
369e14b
- Small code rewrite
by Paul Bakker
· 13 years ago
030277a
- Updated error.c to include GCM errors
by Paul Bakker
· 13 years ago
13ed9ab
- Removed unused variable
by Paul Bakker
· 13 years ago
0a92518
- Report unexpected_message if unknown record type is received
by Paul Bakker
· 13 years ago
10cd225
- Added support for the SHA256 ciphersuites of AES and Camellia
by Paul Bakker
· 13 years ago
bf63b36
- Updated comments
by Paul Bakker
· 13 years ago
c3f177a
- Added client side support for signature_algorithm extension and affiliated handling
by Paul Bakker
· 13 years ago
1ef83d6
- Initial bare version of TLS 1.2
by Paul Bakker
· 13 years ago
f34cf85
- Fixed too restrictive test
by Paul Bakker
· 13 years ago
96d42da
- Removed debug value
by Paul Bakker
· 13 years ago
c7ffd36
- Added automatic debug flags to CFLAGS if DEBUG is set in shell
by Paul Bakker
· 13 years ago
452d532
- Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST)
by Paul Bakker
· 13 years ago
6126481
- Added compat for sun in net.c
by Paul Bakker
· 13 years ago
56a7684
- Added alternative for SHA1 signature structure to check for (without NULL)
by Paul Bakker
· 13 years ago
0c8f73b
- Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong
by Paul Bakker
· 13 years ago
f916962
- Removed unused variables
by Paul Bakker
· 13 years ago
89e80c9
- Added base Galois/Counter mode (GCM) for AES
by Paul Bakker
· 13 years ago
b6ad62d
- Added missing x509write.c
by Paul Bakker
· 13 years ago
02f6169
- Removed trailing char
by Paul Bakker
· 13 years ago
f654371
- Only include dependencies when required
by Paul Bakker
· 13 years ago
ad8d354
- Updated RFC ref
by Paul Bakker
· 13 years ago
3cac5e0
- x509_write_cert_req() now supports all available hash functions
by Paul Bakker
· 13 years ago
0588815
- Certificate Requests written now have the Email address written in IA5String
by Paul Bakker
· 13 years ago
bdb912d
- Added preliminary ASN.1 buffer writing support
by Paul Bakker
· 13 years ago
048d04e
- AES code only check for Padlock once
by Paul Bakker
· 13 years ago
39dfdac
- Fixed mpi_fill_random() to fill and create right size MPI
by Paul Bakker
· 13 years ago
8afa70d
- Clean Subject Alternative Name data
by Paul Bakker
· 13 years ago
57b1298
- Multi-domain certificates support wildcards as well
by Paul Bakker
· 13 years ago
1504af5
- Removed redundant POLARSSL_DEBUG_MSG define
by Paul Bakker
· 13 years ago
a8cd239
- Added support for wildcard certificates
by Paul Bakker
· 13 years ago
fab5c82
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
by Paul Bakker
· 13 years ago
Next »