toddouska
782cb0e077
Merge branch 'master' of github.com:cyassl/cyassl
2013-09-06 14:25:51 -07:00
toddouska
46be3b8508
add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next
2013-09-06 14:24:31 -07:00
Moisés Guimarães
d7a08b1a76
centralizing MAX_DIGEST_SIZE definition in hmac.h
2013-09-06 15:53:46 -03:00
John Safranek
f2c75a9e87
ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values
2013-09-05 15:00:01 -07:00
toddouska
08c9f61f16
add accelerated ecc_proj* and ECC SHAMIR to speed up ecdsa verify
2013-09-04 13:13:10 -07:00
toddouska
e93a0640f1
break up huge math into individual parts so can add piece by piece, e.g., ECC256
2013-09-03 13:13:13 -07:00
John Safranek
0002ba4ee8
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72
cleanup build warnings
...
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
`process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
`CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
`Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
`CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
`AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2
add public key callbacks for ecc sign/verify, examples
2013-08-22 18:19:39 -07:00
toddouska
840e958ae5
add ecc verify to benchmark
2013-08-09 17:06:02 -07:00
toddouska
5c5cee0789
use external CYASSL_MAX_ERROR_SZ for buffer size
2013-08-06 11:48:00 -07:00
toddouska
505b1a8a67
fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size
2013-07-25 15:59:09 -07:00
John Safranek
43f320d5e2
SEP Extensions
...
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
device type.
4. Copy an other type Alt Name extension into the cert as the
hwType and hwSerialNumber, if the alt name has a
hardwareModuleName OID.
2013-07-09 13:23:56 -07:00
toddouska
99b6c1d3c3
fix GCC warning
2013-07-09 09:57:55 -07:00
toddouska
f9bf003718
allow NULL IVs for CBC mode, same as all zero IV
2013-07-08 11:52:00 -07:00
John Safranek
b66cb11cb8
Fixed bug in DecodeAltNames() where idx wasn't advanced past the length.
2013-07-05 10:10:38 -07:00
John Safranek
0d0fc27e42
Fixed DecodeAuthKeyId fail case not returning.
2013-06-26 11:16:17 -07:00
John Safranek
f3af0124e4
Fixed DecodeAltNames extension falling through to next case.
2013-06-25 13:37:43 -07:00
John Safranek
0c34ecb451
OCSP Updates
...
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek
42a0f3500f
Update AES-GCM and AES-CCM to use AES-NI
...
1. Added the assembly functions to do AES-ECB.
2. Updated AesEncrypt and AesDecrypt to use the assembly functions
if available.
3. Modified the AES-GCM and AES-CCM key setup functions to use the
the AES-NI key setup if availble.
4. Added tests for the AES-ECB encrypt and decrypt.
5. Only include stdio.h for AES when DEBUG_AESNI is enabled
6. If using local key setup, skip using AES-NI for basic Encrypt
and Decrypt.
2013-06-19 14:52:58 -07:00
toddouska
85d25798a5
update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing
2013-06-17 14:48:51 -07:00
toddouska
7f7c595d10
differentiate between THREADX and RTP_SYS
2013-06-14 13:45:25 -07:00
toddouska
9559f09028
warning fixes
2013-06-13 12:13:46 -07:00
toddouska
ae84982777
add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create()
2013-06-03 14:56:37 -07:00
toddouska
b2ef938cbe
fix CYASSL_MALLOC_CHECK hard tabs and extra function not needed
2013-05-29 11:18:16 -07:00
kojo
4b9c3d3512
Merge remote-tracking branch 'cyassl/master' into STM.LPC
...
Conflicts:
IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h
IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c
IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c
IDE/MDK-ARM/MDK-ARM/config/File_Config.c
IDE/MDK-ARM/MDK-ARM/config/RTX_Conf_CM.c
IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt
IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj
ctaocrypt/src/random.c
src/internal.c
2013-05-26 09:27:06 +09:00
toddouska
8b90414f2a
add POSITIVE_EXP_ONLY for fastmath stack reduction when positive exponents only
2013-05-23 15:55:22 -07:00
toddouska
8df0e43384
fix merge differences from this week
2013-05-22 15:50:13 -07:00
toddouska
d2003bb8b7
merge in sni
2013-05-21 14:37:50 -07:00
kojo
ff68942ce4
MDK-ARM ready for LCP/STM
2013-05-21 18:47:54 +09:00
kojo
082f5643ed
OK for LCP43xx project
2013-05-21 17:13:12 +09:00
kojo
da342ea079
initial attempt for MDK-ARM/LPC43xx:
2013-05-21 09:39:09 +09:00
takashikojo
55763ef318
Commit 2.6.2
2013-05-19 10:02:13 +09:00
toddouska
8f5e98486f
fix MPLAB X windows warnings
2013-05-17 11:13:47 -07:00
Chris Conlon
a4c6ed0dda
add support for Microchip TCP/IP 6.0 beta
2013-05-17 10:59:18 -06:00
toddouska
cfdfa7b2b3
pull in Kojo MDK-ARM projects, changes
2013-05-16 09:47:27 -07:00
Chris Conlon
091c7a7ef3
separate STM32F2 hardware hash support, disable by default
2013-05-15 10:48:35 -06:00
toddouska
32705fb380
make sure pwdbased w/o fastmath works like fastmath define wise
2013-05-10 11:00:37 -07:00
toddouska
a0c630b4ee
add cert cache persistence
2013-05-02 11:34:26 -07:00
John Safranek
d2d25b9b83
refine the SKID/AKID support
2013-04-29 17:09:15 -07:00
John Safranek
87048698e5
use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes.
2013-04-29 12:08:16 -07:00
toddouska
05dd84598b
turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11
2013-04-25 15:36:33 -07:00
John Safranek
8e5532eb42
Merge branch 'master' of github.com:cyassl/cyassl
2013-04-24 10:37:55 -07:00
John Safranek
c27ebe546d
find the subject id and authority subject id extentions when decoding a certificate
2013-04-24 10:37:11 -07:00
toddouska
24ec09ef7a
change big int cast in comparison after 64/128 changes
2013-04-19 13:49:26 -07:00
toddouska
71a1abebf5
break up sig confirm errors into no sig, crl, and ocsp specific
2013-04-18 08:38:28 -07:00
toddouska
b806ca3c2f
help compiler with fp_div cast to 32bit
2013-04-16 15:29:03 -07:00
John Safranek
d279695314
changed ENDIAN_* to *_ENDIAN_ORDER
2013-04-16 12:12:49 -07:00
John Safranek
a74ac2b22c
added case to DerToPem() to add EC header and footer to the PEM output
2013-04-11 14:03:18 -07:00
toddouska
a2bd6e786d
fix leanpsk NO_SHA build
2013-04-10 12:42:51 -07:00