mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:cyassl/cyassl

Browse Source
This commit is contained in:
toddouska 2012-10-17 10:05:05 -07:00
commit c11620f9b4
10 changed files with 43 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README
View File

@ -34,7 +34,20 @@ before calling SSL_new(); Though it's not recommended.
*** end Note ***
CyaSSL Release 2.3.0 (8/10/2012)
CyaSSL Release 2.4.0 (10/10/2012)
Release 2.4.0 CyaSSL has bug fixes and a few new features including:
- DTLS reliability
- Reduced memory usage after handshake
- Updated build process
The CyaSSL manual is available at:
http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions
and comments about the new features please check the manual.
*************** CyaSSL Release 2.3.0 (8/10/2012)
Release 2.3.0 CyaSSL has bug fixes and a few new features including:
- AES-GCM crypto and cipher suites

4
configure.ac
View File

@ -6,7 +6,7 @@
#
#
AC_INIT([cyassl],[2.3.1],[http://www.yassl.com])
AC_INIT([cyassl],[2.4.0],[http://www.yassl.com])
AC_CONFIG_AUX_DIR(config)
@ -25,7 +25,7 @@ AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS.
#shared library versioning
CYASSL_LIBRARY_VERSION=3:2:0
CYASSL_LIBRARY_VERSION=3:3:0
# | | |
# +------+ | +---+
# | | |

10
ctaocrypt/src/aes.c
View File

@ -743,7 +743,7 @@ static const word32 Td[5][256] = {
#endif /* _MSC_VER */
static int Check_CPU_support_AES()
static int Check_CPU_support_AES(void)
{
unsigned int a,b,c,d;
cpuid(1,a,b,c,d);
@ -865,6 +865,9 @@ static int AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
word32 temp, *rk = aes->key;
unsigned int i = 0;
#ifdef CYASSL_AESNI
aes->use_aesni = 0;
#endif /* CYASSL_AESNI */
aes->rounds = keylen/4 + 6;
XMEMCPY(rk, userKey, keylen);
@ -1003,6 +1006,7 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
checkAESNI = 1;
}
if (haveAESNI) {
aes->use_aesni = 1;
if (iv)
XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
if (dir == AES_ENCRYPTION)
@ -1028,7 +1032,7 @@ static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return; /* stop instead of segfaulting, set up your keys! */
}
#ifdef CYASSL_AESNI
if (haveAESNI) {
if (aes->use_aesni) {
CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct");
return; /* just stop now */
}
@ -1173,7 +1177,7 @@ static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
return; /* stop instead of segfaulting, set up your keys! */
}
#ifdef CYASSL_AESNI
if (haveAESNI) {
if (aes->use_aesni) {
CYASSL_MSG("AesEncrypt encountered aesni keysetup, don't use direct");
return; /* just stop now */
}

4
ctaocrypt/test/test.c
View File

@ -1230,9 +1230,9 @@ int aes_test(void)
0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
};
AesSetKey(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
AesSetKey(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);

3
cyassl/ctaocrypt/aes.h
View File

@ -76,6 +76,9 @@ typedef struct Aes {
ALIGN16 byte M0[256][AES_BLOCK_SIZE];
#endif /* GCM_TABLE */
#endif /* HAVE_AESGCM */
#ifdef CYASSL_AESNI
byte use_aesni;
#endif /* CYASSL_AESNI */
} Aes;

1
cyassl/internal.h
View File

@ -342,6 +342,7 @@ enum Misc {
TLSv1_MINOR = 1, /* TLSv1 minor version number */
TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */
TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */
INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */
NO_COMPRESSION = 0,
ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */
HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */

4
cyassl/version.h
View File

@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBCYASSL_VERSION_STRING "2.3.1"
#define LIBCYASSL_VERSION_HEX 0x02003001
#define LIBCYASSL_VERSION_STRING "2.4.0"
#define LIBCYASSL_VERSION_HEX 0x02004000
#ifdef __cplusplus
}

18
src/internal.c
View File

@ -498,11 +498,11 @@ void FreeCiphers(CYASSL* ssl)
void InitCipherSpecs(CipherSpecs* cs)
{
cs->bulk_cipher_algorithm = -1;
cs->cipher_type = -1;
cs->mac_algorithm = -1;
cs->kea = -1;
cs->sig_algo = -1;
cs->bulk_cipher_algorithm = INVALID_BYTE;
cs->cipher_type = INVALID_BYTE;
cs->mac_algorithm = INVALID_BYTE;
cs->kea = INVALID_BYTE;
cs->sig_algo = INVALID_BYTE;
cs->hash_size = 0;
cs->static_ecdh = 0;
@ -7110,15 +7110,17 @@ int SetCipherList(Suites* s, const char* list)
b = input[i++];
if (b) {
byte cookie[MAX_COOKIE_LEN];
byte cookieSz;
if (b > MAX_COOKIE_LEN)
return BUFFER_ERROR;
if (i + b > totalSz)
return INCOMPLETE_DATA;
cookieSz = EmbedGenerateCookie(cookie, COOKIE_SZ, ssl);
if ((b != cookieSz) || XMEMCMP(cookie, input + i, b) != 0)
if ((EmbedGenerateCookie(cookie, COOKIE_SZ, ssl)
!= COOKIE_SZ)
|| (b != COOKIE_SZ)
|| (XMEMCMP(cookie, input + i, b) != 0)) {
return COOKIE_ERROR;
}
i += b;
}
}

2
src/io.c
View File

@ -320,7 +320,7 @@ int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx)
else {
if (dtlsCtx != NULL
&& dtlsCtx->peer.sz > 0
&& peerSz != dtlsCtx->peer.sz
&& peerSz != (XSOCKLENT)dtlsCtx->peer.sz
&& memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) {
CYASSL_MSG(" Ignored packet from invalid peer");
return IO_ERR_WANT_READ;

2
src/tls.c
View File

@ -374,7 +374,7 @@ void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz,
c16toa((word16)sz, length);
#ifdef CYASSL_DTLS
if (ssl->options.dtls)
c16toa(GetEpoch(ssl, verify), seq);
c16toa((word16)GetEpoch(ssl, verify), seq);
#endif
c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);