Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-31 03:38:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

- Merged changesets 1399 up to and including 1415 into 1.2 branch

Browse source
This commit is contained in:
Paul Bakker 2012-11-14 12:39:52 +00:00
parent 97872aceb6
commit 9a73632fd9
33 changed files with 178 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

2
include/polarssl/aes.h
View file

@ -141,7 +141,7 @@ int aes_crypt_cfb128( aes_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief AES-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!

2
include/polarssl/arc4.h
View file

@ -66,7 +66,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keyle
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed

4
include/polarssl/bignum.h
View file

@ -223,7 +223,7 @@ void mpi_swap( mpi *X, mpi *Y );
*/
int mpi_lset( mpi *X, t_sint z );
/*
/**
* \brief Get a specific bit from X
*
* \param X MPI to use
@ -233,7 +233,7 @@ int mpi_lset( mpi *X, t_sint z );
*/
int mpi_get_bit( const mpi *X, size_t pos );
/*
/**
* \brief Set a bit of X to a specific value of 0 or 1
*
* \note Will grow X if necessary to set a bit to 1 in a not yet

2
include/polarssl/blowfish.h
View file

@ -129,7 +129,7 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Blowfish-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!

2
include/polarssl/camellia.h
View file

@ -139,7 +139,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief CAMELLIA-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!

6
include/polarssl/config.h
View file

@ -150,7 +150,7 @@
*
* Enable weak ciphersuites in SSL / TLS
* Warning: Only do so when you know what you are doing. This allows for
* channels without virtually no security at all!
* channels with virtually no security at all!
*
* This enables the following ciphersuites:
* TLS_RSA_WITH_DES_CBC_SHA
@ -345,7 +345,7 @@
/**
* \def POLARSSL_BIGNUM_C
*
* Enable the multo-precision integer library.
* Enable the multi-precision integer library.
*
* Module: library/bignum.c
* Caller: library/dhm.c
@ -738,7 +738,7 @@
*/
#define POLARSSL_SSL_CLI_C
/*
/**
* \def POLARSSL_SSL_SRV_C
*
* Enable the SSL/TLS server code.

2
include/polarssl/des.h
View file

@ -220,7 +220,7 @@ int des3_crypt_cbc( des3_context *ctx,
const unsigned char *input,
unsigned char *output );
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed

2
include/polarssl/dhm.h
View file

@ -225,7 +225,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, size_t *olen );
/*
/**
* \brief Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx );

4
include/polarssl/pkcs11.h
View file

@ -104,7 +104,7 @@ int pkcs11_decrypt( pkcs11_context *ctx,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
unsigned int output_max_len );
size_t output_max_len );
/**
* \brief Do a private RSA to sign a message digest
@ -134,7 +134,7 @@ int pkcs11_sign( pkcs11_context *ctx,
*/
static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
unsigned int output_max_len )
size_t output_max_len )
{
return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output,
output_max_len );

3
include/polarssl/rsa.h
View file

@ -167,6 +167,9 @@ extern "C" {
/**
* \brief Initialize an RSA context
*
* Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
* encryption scheme and the RSASSA-PSS signature scheme.
*
* \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier

14
include/polarssl/ssl.h
View file

@ -116,8 +116,8 @@
#define SSL_LEGACY_RENEGOTIATION 0
#define SSL_SECURE_RENEGOTIATION 1
#define SSL_RENEGOTIATION_ENABLED 0
#define SSL_RENEGOTIATION_DISABLED 1
#define SSL_RENEGOTIATION_DISABLED 0
#define SSL_RENEGOTIATION_ENABLED 1
#define SSL_LEGACY_NO_RENEGOTIATION 0
#define SSL_LEGACY_ALLOW_RENEGOTIATION 1
@ -852,7 +852,8 @@ void ssl_set_min_version( ssl_context *ssl, int major, int minor );
* (Default: SSL_RENEGOTIATION_DISABLED)
*
* Note: A server with support enabled is more vulnerable for a
* resource DoS by a malicious client.
* resource DoS by a malicious client. You should enable this on
* a client to enable server-initiated renegotiation.
*
* \param ssl SSL context
* \param renegotiation Enable or disable (SSL_RENEGOTIATION_ENABLED or
@ -883,8 +884,9 @@ void ssl_set_renegotiation( ssl_context *ssl, int renegotiation );
* (Most secure option, interoperability issues)
*
* \param ssl SSL context
* \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION or
* SSL_ALLOW_LEGACY_RENEGOTIATION)
* \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION,
* SSL_ALLOW_LEGACY_RENEGOTIATION or
* SSL_LEGACY_BREAK_HANDSHAKE)
*/
void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy );
@ -999,7 +1001,7 @@ int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len );
* (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL)
* \param message The alert message (SSL_ALERT_MSG_*)
*
* \return 1 if successful, or a specific SSL error code.
* \return 0 if successful, or a specific SSL error code.
*/
int ssl_send_alert_message( ssl_context *ssl,
unsigned char level,

8
include/polarssl/version.h
View file

@ -39,16 +39,16 @@
*/
#define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 2
#define POLARSSL_VERSION_PATCH 0
#define POLARSSL_VERSION_PATCH 1
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define POLARSSL_VERSION_NUMBER 0x01020000
#define POLARSSL_VERSION_STRING "1.2.0"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.0"
#define POLARSSL_VERSION_NUMBER 0x01020100
#define POLARSSL_VERSION_STRING "1.2.1"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.1"
#if defined(POLARSSL_VERSION_C)

4
include/polarssl/x509.h
View file

@ -641,7 +641,7 @@ int x509parse_crl_info( char *buf, size_t size, const char *prefix,
*/
const char *x509_oid_get_description( x509_buf *oid );
/*
/**
* \brief Give an OID, return a string version of its OID number.
*
* \param buf Buffer to write to
@ -680,7 +680,7 @@ int x509parse_time_expired( const x509_time *time );
* (void *parameter, x509_cert *crt, int certificate_depth,
* int *flags). With the flags representing current flags for
* that specific certificate and the certificate depth from
* the top (Trust CA depth = 0).
* the bottom (Peer cert depth = 0).
*
* All flags left after returning from the callback
* are also returned to the application. The function should

2
include/polarssl/xtea.h
View file

@ -97,7 +97,7 @@ int xtea_crypt_cbc( xtea_context *ctx,
unsigned char *input,
unsigned char *output);
/*
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed