mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,470 Commits 5 Branches 162 Tags 807 MiB
38e129fd24
Commit Graph

918 Commits

Author SHA1 Message Date
toddouska
dcde28db51 add server initiated scr 2014-09-29 14:48:49 -07:00
toddouska
369b7559c5 fix session ticket warnings 2014-09-26 16:16:11 -07:00
Moisés Guimarães
c340d78c93 adds SESSION_TICKET extension id. 
adds HAVE_TLS_EXTENSIONS as a dependency to HAVE_SECURE_RENEGOTIATION
reduces tlsx semaphore from 16 to 8 bytes (128 flags to 64 flags).
refactors ConvertExtType() to TLSX_ToSemaphore() for a better name and behavior. Now the overflowing flags are set backwards from the end of the flags to avoid collisions.
 2014-09-26 16:01:50 -03:00
Jacob Barthelmeh
f5a95a9f62 struct for one time authentication ciphers 2014-09-25 16:19:50 -06:00
toddouska
0c20584ed3 add client side initiated secure r, same specs 2014-09-24 18:48:23 -07:00
toddouska
74c6f35766 new handShakeDone flag to allow app data during scr 2014-09-24 13:10:01 -07:00
toddouska
21f46373f3 delay SetKeys() with SetKeysSide() until last possible moment, needed for scr 2014-09-24 11:27:13 -07:00
Moisés Guimarães
d9472d65da ssl: refactoring ProcessBuffer to reduce stack usage: 
--- variable password moved to the heap (80 bytes saved)
--- variable key moved to the heap (32 bytes saved)
--- variable iv moved to the heap (16 bytes saved)
--- variable Des moved to the heap (sizeof(Des) saved)
--- variable Des3 moved to the heap (sizeof(Des3) saved)
--- variable Aes moved to the heap (sizeof(Aes) saved)
--- variable RsaKey moved to the heap (sizeof(RsaKey) saved)

Utility functions added to Des, Des3 and Aes for easier decryption.
 2014-09-22 11:37:36 -03:00
Moisés Guimarães
d61af5d9ae adds record_overflow alert used by max_fragment_length tls extension. 2014-09-18 21:53:10 -03:00
toddouska
a735a52608 switch to extensions secure r state 2014-09-16 17:26:57 -07:00
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions. 
Adds SecureRenegotiation functions
 2014-09-16 20:33:17 -03:00
Moisés Guimarães
32cea012d9 Adds secure renegotiation TLSX_Type, structure and enabler function. 2014-09-16 20:21:29 -03:00
toddouska
4bb20612a1 move secure r inside of tls extensions 2014-09-16 12:42:13 -07:00
toddouska
9a90a0c113 save secure r verify data 2014-09-16 11:51:13 -07:00
toddouska
996418c383 add secure reneg state variables 2014-09-15 15:18:01 -07:00
Chris Conlon
7ea5d6c509 bump version to 3.2.0 2014-09-10 16:46:39 -06:00
toddouska
2c595139db fix tirtos merge 2014-09-08 19:40:03 -07:00
toddouska
ca3f879907 Merge branch 'master' of github.com:cyassl/cyassl 2014-09-08 11:35:06 -07:00
toddouska
9e40e967a0 add ecc key to DER, make sure ctaocrypt test errors always caught at make check level 2014-09-08 11:33:06 -07:00
Moisés Guimarães
d6b4f85d7c Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList() 2014-09-08 15:03:30 -03:00
Chris Conlon
422a2b8be8 change word type to cyassl_word to prevent conflicts with some toolchains 2014-09-05 10:17:24 -06:00
John Safranek
1a88e9fbdc Added function to flatten the RSA public key to a pair of byte arrays 2014-09-03 23:10:10 -07:00
Moisés Guimarães
8bb52380a8 TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList. 
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
 2014-09-01 18:35:30 -03:00
toddouska
03800a9df4 Merge branch 'keycomp' 2014-08-29 14:34:44 -07:00
toddouska
3072edb696 add compressed key support 2014-08-29 14:25:58 -07:00
Chris Conlon
7e7cbdc715 add raw ECC key import functionality and tests 2014-08-29 10:46:25 -06:00
John Safranek
496228e5b0 Merge branch 'master' of github.com:cyassl/cyassl 2014-08-19 22:38:42 -07:00
John Safranek
100f0e8a96 Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.) 2014-08-19 22:38:04 -07:00
toddouska
87564bdffe get_cipher fixes 2014-08-15 10:56:38 -07:00
toddouska
aaf4e74453 Merge https://github.com/ShaneIsrael/cyassl into shane 2014-08-15 10:03:50 -07:00
ShaneIsrael
57f2affe20 Added GetCipherName() which takes an index 2014-08-13 09:46:13 -06:00
JacobBarthelmeh
856aab7f30 add fuzzer CYASSL* and fuzzer ctx 2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2 Added CyaSSL_get_ciphers() and necessary functions 2014-08-12 16:17:36 -06:00
JacobBarthelmeh
6620df2e4e Merge remote-tracking branch 'upstream/master' 2014-08-12 13:03:55 -06:00
JacobBarthelmeh
a18602951b record header fuzz 2014-08-12 11:56:20 -06:00
Kaleb Himes
20f8493046 All encryptions work. settings.h generic, allow end user mod 2014-08-12 10:41:11 -06:00
JacobBarthelmeh
5c72bf6272 fuzzer callbacks 2014-08-11 16:29:19 -06:00
toddouska
0919a2927c fix digest sizes in internal.h 2014-08-06 06:53:24 -07:00
toddouska
9429f07a8a add MD5_DIGEST_SZ to NO_MD5 for non no-old-tls build types that still need it 2014-08-05 13:41:55 -07:00
toddouska
7a95bc452d Merge branch 'master' into ti 2014-07-29 16:20:57 -07:00
John Safranek
e9297f092d updated HashDRBG so private data not available via struct declaration in header file 2014-07-29 15:19:51 -07:00
toddouska
aba16ae239 Merge branch 'master' into ti 2014-07-24 20:15:18 -07:00
JacobBarthelmeh
3f2ee0801a declaration locations for ARM 2014-07-24 18:59:39 -06:00
toddouska
063e5cec80 Merge branch 'master' into ti 2014-07-21 16:38:38 -07:00
toddouska
cc72a50cee bump dev version 2014-07-21 16:28:57 -07:00
toddouska
a73a160aaf Merge branch 'master' into ti 2014-07-21 16:26:39 -07:00
toddouska
3bfd0bbf3b fixup some chacah-poly suite things including a valgrind error 2014-07-21 16:20:17 -07:00
JacobBarthelmeh
3c27deb9d0 merge 2014-07-21 13:50:22 -06:00
JacobBarthelmeh
726cc3e3a4 sanity check and recent cyassl release 2014-07-18 14:42:45 -06:00
JacobBarthelmeh
7cb65d8b3d asthetics 2014-07-17 15:33:48 -06:00
JacobBarthelmeh
b77a1fdbbb refactoring 2014-07-17 15:00:40 -06:00
JacobBarthelmeh
7eb8f571ed reverse compatibility 2014-07-16 14:55:38 -06:00
toddouska
a26f9b9068 Merge branch 'master' into ti 2014-07-16 13:55:31 -07:00
toddouska
99f6fd8450 have explicit Rsa Padding error 2014-07-16 13:52:31 -07:00
Chris Conlon
237bde7918 bump version to 3.1.0 2014-07-15 10:50:45 -06:00
Chris Conlon
54b02c3979 fix order of variables in myDateCb for Windows/VS 2014-07-15 09:39:37 -06:00
Kaleb Himes
15f432c521 updated certs 2014-07-11 13:55:10 -06:00
JacobBarthelmeh
e62fbdd49f added ECDSA and DHE_RSA support for chacha-poly 2014-07-10 16:35:56 -06:00
JacobBarthelmeh
c322cb05ad uses most recent version of cyassl 2014-07-10 11:18:49 -06:00
toddouska
7c608af579 Merge branch 'master' into ti 2014-07-09 17:48:35 -07:00
JacobBarthelmeh
fb25db9c28 progress on suite 2014-07-09 15:48:40 -06:00
Moisés Guimarães
f8cf3bf853 remove stack reduction macros 2014-07-08 10:51:27 -03:00
toddouska
4ed9b3fa33 Merge branch 'master' into ti 2014-07-07 10:32:52 -07:00
Moisés Guimarães
de14fac069 add hash utility functions to promote cleaner code, smaller footprint, centralized logs and error handling. 2014-07-04 09:17:18 -03:00
Moisés Guimarães
a281c6bc6c asn: refactoring ConfirmSignature to reduce stack usage: 
--- variable digest moved to the heap (20..64 bytes saved)
--- variable pubKey moved to the heap (sizeof(RsaKey) bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
--- variable plain moved to the heap (512 bytes saved)
--- variable pubKey moved to the heap (sizeof(ecc_key) bytes saved)
--- variable md2 moved to the heap (sizeof(Md2) bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) bytes saved)
--- variable sha moved to the heap (sizeof(Sha) bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) bytes saved)
--- variable sha384 moved to the heap (sizeof(Sha384) bytes saved)
--- variable sha512 moved to the heap (sizeof(Sha512) bytes saved)

fix - In some cases, the function was returning error codes, that could be interpreted as a false positive.
 2014-07-04 09:17:17 -03:00
Moisés Guimarães
b875f6f631 add stack reduction macros 2014-07-04 09:17:17 -03:00
toddouska
61e989ed99 Merge branch 'master' into ti 2014-07-03 11:34:15 -07:00
toddouska
2d63c559cc dh now disabled by default but can be enabled w/o opensslextra 2014-07-03 11:32:24 -07:00
toddouska
cc74206f9c Merge branch 'master' into ti 2014-07-02 20:06:49 -07:00
toddouska
cac799f683 add optional ecc ctx info 2014-07-02 16:59:45 -07:00
toddouska
6817e3cd2e Merge branch 'master' into ti 2014-07-02 16:31:55 -07:00
toddouska
be402277e0 add override cert date example for bad clock testing 2014-07-02 12:07:25 -07:00
JacobBarthelmeh
53c63dd257 progress on suite 2014-07-01 16:08:52 -06:00
JacobBarthelmeh
5bf411f345 progress on suite 2014-07-01 14:16:44 -06:00
toddouska
1122f2a399 master merge resolve 2014-07-01 11:58:33 -07:00
toddouska
4eebba8162 Merge branch 'master' of github.com:cyassl/cyassl 2014-07-01 09:28:40 -07:00
toddouska
c957e9a909 make default I/O callbacks external for user to base/wrap if desired 2014-07-01 09:27:31 -07:00
Chris Conlon
ee0d989c24 add sizeof ints back to certs_test.h, fix cert buffer usage in benchmark.c 2014-07-01 09:38:12 -06:00
Chris Conlon
3ea0f7b4ab add key/cert buffers for CA cert, server key/cert 2014-07-01 08:58:47 -06:00
toddouska
f2de04ae46 Merge branch 'master' into ti 2014-06-26 08:57:35 -06:00
Moisés Guimarães
9339d7d5b1 add support to TLS extensions in DTLS 2014-06-25 13:26:42 -03:00
toddouska
a6ea32461d Merge branch 'master' into ti 2014-06-20 14:48:53 -07:00
toddouska
e6d9151f47 add user cert chain functionality at SSL level instead of just CTX 2014-06-20 10:49:21 -07:00
toddouska
a319354e92 Merge branch 'master' into ti 2014-06-20 09:24:11 -07:00
toddouska
6371b3c262 send ecdsa_sign for client cert request type is sig algo ecdsa 2014-06-20 09:22:40 -07:00
toddouska
9a180b0ec8 Merge branch 'master' into ti 2014-06-16 11:05:20 -07:00
John Safranek
33fb679334 fix small config bug between AES-GCM and AES-CCM 2014-06-15 13:59:33 -07:00
toddouska
e30e1c40f7 Merge branch 'master' into ti 2014-06-11 11:57:11 -07:00
toddouska
ddf5924b3b add error code for hmac min key len in new error range 2014-06-11 11:56:17 -07:00
toddouska
b3abbbb0ce make more room for wolfCrypt error range 2014-06-11 11:50:14 -07:00
toddouska
aad204428f fips mode hmac min key length for 2014 requirements 2014-06-11 11:43:17 -07:00
toddouska
c6740feee7 Merge branch 'master' into ti 2014-06-09 12:57:43 -07:00
toddouska
e0c5c89bf6 add sanity check on send callback sent value 2014-06-09 12:55:17 -07:00
toddouska
f4c96c68c9 Merge branch 'master' into ti 2014-06-05 17:55:56 -07:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
e4c33cb51e Merge branch 'master' into ti 2014-06-04 08:08:52 -07:00
Joseph Spadavecchia
3d94a41740 Increased max AltName buffer size (for cert generation) 2014-06-03 10:58:22 +01:00
toddouska
65ad0c987b Merge branch 'master' into ti 2014-05-30 17:06:36 -07:00
toddouska
66eb3caac5 bump dev version 2014-05-30 17:02:30 -07:00
toddouska
a920795665 Merge branch 'master' into ti 2014-05-30 16:57:15 -07:00
toddouska
5b7a5fe0bb Merge branch 'master' of github.com:cyassl/cyassl 2014-05-30 16:56:28 -07:00
toddouska
0f311adb2c if icc doesn't have 128bit type on x64 don't use it 2014-05-30 16:54:09 -07:00
John Safranek
b60a61fa94 DHE-PSK cipher suites 
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
 * TLS_DHE_PSK_WITH_NULL_SHA256
 * TLS_DHE_PSK_WITH_NULL_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CCM
 * TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
 2014-05-30 11:26:48 -07:00
toddouska
71a5aeeb81 Merge branch 'master' into ti 2014-05-28 17:37:48 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00
toddouska
8a0fbcb83e Merge branch 'master' into ti 2014-05-28 13:06:51 -07:00
Chris Conlon
7e13e414cb rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts 2014-05-28 10:28:01 -06:00
toddouska
21ebf9485d Merge branch 'master' into ti 2014-05-28 08:39:11 -07:00
Moisés Guimarães
263d3439d9 DecodedCert: 
* add structure fields to persist encoding format of subject parts;
* set default encoding formats at InitDecodedCert;
* retrieve encoding format from buffer at GetName;
* copy encoding format from DecodedCert to CertName at SetNameFromCert.
 2014-05-23 15:48:50 -03:00
Moisés Guimarães
e517459f89 CertName: 
* add structure fields to persist encoding format;
 * set default encoding formats at InitCert;
 * add function to retrieve encoding format of a specific field based on it's id.
 2014-05-23 11:11:46 -03:00
toddouska
e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
toddouska
15d3d3f790 fix visual studio 64 warnings 2014-05-20 14:31:26 -07:00
John Safranek
b46b8516ae Merge branch 'master' of github.com:cyassl/cyassl 2014-05-20 14:11:58 -07:00
John Safranek
12841e6093 fix integration bugs with new suites 2014-05-20 14:07:08 -07:00
toddouska
fc084e9978 Merge branch 'master' into ti 2014-05-20 13:46:27 -07:00
toddouska
3d803653c6 add visual studio 64 project files to autoconf, fix distclcean 2014-05-20 13:45:11 -07:00
John Safranek
74712b4e71 1. Added the following cipher suites: 
* TLS_PSK_WITH_AES_128_GCM_SHA256
 * TLS_PSK_WITH_AES_256_GCM_SHA384
 * TLS_PSK_WITH_AES_256_CBC_SHA384
 * TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
 2014-05-19 21:44:04 -07:00
toddouska
e024c8af41 Merge branch 'master' into ti 2014-05-15 10:37:15 -07:00
John Safranek
5ab2ccfa96 Added FIPS wrappers for the DRBG and improved CTaoCrypt test. 2014-05-14 15:25:55 -07:00
toddouska
f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska
ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
toddouska
6ea8f6cb17 Merge branch 'master' into ti 2014-05-13 16:05:51 -07:00
toddouska
aa5234ae0e fix des return values for ecb and plain cbc, allow errors 2014-05-13 16:04:52 -07:00
toddouska
d92869067c Merge branch 'master' into ti 2014-05-13 15:52:33 -07:00
toddouska
0a8804b3f8 add freescale mmcau hardware crypto alignment requirement, error out if not met 2014-05-13 15:51:35 -07:00
toddouska
28b6c5b998 Merge branch 'master' into ti 2014-05-12 14:02:22 -07:00
toddouska
7f938f3bdf Merge pull request #80 from kojo1/MDK5 
MDK5 sw pack 3.0.0
 2014-05-12 14:01:42 -07:00
toddouska
a3a12a7010 merge resolution in io.c 2014-05-12 13:36:20 -07:00
toddouska
8c9c257921 Merge pull request #79 from kojo1/IAR 
sample projects for IAR EWARM

Why is SINGLE_THREADED assumed for IAR with ARM?
 2014-05-12 13:28:02 -07:00
toddouska
4c8d94023b Merge branch 'master' into ti 2014-05-09 14:50:44 -07:00
toddouska
7fcaa03436 Merge pull request #75 from kojo1/ColdFire 
ColdFire SEC, PIC32 updates
 2014-05-09 14:41:40 -07:00
toddouska
34f2e51415 remove extra spaces from ti cyassl proper files 2014-05-09 11:55:59 -07:00
Vikram Adiga
f643ca5f48 Added TI-RTOS support for CyaSSL tests 2014-05-08 15:52:20 -07:00
Vikram Adiga
5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
John Safranek
72e9ea8e4b added Hash DRBG as configure option 2014-05-07 11:54:12 -07:00
Takashi Kojo
eeb2e28f54 Sync with 3.0.0 2014-05-05 09:45:25 +09:00
John Safranek
fd707ebafb Hash_DRBG refactoring 
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
 2014-05-02 15:35:10 -07:00
Takashi Kojo
35d5b66d2c Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-02 09:32:55 +09:00
Takashi Kojo
b680e62832 set up Simulator 2014-05-02 09:31:22 +09:00
toddouska
5ff0336491 add custom kqueue event for crl monitor shutdown 2014-05-01 09:28:33 -07:00
Takashi Kojo
fb00110b77 CyaSSL library project and README 2014-05-01 17:03:01 +09:00
Takashi Kojo
3de36b106e Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-01 14:33:49 +09:00
Takashi Kojo
169c0eee20 IAR EWARM project: test, benchmark 2014-05-01 14:29:09 +09:00
John Safranek
838d9ea780 bump dev version, update README for v3.0.0 2014-04-29 10:45:01 -07:00
John Safranek
70dee7e190 Added the directoryName comparison to the name constraint checks. 2014-04-28 13:29:44 -07:00
John Safranek
618d282d94 Decodes the Name Constraints certificate extension on the CA cert 
and checks the names on the peer cert, rejecting it if invalid
based on the name.
 2014-04-28 11:03:24 -07:00
Takashi Kojo
6e3bbd135e des3.h 2014-04-25 14:21:28 +09:00
Takashi Kojo
2460679718 des3.h 2014-04-25 14:11:56 +09:00
Takashi Kojo
41199a480d ColdFire SEC, fix cache control in aes, des3 driver 2014-04-23 16:56:37 +09:00