mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,131 Commits 5 Branches 162 Tags 807 MiB
11bc26d839
Commit Graph

784 Commits

Author SHA1 Message Date
toddouska
782cb0e077 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-06 14:25:51 -07:00
toddouska
46be3b8508 add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next 2013-09-06 14:24:31 -07:00
Moisés Guimarães
d7a08b1a76 centralizing MAX_DIGEST_SIZE definition in hmac.h 2013-09-06 15:53:46 -03:00
John Safranek
f2c75a9e87 ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values 2013-09-05 15:00:01 -07:00
toddouska
e93a0640f1 break up huge math into individual parts so can add piece by piece, e.g., ECC256 2013-09-03 13:13:13 -07:00
toddouska
f813182efd release update 2013-08-30 12:34:26 -07:00
toddouska
e8fcf35098 add Rsa Public/Private client key exchange callbacks, examples 2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e add Rsa Sign/Verify callbacks, client/server examples 2013-08-26 16:27:29 -07:00
John Safranek
0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72 cleanup build warnings 
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
 2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
John Safranek
64ba0587a3 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-21 22:42:15 -07:00
John Safranek
957cf90118 Added function to read certificate from file into CYASSL_X509 buffer. 2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa add useratomic DecryptVerify Callbacks, example 2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b modified SEP X509 functions to behave like the NAME_oneline function 2013-08-20 16:47:38 -07:00
John Safranek
442886a207 Added x509 accessors for the SEP build certificate additions. 2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9 add atomic user macencrypt cb 2013-08-09 17:27:15 -07:00
toddouska
16db0c234e bump dev version 2013-08-06 15:08:05 -07:00
toddouska
3378f8f25e add DTLS cookie ctx geter 2013-08-06 15:06:33 -07:00
toddouska
5c5cee0789 use external CYASSL_MAX_ERROR_SZ for buffer size 2013-08-06 11:48:00 -07:00
John Safranek
831d9cf640 SEP Profile 
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
   a CYASSL_SESSION record.
 2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4 SEP Profile 
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
 2013-07-28 17:11:22 -07:00
toddouska
505b1a8a67 fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size 2013-07-25 15:59:09 -07:00
Moisés Guimarães
55401c13dd Truncated HMAC first part (protocol). Extension processing will be coded later. 2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457 add IOCb Ctx getters 2013-07-22 11:01:00 -07:00
John Safranek
43f320d5e2 SEP Extensions 
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
   device type.
4. Copy an other type Alt Name extension into the cert as the
   hwType and hwSerialNumber, if the alt name has a
   hardwareModuleName OID.
 2013-07-09 13:23:56 -07:00
Moisés Guimarães
593e466a44 limiting max_fragment API for client side only. 2013-07-01 10:13:43 -03:00
toddouska
98e6ad3ee9 add comverge switch for settings 2013-06-27 10:28:58 -07:00
toddouska
307c71d9cb add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake 2013-06-27 10:26:04 -07:00
toddouska
d0c2e9b7a2 switch comverge settings to ecc by default 2013-06-26 17:05:30 -07:00
toddouska
87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5 Make alert description and level enumerations public. 2013-06-21 14:56:42 -07:00
Moisés Guimarães
4502716fc4 Merge branch 'master' of https://github.com/cyassl/cyassl 2013-06-19 17:04:43 -03:00
Moisés Guimarães
5f3ee80407 added: 
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
 2013-06-19 15:45:06 -03:00
toddouska
85d25798a5 update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing 2013-06-17 14:48:51 -07:00
toddouska
a1f25a9299 release 2.7.0 init 2013-06-17 12:06:37 -07:00
toddouska
8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10 differentiate between THREADX and RTP_SYS 2013-06-14 13:45:25 -07:00
toddouska
33a7d7481d Merge branch 'master' of github.com:cyassl/cyassl 2013-06-03 14:57:40 -07:00
toddouska
ae84982777 add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create() 2013-06-03 14:56:37 -07:00
Moisés Guimarães
f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH 
Added new function to SNI API: CyaSSL_SNI_Matched()
 2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614 Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch) 
Exposed SNI Type at ssl.h
 2013-05-30 15:26:41 -03:00
toddouska
8df0e43384 fix merge differences from this week 2013-05-22 15:50:13 -07:00
toddouska
d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
John Safranek
b347df8d9a DTLS rx size check, ssn10 
Allows for receiving datagrams larger than the MTU that are reassembled
by the IP stack.
 2013-05-21 13:52:22 -07:00
toddouska
fd5937b599 MDK-ARM updates 2013-05-20 17:56:27 -07:00
toddouska
7693b4282a turn on large static buffers for callbacks, easier for user 2013-05-20 12:46:54 -07:00
Chris Conlon
a4c6ed0dda add support for Microchip TCP/IP 6.0 beta 2013-05-17 10:59:18 -06:00
toddouska
dcf88daae7 fix KEIL warnings 2013-05-17 09:49:46 -07:00
toddouska
cfdfa7b2b3 pull in Kojo MDK-ARM projects, changes 2013-05-16 09:47:27 -07:00
Chris Conlon
091c7a7ef3 separate STM32F2 hardware hash support, disable by default 2013-05-15 10:48:35 -06:00
John Safranek
ac716c96d3 Output buffer size check when sending transmit pool. 
1. Added a call to CheckAvailableSize() when sending the DTLS transmit pool.
2. Rename CheckAvailableSize().
 2013-05-13 12:32:47 -07:00
toddouska
32705fb380 make sure pwdbased w/o fastmath works like fastmath define wise 2013-05-10 11:00:37 -07:00
toddouska
8f0b695249 fix leanpsk build with keep cert / session cert 2013-05-09 15:29:25 -07:00
toddouska
47b468d14f add dtls recv timeout max user setting too 2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4 add user setting for dtls recv timeout init value 2013-05-07 16:14:26 -07:00
toddouska
a7228d0463 Merge branch 'master' of github.com:cyassl/cyassl 2013-05-02 11:35:56 -07:00
toddouska
a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00
Chris Conlon
864f0468aa Cygwin/Mingw64 fixes 2013-05-01 14:17:11 -06:00
toddouska
bc1a6282eb bump dev version 2013-04-30 12:56:28 -07:00
John Safranek
d2d25b9b83 refine the SKID/AKID support 2013-04-29 17:09:15 -07:00
toddouska
5a1886656a Merge branch 'master' of github.com:cyassl/cyassl 2013-04-29 14:23:22 -07:00
toddouska
5c4fdb30ad add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid 2013-04-29 14:22:32 -07:00
John Safranek
87048698e5 use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes. 2013-04-29 12:08:16 -07:00
toddouska
791767e026 make sure unloadcas works w/o filesystem 2013-04-26 10:28:30 -07:00
toddouska
411a096b2b add memory versions of session cache save/restore 2013-04-25 17:23:58 -07:00
toddouska
05dd84598b turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11 2013-04-25 15:36:33 -07:00
toddouska
9dbf6a5e10 fix Signer hash size w/o SHA, fix GetCA caList b4 lock 2013-04-25 14:47:09 -07:00
toddouska
942480e6ba fix save cache file problem, version id, and match cache separarte error 2013-04-24 14:17:50 -07:00
toddouska
f12ba533e2 Merge branch 'master' of github.com:cyassl/cyassl 2013-04-24 11:16:35 -07:00
toddouska
956ac08cab add persistent session cache, ssn9 2013-04-24 11:10:23 -07:00
John Safranek
8e5532eb42 Merge branch 'master' of github.com:cyassl/cyassl 2013-04-24 10:37:55 -07:00
John Safranek
c27ebe546d find the subject id and authority subject id extentions when decoding a certificate 2013-04-24 10:37:11 -07:00
toddouska
bad1c32df2 add session cert conversion to x509, and free x509 for dynamic variety 2013-04-23 11:50:06 -07:00
toddouska
4491de3b77 add UnloadCAs ability for CTX or CertManager 2013-04-22 13:18:08 -07:00
toddouska
8c0ee8a6f7 make sure all external APIs at SSL level return SSL_SUCCESS instead of sometimes 0 from old CyaSSL API 2013-04-22 12:43:57 -07:00
toddouska
11d81b86de change windows low res timer return 2013-04-22 10:52:38 -07:00
toddouska
d665e16bd8 add user ctx to verify callback with CyaSSL_SetCertCbCtx 2013-04-18 10:37:10 -07:00
toddouska
729fc1e603 add discardSessionCerts flag for verify callback 2013-04-18 09:11:35 -07:00
toddouska
71a1abebf5 break up sig confirm errors into no sig, crl, and ocsp specific 2013-04-18 08:38:28 -07:00
toddouska
f8ba117cef cleanup 64/128bit type decls for big int libs 2013-04-17 17:26:33 -07:00
toddouska
38dec0b932 bump dev version 2013-04-17 09:41:43 -07:00
Chris Conlon
62a071262c move CYASSL_USER_IO back to MICROCHIP_PIC32 2013-04-17 10:19:18 -06:00
John Safranek
fe13b4b6c6 moved and renamed the CBIO error codes so they are publically available 2013-04-16 12:32:55 -07:00
toddouska
8eee0b1d4c add blake2 headers to dist 2013-04-15 13:22:11 -07:00
toddouska
f29da112c6 version.h update for non autoconf 2013-04-15 11:23:14 -07:00
toddouska
fe0cd26b1e make clear where options.h came from 2013-04-12 16:50:16 -07:00
toddouska
0b7e18040c generate cyassl/options.h based on ./configure flags/settings for user app use 2013-04-12 11:21:38 -07:00
toddouska
8a6bd081c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-04-11 15:00:42 -07:00
toddouska
997d6dccf3 fix windows ipv6 test w/ getaddrinfo 2013-04-11 14:52:04 -07:00
John Safranek
6d49631170 Merge branch 'master' of github.com:cyassl/cyassl 2013-04-11 14:10:32 -07:00
John Safranek
a74ac2b22c added case to DerToPem() to add EC header and footer to the PEM output 2013-04-11 14:03:18 -07:00
toddouska
12f00a7acc change ipv6 tests to use getaddrinfo for better scope id % handling, inet_pton doesn't always work depending on system 2013-04-11 12:30:09 -07:00
toddouska
b5c43d8ad4 don't default to loopback only for ipv6 tests, if inet_pton available allow lookups 2013-04-11 10:12:15 -07:00
toddouska
576cb10732 fix port 0 hack for unit tests with ipv6 2013-04-10 17:09:53 -07:00
toddouska
a2bd6e786d fix leanpsk NO_SHA build 2013-04-10 12:42:51 -07:00
Chris Conlon
27d6c727e0 add MICROCHIP_TCPIP 2013-04-10 09:16:11 -06:00
John Safranek
9b0ffa0249 brought CYASSL_CALLBACK code up to current standard 2013-04-08 15:34:54 -07:00
John Safranek
2dd22938d6 rearranged the HMAC header to tolerate having missing hash types 2013-04-03 17:33:50 -07:00
John Safranek
bf69de7054 if using SHA-512 but not SHA-384, fix so that HMAC still works 2013-04-03 16:41:44 -07:00
Chris Conlon
f73585eec8 HP/UX fixes, strsep impl 2013-04-02 16:27:53 -06:00
John Safranek
e9bc868dbb AES-GCM does not require SHA-384, but will use it if enabled in build; reorder some of the requirement checks to regroup some NO_RSA suite checks 2013-04-01 14:25:20 -07:00
toddouska
332fd68347 add lowmem to stacksize build 2013-03-28 11:38:27 -07:00
toddouska
ee0595f543 add --enable-stacksize to print out stack use info with pthreads for example client/server 2013-03-28 11:28:38 -07:00
toddouska
f396de1191 add DTLS support for alignment 2013-03-27 16:58:27 -07:00
toddouska
8a2936ebd4 Merge branch 'master' of github.com:cyassl/cyassl 2013-03-27 15:12:44 -07:00
toddouska
82e3c00075 add CYASSL_GENERAL_ALIGNMENT detection and setting for TLS alignment attempt 2013-03-27 15:11:49 -07:00
John Safranek
2f6636559d Merge branch 'master' of github.com:cyassl/cyassl 2013-03-27 10:22:56 -07:00
John Safranek
7d287a6ba9 modified test port number to allow concurrent testing 2013-03-26 22:00:39 -07:00
toddouska
14b4bb3b0f change rabbit and hc128 to return values for key and process, will add error rets for alignment issues 2013-03-26 14:42:09 -07:00
toddouska
f601b7bfda move aesni cbc encrypt align check down to crypto layer 2013-03-26 14:13:01 -07:00
toddouska
6bc7ba1592 change AesCBC end/dec to return status, will add failure cases with align checks 2013-03-26 12:36:39 -07:00
toddouska
72926b1eed make sure blake2 calls denote it's the 'b' version, blake2b 2013-03-25 11:35:33 -07:00
John Safranek
436a51a0d7 Merge branch 'ccm' 2013-03-22 17:29:30 -07:00
toddouska
d7c01be8bb blake2 ctc api, test vecs 2013-03-22 13:30:44 -07:00
toddouska
d8b85da693 remove c++ comments, switch to c 2013-03-22 12:10:53 -07:00
John Safranek
f65f86bb88 improvements to CCM, ssn6 2013-03-22 11:30:12 -07:00
toddouska
d6deb690e6 Merge branch 'master' into blake2 2013-03-22 10:20:01 -07:00
toddouska
ace69d1c77 bump dev branch 2013-03-21 19:27:29 -07:00
toddouska
ea9784b32b cast size_t for printf mem output, c99 may not be available 2013-03-21 07:58:53 -07:00
toddouska
ae9265fa44 add macpi huffman 2013-03-20 14:37:05 -07:00
toddouska
7d7a72f2a6 add hmac sha512 2013-03-20 12:26:55 -07:00
toddouska
e19c65da8b Merge branch 'master' of github.com:cyassl/cyassl 2013-03-20 10:21:05 -07:00
toddouska
8564014983 add mcapi hash with tests 2013-03-20 10:14:06 -07:00
John Safranek
692dc09d10 Merge branch 'compress' 2013-03-20 10:05:49 -07:00
John Safranek
615f652bd0 filled out our Compress and DeCompress functions, updated the test case 2013-03-20 09:58:31 -07:00
John Safranek
fc928e7725 added stubs and a test for ctaocrypt compress 2013-03-19 16:25:58 -07:00
toddouska
4f9e915bc1 add KEEP_PEER_CERT flag for non opensslextra peer cert storage, ssn3 2013-03-19 12:18:52 -07:00
toddouska
88938390ba fix track memroy overread on realloc example problem 2013-03-18 11:17:34 -07:00
toddouska
e3f72effb2 fix memory track free return warning 2013-03-15 15:30:03 -07:00
toddouska
8e3f83e152 bump dev branch version 2013-03-15 15:13:08 -07:00
toddouska
31b03c8a2d dtls defaults to no static buffers now, fix valgrind errors with dtls 2013-03-15 14:21:36 -07:00
toddouska
543108bdcc add memory tracker to example client and server if using default memory cbs 2013-03-15 13:17:05 -07:00
toddouska
2dfec3c6f1 add CYASSL prefix to WORD/BIT enums 2013-03-13 16:49:20 -07:00
toddouska
e515638503 make EmbedGenerateCookie a callback, USER_IO can install their own or default to ours 2013-03-13 16:41:50 -07:00
toddouska
b9a7407d31 make sure FreeRTOS defines aren't redefs 2013-03-13 13:14:01 -07:00
toddouska
f0c48fba45 bump version for tag download 2013-03-13 10:14:06 -07:00
toddouska
dbe83c7405 fix typos 2013-03-12 15:56:58 -07:00
toddouska
a868451d72 add NO_64BIT flag to normal and fastmath to use a 32 bit accumulator for multiply when 64 bit actually slows it down 2013-03-12 15:52:47 -07:00
toddouska
ec0a4d45cb add --enable-memory, build, disable runtime memory cbs, check leanpsk 2013-03-12 13:31:14 -07:00
toddouska
7914938e60 --enable-md5 and build, needs NO_OLD_TLS, suite test version check 2013-03-11 17:37:08 -07:00
toddouska
f232ff84b4 add --enable-pwdbased and build, opensslextra needs 2013-03-11 17:01:05 -07:00
toddouska
49e62f0858 fix general NO_SHA NO_ASN NO_CERTS NO_SESSION_CACHE builds/examples 2013-03-11 16:07:46 -07:00
toddouska
87ad65d33f add --disable-rsa, bump dev version 2013-03-11 12:49:59 -07:00
toddouska
7ce9315173 Merge branch 'master' of github.com:cyassl/cyassl 2013-03-11 11:00:47 -07:00
toddouska
47e7e27bb2 add cipher suite check to suite tests to make adding test cases easier 2013-03-11 10:59:08 -07:00
John Safranek
20e4889092 Merge branch 'dtls' 
Conflicts:
	src/ssl.c
 2013-03-08 17:45:35 -08:00
John Safranek
43ed4a7424 added test cases and fixed a bug with AEAD ciphers with DTLSv1.2. 2013-03-07 22:52:51 -08:00
toddouska
6b3a80366f NO_RSA with ecc build fixes 2013-03-07 18:10:18 -08:00
toddouska
85b3346bbf NO_RSA build, cipher suite tests need work for this build optoin, ssn2 2013-03-07 17:44:40 -08:00
John Safranek
591e1fc772 DTLSv1.2, fixed DTLS socket timeout 2013-03-06 23:02:33 -08:00
John Safranek
49e67487e7 Merge branch 'master' of github.com:cyassl/cyassl 2013-03-04 17:16:32 -08:00
John Safranek
d52fe96063 added AES-CBC-SHA256 and SHA384 cipher suites. 2013-03-04 13:25:46 -08:00
toddouska
43b8300896 windows shadow fix 2013-03-04 12:30:36 -08:00
toddouska
98e766e770 our type changes 2013-02-28 17:51:35 -08:00
toddouska
3319ed9921 Merge branch 'master' into blake2 2013-02-28 16:50:45 -08:00
toddouska
cc9ac1846d fix ecc w/ no rsa send cert verify and server flag for missing cert verify 2013-02-26 22:24:34 -08:00
toddouska
e947c86e67 add license, bring up to date 2013-02-22 15:52:20 -08:00
toddouska
48303918c2 Merge branch 'master' into blake2 2013-02-22 15:22:02 -08:00
John Safranek
6ff39cffe4 Merge branch 'dtls' 
Conflicts:
	cyassl/ctaocrypt/types.h
 2013-02-20 17:08:22 -08:00
John Safranek
2c1ed7c11c removed old defragmentation code. fixed new defragment code. 2013-02-20 08:35:33 -08:00
John Safranek
bdadeab342 added storing of out-of-order and fragmented message, missing processing of the stored list 2013-02-19 16:06:02 -08:00
toddouska
07baa27b20 fix scan build for fastmath, dtls, ecc, psk, sha512 2013-02-19 12:53:58 -08:00
John Safranek
116f2403d0 updated the list for storing out of order messages 2013-02-19 12:51:02 -08:00
John Safranek
87cad7a966 merge branch tls12 into master 2013-02-18 14:36:50 -08:00
toddouska
dfa1553548 3rd scan build fixes 2013-02-14 16:23:48 -08:00
toddouska
9ea3371079 2nd round scan build 2013-02-14 16:00:45 -08:00
toddouska
62ef5de25c scan build fixes 2013-02-14 14:09:41 -08:00
John Safranek
982b72796e added list for DTLS handshake datagram reordering 2013-02-07 11:26:02 -08:00
toddouska
44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska
f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
toddouska
36f62a5707 fix CyaSSL_write memory error return, bump dev version 2013-02-04 14:11:20 -08:00
toddouska
543d81ba97 release 2.5.0 2013-02-04 13:11:21 -08:00
Todd Ouska
44b6593fe5 add cavium ciphers to SSL, and example client 2013-02-01 12:21:38 -08:00
Todd Ouska
01703281cc add cavium RSA to ctaocrypt 2013-01-31 15:55:29 -08:00
Chris Conlon
5d29bf1e49 add MPLAB X projects, PIC32 GenerateSeed() 2013-01-30 18:02:18 -07:00
Chris Conlon
3ff842168e add cert/key buffer flags in CTaoCrypt benchmark for RSA, DH 2013-01-30 10:13:56 -07:00
Todd Ouska
6edfb2a601 Merge branch 'master' of github.com:cyassl/cyassl 2013-01-29 16:25:35 -08:00
Todd Ouska
a361f5c4bf initial cavium, crypto only, no rsa 2013-01-29 16:22:49 -08:00
Chris Conlon
532f0aaee7 add ability to use cert/key buffers in CTaoCrypt test app 2013-01-28 17:15:28 -07:00
John Safranek
b17b81ef43 added sanity check on return from recv callback 2013-01-24 14:44:08 -08:00
John Safranek
6616975f81 added AES-CCM-8 ECC cipher suites, and more test cases 2013-01-21 15:19:45 -08:00
toddouska
9f77aea1f8 Merge branch 'master' into blake2 2013-01-21 10:56:46 -08:00
John Safranek
a453ccba57 Added TLS support for Camellia 2013-01-21 10:53:42 -08:00
John Safranek
2e2de4cf4d added the cammelia cipher, updated the test cases 2013-01-18 17:26:49 -08:00
John Safranek
b8b968d77f added tests for setting Camellia key and IV 2013-01-18 13:48:30 -08:00
John Safranek
f65b0fc092 brought the camellia interface to match AES's more 2013-01-18 09:57:41 -08:00
John Safranek
d5bf944630 enabled the proper Camellia test, but mocked the encrypt and decrypt functions to pass the test 2013-01-17 22:09:55 -08:00
John Safranek
425d418dee added stubs, tests, and benchmark for Camellia to ctaocrypt 2013-01-17 21:52:31 -08:00
toddouska
fe0772bcbf Merge branch 'master' into blake2 2013-01-17 16:08:47 -08:00
toddouska
dfca5f82dd Merge branch 'master' of github.com:cyassl/cyassl 2013-01-17 06:51:59 -08:00
toddouska
86c20f0e38 fix dtls server example to bind to any when specified 2013-01-17 06:51:37 -08:00
John Safranek
ccff37f4b1 added TLS support for AES-CCM-8 2013-01-15 15:20:30 -08:00
John Safranek
eb221238c2 separated TLS-AEAD and AES-GCM so TLS-AEAD can also use AES-CCM 2013-01-14 15:59:53 -08:00
John Safranek
d1515f8ee6 Merge branch 'ccm' 2013-01-10 16:42:03 -08:00
John Safranek
05165bc09e Added AES-CCM encrypt/decrypt, test fuction, benchmark function. 2013-01-10 16:38:52 -08:00
John Safranek
e85caee845 added tests, prototypes, and stubs for AES-CCM 2013-01-08 12:16:53 -08:00
toddouska
eeb11a6e51 fix rabbit and hc128 CTaoCrypt test buffers for aligned access only, allow TLS on intel w/o aligned stream buffers, otherwise align 2013-01-07 14:06:58 -08:00
John Safranek
f756573401 Merge branch 'ocsp-test' 2013-01-04 14:11:47 -08:00
John Safranek
ac227910f1 modify OCSP to use a replacable callback to perform the OCSP transaction 2013-01-03 17:19:56 -08:00
toddouska
53e4c2ed72 fix pvs studio warnings 2013-01-02 11:39:12 -08:00
toddouska
0c363a17f1 init blake2 2012-12-31 13:10:47 -08:00
toddouska
6d3728fe61 fix ripemd compression round 2012-12-28 14:19:28 -08:00
toddouska
4c9595c419 bump version 2012-12-28 14:07:49 -08:00
toddouska
561906cffd Merge branch 'master' of github.com:cyassl/cyassl 2012-12-27 16:36:48 -08:00
toddouska
f0bc61a5d3 add more robust pad/verify checks 2012-12-27 16:35:43 -08:00
John Safranek
e70838e984 Merge branch 'ecc' 2012-12-27 11:41:20 -08:00
John Safranek
581f91b984 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-27 11:40:17 -08:00
Chris Conlon
254d53bb18 add CYASSL_STM32F2 define, LwIP errno.h 2012-12-27 10:06:29 -07:00
John Safranek
d993ee1969 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-26 21:53:20 -08:00
John Safranek
cf114b92df made the ecc keys in the CYASSL struct dynamic 2012-12-26 16:39:19 -08:00
Chris Conlon
ea3dc3d834 add STM32F2 AES, DES, 3DES support 2012-12-26 15:18:57 -07:00
Chris Conlon
a7e0f4e483 add STM32F2 SHA1, MD5 support 2012-12-26 15:16:39 -07:00
John Safranek
6913a46331 Merge branch 'master' of github.com:cyassl/cyassl 2012-12-26 10:40:28 -08:00
toddouska
9c58f70e29 add ciphertext size sanity checks 2012-12-24 15:40:09 -08:00
John Safranek
831c760edc Merge branch 'ocsp' 
Fixes some bugs in the ocsp code, and adds a new option to skip nonces.
 2012-12-20 16:26:49 -08:00
toddouska
541deaa0c0 release 2.4.6 2012-12-20 13:25:32 -08:00
John Safranek
4e657debfc added the ability to disable OCSP nonces 2012-12-19 10:18:11 -08:00
toddouska
96cc05b7b1 fix shadow warning 2012-12-18 11:40:45 -08:00
John Safranek
c314dc3940 Merge branch 'master' into ocsp 2012-12-14 14:23:53 -08:00
toddouska
a108c5565e get release 2.4.4 ready 2012-12-12 17:13:33 -08:00
toddouska
3a98eb7578 fix for current working directory, relative path instead of absolute, suggestion from SpamapS 2012-12-12 10:57:05 -08:00
John Safranek
831e643a24 fixed file name in comment 2012-12-12 10:14:38 -08:00
John Safranek
f71376a42b Merge branch 'master' of github.com:cyassl/cyassl 2012-11-30 15:48:56 -08:00
John Safranek
8c97675979 Lean PSK trimming 
1. leave out memory and io callback functions, expect user supplied
2. leave out cert and DTLS related functions
3. SHA-1 compile option to use slower, rolled-up transform
 2012-11-30 15:45:43 -08:00
toddouska
f23013b8a7 remove runtime memory callback use for leanpsk 2012-11-30 15:41:01 -08:00
toddouska
6e4d33eb00 move ProtocolVersion struct members directly into RecordLayerHeader 2012-11-28 16:34:41 -08:00
John Safranek
77bf77dfd7 Merge branch 'master' of github.com:cyassl/cyassl 2012-11-27 22:19:01 -08:00
John Safranek
66a3ce2ec1 added SHA-256 based RNG when setting NO_RC4 compile flag 2012-11-27 22:17:25 -08:00
toddouska
faa7283ff3 fix crl resource leaks 2012-11-27 11:36:36 -08:00
John Safranek
f8f7f69f48 compile option to leave out MD5 and SSL code 2012-11-26 18:40:43 -08:00
John Safranek
a89398fdbc added the cipher suites PSK-NULL-SHA256 and PSK-AES128-CBC-SHA256 2012-11-20 14:52:17 -08:00
toddouska
dd259b12c7 add CyaSSL_peek() 2012-11-16 12:16:00 -08:00
toddouska
9ac2eaa3d6 fix ipv6 unused warning, add os check for crl monitor 2012-11-16 10:47:13 -08:00
toddouska
4a7e56442a bump dev version 2012-11-14 17:57:27 -08:00
toddouska
4a007a2fa0 make MAX_CHAIN_DEPTH a build time define and default to 9 2012-11-05 10:40:06 -08:00
Chris Conlon
11c8e5afb8 add support for Kinetis K70 HW RNGA 2012-11-02 17:49:30 -06:00
John Safranek
9aa8b71525 Merge branch 'nocerts' 2012-11-01 15:47:02 -07:00
John Safranek
134c6b8b1b cleaning warnings in OCSP build 2012-11-01 15:03:29 -07:00
toddouska
ae905d70c4 crl warning fixes 2012-11-01 14:14:40 -07:00
John Safranek
85e8f1988a leanpsk build removes cert code, moved ctaocrypt error strings to own file 2012-11-01 12:36:47 -07:00
toddouska
0e2c236e77 fix x64 windows warnings, make sure word is 64bit 2012-11-01 12:21:47 -07:00
Chris Conlon
f6304ae37a add support for Freescale MQX 2012-11-01 11:23:42 -06:00
toddouska
01138a5c53 fix stack-check warnings for newer versions but fastmath still has some so take away warning for now 2012-10-30 17:35:12 -07:00
toddouska
f175bd302d bump dev version 2012-10-30 16:23:59 -07:00
John Safranek
174618ebfb added build option for leanPSK 2012-10-29 15:39:42 -07:00
toddouska
35b4f08049 add CyaSSL_send()/recv() with flags parameter 2012-10-26 15:09:58 -07:00
toddouska
d4d5243f4d add user ability to set IO read/write flags 2012-10-25 14:17:11 -07:00
toddouska
0bbbea20be switch sniffer buffers to dynamic, reduce holding memory if large number of sessions cached 2012-10-24 17:37:57 -07:00
toddouska
f969bc3645 if sniffer sees ACK for missing packet(s) set to error, can't recover 2012-10-24 13:33:11 -07:00
toddouska
3461c12083 Brian's c++/clang fixes, minor adjustments 2012-10-22 11:37:46 -07:00
toddouska
cb08eb672e Merge branch 'master' of https://github.com/BrianAker/cyassl 2012-10-22 10:56:53 -07:00
Brian Aker
ac998a0f7c Remove version (it is a generated file), also updated how visibility is done. 2012-10-20 21:24:28 -04:00
John Safranek
a92b639155 add optional null cipher support for RSA 2012-10-19 20:52:22 -07:00
Brian Aker
1bc0dc53f9 Fixes for hardening flags. 
Additional fixes for using C++ compiler to compile.

Include file pcap.h now gates sniffer for build.
 2012-10-19 22:00:17 -04:00
toddouska
c974d77213 add shorten 64 to 32 warnings back on with fixes 2012-10-19 12:44:23 -07:00
John Safranek
346a52a58c add optional null cipher support for PSK 2012-10-19 10:37:21 -07:00
toddouska
e3f54f332e Merge branch 'master' of github.com:cyassl/cyassl 2012-10-17 13:38:58 -07:00
toddouska
cc0c89b02d psk test warning fixes 2012-10-17 13:38:49 -07:00
John Safranek
454bfa4abd Merge branch 'master' of github.com:cyassl/cyassl 2012-10-17 13:14:34 -07:00
John Safranek
fe632a3f77 added non-blocking and session resume as example server and client command line options 2012-10-17 13:13:58 -07:00
toddouska
ef47f1a25e fix with libz dynamic type 2012-10-17 10:09:28 -07:00
toddouska
c11620f9b4 Merge branch 'master' of github.com:cyassl/cyassl 2012-10-17 10:05:05 -07:00
toddouska
dc708f4f5b turn on webserver build for some settings 2012-10-17 10:04:44 -07:00
John Safranek
8760e6ac3e fixed build warnings & aes-gcm/ni conflict 2012-10-10 12:15:13 -07:00
John Safranek
a503f13321 update readme and version number 2012-10-10 08:55:53 -07:00
John Safranek
e673b1852a fixed windows build warnings 2012-10-09 16:13:05 -07:00
John Safranek
400b1f1ae6 test client and server use select in non-blocking mode 2012-10-08 15:49:30 -07:00
John Safranek
397fbb743f Merge branch 'master' of github.com:cyassl/cyassl 2012-10-03 15:33:23 -07:00
toddouska
e970cdfbc0 init cipher specs, check client key exchange state b4 process 2012-10-03 11:57:20 -07:00
John Safranek
f7c740df8f Merge branch 'master' of github.com:cyassl/cyassl 2012-10-03 09:36:43 -07:00
toddouska
5f598e2649 SIGPIPE ignore if no SO_NOSIGPIPE 2012-10-02 22:02:50 -07:00
John Safranek
9bbca6acfb Merge branch 'master' of github.com:cyassl/cyassl 2012-10-02 14:42:06 -07:00
John Safranek
6d1e485ef4 DTLS to use recvfrom and sendto in embed recv and send callbacks. Added support for storing dtls peer address. 2012-10-02 09:15:50 -07:00
toddouska
e0413df92a add key setup flag for malicious or misbehaving handshake messages with new memory system 2012-10-01 11:32:05 -07:00
toddouska
2c25481e7d add AesSetKeyDirect for Ctr and Direct when also using aesni 2012-09-28 15:01:07 -07:00
John Safranek
07c37ed50c Merge branch 'master' of github.com:cyassl/cyassl 2012-09-27 11:42:57 -07:00
toddouska
d5d24df32a nonblocking warning fixes 2012-09-27 10:31:38 -07:00
John Safranek
dfb84dff37 added accessors for CYASSL members for use in send/recv callbacks 2012-09-25 15:51:56 -07:00
John Safranek
cd0226924a Merge branch 'master' of github.com:cyassl/cyassl 2012-09-21 16:37:34 -07:00
John Safranek
9643e58dad fixed bug for Windows build 2012-09-21 16:36:48 -07:00
toddouska
4e19c234f4 fix new warnings on linux64 2012-09-21 13:29:04 -07:00
toddouska
7716da0881 warn fix 2012-09-20 15:39:15 -07:00
toddouska
19e50cd46a fix old-style warnings 2012-09-20 12:11:42 -07:00
Brian Aker
5fce4edb68 This adds more compiler hardening flags (and fixes all of the issues 
found in the process).
 2012-09-19 23:38:41 -07:00
John Safranek
d1baa9f541 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-18 08:46:11 -07:00
toddouska
53ccbddd01 allow meta PEM data at end of file too 2012-09-17 17:25:38 -07:00
John Safranek
40eb5b3cc5 DTLS resend allocates only enough buffer when needed 2012-09-17 09:52:20 -07:00
John Safranek
40972868ce fix merge conflicts 2012-09-14 21:19:06 -07:00
John Safranek
7899252104 dtls handshake improvement 2012-09-14 19:30:50 -07:00
John Safranek
56ee2eaba8 added dtls message retry 2012-09-14 09:35:34 -07:00
John Safranek
97ca8439a4 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-07 08:30:03 -07:00
John Safranek
407397e8be adding DTLS retry timeout, added CYASSL pointer to recv/send callbacks 2012-09-06 22:41:55 -07:00
toddouska
8c32a5a2ed make RNG in ssl dynamic, release after hs if stream or < tls1.1 2012-09-05 16:18:29 -07:00
toddouska
9ddf43268d use dynamic memory for ssl ciphers, only use what needed 2012-09-05 12:30:51 -07:00
toddouska
c47afaf84f make suites object dynamic, only use during handshake 2012-09-05 10:17:48 -07:00
toddouska
43a0a21fb6 add GetOjbectSize for CYASSL* 2012-09-05 08:26:08 -07:00
toddouska
6943229f87 reduce client key exchange stack use in non NTRU mode 2012-09-04 15:56:52 -07:00
toddouska
1ba8aff525 don't allow corrupted change cipher (fix by antoxa), don't allow multiple decryptions of corrupted messages 2012-09-04 11:37:47 -07:00
toddouska
2bee126062 clang scan-build fixes 2012-09-04 10:48:26 -07:00
John Safranek
6ce42706fe Merge branch 'master' of github.com:cyassl/cyassl 2012-08-28 15:58:38 -07:00
toddouska
bdac618c3a track version.h for pure windows build 2012-08-28 12:48:19 -07:00
John Safranek
820d934ae8 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-28 09:37:02 -07:00
toddouska
0534d44c9e don't assume non-Intel CodeWarrior BigEndian anymore 2012-08-23 17:05:58 -07:00
John Safranek
457e214777 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-23 16:05:09 -07:00
John Safranek
561a7fc35d drop out of order dtls packets 2012-08-23 15:50:56 -07:00
toddouska
f8ffb086ec tcp errno for SafeRTOS/lwip 2012-08-23 09:45:23 -07:00
John Safranek
f6cca6049f Merge branch 'master' of github.com:cyassl/cyassl 2012-08-22 16:16:49 -07:00
toddouska
87762e9012 SafeRTOS client test fixes 2012-08-22 11:07:40 -07:00
toddouska
7a12fb3e6b IAR inlining and enum warning off 2012-08-20 16:58:11 -07:00
toddouska
f1ed3cefc4 SafeRTOS memory macros 2012-08-20 16:38:43 -07:00
John Safranek
c20eb88d3d Merge branch 'master' of github.com:cyassl/cyassl 2012-08-17 14:21:17 -07:00
toddouska
690938ffd4 lsr fs macros 2012-08-17 13:45:31 -07:00
toddouska
03356be00b fix verify_callback local declaration after beginning 2012-08-17 12:51:37 -07:00
toddouska
925ddb6626 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-15 17:00:34 -07:00
toddouska
05692e1d6a IAR fixes, SafeRTOS port, better LWIP support 2012-08-15 17:00:11 -07:00
John Safranek
c42792e0f1 fix compiler warnings 2012-08-14 13:51:56 -07:00
John Safranek
9d912970c8 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-13 17:33:20 -07:00
Chris Conlon
7ec04c16b6 EBSnet RTIP support 2012-08-13 17:10:05 -06:00
John Safranek
70552ef8e1 added DTLS handshake message defragmentation 2012-08-10 10:24:31 -07:00
John Safranek
11df1d25d4 fixed the dtls handshake header handling 2012-08-09 13:27:30 -07:00
toddouska
18c3679444 fix DLTS cookieSz init problem 2012-08-08 16:56:19 -07:00
toddouska
08ff33894f add ECDH static cipher suite tests including RSA signed ECDH, clean up code with haveECDSA -> haveECDSAsig 2012-08-08 15:09:26 -07:00
toddouska
d494254864 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-08 11:36:08 -07:00
toddouska
eedc2f3e47 fix SESSION_CERTS and SHOW_CERTS example with CyaSSL API 2012-08-08 11:35:39 -07:00
John Safranek
3747246133 added the generation, verification, and client usage of DTLS handshake cookies 2012-08-08 10:38:12 -07:00
toddouska
706bd8a910 add cipher suite client/server driver 2012-08-06 17:14:31 -07:00
toddouska
644726a3fc fix clang warnings on test.h 2012-08-02 17:37:08 -07:00
toddouska
bdf11587c2 Merge branch 'master' of github.com:cyassl/cyassl 2012-08-02 11:55:07 -07:00
toddouska
90446c3c5f add -u for DTLS UPD command line client/server examples 2012-08-02 11:54:49 -07:00
Chris Conlon
afa27f0021 FreeRTOS threads support, windows simulator support 2012-08-02 09:54:41 -06:00
toddouska
90385bb4b3 fix windows build with command line examples 2012-08-01 17:33:49 -07:00
toddouska
aecdb33e4e Merge branch 'master' of github.com:cyassl/cyassl 2012-08-01 12:55:32 -07:00
toddouska
68e5124644 change example client to command line options too, same as server 2012-08-01 12:55:13 -07:00
John Safranek
b8b5e7b873 Merge branch 'master' of github.com:cyassl/cyassl 2012-07-31 18:42:44 -07:00
toddouska
a5af2e3d51 add altname retrieval from peer cert 2012-07-31 17:45:48 -07:00
John Safranek
368afbb815 Merge branch 'master' of github.com:cyassl/cyassl 2012-07-31 10:11:21 -07:00
John Safranek
e716380bad fixed a bug where aes-gcm required opensslExtra at build configure 2012-07-31 10:07:33 -07:00
John Safranek
9b8c5fb40e aes-gcm: modified to use sequence number rather that a random explicit IV 2012-07-31 09:32:29 -07:00
toddouska
3401bba8a2 Merge branch 'master' of github.com:cyassl/cyassl 2012-07-30 11:59:11 -07:00
toddouska
f904c598ed make server example more generic with short command opts 2012-07-30 11:58:57 -07:00
toddouska
e0328ef78a allow zero legnth asn names, remove weird subjectcn len as zero means we own, use stored flag instead 2012-07-27 16:51:46 -07:00
toddouska
85889f7fb9 add md2 signature hash support 2012-07-27 14:01:02 -07:00
toddouska
e2eb1b78cc Merge branch 'master' of github.com:cyassl/cyassl 2012-07-27 12:32:42 -07:00
toddouska
6e84ab1271 add max chain depth unique error, increase depth to 6 2012-07-27 12:32:22 -07:00
John Safranek
3cd231bdfc Merge branch 'master' of github.com:cyassl/cyassl 2012-07-24 15:04:16 -07:00
toddouska
6d3c7d8c59 allow bigger MTU record for sniffer 2012-07-20 13:04:03 -07:00
John Safranek
489fbf17fe Merge branch 'master' of github.com:cyassl/cyassl 2012-07-19 17:22:16 -07:00