Commit Graph

173 Commits

Author SHA1 Message Date
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
Takashi Kojo
fb00110b77 CyaSSL library project and README 2014-05-01 17:03:01 +09:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
Chris Conlon
85a47b4596 add NO_STDIO_FILESYSTEM to exclude FILE usage from non standard filesystems 2014-02-14 14:57:43 -07:00
toddouska
1cf884dccc add enable-certservice, ease of use 2014-02-11 13:08:12 -08:00
Moisés Guimarães
36b5bf0df1 Renaming Elliptic Curves to Supported Curves for better extension representation and avoid confusion. 2014-02-03 16:14:35 -03:00
Moisés Guimarães
9490c0dbaf validating curves 2014-01-31 16:52:14 -03:00
Moisés Guimarães
afd38d11cd removing unused curve names. 2014-01-31 16:52:13 -03:00
Moisés Guimarães
75ae9dc973 added external api for Elliptic Curves Extension. 2014-01-31 16:52:13 -03:00
John Safranek
cfa9007199 1. Bumped release version in configure.ac.
2. Added enable option for SCEP. Enables prereqs.
3. Added CyaSSL_wolfSCEP() for ac to test for CyaSSL SCEP.
2014-01-27 11:35:43 -08:00
toddouska
8a1971d52b add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs 2014-01-14 15:13:43 -08:00
John Safranek
d46c68ba10 Moved OCSP into the CertManager like the CRL. 2013-12-27 12:11:47 -08:00
John Safranek
4ce2e59adf For Atomic user:
1. Added a getter for the session's IV size.
2. The HMAC size getter should return 0 for AEAD ciphers
   and the hash length for the others.
2013-12-23 22:32:08 -08:00
rofl0r
a36c18c27f implement CyaSSL_ERR_reason_error_string
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
  which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
  user to supply storage for them and copying them around.
2013-12-19 19:40:48 +01:00
Chris Conlon
8c7f5817ac NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file 2013-12-11 16:19:09 -08:00
Moisés Guimarães
f8b30b3379 changing variable names to build on Ubuntu. 2013-12-02 15:50:21 -03:00
Moisés Guimarães
ba18f8b03e added new function to retrieve SNI from a buffer. 2013-11-21 21:25:42 -03:00
John Safranek
0fd6aed9b6 Save more decoded data from certificate for later use with X.509 functions. 2013-11-19 14:44:55 -08:00
Takashi Kojo
5a9140fd13 For PIC32MZ 2013-11-12 08:12:01 +09:00
John Safranek
4dc30fcde5 Added X.509 accessor for signature. 2013-11-06 11:49:49 -08:00
John Safranek
913e200cd0 X.509 Additions:
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
2013-11-04 11:02:17 -08:00
toddouska
e8fcf35098 add Rsa Public/Private client key exchange callbacks, examples 2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e add Rsa Sign/Verify callbacks, client/server examples 2013-08-26 16:27:29 -07:00
John Safranek
0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72 cleanup build warnings
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
John Safranek
64ba0587a3 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-21 22:42:15 -07:00
John Safranek
957cf90118 Added function to read certificate from file into CYASSL_X509 buffer. 2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa add useratomic DecryptVerify Callbacks, example 2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b modified SEP X509 functions to behave like the NAME_oneline function 2013-08-20 16:47:38 -07:00
John Safranek
442886a207 Added x509 accessors for the SEP build certificate additions. 2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9 add atomic user macencrypt cb 2013-08-09 17:27:15 -07:00
toddouska
3378f8f25e add DTLS cookie ctx geter 2013-08-06 15:06:33 -07:00
John Safranek
831d9cf640 SEP Profile
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
   a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4 SEP Profile
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
Moisés Guimarães
55401c13dd Truncated HMAC first part (protocol). Extension processing will be coded later. 2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457 add IOCb Ctx getters 2013-07-22 11:01:00 -07:00
Moisés Guimarães
593e466a44 limiting max_fragment API for client side only. 2013-07-01 10:13:43 -03:00
toddouska
307c71d9cb add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake 2013-06-27 10:26:04 -07:00
toddouska
87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5 Make alert description and level enumerations public. 2013-06-21 14:56:42 -07:00
Moisés Guimarães
5f3ee80407 added:
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska
8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
Moisés Guimarães
f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614 Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch)
Exposed SNI Type at ssl.h
2013-05-30 15:26:41 -03:00
toddouska
d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
toddouska
cfdfa7b2b3 pull in Kojo MDK-ARM projects, changes 2013-05-16 09:47:27 -07:00
toddouska
47b468d14f add dtls recv timeout max user setting too 2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4 add user setting for dtls recv timeout init value 2013-05-07 16:14:26 -07:00
toddouska
a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00
toddouska
5c4fdb30ad add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid 2013-04-29 14:22:32 -07:00
toddouska
791767e026 make sure unloadcas works w/o filesystem 2013-04-26 10:28:30 -07:00
toddouska
411a096b2b add memory versions of session cache save/restore 2013-04-25 17:23:58 -07:00
toddouska
956ac08cab add persistent session cache, ssn9 2013-04-24 11:10:23 -07:00
toddouska
bad1c32df2 add session cert conversion to x509, and free x509 for dynamic variety 2013-04-23 11:50:06 -07:00
toddouska
4491de3b77 add UnloadCAs ability for CTX or CertManager 2013-04-22 13:18:08 -07:00
toddouska
d665e16bd8 add user ctx to verify callback with CyaSSL_SetCertCbCtx 2013-04-18 10:37:10 -07:00
toddouska
729fc1e603 add discardSessionCerts flag for verify callback 2013-04-18 09:11:35 -07:00
John Safranek
fe13b4b6c6 moved and renamed the CBIO error codes so they are publically available 2013-04-16 12:32:55 -07:00
John Safranek
f65f86bb88 improvements to CCM, ssn6 2013-03-22 11:30:12 -07:00
toddouska
e515638503 make EmbedGenerateCookie a callback, USER_IO can install their own or default to ours 2013-03-13 16:41:50 -07:00
John Safranek
20e4889092 Merge branch 'dtls'
Conflicts:
	src/ssl.c
2013-03-08 17:45:35 -08:00
toddouska
85b3346bbf NO_RSA build, cipher suite tests need work for this build optoin, ssn2 2013-03-07 17:44:40 -08:00
John Safranek
591e1fc772 DTLSv1.2, fixed DTLS socket timeout 2013-03-06 23:02:33 -08:00
toddouska
dfa1553548 3rd scan build fixes 2013-02-14 16:23:48 -08:00
toddouska
44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska
f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
Todd Ouska
44b6593fe5 add cavium ciphers to SSL, and example client 2013-02-01 12:21:38 -08:00
John Safranek
ac227910f1 modify OCSP to use a replacable callback to perform the OCSP transaction 2013-01-03 17:19:56 -08:00
John Safranek
4e657debfc added the ability to disable OCSP nonces 2012-12-19 10:18:11 -08:00
toddouska
dd259b12c7 add CyaSSL_peek() 2012-11-16 12:16:00 -08:00
John Safranek
9aa8b71525 Merge branch 'nocerts' 2012-11-01 15:47:02 -07:00
John Safranek
134c6b8b1b cleaning warnings in OCSP build 2012-11-01 15:03:29 -07:00
John Safranek
85e8f1988a leanpsk build removes cert code, moved ctaocrypt error strings to own file 2012-11-01 12:36:47 -07:00
Chris Conlon
f6304ae37a add support for Freescale MQX 2012-11-01 11:23:42 -06:00
toddouska
35b4f08049 add CyaSSL_send()/recv() with flags parameter 2012-10-26 15:09:58 -07:00
toddouska
d4d5243f4d add user ability to set IO read/write flags 2012-10-25 14:17:11 -07:00
John Safranek
6d1e485ef4 DTLS to use recvfrom and sendto in embed recv and send callbacks. Added support for storing dtls peer address. 2012-10-02 09:15:50 -07:00
John Safranek
dfb84dff37 added accessors for CYASSL members for use in send/recv callbacks 2012-09-25 15:51:56 -07:00
John Safranek
40972868ce fix merge conflicts 2012-09-14 21:19:06 -07:00
John Safranek
56ee2eaba8 added dtls message retry 2012-09-14 09:35:34 -07:00
John Safranek
97ca8439a4 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-07 08:30:03 -07:00
John Safranek
407397e8be adding DTLS retry timeout, added CYASSL pointer to recv/send callbacks 2012-09-06 22:41:55 -07:00
toddouska
43a0a21fb6 add GetOjbectSize for CYASSL* 2012-09-05 08:26:08 -07:00
toddouska
a5af2e3d51 add altname retrieval from peer cert 2012-07-31 17:45:48 -07:00
toddouska
fbc5c8d6dc add SSL set version, different from ctx version 2012-05-31 15:24:25 -07:00
toddouska
f528f5a7d3 add CertManager Verify with Buffer 2012-05-29 12:04:48 -07:00
toddouska
2b48f248c4 crl dir monitoring for linux and mac 2012-05-22 17:25:15 -07:00
Chris Conlon
4c79ac1f88 windows build fix 2012-05-21 15:13:11 -06:00
toddouska
7e322558ef windows build fixes 2012-05-18 11:48:38 -07:00
toddouska
fd70122378 add external der CRL checker 2012-05-18 11:03:44 -07:00
toddouska
26153ffad6 add crl monitor flag, handle no revoked case 2012-05-18 10:52:32 -07:00
toddouska
5bc728b882 fix lots o warnings 2012-05-17 17:44:54 -07:00
toddouska
08d9e57bf6 add crl missing url callback 2012-05-16 17:35:51 -07:00
toddouska
3ec2b9dbbc crl stage 2 2012-05-16 17:04:56 -07:00
John Safranek
5aad32eb28 Merge branch 'master' of github.com:cyassl/cyassl 2012-05-07 17:02:47 -07:00
toddouska
2a817adfcc ssh non ecc 2012-05-07 16:35:23 -07:00
John Safranek
f9985f5399 merge fix 2012-05-05 14:49:17 -07:00