status-im
/
BearSSL
mirror of https://github.com/status-im/BearSSL.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 79c060eea3 Fixed spurious warning about old-style prototype. master Thomas Pornin 2023-02-20 19:09:51 -0500
  • 46f7dddce7 Added macro that indicates presence of the time callback feature. Also added C++ compatibility. Thomas Pornin 2022-06-08 08:15:39 -0400
  • 6a691e6995 Fixed RSA PSS verificatiobn bug (when hash_len != salt_len). Thomas Pornin 2022-06-08 08:09:34 -0400
  • d40d23b60c Added generic API for date range validation (with callbacks). Thomas Pornin 2022-04-17 15:02:36 -0400
  • 79b1a9996c Fixed comment. Thomas Pornin 2021-01-27 09:34:56 -0500
  • b2ec2030e4 Fixed carry propagation bug in m64 impl for P-256. Thomas Pornin 2020-11-18 09:53:11 -0500
  • dda1f8a0c4 Harmonized behaviour when point length is invalid. Thomas Pornin 2020-04-24 15:18:58 +0200
  • acc70b1be6 Typo fix in comment. origin/master origin/HEAD Thomas Pornin 2020-01-31 00:17:23 +0100
  • 946f5bad76 Added discard of unread appdata on explicit close. Thomas Pornin 2020-01-30 18:02:44 +0100
  • 252dba9149 Fixed carry propagation bug in P-256 'm62' implementation (found by Auke Zeilstra; consequences unclear, possibly some invalid curve attacks in static ECDH contexts). Thomas Pornin 2019-12-14 16:53:30 +0100
  • 15b3af72f3 Typo fix in comment. Thomas Pornin 2019-12-14 16:51:00 +0100
  • 69807a34fc Fixed typo in comment. Thomas Pornin 2019-11-15 14:58:13 +0100
  • fb4296c593 Fixed some errors in comments. Thomas Pornin 2019-09-04 15:07:42 +0200
  • 4b6046412b Fixed small display bug in debug tool. Thomas Pornin 2019-08-18 22:30:16 +0200
  • b715b43e41 Fixed buffer overflow in private key decoding (wrong buffer length used in size check). Thomas Pornin 2019-07-20 10:36:36 -0400
  • 2893441f2e Fixed a spurious warning on some compilers. Thomas Pornin 2019-05-29 13:42:20 +0200
  • e4edfb84ed Added support for getrandom()/getentropy(), and a fix for the RDRAND bug on AMD CPU (family 22). Thomas Pornin 2019-05-15 18:16:00 +0200
  • 924921d1be Fixed mishandling of UTF-8 codepoints in the FDF0..FEDF range (these were unduly rejected when extracting names from certificates, thereby preventing use of the extra presentation forms of Arabic). Thomas Pornin 2019-05-14 16:25:25 +0200
  • 9721b3e756 Fixed efficiency pre-test on RSA prime generation (no security issue, but RSA key generation with pubexp 5, 7 or 11 may be slightly more efficient). Thomas Pornin 2019-04-17 17:52:29 +0200
  • ecdf89770e Normalize use of BR_DOXYGEN_IGNORE. Thomas Pornin 2019-03-23 17:38:05 -0400
  • c1bb5356bb Small workaround for CompCert compatibility. Thomas Pornin 2019-01-24 22:07:19 +0100
  • 87a796dd69 Fixed computing of intermediate buffer size for maximum-size RSA keys. Thomas Pornin 2019-01-22 00:04:08 +0100
  • 6433cc2e9d Added detection for MIPS64 with n32 ABI. Thomas Pornin 2019-01-03 20:11:12 +0100
  • 001d094d14 Some small performance improvements on 32-bit architectures. Thomas Pornin 2019-01-03 19:50:54 +0100
  • 08eb07825b Fixed fd leak in test code. Thomas Pornin 2019-01-03 14:31:38 +0100
  • d5acc4f590 Made m64 implementations of elliptic curves the default (when available). Thomas Pornin 2018-12-19 00:19:19 +0100
  • f0ddbc32f0 Added new 64-bit implementations of Curve25519 and P-256. Thomas Pornin 2018-12-18 23:56:16 +0100
  • b2a08e908d Made ec_c25519_m62 implementation the default on supported architectures. Thomas Pornin 2018-12-08 21:12:27 +0100
  • 52a69fe3de Fixed endianness in Curve25519 implementation (no consequence on security). Also added new Curve25519 code for 64-bit platforms. Thomas Pornin 2018-12-08 21:04:07 +0100
  • fd98320c82 Cosmetic fix (value did not conform to its announced bit length, but this did not have bad consequences since br_i31_decode_mod() is lenient on that). Thomas Pornin 2018-10-18 17:51:10 +0200
  • 431629d869 Changed speed benchmark for i31 to a 521-bit modulus. Thomas Pornin 2018-10-18 17:50:03 +0200
  • c6ffcd2938 Fixed warning on GCC 4.6 to 4.9 (macro redefinition). Thomas Pornin 2018-09-12 17:42:08 +0200
  • 420f50c213 Added stand-alone RSA/PSS implementation. Thomas Pornin 2018-08-17 22:47:03 +0200
  • 966078b337 Added SHAKE implementation. Thomas Pornin 2018-08-16 18:56:12 +0200
  • 8ef7680081 Some documentation fixes. v0.6 Thomas Pornin 2018-08-14 22:41:04 +0200
  • fa0b7bbe90 Added generic HKDF implementation. Thomas Pornin 2018-08-14 17:02:22 +0200
  • f8e38c231d Added POWER8 implementation for AES/CTR+CBC-MAC (for CCM and EAX modes). Thomas Pornin 2018-08-12 23:53:23 +0200
  • ffe3c9166b Made Base64 decoding constant-time (with regards to actual data byte contents). Thomas Pornin 2018-08-06 00:16:09 +0200
  • d8fa415fca Added support code for RSA and EC key encoding (including reconstruction of all public and private key elements from the private key structure), with raw and PKCS#8 formats, both in DER and PEM. Thomas Pornin 2018-08-06 00:02:36 +0200
  • cfbc702d3d Added AESCTR_DRBG implementation (beta). Thomas Pornin 2018-08-01 00:50:13 +0200
  • 491a45337d Added RSA key generation code (i15, i31, i62). Thomas Pornin 2018-07-31 23:00:26 +0200
  • a0054ad821 Fixed computation of product size. Thomas Pornin 2018-07-31 22:53:35 +0200
  • e37c90ac68 Added support for CCM and CCM_8 cipher suites. Thomas Pornin 2018-07-28 22:31:50 +0200
  • d69276c18d Added guard code to avoid issue when decoding PEM but not keeping data. Thomas Pornin 2018-06-05 15:18:27 +0200
  • 05520e8eae Fixed some typographic errors in comments. Thomas Pornin 2018-05-27 23:37:15 +0200
  • a8a8f51ea4 Small typo fixes (harmless). Thomas Pornin 2018-05-24 15:26:43 +0200
  • d592e99932 Added RSA/OAEP implementation. Thomas Pornin 2018-05-23 23:16:31 +0200
  • f81a282878 Added stricter rule on input for RSA private key operation (mathematically correct but out-of-range values are now rejected). Thomas Pornin 2018-05-23 18:48:19 +0200
  • 932fb89081 Made client stricter in cipher suite selection (better consistency with server behaviour). Thomas Pornin 2018-05-19 01:53:16 +0200
  • c1e540575c Fixed bug in bit length computation (implied some wrong RSA signatures in case of carry propagation with some specific key/factor lengths). Thomas Pornin 2018-05-02 17:32:35 +0200
  • 7d313ccce7 Simple documentation fix. Thomas Pornin 2018-05-02 17:31:35 +0200
  • 12db697bcc Added API to share precomputations in EAX. Thomas Pornin 2018-02-08 15:50:10 +0100
  • e51143dc16 Fixed test code (removed static reference to aes_x86ni code). Thomas Pornin 2017-12-21 15:38:19 +0100
  • 4cbe51b0d0 Make Rules.mk more compatible with merges and local diffs. Thomas Pornin 2017-11-02 13:52:49 +0100
  • dddc412922 Added generic EAX and CCM implementations. Thomas Pornin 2017-10-23 23:27:28 +0200
  • 8e94ad2fcb Worked around some compiler errors with GCC 4.4 and 4.5. Thomas Pornin 2017-08-28 19:28:59 +0200
  • af9c79a071 Added seeder API. Also overhauled compile-time detection of features. Thomas Pornin 2017-08-28 16:37:30 +0200
  • 5b980fb625 Switch C compiler to the generic 'cc' (to use the default compiler, not necessarily GCC -- this is for systems that offer both GCC and Clang, and use Clang as default). Thomas Pornin 2017-08-28 16:26:33 +0200
  • 9dc6211237 Extra Makefile hack for compatibility with OpenBSD 'make'. Thomas Pornin 2017-08-28 16:25:20 +0200
  • a52cff8309 Some more extra casts to avoid alignment warnings with Clang and -Wcast-align on 32-bit systems with 64-bit alignment requirements (e.g. ARMv7). Thomas Pornin 2017-08-20 23:19:51 +0200
  • 8e86598b33 Added intermediate casts to void* to prevent spurious warnings (with Clang and -Wcast-align). Thomas Pornin 2017-08-19 15:50:45 +0200
  • 8cd3f8fecb Some more renaming to avoid shadowing. Thomas Pornin 2017-08-14 19:55:34 +0200
  • 79eec9d9e3 Some renaming to avoid spurious warnings on some old GCC versions. Thomas Pornin 2017-08-14 14:15:13 +0200
  • ceb6ded7b9 Fixed documentation (new include file for AEAD). v0.5 Thomas Pornin 2017-07-30 23:26:06 +0200
  • 93681c2830 Added Twrch support. Thomas Pornin 2017-07-30 23:11:26 +0200
  • ce1c57909a Fixed br_ssl_session_cache_lru_forget(). Thomas Pornin 2017-07-30 14:11:45 -0400
  • 0cc2e23690 Added name for new ChaCha20 implementation. Thomas Pornin 2017-07-26 16:03:32 +0200
  • 24c6f09bf8 Added ChaCha20 implementation with SSE2 opcodes. Thomas Pornin 2017-07-26 15:58:01 +0200
  • 5414fd525e Added function to forget saved session parameters (for tests). Thomas Pornin 2017-07-26 15:52:38 +0200
  • 127fb4a31d Added general-purpose API for AEAD algorithms, and GCM implementation. Thomas Pornin 2017-07-17 17:22:46 +0200
  • 4aac1cd5c6 Fixed behaviour in case of rejected renegotiation. Thomas Pornin 2017-07-15 06:14:55 +0200
  • 57b2175020 Fixed selection of ECDHE_RSA suites for pre-1.2 TLS versions. Thomas Pornin 2017-07-07 00:49:58 +0200
  • ea95d8264c Added implementation of keying material export (RFC 5705) (API for PRF implementations changed, to handle chunked seeds). Thomas Pornin 2017-07-04 20:43:39 +0200
  • 2b738493bd Fixed modular reduction bug in the special field for P-256 (in some rare cases, value would end up being negative, which would corrupt subsequent operations). Thomas Pornin 2017-06-24 00:31:09 +0200
  • d8641065c9 Fixed mishandling of tree structure in the cache for session parameters. Thomas Pornin 2017-06-24 00:29:41 +0200
  • 3c6823cad7 Added an explicit initialisation to a stack buffer to prevent an (harmless) uninitialised read reported by valgrind. Thomas Pornin 2017-06-22 23:15:17 +0200
  • eaa0d38fa8 Fixed IV processing for CBC decryption with AES (x86ni implementation) when data length is not multiple of 64 bytes (the bug was breaking TLS 1.0 AES/CBC on recent x86 systems). Thomas Pornin 2017-06-22 21:13:15 +0200
  • 7f343eedfc Added encoded OID for hash functions (for use with PKCS#1 v1.5 signatures) into the public API. Thomas Pornin 2017-06-21 15:19:32 +0200
  • 81437e1175 Fixed proper handling of clients with no "secure renegotiation" support. Thomas Pornin 2017-06-18 23:53:17 +0200
  • 968da0f646 Fixed handling of incoming application data after sending a close_notify (data shall be discarded silently, not trigger an error). Also fixed a couple of bugs in the command-line test tool. Thomas Pornin 2017-06-15 16:57:37 +0200
  • 2f7a003698 Added minimal support of Certificate Policies extension (ability to ignore its contents even if marked critical, in situations where it's safe to do that). Thomas Pornin 2017-06-11 03:49:02 +0200
  • 52cc1a1a18 Small fix on sample server code (displaying of IPv6 addresses). Thomas Pornin 2017-06-08 00:51:55 +0200
  • d021b7eb7f Workaround for compiler bug (GCC 4.8 and 4.9 when targetting 32-bit x86). Thomas Pornin 2017-04-17 13:36:06 +0000
  • ad6a51bde3 When using Clang, use it also for linking (compatibility with core FreeBSD systems). Thomas Pornin 2017-04-14 22:32:29 +0200
  • 042986b989 Made headers compatible with C++. Thomas Pornin 2017-04-06 01:03:54 +0200
  • ee15f235c9 Documentation fixes. v0.4 Thomas Pornin 2017-04-03 21:38:47 +0200
  • 927ecfc68d Small patch to allow compilation on old systems that predate the IPV6_V6ONLY option (Debian 2.2 "potato"). Thomas Pornin 2017-04-01 20:17:09 +0200
  • c1d1306e27 Small improvement to tolerate PEM files missing the terminating newline in the brssl command-line tool. Thomas Pornin 2017-03-19 20:46:16 +0100
  • 5281cd0f58 Fixed typo in C preprocessor expression. Thomas Pornin 2017-03-19 20:08:29 +0100
  • 8b2fe3add6 New "i62" code for big integers with 64x64->128 opcodes; also improved "i31" modular exponentiation. Thomas Pornin 2017-03-19 14:55:11 -0400
  • 90bc9406c3 Optimised code for encoding/decoding integers when the underlying architecture has the right endianness and allows unaligned accesses. Thomas Pornin 2017-03-18 18:07:36 +0100
  • 5db2d48b12 Added "ctmulq" implementation of Poly1305 (using 64->128 multiplications when available). Thomas Pornin 2017-03-18 16:46:00 +0100
  • 2f88a67304 Fixed compilation for GCC 4.4 to 4.8 (AES-NI opcodes; intrinsics headers require target options to be set). Thomas Pornin 2017-03-09 20:13:23 +0000
  • 98432a0a30 Improved GHASH pclmul implementation (parallel processing of four blocks, +70% speed). Thomas Pornin 2017-02-15 21:49:28 +0100
  • db8f1b6645 New AES and GHASH implementations using POWER8 crypto opcodes. Thomas Pornin 2017-02-15 14:08:37 +0000
  • f0c0046601 Cosmetic fixes in comments. Thomas Pornin 2017-01-30 00:32:21 +0100
  • 5f045c7599 Added AES+GHASH implementation using AES-NI opcodes; also ARM-Thumb assembly for faster Montgomery multiplication on Cortex-M0+. Added selection functions for "default" implementations. Thomas Pornin 2017-01-29 21:46:33 +0100
  • 556e525d62 Improved modular exponentiation (automatic window optimisation if there is enough room). Thomas Pornin 2017-01-24 19:35:04 +0100
  • a7e6409c37 Slight speed improvement for Curve25519 (m15 implementation on Cortex-M0+). Thomas Pornin 2017-01-23 19:54:16 +0100
  • 3f00688b9d New Makefile structure; added compatibility with Windows + Visual C + nmake. Thomas Pornin 2017-01-22 20:00:29 +0100