toddouska
519820133d
Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr
2014-05-14 14:51:40 -07:00
Takashi Kojo
fb00110b77
CyaSSL library project and README
2014-05-01 17:03:01 +09:00
Chris Conlon
be65f5d518
update FSF address, wolfSSL copyright
2014-04-11 15:58:58 -06:00
Chris Conlon
85a47b4596
add NO_STDIO_FILESYSTEM to exclude FILE usage from non standard filesystems
2014-02-14 14:57:43 -07:00
toddouska
1cf884dccc
add enable-certservice, ease of use
2014-02-11 13:08:12 -08:00
Moisés Guimarães
36b5bf0df1
Renaming Elliptic Curves to Supported Curves for better extension representation and avoid confusion.
2014-02-03 16:14:35 -03:00
Moisés Guimarães
9490c0dbaf
validating curves
2014-01-31 16:52:14 -03:00
Moisés Guimarães
afd38d11cd
removing unused curve names.
2014-01-31 16:52:13 -03:00
Moisés Guimarães
75ae9dc973
added external api for Elliptic Curves Extension.
2014-01-31 16:52:13 -03:00
John Safranek
cfa9007199
1. Bumped release version in configure.ac.
...
2. Added enable option for SCEP. Enables prereqs.
3. Added CyaSSL_wolfSCEP() for ac to test for CyaSSL SCEP.
2014-01-27 11:35:43 -08:00
toddouska
8a1971d52b
add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs
2014-01-14 15:13:43 -08:00
John Safranek
d46c68ba10
Moved OCSP into the CertManager like the CRL.
2013-12-27 12:11:47 -08:00
John Safranek
4ce2e59adf
For Atomic user:
...
1. Added a getter for the session's IV size.
2. The HMAC size getter should return 0 for AEAD ciphers
and the hash length for the others.
2013-12-23 22:32:08 -08:00
rofl0r
a36c18c27f
implement CyaSSL_ERR_reason_error_string
...
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
user to supply storage for them and copying them around.
2013-12-19 19:40:48 +01:00
Chris Conlon
8c7f5817ac
NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file
2013-12-11 16:19:09 -08:00
Moisés Guimarães
f8b30b3379
changing variable names to build on Ubuntu.
2013-12-02 15:50:21 -03:00
Moisés Guimarães
ba18f8b03e
added new function to retrieve SNI from a buffer.
2013-11-21 21:25:42 -03:00
John Safranek
0fd6aed9b6
Save more decoded data from certificate for later use with X.509 functions.
2013-11-19 14:44:55 -08:00
Takashi Kojo
5a9140fd13
For PIC32MZ
2013-11-12 08:12:01 +09:00
John Safranek
4dc30fcde5
Added X.509 accessor for signature.
2013-11-06 11:49:49 -08:00
John Safranek
913e200cd0
X.509 Additions:
...
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
2013-11-04 11:02:17 -08:00
toddouska
e8fcf35098
add Rsa Public/Private client key exchange callbacks, examples
2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e
add Rsa Sign/Verify callbacks, client/server examples
2013-08-26 16:27:29 -07:00
John Safranek
0002ba4ee8
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72
cleanup build warnings
...
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
`process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
`CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
`Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
`CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
`AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2
add public key callbacks for ecc sign/verify, examples
2013-08-22 18:19:39 -07:00
John Safranek
64ba0587a3
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-21 22:42:15 -07:00
John Safranek
957cf90118
Added function to read certificate from file into CYASSL_X509 buffer.
2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa
add useratomic DecryptVerify Callbacks, example
2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b
modified SEP X509 functions to behave like the NAME_oneline function
2013-08-20 16:47:38 -07:00
John Safranek
442886a207
Added x509 accessors for the SEP build certificate additions.
2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9
add atomic user macencrypt cb
2013-08-09 17:27:15 -07:00
toddouska
3378f8f25e
add DTLS cookie ctx geter
2013-08-06 15:06:33 -07:00
John Safranek
831d9cf640
SEP Profile
...
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4
SEP Profile
...
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
Moisés Guimarães
55401c13dd
Truncated HMAC first part (protocol). Extension processing will be coded later.
2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457
add IOCb Ctx getters
2013-07-22 11:01:00 -07:00
Moisés Guimarães
593e466a44
limiting max_fragment API for client side only.
2013-07-01 10:13:43 -03:00
toddouska
307c71d9cb
add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake
2013-06-27 10:26:04 -07:00
toddouska
87eb94b7c4
Merge branch 'master' of github.com:cyassl/cyassl
2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f
add NetX default IO context handling
2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5
Make alert description and level enumerations public.
2013-06-21 14:56:42 -07:00
Moisés Guimarães
5f3ee80407
added:
...
- max fragment length extension;
- CyaSSL_SNI_GetRequest() to get client's request at server side;
- Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska
8c70b11528
add newSession flag to SetServerID to do full handshake w/ new session
2013-06-14 15:29:18 -07:00
Moisés Guimarães
f1d1898ddf
Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
...
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee
changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH
2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614
Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch)
...
Exposed SNI Type at ssl.h
2013-05-30 15:26:41 -03:00
toddouska
d2003bb8b7
merge in sni
2013-05-21 14:37:50 -07:00
toddouska
cfdfa7b2b3
pull in Kojo MDK-ARM projects, changes
2013-05-16 09:47:27 -07:00
toddouska
47b468d14f
add dtls recv timeout max user setting too
2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4
add user setting for dtls recv timeout init value
2013-05-07 16:14:26 -07:00
toddouska
a0c630b4ee
add cert cache persistence
2013-05-02 11:34:26 -07:00
toddouska
5c4fdb30ad
add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid
2013-04-29 14:22:32 -07:00
toddouska
791767e026
make sure unloadcas works w/o filesystem
2013-04-26 10:28:30 -07:00
toddouska
411a096b2b
add memory versions of session cache save/restore
2013-04-25 17:23:58 -07:00
toddouska
956ac08cab
add persistent session cache, ssn9
2013-04-24 11:10:23 -07:00
toddouska
bad1c32df2
add session cert conversion to x509, and free x509 for dynamic variety
2013-04-23 11:50:06 -07:00
toddouska
4491de3b77
add UnloadCAs ability for CTX or CertManager
2013-04-22 13:18:08 -07:00
toddouska
d665e16bd8
add user ctx to verify callback with CyaSSL_SetCertCbCtx
2013-04-18 10:37:10 -07:00
toddouska
729fc1e603
add discardSessionCerts flag for verify callback
2013-04-18 09:11:35 -07:00
John Safranek
fe13b4b6c6
moved and renamed the CBIO error codes so they are publically available
2013-04-16 12:32:55 -07:00
John Safranek
f65f86bb88
improvements to CCM, ssn6
2013-03-22 11:30:12 -07:00
toddouska
e515638503
make EmbedGenerateCookie a callback, USER_IO can install their own or default to ours
2013-03-13 16:41:50 -07:00
John Safranek
20e4889092
Merge branch 'dtls'
...
Conflicts:
src/ssl.c
2013-03-08 17:45:35 -08:00
toddouska
85b3346bbf
NO_RSA build, cipher suite tests need work for this build optoin, ssn2
2013-03-07 17:44:40 -08:00
John Safranek
591e1fc772
DTLSv1.2, fixed DTLS socket timeout
2013-03-06 23:02:33 -08:00
toddouska
dfa1553548
3rd scan build fixes
2013-02-14 16:23:48 -08:00
toddouska
44e0d7543c
change copyright name with name change
2013-02-05 12:44:17 -08:00
toddouska
f4f13371f9
update copyright date
2013-02-04 14:51:41 -08:00
Todd Ouska
44b6593fe5
add cavium ciphers to SSL, and example client
2013-02-01 12:21:38 -08:00
John Safranek
ac227910f1
modify OCSP to use a replacable callback to perform the OCSP transaction
2013-01-03 17:19:56 -08:00
John Safranek
4e657debfc
added the ability to disable OCSP nonces
2012-12-19 10:18:11 -08:00
toddouska
dd259b12c7
add CyaSSL_peek()
2012-11-16 12:16:00 -08:00
John Safranek
9aa8b71525
Merge branch 'nocerts'
2012-11-01 15:47:02 -07:00
John Safranek
134c6b8b1b
cleaning warnings in OCSP build
2012-11-01 15:03:29 -07:00
John Safranek
85e8f1988a
leanpsk build removes cert code, moved ctaocrypt error strings to own file
2012-11-01 12:36:47 -07:00
Chris Conlon
f6304ae37a
add support for Freescale MQX
2012-11-01 11:23:42 -06:00
toddouska
35b4f08049
add CyaSSL_send()/recv() with flags parameter
2012-10-26 15:09:58 -07:00
toddouska
d4d5243f4d
add user ability to set IO read/write flags
2012-10-25 14:17:11 -07:00
John Safranek
6d1e485ef4
DTLS to use recvfrom and sendto in embed recv and send callbacks. Added support for storing dtls peer address.
2012-10-02 09:15:50 -07:00
John Safranek
dfb84dff37
added accessors for CYASSL members for use in send/recv callbacks
2012-09-25 15:51:56 -07:00
John Safranek
40972868ce
fix merge conflicts
2012-09-14 21:19:06 -07:00
John Safranek
56ee2eaba8
added dtls message retry
2012-09-14 09:35:34 -07:00
John Safranek
97ca8439a4
Merge branch 'master' of github.com:cyassl/cyassl
2012-09-07 08:30:03 -07:00
John Safranek
407397e8be
adding DTLS retry timeout, added CYASSL pointer to recv/send callbacks
2012-09-06 22:41:55 -07:00
toddouska
43a0a21fb6
add GetOjbectSize for CYASSL*
2012-09-05 08:26:08 -07:00
toddouska
a5af2e3d51
add altname retrieval from peer cert
2012-07-31 17:45:48 -07:00
toddouska
fbc5c8d6dc
add SSL set version, different from ctx version
2012-05-31 15:24:25 -07:00
toddouska
f528f5a7d3
add CertManager Verify with Buffer
2012-05-29 12:04:48 -07:00
toddouska
2b48f248c4
crl dir monitoring for linux and mac
2012-05-22 17:25:15 -07:00
Chris Conlon
4c79ac1f88
windows build fix
2012-05-21 15:13:11 -06:00
toddouska
7e322558ef
windows build fixes
2012-05-18 11:48:38 -07:00
toddouska
fd70122378
add external der CRL checker
2012-05-18 11:03:44 -07:00
toddouska
26153ffad6
add crl monitor flag, handle no revoked case
2012-05-18 10:52:32 -07:00
toddouska
5bc728b882
fix lots o warnings
2012-05-17 17:44:54 -07:00
toddouska
08d9e57bf6
add crl missing url callback
2012-05-16 17:35:51 -07:00
toddouska
3ec2b9dbbc
crl stage 2
2012-05-16 17:04:56 -07:00
John Safranek
5aad32eb28
Merge branch 'master' of github.com:cyassl/cyassl
2012-05-07 17:02:47 -07:00
toddouska
2a817adfcc
ssh non ecc
2012-05-07 16:35:23 -07:00
John Safranek
f9985f5399
merge fix
2012-05-05 14:49:17 -07:00