TrustedFirmware Git Browser
Code Review
Sign In
review.trustedfirmware.org
/
mirror
/
mbed-tls
/
5c8434cf524d33a57c89bedd1a2ad2750b3a40c9
5c8434c
Safer buffer comparisons in the SSL modules
by Manuel Pégourié-Gonnard
· 12 years ago
79f1ff8
Make all hash checking in programs constant-time
by Manuel Pégourié-Gonnard
· 12 years ago
2a8c288
Check HMAC in constant-time in crypt_and_hash
by Paul Bakker
· 12 years ago
c3ec63d
Minor change that makes life easier for static analyzers / compilers
by Paul Bakker
· 12 years ago
e46b177
Make get_pkcs_padding() constant-time
by Paul Bakker
· 11 years ago
52cb87b
Forced cast to prevent MSVC compiler warning
by Paul Bakker
· 11 years ago
4c9301a
Convert SOCKET to int to prevent compiler warnings under MSVC.
by Paul Bakker
· 12 years ago
9ccb211
Introduced POLARSSL_HAVE_READDIR_R for systems without it
by Paul Bakker
· 11 years ago
ff6e247
RSA blinding: check highly unlikely cases
by Paul Bakker
· 11 years ago
6b06502
Changed RSA blinding to a slower but thread-safe version
by Paul Bakker
· 12 years ago
polarssl-1.2.10
adace27
Prepped for 1.2.10 release
by Paul Bakker
· 12 years ago
2f1481e
Additional fixed to rsa.c with regards to blinding
by Paul Bakker
· 12 years ago
178e744
Fixed MS VC project files
by Paul Bakker
· 12 years ago
495830d
Fixed ssl_pkcs11_decrypt() prototype
by Paul Bakker
· 12 years ago
62087ee
Fixed memory leak in rsa.c introduced in 43f9799
by Paul Bakker
· 12 years ago
60ad84f
Fixed release date for 1.2.9
by Paul Bakker
· 12 years ago
polarssl-1.2.9
e45574e
Prepped for 1.2.9 release
by Paul Bakker
· 12 years ago
915ee19
Do not allow SHA256/SHA384 ciphersuites in < TLS 1.2
by Paul Bakker
· 12 years ago
43f9799
RSA blinding on CRT operations to counter timing attacks
by Paul Bakker
· 12 years ago
88a2264
Fixed potential file descriptor leaks
by Paul Bakker
· 12 years ago
f65fbee
x509_verify() now case insensitive for cn (RFC 6125 6.4)
by Paul Bakker
· 12 years ago
34b225f
Added C++ style extern in x509write header file
by Paul Bakker
· 12 years ago
a565ace
Fixed potential memory leak when failing to resume a session
by Paul Bakker
· 12 years ago
78020fe
Added fixes to ChangeLog
by Paul Bakker
· 12 years ago
a13d744
Fixed potential heap buffer overflow on large hostname setting
by Paul Bakker
· 12 years ago
fe7c24c
Fixed potential negative value misinterpretation in load_file()
by Paul Bakker
· 12 years ago
433fad2
Removed errant printf in x509parse_self_test()
by Paul Bakker
· 12 years ago
21360ca
ssl_write_certificate_request() can handle empty ca_chain
by Paul Bakker
· 12 years ago
polarssl-1.2.8
016ea07
Added Security note (Advisory 2013-03) in ChangeLog
by Paul Bakker
· 12 years ago
1d41950
Prepared for PolarSSL release 1.2.8
by Paul Bakker
· 12 years ago
da7fdbd
Fixed minor comment typo
by Paul Bakker
· 12 years ago
602c31b
Updated PKCS#12 define dependencies
by Paul Bakker
· 12 years ago
db7ea6f
Made x509parse PKCS#12 and PKCS#5 tests dependent on defines
by Paul Bakker
· 12 years ago
14a222c
Moved PKCS#12 PBE functions to cipher / md layer where possible
by Paul Bakker
· 12 years ago
2be71fa
Fixed values for 2-key Triple DES in cipher layer
by Paul Bakker
· 12 years ago
b495d3a
x509parse_crt() and x509parse_crt_der() return X509 password related codes
by Paul Bakker
· 12 years ago
1fc7dfe
Removed redundant free()s
by Paul Bakker
· 12 years ago
ff3a4b0
Added missing free()
by Paul Bakker
· 12 years ago
6fa5488
Centralized module option values in config.h
by Paul Bakker
· 12 years ago
1fd4321
PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
by Paul Bakker
· 12 years ago
19bd297
PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
by Paul Bakker
· 12 years ago
52b845b
Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
by Paul Bakker
· 12 years ago
67812d3
Fixed location of brackets in pkcs12.c
by Paul Bakker
· 12 years ago
cbfcaa9
x509parse_crtpath() is now reentrant and uses more portable stat()
by Paul Bakker
· 12 years ago
d6d4109
Changed x509parse_crt_der() to support adding to chain.
by Paul Bakker
· 12 years ago
4087c47
Added mechanism to provide alternative cipher / hash implementations
by Paul Bakker
· 12 years ago
9691bbe
Make sure polarssl/config.h is included at the start
by Paul Bakker
· 12 years ago
cf6e95d
Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
by Paul Bakker
· 12 years ago
65a1909
Internally split up x509parse_key()
by Paul Bakker
· 12 years ago
1922a4e
ssl_parse_certificate() now calls x509parse_crt_der() directly
by Paul Bakker
· 12 years ago
6417186
x509parse_crt() now better handles PEM error situations
by Paul Bakker
· 12 years ago
9255e83
pem_read_buffer() already update use_len after header and footer are read
by Paul Bakker
· 12 years ago
ac6168b
Added error.h inclusion in error.c template
by Paul Bakker
· 12 years ago
08f06cf
Disabled the HAVEGE random generator by default
by Paul Bakker
· 12 years ago
e0225e4
Fixed const correctness issues in programs and tests
by Paul Bakker
· 12 years ago
eae09db
Fixed const correctness issues that have no impact on the ABI
by Paul Bakker
· 12 years ago
f922630
Fixed offset for cert_type list in ssl_parse_certificate_request()
by Paul Bakker
· 12 years ago
7c3c389
Secure renegotiation extension should only be sent in case client supports secure renegotiation
by Paul Bakker
· 12 years ago
822e958
Prepared for PolarSSL 1.2.7 release
by Paul Bakker
· 12 years ago
polarssl-1.2.7
f4a84b1
Added default value comment for ssl_set_ciphersuites*()
by Paul Bakker
· 12 years ago
f42e5cc
Cleanup of the GCM code
by Paul Bakker
· 12 years ago
d68703b
Split up largest test suite data files into smaller chunks
by Paul Bakker
· 12 years ago
8a4ec44
Blowfish has default of 128-bit keysize in cipher layer
by Paul Bakker
· 12 years ago
cecfd95
Minor checks to prevent NULL-pointer exceptions
by Paul Bakker
· 12 years ago
93bab7f
Made change to error.c for dummy error_strerror() permanent
by Paul Bakker
· 12 years ago
a627298
Ability to specify allowed ciphersuites based on the protocol version.
by Paul Bakker
· 12 years ago
d4c5944
Fixed MPI assembly for ARM when -O2 is used
by Paul Bakker
· 12 years ago
90f042d
Prepared for PolarSSL 1.2.6 release
by Paul Bakker
· 12 years ago
polarssl-1.2.6
fb1cbd3
Fixed assembly code for ARM (Thumb and regular) for some compilers
by Paul Bakker
· 12 years ago
e81beda
The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain)
by Paul Bakker
· 12 years ago
a35aa54
Fixed whitespaces in ChangeLog
by Paul Bakker
· 12 years ago
78a8c71
Re-added support for parsing and handling SSLv2 Client Hello messages
by Paul Bakker
· 12 years ago
37286a5
Fixed net_bind() for specified IP addresses on little endian systems
by Paul Bakker
· 12 years ago
926c8e4
Fixed possible NULL pointer exception in ssl_get_ciphersuite()
by Paul Bakker
· 12 years ago
8804f69
Removed timing differences due to bad padding from RSA decrypt for
by Paul Bakker
· 12 years ago
a43231c
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
by Paul Bakker
· 12 years ago
b386913
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions
by Paul Bakker
· 12 years ago
e3e4a59
Added bugfix line for previous fixes for MS Visual Studio
by Paul Bakker
· 12 years ago
8ea31ff
Added missing typedef for INT64
by Paul Bakker
· 12 years ago
9f2018e
Fixed typo in _MSC_VER (double underscore at the start)
by Paul Bakker
· 12 years ago
8ddb645
Added conversion to int for a t_uint value to prevent compiler warnings
by Paul Bakker
· 12 years ago
3d2dc0f
Corrected GCM counter incrementation to use only 32-bits instead of 128-bits
by Paul Bakker
· 12 years ago
e47b34b
Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
by Paul Bakker
· 12 years ago
2ca8ad1
Made x509parse.c also work with missing hash header files
by Paul Bakker
· 12 years ago
6deb37e
Added comments to indicate dependency from PEM on AES, DES and MD5
by Paul Bakker
· 12 years ago
fbb5cf9
Fixed typo in base64.h
by Paul Bakker
· 12 years ago
86f04f4
Fixed comment
by Paul Bakker
· 12 years ago
c046350
Fixed memory leak in ssl_free() and ssl_reset() for active session
by Paul Bakker
· 12 years ago
c7a2da4
Updated for PolarSSL 1.2.5
by Paul Bakker
· 13 years ago
polarssl-1.2.5
40865c8
Added sending of alert messages in case of decryption failures as per RFC
by Paul Bakker
· 13 years ago
d66f070
Disable debug messages that can introduce a timing side channel.
by Paul Bakker
· 13 years ago
4582999
Fixed timing difference resulting from badly formatted padding.
by Paul Bakker
· 13 years ago
8fe40dc
Allow enabling of dummy error_strerror() to support some use-cases
by Paul Bakker
· 13 years ago
14c56a3
Updated for PolarSSL 1.2.4
by Paul Bakker
· 13 years ago
polarssl-1.2.4
9d2bb65
Added PolarSSL 1.1.5 ChangeLog from 1.1 branch
by Paul Bakker
· 13 years ago
1961b70
Added ssl_handshake_step() to allow single stepping the handshake process
by Paul Bakker
· 13 years ago
9c94cdd
Correctly handle CertificateRequest with empty DN list in <= TLS 1.1
by Paul Bakker
· 13 years ago
f626e1d
Fixed comment on maximum tested size for POLARSSL_MPI_MAX_LIMBS
by Paul Bakker
· 13 years ago
21dca69
Handle future version properly in ssl_write_certificate_request()
by Paul Bakker
· 13 years ago
58ef6ec
Cleaner test-memory cleanups
by Paul Bakker
· 13 years ago
Next »