Rivoreo Source Code Repositories
src.rivoreo.one
/
security
/
mbedtls
/
d2f068e071bc4cb9b672dbf0a64ed816cd0560d4
/
library
d2f068e
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
by Paul Bakker
· 11 years ago
fb08fd2
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
by Paul Bakker
· 11 years ago
0a20171
Fix compiler warning from gcc -Os
by Manuel Pégourié-Gonnard
· 11 years ago
70f1768
Make two format strings literal
by Manuel Pégourié-Gonnard
· 11 years ago
c6554aa
Check length of session tickets we write
by Manuel Pégourié-Gonnard
· 11 years ago
38d1eba
Move verify_result from ssl_context to session
by Manuel Pégourié-Gonnard
· 11 years ago
fff80f8
PK: use NULL for unimplemented operations
by Manuel Pégourié-Gonnard
· 11 years ago
f73da02
PK: change pk_verify arguments (md_info "optional")
by Manuel Pégourié-Gonnard
· 11 years ago
ab46694
Change pk_set_type to pk_init_ctx for consistency
by Manuel Pégourié-Gonnard
· 11 years ago
ac4cd36
PK rsa_verify: check signature length
by Manuel Pégourié-Gonnard
· 11 years ago
1569938
Small PK cleanups
by Manuel Pégourié-Gonnard
· 11 years ago
3fb5c5e
PK: rename members for consistency CIPHER, MD
by Manuel Pégourié-Gonnard
· 11 years ago
09162dd
PK: reuse some eckey functions for ecdsa
by Manuel Pégourié-Gonnard
· 11 years ago
c6ac887
Nicer interface between PK and debug.
by Manuel Pégourié-Gonnard
· 11 years ago
b3d9187
PK: add nice interface functions
by Manuel Pégourié-Gonnard
· 11 years ago
765db07
PK: use alloc and free function pointers
by Manuel Pégourié-Gonnard
· 11 years ago
3053f5b
Get rid of pk_wrap_rsa()
by Manuel Pégourié-Gonnard
· 11 years ago
f8c948a
Add name and get_size() members in PK
by Manuel Pégourié-Gonnard
· 11 years ago
835eb59
PK: fix support for ECKEY_DH
by Manuel Pégourié-Gonnard
· 11 years ago
f18c3e0
Add a PK can_do() method and simplify code
by Manuel Pégourié-Gonnard
· 11 years ago
d73b3c1
PK: use wrappers and function pointers for verify
by Manuel Pégourié-Gonnard
· 11 years ago
f499993
Add ecdsa_from_keypair()
by Manuel Pégourié-Gonnard
· 11 years ago
cc0a9d0
Fix const-correctness of rsa_*_verify()
by Manuel Pégourié-Gonnard
· 11 years ago
f84b4d6
Check sig_pk for signature verification
by Manuel Pégourié-Gonnard
· 11 years ago
96d5912
Implement EC cert and crl verification
by Manuel Pégourié-Gonnard
· 11 years ago
211a64c
Add eckey to ecdsa conversion in the PK layer
by Manuel Pégourié-Gonnard
· 11 years ago
b4d69c4
Prepare for EC cert & crl validation
by Manuel Pégourié-Gonnard
· 11 years ago
e09631b
Create ecp_group_copy() and use it
by Manuel Pégourié-Gonnard
· 11 years ago
8eebd01
Add an ecdsa_genkey() function
by Manuel Pégourié-Gonnard
· 11 years ago
b694b48
Add ecdsa_{read,write}_signature()
by Manuel Pégourié-Gonnard
· 11 years ago
3a074a7
Actually skip certificate if we do not understand hash type
by Paul Bakker
· 11 years ago
dc4baf1
Removed errant printf in x509parse_self_test()
by Paul Bakker
· 11 years ago
42c3ccf
Fixed potential negative value misinterpretation in load_file()
by Paul Bakker
· 11 years ago
75c1a6f
Fixed potential heap buffer overflow on large hostname setting
by Paul Bakker
· 11 years ago
694d3ae
Fixed potential heap buffer overflow on large file reading
by Paul Bakker
· 11 years ago
5fd4917
Add missing ifdefs in ssl modules
by Paul Bakker
· 11 years ago
04376b1
Fixed memory leak in ssl_parse_server_key_exchange from missing md_free_ctx()
by Paul Bakker
· 11 years ago
298aae4
Adapt core OID functions to embeded null bytes
by Manuel Pégourié-Gonnard
· 11 years ago
c13c0d4
Add a length check in rsa_get_pubkey()
by Manuel Pégourié-Gonnard
· 11 years ago
56a487a
Minor ecdsa cleanups
by Manuel Pégourié-Gonnard
· 11 years ago
686bfae
Fix memory error in x509_get_attr_type_value
by Manuel Pégourié-Gonnard
· 11 years ago
ba77bbf
Fix memory error in asn1_get_alg()
by Manuel Pégourié-Gonnard
· 11 years ago
06dab80
Fix memory error in asn1_get_bitstring_null()
by Manuel Pégourié-Gonnard
· 11 years ago
0b27267
Fix ifdef conditions for EC-related extensions.
by Manuel Pégourié-Gonnard
· 11 years ago
5734b2d
Actually use the point format selected for ECDH
by Manuel Pégourié-Gonnard
· 11 years ago
7b19c16
Handle suported_point_formats in ServerHello
by Manuel Pégourié-Gonnard
· 11 years ago
6b8846d
Stop advertising support for compressed points
by Manuel Pégourié-Gonnard
· 11 years ago
1f2bc62
Made support for the truncated_hmac extension configurable
by Paul Bakker
· 11 years ago
05decb2
Made support for the max_fragment_length extension configurable
by Paul Bakker
· 11 years ago
606b4ba
Session ticket expiration checked on server
by Paul Bakker
· 11 years ago
f0e39ac
Fixed unitialized n when resuming a session
by Paul Bakker
· 11 years ago
a503a63
Made session tickets support configurable from config.h
by Paul Bakker
· 11 years ago
56dc9e8
Authenticate session tickets.
by Manuel Pégourié-Gonnard
· 11 years ago
990c51a
Encrypt session tickets
by Manuel Pégourié-Gonnard
· 11 years ago
779e429
Start adding ticket keys (only key_name for now)
by Manuel Pégourié-Gonnard
· 11 years ago
aa0d4d1
Add ssl_set_session_tickets()
by Manuel Pégourié-Gonnard
· 11 years ago
306827e
Prepare ticket structure for securing
by Manuel Pégourié-Gonnard
· 11 years ago
06650f6
Fix reusing session more than once
by Manuel Pégourié-Gonnard
· 11 years ago
593058e
Don't renew ticket when the current one is OK
by Manuel Pégourié-Gonnard
· 11 years ago
c086cce
Don't cache empty session ID nor resumed session
by Manuel Pégourié-Gonnard
· 11 years ago
7cd5924
Rework NewSessionTicket handling in state machine
by Manuel Pégourié-Gonnard
· 11 years ago
3ffa3db
Fix server session ID handling with ticket
by Manuel Pégourié-Gonnard
· 11 years ago
72882b2
Relax limit on ClientHello size
by Manuel Pégourié-Gonnard
· 11 years ago
609bc81
ssl_srv: read & write ticket, unsecure for now
by Manuel Pégourié-Gonnard
· 11 years ago
94f6a79
Auxiliary functions to (de)serialize ssl_session
by Manuel Pégourié-Gonnard
· 11 years ago
7a358b8
ssl_srv: write & parse session ticket ext & msg
by Manuel Pégourié-Gonnard
· 11 years ago
6377e41
Complete client support for session tickets
by Manuel Pégourié-Gonnard
· 11 years ago
a5cc602
Parse NewSessionTicket message
by Manuel Pégourié-Gonnard
· 11 years ago
60182ef
ssl_cli: write & parse session ticket extension
by Manuel Pégourié-Gonnard
· 11 years ago
75d4401
Introduce ticket field in session structure
by Manuel Pégourié-Gonnard
· 11 years ago
5f280cc
Implement saving peer cert as part of session.
by Manuel Pégourié-Gonnard
· 11 years ago
7471803
Add ssl_get_session() to save session on client
by Manuel Pégourié-Gonnard
· 11 years ago
48e93c8
Made padding modes configurable from config.h
by Paul Bakker
· 11 years ago
1a45d91
Restructured cipher_set_padding_mode() to use switch statement
by Paul Bakker
· 11 years ago
ebdc413
Add 'no padding' mode
by Manuel Pégourié-Gonnard
· 11 years ago
0e7d2c0
Add zero padding
by Manuel Pégourié-Gonnard
· 11 years ago
8d4291b
Add zeros-and-length (ANSI X.923) padding
by Manuel Pégourié-Gonnard
· 11 years ago
679f9e9
Add one-and-zeros (ISO/IEC 7816-4) padding
by Manuel Pégourié-Gonnard
· 11 years ago
b7d24bc
Fix bug in get_pkcs_padding(): cannot be 0-length
by Manuel Pégourié-Gonnard
· 11 years ago
ac56a1a
Make cipher_set_padding() actually work
by Manuel Pégourié-Gonnard
· 11 years ago
d5fdcaf
Add cipher_set_padding() (no effect yet)
by Manuel Pégourié-Gonnard
· 11 years ago
0f2f0bf
CAMELLIA-based PSK and DHE-PSK ciphersuites added
by Paul Bakker
· 11 years ago
b548d77
Fixed memory leak in ecdh_compute_shared() in case of error
by Paul Bakker
· 11 years ago
cca998a
Fixed memory leak in ecdsa_sign() / ecdsa_verify() in case of error
by Paul Bakker
· 11 years ago
1e6a175
Support for AIX header locations in net.c module
by Paul Bakker
· 11 years ago
52cf16c
Fixed multiple use of GCM-context bug due to split-up of GCM functions
by Paul Bakker
· 11 years ago
d9ca94a
Updated merged pk.c and x509parse.c changes with new memory allocation functions
by Paul Bakker
· 11 years ago
8c1ede6
Changed prototype for ssl_set_truncated_hmac() to allow disabling
by Paul Bakker
· 11 years ago
277f7f2
Implement hmac truncation
by Manuel Pégourié-Gonnard
· 11 years ago
57c2852
Added truncated hmac negociation (without effect)
by Manuel Pégourié-Gonnard
· 11 years ago
e980a99
Add interface for truncated hmac
by Manuel Pégourié-Gonnard
· 11 years ago
e048b67
Misc minor fixes
by Manuel Pégourié-Gonnard
· 11 years ago
ed4af8b
Move negotiated max fragment length to session
by Manuel Pégourié-Gonnard
· 11 years ago
581e6b6
Prepare migrating max fragment length to session
by Manuel Pégourié-Gonnard
· 11 years ago
6b4f237
Forbid setting max_frag_len > MAX_CONTENT_LEN
by Manuel Pégourié-Gonnard
· 11 years ago
30dc7ef
Reset max_fragment_length in ssl_session_reset()
by Manuel Pégourié-Gonnard
· 11 years ago
7bb7899
Send max_fragment_length extension (server)
by Manuel Pégourié-Gonnard
· 11 years ago
f11a6d7
Rework server extensions writing
by Manuel Pégourié-Gonnard
· 11 years ago
de600e5
Read max_fragment_length extension (client)
by Manuel Pégourié-Gonnard
· 11 years ago
a052849
Send max_fragment_length extension (client)
by Manuel Pégourié-Gonnard
· 11 years ago
Next »