Rivoreo Source Code Repositories
src.rivoreo.one
/
security
/
mbedtls
/
c9118b433bb4c90a792c0e538558c4f3f6f2127b
/
ChangeLog
90f042d
Prepared for PolarSSL 1.2.6 release
by Paul Bakker
· 12 years ago
polarssl-1.2.6
fb1cbd3
Fixed assembly code for ARM (Thumb and regular) for some compilers
by Paul Bakker
· 12 years ago
e81beda
The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain)
by Paul Bakker
· 12 years ago
a35aa54
Fixed whitespaces in ChangeLog
by Paul Bakker
· 12 years ago
78a8c71
Re-added support for parsing and handling SSLv2 Client Hello messages
by Paul Bakker
· 12 years ago
37286a5
Fixed net_bind() for specified IP addresses on little endian systems
by Paul Bakker
· 12 years ago
8804f69
Removed timing differences due to bad padding from RSA decrypt for
by Paul Bakker
· 12 years ago
a43231c
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
by Paul Bakker
· 12 years ago
b386913
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions
by Paul Bakker
· 12 years ago
e3e4a59
Added bugfix line for previous fixes for MS Visual Studio
by Paul Bakker
· 12 years ago
3d2dc0f
Corrected GCM counter incrementation to use only 32-bits instead of 128-bits
by Paul Bakker
· 12 years ago
e47b34b
Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
by Paul Bakker
· 12 years ago
c046350
Fixed memory leak in ssl_free() and ssl_reset() for active session
by Paul Bakker
· 12 years ago
c7a2da4
Updated for PolarSSL 1.2.5
by Paul Bakker
· 12 years ago
polarssl-1.2.5
40865c8
Added sending of alert messages in case of decryption failures as per RFC
by Paul Bakker
· 12 years ago
d66f070
Disable debug messages that can introduce a timing side channel.
by Paul Bakker
· 12 years ago
4582999
Fixed timing difference resulting from badly formatted padding.
by Paul Bakker
· 12 years ago
8fe40dc
Allow enabling of dummy error_strerror() to support some use-cases
by Paul Bakker
· 12 years ago
14c56a3
Updated for PolarSSL 1.2.4
by Paul Bakker
· 12 years ago
polarssl-1.2.4
9d2bb65
Added PolarSSL 1.1.5 ChangeLog from 1.1 branch
by Paul Bakker
· 12 years ago
1961b70
Added ssl_handshake_step() to allow single stepping the handshake process
by Paul Bakker
· 12 years ago
9c94cdd
Correctly handle CertificateRequest with empty DN list in <= TLS 1.1
by Paul Bakker
· 12 years ago
21dca69
Handle future version properly in ssl_write_certificate_request()
by Paul Bakker
· 12 years ago
40628ba
Memory leak when using RSA_PKCS_V21 operations fixed
by Paul Bakker
· 12 years ago
fb1ba78
Updated for release 1.2.3
by Paul Bakker
· 12 years ago
polarssl-1.2.3
df5069c
Updated for 1.2.2 release
by Paul Bakker
· 12 years ago
polarssl-1.2.2
7c90da9
Amended ChangeLog for client authentication fix
by Paul Bakker
· 12 years ago
e667c98
Added p_hw_data to ssl_context for context specific hardware acceleration data
by Paul Bakker
· 12 years ago
1492633
Updated date for release
by Paul Bakker
· 12 years ago
polarssl-1.2.1
e44ec10
Fixed segfault in mpi_shift_r()
by Manuel Pégourié-Gonnard
· 12 years ago
34d8dbc
- Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0)
by Paul Bakker
· 12 years ago
b815682
- Updated Changelog for 1.2.1
by Paul Bakker
· 12 years ago
9daf0d0
- Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
by Paul Bakker
· 12 years ago
f02c564
- Allow R and A to point to same mpi in mpi_div_mpi
by Paul Bakker
· 12 years ago
d9374b0
- Moved mpi_inv_mod() outside POLARSSL_GENPRIME
by Paul Bakker
· 12 years ago
7a2538e
- Fixes for MSVC6
by Paul Bakker
· 12 years ago
c9c5df9
- Updated for PolarSSL 1.2.0
by Paul Bakker
· 12 years ago
645ce3a
- Moved ciphersuite naming scheme to IANA reserved names
by Paul Bakker
· 12 years ago
4f024b7
- Fixed for SPARC64
by Paul Bakker
· 12 years ago
d5834bb
- Added release text for 1.1.4 to ChangeLog
by Paul Bakker
· 12 years ago
5c2364c
- Moved from unsigned long to uint32_t throughout code
by Paul Bakker
· 12 years ago
1d29fb5
- Added option to add minimum accepted SSL/TLS protocol version
by Paul Bakker
· 12 years ago
915275b
- Revamped x509_verify() and the SSL f_vrfy callback implementations
by Paul Bakker
· 12 years ago
5701cdc
- Added ServerName extension parsing (SNI) at server side
by Paul Bakker
· 12 years ago
eb2c658
- Generalized external private key implementation handling (like PKCS#11) in SSL/TLS
by Paul Bakker
· 12 years ago
0a59707
- Added simple SSL session cache implementation
by Paul Bakker
· 12 years ago
b00ca42
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
by Paul Bakker
· 12 years ago
29b6476
- Added predefined DHM groups from RFC 5114
by Paul Bakker
· 12 years ago
995a215
- Added credits
by Paul Bakker
· 12 years ago
d4c2bd7
- Added bug
by Paul Bakker
· 12 years ago
48916f9
- Added Secure Renegotiation (RFC 5746)
by Paul Bakker
· 12 years ago
ec636f3
- Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation)
by Paul Bakker
· 12 years ago
f518b16
- Added PKCS#5 PBKDF2 key derivation function
by Paul Bakker
· 12 years ago
535e97d
- Better checking for reading over buffer boundaries
by Paul Bakker
· 12 years ago
3c16db9
- Fixed potential memory zeroization on miscrafted RSA key
by Paul Bakker
· 12 years ago
6132d0a
- Added Blowfish to generic cipher layer
by Paul Bakker
· 12 years ago
a9379c0
- Added base blowfish algorithm
by Paul Bakker
· 12 years ago
2770fbd
- Added DEFLATE compression support as per RFC3749 (requires zlib)
by Paul Bakker
· 12 years ago
4f9a7bb
- Added Thumb assembly optimizations
by Paul Bakker
· 12 years ago
cefb396
- Handle empty certificate subject names
by Paul Bakker
· 12 years ago
8d91458
- Added X509 CA Path support
by Paul Bakker
· 12 years ago
e6ee41f
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
by Paul Bakker
· 13 years ago
f6198c1
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
by Paul Bakker
· 13 years ago
5b37784
- Updated with tickets
by Paul Bakker
· 13 years ago
4d2c124
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
by Paul Bakker
· 13 years ago
186751d
- Moved out_msg to out_hdr + 32 to support hardware acceleration
by Paul Bakker
· 13 years ago
6b906e5
- Const correctness mpi_get_bit() - Documentation mpi_lsb(), mpi_msb()
by Paul Bakker
· 13 years ago
05ef835
- Added support for Hardware Acceleration hooking in SSL/TLS
by Paul Bakker
· 13 years ago
fad3893
- Added release notes for 1.1.2 and 1.1.3 to trunk
by Paul Bakker
· 13 years ago
01cc394
- Added commandline error code convertor (util/strerror)
by Paul Bakker
· 13 years ago
430ffbe
- Fixed potential heap corruption in x509_name allocation
by Paul Bakker
· 13 years ago
4cf2b7f
- Added name
by Paul Bakker
· 13 years ago
84bef1d
- Fixed DHM length to correct one
by Paul Bakker
· 13 years ago
ca4ab49
- Added GCM ciphersuites to TLS implementation
by Paul Bakker
· 13 years ago
915940e
- Added TLS1.2
by Paul Bakker
· 13 years ago
452d532
- Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST)
by Paul Bakker
· 13 years ago
7beceb2
by Paul Bakker
· 13 years ago
3782458
- Added Changelog for bugfix in mpi_cmp_mpi()
by Paul Bakker
· 13 years ago
89e80c9
- Added base Galois/Counter mode (GCM) for AES
by Paul Bakker
· 13 years ago
bdb912d
- Added preliminary ASN.1 buffer writing support
by Paul Bakker
· 13 years ago
048d04e
- AES code only check for Padlock once
by Paul Bakker
· 13 years ago
1504af5
- Removed redundant POLARSSL_DEBUG_MSG define
by Paul Bakker
· 13 years ago
a8cd239
- Added support for wildcard certificates
by Paul Bakker
· 13 years ago
fab5c82
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
by Paul Bakker
· 13 years ago
99955bf
- Final changes for 1.1.1 release
by Paul Bakker
· 13 years ago
2ec0a56
- Fixed issue with Intel compiler on 64-bit platforms
by Paul Bakker
· 13 years ago
b15b851
- Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink)
by Paul Bakker
· 13 years ago
08a5088
- Updated release date
by Paul Bakker
· 13 years ago
a42b3e9
- Fixed top line for version
by Paul Bakker
· 13 years ago
69e095c
- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
by Paul Bakker
· 13 years ago
c50132d
- Updated version of PolarSSL to 1.1.0
by Paul Bakker
· 13 years ago
c8ffbe7
- Corrected removal of leading '00:' in printing serial numbers in certificates and CRLs
by Paul Bakker
· 13 years ago
4f5ae80
- Fixed MS Visual C++ name clash with int64 in sha4.h
by Paul Bakker
· 13 years ago
508ad5a
- Moved all examples programs to use the new entropy and CTR_DRBG
by Paul Bakker
· 13 years ago
6c0ceb3
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error
by Paul Bakker
· 13 years ago
6083fd2
- Added a generic entropy accumulator that provides support for adding custom entropy sources and added some generic and platform dependent entropy sources
by Paul Bakker
· 13 years ago
a3d195c
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
by Paul Bakker
· 13 years ago
0e04d0e
- Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
by Paul Bakker
· 13 years ago
4463740
- Improved build support for s390x and sparc64 in bignum.h
by Paul Bakker
· 13 years ago
03c7c25
- * If certificate serial is longer than 32 octets, serial number is now appended with '....' after first 28 octets
by Paul Bakker
· 13 years ago
Next »