status-im/BearSSL
2
0
Fork 0
mirror of https://github.com/status-im/BearSSL.git synced 2025-02-24 16:38:13 +00:00
Code Issues Projects Releases Wiki Activity
78 Commits 1 Branch 3 Tags 1.5 MiB
Commit Graph

78 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Pornin
3c6823cad7 Added an explicit initialisation to a stack buffer to prevent an (harmless) uninitialised read reported by valgrind. 2017-06-22 23:15:17 +02:00
Thomas Pornin
eaa0d38fa8 Fixed IV processing for CBC decryption with AES (x86ni implementation) when data length is not multiple of 64 bytes (the bug was breaking TLS 1.0 AES/CBC on recent x86 systems). 2017-06-22 21:13:15 +02:00
Thomas Pornin
7f343eedfc Added encoded OID for hash functions (for use with PKCS#1 v1.5 signatures) into the public API. 2017-06-21 15:19:32 +02:00
Thomas Pornin
81437e1175 Fixed proper handling of clients with no "secure renegotiation" support. 2017-06-18 23:53:17 +02:00
Thomas Pornin
968da0f646 Fixed handling of incoming application data after sending a close_notify (data shall be discarded silently, not trigger an error). Also fixed a couple of bugs in the command-line test tool. 2017-06-15 16:57:37 +02:00
Thomas Pornin
2f7a003698 Added minimal support of Certificate Policies extension (ability to ignore its contents even if marked critical, in situations where it's safe to do that). 2017-06-11 03:49:02 +02:00
Thomas Pornin
52cc1a1a18 Small fix on sample server code (displaying of IPv6 addresses). 2017-06-08 00:51:55 +02:00
Thomas Pornin
d021b7eb7f Workaround for compiler bug (GCC 4.8 and 4.9 when targetting 32-bit x86). 2017-04-17 13:36:06 +00:00
Thomas Pornin
ad6a51bde3 When using Clang, use it also for linking (compatibility with core FreeBSD systems). 2017-04-14 22:32:29 +02:00
Thomas Pornin
042986b989 Made headers compatible with C++. 2017-04-06 01:03:54 +02:00
Thomas Pornin
ee15f235c9 Documentation fixes. v0.4 2017-04-03 21:38:47 +02:00
Thomas Pornin
927ecfc68d Small patch to allow compilation on old systems that predate the IPV6_V6ONLY option (Debian 2.2 "potato"). 2017-04-01 20:17:09 +02:00
Thomas Pornin
c1d1306e27 Small improvement to tolerate PEM files missing the terminating newline in the brssl command-line tool. 2017-03-19 20:46:16 +01:00
Thomas Pornin
5281cd0f58 Fixed typo in C preprocessor expression. 2017-03-19 20:08:29 +01:00
Thomas Pornin
8b2fe3add6 New "i62" code for big integers with 64x64->128 opcodes; also improved "i31" modular exponentiation. 2017-03-19 14:55:11 -04:00
Thomas Pornin
90bc9406c3 Optimised code for encoding/decoding integers when the underlying architecture has the right endianness and allows unaligned accesses. 2017-03-18 18:07:36 +01:00
Thomas Pornin
5db2d48b12 Added "ctmulq" implementation of Poly1305 (using 64->128 multiplications when available). 2017-03-18 16:46:00 +01:00
Thomas Pornin
2f88a67304 Fixed compilation for GCC 4.4 to 4.8 (AES-NI opcodes; intrinsics headers require target options to be set). 2017-03-09 20:13:23 +00:00
Thomas Pornin
98432a0a30 Improved GHASH pclmul implementation (parallel processing of four blocks, +70% speed). 2017-02-15 21:49:28 +01:00
Thomas Pornin
db8f1b6645 New AES and GHASH implementations using POWER8 crypto opcodes. 2017-02-15 14:08:37 +00:00
Thomas Pornin
f0c0046601 Cosmetic fixes in comments. 2017-01-30 00:32:21 +01:00
Thomas Pornin
5f045c7599 Added AES+GHASH implementation using AES-NI opcodes; also ARM-Thumb assembly for faster Montgomery multiplication on Cortex-M0+. Added selection functions for "default" implementations. 2017-01-29 21:46:33 +01:00
Thomas Pornin
556e525d62 Improved modular exponentiation (automatic window optimisation if there is enough room). 2017-01-24 19:35:04 +01:00
Thomas Pornin
a7e6409c37 Slight speed improvement for Curve25519 (m15 implementation on Cortex-M0+). 2017-01-23 19:54:16 +01:00
Thomas Pornin
3f00688b9d New Makefile structure; added compatibility with Windows + Visual C + nmake. 2017-01-22 20:00:29 +01:00
Thomas Pornin
2f454aad57 Some cleanups (removed unused files, split i15 code into per-function files). 2017-01-16 20:19:11 +01:00
Thomas Pornin
bd3036844b Added optimised implementation of P-256 that uses 32->64 multiplications (MUL31). 2017-01-16 18:04:40 +01:00
Thomas Pornin
89ea3b1876 Two new Curve25519 implementations (generic "i31" code, and optimised code with MUL31). 2017-01-15 23:16:18 +01:00
Thomas Pornin
3655193439 Activated Curve25519 support for ECDHE cipher suites. 2017-01-15 20:40:24 +01:00
Thomas Pornin
693d2a0085 New implementation of Curve25519 (using multiplications of words of 15 bits or so, should be much faster on Cortex M0). 2017-01-15 16:49:58 +01:00
Thomas Pornin
2f9c953af4 New basic implementation of Curve25519 (generic i15 code, experimental). 2017-01-15 03:32:13 +01:00
Thomas Pornin
ef318ef83a Added API for external hashing of ServerKeyExchange, and signature algorithm identifiers in the 0x080* format (preparatory steps for EdDSA support). 2017-01-13 21:46:28 +01:00
Thomas Pornin
44c79c1add More optimisations for EC P-256 "i15" (specialised squaring function, mixed coordinates addition with a 4-bit window when the base point is the conventional generator). 2017-01-13 05:10:43 +01:00
Thomas Pornin
21743ae69e Improved performance on dedicated P-256/i15 EC implementation. 2017-01-12 21:53:31 +01:00
Thomas Pornin
8f1043315f Simple grammar fix in header. 2017-01-12 21:52:59 +01:00
Thomas Pornin
52b3f2820f Fixed wrong check on length overflow (unsigned/signed issue). 2017-01-09 16:48:52 +01:00
Thomas Pornin
7fc1ef315f Two new Poly1305 implementations: ctmul32 uses pure 32-bit multiplications (MUL15, constant-time on about everything); i15 uses the generic i15 big integers (MUL15 again), which is quite slow but also small. 2017-01-05 19:47:00 +01:00
Thomas Pornin
28e4e120b8 New "i15" implementation of big integers (faster, and constant-time, on ARM Cortex M0/M0+); imported into EC, ECDSA, RSA. 2017-01-04 19:21:09 +01:00
Thomas Pornin
6dd8c51ba7 New experimental EC implementation (P-256, only 32-bit multiplications, meant for Cortex-M0/M0+). 2017-01-02 22:19:49 +01:00
Thomas Pornin
bf809dfae5 Fixed RSA "i32" PKCS#1 v1.5 signature generation. 2016-12-31 16:19:12 +01:00
Thomas Pornin
f9b85fee90 New simplified initialisation function for X.509 minimal engine. 2016-12-29 23:11:46 +01:00
Thomas Pornin
05ac106834 Added ALPN support (client and server). 2016-12-28 14:11:51 +01:00
Thomas Pornin
8bb8d74d4a Fixed scheduling error (jumping back to failed engine, could lead to segfault). 2016-12-24 03:20:03 +01:00
Thomas Pornin
4981173660 Added speed benchmark for Poly1305. 2016-12-24 03:19:29 +01:00
Thomas Pornin
32c995f23d Fixed definition of function (wrong name). 2016-12-22 17:01:02 +01:00
Thomas Pornin
72d33930b2 Fixed description of TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 in the command-line tool. 2016-12-15 01:10:52 +01:00
Thomas Pornin
b42bd5972f Added ChaCha20+Poly1305 support (stand-alone, cipher suites). 2016-12-13 20:01:19 +01:00
Thomas Pornin
9e71c0673a Added certificate name extraction API (from subject DN and SAN extension). 2016-12-12 20:45:06 +01:00
Thomas Pornin
fb7052216d Optimised T0 generated code: when possible (at most 256 words), word calls are encoded over one byte, even in the 128..255 range. 2016-12-12 19:58:49 +01:00
Thomas Pornin
e61ad42191 Added support for client certificates (both client-side and server-side, but still missing an API for extracting the client identity from the certificate). 2016-12-10 17:35:06 +01:00