Thomas Pornin
|
d8fa415fca
|
Added support code for RSA and EC key encoding (including reconstruction of all public and private key elements from the private key structure), with raw and PKCS#8 formats, both in DER and PEM.
|
2018-08-06 00:02:36 +02:00 |
|
Thomas Pornin
|
cfbc702d3d
|
Added AESCTR_DRBG implementation (beta).
|
2018-08-01 00:50:13 +02:00 |
|
Thomas Pornin
|
491a45337d
|
Added RSA key generation code (i15, i31, i62).
|
2018-07-31 23:00:26 +02:00 |
|
Thomas Pornin
|
a0054ad821
|
Fixed computation of product size.
|
2018-07-31 22:53:35 +02:00 |
|
Thomas Pornin
|
e37c90ac68
|
Added support for CCM and CCM_8 cipher suites.
|
2018-07-28 22:31:50 +02:00 |
|
Thomas Pornin
|
d69276c18d
|
Added guard code to avoid issue when decoding PEM but not keeping data.
|
2018-06-05 15:18:27 +02:00 |
|
Thomas Pornin
|
05520e8eae
|
Fixed some typographic errors in comments.
|
2018-05-27 23:37:15 +02:00 |
|
Thomas Pornin
|
a8a8f51ea4
|
Small typo fixes (harmless).
|
2018-05-24 15:26:43 +02:00 |
|
Thomas Pornin
|
d592e99932
|
Added RSA/OAEP implementation.
|
2018-05-23 23:16:31 +02:00 |
|
Thomas Pornin
|
f81a282878
|
Added stricter rule on input for RSA private key operation (mathematically correct but out-of-range values are now rejected).
|
2018-05-23 18:48:19 +02:00 |
|
Thomas Pornin
|
932fb89081
|
Made client stricter in cipher suite selection (better consistency with server behaviour).
|
2018-05-19 01:53:16 +02:00 |
|
Thomas Pornin
|
c1e540575c
|
Fixed bug in bit length computation (implied some wrong RSA signatures in case of carry propagation with some specific key/factor lengths).
|
2018-05-02 17:32:35 +02:00 |
|
Thomas Pornin
|
7d313ccce7
|
Simple documentation fix.
|
2018-05-02 17:31:35 +02:00 |
|
Thomas Pornin
|
12db697bcc
|
Added API to share precomputations in EAX.
|
2018-02-08 15:50:10 +01:00 |
|
Thomas Pornin
|
e51143dc16
|
Fixed test code (removed static reference to aes_x86ni code).
|
2017-12-21 15:38:19 +01:00 |
|
Thomas Pornin
|
4cbe51b0d0
|
Make Rules.mk more compatible with merges and local diffs.
|
2017-11-02 13:52:49 +01:00 |
|
Thomas Pornin
|
dddc412922
|
Added generic EAX and CCM implementations.
|
2017-10-23 23:27:28 +02:00 |
|
Thomas Pornin
|
8e94ad2fcb
|
Worked around some compiler errors with GCC 4.4 and 4.5.
|
2017-08-28 19:28:59 +02:00 |
|
Thomas Pornin
|
af9c79a071
|
Added seeder API. Also overhauled compile-time detection of features.
|
2017-08-28 16:37:30 +02:00 |
|
Thomas Pornin
|
5b980fb625
|
Switch C compiler to the generic 'cc' (to use the default compiler, not necessarily GCC -- this is for systems that offer both GCC and Clang, and use Clang as default).
|
2017-08-28 16:26:33 +02:00 |
|
Thomas Pornin
|
9dc6211237
|
Extra Makefile hack for compatibility with OpenBSD 'make'.
|
2017-08-28 16:25:20 +02:00 |
|
Thomas Pornin
|
a52cff8309
|
Some more extra casts to avoid alignment warnings with Clang and -Wcast-align on 32-bit systems with 64-bit alignment requirements (e.g. ARMv7).
|
2017-08-20 23:19:51 +02:00 |
|
Thomas Pornin
|
8e86598b33
|
Added intermediate casts to void* to prevent spurious warnings (with Clang and -Wcast-align).
|
2017-08-19 15:50:45 +02:00 |
|
Thomas Pornin
|
8cd3f8fecb
|
Some more renaming to avoid shadowing.
|
2017-08-14 19:55:34 +02:00 |
|
Thomas Pornin
|
79eec9d9e3
|
Some renaming to avoid spurious warnings on some old GCC versions.
|
2017-08-14 14:15:13 +02:00 |
|
Thomas Pornin
|
ceb6ded7b9
|
Fixed documentation (new include file for AEAD).
v0.5
|
2017-07-30 23:26:06 +02:00 |
|
Thomas Pornin
|
93681c2830
|
Added Twrch support.
|
2017-07-30 23:11:26 +02:00 |
|
Thomas Pornin
|
ce1c57909a
|
Fixed br_ssl_session_cache_lru_forget().
|
2017-07-30 14:11:45 -04:00 |
|
Thomas Pornin
|
0cc2e23690
|
Added name for new ChaCha20 implementation.
|
2017-07-26 16:03:32 +02:00 |
|
Thomas Pornin
|
24c6f09bf8
|
Added ChaCha20 implementation with SSE2 opcodes.
|
2017-07-26 15:58:01 +02:00 |
|
Thomas Pornin
|
5414fd525e
|
Added function to forget saved session parameters (for tests).
|
2017-07-26 15:52:38 +02:00 |
|
Thomas Pornin
|
127fb4a31d
|
Added general-purpose API for AEAD algorithms, and GCM implementation.
|
2017-07-17 17:22:46 +02:00 |
|
Thomas Pornin
|
4aac1cd5c6
|
Fixed behaviour in case of rejected renegotiation.
|
2017-07-15 06:14:55 +02:00 |
|
Thomas Pornin
|
57b2175020
|
Fixed selection of ECDHE_RSA suites for pre-1.2 TLS versions.
|
2017-07-07 00:49:58 +02:00 |
|
Thomas Pornin
|
ea95d8264c
|
Added implementation of keying material export (RFC 5705) (API for PRF implementations changed, to handle chunked seeds).
|
2017-07-04 20:43:39 +02:00 |
|
Thomas Pornin
|
2b738493bd
|
Fixed modular reduction bug in the special field for P-256 (in some rare cases, value would end up being negative, which would corrupt subsequent operations).
|
2017-06-24 00:31:09 +02:00 |
|
Thomas Pornin
|
d8641065c9
|
Fixed mishandling of tree structure in the cache for session parameters.
|
2017-06-24 00:29:41 +02:00 |
|
Thomas Pornin
|
3c6823cad7
|
Added an explicit initialisation to a stack buffer to prevent an (harmless) uninitialised read reported by valgrind.
|
2017-06-22 23:15:17 +02:00 |
|
Thomas Pornin
|
eaa0d38fa8
|
Fixed IV processing for CBC decryption with AES (x86ni implementation) when data length is not multiple of 64 bytes (the bug was breaking TLS 1.0 AES/CBC on recent x86 systems).
|
2017-06-22 21:13:15 +02:00 |
|
Thomas Pornin
|
7f343eedfc
|
Added encoded OID for hash functions (for use with PKCS#1 v1.5 signatures) into the public API.
|
2017-06-21 15:19:32 +02:00 |
|
Thomas Pornin
|
81437e1175
|
Fixed proper handling of clients with no "secure renegotiation" support.
|
2017-06-18 23:53:17 +02:00 |
|
Thomas Pornin
|
968da0f646
|
Fixed handling of incoming application data after sending a close_notify (data shall be discarded silently, not trigger an error). Also fixed a couple of bugs in the command-line test tool.
|
2017-06-15 16:57:37 +02:00 |
|
Thomas Pornin
|
2f7a003698
|
Added minimal support of Certificate Policies extension (ability to ignore its contents even if marked critical, in situations where it's safe to do that).
|
2017-06-11 03:49:02 +02:00 |
|
Thomas Pornin
|
52cc1a1a18
|
Small fix on sample server code (displaying of IPv6 addresses).
|
2017-06-08 00:51:55 +02:00 |
|
Thomas Pornin
|
d021b7eb7f
|
Workaround for compiler bug (GCC 4.8 and 4.9 when targetting 32-bit x86).
|
2017-04-17 13:36:06 +00:00 |
|
Thomas Pornin
|
ad6a51bde3
|
When using Clang, use it also for linking (compatibility with core FreeBSD systems).
|
2017-04-14 22:32:29 +02:00 |
|
Thomas Pornin
|
042986b989
|
Made headers compatible with C++.
|
2017-04-06 01:03:54 +02:00 |
|
Thomas Pornin
|
ee15f235c9
|
Documentation fixes.
v0.4
|
2017-04-03 21:38:47 +02:00 |
|
Thomas Pornin
|
927ecfc68d
|
Small patch to allow compilation on old systems that predate the IPV6_V6ONLY option (Debian 2.2 "potato").
|
2017-04-01 20:17:09 +02:00 |
|
Thomas Pornin
|
c1d1306e27
|
Small improvement to tolerate PEM files missing the terminating newline in the brssl command-line tool.
|
2017-03-19 20:46:16 +01:00 |
|