Commit Graph

856 Commits

Author SHA1 Message Date
toddouska
6c2a238c9b bump version 2014-11-13 10:19:03 -08:00
toddouska
730cede82d add HAVE_FORCE_FIPS_FAILURE for operational testing 2014-11-12 17:09:16 -08:00
John Safranek
6944eb69f6 added error code for AESGCM FIPS KAT test error 2014-11-10 15:38:41 -08:00
toddouska
eda2103dc3 add size check to fips core hash gen 2014-11-07 16:43:32 -08:00
toddouska
e6e24d92fb Merge branch 'master' of github.com:cyassl/cyassl 2014-11-07 16:23:56 -08:00
toddouska
81fd594c9f add fips get status functions 2014-11-07 16:23:19 -08:00
Chris Conlon
4d819dea87 fix hashType warning on Linux 2014-11-07 17:19:11 -07:00
Chris Conlon
71da84122f expose EncodeSignature() for DER-encoded comparisons 2014-11-07 16:33:38 -07:00
Chris Conlon
233bca3346 add RsaPublicKeyDecodeRaw() to load key from existing n, e 2014-11-07 15:24:02 -07:00
toddouska
f11d2c435d add fips continuous test error code/msg 2014-11-06 14:56:11 -08:00
toddouska
322f79f521 allow user to set minimum downgrade version with v23 methods() 2014-11-03 15:12:48 -08:00
toddouska
d9f5ada772 add external wrappers for TLS Master Secret generation and Key Expansion 2014-11-03 09:56:40 -08:00
toddouska
02f7c71222 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-31 13:24:29 -07:00
toddouska
0f641e07a2 remove old client hello processing by default, can turn on with OLD_HELLO_ALLOWED, add sanity checks before size front alloc 2014-10-31 13:23:50 -07:00
Chris Conlon
2fe0d9b38d update RNG_HealthTest to output generated bits 2014-10-31 14:05:13 -06:00
toddouska
7fed36b09d explicit check for change cipher before finished instead of encryptionOn implicit 2014-10-29 14:07:41 -07:00
toddouska
a4228740f5 add FIPS pos errors and messages, better output for in core check and how to fix 2014-10-28 14:21:55 -07:00
toddouska
247bef6be3 add fips pos cb for fail codes, generated hash 2014-10-28 14:03:58 -07:00
toddouska
c982dd2281 allow aes gcm fips wrappers, no void returns 2014-10-27 15:52:22 -07:00
John Safranek
bf718a7d51 Added a callback function to set the master secret on the client 2014-10-24 15:26:47 -07:00
Daniele Lacamera
fde4d56845 Updated picoTCP support, based on newer HTTPS demo 2014-10-22 12:11:31 +02:00
Chris Conlon
50a00d4ff0 add PicoTCP support 2014-10-21 15:43:43 -06:00
John Safranek
e35e02a283 Added SNI named keys to the sniffer. 2014-10-21 12:22:12 -07:00
John Safranek
35bcc98948 Added a callback when receiving a NewSessionTicket handshake message. 2014-10-20 09:25:14 -07:00
John Safranek
60790ee4ae Merge branch 'master' of github.com:cyassl/cyassl 2014-10-16 22:01:55 -07:00
John Safranek
b2f25cd91c 1. Added accessors for session tickets.
2. Fixed client case when server doesn't want to resume session with ticket.
2014-10-16 22:00:13 -07:00
Moisés Guimarães
e98eb1ba4d Adds sessionIDSz to CYASSL_SESSION and Arrays. 2014-10-13 23:16:11 -03:00
toddouska
08cdf91761 bump version 2014-10-13 14:44:39 -07:00
toddouska
54049c6000 allow dhe 4096bit for ssl key exchange 2014-10-07 15:50:33 -07:00
toddouska
c65b14a891 add scr check against subject hash, only allow explicit session ticket resupmtion during scr 2014-10-06 16:12:45 -07:00
John Safranek
7c67a9261c trimmed some unused code for session tickets 2014-10-06 12:44:52 -07:00
John Safranek
954740e2a8 Added check for expected session ticket 2014-10-04 12:41:51 -07:00
John Safranek
80a474ebad 1. Fixed encoding of session ticket hello extension.
2. Session tickets used as alternative resumption.
2014-10-03 13:19:59 -07:00
John Safranek
9dbc1d2d00 Parse the NewSessionTicket handshake message 2014-10-01 16:28:01 -07:00
toddouska
8e96234513 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-01 09:45:57 -07:00
toddouska
41647e441a preview scr 2014-10-01 09:44:24 -07:00
Moisés Guimarães
ee68797cf1 Adds a flag to tell the handshake framework to expect a session ticket. 2014-09-30 18:50:19 -03:00
Moisés Guimarães
a937040087 Adds Session Ticket TLS Extension handling.
New Session Ticket Handshake Message handling is still needed for Session Tickets to work.
2014-09-30 09:30:23 -03:00
toddouska
dcde28db51 add server initiated scr 2014-09-29 14:48:49 -07:00
toddouska
369b7559c5 fix session ticket warnings 2014-09-26 16:16:11 -07:00
Moisés Guimarães
c340d78c93 adds SESSION_TICKET extension id.
adds HAVE_TLS_EXTENSIONS as a dependency to HAVE_SECURE_RENEGOTIATION
reduces tlsx semaphore from 16 to 8 bytes (128 flags to 64 flags).
refactors ConvertExtType() to TLSX_ToSemaphore() for a better name and behavior. Now the overflowing flags are set backwards from the end of the flags to avoid collisions.
2014-09-26 16:01:50 -03:00
Jacob Barthelmeh
f5a95a9f62 struct for one time authentication ciphers 2014-09-25 16:19:50 -06:00
toddouska
0c20584ed3 add client side initiated secure r, same specs 2014-09-24 18:48:23 -07:00
toddouska
74c6f35766 new handShakeDone flag to allow app data during scr 2014-09-24 13:10:01 -07:00
toddouska
21f46373f3 delay SetKeys() with SetKeysSide() until last possible moment, needed for scr 2014-09-24 11:27:13 -07:00
Moisés Guimarães
d9472d65da ssl: refactoring ProcessBuffer to reduce stack usage:
--- variable password moved to the heap (80 bytes saved)
--- variable key moved to the heap (32 bytes saved)
--- variable iv moved to the heap (16 bytes saved)
--- variable Des moved to the heap (sizeof(Des) saved)
--- variable Des3 moved to the heap (sizeof(Des3) saved)
--- variable Aes moved to the heap (sizeof(Aes) saved)
--- variable RsaKey moved to the heap (sizeof(RsaKey) saved)

Utility functions added to Des, Des3 and Aes for easier decryption.
2014-09-22 11:37:36 -03:00
Moisés Guimarães
d61af5d9ae adds record_overflow alert used by max_fragment_length tls extension. 2014-09-18 21:53:10 -03:00
toddouska
a735a52608 switch to extensions secure r state 2014-09-16 17:26:57 -07:00
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions.
Adds SecureRenegotiation functions
2014-09-16 20:33:17 -03:00
Moisés Guimarães
32cea012d9 Adds secure renegotiation TLSX_Type, structure and enabler function. 2014-09-16 20:21:29 -03:00