Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							6768da9438 
							
						 
					 
					
						
						
							
							Register CCM ciphersuites (not implemented yet)  
						
						
						
						
					 
					
						2014-05-14 14:10:36 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							b9e4e2c97a 
							
						 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9af723cee7 
							
						 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							cef4ad2509 
							
						 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							c16f4e1f78 
							
						 
					 
					
						
						
							
							Move RC4 ciphersuites down the list  
						
						
						
						
					 
					
						2014-04-30 16:27:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							280f95bd00 
							
						 
					 
					
						
						
							
							Add #ifs arround ssl_ciphersuite_uses_XXX()  
						
						
						
						
					 
					
						2014-01-22 12:56:37 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							25781b22e3 
							
						 
					 
					
						
						
							
							Add ECDH_RSA and ECDH_ECDSA ciphersuites  
						
						... 
						
						
						
						(not implemented yet) 
						
						
					 
					
						2013-12-17 11:32:31 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							20b9af7998 
							
						 
					 
					
						
						
							
							Fix min_version (TLS 1.0) for ECDHE-PSK suites  
						
						
						
						
					 
					
						2013-11-26 14:31:44 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							a5bdfcde53 
							
						 
					 
					
						
						
							
							Relax some SHA2 ciphersuite's version requirements  
						
						... 
						
						
						
						Changed:
- PSK ciphersuites (RFC 5487, section 3)
- ECDHE-PSK ciphersuites (RFC 5489, section 3)
- Additional Camellia ciphersuites (RFC 6367, sec 3.3)
Unchanged:
- all GCM ciphersuites
- Camellia ciphersuites from RFC 5932 (sec. 3.3.2)
- ECC-SHA2 ciphersuites from RFC 5289 (unclear)
- SHA2 from RFC 5246 (TLS 1.2, no precision) 
						
						
					 
					
						2013-11-26 13:59:43 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							6edcd41c0a 
							
						 
					 
					
						
						
							
							Addition conditions for UEFI environment under MSVC  
						
						
						
						
					 
					
						2013-10-29 15:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							fa6a620b75 
							
						 
					 
					
						
						
							
							Defines for UEFI environment under MSVC added  
						
						
						
						
					 
					
						2013-10-29 14:05:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							1642122f8b 
							
						 
					 
					
						
						
							
							Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer  
						
						
						
						
					 
					
						2013-10-28 14:38:35 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							21ef42f257 
							
						 
					 
					
						
						
							
							Don't select a PSK ciphersuite if no key available  
						
						
						
						
					 
					
						2013-10-28 14:00:45 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							98d9a2c061 
							
						 
					 
					
						
						
							
							Fix missing or wrong ciphersuite definitions  
						
						
						
						
					 
					
						2013-10-25 18:03:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							6fb0f745be 
							
						 
					 
					
						
						
							
							Rank GCM before CBC in ciphersuite_preference  
						
						
						
						
					 
					
						2013-10-25 17:08:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							8d01eea7af 
							
						 
					 
					
						
						
							
							Add Camellia-GCM ciphersuites  
						
						
						
						
					 
					
						2013-10-25 16:46:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							f34673e37b 
							
						 
					 
					
						
						
							
							Merged RSA-PSK key-exchange and ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:46:41 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							376e8153a0 
							
						 
					 
					
						
						
							
							Merged ECDHE-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:45:36 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							ef0eb1ebd8 
							
						 
					 
					
						
						
							
							Add two missing RSA-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-14 19:34:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							057e0cf263 
							
						 
					 
					
						
						
							
							Fix ciphersuites dependencies on MD5 and SHA1  
						
						
						
						
					 
					
						2013-10-14 14:26:04 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							225d6aa786 
							
						 
					 
					
						
						
							
							Add ECDHE_PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-11 19:07:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							9654fb156f 
							
						 
					 
					
						
						
							
							Fix missing MSVC define  
						
						
						
						
					 
					
						2013-10-11 09:17:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							1a483833b3 
							
						 
					 
					
						
						
							
							SSL_TLS doesn't depend on PK any more  
						
						... 
						
						
						
						(But PK does depend on RSA or ECP.) 
						
						
					 
					
						2013-09-20 12:29:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							51451f8d26 
							
						 
					 
					
						
						
							
							Replace EC flag with ssl_ciphersuite_uses_ec()  
						
						
						
						
					 
					
						2013-09-18 14:35:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							f7dc378ead 
							
						 
					 
					
						
						
							
							Make CBC an option, step 1: ssl ciphersuites  
						
						
						
						
					 
					
						2013-09-13 15:37:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							bc4b7f08ba 
							
						 
					 
					
						
						
							
							Fix possible race in ssl_list_ciphersuites()  
						
						... 
						
						
						
						Thread A: executing for loop of ssl_list_ciphersuites()
Thread B: call ssl_list_cipher_suites(), see init == 0
Thread A: return, start using the result
Thread B: memset(0) on the list used by thread A 
						
						
					 
					
						2013-09-08 20:07:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							57a8783364 
							
						 
					 
					
						
						
							
							Make more room for ciphersuites  
						
						
						
						
					 
					
						2013-08-27 22:21:21 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							09edda888e 
							
						 
					 
					
						
						
							
							Check key type against selected key exchange  
						
						
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							32ea60a127 
							
						 
					 
					
						
						
							
							Declare ECDSA key exchange and ciphersuites  
						
						... 
						
						
						
						Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it. 
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							0f2f0bfc87 
							
						 
					 
					
						
						
							
							CAMELLIA-based PSK and DHE-PSK ciphersuites added  
						
						
						
						
					 
					
						2013-07-26 15:04:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9e36f0475f 
							
						 
					 
					
						
						
							
							SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly  
						
						... 
						
						
						
						The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules. 
						
						
					 
					
						2013-06-30 14:34:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							40afb4ba13 
							
						 
					 
					
						
						
							
							Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487  
						
						
						
						
					 
					
						2013-04-19 22:03:30 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							a1bf92ddb4 
							
						 
					 
					
						
						
							
							Added PSK NULL ciphers from RFC4785  
						
						
						
						
					 
					
						2013-04-19 20:47:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							e07f41d4be 
							
						 
					 
					
						
						
							
							Introduced defines to control availability of specific SSL Key Exchange  
						
						... 
						
						
						
						methods.
Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc 
						
						
					 
					
						2013-04-19 09:08:57 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							ed27a041e4 
							
						 
					 
					
						
						
							
							More granular define selections within code to allow for smaller code  
						
						... 
						
						
						
						sizes 
						
						
					 
					
						2013-04-18 23:12:34 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							d4a56ec6bf 
							
						 
					 
					
						
						
							
							Added pre-shared key handling for the client side of SSL / TLS  
						
						... 
						
						
						
						Client side handling of the pure PSK ciphersuites is now in the base
code. 
						
						
					 
					
						2013-04-18 23:12:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							27714b1aa1 
							
						 
					 
					
						
						
							
							Added Camellia ECDHE-based CBC ciphersuites  
						
						... 
						
						
						
						Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 
						
						
					 
					
						2013-04-07 23:07:12 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							a54e493bc0 
							
						 
					 
					
						
						
							
							Added ECDHE-based SHA256 and SHA384 ciphersuites  
						
						... 
						
						
						
						Added TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ciphersuites 
						
						
					 
					
						2013-03-20 15:31:54 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							41c83d3f67 
							
						 
					 
					
						
						
							
							Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS  
						
						... 
						
						
						
						Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included. 
						
						
					 
					
						2013-03-20 14:39:14 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							68884e3c09 
							
						 
					 
					
						
						
							
							Moved to advanced ciphersuite representation and more dynamic SSL code  
						
						
						
						
					 
					
						2013-03-13 14:48:32 +01:00