Avg Release Cycle
828 days ago
- HAVEGE random generator disabled by default
- x509parse_crt() now better handles PEM error situations
- ssl_parse_certificate() now calls x509parse_crt_der() directly instead of the x509parse_crt() wrapper that can also parse PEM certificates
- Fixed values for 2-key Triple DES in cipher layer
- ssl_write_certificate_request() can handle empty ca_chain
- A possible DoS during the SSL Handshake, due to faulty parsing of PEM-encoded certificates has been fixed (found by Jack Lloyd)
- Fixed net_bind() for specified IP addresses on little endian systems
- Allow enabling of dummy error_strerror() to support some use-cases
- Debug messages about padding errors during SSL message decryption are disabled by default and can be enabled with POLARSSL_SSL_DEBUG_ALL
- Removed timing differences during SSL message decryption in ssl_decrypt_buf()
- Removed timing differences due to bad padding from rsa_rsaes_pkcs1_v15_decrypt() and rsa_pkcs1_decrypt() for PKCS#1 v1.5 operations
- Fixed MPI assembly for SPARC64 platform
- Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
- mpi_add_abs() now correctly handles adding short numbers to long numbers with carry rollover
- Moved mpi_inv_mod() outside POLARSSL_GENPRIME
- Prevent reading over buffer boundaries on X509 certificate parsing
- mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52)
- Fixed possible segfault in mpi_shift_r() (found by Manuel Pégourié-Gonnard)
- Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel Pégourié-Gonnard)
- Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1
- Memory leak when using RSA_PKCS_V21 operations fixed
- Handle encryption with private key and decryption with public key as per RFC 2313
- Fixes for MSVC6
- Fixed potential memory zeroization on miscrafted RSA key (found by Eloi Vanderbeken)
- Correctly handle empty SSL/TLS packets (Found by James Yonan)
- Fixed potential heap corruption in x509_name allocation
- Fixed single RSA test that failed on Big Endian systems (Closes ticket #54)
- Fixed random MPI generation to not generate more size than requested.
- Fixed handling error in mpi_cmp_mpi() on longer B values (found by Hui Dong)
- Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST)
- Fixed generation of DHM parameters to correct length (found by Ruslan Yushchenko)
- Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink)
- Fixed issues with Intel compiler on 64-bit systems (Closes ticket #50)
- Fixed multiple compiler warnings for VS6 and armcc
- Fixed bug in CTR_CRBG selftest
- Added ssl_session_reset() to allow better multi-connection pools of SSL contexts without needing to set all non-connection-specific data and pointers again. Adapted ssl_server to use this functionality.
- Added ssl_set_max_version() to allow clients to offer a lower maximum supported version to a server to help buggy server implementations. (Closes ticket #36)
- Added cipher_get_cipher_mode() and cipher_get_cipher_operation() introspection functions (Closes ticket #40)
- Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
- Added a generic entropy accumulator that provides support for adding custom entropy sources and added some generic and platform dependent entropy sources
- Documentation for AES and Camellia in modes CTR and CFB128 clarified.
- Fixed rsa_encrypt and rsa_decrypt examples to use public key for encryption and private key for decryption. (Closes ticket #34)
- Inceased maximum size of ASN1 length reads to 32-bits.
- Added an EXPLICIT tag number parameter to x509_get_ext()
- Added a separate CRL entry extension parsing function
- Separated the ASN.1 parsing code from the X.509 specific parsing code. So now there is a module that is controlled with POLARSSL_ASN1_PARSE_C.
- Changed the defined key-length of DES ciphers in cipher.h to include the parity bits, to prevent mistakes in copying data. (Closes ticket #33)
- Loads of minimal changes to better support WINCE as a build target (Credits go to Marco Lizza)
- Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory trade-off
- Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44)
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
- Moved all examples programs to use the new entropy and CTR_DRBG
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error. Beware that the meaning of return values has changed!
- All error codes are now negative. Even on mermory failures and IO errors.
- Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes ticket #37)
- Fixed a bug where the CRL parser expected an EXPLICIT ASN.1 tag before version numbers
- Allowed X509 key usage parsing to accept 4 byte values instead of the standard 1 byte version sometimes used by Microsoft. (Closes ticket #38)
- Fixed incorrect behaviour in case of RSASSA-PSS with a salt length smaller than the hash length. (Closes ticket #41)
- If certificate serial is longer than 32 octets, serial number is now appended with '....' after first 28 octets
- Improved build support for s390x and sparc64 in bignum.h
- Fixed MS Visual C++ name clash with int64 in sha4.h
- Corrected removal of leading "00:" in printing serial numbers in certificates and CRLs
- Expanded cipher layer with support for CFB128 and CTR mode
- Added rsa_encrypt and rsa_decrypt simple example programs.
- The generic cipher and message digest layer now have normal error codes instead of integers
- Undid faulty bug fix in ssl_write() when flushing old data (Ticket #18)
- Added additional Cipher Block Modes to symmetric ciphers (AES CTR, Camellia CTR, XTEA CBC) including the option to enable and disable individual modes when needed
- Functions requiring File System functions can now be disabled by undefining POLARSSL_FS_IO
- A error_strerror function() has been added to translate between error codes and their description.
- Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions.
- Added ssl_mail_client and ssl_fork_server as example programs.
- Major argument / variable rewrite. Introduced use of size_t instead of int for buffer lengths and loop variables for better unsigned / signed use. Renamed internal bigint types t_int and t_dbl to t_uint and t_udbl in the process
- mpi_init() and mpi_free() now only accept a single MPI argument and do not accept variable argument lists anymore.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
- Changed behaviour of net_read(), ssl_fetch_input() and ssl_recv(). net_recv() now returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake.
- Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN