2009-01-04 16:08:55 +00:00
|
|
|
|
PolarSSL ChangeLog
|
|
|
|
|
|
2009-06-20 08:22:43 +00:00
|
|
|
|
= Version X released on X
|
2009-06-28 21:50:27 +00:00
|
|
|
|
Features
|
|
|
|
|
* Added CMake makefiles as alternative to regular Makefiles.
|
|
|
|
|
* Added preliminary Code Coverage tests for AES, ARC4,
|
2009-07-10 22:38:58 +00:00
|
|
|
|
Base64, MPI, SHA-family, MD-family, HMAC-SHA-family,
|
|
|
|
|
Camellia, DES, 3-DES, RSA PKCS#1, XTEA, Diffie-Hellman
|
|
|
|
|
and X509parse.
|
2009-06-28 21:50:27 +00:00
|
|
|
|
|
2009-06-20 08:22:43 +00:00
|
|
|
|
Bug fixes
|
2009-07-11 16:35:32 +00:00
|
|
|
|
* Prevented use of long long in bignum if
|
|
|
|
|
POLARSSL_HAVE_LONGLONG not defined (found by Giles
|
|
|
|
|
Bathgate).
|
2009-06-20 08:22:43 +00:00
|
|
|
|
* Fixed incorrect handling of negative strings in
|
|
|
|
|
mpi_read_string() (found by code coverage tests).
|
2009-07-10 22:38:58 +00:00
|
|
|
|
* Fixed segfault on handling empty rsa_context in
|
|
|
|
|
rsa_check_pubkey() and rsa_check_privkey() (found by
|
|
|
|
|
code coverage tests).
|
2009-06-20 10:31:06 +00:00
|
|
|
|
* Fixed incorrect handling of one single negative input
|
|
|
|
|
value in mpi_add_abs() (found by code coverage tests).
|
2009-06-20 10:50:55 +00:00
|
|
|
|
* Fixed incorrect handling of negative first input
|
|
|
|
|
value in mpi_sub_abs() (found by code coverage tests).
|
2009-06-23 19:46:08 +00:00
|
|
|
|
* Fixed incorrect handling of negative first input
|
|
|
|
|
value in mpi_mod_mpi() and mpi_mod_int(). Resulting
|
|
|
|
|
change also affects mpi_write_string() (found by code
|
|
|
|
|
coverage tests).
|
2009-06-25 21:25:49 +00:00
|
|
|
|
* Corrected is_prime() results for 0, 1 and 2 (found by
|
|
|
|
|
code coverage tests).
|
2009-06-20 08:22:43 +00:00
|
|
|
|
|
2009-05-17 10:27:03 +00:00
|
|
|
|
= Version 0.11.1 released on 2009-05-17
|
|
|
|
|
* Fixed missing functionality for SHA-224, SHA-256, SHA384,
|
|
|
|
|
SHA-512 in rsa_pkcs1_sign()
|
|
|
|
|
|
2009-05-03 13:12:27 +00:00
|
|
|
|
= Version 0.11.0 released on 2009-05-03
|
2009-01-29 22:24:33 +00:00
|
|
|
|
* Fixed a bug in mpi_gcd() so that it also works when both
|
|
|
|
|
input numbers are even and added testcases to check
|
2009-03-28 18:54:06 +00:00
|
|
|
|
(found by Pierre Habouzit).
|
2009-02-09 22:32:35 +00:00
|
|
|
|
* Added support for SHA-224, SHA-256, SHA-384 and SHA-512
|
|
|
|
|
one way hash functions with the PKCS#1 v1.5 signing and
|
|
|
|
|
verification.
|
2009-03-28 17:52:44 +00:00
|
|
|
|
* Fixed minor bug regarding mpi_gcd located within the
|
|
|
|
|
POLARSSL_GENPRIME block.
|
2009-03-28 18:54:06 +00:00
|
|
|
|
* Fixed minor memory leak in x509parse_crt() and added better
|
|
|
|
|
handling of 'full' certificate chains (found by Mathias
|
|
|
|
|
Olsson).
|
2009-04-19 18:44:26 +00:00
|
|
|
|
* Centralized file opening and reading for x509 files into
|
|
|
|
|
load_file()
|
2009-04-19 18:55:16 +00:00
|
|
|
|
* Made definition of net_htons() endian-clean for big endian
|
|
|
|
|
systems (Found by Gernot).
|
2009-04-19 21:17:09 +00:00
|
|
|
|
* Undefining POLARSSL_HAVE_ASM now also handles prevents asm in
|
|
|
|
|
padlock and timing code.
|
2009-05-03 13:12:27 +00:00
|
|
|
|
* Fixed an off-by-one buffer allocation in ssl_set_hostname()
|
|
|
|
|
responsible for crashes and unwanted behaviour.
|
|
|
|
|
* Added support for Certificate Revocation List (CRL) parsing.
|
2009-05-03 10:18:48 +00:00
|
|
|
|
* Added support for CRL revocation to x509parse_verify() and
|
|
|
|
|
SSL/TLS code.
|
2009-05-03 16:06:43 +00:00
|
|
|
|
* Fixed compatibility of XTEA and Camellia on a 64-bit system
|
|
|
|
|
(found by Felix von Leitner).
|
2009-01-29 22:24:33 +00:00
|
|
|
|
|
2009-01-15 19:45:54 +00:00
|
|
|
|
= Version 0.10.0 released on 2009-01-12
|
2009-01-04 18:15:48 +00:00
|
|
|
|
* Migrated XySSL to PolarSSL
|
|
|
|
|
* Added XTEA symmetric cipher
|
2009-01-10 23:31:23 +00:00
|
|
|
|
* Added Camellia symmetric cipher
|
2009-01-11 20:26:11 +00:00
|
|
|
|
* Added support for ciphersuites: SSL_RSA_CAMELLIA_128_SHA,
|
|
|
|
|
SSL_RSA_CAMELLIA_256_SHA and SSL_EDH_RSA_CAMELLIA_256_SHA
|
2009-01-12 21:50:17 +00:00
|
|
|
|
* Fixed dangerous bug that can cause a heap overflow in
|
|
|
|
|
rsa_pkcs1_decrypt (found by Christophe Devine)
|
2009-01-04 16:08:55 +00:00
|
|
|
|
|
|
|
|
|
================================================================
|
|
|
|
|
XySSL ChangeLog
|
2009-01-03 21:22:43 +00:00
|
|
|
|
|
|
|
|
|
= Version 0.9 released on 2008-03-16
|
|
|
|
|
|
|
|
|
|
* Added support for ciphersuite: SSL_RSA_AES_128_SHA
|
|
|
|
|
* Enabled support for large files by default in aescrypt2.c
|
|
|
|
|
* Preliminary openssl wrapper contributed by David Barrett
|
|
|
|
|
* Fixed a bug in ssl_write() that caused the same payload to
|
|
|
|
|
be sent twice in non-blocking mode when send returns EAGAIN
|
|
|
|
|
* Fixed ssl_parse_client_hello(): session id and challenge must
|
|
|
|
|
not be swapped in the SSLv2 ClientHello (found by Greg Robson)
|
|
|
|
|
* Added user-defined callback debug function (Krystian Kolodziej)
|
|
|
|
|
* Before freeing a certificate, properly zero out all cert. data
|
|
|
|
|
* Fixed the "mode" parameter so that encryption/decryption are
|
|
|
|
|
not swapped on PadLock; also fixed compilation on older versions
|
|
|
|
|
of gcc (bug reported by David Barrett)
|
|
|
|
|
* Correctly handle the case in padlock_xcryptcbc() when input or
|
|
|
|
|
ouput data is non-aligned by falling back to the software
|
|
|
|
|
implementation, as VIA Nehemiah cannot handle non-aligned buffers
|
|
|
|
|
* Fixed a memory leak in x509parse_crt() which was reported by Greg
|
|
|
|
|
Robson-Garth; some x509write.c fixes by Pascal Vizeli, thanks to
|
|
|
|
|
Matthew Page who reported several bugs
|
|
|
|
|
* Fixed x509_get_ext() to accept some rare certificates which have
|
|
|
|
|
an INTEGER instead of a BOOLEAN for BasicConstraints::cA.
|
|
|
|
|
* Added support on the client side for the TLS "hostname" extension
|
|
|
|
|
(patch contributed by David Patino)
|
|
|
|
|
* Make x509parse_verify() return BADCERT_CN_MISMATCH when an empty
|
|
|
|
|
string is passed as the CN (bug reported by spoofy)
|
|
|
|
|
* Added an option to enable/disable the BN assembly code
|
|
|
|
|
* Updated rsa_check_privkey() to verify that (D*E) = 1 % (P-1)*(Q-1)
|
|
|
|
|
* Disabled obsolete hash functions by default (MD2, MD4); updated
|
|
|
|
|
selftest and benchmark to not test ciphers that have been disabled
|
|
|
|
|
* Updated x509parse_cert_info() to correctly display byte 0 of the
|
|
|
|
|
serial number, setup correct server port in the ssl client example
|
|
|
|
|
* Fixed a critical denial-of-service with X.509 cert. verification:
|
|
|
|
|
peer may cause xyssl to loop indefinitely by sending a certificate
|
|
|
|
|
for which the RSA signature check fails (bug reported by Benoit)
|
|
|
|
|
* Added test vectors for: AES-CBC, AES-CFB, DES-CBC and 3DES-CBC,
|
|
|
|
|
HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512
|
|
|
|
|
* Fixed HMAC-SHA-384 and HMAC-SHA-512 (thanks to Josh Sinykin)
|
|
|
|
|
* Modified ssl_parse_client_key_exchange() to protect against
|
|
|
|
|
Daniel Bleichenbacher attack on PKCS#1 v1.5 padding, as well
|
|
|
|
|
as the Klima-Pokorny-Rosa extension of Bleichenbacher's attack
|
|
|
|
|
* Updated rsa_gen_key() so that ctx->N is always nbits in size
|
|
|
|
|
* Fixed assembly PPC compilation errors on Mac OS X, thanks to
|
|
|
|
|
David Barrett and Dusan Semen
|
|
|
|
|
|
|
|
|
|
= Version 0.8 released on 2007-10-20
|
|
|
|
|
|
|
|
|
|
* Modified the HMAC functions to handle keys larger
|
|
|
|
|
than 64 bytes, thanks to Stephane Desneux and gary ng
|
|
|
|
|
* Fixed ssl_read_record() to properly update the handshake
|
|
|
|
|
message digests, which fixes IE6/IE7 client authentication
|
|
|
|
|
* Cleaned up the XYSSL* #defines, suggested by Azriel Fasten
|
|
|
|
|
* Fixed net_recv(), thanks to Lorenz Schori and Egon Kocjan
|
|
|
|
|
* Added user-defined callbacks for handling I/O and sessions
|
|
|
|
|
* Added lots of debugging output in the SSL/TLS functions
|
|
|
|
|
* Added preliminary X.509 cert. writing by Pascal Vizeli
|
|
|
|
|
* Added preliminary support for the VIA PadLock routines
|
|
|
|
|
* Added AES-CFB mode of operation, contributed by chmike
|
|
|
|
|
* Added an SSL/TLS stress testing program (ssl_test.c)
|
|
|
|
|
* Updated the RSA PKCS#1 code to allow choosing between
|
|
|
|
|
RSA_PUBLIC and RSA_PRIVATE, as suggested by David Barrett
|
|
|
|
|
* Updated ssl_read() to skip 0-length records from OpenSSL
|
|
|
|
|
* Fixed the make install target to comply with *BSD make
|
|
|
|
|
* Fixed a bug in mpi_read_binary() on 64-bit platforms
|
|
|
|
|
* mpi_is_prime() speedups, thanks to Kevin McLaughlin
|
|
|
|
|
* Fixed a long standing memory leak in mpi_is_prime()
|
|
|
|
|
* Replaced realloc with malloc in mpi_grow(), and set
|
|
|
|
|
the sign of zero as positive in mpi_init() (reported
|
|
|
|
|
by Jonathan M. McCune)
|
|
|
|
|
|
|
|
|
|
= Version 0.7 released on 2007-07-07
|
|
|
|
|
|
|
|
|
|
* Added support for the MicroBlaze soft-core processor
|
|
|
|
|
* Fixed a bug in ssl_tls.c which sometimes prevented SSL
|
|
|
|
|
connections from being established with non-blocking I/O
|
|
|
|
|
* Fixed a couple bugs in the VS6 and UNIX Makefiles
|
|
|
|
|
* Fixed the "PIC register ebx clobbered in asm" bug
|
|
|
|
|
* Added HMAC starts/update/finish support functions
|
|
|
|
|
* Added the SHA-224, SHA-384 and SHA-512 hash functions
|
|
|
|
|
* Fixed the net_set_*block routines, thanks to Andreas
|
|
|
|
|
* Added a few demonstration programs: md5sum, sha1sum,
|
|
|
|
|
dh_client, dh_server, rsa_genkey, rsa_sign, rsa_verify
|
|
|
|
|
* Added new bignum import and export helper functions
|
|
|
|
|
* Rewrote README.txt in program/ssl/ca to better explain
|
|
|
|
|
how to create a test PKI
|
|
|
|
|
|
|
|
|
|
= Version 0.6 released on 2007-04-01
|
|
|
|
|
|
|
|
|
|
* Ciphers used in SSL/TLS can now be disabled at compile
|
|
|
|
|
time, to reduce the memory footprint on embedded systems
|
|
|
|
|
* Added multiply assembly code for the TriCore and modified
|
|
|
|
|
havege_struct for this processor, thanks to David Pati<74>o
|
|
|
|
|
* Added multiply assembly code for 64-bit PowerPCs,
|
|
|
|
|
thanks to Peking University and the OSU Open Source Lab
|
|
|
|
|
* Added experimental support of Quantum Cryptography
|
|
|
|
|
* Added support for autoconf, contributed by Arnaud Cornet
|
|
|
|
|
* Fixed "long long" compilation issues on IA-64 and PPC64
|
|
|
|
|
* Fixed a bug introduced in xyssl-0.5/timing.c: hardclock
|
|
|
|
|
was not being correctly defined on ARM and MIPS
|
|
|
|
|
|
|
|
|
|
= Version 0.5 released on 2007-03-01
|
|
|
|
|
|
|
|
|
|
* Added multiply assembly code for SPARC and Alpha
|
|
|
|
|
* Added (beta) support for non-blocking I/O operations
|
|
|
|
|
* Implemented session resuming and client authentication
|
|
|
|
|
* Fixed some portability issues on WinCE, MINIX 3, Plan9
|
|
|
|
|
(thanks to Benjamin Newman), HP-UX, FreeBSD and Solaris
|
|
|
|
|
* Improved the performance of the EDH key exchange
|
|
|
|
|
* Fixed a bug that caused valid packets with a payload
|
|
|
|
|
size of 16384 bytes to be rejected
|
|
|
|
|
|
|
|
|
|
= Version 0.4 released on 2007-02-01
|
|
|
|
|
|
|
|
|
|
* Added support for Ephemeral Diffie-Hellman key exchange
|
|
|
|
|
* Added multiply asm code for SSE2, ARM, PPC, MIPS and M68K
|
|
|
|
|
* Various improvement to the modular exponentiation code
|
|
|
|
|
* Rewrote the headers to generate the API docs with doxygen
|
|
|
|
|
* Fixed a bug in ssl_encrypt_buf (incorrect padding was
|
|
|
|
|
generated) and in ssl_parse_client_hello (max. client
|
|
|
|
|
version was not properly set), thanks to Didier Rebeix
|
|
|
|
|
* Fixed another bug in ssl_parse_client_hello: clients with
|
|
|
|
|
cipherlists larger than 96 bytes were incorrectly rejected
|
|
|
|
|
* Fixed a couple memory leak in x509_read.c
|
|
|
|
|
|
|
|
|
|
= Version 0.3 released on 2007-01-01
|
|
|
|
|
|
|
|
|
|
* Added server-side SSLv3 and TLSv1.0 support
|
|
|
|
|
* Multiple fixes to enhance the compatibility with g++,
|
|
|
|
|
thanks to Xos<6F> Ant<6E>n Otero Ferreira
|
|
|
|
|
* Fixed a bug in the CBC code, thanks to dowst; also,
|
|
|
|
|
the bignum code is no longer dependant on long long
|
|
|
|
|
* Updated rsa_pkcs1_sign to handle arbitrary large inputs
|
|
|
|
|
* Updated timing.c for improved compatibility with i386
|
|
|
|
|
and 486 processors, thanks to Arnaud Cornet
|
|
|
|
|
|
|
|
|
|
= Version 0.2 released on 2006-12-01
|
|
|
|
|
|
|
|
|
|
* Updated timing.c to support ARM and MIPS arch
|
|
|
|
|
* Updated the MPI code to support 8086 on MSVC 1.5
|
|
|
|
|
* Added the copyright notice at the top of havege.h
|
|
|
|
|
* Fixed a bug in sha2_hmac, thanks to newsoft/Wenfang Zhang
|
|
|
|
|
* Fixed a bug reported by Adrian R<>egsegger in x509_read_key
|
|
|
|
|
* Fixed a bug reported by Torsten Lauter in ssl_read_record
|
|
|
|
|
* Fixed a bug in rsa_check_privkey that would wrongly cause
|
|
|
|
|
valid RSA keys to be dismissed (thanks to oldwolf)
|
|
|
|
|
* Fixed a bug in mpi_is_prime that caused some primes to fail
|
|
|
|
|
the Miller-Rabin primality test
|
|
|
|
|
|
|
|
|
|
I'd also like to thank Youn<75>s Hafri for the CRUX linux port,
|
|
|
|
|
Khalil Petit who added XySSL into pkgsrc and Arnaud Cornet
|
|
|
|
|
who maintains the Debian package :-)
|
|
|
|
|
|
|
|
|
|
= Version 0.1 released on 2006-11-01
|
|
|
|
|
|