John Safranek
831d9cf640
SEP Profile
...
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4
SEP Profile
...
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
toddouska
505b1a8a67
fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size
2013-07-25 15:59:09 -07:00
Moisés Guimarães
55401c13dd
Truncated HMAC first part (protocol). Extension processing will be coded later.
2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457
add IOCb Ctx getters
2013-07-22 11:01:00 -07:00
John Safranek
43f320d5e2
SEP Extensions
...
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
device type.
4. Copy an other type Alt Name extension into the cert as the
hwType and hwSerialNumber, if the alt name has a
hardwareModuleName OID.
2013-07-09 13:23:56 -07:00
Moisés Guimarães
593e466a44
limiting max_fragment API for client side only.
2013-07-01 10:13:43 -03:00
toddouska
98e6ad3ee9
add comverge switch for settings
2013-06-27 10:28:58 -07:00
toddouska
307c71d9cb
add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake
2013-06-27 10:26:04 -07:00
toddouska
d0c2e9b7a2
switch comverge settings to ecc by default
2013-06-26 17:05:30 -07:00
toddouska
87eb94b7c4
Merge branch 'master' of github.com:cyassl/cyassl
2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f
add NetX default IO context handling
2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5
Make alert description and level enumerations public.
2013-06-21 14:56:42 -07:00
Moisés Guimarães
4502716fc4
Merge branch 'master' of https://github.com/cyassl/cyassl
2013-06-19 17:04:43 -03:00
Moisés Guimarães
5f3ee80407
added:
...
- max fragment length extension;
- CyaSSL_SNI_GetRequest() to get client's request at server side;
- Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska
85d25798a5
update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing
2013-06-17 14:48:51 -07:00
toddouska
a1f25a9299
release 2.7.0 init
2013-06-17 12:06:37 -07:00
toddouska
8c70b11528
add newSession flag to SetServerID to do full handshake w/ new session
2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10
differentiate between THREADX and RTP_SYS
2013-06-14 13:45:25 -07:00
toddouska
33a7d7481d
Merge branch 'master' of github.com:cyassl/cyassl
2013-06-03 14:57:40 -07:00
toddouska
ae84982777
add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create()
2013-06-03 14:56:37 -07:00
Moisés Guimarães
f1d1898ddf
Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
...
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee
changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH
2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614
Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch)
...
Exposed SNI Type at ssl.h
2013-05-30 15:26:41 -03:00
toddouska
8df0e43384
fix merge differences from this week
2013-05-22 15:50:13 -07:00
toddouska
d2003bb8b7
merge in sni
2013-05-21 14:37:50 -07:00
John Safranek
b347df8d9a
DTLS rx size check, ssn10
...
Allows for receiving datagrams larger than the MTU that are reassembled
by the IP stack.
2013-05-21 13:52:22 -07:00
toddouska
fd5937b599
MDK-ARM updates
2013-05-20 17:56:27 -07:00
toddouska
7693b4282a
turn on large static buffers for callbacks, easier for user
2013-05-20 12:46:54 -07:00
Chris Conlon
a4c6ed0dda
add support for Microchip TCP/IP 6.0 beta
2013-05-17 10:59:18 -06:00
toddouska
dcf88daae7
fix KEIL warnings
2013-05-17 09:49:46 -07:00
toddouska
cfdfa7b2b3
pull in Kojo MDK-ARM projects, changes
2013-05-16 09:47:27 -07:00
Chris Conlon
091c7a7ef3
separate STM32F2 hardware hash support, disable by default
2013-05-15 10:48:35 -06:00
John Safranek
ac716c96d3
Output buffer size check when sending transmit pool.
...
1. Added a call to CheckAvailableSize() when sending the DTLS transmit pool.
2. Rename CheckAvailableSize().
2013-05-13 12:32:47 -07:00
toddouska
32705fb380
make sure pwdbased w/o fastmath works like fastmath define wise
2013-05-10 11:00:37 -07:00
toddouska
8f0b695249
fix leanpsk build with keep cert / session cert
2013-05-09 15:29:25 -07:00
toddouska
47b468d14f
add dtls recv timeout max user setting too
2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4
add user setting for dtls recv timeout init value
2013-05-07 16:14:26 -07:00
toddouska
a7228d0463
Merge branch 'master' of github.com:cyassl/cyassl
2013-05-02 11:35:56 -07:00
toddouska
a0c630b4ee
add cert cache persistence
2013-05-02 11:34:26 -07:00
Chris Conlon
864f0468aa
Cygwin/Mingw64 fixes
2013-05-01 14:17:11 -06:00
toddouska
bc1a6282eb
bump dev version
2013-04-30 12:56:28 -07:00
John Safranek
d2d25b9b83
refine the SKID/AKID support
2013-04-29 17:09:15 -07:00
toddouska
5a1886656a
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-29 14:23:22 -07:00
toddouska
5c4fdb30ad
add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid
2013-04-29 14:22:32 -07:00
John Safranek
87048698e5
use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes.
2013-04-29 12:08:16 -07:00
toddouska
791767e026
make sure unloadcas works w/o filesystem
2013-04-26 10:28:30 -07:00
toddouska
411a096b2b
add memory versions of session cache save/restore
2013-04-25 17:23:58 -07:00
toddouska
05dd84598b
turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11
2013-04-25 15:36:33 -07:00
toddouska
9dbf6a5e10
fix Signer hash size w/o SHA, fix GetCA caList b4 lock
2013-04-25 14:47:09 -07:00