Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							b4fe3cb1fa 
							
						 
					 
					
						
						
							
							Rename to mbed TLS in the documentation/comments  
						
						
						
						
					 
					
						2015-01-22 16:11:05 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							967a2a5f8c 
							
						 
					 
					
						
						
							
							Change name to mbed TLS in the copyright notice  
						
						
						
						
					 
					
						2015-01-22 14:28:16 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							d66645130c 
							
						 
					 
					
						
						
							
							Add a ciphersuite NODTLS flag  
						
						
						
						
					 
					
						2014-10-21 16:30:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							82788fb63b 
							
						 
					 
					
						
						
							
							Fix minor style issues  
						
						
						
						
					 
					
						2014-10-20 13:59:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							a04fa4fa04 
							
						 
					 
					
						
						
							
							RSA-PSK key exchange requires TLS 1.x  
						
						... 
						
						
						
						It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues. 
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							8d4ad07706 
							
						 
					 
					
						
						
							
							SHA-2 ciphersuites now require TLS 1.x  
						
						
						
						
					 
					
						2014-08-14 11:34:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							dfc7df0bec 
							
						 
					 
					
						
						
							
							Add SSL_CIPHERSUITES config option  
						
						
						
						
					 
					
						2014-07-04 14:59:02 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							791684c058 
							
						 
					 
					
						
						
							
							Save RAM when only a few ciphersuites are defined  
						
						
						
						
					 
					
						2014-06-30 19:07:01 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							01edb1044c 
							
						 
					 
					
						
						
							
							Add POLARSSL_REMOVE_RC4_CIPHERSUITES  
						
						
						
						
					 
					
						2014-06-25 11:27:59 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							2a45d1c8bb 
							
						 
					 
					
						
						
							
							Merge changes to config examples and configuration issues  
						
						
						
						
					 
					
						2014-06-25 11:27:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							42b5374523 
							
						 
					 
					
						
						
							
							Switch CCM and GCM in default suite order  
						
						... 
						
						
						
						The upcoming BCP document recommends GCM as the default. 
						
						
					 
					
						2014-06-25 11:26:13 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							ac2ccf897c 
							
						 
					 
					
						
						
							
							Fix CCM ciphersuites definition: PSK <-> DHE-PSK!  
						
						
						
						
					 
					
						2014-06-24 15:48:01 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							d8bb82665e 
							
						 
					 
					
						
						
							
							Fix code styling for return statements  
						
						
						
						
					 
					
						2014-06-17 14:06:49 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							6768da9438 
							
						 
					 
					
						
						
							
							Register CCM ciphersuites (not implemented yet)  
						
						
						
						
					 
					
						2014-05-14 14:10:36 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							b9e4e2c97a 
							
						 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9af723cee7 
							
						 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							cef4ad2509 
							
						 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							c16f4e1f78 
							
						 
					 
					
						
						
							
							Move RC4 ciphersuites down the list  
						
						
						
						
					 
					
						2014-04-30 16:27:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							280f95bd00 
							
						 
					 
					
						
						
							
							Add #ifs arround ssl_ciphersuite_uses_XXX()  
						
						
						
						
					 
					
						2014-01-22 12:56:37 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							25781b22e3 
							
						 
					 
					
						
						
							
							Add ECDH_RSA and ECDH_ECDSA ciphersuites  
						
						... 
						
						
						
						(not implemented yet) 
						
						
					 
					
						2013-12-17 11:32:31 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							20b9af7998 
							
						 
					 
					
						
						
							
							Fix min_version (TLS 1.0) for ECDHE-PSK suites  
						
						
						
						
					 
					
						2013-11-26 14:31:44 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							a5bdfcde53 
							
						 
					 
					
						
						
							
							Relax some SHA2 ciphersuite's version requirements  
						
						... 
						
						
						
						Changed:
- PSK ciphersuites (RFC 5487, section 3)
- ECDHE-PSK ciphersuites (RFC 5489, section 3)
- Additional Camellia ciphersuites (RFC 6367, sec 3.3)
Unchanged:
- all GCM ciphersuites
- Camellia ciphersuites from RFC 5932 (sec. 3.3.2)
- ECC-SHA2 ciphersuites from RFC 5289 (unclear)
- SHA2 from RFC 5246 (TLS 1.2, no precision) 
						
						
					 
					
						2013-11-26 13:59:43 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							6edcd41c0a 
							
						 
					 
					
						
						
							
							Addition conditions for UEFI environment under MSVC  
						
						
						
						
					 
					
						2013-10-29 15:44:13 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							fa6a620b75 
							
						 
					 
					
						
						
							
							Defines for UEFI environment under MSVC added  
						
						
						
						
					 
					
						2013-10-29 14:05:38 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							1642122f8b 
							
						 
					 
					
						
						
							
							Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer  
						
						
						
						
					 
					
						2013-10-28 14:38:35 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							21ef42f257 
							
						 
					 
					
						
						
							
							Don't select a PSK ciphersuite if no key available  
						
						
						
						
					 
					
						2013-10-28 14:00:45 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							98d9a2c061 
							
						 
					 
					
						
						
							
							Fix missing or wrong ciphersuite definitions  
						
						
						
						
					 
					
						2013-10-25 18:03:18 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							6fb0f745be 
							
						 
					 
					
						
						
							
							Rank GCM before CBC in ciphersuite_preference  
						
						
						
						
					 
					
						2013-10-25 17:08:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							8d01eea7af 
							
						 
					 
					
						
						
							
							Add Camellia-GCM ciphersuites  
						
						
						
						
					 
					
						2013-10-25 16:46:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							f34673e37b 
							
						 
					 
					
						
						
							
							Merged RSA-PSK key-exchange and ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:46:41 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							376e8153a0 
							
						 
					 
					
						
						
							
							Merged ECDHE-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-15 12:45:36 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							ef0eb1ebd8 
							
						 
					 
					
						
						
							
							Add two missing RSA-PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-14 19:34:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							057e0cf263 
							
						 
					 
					
						
						
							
							Fix ciphersuites dependencies on MD5 and SHA1  
						
						
						
						
					 
					
						2013-10-14 14:26:04 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							225d6aa786 
							
						 
					 
					
						
						
							
							Add ECDHE_PSK ciphersuites  
						
						
						
						
					 
					
						2013-10-11 19:07:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							9654fb156f 
							
						 
					 
					
						
						
							
							Fix missing MSVC define  
						
						
						
						
					 
					
						2013-10-11 09:17:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							1a483833b3 
							
						 
					 
					
						
						
							
							SSL_TLS doesn't depend on PK any more  
						
						... 
						
						
						
						(But PK does depend on RSA or ECP.) 
						
						
					 
					
						2013-09-20 12:29:15 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							51451f8d26 
							
						 
					 
					
						
						
							
							Replace EC flag with ssl_ciphersuite_uses_ec()  
						
						
						
						
					 
					
						2013-09-18 14:35:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							f7dc378ead 
							
						 
					 
					
						
						
							
							Make CBC an option, step 1: ssl ciphersuites  
						
						
						
						
					 
					
						2013-09-13 15:37:03 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							bc4b7f08ba 
							
						 
					 
					
						
						
							
							Fix possible race in ssl_list_ciphersuites()  
						
						... 
						
						
						
						Thread A: executing for loop of ssl_list_ciphersuites()
Thread B: call ssl_list_cipher_suites(), see init == 0
Thread A: return, start using the result
Thread B: memset(0) on the list used by thread A 
						
						
					 
					
						2013-09-08 20:07:48 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							57a8783364 
							
						 
					 
					
						
						
							
							Make more room for ciphersuites  
						
						
						
						
					 
					
						2013-08-27 22:21:21 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							09edda888e 
							
						 
					 
					
						
						
							
							Check key type against selected key exchange  
						
						
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							32ea60a127 
							
						 
					 
					
						
						
							
							Declare ECDSA key exchange and ciphersuites  
						
						... 
						
						
						
						Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it. 
						
						
					 
					
						2013-08-27 22:21:19 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							0f2f0bfc87 
							
						 
					 
					
						
						
							
							CAMELLIA-based PSK and DHE-PSK ciphersuites added  
						
						
						
						
					 
					
						2013-07-26 15:04:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9e36f0475f 
							
						 
					 
					
						
						
							
							SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly  
						
						... 
						
						
						
						The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules. 
						
						
					 
					
						2013-06-30 14:34:05 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							40afb4ba13 
							
						 
					 
					
						
						
							
							Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487  
						
						
						
						
					 
					
						2013-04-19 22:03:30 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							a1bf92ddb4 
							
						 
					 
					
						
						
							
							Added PSK NULL ciphers from RFC4785  
						
						
						
						
					 
					
						2013-04-19 20:47:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							e07f41d4be 
							
						 
					 
					
						
						
							
							Introduced defines to control availability of specific SSL Key Exchange  
						
						... 
						
						
						
						methods.
Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc 
						
						
					 
					
						2013-04-19 09:08:57 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							ed27a041e4 
							
						 
					 
					
						
						
							
							More granular define selections within code to allow for smaller code  
						
						... 
						
						
						
						sizes 
						
						
					 
					
						2013-04-18 23:12:34 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							d4a56ec6bf 
							
						 
					 
					
						
						
							
							Added pre-shared key handling for the client side of SSL / TLS  
						
						... 
						
						
						
						Client side handling of the pure PSK ciphersuites is now in the base
code. 
						
						
					 
					
						2013-04-18 23:12:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							27714b1aa1 
							
						 
					 
					
						
						
							
							Added Camellia ECDHE-based CBC ciphersuites  
						
						... 
						
						
						
						Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 
						
						
					 
					
						2013-04-07 23:07:12 +02:00