Moisés Guimarães
513ea4d38a
add SNI_UNSUPPORTED for better handling SSL 3.0 buffers on CyaSSL_SNI_GetFromBuffer()
2014-12-08 17:31:37 -03:00
toddouska
15bffb2a1e
prepare 3.3.0 release
2014-12-05 09:37:19 -08:00
toddouska
51ffb84e11
fix build errors when compiler is C++
2014-12-04 17:16:39 -08:00
toddouska
09d290f552
allow user to set session timeout at compile time w/ CYASSL_SESSION_TIMEOUT
2014-12-02 10:28:47 -08:00
John Safranek
1742e0ddb6
Merge in the ADH-AES128-SHA changes and add a check for it during the
...
packet order sanity checking.
2014-12-01 11:44:32 -08:00
toddouska
1f8d84553c
add server_ready file to externally monitor example server for ready to accept, -r option
2014-11-26 12:13:47 -08:00
toddouska
a352908c61
fix optimized fastmath read digit for explicit 32bit digits
2014-11-24 10:00:13 -08:00
Vikram Adiga
9fd6e680a2
Removed extra comma to avoid TI compiler warnings.
2014-11-17 15:58:19 -08:00
toddouska
57522d217b
disallow basic server fast forwards during handshake
2014-11-17 15:25:49 -08:00
toddouska
31858d2a34
move gotChangeCipher from options into msgsReceived
2014-11-17 13:11:45 -08:00
toddouska
5318b243ba
add messages received framework, disallow duplicates
2014-11-17 12:55:07 -08:00
toddouska
de388bf37f
version 3.2.6
2014-11-14 11:49:14 -08:00
toddouska
6c2a238c9b
bump version
2014-11-13 10:19:03 -08:00
toddouska
730cede82d
add HAVE_FORCE_FIPS_FAILURE for operational testing
2014-11-12 17:09:16 -08:00
John Safranek
6944eb69f6
added error code for AESGCM FIPS KAT test error
2014-11-10 15:38:41 -08:00
toddouska
eda2103dc3
add size check to fips core hash gen
2014-11-07 16:43:32 -08:00
toddouska
e6e24d92fb
Merge branch 'master' of github.com:cyassl/cyassl
2014-11-07 16:23:56 -08:00
toddouska
81fd594c9f
add fips get status functions
2014-11-07 16:23:19 -08:00
Chris Conlon
4d819dea87
fix hashType warning on Linux
2014-11-07 17:19:11 -07:00
Chris Conlon
71da84122f
expose EncodeSignature() for DER-encoded comparisons
2014-11-07 16:33:38 -07:00
Chris Conlon
233bca3346
add RsaPublicKeyDecodeRaw() to load key from existing n, e
2014-11-07 15:24:02 -07:00
toddouska
f11d2c435d
add fips continuous test error code/msg
2014-11-06 14:56:11 -08:00
toddouska
322f79f521
allow user to set minimum downgrade version with v23 methods()
2014-11-03 15:12:48 -08:00
toddouska
d9f5ada772
add external wrappers for TLS Master Secret generation and Key Expansion
2014-11-03 09:56:40 -08:00
toddouska
02f7c71222
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-31 13:24:29 -07:00
toddouska
0f641e07a2
remove old client hello processing by default, can turn on with OLD_HELLO_ALLOWED, add sanity checks before size front alloc
2014-10-31 13:23:50 -07:00
Chris Conlon
2fe0d9b38d
update RNG_HealthTest to output generated bits
2014-10-31 14:05:13 -06:00
toddouska
7fed36b09d
explicit check for change cipher before finished instead of encryptionOn implicit
2014-10-29 14:07:41 -07:00
toddouska
a4228740f5
add FIPS pos errors and messages, better output for in core check and how to fix
2014-10-28 14:21:55 -07:00
toddouska
247bef6be3
add fips pos cb for fail codes, generated hash
2014-10-28 14:03:58 -07:00
toddouska
c982dd2281
allow aes gcm fips wrappers, no void returns
2014-10-27 15:52:22 -07:00
John Safranek
bf718a7d51
Added a callback function to set the master secret on the client
2014-10-24 15:26:47 -07:00
Daniele Lacamera
fde4d56845
Updated picoTCP support, based on newer HTTPS demo
2014-10-22 12:11:31 +02:00
Chris Conlon
50a00d4ff0
add PicoTCP support
2014-10-21 15:43:43 -06:00
John Safranek
e35e02a283
Added SNI named keys to the sniffer.
2014-10-21 12:22:12 -07:00
John Safranek
35bcc98948
Added a callback when receiving a NewSessionTicket handshake message.
2014-10-20 09:25:14 -07:00
John Safranek
60790ee4ae
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-16 22:01:55 -07:00
John Safranek
b2f25cd91c
1. Added accessors for session tickets.
...
2. Fixed client case when server doesn't want to resume session with ticket.
2014-10-16 22:00:13 -07:00
Moisés Guimarães
e98eb1ba4d
Adds sessionIDSz to CYASSL_SESSION and Arrays.
2014-10-13 23:16:11 -03:00
toddouska
08cdf91761
bump version
2014-10-13 14:44:39 -07:00
toddouska
54049c6000
allow dhe 4096bit for ssl key exchange
2014-10-07 15:50:33 -07:00
toddouska
c65b14a891
add scr check against subject hash, only allow explicit session ticket resupmtion during scr
2014-10-06 16:12:45 -07:00
John Safranek
7c67a9261c
trimmed some unused code for session tickets
2014-10-06 12:44:52 -07:00
John Safranek
954740e2a8
Added check for expected session ticket
2014-10-04 12:41:51 -07:00
John Safranek
80a474ebad
1. Fixed encoding of session ticket hello extension.
...
2. Session tickets used as alternative resumption.
2014-10-03 13:19:59 -07:00
John Safranek
9dbc1d2d00
Parse the NewSessionTicket handshake message
2014-10-01 16:28:01 -07:00
toddouska
8e96234513
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-01 09:45:57 -07:00
toddouska
41647e441a
preview scr
2014-10-01 09:44:24 -07:00
Moisés Guimarães
ee68797cf1
Adds a flag to tell the handshake framework to expect a session ticket.
2014-09-30 18:50:19 -03:00
Moisés Guimarães
a937040087
Adds Session Ticket TLS Extension handling.
...
New Session Ticket Handshake Message handling is still needed for Session Tickets to work.
2014-09-30 09:30:23 -03:00
toddouska
dcde28db51
add server initiated scr
2014-09-29 14:48:49 -07:00
toddouska
369b7559c5
fix session ticket warnings
2014-09-26 16:16:11 -07:00
Moisés Guimarães
c340d78c93
adds SESSION_TICKET extension id.
...
adds HAVE_TLS_EXTENSIONS as a dependency to HAVE_SECURE_RENEGOTIATION
reduces tlsx semaphore from 16 to 8 bytes (128 flags to 64 flags).
refactors ConvertExtType() to TLSX_ToSemaphore() for a better name and behavior. Now the overflowing flags are set backwards from the end of the flags to avoid collisions.
2014-09-26 16:01:50 -03:00
Jacob Barthelmeh
f5a95a9f62
struct for one time authentication ciphers
2014-09-25 16:19:50 -06:00
toddouska
0c20584ed3
add client side initiated secure r, same specs
2014-09-24 18:48:23 -07:00
toddouska
74c6f35766
new handShakeDone flag to allow app data during scr
2014-09-24 13:10:01 -07:00
toddouska
21f46373f3
delay SetKeys() with SetKeysSide() until last possible moment, needed for scr
2014-09-24 11:27:13 -07:00
Moisés Guimarães
d9472d65da
ssl: refactoring ProcessBuffer to reduce stack usage:
...
--- variable password moved to the heap (80 bytes saved)
--- variable key moved to the heap (32 bytes saved)
--- variable iv moved to the heap (16 bytes saved)
--- variable Des moved to the heap (sizeof(Des) saved)
--- variable Des3 moved to the heap (sizeof(Des3) saved)
--- variable Aes moved to the heap (sizeof(Aes) saved)
--- variable RsaKey moved to the heap (sizeof(RsaKey) saved)
Utility functions added to Des, Des3 and Aes for easier decryption.
2014-09-22 11:37:36 -03:00
Moisés Guimarães
d61af5d9ae
adds record_overflow alert used by max_fragment_length tls extension.
2014-09-18 21:53:10 -03:00
toddouska
a735a52608
switch to extensions secure r state
2014-09-16 17:26:57 -07:00
Moisés Guimarães
d80e820654
Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions.
...
Adds SecureRenegotiation functions
2014-09-16 20:33:17 -03:00
Moisés Guimarães
32cea012d9
Adds secure renegotiation TLSX_Type, structure and enabler function.
2014-09-16 20:21:29 -03:00
toddouska
4bb20612a1
move secure r inside of tls extensions
2014-09-16 12:42:13 -07:00
toddouska
9a90a0c113
save secure r verify data
2014-09-16 11:51:13 -07:00
toddouska
996418c383
add secure reneg state variables
2014-09-15 15:18:01 -07:00
Chris Conlon
7ea5d6c509
bump version to 3.2.0
2014-09-10 16:46:39 -06:00
toddouska
2c595139db
fix tirtos merge
2014-09-08 19:40:03 -07:00
toddouska
ca3f879907
Merge branch 'master' of github.com:cyassl/cyassl
2014-09-08 11:35:06 -07:00
toddouska
9e40e967a0
add ecc key to DER, make sure ctaocrypt test errors always caught at make check level
2014-09-08 11:33:06 -07:00
Moisés Guimarães
d6b4f85d7c
Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList()
2014-09-08 15:03:30 -03:00
Chris Conlon
422a2b8be8
change word type to cyassl_word to prevent conflicts with some toolchains
2014-09-05 10:17:24 -06:00
John Safranek
1a88e9fbdc
Added function to flatten the RSA public key to a pair of byte arrays
2014-09-03 23:10:10 -07:00
Moisés Guimarães
8bb52380a8
TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList.
...
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
2014-09-01 18:35:30 -03:00
toddouska
03800a9df4
Merge branch 'keycomp'
2014-08-29 14:34:44 -07:00
toddouska
3072edb696
add compressed key support
2014-08-29 14:25:58 -07:00
Chris Conlon
7e7cbdc715
add raw ECC key import functionality and tests
2014-08-29 10:46:25 -06:00
John Safranek
496228e5b0
Merge branch 'master' of github.com:cyassl/cyassl
2014-08-19 22:38:42 -07:00
John Safranek
100f0e8a96
Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.)
2014-08-19 22:38:04 -07:00
toddouska
87564bdffe
get_cipher fixes
2014-08-15 10:56:38 -07:00
toddouska
aaf4e74453
Merge https://github.com/ShaneIsrael/cyassl into shane
2014-08-15 10:03:50 -07:00
ShaneIsrael
57f2affe20
Added GetCipherName() which takes an index
2014-08-13 09:46:13 -06:00
JacobBarthelmeh
856aab7f30
add fuzzer CYASSL* and fuzzer ctx
2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2
Added CyaSSL_get_ciphers() and necessary functions
2014-08-12 16:17:36 -06:00
JacobBarthelmeh
6620df2e4e
Merge remote-tracking branch 'upstream/master'
2014-08-12 13:03:55 -06:00
JacobBarthelmeh
a18602951b
record header fuzz
2014-08-12 11:56:20 -06:00
Kaleb Himes
20f8493046
All encryptions work. settings.h generic, allow end user mod
2014-08-12 10:41:11 -06:00
JacobBarthelmeh
5c72bf6272
fuzzer callbacks
2014-08-11 16:29:19 -06:00
toddouska
0919a2927c
fix digest sizes in internal.h
2014-08-06 06:53:24 -07:00
toddouska
9429f07a8a
add MD5_DIGEST_SZ to NO_MD5 for non no-old-tls build types that still need it
2014-08-05 13:41:55 -07:00
toddouska
7a95bc452d
Merge branch 'master' into ti
2014-07-29 16:20:57 -07:00
John Safranek
e9297f092d
updated HashDRBG so private data not available via struct declaration in header file
2014-07-29 15:19:51 -07:00
toddouska
aba16ae239
Merge branch 'master' into ti
2014-07-24 20:15:18 -07:00
JacobBarthelmeh
3f2ee0801a
declaration locations for ARM
2014-07-24 18:59:39 -06:00
toddouska
063e5cec80
Merge branch 'master' into ti
2014-07-21 16:38:38 -07:00
toddouska
cc72a50cee
bump dev version
2014-07-21 16:28:57 -07:00
toddouska
a73a160aaf
Merge branch 'master' into ti
2014-07-21 16:26:39 -07:00
toddouska
3bfd0bbf3b
fixup some chacah-poly suite things including a valgrind error
2014-07-21 16:20:17 -07:00
JacobBarthelmeh
3c27deb9d0
merge
2014-07-21 13:50:22 -06:00
JacobBarthelmeh
726cc3e3a4
sanity check and recent cyassl release
2014-07-18 14:42:45 -06:00
JacobBarthelmeh
7cb65d8b3d
asthetics
2014-07-17 15:33:48 -06:00