aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
AgeCommit message (Collapse)AuthorFilesLines
2014-02-20Fxi typoManuel Pégourié-Gonnard1-1/+1
2014-02-12Fix verion-major intoleranceManuel Pégourié-Gonnard1-0/+1
2014-02-12Revert "Merged RSA-PSS support in Certificate, CSR and CRL"Manuel Pégourié-Gonnard1-5/+0
This reverts commit ab50d8d30c22f38e3e2d2373219cfbeb1940082e, reversing changes made to e31b1d992ad0a3874646c73a44f3eb750d13e900.
2014-02-12Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of ↵Manuel Pégourié-Gonnard1-1/+0
generic" This reverts commit 9eae7aae80c5e9c7a6b798b3930e00b53c063604.
2014-02-06Ability to force the Entropy module to use SHA-256 as its basisPaul Bakker1-0/+2
By default the SHA-512 module is used if both are available. On some systems, SHA-256 is the better choice. Contributed by: Gergely Budai
2014-02-06Fixed testing with out-of-source builds using cmakePaul Bakker1-0/+1
2014-02-06Ability to provide alternate timing implementationPaul Bakker1-0/+1
2014-02-06More entropy functions made thread-safe (add_source, update_manual, gather)Paul Bakker1-0/+2
2014-02-06Mutex call in x509_crt.c depended on PTHREAD specific instead of genericPaul Bakker1-0/+1
threading
2014-02-06Merged platform compatibility layerPaul Bakker1-0/+4
2014-02-06Merged RSA-PSS support in Certificate, CSR and CRLPaul Bakker1-0/+5
2014-02-06Added Curve preference order to ChangeLogPaul Bakker1-0/+1
2014-02-05Fix bug in RSA PKCS#1 v1.5 "reversed" operationsManuel Pégourié-Gonnard1-0/+1
2014-02-05Merged HMAC-DRBG codePaul Bakker1-0/+3
2014-02-05Fix ecp_gen_keypair()Manuel Pégourié-Gonnard1-0/+5
Too few tries caused failures for some curves (esp. secp224k1)
2014-01-27Fixed indication for TrustInSoft fixpolarssl-1.3.4Paul Bakker1-1/+3
2014-01-27Fixed up ChangeLog with missing bug fixesPaul Bakker1-0/+5
2014-01-27Ready for release 1.3.4Paul Bakker1-1/+1
2014-01-27Updated ChangeLog with deterministic ECDSAPaul Bakker1-0/+1
2014-01-27Revert "Add pk_rsa_set_padding() and rsa_set_padding()"Paul Bakker1-2/+0
This reverts commit b4fae579e8fd72b5e57864d28b5b2c07bad5ce27. Conflicts: library/pk.c tests/suites/test_suite_pk.data tests/suites/test_suite_pk.function
2014-01-25Factor out some common codeManuel Pégourié-Gonnard1-0/+3
2014-01-24SMTP lines are officially terminated with CRLF, ssl_mail_client fixedPaul Bakker1-0/+1
2014-01-24Added AES CFB8 modePaul Bakker1-0/+1
2014-01-22Merged RIPEMD-160 supportPaul Bakker1-0/+1
2014-01-22Merged support for secp224k1, secp192k1 and secp25k1Paul Bakker1-0/+1
2014-01-22Updated ChangeLog with recent changesPaul Bakker1-0/+9
2013-12-31Removed POLARSSL_THREADING_DUMMY optionPaul Bakker1-0/+1
2013-12-31Fixed potential overflow in certificate size in ssl_write_certificate()Paul Bakker1-0/+2
2013-12-31Added missing MPI_CHK() around some statementsPaul Bakker1-0/+2
2013-12-31Prepped for 1.3.3Paul Bakker1-1/+1
2013-12-31Merged ECP memory usage optimizationsPaul Bakker1-0/+1
2013-12-30Reduced the input / output overhead with 200+ bytes and covered cornerPaul Bakker1-0/+4
case The actual input / output buffer overhead is only 301 instead of 512. This requires a proper check on the padding_idx to prevent out of bounds reads. Previously a remote party could potentially trigger an access error and thus stop the application when sending a malicious packet having MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of . This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1 for 256 bytes (including fake padding check). Or 13 + 32 bytes over the buffer length. We now reset padding_idx to 0, if it's clear that it will never be a valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
2013-12-30Added version of the SSL pthread server examplePaul Bakker1-0/+1
2013-12-30Merged AES-NI support for AES, AES-GCM and AES key schedulingPaul Bakker1-0/+1
2013-12-19Fixed x509_crt_parse_path() bug on Windows platformsPaul Bakker1-0/+1
2013-12-17Merged IPv6 support in the NET modulePaul Bakker1-0/+1
2013-12-17Merged storing curves fully in ROMPaul Bakker1-0/+1
2013-12-17Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuitesPaul Bakker1-0/+1
2013-12-17Fixed memory leak in benchmark applicationPaul Bakker1-0/+1
2013-12-17Potential memory leak in ssl_ticket_keys_init()Paul Bakker1-0/+1
2013-12-05Merged support for Curve25519Paul Bakker1-0/+2
2013-12-05Fix bug in mpi_set_bitManuel Pégourié-Gonnard1-0/+1
2013-12-02Updated ChangeLog for splitting off curves from ecp.cPaul Bakker1-0/+1
2013-12-02Merged client ciphersuite order preference optionPaul Bakker1-0/+2
2013-12-02Merged EC key generation supportPaul Bakker1-0/+3
2013-12-02Merged more constant-time checking in RSAPaul Bakker1-0/+1
2013-12-02Merged change from readdir_r() to readdir() + threadingPaul Bakker1-0/+1
2013-11-26Updated ChangeLog to reflect recent changesPaul Bakker1-0/+7
2013-11-21SSL now gracefully handles missing RNGPaul Bakker1-0/+1
2013-11-21Fixed X.509 hostname comparison (with non-regular characters)Paul Bakker1-0/+4
In situations with 'weird' certificate names or hostnames (containing non-western allowed names) the check would falsely report a name or wildcard match.
generated by cgit v1.1 at 2024-07-12 00:27:42 +0000