status-im/BearSSL
2
0
Fork 0
mirror of https://github.com/status-im/BearSSL.git synced 2025-02-25 17:05:37 +00:00
Code Issues Projects Releases Wiki Activity
77 Commits 1 Branch 3 Tags 1.5 MiB
Commit Graph

77 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Pornin
eaa0d38fa8 Fixed IV processing for CBC decryption with AES (x86ni implementation) when data length is not multiple of 64 bytes (the bug was breaking TLS 1.0 AES/CBC on recent x86 systems). 2017-06-22 21:13:15 +02:00
Thomas Pornin
7f343eedfc Added encoded OID for hash functions (for use with PKCS#1 v1.5 signatures) into the public API. 2017-06-21 15:19:32 +02:00
Thomas Pornin
81437e1175 Fixed proper handling of clients with no "secure renegotiation" support. 2017-06-18 23:53:17 +02:00
Thomas Pornin
968da0f646 Fixed handling of incoming application data after sending a close_notify (data shall be discarded silently, not trigger an error). Also fixed a couple of bugs in the command-line test tool. 2017-06-15 16:57:37 +02:00
Thomas Pornin
2f7a003698 Added minimal support of Certificate Policies extension (ability to ignore its contents even if marked critical, in situations where it's safe to do that). 2017-06-11 03:49:02 +02:00
Thomas Pornin
52cc1a1a18 Small fix on sample server code (displaying of IPv6 addresses). 2017-06-08 00:51:55 +02:00
Thomas Pornin
d021b7eb7f Workaround for compiler bug (GCC 4.8 and 4.9 when targetting 32-bit x86). 2017-04-17 13:36:06 +00:00
Thomas Pornin
ad6a51bde3 When using Clang, use it also for linking (compatibility with core FreeBSD systems). 2017-04-14 22:32:29 +02:00
Thomas Pornin
042986b989 Made headers compatible with C++. 2017-04-06 01:03:54 +02:00
Thomas Pornin
ee15f235c9 Documentation fixes. v0.4 2017-04-03 21:38:47 +02:00
Thomas Pornin
927ecfc68d Small patch to allow compilation on old systems that predate the IPV6_V6ONLY option (Debian 2.2 "potato"). 2017-04-01 20:17:09 +02:00
Thomas Pornin
c1d1306e27 Small improvement to tolerate PEM files missing the terminating newline in the brssl command-line tool. 2017-03-19 20:46:16 +01:00
Thomas Pornin
5281cd0f58 Fixed typo in C preprocessor expression. 2017-03-19 20:08:29 +01:00
Thomas Pornin
8b2fe3add6 New "i62" code for big integers with 64x64->128 opcodes; also improved "i31" modular exponentiation. 2017-03-19 14:55:11 -04:00
Thomas Pornin
90bc9406c3 Optimised code for encoding/decoding integers when the underlying architecture has the right endianness and allows unaligned accesses. 2017-03-18 18:07:36 +01:00
Thomas Pornin
5db2d48b12 Added "ctmulq" implementation of Poly1305 (using 64->128 multiplications when available). 2017-03-18 16:46:00 +01:00
Thomas Pornin
2f88a67304 Fixed compilation for GCC 4.4 to 4.8 (AES-NI opcodes; intrinsics headers require target options to be set). 2017-03-09 20:13:23 +00:00
Thomas Pornin
98432a0a30 Improved GHASH pclmul implementation (parallel processing of four blocks, +70% speed). 2017-02-15 21:49:28 +01:00
Thomas Pornin
db8f1b6645 New AES and GHASH implementations using POWER8 crypto opcodes. 2017-02-15 14:08:37 +00:00
Thomas Pornin
f0c0046601 Cosmetic fixes in comments. 2017-01-30 00:32:21 +01:00
Thomas Pornin
5f045c7599 Added AES+GHASH implementation using AES-NI opcodes; also ARM-Thumb assembly for faster Montgomery multiplication on Cortex-M0+. Added selection functions for "default" implementations. 2017-01-29 21:46:33 +01:00
Thomas Pornin
556e525d62 Improved modular exponentiation (automatic window optimisation if there is enough room). 2017-01-24 19:35:04 +01:00
Thomas Pornin
a7e6409c37 Slight speed improvement for Curve25519 (m15 implementation on Cortex-M0+). 2017-01-23 19:54:16 +01:00
Thomas Pornin
3f00688b9d New Makefile structure; added compatibility with Windows + Visual C + nmake. 2017-01-22 20:00:29 +01:00
Thomas Pornin
2f454aad57 Some cleanups (removed unused files, split i15 code into per-function files). 2017-01-16 20:19:11 +01:00
Thomas Pornin
bd3036844b Added optimised implementation of P-256 that uses 32->64 multiplications (MUL31). 2017-01-16 18:04:40 +01:00
Thomas Pornin
89ea3b1876 Two new Curve25519 implementations (generic "i31" code, and optimised code with MUL31). 2017-01-15 23:16:18 +01:00
Thomas Pornin
3655193439 Activated Curve25519 support for ECDHE cipher suites. 2017-01-15 20:40:24 +01:00
Thomas Pornin
693d2a0085 New implementation of Curve25519 (using multiplications of words of 15 bits or so, should be much faster on Cortex M0). 2017-01-15 16:49:58 +01:00
Thomas Pornin
2f9c953af4 New basic implementation of Curve25519 (generic i15 code, experimental). 2017-01-15 03:32:13 +01:00
Thomas Pornin
ef318ef83a Added API for external hashing of ServerKeyExchange, and signature algorithm identifiers in the 0x080* format (preparatory steps for EdDSA support). 2017-01-13 21:46:28 +01:00
Thomas Pornin
44c79c1add More optimisations for EC P-256 "i15" (specialised squaring function, mixed coordinates addition with a 4-bit window when the base point is the conventional generator). 2017-01-13 05:10:43 +01:00
Thomas Pornin
21743ae69e Improved performance on dedicated P-256/i15 EC implementation. 2017-01-12 21:53:31 +01:00
Thomas Pornin
8f1043315f Simple grammar fix in header. 2017-01-12 21:52:59 +01:00
Thomas Pornin
52b3f2820f Fixed wrong check on length overflow (unsigned/signed issue). 2017-01-09 16:48:52 +01:00
Thomas Pornin
7fc1ef315f Two new Poly1305 implementations: ctmul32 uses pure 32-bit multiplications (MUL15, constant-time on about everything); i15 uses the generic i15 big integers (MUL15 again), which is quite slow but also small. 2017-01-05 19:47:00 +01:00
Thomas Pornin
28e4e120b8 New "i15" implementation of big integers (faster, and constant-time, on ARM Cortex M0/M0+); imported into EC, ECDSA, RSA. 2017-01-04 19:21:09 +01:00
Thomas Pornin
6dd8c51ba7 New experimental EC implementation (P-256, only 32-bit multiplications, meant for Cortex-M0/M0+). 2017-01-02 22:19:49 +01:00
Thomas Pornin
bf809dfae5 Fixed RSA "i32" PKCS#1 v1.5 signature generation. 2016-12-31 16:19:12 +01:00
Thomas Pornin
f9b85fee90 New simplified initialisation function for X.509 minimal engine. 2016-12-29 23:11:46 +01:00
Thomas Pornin
05ac106834 Added ALPN support (client and server). 2016-12-28 14:11:51 +01:00
Thomas Pornin
8bb8d74d4a Fixed scheduling error (jumping back to failed engine, could lead to segfault). 2016-12-24 03:20:03 +01:00
Thomas Pornin
4981173660 Added speed benchmark for Poly1305. 2016-12-24 03:19:29 +01:00
Thomas Pornin
32c995f23d Fixed definition of function (wrong name). 2016-12-22 17:01:02 +01:00
Thomas Pornin
72d33930b2 Fixed description of TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 in the command-line tool. 2016-12-15 01:10:52 +01:00
Thomas Pornin
b42bd5972f Added ChaCha20+Poly1305 support (stand-alone, cipher suites). 2016-12-13 20:01:19 +01:00
Thomas Pornin
9e71c0673a Added certificate name extraction API (from subject DN and SAN extension). 2016-12-12 20:45:06 +01:00
Thomas Pornin
fb7052216d Optimised T0 generated code: when possible (at most 256 words), word calls are encoded over one byte, even in the 128..255 range. 2016-12-12 19:58:49 +01:00
Thomas Pornin
e61ad42191 Added support for client certificates (both client-side and server-side, but still missing an API for extracting the client identity from the certificate). 2016-12-10 17:35:06 +01:00
Thomas Pornin
e9ce2f4e8c Small documentation fixes. 2016-11-30 02:25:14 +01:00