mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
13,238 Commits 5 Branches 162 Tags 807 MiB
4b47bf7b4e
Commit Graph

1008 Commits

Author SHA1 Message Date
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions. 
Adds SecureRenegotiation functions
 2014-09-16 20:33:17 -03:00
Moisés Guimarães
32cea012d9 Adds secure renegotiation TLSX_Type, structure and enabler function. 2014-09-16 20:21:29 -03:00
toddouska
4bb20612a1 move secure r inside of tls extensions 2014-09-16 12:42:13 -07:00
toddouska
9a90a0c113 save secure r verify data 2014-09-16 11:51:13 -07:00
toddouska
996418c383 add secure reneg state variables 2014-09-15 15:18:01 -07:00
Chris Conlon
7ea5d6c509 bump version to 3.2.0 2014-09-10 16:46:39 -06:00
toddouska
2c595139db fix tirtos merge 2014-09-08 19:40:03 -07:00
toddouska
ca3f879907 Merge branch 'master' of github.com:cyassl/cyassl 2014-09-08 11:35:06 -07:00
toddouska
9e40e967a0 add ecc key to DER, make sure ctaocrypt test errors always caught at make check level 2014-09-08 11:33:06 -07:00
Moisés Guimarães
d6b4f85d7c Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList() 2014-09-08 15:03:30 -03:00
Chris Conlon
422a2b8be8 change word type to cyassl_word to prevent conflicts with some toolchains 2014-09-05 10:17:24 -06:00
John Safranek
1a88e9fbdc Added function to flatten the RSA public key to a pair of byte arrays 2014-09-03 23:10:10 -07:00
Moisés Guimarães
8bb52380a8 TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList. 
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
 2014-09-01 18:35:30 -03:00
toddouska
03800a9df4 Merge branch 'keycomp' 2014-08-29 14:34:44 -07:00
toddouska
3072edb696 add compressed key support 2014-08-29 14:25:58 -07:00
Chris Conlon
7e7cbdc715 add raw ECC key import functionality and tests 2014-08-29 10:46:25 -06:00
John Safranek
496228e5b0 Merge branch 'master' of github.com:cyassl/cyassl 2014-08-19 22:38:42 -07:00
John Safranek
100f0e8a96 Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.) 2014-08-19 22:38:04 -07:00
toddouska
87564bdffe get_cipher fixes 2014-08-15 10:56:38 -07:00
toddouska
aaf4e74453 Merge https://github.com/ShaneIsrael/cyassl into shane 2014-08-15 10:03:50 -07:00
ShaneIsrael
57f2affe20 Added GetCipherName() which takes an index 2014-08-13 09:46:13 -06:00
JacobBarthelmeh
856aab7f30 add fuzzer CYASSL* and fuzzer ctx 2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2 Added CyaSSL_get_ciphers() and necessary functions 2014-08-12 16:17:36 -06:00
JacobBarthelmeh
6620df2e4e Merge remote-tracking branch 'upstream/master' 2014-08-12 13:03:55 -06:00
JacobBarthelmeh
a18602951b record header fuzz 2014-08-12 11:56:20 -06:00
Kaleb Himes
20f8493046 All encryptions work. settings.h generic, allow end user mod 2014-08-12 10:41:11 -06:00
JacobBarthelmeh
5c72bf6272 fuzzer callbacks 2014-08-11 16:29:19 -06:00
toddouska
0919a2927c fix digest sizes in internal.h 2014-08-06 06:53:24 -07:00
toddouska
9429f07a8a add MD5_DIGEST_SZ to NO_MD5 for non no-old-tls build types that still need it 2014-08-05 13:41:55 -07:00
toddouska
7a95bc452d Merge branch 'master' into ti 2014-07-29 16:20:57 -07:00
John Safranek
e9297f092d updated HashDRBG so private data not available via struct declaration in header file 2014-07-29 15:19:51 -07:00
toddouska
aba16ae239 Merge branch 'master' into ti 2014-07-24 20:15:18 -07:00
JacobBarthelmeh
3f2ee0801a declaration locations for ARM 2014-07-24 18:59:39 -06:00
toddouska
063e5cec80 Merge branch 'master' into ti 2014-07-21 16:38:38 -07:00
toddouska
cc72a50cee bump dev version 2014-07-21 16:28:57 -07:00
toddouska
a73a160aaf Merge branch 'master' into ti 2014-07-21 16:26:39 -07:00
toddouska
3bfd0bbf3b fixup some chacah-poly suite things including a valgrind error 2014-07-21 16:20:17 -07:00
JacobBarthelmeh
3c27deb9d0 merge 2014-07-21 13:50:22 -06:00
JacobBarthelmeh
726cc3e3a4 sanity check and recent cyassl release 2014-07-18 14:42:45 -06:00
JacobBarthelmeh
7cb65d8b3d asthetics 2014-07-17 15:33:48 -06:00
JacobBarthelmeh
b77a1fdbbb refactoring 2014-07-17 15:00:40 -06:00
JacobBarthelmeh
7eb8f571ed reverse compatibility 2014-07-16 14:55:38 -06:00
toddouska
a26f9b9068 Merge branch 'master' into ti 2014-07-16 13:55:31 -07:00
toddouska
99f6fd8450 have explicit Rsa Padding error 2014-07-16 13:52:31 -07:00
Chris Conlon
237bde7918 bump version to 3.1.0 2014-07-15 10:50:45 -06:00
Chris Conlon
54b02c3979 fix order of variables in myDateCb for Windows/VS 2014-07-15 09:39:37 -06:00
Kaleb Himes
15f432c521 updated certs 2014-07-11 13:55:10 -06:00
JacobBarthelmeh
e62fbdd49f added ECDSA and DHE_RSA support for chacha-poly 2014-07-10 16:35:56 -06:00
JacobBarthelmeh
c322cb05ad uses most recent version of cyassl 2014-07-10 11:18:49 -06:00
toddouska
7c608af579 Merge branch 'master' into ti 2014-07-09 17:48:35 -07:00
JacobBarthelmeh
fb25db9c28 progress on suite 2014-07-09 15:48:40 -06:00
Moisés Guimarães
f8cf3bf853 remove stack reduction macros 2014-07-08 10:51:27 -03:00
toddouska
4ed9b3fa33 Merge branch 'master' into ti 2014-07-07 10:32:52 -07:00
Moisés Guimarães
de14fac069 add hash utility functions to promote cleaner code, smaller footprint, centralized logs and error handling. 2014-07-04 09:17:18 -03:00
Moisés Guimarães
a281c6bc6c asn: refactoring ConfirmSignature to reduce stack usage: 
--- variable digest moved to the heap (20..64 bytes saved)
--- variable pubKey moved to the heap (sizeof(RsaKey) bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
--- variable plain moved to the heap (512 bytes saved)
--- variable pubKey moved to the heap (sizeof(ecc_key) bytes saved)
--- variable md2 moved to the heap (sizeof(Md2) bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) bytes saved)
--- variable sha moved to the heap (sizeof(Sha) bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) bytes saved)
--- variable sha384 moved to the heap (sizeof(Sha384) bytes saved)
--- variable sha512 moved to the heap (sizeof(Sha512) bytes saved)

fix - In some cases, the function was returning error codes, that could be interpreted as a false positive.
 2014-07-04 09:17:17 -03:00
Moisés Guimarães
b875f6f631 add stack reduction macros 2014-07-04 09:17:17 -03:00
toddouska
61e989ed99 Merge branch 'master' into ti 2014-07-03 11:34:15 -07:00
toddouska
2d63c559cc dh now disabled by default but can be enabled w/o opensslextra 2014-07-03 11:32:24 -07:00
toddouska
cc74206f9c Merge branch 'master' into ti 2014-07-02 20:06:49 -07:00
toddouska
cac799f683 add optional ecc ctx info 2014-07-02 16:59:45 -07:00
toddouska
6817e3cd2e Merge branch 'master' into ti 2014-07-02 16:31:55 -07:00
toddouska
be402277e0 add override cert date example for bad clock testing 2014-07-02 12:07:25 -07:00
JacobBarthelmeh
53c63dd257 progress on suite 2014-07-01 16:08:52 -06:00
JacobBarthelmeh
5bf411f345 progress on suite 2014-07-01 14:16:44 -06:00
toddouska
1122f2a399 master merge resolve 2014-07-01 11:58:33 -07:00
toddouska
4eebba8162 Merge branch 'master' of github.com:cyassl/cyassl 2014-07-01 09:28:40 -07:00
toddouska
c957e9a909 make default I/O callbacks external for user to base/wrap if desired 2014-07-01 09:27:31 -07:00
Chris Conlon
ee0d989c24 add sizeof ints back to certs_test.h, fix cert buffer usage in benchmark.c 2014-07-01 09:38:12 -06:00
Chris Conlon
3ea0f7b4ab add key/cert buffers for CA cert, server key/cert 2014-07-01 08:58:47 -06:00
toddouska
f2de04ae46 Merge branch 'master' into ti 2014-06-26 08:57:35 -06:00
Moisés Guimarães
9339d7d5b1 add support to TLS extensions in DTLS 2014-06-25 13:26:42 -03:00
toddouska
a6ea32461d Merge branch 'master' into ti 2014-06-20 14:48:53 -07:00
toddouska
e6d9151f47 add user cert chain functionality at SSL level instead of just CTX 2014-06-20 10:49:21 -07:00
toddouska
a319354e92 Merge branch 'master' into ti 2014-06-20 09:24:11 -07:00
toddouska
6371b3c262 send ecdsa_sign for client cert request type is sig algo ecdsa 2014-06-20 09:22:40 -07:00
toddouska
9a180b0ec8 Merge branch 'master' into ti 2014-06-16 11:05:20 -07:00
John Safranek
33fb679334 fix small config bug between AES-GCM and AES-CCM 2014-06-15 13:59:33 -07:00
toddouska
e30e1c40f7 Merge branch 'master' into ti 2014-06-11 11:57:11 -07:00
toddouska
ddf5924b3b add error code for hmac min key len in new error range 2014-06-11 11:56:17 -07:00
toddouska
b3abbbb0ce make more room for wolfCrypt error range 2014-06-11 11:50:14 -07:00
toddouska
aad204428f fips mode hmac min key length for 2014 requirements 2014-06-11 11:43:17 -07:00
toddouska
c6740feee7 Merge branch 'master' into ti 2014-06-09 12:57:43 -07:00
toddouska
e0c5c89bf6 add sanity check on send callback sent value 2014-06-09 12:55:17 -07:00
toddouska
f4c96c68c9 Merge branch 'master' into ti 2014-06-05 17:55:56 -07:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
e4c33cb51e Merge branch 'master' into ti 2014-06-04 08:08:52 -07:00
Joseph Spadavecchia
3d94a41740 Increased max AltName buffer size (for cert generation) 2014-06-03 10:58:22 +01:00
toddouska
65ad0c987b Merge branch 'master' into ti 2014-05-30 17:06:36 -07:00
toddouska
66eb3caac5 bump dev version 2014-05-30 17:02:30 -07:00
toddouska
a920795665 Merge branch 'master' into ti 2014-05-30 16:57:15 -07:00
toddouska
5b7a5fe0bb Merge branch 'master' of github.com:cyassl/cyassl 2014-05-30 16:56:28 -07:00
toddouska
0f311adb2c if icc doesn't have 128bit type on x64 don't use it 2014-05-30 16:54:09 -07:00
John Safranek
b60a61fa94 DHE-PSK cipher suites 
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
 * TLS_DHE_PSK_WITH_NULL_SHA256
 * TLS_DHE_PSK_WITH_NULL_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CCM
 * TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
 2014-05-30 11:26:48 -07:00
toddouska
71a5aeeb81 Merge branch 'master' into ti 2014-05-28 17:37:48 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00
toddouska
8a0fbcb83e Merge branch 'master' into ti 2014-05-28 13:06:51 -07:00
Chris Conlon
7e13e414cb rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts 2014-05-28 10:28:01 -06:00
toddouska
21ebf9485d Merge branch 'master' into ti 2014-05-28 08:39:11 -07:00
Moisés Guimarães
263d3439d9 DecodedCert: 
* add structure fields to persist encoding format of subject parts;
* set default encoding formats at InitDecodedCert;
* retrieve encoding format from buffer at GetName;
* copy encoding format from DecodedCert to CertName at SetNameFromCert.
 2014-05-23 15:48:50 -03:00
Moisés Guimarães
e517459f89 CertName: 
* add structure fields to persist encoding format;
 * set default encoding formats at InitCert;
 * add function to retrieve encoding format of a specific field based on it's id.
 2014-05-23 11:11:46 -03:00
toddouska
e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
toddouska
15d3d3f790 fix visual studio 64 warnings 2014-05-20 14:31:26 -07:00
John Safranek
b46b8516ae Merge branch 'master' of github.com:cyassl/cyassl 2014-05-20 14:11:58 -07:00
John Safranek
12841e6093 fix integration bugs with new suites 2014-05-20 14:07:08 -07:00
toddouska
fc084e9978 Merge branch 'master' into ti 2014-05-20 13:46:27 -07:00
toddouska
3d803653c6 add visual studio 64 project files to autoconf, fix distclcean 2014-05-20 13:45:11 -07:00
John Safranek
74712b4e71 1. Added the following cipher suites: 
* TLS_PSK_WITH_AES_128_GCM_SHA256
 * TLS_PSK_WITH_AES_256_GCM_SHA384
 * TLS_PSK_WITH_AES_256_CBC_SHA384
 * TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
 2014-05-19 21:44:04 -07:00
toddouska
e024c8af41 Merge branch 'master' into ti 2014-05-15 10:37:15 -07:00
John Safranek
5ab2ccfa96 Added FIPS wrappers for the DRBG and improved CTaoCrypt test. 2014-05-14 15:25:55 -07:00
toddouska
f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska
ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
toddouska
6ea8f6cb17 Merge branch 'master' into ti 2014-05-13 16:05:51 -07:00
toddouska
aa5234ae0e fix des return values for ecb and plain cbc, allow errors 2014-05-13 16:04:52 -07:00
toddouska
d92869067c Merge branch 'master' into ti 2014-05-13 15:52:33 -07:00
toddouska
0a8804b3f8 add freescale mmcau hardware crypto alignment requirement, error out if not met 2014-05-13 15:51:35 -07:00
toddouska
28b6c5b998 Merge branch 'master' into ti 2014-05-12 14:02:22 -07:00
toddouska
7f938f3bdf Merge pull request #80 from kojo1/MDK5 
MDK5 sw pack 3.0.0
 2014-05-12 14:01:42 -07:00
toddouska
a3a12a7010 merge resolution in io.c 2014-05-12 13:36:20 -07:00
toddouska
8c9c257921 Merge pull request #79 from kojo1/IAR 
sample projects for IAR EWARM

Why is SINGLE_THREADED assumed for IAR with ARM?
 2014-05-12 13:28:02 -07:00
toddouska
4c8d94023b Merge branch 'master' into ti 2014-05-09 14:50:44 -07:00
toddouska
7fcaa03436 Merge pull request #75 from kojo1/ColdFire 
ColdFire SEC, PIC32 updates
 2014-05-09 14:41:40 -07:00
toddouska
34f2e51415 remove extra spaces from ti cyassl proper files 2014-05-09 11:55:59 -07:00
Vikram Adiga
f643ca5f48 Added TI-RTOS support for CyaSSL tests 2014-05-08 15:52:20 -07:00
Vikram Adiga
5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
John Safranek
72e9ea8e4b added Hash DRBG as configure option 2014-05-07 11:54:12 -07:00
Takashi Kojo
eeb2e28f54 Sync with 3.0.0 2014-05-05 09:45:25 +09:00
John Safranek
fd707ebafb Hash_DRBG refactoring 
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
 2014-05-02 15:35:10 -07:00
Takashi Kojo
35d5b66d2c Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-02 09:32:55 +09:00
Takashi Kojo
b680e62832 set up Simulator 2014-05-02 09:31:22 +09:00
toddouska
5ff0336491 add custom kqueue event for crl monitor shutdown 2014-05-01 09:28:33 -07:00
Takashi Kojo
fb00110b77 CyaSSL library project and README 2014-05-01 17:03:01 +09:00
Takashi Kojo
3de36b106e Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-01 14:33:49 +09:00
Takashi Kojo
169c0eee20 IAR EWARM project: test, benchmark 2014-05-01 14:29:09 +09:00
John Safranek
838d9ea780 bump dev version, update README for v3.0.0 2014-04-29 10:45:01 -07:00
John Safranek
70dee7e190 Added the directoryName comparison to the name constraint checks. 2014-04-28 13:29:44 -07:00
John Safranek
618d282d94 Decodes the Name Constraints certificate extension on the CA cert 
and checks the names on the peer cert, rejecting it if invalid
based on the name.
 2014-04-28 11:03:24 -07:00
Takashi Kojo
6e3bbd135e des3.h 2014-04-25 14:21:28 +09:00
Takashi Kojo
2460679718 des3.h 2014-04-25 14:11:56 +09:00
Takashi Kojo
41199a480d ColdFire SEC, fix cache control in aes, des3 driver 2014-04-23 16:56:37 +09:00
Moisés Guimarães
8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães
32e2d7016f SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation. 2014-04-14 21:36:04 -03:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek
421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
Takashi Kojo
b712380a60 Sync MDK5 Software Pack with 2.9.4 2014-04-11 16:20:12 +09:00
John Safranek
603192f153 Removed an incorrect key use check. 2014-04-10 23:31:43 -07:00
John Safranek
e79ce42ef4 Added checking of the key usage and extended key usage extensions in the 
certificates.
 2014-04-10 16:50:14 -07:00
toddouska
5de34bf987 add client suite verify, detect mismatch early 2014-04-10 14:11:30 -07:00
toddouska
78ebc49bd2 bump dev version 2014-04-10 13:53:01 -07:00
toddouska
a44fb0596a update ecc ccm8 suites to approved cipher suite numbers 2014-04-10 13:18:31 -07:00
toddouska
06faa47001 version bump 2014-04-09 09:51:11 -07:00
Chris Conlon
e84487d121 fix SHA384 define 2014-04-07 10:29:16 -06:00
toddouska
6be3094494 remove debug logging macro left in 2014-04-06 12:45:41 -07:00
toddouska
562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
Chris Conlon
9e02937389 minor EROAD settings adjustments 2014-04-04 12:35:41 -06:00
toddouska
c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska
348f50b4b1 bump dev version 2014-04-01 12:08:18 -07:00
toddouska
4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
Moisés Guimarães
6b9f711de0 DesSetKey refactory to reduce stack usage: 
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
 2014-03-28 12:59:39 -03:00
toddouska
05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska
7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska
e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon
59c1adaf0e version 2.9.2 release 2014-03-27 10:35:57 -06:00
John Safranek
dd61daef70 When saving the signature from a DecodedCert to a CYASSL_X509 only copy 
the signature if it exists.
 2014-03-26 12:01:26 -07:00
toddouska
d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska
18d178f325 add ShaFinal fips mode 2014-03-25 16:20:03 -07:00
toddouska
b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska
3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska
0fd8ca5409 NO_MAIN_DRIVER for settings 2014-03-25 14:10:07 -07:00
toddouska
b6fc109c1d add ecc_ctx_reset() so user can reuse ctx w/o init/free 2014-03-25 12:48:25 -07:00
toddouska
43c6ae3691 no C++ comments 2014-03-25 11:44:00 -07:00
toddouska
fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska
8c5d958a8b add Aes SetIV fips mode 2014-03-24 14:01:36 -07:00
toddouska
0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
toddouska
8889e17489 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 14:50:52 -07:00
toddouska
9fe9276236 finish fips aes w/ tests 2014-03-21 14:49:49 -07:00
John Safranek
e19e2a801d Ext Key Usage 
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
 2014-03-21 09:37:10 -07:00
John Safranek
08ae775406 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 09:34:08 -07:00
toddouska
98c6e3f3af have Base16 Decode on for FIPS tests 2014-03-20 11:38:14 -07:00
toddouska
8bc6bf9424 add lower case support to Base16 decode for better known answer test support, export 2014-03-20 10:31:52 -07:00
John Safranek
1e041abf04 decode Extended Key Usage extension 2014-03-20 10:07:47 -07:00
toddouska
58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska
388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
John Safranek
1ea620cece Merge branch 'master' of github.com:cyassl/cyassl 2014-03-14 16:02:38 -07:00
John Safranek
bcd7f03495 X.509 
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
   extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
 2014-03-14 15:48:33 -07:00
Chris Conlon
a28d0dd276 add EROAD settings 2014-03-14 15:54:21 -06:00
toddouska
4ac70de055 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-13 18:56:07 -07:00
toddouska
b56ecd1842 add enable-iopool , simple I/O pool example using memory overrides 2014-03-13 18:54:51 -07:00
Moisés Guimarães
eba36226dc Boundaries check for DoCertificateRequest. 
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
 2014-03-13 19:14:13 -03:00
Moisés Guimarães
244e335e81 Boundaries check for DoFinished. 
-- added size and totalSz in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- INCOMPLETE_DATA returned in case of buffer overflow (piece smaller than the expected size);
-- removed unnecessary variable idx;
-- fixed the sniffer to adapt to the changes.
 2014-03-13 19:14:13 -03:00
toddouska
2b8ee45a18 change default static buffer size to record header size to prevent memory fragmentation, only adds 8 bytes to SSL 2014-03-13 11:35:14 -07:00
John Safranek
1c35e5929a Merge branch 'master' of github.com:cyassl/cyassl 2014-03-12 15:41:40 -07:00
John Safranek
92c31d81f9 X.509 with unsupported critical extensions should be rejected 2014-03-11 11:50:45 -07:00
Takashi Kojo
5a6e2482da Eliminate unused file. 2014-03-11 12:00:53 +09:00
Takashi Kojo
6235c949b3 PIC32MZ 2014-03-11 11:32:16 +09:00
Takashi Kojo
a9ca608030 Sync with CyaSSL master 2014-03-11 11:22:39 +09:00
Takashi Kojo
6463d34fe7 Roll back native LwIP 2014-03-11 10:59:09 +09:00
Takashi Kojo
3e41d8cecb Merge branch 'PIC32MZ-HWCrypt' 
Conflicts:
	configure.ac
	ctaocrypt/benchmark/benchmark.c
	ctaocrypt/src/asn.c
	ctaocrypt/src/coding.c
	ctaocrypt/src/des3.c
	ctaocrypt/src/md5.c
	ctaocrypt/src/random.c
	ctaocrypt/src/sha.c
	ctaocrypt/src/sha256.c
	cyassl/ctaocrypt/aes.h
	cyassl/ctaocrypt/settings.h
	cyassl/ssl.h
	cyassl/version.h
	examples/server/server.c
	m4/ax_debug.m4
	m4/ax_tls.m4
	mplabx/benchmark_main.c
	mplabx/ctaocrypt_test.X/nbproject/configurations.xml
	mplabx/test_main.c
	src/io.c
	src/ocsp.c
	src/ssl.c
	src/tls.c
	testsuite/testsuite.c
 2014-03-11 10:11:36 +09:00
Takashi Kojo
8ea2eec773 Merge https://github.com/cyassl/cyassl 2014-03-11 09:55:57 +09:00
Takashi Kojo
65dc202356 settings.h for Harmony 2014-03-04 22:57:51 +09:00
Takashi Kojo
e5a51ca516 PIC32MZ Crypt Engine 2014-03-04 22:10:19 +09:00
Takashi Kojo
f5922255b0 Catching up 2.9.0 2014-03-04 22:09:38 +09:00
toddouska
f1597c86b1 fix clang -Wconversion except -Wsign-conversion 2014-03-03 16:46:48 -08:00
toddouska
c39cdbea54 make sure enable-webserver (HAVE_WEBSERVER) can handle password callbacks as well as opensslextra unless NO_PWDBASED defined 2014-03-03 12:18:26 -08:00
toddouska
a50d2e1e21 fix -Wcast-align 2014-03-02 11:47:43 -08:00
Moisés Guimarães
78bab91615 removed duplicated check for INCOMPLETE_DATA 
added new size enums
 2014-02-24 11:26:55 -03:00
Takashi Kojo
5d5a8dbabd client.c for LwIP native socket, v0.2 2014-02-20 15:38:35 +09:00
toddouska
12a1b2faed more settings 2014-02-18 17:46:08 -08:00
toddouska
5421990c80 add ARM to settings 2014-02-18 17:01:27 -08:00
Chris Conlon
85a47b4596 add NO_STDIO_FILESYSTEM to exclude FILE usage from non standard filesystems 2014-02-14 14:57:43 -07:00
Chris Conlon
bc3fc658bb move filesystem abstraction to port.h 2014-02-14 14:46:49 -07:00
toddouska
7959239fb0 bump dev version 2014-02-13 15:15:49 -08:00
Chris Conlon
e3f8b74181 update tyto settings.h 2014-02-12 14:18:23 -07:00
Chris Conlon
cf6eaf219a tyto build - add GenerateSeed, exclude ctype.h, test.h 2014-02-12 13:39:38 -07:00
toddouska
1cf884dccc add enable-certservice, ease of use 2014-02-11 13:08:12 -08:00
John Safranek
594feec68b v2.9.0 release 2014-02-07 12:28:41 -08:00
Takashi Kojo
23bc584caf LwIP, native TCP socket, ver 2 2014-02-04 16:37:50 +09:00
John Safranek
f669e73c8d Merge branch 'master' of github.com:cyassl/cyassl 2014-02-03 14:49:38 -08:00
John Safranek
2758f40a09 For OCSP, when decoding X.509 Auth Info Access record, find the first 
OCSP responder, rather than only looking at the first item.
 2014-02-03 14:39:41 -08:00
Moisés Guimarães
36b5bf0df1 Renaming Elliptic Curves to Supported Curves for better extension representation and avoid confusion. 2014-02-03 16:14:35 -03:00
Takashi Kojo
168985ed9f LwIP native TCP Socket 2014-02-02 18:09:25 +09:00
toddouska
c14bc1a45c fix ecc w/o openssl extra 2014-02-01 11:37:08 -08:00
John Safranek
909b9258d6 Thread safe OCSP. 2014-01-31 16:59:13 -08:00
Moisés Guimarães
9490c0dbaf validating curves 2014-01-31 16:52:14 -03:00
Moisés Guimarães
de6a537896 exporting pkCurve info to ctx and ssl 2014-01-31 16:52:14 -03:00
Moisés Guimarães
70e3d6ddb0 removing missing extensions 2014-01-31 16:52:13 -03:00
Moisés Guimarães
afd38d11cd removing unused curve names. 2014-01-31 16:52:13 -03:00
Moisés Guimarães
75ae9dc973 added external api for Elliptic Curves Extension. 2014-01-31 16:52:13 -03:00
Chris Conlon
42ad70591a prevent XFREE from freeing NULL pointer under Freescale MQX 2014-01-28 10:28:19 -07:00
toddouska
e040e0ba7a fix scep 32 2014-01-27 12:50:29 -08:00
John Safranek
cfa9007199 1. Bumped release version in configure.ac. 
2. Added enable option for SCEP. Enables prereqs.
3. Added CyaSSL_wolfSCEP() for ac to test for CyaSSL SCEP.
 2014-01-27 11:35:43 -08:00
Chris Conlon
43199cd573 PKCS7_DecodeEnvelopedData, only do ParseCert once in PKCS7_InitWithCert 2014-01-23 14:48:18 -07:00
toddouska
45c05ffd30 add non block size AesCtr support 2014-01-23 12:34:27 -08:00
John Safranek
15f94b2f98 1. Resized sample PKCS7 signed data attribute. 
2. Removed unnecessary PKCS7 signed data attribute.
 2014-01-21 11:45:15 -08:00
Moisés Guimarães
8541c2cc97 added renegotiation indication SCSV sending on client hello. 2014-01-21 11:38:59 -03:00
John Safranek
c35a635fd7 Added initial PKCS7_VerifySignedData(). Only saves 
the first included certificate if available.
 2014-01-20 15:52:41 -08:00
John Safranek
28f3a2dc21 Added deallocator function for PKCS7 initializer data. 2014-01-20 10:51:26 -08:00
John Safranek
c4eb5642b1 1. Sign the PKCS#7 with a supplied private key, not 
the single cert's public key.
2. Rename PKCS7 Envelope Data function as
   `PKCS7_EncodeEnvelopedData()`.
3. Encode signed data to check input parameters.
 2014-01-17 14:07:40 -08:00
John Safranek
cf22e49117 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-16 16:19:34 -08:00
John Safranek
264ce75041 1. Split SetTagged into SetExplicit and SetImplicit. 
2. Updated code using SetTagged to use new functions.
 2014-01-16 16:17:17 -08:00
Chris Conlon
a75b95facc more comments to PKCS#7 files 2014-01-16 13:29:37 -07:00
John Safranek
85c5c29e7a Merge branch 'master' of github.com:cyassl/cyassl 
Conflicts:
	ctaocrypt/test/test.c
	cyassl/ctaocrypt/pkcs7.h
 2014-01-15 13:23:26 -08:00
John Safranek
c33a8a890e Added encoding PKCS#7 signed data messages. 2014-01-15 12:31:51 -08:00
Chris Conlon
9f7e33e7e1 add PKCS7_DecodeEnvelopedData() 2014-01-14 22:57:55 -07:00
Chris Conlon
d63c58864f expose more ASN.1 helper functions with CYASSL_LOCAL 2014-01-14 22:48:55 -07:00
Chris Conlon
80c19aaf33 add PKCS7 error codes 2014-01-14 22:46:54 -07:00
toddouska
8a1971d52b add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs 2014-01-14 15:13:43 -08:00
Chris Conlon
f072d92ed8 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-13 13:20:29 -07:00
Chris Conlon
69ffa3a481 add PKCS7_EncodeEnvelopeData() 2014-01-13 13:19:44 -07:00
toddouska
bb6b2e86c6 add base64 encode with esacped line ending, keep existing api intact 2014-01-13 12:17:12 -08:00