Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							43b37cbc92 
							
						 
					 
					
						
						
							
							Fix use of pem_read_buffer() in PK, DHM and X509  
						
						
						
						
					 
					
						2015-05-12 11:26:43 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							de9b363fbd 
							
						 
					 
					
						
						
							
							Merge branch mbedtls-1.3 into development  
						
						... 
						
						
						
						* commit '95f0089':
  Update Changelog for DH params
  Add test case for dh params with privateValueLength
  accept PKCS#3 DH parameters with privateValueLength included
Conflicts:
	library/dhm.c 
						
						
					 
					
						2015-04-17 20:07:22 +02:00 
						 
				 
			
				
					
						
							
							
								Daniel Kahn Gillmor 
							
						 
					 
					
						
						
						
						
							
						
						
							2ed81733a6 
							
						 
					 
					
						
						
							
							accept PKCS#3 DH parameters with privateValueLength included  
						
						... 
						
						
						
						library/dhm.c: accept (and ignore) optional privateValueLength for
PKCS#3 DH parameters.
PKCS#3 defines the ASN.1 encoding of a DH parameter set like this:
----------------
DHParameter ::= SEQUENCE {
  prime INTEGER, -- p
  base INTEGER, -- g
  privateValueLength INTEGER OPTIONAL }
The fields of type DHParameter have the following meanings:
     o    prime is the prime p.
     o    base is the base g.
     o    privateValueLength is the optional private-value
          length l.
----------------
See: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc
This optional parameter was added in PKCS#3 version 1.4, released
November 1, 1993.
dhm.c currently doesn't cope well with PKCS#3 files that have this
optional final parameter included. i see errors like:
------------
dhm_parse_dhmfile returned -0x33E6
Last error was: -0x33E6 - DHM - The ASN.1 data is not formatted correctly : ASN1 - Actual length differs from expected lengt
------------
You can generate PKCS#3 files with this final parameter with recent
versions of certtool from GnuTLS:
 certtool --generate-dh-params > dh.pem 
						
						
					 
					
						2015-04-15 13:27:13 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							2cf5a7c98e 
							
						 
					 
					
						
						
							
							The Great Renaming  
						
						... 
						
						
						
						A simple execution of tmp/invoke-rename.pl 
						
						
					 
					
						2015-04-08 13:25:31 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							998930ae0d 
							
						 
					 
					
						
						
							
							Replace non-ascii characters in source files  
						
						
						
						
					 
					
						2015-04-03 13:48:06 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							7f8099773e 
							
						 
					 
					
						
						
							
							Rename include directory to mbedtls  
						
						
						
						
					 
					
						2015-03-10 11:23:56 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							fe44643b0e 
							
						 
					 
					
						
						
							
							Rename website and repository  
						
						
						
						
					 
					
						2015-03-06 13:17:10 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							981732bb8e 
							
						 
					 
					
						
						
							
							Fix missing/misplaced #include's  
						
						
						
						
					 
					
						2015-02-17 15:47:31 +00:00 
						 
				 
			
				
					
						
							
							
								Mansour Moufid 
							
						 
					 
					
						
						
						
						
							
						
						
							c531b4af3c 
							
						 
					 
					
						
						
							
							Apply the semantic patch rm-malloc-cast.cocci.  
						
						... 
						
						
						
						for dir in library programs; do
        spatch --sp-file scripts/rm-malloc-cast.cocci --dir $dir \
        --in-place;
    done 
						
						
					 
					
						2015-02-16 10:43:52 +00:00 
						 
				 
			
				
					
						
							
							
								Rich Evans 
							
						 
					 
					
						
						
						
						
							
						
						
							00ab47026b 
							
						 
					 
					
						
						
							
							cleanup library and some basic tests. Includes, add guards to includes  
						
						
						
						
					 
					
						2015-02-10 11:28:46 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							860b51642d 
							
						 
					 
					
						
						
							
							Fix url again  
						
						
						
						
					 
					
						2015-01-28 17:12:07 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							085ab040aa 
							
						 
					 
					
						
						
							
							Fix website url to use https.  
						
						
						
						
					 
					
						2015-01-23 11:06:27 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							9698f5852c 
							
						 
					 
					
						
						
							
							Remove maintainer line.  
						
						
						
						
					 
					
						2015-01-23 10:59:00 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							19f6b5dfaa 
							
						 
					 
					
						
						
							
							Remove redundant "all rights reserved"  
						
						
						
						
					 
					
						2015-01-23 10:54:00 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							a658a4051b 
							
						 
					 
					
						
						
							
							Update copyright  
						
						
						
						
					 
					
						2015-01-23 09:55:24 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							967a2a5f8c 
							
						 
					 
					
						
						
							
							Change name to mbed TLS in the copyright notice  
						
						
						
						
					 
					
						2015-01-22 14:28:16 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							b196fc23b1 
							
						 
					 
					
						
						
							
							Fix dhm_selftest() return value  
						
						
						
						
					 
					
						2014-07-09 16:53:29 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							8f870b047c 
							
						 
					 
					
						
						
							
							Add dhm_init()  
						
						
						
						
					 
					
						2014-07-09 10:19:23 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							66d5d076f7 
							
						 
					 
					
						
						
							
							Fix formatting in various code to match spacing from coding style  
						
						
						
						
					 
					
						2014-06-17 17:06:47 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							3461772559 
							
						 
					 
					
						
						
							
							Introduce polarssl_zeroize() instead of memset() for zeroization  
						
						
						
						
					 
					
						2014-06-14 16:46:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							b9e4e2c97a 
							
						 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9af723cee7 
							
						 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							cef4ad2509 
							
						 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							3d8fb63e11 
							
						 
					 
					
						
						
							
							Added missing MPI_CHK around mpi functions  
						
						
						
						
					 
					
						2014-04-17 12:42:41 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							3fec220a33 
							
						 
					 
					
						
						
							
							Add test for dhm_parse_dhmfile  
						
						
						
						
					 
					
						2014-04-04 16:42:44 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							648656a628 
							
						 
					 
					
						
						
							
							Fix error code in dhm_selftest()  
						
						
						
						
					 
					
						2014-03-13 19:25:06 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							7dc4c44267 
							
						 
					 
					
						
						
							
							Library files moved to use platform layer  
						
						
						
						
					 
					
						2014-02-06 13:20:16 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							d61cc3b246 
							
						 
					 
					
						
						
							
							Possible naming collision in dhm_context  
						
						
						
						
					 
					
						2013-10-11 09:38:49 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							15d5de1969 
							
						 
					 
					
						
						
							
							Simplify usage of DHM blinding  
						
						
						
						
					 
					
						2013-09-18 14:35:55 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							cff6842b39 
							
						 
					 
					
						
						
							
							POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C  
						
						
						
						
					 
					
						2013-09-16 13:36:18 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							40ce79f1e6 
							
						 
					 
					
						
						
							
							Moved DHM parsing from X509 module to DHM module  
						
						
						
						
					 
					
						2013-09-15 17:43:54 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							b72b4edec1 
							
						 
					 
					
						
						
							
							Fix memory leak in DHM  
						
						
						
						
					 
					
						2013-09-13 13:55:26 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							ed8a02bfae 
							
						 
					 
					
						
						
							
							Simplify DH blinding a bit  
						
						
						
						
					 
					
						2013-09-04 17:18:28 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							143b5028a5 
							
						 
					 
					
						
						
							
							Implement DH blinding  
						
						
						
						
					 
					
						2013-09-04 16:29:59 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							2d627649bf 
							
						 
					 
					
						
						
							
							Change dhm_calc_secret() prototype  
						
						
						
						
					 
					
						2013-09-04 14:22:07 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							48f7a5d724 
							
						 
					 
					
						
						
							
							DHE-PSK based ciphersuite support added and cleaner key exchange based  
						
						... 
						
						
						
						code selection
The base RFC 4279 DHE-PSK ciphersuites are now supported and added.
The SSL code cuts out code not relevant for defined key exchange methods 
						
						
					 
					
						2013-04-19 20:47:26 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							b5b20f19e7 
							
						 
					 
					
						
						
							
							- Extra sanity check for input added  
						
						
						
						
					 
					
						2012-09-16 15:07:49 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							aec37cb653 
							
						 
					 
					
						
						
							
							- Added extra sanity check to DHM values  
						
						
						
						
					 
					
						2012-04-26 18:59:59 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							901c65620e 
							
						 
					 
					
						
						
							
							- Fill full buffer (Wrong parameter usage)  
						
						
						
						
					 
					
						2012-04-20 13:25:38 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							13ed9ab921 
							
						 
					 
					
						
						
							
							- Removed unused variable  
						
						
						
						
					 
					
						2012-04-16 09:43:49 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							1ef83d66dd 
							
						 
					 
					
						
						
							
							- Initial bare version of TLS 1.2  
						
						
						
						
					 
					
						2012-04-11 12:09:53 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							a3d195c41f 
							
						 
					 
					
						
						
							
							- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs  
						
						
						
						
					 
					
						2011-11-27 21:07:34 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							9d781407bc 
							
						 
					 
					
						
						
							
							- A error_strerror function() has been added to translate between error codes and their description.  
						
						... 
						
						
						
						- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers. 
						
						
					 
					
						2011-05-09 16:17:09 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							6c591fab72 
							
						 
					 
					
						
						
							
							- mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases.  
						
						
						
						
					 
					
						2011-05-05 11:49:20 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							a755ca1bbe 
							
						 
					 
					
						
						
							
							- Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity  
						
						
						
						
					 
					
						2011-04-24 09:11:17 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							23986e5d5d 
							
						 
					 
					
						
						
							
							- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops  
						
						
						
						
					 
					
						2011-04-24 08:57:21 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							99a03afc22 
							
						 
					 
					
						
						
							
							- Fixed possible uninitialized values  
						
						
						
						
					 
					
						2011-04-01 11:39:39 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							287781a965 
							
						 
					 
					
						
						
							
							-  Added mpi_fill_random() for centralized filling of big numbers with random data (Fixed ticket  #10 )  
						
						
						
						
					 
					
						2011-03-26 13:18:49 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							345a6fee91 
							
						 
					 
					
						
						
							
							- Replaced function that fixes man-in-the-middle attack  
						
						... 
						
						
						
						- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3 
						
						
					 
					
						2011-02-28 21:20:02 +00:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							c47840efd5 
							
						 
					 
					
						
						
							
							- Updated sanity checks  
						
						
						
						
					 
					
						2011-02-20 16:37:30 +00:00