Chris Conlon
9d74775934
add fips file placeholders
2014-03-26 23:40:07 -06:00
toddouska
717f3adb47
fix item 9 from report by Ivan Fratric of the Google Security Team
2014-03-26 13:28:19 -07:00
toddouska
d5be4c4663
SHA-256 fips mode
2014-03-25 17:11:15 -07:00
toddouska
18d178f325
add ShaFinal fips mode
2014-03-25 16:20:03 -07:00
toddouska
b41186a6dd
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-25 16:02:12 -07:00
toddouska
3607db9077
add SHA1 fips mode
2014-03-25 16:01:17 -07:00
toddouska
b6fc109c1d
add ecc_ctx_reset() so user can reuse ctx w/o init/free
2014-03-25 12:48:25 -07:00
toddouska
fb6d671629
resolve pull request merge conflict
2014-03-25 11:39:07 -07:00
toddouska
0ea10a4388
add 3DES fips mode
2014-03-24 13:37:52 -07:00
John Safranek
e19e2a801d
Ext Key Usage
...
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
2014-03-21 09:37:10 -07:00
John Safranek
08ae775406
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-21 09:34:08 -07:00
toddouska
98c6e3f3af
have Base16 Decode on for FIPS tests
2014-03-20 11:38:14 -07:00
toddouska
8bc6bf9424
add lower case support to Base16 decode for better known answer test support, export
2014-03-20 10:31:52 -07:00
John Safranek
1e041abf04
decode Extended Key Usage extension
2014-03-20 10:07:47 -07:00
toddouska
58885b36eb
add AesCbc fips mode
2014-03-19 16:43:52 -07:00
toddouska
388436c53e
add AesSetKey fips mode
2014-03-19 13:56:11 -07:00
toddouska
faecf7f849
require thread local storage for power on self thread check
2014-03-19 10:19:08 -07:00
toddouska
be9451fbc5
rm --cahced didn't work to stop tracking
2014-03-19 09:55:20 -07:00
toddouska
8bbc30f3e1
add fips enable switch
2014-03-19 09:43:57 -07:00
toddouska
90b08761c4
fix benchmark output with 3 decimals
2014-03-18 12:28:54 -07:00
John Safranek
ac452eebdc
in DecodeAltNames, skip unknown name types, don't treat as error
2014-03-18 09:24:07 -07:00
John Safranek
bcd7f03495
X.509
...
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
2014-03-14 15:48:33 -07:00
toddouska
b56ecd1842
add enable-iopool , simple I/O pool example using memory overrides
2014-03-13 18:54:51 -07:00
John Safranek
4724c23a05
added critical extension error to error strings
2014-03-13 11:15:16 -07:00
John Safranek
1c35e5929a
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-12 15:41:40 -07:00
John Safranek
dc14fafb2e
reversed a change to clear a warning, replaced some tabs
2014-03-12 14:32:02 -07:00
John Safranek
dcb39d5554
bug fixes
2014-03-12 05:50:37 -07:00
John Safranek
92c31d81f9
X.509 with unsupported critical extensions should be rejected
2014-03-11 11:50:45 -07:00
John Safranek
65475fdfe3
Merge branch 'PIC32MZ' of github.com:kojo1/cyassl-test into kojo1-PIC32MZ
...
Conflicts:
ctaocrypt/benchmark/benchmark.c
2014-03-11 09:54:36 -07:00
John Safranek
6f55549fed
fixes for Xcode 5.1, clang 503.0.38 stricter with some warnings
2014-03-11 09:38:36 -07:00
Takashi Kojo
e02fa2c571
random.c, indentation
2014-03-11 13:53:37 +09:00
Takashi Kojo
5dbe391d92
sha256.c, mplabx/test_main.c
2014-03-11 13:43:24 +09:00
Takashi Kojo
6235c949b3
PIC32MZ
2014-03-11 11:32:16 +09:00
Takashi Kojo
a9ca608030
Sync with CyaSSL master
2014-03-11 11:22:39 +09:00
Takashi Kojo
3e41d8cecb
Merge branch 'PIC32MZ-HWCrypt'
...
Conflicts:
configure.ac
ctaocrypt/benchmark/benchmark.c
ctaocrypt/src/asn.c
ctaocrypt/src/coding.c
ctaocrypt/src/des3.c
ctaocrypt/src/md5.c
ctaocrypt/src/random.c
ctaocrypt/src/sha.c
ctaocrypt/src/sha256.c
cyassl/ctaocrypt/aes.h
cyassl/ctaocrypt/settings.h
cyassl/ssl.h
cyassl/version.h
examples/server/server.c
m4/ax_debug.m4
m4/ax_tls.m4
mplabx/benchmark_main.c
mplabx/ctaocrypt_test.X/nbproject/configurations.xml
mplabx/test_main.c
src/io.c
src/ocsp.c
src/ssl.c
src/tls.c
testsuite/testsuite.c
2014-03-11 10:11:36 +09:00
Takashi Kojo
8ea2eec773
Merge https://github.com/cyassl/cyassl
2014-03-11 09:55:57 +09:00
Takashi Kojo
a12fe60723
Add AES-Counter to benchmark.c
2014-03-10 10:46:40 +09:00
Takashi Kojo
e5a51ca516
PIC32MZ Crypt Engine
2014-03-04 22:10:19 +09:00
Takashi Kojo
f5922255b0
Catching up 2.9.0
2014-03-04 22:09:38 +09:00
toddouska
f1597c86b1
fix clang -Wconversion except -Wsign-conversion
2014-03-03 16:46:48 -08:00
toddouska
1fd6245600
fix all clang warnings except Wpadded (diagnostic), Wconversion which inludes Wsign-conversion (implicit conversions part of standard)
2014-03-03 13:27:52 -08:00
John Safranek
ec7c79c12e
fix a couple more uninitialized variables
2014-03-02 18:38:12 -08:00
toddouska
a50d2e1e21
fix -Wcast-align
2014-03-02 11:47:43 -08:00
toddouska
f0f6497526
fix -Wconditional-uninitialized
2014-03-02 11:11:39 -08:00
toddouska
7b00374930
fix -Wmissing-variable-declarations
2014-03-02 11:06:41 -08:00
toddouska
ac7cb3c8aa
add -Wunreachable-code
2014-02-24 11:15:22 -08:00
toddouska
45859e97bf
fix arm thumb mode assembly
2014-02-18 16:45:43 -08:00
Chris Conlon
cf6eaf219a
tyto build - add GenerateSeed, exclude ctype.h, test.h
2014-02-12 13:39:38 -07:00
John Safranek
f1c2250652
fix static analysis warning, g++ compile warning
2014-02-07 14:52:44 -08:00
John Safranek
f669e73c8d
Merge branch 'master' of github.com:cyassl/cyassl
2014-02-03 14:49:38 -08:00
John Safranek
2758f40a09
For OCSP, when decoding X.509 Auth Info Access record, find the first
...
OCSP responder, rather than only looking at the first item.
2014-02-03 14:39:41 -08:00
Takashi Kojo
80cf1b20b3
Merge https://github.com/cyassl/cyassl
...
Conflicts:
configure.ac
ctaocrypt/src/asn.c
cyassl/ctaocrypt/asn.h
cyassl/ctaocrypt/settings.h
src/internal.c
src/io.c
2014-02-03 09:01:50 +09:00
toddouska
51b3b1cb6c
fix pkCurveOID c files, doesn't require openssl extra
2014-02-01 12:14:41 -08:00
Moisés Guimarães
de6a537896
exporting pkCurve info to ctx and ssl
2014-01-31 16:52:14 -03:00
Takashi Kojo
07af9913c3
LwIP native TCP
2014-01-31 08:49:39 +09:00
Takashi Kojo
e28d256197
CyaSSL master, 2.8.6
2014-01-31 08:44:42 +09:00
John Safranek
12e9309618
fix Windows function name conflict
2014-01-28 12:30:01 -08:00
John Safranek
631cfbcf27
fix output size check bug
2014-01-28 11:57:49 -08:00
toddouska
2084e9869d
fix pkcs7 leaks with normal math
2014-01-27 16:29:15 -08:00
toddouska
e040e0ba7a
fix scep 32
2014-01-27 12:50:29 -08:00
toddouska
c0f9780c70
fix challenge pwd init bug
2014-01-24 14:08:14 -08:00
toddouska
21c9eb7b22
fix forgotten leading 0 on SetRsaPublicKey
2014-01-24 13:58:20 -08:00
toddouska
5945723d87
linux pkcs7 build fixes
2014-01-24 13:15:26 -08:00
John Safranek
1dac5d28e3
Allow PKCS7_VerifyDecodedData to have an empty set of SignerInfos. Save first certificate.
2014-01-24 12:14:53 -08:00
John Safranek
595fe0b445
Merge branch 'master' of github.com:cyassl/cyassl
2014-01-23 21:48:37 -08:00
toddouska
18365df209
add non block length test case, including test again, to aes ctr
2014-01-23 15:18:42 -08:00
Chris Conlon
43199cd573
PKCS7_DecodeEnvelopedData, only do ParseCert once in PKCS7_InitWithCert
2014-01-23 14:48:18 -07:00
toddouska
45c05ffd30
add non block size AesCtr support
2014-01-23 12:34:27 -08:00
John Safranek
0972fbbf9d
PKCS7_VerifySignedMessage() decodes more of the
...
message and performs an RSA verify on it.
2014-01-23 11:24:50 -08:00
Chris Conlon
9f8dcccc61
PKCS7_DecodeEnvelopedData, RsaPrivateDecryptInline can return 0 upon error
2014-01-22 15:26:43 -07:00
John Safranek
38c2373c4f
PKCS7_VerifySignedData() also saves pointer to signed data.
2014-01-21 22:11:21 -08:00
John Safranek
15f94b2f98
1. Resized sample PKCS7 signed data attribute.
...
2. Removed unnecessary PKCS7 signed data attribute.
2014-01-21 11:45:15 -08:00
John Safranek
c35a635fd7
Added initial PKCS7_VerifySignedData(). Only saves
...
the first included certificate if available.
2014-01-20 15:52:41 -08:00
John Safranek
2187955fe9
Merge branch 'master' of github.com:cyassl/cyassl
2014-01-20 10:53:14 -08:00
John Safranek
28f3a2dc21
Added deallocator function for PKCS7 initializer data.
2014-01-20 10:51:26 -08:00
Chris Conlon
ce7fe56de5
adjust next PKCS#7 envelopedData recipient check
2014-01-20 11:42:45 -07:00
John Safranek
c4eb5642b1
1. Sign the PKCS#7 with a supplied private key, not
...
the single cert's public key.
2. Rename PKCS7 Envelope Data function as
`PKCS7_EncodeEnvelopedData()`.
3. Encode signed data to check input parameters.
2014-01-17 14:07:40 -08:00
Chris Conlon
e9b82d8174
place PKCS#7 IV in AlgoID optional params, resolve merge conflicts
2014-01-16 17:46:28 -07:00
Chris Conlon
366f42a91b
remove NULL tag from block cipher AlgoId, IV there instead
2014-01-16 17:45:10 -07:00
John Safranek
eb2e987a29
Split two PKCS7 tests into two functions.
2014-01-16 16:29:33 -08:00
John Safranek
cf22e49117
Merge branch 'master' of github.com:cyassl/cyassl
2014-01-16 16:19:34 -08:00
John Safranek
264ce75041
1. Split SetTagged into SetExplicit and SetImplicit.
...
2. Updated code using SetTagged to use new functions.
2014-01-16 16:17:17 -08:00
Chris Conlon
a75b95facc
more comments to PKCS#7 files
2014-01-16 13:29:37 -07:00
Chris Conlon
590dde753a
only store issuer into issuerRaw
2014-01-16 10:45:52 -07:00
John Safranek
36f78c5e1d
1. Bug fix for taking the size of something.
...
(Used wrong variable name.)
2. Renamed PKCS7 signed data test output file.
3. Added PKCS7 data test output files to gitignore.
2014-01-15 15:42:27 -08:00
John Safranek
cd44227945
Cleaned up warnings when using sizeof() in math.
2014-01-15 14:25:15 -08:00
John Safranek
85c5c29e7a
Merge branch 'master' of github.com:cyassl/cyassl
...
Conflicts:
ctaocrypt/test/test.c
cyassl/ctaocrypt/pkcs7.h
2014-01-15 13:23:26 -08:00
John Safranek
c33a8a890e
Added encoding PKCS#7 signed data messages.
2014-01-15 12:31:51 -08:00
Chris Conlon
46a03daf5f
initial PKCS#7 crypto test
2014-01-15 11:05:18 -07:00
Chris Conlon
9f7e33e7e1
add PKCS7_DecodeEnvelopedData()
2014-01-14 22:57:55 -07:00
Chris Conlon
d63c58864f
expose more ASN.1 helper functions with CYASSL_LOCAL
2014-01-14 22:48:55 -07:00
Chris Conlon
80c19aaf33
add PKCS7 error codes
2014-01-14 22:46:54 -07:00
toddouska
3152c28650
add escape for 64encdoe + and = too
2014-01-14 09:36:21 -08:00
Chris Conlon
f072d92ed8
Merge branch 'master' of github.com:cyassl/cyassl
2014-01-13 13:20:29 -07:00
Chris Conlon
69ffa3a481
add PKCS7_EncodeEnvelopeData()
2014-01-13 13:19:44 -07:00
toddouska
bb6b2e86c6
add base64 encode with esacped line ending, keep existing api intact
2014-01-13 12:17:12 -08:00
John Safranek
ef9cfc2172
Added method to encode PKCS7 data type messages.
2014-01-13 10:58:01 -08:00
Chris Conlon
71e13a3c3a
expose ASN.1 helper fns, add blkType
2014-01-10 16:13:56 -07:00
Chris Conlon
1d67d9217e
initial PKCS#7 stubs, tie into ./configure
2014-01-10 15:17:03 -07:00
John Safranek
4a975e8d00
SetRsaPublicKey() to support ASN.1 unsigned intergers correctly.
2014-01-10 11:29:08 -08:00
John Safranek
f9e73a8aeb
Added setting the cert req challenge password.
2014-01-09 14:17:55 -08:00
John Safranek
f545a33e77
Cert Req
...
1. Added support for the cert req attributes.
2. Added setting the Basic Constraints extenstion request.
3. Added error checking for the cert req attribs.
2014-01-08 16:26:42 -08:00
John Safranek
7b4cf370d0
In test: Cert req now signed by correct key. Removed loading of CA key.
2014-01-08 11:47:59 -08:00
John Safranek
f0a7d94c48
Cert Request
...
1. Added setting the request's version.
2. Added certreq test code to the ctaocrypt test.
3. Added the certreq test outputs to gitignore.
2014-01-08 10:57:46 -08:00
John Safranek
4de6a6d902
Cert Request
...
1. Added function to make simple DER format cert reqs.
2. Added cert req type to DerToPem.
2014-01-07 17:25:46 -08:00
toddouska
d6ad10f027
add USE_SLOW_SHA2 for sha384 and sha512, over twice as small code but over 50% slower too
2014-01-03 12:32:14 -08:00
toddouska
9d0e991e41
fix 32bit no asm combos
2014-01-02 16:58:54 -08:00
Chris Conlon
9f4ea7d059
update TYTO settings, FREESCALE_MMCAU AES check for NULL
2014-01-02 13:13:18 -07:00
Chris Conlon
64912b37f6
adjust key buffer length when using ToTraditional() or ToTraditionalEnc()
2013-12-23 14:07:58 -07:00
rofl0r
a36c18c27f
implement CyaSSL_ERR_reason_error_string
...
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
user to supply storage for them and copying them around.
2013-12-19 19:40:48 +01:00
Chris Conlon
8c8a1b0db8
add Freescale K60 mmCAU AES, DES, 3DES support
2013-12-17 16:29:21 -07:00
Chris Conlon
c466fac597
add Freescale K60 mmCAU MD5, SHA, SHA256 support
2013-12-17 16:28:08 -07:00
toddouska
ba95c33ed4
more clang warnings
2013-12-11 15:47:40 -08:00
toddouska
b41d09b1a2
fix newer clang warnings
2013-12-11 12:03:09 -08:00
toddouska
276a9c871e
eccfp warning fix
2013-12-06 08:58:06 -08:00
Takashi Kojo
1bcd61f134
Eliminating unused files
2013-11-28 09:05:33 +09:00
Takashi Kojo
9a67901081
Eliminate unused files
2013-11-28 00:16:49 +09:00
toddouska
6e7c9fb8de
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-20 17:07:33 -08:00
toddouska
8bf18d31c9
fix smartos warnings
2013-11-20 17:03:19 -08:00
Chris Conlon
2f7970ab65
add FREERTOS current_time() to benchmark.c
2013-11-20 17:03:58 -07:00
toddouska
864b25843e
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-20 15:13:14 -08:00
toddouska
10a3f8ead3
make cert names more consistent with str type that openssl uses
2013-11-20 15:12:33 -08:00
John Safranek
67b1b00a2c
OCSP Nonces are not critical extensions. Allow a response to be missing the nonce.
2013-11-20 13:46:46 -08:00
toddouska
c545202de0
don't allow inplace DerToPem, not supported
2013-11-20 13:17:39 -08:00
toddouska
7585e92fee
allow cert signing w/o Cert object, buffer only
2013-11-19 16:56:49 -08:00
John Safranek
4377996d87
Saved original SKID and AKID from certificate for later use with X.509 functions.
2013-11-19 16:20:18 -08:00
John Safranek
0fd6aed9b6
Save more decoded data from certificate for later use with X.509 functions.
2013-11-19 14:44:55 -08:00
toddouska
e92860bda7
ecc enc/dec offset init fix
2013-11-19 11:17:23 -08:00
toddouska
d91e8ab38e
add cert gen for ecc certs
2013-11-14 20:34:39 -08:00
toddouska
a7bcca84c3
add ecdsa cert signing
2013-11-14 15:00:22 -08:00
toddouska
cf4230b073
add ecc encrypt secure message exchange, hide ecEncCtx
2013-11-13 17:53:11 -08:00
toddouska
2e9e372875
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-11 17:01:39 -08:00
toddouska
0ef44329ef
add thread local storage to ecc fp cache, no locking required but cache is per thread, higher conncurrent performance but more memory needed
2013-11-11 17:00:35 -08:00
Takashi Kojo
b54b92bc2a
benchmark.c conflicts resolved
2013-11-12 08:21:41 +09:00
Takashi Kojo
5a9140fd13
For PIC32MZ
2013-11-12 08:12:01 +09:00
Takashi Kojo
0048c20fe5
PIC32MZ RNG
2013-11-11 12:15:19 +09:00
Takashi Kojo
23cada35ba
Catch up master
2013-11-10 21:06:34 +09:00
Takashi Kojo
a4e61cbdbb
For PIC32MZ
2013-11-10 20:42:21 +09:00
toddouska
3e072c8dda
random.c missing settings include fix
2013-11-08 10:56:50 -08:00
toddouska
c2f9064ae4
Merge branch 'master' of github.com:cyassl/cyassl
2013-11-07 16:00:34 -08:00
toddouska
554adff672
add basic ecc encrypt/decrypt
2013-11-07 15:59:31 -08:00
toddouska
7866d51ee9
fix benchmark pull changes
2013-11-07 11:00:56 -08:00
Takashi Kojo
16bda74536
For MDK5 Pack
2013-11-07 10:29:01 +09:00
Takashi Kojo
f26cf50ff2
Merge branch 'master' of https://github.com/cyassl/cyassl into MDK5
2013-11-06 10:22:21 +09:00
John Safranek
913e200cd0
X.509 Additions:
...
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
2013-11-04 11:02:17 -08:00
toddouska
5e00d62ea3
add HMAC-KDF
2013-10-31 18:03:00 -07:00
toddouska
c88d0d5739
fix mplab harmony random ifdef
2013-10-31 10:47:03 -07:00
toddouska
cc323fb4cc
ecc shamir requires bigger LUT in fp mode
2013-10-31 10:43:48 -07:00
toddouska
12b074fbe9
add worst case estimate to ecc_sign_size()
2013-10-30 13:33:23 -07:00
toddouska
3d19604bfb
make sure to always check mp_to_*, normal math could fail
2013-10-29 17:38:12 -07:00
toddouska
f402d7eed9
add ecc export pirvate only
2013-10-29 16:44:33 -07:00
toddouska
071338bf39
fix fpecc normal math init/free issue
2013-10-28 13:17:33 -07:00
toddouska
9438d0d41b
add Microchip MPLAB Harmony support
2013-10-28 11:03:50 -07:00
Takashi Kojo
849bbdefae
Updates for MDK4
2013-10-26 17:18:18 +09:00
Takashi Kojo
33ccf62ff5
MDK5 support
2013-10-25 15:49:39 +09:00
Takashi Kojo
558735c862
port.[ch] for MDK5
2013-10-24 20:33:36 +09:00
Takashi Kojo
2f98233825
For MDK5
2013-10-24 18:50:26 +09:00
Takashi Kojo
3ed2085e77
ctaocrypt/{benchmark,src,test} files fro MDK5
2013-10-24 17:20:12 +09:00
toddouska
b45370a599
remove test output
2013-10-23 17:17:47 -07:00
toddouska
c039b0106a
add HC-128 Blake2b 256 cipher suite for speed test
2013-10-23 17:13:54 -07:00
John Safranek
8295d8bb4a
1. Reject DSA certificates instead of ignoring them.
...
2. Resolved potential crash when trying to calculate a Subject Key
ID when the public key is missing from a certificate.
2013-10-16 10:16:04 -07:00
toddouska
0126a39d68
fix shamir speed up init buffer
2013-10-10 18:47:25 -07:00
John Safranek
33bcc76a07
Merge branch 'master' of github.com:cyassl/cyassl
2013-10-02 15:27:10 -07:00
Chris Conlon
3e12f43342
add CyaSSL_GetHmacMaxSize for JNI wrapper
2013-09-25 14:20:36 -06:00
Chris Conlon
17b220e9c7
add Freescale MQX time functionality
2013-09-24 20:12:48 -06:00
toddouska
363f157f50
fix sniffer build w/o fastmath
2013-09-23 13:37:04 -07:00
John Safranek
5e4ca53496
clean up Windows build issues with OCSP
2013-09-18 14:47:51 -07:00
John Safranek
49d3e74fde
Fixed a Windows build warning in the benchmark
2013-09-17 22:15:59 -07:00
Chris Conlon
ee78b108cf
CTaoCrypt test mods for MQX
2013-09-16 15:48:36 -06:00
Chris Conlon
abff02532d
add Freescale K53 RNGB support
2013-09-16 14:43:33 -06:00
John Safranek
e564b614bf
Decode the serialNumber field in the X.509 names
2013-09-15 22:10:58 -07:00
John Safranek
49f82c4717
Added two more GMAC test cases
2013-09-12 14:10:57 -07:00
toddouska
74e7ba8536
fix Kojo-san pull errors
2013-09-11 10:07:33 -07:00
kojo
0869da34a0
Coldfire SEC
2013-09-11 17:06:28 +09:00
John Safranek
03d7c694e8
Merge branch 'master' of github.com:cyassl/cyassl
2013-09-10 16:49:40 -07:00
John Safranek
d3db1a42de
Added GMAC wrapper functions around AES-GCM
2013-09-10 16:47:39 -07:00
toddouska
bab790ab87
add port.c to visual studio builds
2013-09-09 13:48:28 -07:00
John Safranek
0ae966b350
fix shadow warning
2013-09-08 17:46:29 -07:00
toddouska
44ba0af192
free fp ecc resources on cleanup
2013-09-06 17:08:57 -07:00
toddouska
6e05d4317f
add proper locking to fp ecc
2013-09-06 16:53:33 -07:00
toddouska
a14af5f0b0
move mutex to port layer at crypto level
2013-09-06 16:38:27 -07:00
toddouska
782cb0e077
Merge branch 'master' of github.com:cyassl/cyassl
2013-09-06 14:25:51 -07:00
toddouska
46be3b8508
add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next
2013-09-06 14:24:31 -07:00
Moisés Guimarães
d7a08b1a76
centralizing MAX_DIGEST_SIZE definition in hmac.h
2013-09-06 15:53:46 -03:00
John Safranek
f2c75a9e87
ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values
2013-09-05 15:00:01 -07:00
toddouska
08c9f61f16
add accelerated ecc_proj* and ECC SHAMIR to speed up ecdsa verify
2013-09-04 13:13:10 -07:00
toddouska
e93a0640f1
break up huge math into individual parts so can add piece by piece, e.g., ECC256
2013-09-03 13:13:13 -07:00
John Safranek
0002ba4ee8
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72
cleanup build warnings
...
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
`process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
`CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
`Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
`CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
`AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2
add public key callbacks for ecc sign/verify, examples
2013-08-22 18:19:39 -07:00
toddouska
840e958ae5
add ecc verify to benchmark
2013-08-09 17:06:02 -07:00
toddouska
5c5cee0789
use external CYASSL_MAX_ERROR_SZ for buffer size
2013-08-06 11:48:00 -07:00
toddouska
505b1a8a67
fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size
2013-07-25 15:59:09 -07:00
John Safranek
43f320d5e2
SEP Extensions
...
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
device type.
4. Copy an other type Alt Name extension into the cert as the
hwType and hwSerialNumber, if the alt name has a
hardwareModuleName OID.
2013-07-09 13:23:56 -07:00
toddouska
99b6c1d3c3
fix GCC warning
2013-07-09 09:57:55 -07:00
toddouska
f9bf003718
allow NULL IVs for CBC mode, same as all zero IV
2013-07-08 11:52:00 -07:00
John Safranek
b66cb11cb8
Fixed bug in DecodeAltNames() where idx wasn't advanced past the length.
2013-07-05 10:10:38 -07:00
John Safranek
0d0fc27e42
Fixed DecodeAuthKeyId fail case not returning.
2013-06-26 11:16:17 -07:00
John Safranek
f3af0124e4
Fixed DecodeAltNames extension falling through to next case.
2013-06-25 13:37:43 -07:00
John Safranek
0c34ecb451
OCSP Updates
...
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek
42a0f3500f
Update AES-GCM and AES-CCM to use AES-NI
...
1. Added the assembly functions to do AES-ECB.
2. Updated AesEncrypt and AesDecrypt to use the assembly functions
if available.
3. Modified the AES-GCM and AES-CCM key setup functions to use the
the AES-NI key setup if availble.
4. Added tests for the AES-ECB encrypt and decrypt.
5. Only include stdio.h for AES when DEBUG_AESNI is enabled
6. If using local key setup, skip using AES-NI for basic Encrypt
and Decrypt.
2013-06-19 14:52:58 -07:00
toddouska
85d25798a5
update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing
2013-06-17 14:48:51 -07:00
toddouska
7f7c595d10
differentiate between THREADX and RTP_SYS
2013-06-14 13:45:25 -07:00
toddouska
9559f09028
warning fixes
2013-06-13 12:13:46 -07:00
toddouska
ae84982777
add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create()
2013-06-03 14:56:37 -07:00
toddouska
b2ef938cbe
fix CYASSL_MALLOC_CHECK hard tabs and extra function not needed
2013-05-29 11:18:16 -07:00
kojo
4b9c3d3512
Merge remote-tracking branch 'cyassl/master' into STM.LPC
...
Conflicts:
IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c
IDE/MDK-ARM/MDK-ARM/config/File_Config.c
IDE/MDK-ARM/MDK-ARM/config/RTX_Conf_CM.c
IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt
IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj
ctaocrypt/src/random.c
src/internal.c
2013-05-26 09:27:06 +09:00
toddouska
8b90414f2a
add POSITIVE_EXP_ONLY for fastmath stack reduction when positive exponents only
2013-05-23 15:55:22 -07:00
toddouska
8df0e43384
fix merge differences from this week
2013-05-22 15:50:13 -07:00
toddouska
d2003bb8b7
merge in sni
2013-05-21 14:37:50 -07:00
kojo
ff68942ce4
MDK-ARM ready for LCP/STM
2013-05-21 18:47:54 +09:00
kojo
082f5643ed
OK for LCP43xx project
2013-05-21 17:13:12 +09:00
kojo
da342ea079
initial attempt for MDK-ARM/LPC43xx:
2013-05-21 09:39:09 +09:00
takashikojo
55763ef318
Commit 2.6.2
2013-05-19 10:02:13 +09:00
toddouska
8f5e98486f
fix MPLAB X windows warnings
2013-05-17 11:13:47 -07:00
Chris Conlon
a4c6ed0dda
add support for Microchip TCP/IP 6.0 beta
2013-05-17 10:59:18 -06:00
toddouska
cfdfa7b2b3
pull in Kojo MDK-ARM projects, changes
2013-05-16 09:47:27 -07:00
Chris Conlon
091c7a7ef3
separate STM32F2 hardware hash support, disable by default
2013-05-15 10:48:35 -06:00
toddouska
32705fb380
make sure pwdbased w/o fastmath works like fastmath define wise
2013-05-10 11:00:37 -07:00
toddouska
a0c630b4ee
add cert cache persistence
2013-05-02 11:34:26 -07:00
John Safranek
d2d25b9b83
refine the SKID/AKID support
2013-04-29 17:09:15 -07:00
John Safranek
87048698e5
use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes.
2013-04-29 12:08:16 -07:00
toddouska
05dd84598b
turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11
2013-04-25 15:36:33 -07:00
John Safranek
8e5532eb42
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-24 10:37:55 -07:00
John Safranek
c27ebe546d
find the subject id and authority subject id extentions when decoding a certificate
2013-04-24 10:37:11 -07:00
toddouska
24ec09ef7a
change big int cast in comparison after 64/128 changes
2013-04-19 13:49:26 -07:00
toddouska
71a1abebf5
break up sig confirm errors into no sig, crl, and ocsp specific
2013-04-18 08:38:28 -07:00
toddouska
b806ca3c2f
help compiler with fp_div cast to 32bit
2013-04-16 15:29:03 -07:00
John Safranek
d279695314
changed ENDIAN_* to *_ENDIAN_ORDER
2013-04-16 12:12:49 -07:00
John Safranek
a74ac2b22c
added case to DerToPem() to add EC header and footer to the PEM output
2013-04-11 14:03:18 -07:00
toddouska
a2bd6e786d
fix leanpsk NO_SHA build
2013-04-10 12:42:51 -07:00
toddouska
f535e5428e
make sure all tests/examples *.c use settings.h correctly
2013-04-10 12:17:23 -07:00
toddouska
97e0ec073f
make sure all lib proper *.c files have config.h then settings.h then checks for defines in case user using settings.h for lib config
2013-04-10 11:04:29 -07:00
Chris Conlon
27d6c727e0
add MICROCHIP_TCPIP
2013-04-10 09:16:11 -06:00
John Safranek
0edc19feb2
converting DerToPem, readjust output buffer size to account for size of header and footer when calling Base64_Encode
2013-04-09 19:03:21 -07:00
Chris Conlon
eeb8cdccde
s_fp_sub() bug fix
2013-04-05 13:44:53 -06:00
John Safranek
7004b2eafc
certs still use SHA hash for names
2013-04-01 13:49:21 -07:00
John Safranek
30553a43ed
when disabling arc4, ignores contents of arc4.c
2013-04-01 13:42:41 -07:00
toddouska
6d8246e98c
fix scan-build 272 warnings
2013-03-27 12:32:22 -07:00
toddouska
7d82bec7fc
do rabbit/hc128 alignment at crypto layer for non intel
2013-03-26 18:16:15 -07:00
toddouska
14b4bb3b0f
change rabbit and hc128 to return values for key and process, will add error rets for alignment issues
2013-03-26 14:42:09 -07:00
toddouska
f601b7bfda
move aesni cbc encrypt align check down to crypto layer
2013-03-26 14:13:01 -07:00
toddouska
6bc7ba1592
change AesCBC end/dec to return status, will add failure cases with align checks
2013-03-26 12:36:39 -07:00
toddouska
72926b1eed
make sure blake2 calls denote it's the 'b' version, blake2b
2013-03-25 11:35:33 -07:00
toddouska
cb311e5708
explain C aesni asm naming fix in code too
2013-03-24 12:59:30 -07:00
toddouska
8a924244c5
change aesni asm function name to explicit asm for ABI underscore conflicts with clang/gcc differences
2013-03-24 12:53:35 -07:00
toddouska
80e3c85737
change inline assembly to more generic condition code in clobber list, clang likes it better this way
2013-03-24 11:09:58 -07:00
toddouska
d33f180760
blake2 32bit build warning fix
2013-03-23 12:02:14 -07:00
toddouska
d7c01be8bb
blake2 ctc api, test vecs
2013-03-22 13:30:44 -07:00
toddouska
d8b85da693
remove c++ comments, switch to c
2013-03-22 12:10:53 -07:00
toddouska
d6deb690e6
Merge branch 'master' into blake2
2013-03-22 10:20:01 -07:00
toddouska
7d7a72f2a6
add hmac sha512
2013-03-20 12:26:55 -07:00
John Safranek
02581a3da2
added control of compress memory usage via build setting
2013-03-20 11:28:45 -07:00
John Safranek
615f652bd0
filled out our Compress and DeCompress functions, updated the test case
2013-03-20 09:58:31 -07:00
John Safranek
fc928e7725
added stubs and a test for ctaocrypt compress
2013-03-19 16:25:58 -07:00
toddouska
6ba7743fb3
fix fastmath no asm casts to shorter sizes
2013-03-15 15:11:21 -07:00
Chris Conlon
e12f947c4f
fix TRUE/FALSE clash in asn.c
2013-03-15 11:50:45 -06:00
toddouska
2d9ed696c6
fix USER_TIME casts
2013-03-14 10:51:06 -07:00
toddouska
2dfec3c6f1
add CYASSL prefix to WORD/BIT enums
2013-03-13 16:49:20 -07:00
toddouska
a4c8d0e76c
make sure no asn doesn't build big int
2013-03-12 15:14:03 -07:00
toddouska
4774f1b285
add --enable-coding, build, leanpsk check
2013-03-12 13:12:10 -07:00
toddouska
f232ff84b4
add --enable-pwdbased and build, opensslextra needs
2013-03-11 17:01:05 -07:00
toddouska
49e62f0858
fix general NO_SHA NO_ASN NO_CERTS NO_SESSION_CACHE builds/examples
2013-03-11 16:07:46 -07:00
toddouska
85b3346bbf
NO_RSA build, cipher suite tests need work for this build optoin, ssn2
2013-03-07 17:44:40 -08:00
toddouska
2667b8b542
fix base64 decode white space loop
2013-03-04 11:36:07 -08:00
toddouska
98e766e770
our type changes
2013-02-28 17:51:35 -08:00
toddouska
e947c86e67
add license, bring up to date
2013-02-22 15:52:20 -08:00
toddouska
48303918c2
Merge branch 'master' into blake2
2013-02-22 15:22:02 -08:00
toddouska
f4082f83e5
sb fixes for certgen + keygen
2013-02-20 15:45:10 -08:00
toddouska
b2b45d3f4a
sb fixes for crl and ocsp
2013-02-20 15:26:22 -08:00
toddouska
04d0c581b1
set output test size to real size, no strlen, make sure input strlens don't have 0x00
2013-02-19 16:16:40 -08:00
toddouska
07baa27b20
fix scan build for fastmath, dtls, ecc, psk, sha512
2013-02-19 12:53:58 -08:00
toddouska
9ea3371079
2nd round scan build
2013-02-14 16:00:45 -08:00
toddouska
62ef5de25c
scan build fixes
2013-02-14 14:09:41 -08:00
toddouska
44e0d7543c
change copyright name with name change
2013-02-05 12:44:17 -08:00
toddouska
f4f13371f9
update copyright date
2013-02-04 14:51:41 -08:00
Todd Ouska
24e22d4b6e
add cavium notes and free ssl cavium ciphers
2013-02-01 16:26:42 -08:00
Todd Ouska
44b6593fe5
add cavium ciphers to SSL, and example client
2013-02-01 12:21:38 -08:00
Todd Ouska
01703281cc
add cavium RSA to ctaocrypt
2013-01-31 15:55:29 -08:00
Chris Conlon
5d29bf1e49
add MPLAB X projects, PIC32 GenerateSeed()
2013-01-30 18:02:18 -07:00
Chris Conlon
b3ffcbd5b4
fix DH key size output in benchmark
2013-01-30 16:54:43 -07:00
Chris Conlon
2fc54ad751
add PIC32 current_time() to benchmark
2013-01-30 16:29:15 -07:00
Chris Conlon
95e7226447
add BENCH_EMBEDDED flag to CTaoCrypt benchmark app
2013-01-30 16:19:19 -07:00
Chris Conlon
b91f3c7c6d
add NO_MAIN_DRIVER to CTaoCrypt benchmark
2013-01-30 10:20:39 -07:00
Chris Conlon
3ff842168e
add cert/key buffer flags in CTaoCrypt benchmark for RSA, DH
2013-01-30 10:13:56 -07:00
Todd Ouska
6edfb2a601
Merge branch 'master' of github.com:cyassl/cyassl
2013-01-29 16:25:35 -08:00
Todd Ouska
91b800ea46
no sha384 for cavium now
2013-01-29 16:25:09 -08:00
Todd Ouska
a361f5c4bf
initial cavium, crypto only, no rsa
2013-01-29 16:22:49 -08:00
Chris Conlon
532f0aaee7
add ability to use cert/key buffers in CTaoCrypt test app
2013-01-28 17:15:28 -07:00
toddouska
9f77aea1f8
Merge branch 'master' into blake2
2013-01-21 10:56:46 -08:00
John Safranek
2e2de4cf4d
added the cammelia cipher, updated the test cases
2013-01-18 17:26:49 -08:00
John Safranek
b8b968d77f
added tests for setting Camellia key and IV
2013-01-18 13:48:30 -08:00
John Safranek
f65b0fc092
brought the camellia interface to match AES's more
2013-01-18 09:57:41 -08:00
John Safranek
d5bf944630
enabled the proper Camellia test, but mocked the encrypt and decrypt functions to pass the test
2013-01-17 22:09:55 -08:00
John Safranek
425d418dee
added stubs, tests, and benchmark for Camellia to ctaocrypt
2013-01-17 21:52:31 -08:00
toddouska
fe0772bcbf
Merge branch 'master' into blake2
2013-01-17 16:08:47 -08:00
John Safranek
b327925a1b
Merge branch 'ccm'
2013-01-15 16:37:37 -08:00
John Safranek
c7b5fbe552
fixed a bug involving const nonces for CCM. Added AES-CCM to the full commit test case.
2013-01-15 16:16:48 -08:00
John Safranek
ccff37f4b1
added TLS support for AES-CCM-8
2013-01-15 15:20:30 -08:00
John Safranek
eb221238c2
separated TLS-AEAD and AES-GCM so TLS-AEAD can also use AES-CCM
2013-01-14 15:59:53 -08:00