Commits · 9af7d3a35be835e48f4aa9a23d7869e339d84a63 · BC / public / external / mbedtls

18 Jan, 2014 1 commit
- Add fast reduction for the other Koblitz curves · 9af7d3a3
  Manuel Pégourié-Gonnard authored Jan 18, 2014
  
  9af7d3a3
17 Jan, 2014 5 commits
- Add mod_p256k1 · 8887d8d3
  Manuel Pégourié-Gonnard authored Jan 17, 2014
```
Makes secp256k1 about 4x faster
```
  8887d8d3
- Add support for secp192k1 · ea499a73
  Manuel Pégourié-Gonnard authored Jan 11, 2014
  
  ea499a73
- Fix bug in ecdh_calc_secret() · 0a56c2c6
  Manuel Pégourié-Gonnard authored Jan 17, 2014
```
Only affects curves with nbits != pbits (currently only secp224k1)
```
  0a56c2c6
- Fix theoretical compliance issue in ECDSA · 5304812b
  Manuel Pégourié-Gonnard authored Jan 03, 2014
```
The issue would happen for curves whose bitlength is not a multiple of eight
(the only case is NIST P-521) with hashes that are longer than the bitlength
of the curve: since the wides hash is 512 bits long, this can't happen.
Fixing however as a matter of principle and readability.
```
  5304812b
- Add support for secp224k1 · 18e3ec9b
  Manuel Pégourié-Gonnard authored Jan 11, 2014
  
  18e3ec9b
10 Jan, 2014 2 commits
- Add OIDs and TLS IDs for prime Koblitz curves · 9bcff390
  Manuel Pégourié-Gonnard authored Jan 10, 2014
  
  9bcff390
- Add support for secp256k1 arithmetic · f51c8fc3
  Manuel Pégourié-Gonnard authored Jan 10, 2014
  
  f51c8fc3
31 Dec, 2013 9 commits
- Added failure stub for uninitialized POLARSSL_THREADING_ALT functions · c78c8422
  Paul Bakker authored Dec 31, 2013
  
  c78c8422
- Removed POLARSSL_THREADING_DUMMY option · a8fd3e31
  Paul Bakker authored Dec 31, 2013
  
  a8fd3e31
- Rewrote check to prevent read of uninitialized data in · 4de44aa0
  Paul Bakker authored Dec 31, 2013
```
rsa_rsassa_pss_verify()
```
  4de44aa0
- Fixed potential overflow in certificate size in ssl_write_certificate() · 6992eb76
  Paul Bakker authored Dec 31, 2013
  
  6992eb76
- Added missing MPI_CHK() around some statements · 6ea1a95c
  Paul Bakker authored Dec 31, 2013
  
  6ea1a95c
- Prepped for 1.3.3 · 5bc07a3d
  Paul Bakker authored Dec 31, 2013
  
  5bc07a3d
- Added cast to socket() return value to prevent Windows warning · 00f5c52b
  Paul Bakker authored Dec 31, 2013
  
  00f5c52b
- Merged ECP memory usage optimizations · c7387913
  Paul Bakker authored Dec 31, 2013
  
  c7387913
- Initialize ebx and edx in padlock functions · 53e1513f
  Paul Bakker authored Dec 30, 2013
  
  53e1513f
30 Dec, 2013 23 commits
- Proper const modifier in test_suite_x509_csr_check() · 3a8cb6ff
  Paul Bakker authored Dec 30, 2013
  
  3a8cb6ff
- Fix a few unchecked return codes in EC · 26bc1c0f
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  26bc1c0f
- Made AES-NI bit-size specific key expansion functions static · 93759b04
  Paul Bakker authored Dec 30, 2013
  
  93759b04
- Add another option to reduce EC memory usage · 9e4191c3
  Manuel Pégourié-Gonnard authored Dec 30, 2013
```
Also document speed/memory trade-offs better.
```
  9e4191c3
- Add statistics about number of allocated blocks · 70896a02
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  70896a02
- Forced cast to unsigned int for %u format in the ecdsa application · caf0e609
  Paul Bakker authored Dec 30, 2013
  
  caf0e609
- Forced cast to unsigned int for %u format in ecp_selftest() · ec4bea7e
  Paul Bakker authored Dec 30, 2013
  
  ec4bea7e
- Position of -Werror is relevant · e1e962de
  Paul Bakker authored Dec 30, 2013
  
  e1e962de
- Fixed documentation issues found by clang · a36d23e2
  Paul Bakker authored Dec 30, 2013
  
  a36d23e2
- Support for CLANG compiler in CMakeLists.txt · 92bc875e
  Paul Bakker authored Dec 30, 2013
  
  92bc875e
- Lessen peak memory usage in EC by freeing earlier · 1f789b83
  Manuel Pégourié-Gonnard authored Dec 30, 2013
```
Cuts peak usage by 25% :)
```
  1f789b83
- Save some small memory allocations inside ecp_mul() · 72c172a1
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  72c172a1
- Properly put the pragma comment for the MSVC linker in defines · f0fc2a27
  Paul Bakker authored Dec 30, 2013
  
  f0fc2a27
- Removed 'z' length modifier from format in ecdsa program · 29e86eae
  Paul Bakker authored Dec 30, 2013
  
  29e86eae
- Removed 'z' length modifier from low-value size_t in ecp_selftest() · 92bcadb1
  Paul Bakker authored Dec 30, 2013
  
  92bcadb1
- Fixed superfluous return value in aesni.c · e7f51335
  Paul Bakker authored Dec 30, 2013
  
  e7f51335
- Only specify done label in aes.c when AES-NI is possible · 0d0de921
  Paul Bakker authored Dec 30, 2013
  
  0d0de921
- Only search for Pthread on Windows platforms · 3e72f6ef
  Paul Bakker authored Dec 30, 2013
  
  3e72f6ef
- Reduced the input / output overhead with 200+ bytes and covered corner · 956c9e06
  Paul Bakker authored Dec 19, 2013
```
case

The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.

Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.

We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
```
  956c9e06
- Added version of the SSL pthread server example · f9c4953e
  Paul Bakker authored Dec 19, 2013
  
  f9c4953e
- Merged AES-NI support for AES, AES-GCM and AES key scheduling · 23116fdb
  Paul Bakker authored Dec 30, 2013
  
  23116fdb
- Added -Werror to Check buildtype · ad0db975
  Paul Bakker authored Dec 30, 2013
  
  ad0db975
- aesni_gcm_mult() now returns void · d4588cfb
  Manuel Pégourié-Gonnard authored Dec 30, 2013
  
  d4588cfb