BearSSL
4 years agoNew simplified initialisation function for X.509 minimal engine.
Thomas Pornin [Thu, 29 Dec 2016 22:11:46 +0000 (23:11 +0100)]
New simplified initialisation function for X.509 minimal engine.

4 years agoAdded ALPN support (client and server).
Thomas Pornin [Wed, 28 Dec 2016 13:11:51 +0000 (14:11 +0100)]
Added ALPN support (client and server).

4 years agoFixed scheduling error (jumping back to failed engine, could lead to segfault).
Thomas Pornin [Sat, 24 Dec 2016 02:20:03 +0000 (03:20 +0100)]
Fixed scheduling error (jumping back to failed engine, could lead to segfault).

4 years agoAdded speed benchmark for Poly1305.
Thomas Pornin [Sat, 24 Dec 2016 02:19:29 +0000 (03:19 +0100)]
Added speed benchmark for Poly1305.

4 years agoFixed definition of function (wrong name).
Thomas Pornin [Thu, 22 Dec 2016 16:01:02 +0000 (17:01 +0100)]
Fixed definition of function (wrong name).

4 years agoFixed description of TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 in the command-line...
Thomas Pornin [Thu, 15 Dec 2016 00:10:52 +0000 (01:10 +0100)]
Fixed description of TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 in the command-line tool.

4 years agoAdded ChaCha20+Poly1305 support (stand-alone, cipher suites).
Thomas Pornin [Tue, 13 Dec 2016 19:01:19 +0000 (20:01 +0100)]
Added ChaCha20+Poly1305 support (stand-alone, cipher suites).

4 years agoAdded certificate name extraction API (from subject DN and SAN extension).
Thomas Pornin [Mon, 12 Dec 2016 19:45:06 +0000 (20:45 +0100)]
Added certificate name extraction API (from subject DN and SAN extension).

4 years agoOptimised T0 generated code: when possible (at most 256 words), word calls are encode...
Thomas Pornin [Mon, 12 Dec 2016 18:58:49 +0000 (19:58 +0100)]
Optimised T0 generated code: when possible (at most 256 words), word calls are encoded over one byte, even in the 128..255 range.

4 years agoAdded support for client certificates (both client-side and server-side, but still...
Thomas Pornin [Sat, 10 Dec 2016 16:35:06 +0000 (17:35 +0100)]
Added support for client certificates (both client-side and server-side, but still missing an API for extracting the client identity from the certificate).

4 years agoSmall documentation fixes.
Thomas Pornin [Wed, 30 Nov 2016 01:25:14 +0000 (02:25 +0100)]
Small documentation fixes.

4 years agoFixed buffer overrun (read only, usually harmless, but sloppy nonetheless).
Thomas Pornin [Tue, 29 Nov 2016 15:03:49 +0000 (16:03 +0100)]
Fixed buffer overrun (read only, usually harmless, but sloppy nonetheless).

4 years agoMore Doxygen-compatible documentation (SSL API).
Thomas Pornin [Wed, 23 Nov 2016 15:59:44 +0000 (16:59 +0100)]
More Doxygen-compatible documentation (SSL API).

4 years agoSome more Doxygen API documentation (X.509 processing).
Thomas Pornin [Tue, 22 Nov 2016 01:41:34 +0000 (02:41 +0100)]
Some more Doxygen API documentation (X.509 processing).

4 years agoMore API documentation (Doxygen format) for EC code.
Thomas Pornin [Mon, 21 Nov 2016 19:12:11 +0000 (20:12 +0100)]
More API documentation (Doxygen format) for EC code.

4 years agoFixed buffer overflow, and also NULL pointer dereference, in ECDSA signature handling.
Thomas Pornin [Mon, 21 Nov 2016 19:11:21 +0000 (20:11 +0100)]
Fixed buffer overflow, and also NULL pointer dereference, in ECDSA signature handling.

4 years agoMore API documentation in Doxygen format (block ciphers, PEM).
Thomas Pornin [Mon, 21 Nov 2016 15:29:51 +0000 (16:29 +0100)]
More API documentation in Doxygen format (block ciphers, PEM).

4 years agoFixed handling of CR+LF line endings in PEM objects.
Thomas Pornin [Mon, 21 Nov 2016 15:04:26 +0000 (16:04 +0100)]
Fixed handling of CR+LF line endings in PEM objects.

4 years agoAdded API to save and restore session parameters (for controllable session resumption...
Thomas Pornin [Sun, 20 Nov 2016 19:14:48 +0000 (20:14 +0100)]
Added API to save and restore session parameters (for controllable session resumption on the client side).

4 years agoAdded flag to prohibit renegotiations.
Thomas Pornin [Sun, 20 Nov 2016 17:50:37 +0000 (18:50 +0100)]
Added flag to prohibit renegotiations.

4 years agoSIGPIPE shall be ignored in most network-related cases.
Thomas Pornin [Sun, 20 Nov 2016 15:23:00 +0000 (16:23 +0100)]
SIGPIPE shall be ignored in most network-related cases.

4 years agoAdded support for TLS_FALLBACK_SCSV.
Thomas Pornin [Sun, 20 Nov 2016 15:14:48 +0000 (16:14 +0100)]
Added support for TLS_FALLBACK_SCSV.

4 years agoMore Doxygen documentation.
Thomas Pornin [Sat, 19 Nov 2016 22:55:44 +0000 (23:55 +0100)]
More Doxygen documentation.

4 years agoMore Doxygen-compatible documentation. Also unified two identical structures.
Thomas Pornin [Sat, 19 Nov 2016 18:05:08 +0000 (19:05 +0100)]
More Doxygen-compatible documentation. Also unified two identical structures.

4 years agoAdded support for ClientHello padding (RFC 7685) and fixed buffering bug.
Thomas Pornin [Fri, 18 Nov 2016 17:03:06 +0000 (18:03 +0100)]
Added support for ClientHello padding (RFC 7685) and fixed buffering bug.

4 years agoAdded some comments.
Thomas Pornin [Thu, 17 Nov 2016 02:20:52 +0000 (03:20 +0100)]
Added some comments.

4 years agoAdded Doxygen configuration file, and converted bearssl_hash.h file to Doxygen format.
Thomas Pornin [Thu, 17 Nov 2016 01:59:53 +0000 (02:59 +0100)]
Added Doxygen configuration file, and converted bearssl_hash.h file to Doxygen format.

4 years agoMoved address-to-string translation code to blocks that depend on the 'verbose' flag.
Thomas Pornin [Sat, 12 Nov 2016 15:49:27 +0000 (16:49 +0100)]
Moved address-to-string translation code to blocks that depend on the 'verbose' flag.

4 years agoFixed error reporting in case of PEM encoding error when decoding certificates.
Thomas Pornin [Sat, 12 Nov 2016 14:58:57 +0000 (15:58 +0100)]
Fixed error reporting in case of PEM encoding error when decoding certificates.

4 years agoBetter handling of inet_ntop() failures (which should not happen in practice, since...
Thomas Pornin [Sat, 12 Nov 2016 14:30:47 +0000 (15:30 +0100)]
Better handling of inet_ntop() failures (which should not happen in practice, since we filter on address family, but let's be cautious).

4 years agoImproved parsing of some integer arguments (sizes).
Thomas Pornin [Sat, 12 Nov 2016 14:23:43 +0000 (15:23 +0100)]
Improved parsing of some integer arguments (sizes).

4 years agoFixed displaying of IPv6 addresses.
Thomas Pornin [Sat, 12 Nov 2016 13:43:05 +0000 (14:43 +0100)]
Fixed displaying of IPv6 addresses.

4 years agoRemoved unreachable code.
Thomas Pornin [Sat, 12 Nov 2016 13:40:03 +0000 (14:40 +0100)]
Removed unreachable code.

4 years agoNo need to check for NULL, free_private_key() already does that.
Thomas Pornin [Wed, 9 Nov 2016 20:00:11 +0000 (21:00 +0100)]
No need to check for NULL, free_private_key() already does that.

4 years agoRemoved needless variable shadowing (suggested by Doug Hogan).
Thomas Pornin [Wed, 9 Nov 2016 18:58:17 +0000 (19:58 +0100)]
Removed needless variable shadowing (suggested by Doug Hogan).

4 years agoAdded .gitignore file (suggested by Doug Hogan).
Thomas Pornin [Wed, 9 Nov 2016 18:33:59 +0000 (19:33 +0100)]
Added .gitignore file (suggested by Doug Hogan).

4 years agoFixed some small bugs.
Thomas Pornin [Sat, 5 Nov 2016 01:29:18 +0000 (21:29 -0400)]
Fixed some small bugs.

4 years agoInitial import.
Thomas Pornin [Wed, 2 Nov 2016 23:01:13 +0000 (19:01 -0400)]
Initial import.