mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,469 Commits 5 Branches 162 Tags 807 MiB
87431aa744
Commit Graph

1113 Commits

Author SHA1 Message Date
Moisés Guimarães
b2b5179392 fix indentation -- no code changed. 2014-09-22 11:37:35 -03:00
Moisés Guimarães
b22e3abfff ssl: refactoring CyaSSL_PemCertToDer to have a single return point. 2014-09-22 11:37:35 -03:00
Moisés Guimarães
958ec5d578 ssl: refactoring ProcessBuffer to reduce stack usage: 
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_PemCertToDer to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_cmp_peer_cert_to_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring ProcessFile to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_CertManagerVerify to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_SetTmpDH_file_wrapper to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)

ssl: refactoring CyaSSL_writev to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
 2014-09-22 11:37:34 -03:00
Moisés Guimarães
82d2aca505 ssl: refactoring CyaSSL_CertManagerVerifyBuffer to reduce stack usage: 
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
 2014-09-22 11:37:34 -03:00
Moisés Guimarães
d264a8f890 ssl: refactoring ProcessBuffer to reduce stack usage: 
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_CertManagerVerifyBuffer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_PemCertToDer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_cmp_peer_cert_to_file to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
 2014-09-22 11:37:34 -03:00
Moisés Guimarães
97548cc842 ssl: refactoring CyaSSL_CertPemToDer to reduce stack usage: 
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)

ssl: refactoring CyaSSL_KeyPemToDer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
 2014-09-22 11:37:34 -03:00
Moisés Guimarães
d61af5d9ae adds record_overflow alert used by max_fragment_length tls extension. 2014-09-18 21:53:10 -03:00
toddouska
75657aad40 secure r extensions, sizes correct 2014-09-17 13:49:51 -07:00
toddouska
110a65d41a fix secure r extensions send/recv 2014-09-16 18:56:32 -07:00
toddouska
a735a52608 switch to extensions secure r state 2014-09-16 17:26:57 -07:00
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions. 
Adds SecureRenegotiation functions
 2014-09-16 20:33:17 -03:00
Moisés Guimarães
89b972d946 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions. 
Adds SecureRenegotiation functions
 2014-09-16 20:21:29 -03:00
toddouska
91e4545441 use new name under tlsx for secure r flags 2014-09-16 16:19:22 -07:00
toddouska
4bb20612a1 move secure r inside of tls extensions 2014-09-16 12:42:13 -07:00
toddouska
9a90a0c113 save secure r verify data 2014-09-16 11:51:13 -07:00
toddouska
2e6b472ace init secure r state 2014-09-15 15:22:13 -07:00
toddouska
f45ffe4a38 fix clang analyzer warning 2014-09-12 11:14:23 -07:00
Chris Conlon
c2c9922380 fix Visual Studio warning, scan-build issue 2014-09-10 16:17:13 -06:00
John Safranek
91214ad5a6 Fixed issue with ECDH-ECDSA cipher suites rejecting certificates without 
the DigitalSignature key usage.
 2014-09-09 17:49:38 -07:00
toddouska
2c595139db fix tirtos merge 2014-09-08 19:40:03 -07:00
Moisés Guimarães
d6b4f85d7c Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList() 2014-09-08 15:03:30 -03:00
toddouska
f8f9008c96 simplify hello_request padSz calc with cached value 2014-09-05 16:18:10 -07:00
toddouska
c8d67670f3 fix hello_request processing w/ mac-verify at upper layer 2014-09-05 14:29:18 -07:00
toddouska
907670f89a fix github issue #127 2014-09-03 16:56:49 -07:00
Moisés Guimarães
8bb52380a8 TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList. 
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
 2014-09-01 18:35:30 -03:00
John Safranek
2362dfdfa8 Fixed minor typecasting bugs for OCSP 2014-08-28 16:04:51 -07:00
toddouska
b6345d654a delay ssl server from creating ecdhe key until really needed 2014-08-27 10:48:19 -07:00
John Safranek
496228e5b0 Merge branch 'master' of github.com:cyassl/cyassl 2014-08-19 22:38:42 -07:00
John Safranek
100f0e8a96 Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.) 2014-08-19 22:38:04 -07:00
toddouska
87564bdffe get_cipher fixes 2014-08-15 10:56:38 -07:00
toddouska
aaf4e74453 Merge https://github.com/ShaneIsrael/cyassl into shane 2014-08-15 10:03:50 -07:00
toddouska
7752fe0331 Merge pull request #122 from JacobBarthelmeh/master 
Fuzzer callbacks with fuzzer ctx pointer
 2014-08-15 09:43:31 -07:00
John Safranek
7e6b3a86d5 Added more bounds checking when saving a DTLS message fragment. 2014-08-14 15:14:29 -07:00
ShaneIsrael
57f2affe20 Added GetCipherName() which takes an index 2014-08-13 09:46:13 -06:00
ShaneIsrael
f043b90a7f fixed line comment 2014-08-12 16:30:51 -06:00
JacobBarthelmeh
856aab7f30 add fuzzer CYASSL* and fuzzer ctx 2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2 Added CyaSSL_get_ciphers() and necessary functions 2014-08-12 16:17:36 -06:00
JacobBarthelmeh
a18602951b record header fuzz 2014-08-12 11:56:20 -06:00
JacobBarthelmeh
58caf70dc9 Merge remote-tracking branch 'upstream/master' 2014-08-12 10:38:12 -06:00
JacobBarthelmeh
5c72bf6272 fuzzer callbacks 2014-08-11 16:29:19 -06:00
Moisés Guimarães
1a8d06a0e3 keys: fixing DeriveKeys: 
--- variables md5InputSz, shaInputSz and keyDataSz removed

keys: refactoring MakeSslMasterSecret to reduce stack usage:
--- variable shaOutput moved to the heap (20 bytes saved)
--- variable md5Input moved to the heap (532 bytes saved)
--- variable shaInput moved to the heap (579 bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
 2014-08-11 14:17:44 -07:00
Moisés Guimarães
39c167710f keys: refactoring DeriveKeys to reduce stack usage: 
--- variable shaOutput moved to the heap (20 bytes saved)
--- variable md5Input moved to the heap (68 bytes saved)
--- variable shaInput moved to the heap (119 bytes saved)
--- variable keyData moved to the heap (112 bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
 2014-08-05 15:28:30 -07:00
Moisés Guimarães
32847ee78e tls: refactoring CyaSSL_make_eap_keys to reduce stack usage: 
--- variable seed moved to the heap (up to 64 bytes saved)
 2014-08-05 15:28:30 -07:00
Moisés Guimarães
04dd56df79 tls: refactoring MakeTlsMasterSecret to reduce stack usage: 
--- variable seed moved to the heap (up to 64 bytes saved)
 2014-08-05 15:28:30 -07:00
Moisés Guimarães
c74440b27e tls: refactoring DeriveTlsKeys to reduce stack usage: 
--- variable seed moved to the heap (up to 64 bytes saved)
--- variable key_data moved to the heap (up to 224 bytes saved)
 2014-08-05 15:28:30 -07:00
Moisés Guimarães
0283a917e8 tls: refactoring doPRF to reduce stack usage: 
--- variable md5_hash moved to the heap (up to 256 bytes saved)
--- variable sha_hash moved to the heap (up to 256 bytes saved)
--- variable labelSeed moved to the heap (up to 128 bytes saved)
--- variable md5_result moved to the heap (up to 224 bytes saved)
--- variable sha_result moved to the heap (up to 224 bytes saved)

tls: refactoring PRF to reduce stack usage:
--- variable labelSeed moved to the heap (up to 128 bytes saved)
 2014-08-05 15:28:30 -07:00
Moisés Guimarães
e3db86753c tls: refactoring p_hash to reduce stack usage: 
--- variable previous moved to the heap (up to 48 bytes saved)
--- variable current moved to the heap (up to 48 bytes saved)
--- variable hmac moved to the heap (sizeof(Hmac) bytes saved)
 2014-08-05 15:28:30 -07:00
toddouska
7a95bc452d Merge branch 'master' into ti 2014-07-29 16:20:57 -07:00
Jonas Norling
277598e34a Use same sequence number calculation in tls.c and internal.c 
The DTLS sequence number used when decrypting CCM/GCM was taken from
the internal state, instead of from the actual message record.

If any DTLS messages were dropped, the expectation of the next
sequence number was wrong. This lead to a failed MAC check on the next
message to arrive, and an alert was generated.
 2014-07-28 15:10:17 -07:00
toddouska
aba16ae239 Merge branch 'master' into ti 2014-07-24 20:15:18 -07:00
toddouska
4ebd5a0717 remove hard tabs 2014-07-24 20:12:10 -07:00
JacobBarthelmeh
3f2ee0801a declaration locations for ARM 2014-07-24 18:59:39 -06:00
toddouska
0c6a961e35 Merge branch 'master' into ti 2014-07-23 14:20:58 -07:00
Moisés Guimarães
c20fdb037e io: refactoring EmbedOcspLookup: 
--- single return point
--- changed stack reduction MEMORY_E to -1 to match XMALLOC fail at httpBuf
--- variable written removed
--- variable ocspRespSz renamed to ret (initialized with -1  and set only once with process_http_response result)
 2014-07-23 13:20:23 -03:00
Moisés Guimarães
7dfb9e2d5f io: refactoring EmbedGenerateCookie to reduce stack usage: 
--- use ShaHash instead of InitSha, ShaUpdate and ShaFinal (sizeof(Sha) saved)

io: refactoring EmbedOcspLookup to reduce stack usage:
--- variable domainName moved to the heap (80 bytes saved)
--- variable path moved to the heap (80 bytes saved)
 2014-07-23 12:28:54 -03:00
toddouska
ec0fd7e969 Merge branch 'master' into ti 2014-07-22 13:55:59 -07:00
Moisés Guimarães
2245204685 crl: refactoring LoadCRL to reduce stack usage: 
--- variable name moved to the heap (256 bytes saved)
 2014-07-21 22:52:06 -03:00
Moisés Guimarães
3ae9105b05 crl: refactoring DoMonitor to reduce stack usage: 
--- variable buff moved to the heap (8192 bytes saved)
 2014-07-21 22:52:05 -03:00
Moisés Guimarães
108b21e36f crl: refactoring SwapLists to reduce stack usage: 
--- variable tmp moved to the heap (sizeof(CYASS_CRL) saved)
 2014-07-21 22:52:05 -03:00
Moisés Guimarães
6e0c6551ff crl: refactoring BufferLoadCRL to reduce stack usage: 
--- variable dcrl moved to the heap (sizeof(DecodedCRL) saved)
 2014-07-21 22:52:05 -03:00
Moisés Guimarães
fb3e706d69 ocsp: refactoring CheckCertOCSP to reduce stack usage: 
--- variable newStatus moved to the heap (sizeof(CertStatus) saved)
--- variable ocspRequest moved to the heap (sizeof(OcspRequest) saved)
--- variable ocspResponse moved to the heap (sizeof(OcspResponse) saved)
 2014-07-21 22:52:05 -03:00
toddouska
a73a160aaf Merge branch 'master' into ti 2014-07-21 16:26:39 -07:00
toddouska
3bfd0bbf3b fixup some chacah-poly suite things including a valgrind error 2014-07-21 16:20:17 -07:00
JacobBarthelmeh
ff58f65418 merge 2014-07-21 15:12:12 -06:00
JacobBarthelmeh
3c27deb9d0 merge 2014-07-21 13:50:22 -06:00
toddouska
c0ef346073 Merge branch 'master' into ti 2014-07-18 19:27:04 -07:00
JacobBarthelmeh
726cc3e3a4 sanity check and recent cyassl release 2014-07-18 14:42:45 -06:00
JacobBarthelmeh
7cb65d8b3d asthetics 2014-07-17 15:33:48 -06:00
JacobBarthelmeh
b77a1fdbbb refactoring 2014-07-17 15:00:40 -06:00
John Safranek
307e5f3bff fix build warnings with lean-psk mode 2014-07-16 14:40:41 -07:00
JacobBarthelmeh
7eb8f571ed reverse compatibility 2014-07-16 14:55:38 -06:00
JacobBarthelmeh
5b08cb35d7 updated sequence number in AD and unit tests 2014-07-14 16:13:24 -06:00
JacobBarthelmeh
4250955003 arg error checking and CHACHA_AEAD_TEST update 2014-07-11 16:06:29 -06:00
JacobBarthelmeh
e62fbdd49f added ECDSA and DHE_RSA support for chacha-poly 2014-07-10 16:35:56 -06:00
JacobBarthelmeh
c322cb05ad uses most recent version of cyassl 2014-07-10 11:18:49 -06:00
JacobBarthelmeh
da0876c474 Merge branch 'cipher-suite' of https://github.com/JacobBarthelmeh/cyassl into cipher-suite 2014-07-09 15:49:29 -06:00
JacobBarthelmeh
fb25db9c28 progress on suite 2014-07-09 15:48:40 -06:00
toddouska
4ed9b3fa33 Merge branch 'master' into ti 2014-07-07 10:32:52 -07:00
toddouska
8a3b3b03d2 fix crl problem error out if verify peer disabled 2014-07-03 12:13:41 -07:00
toddouska
61e989ed99 Merge branch 'master' into ti 2014-07-03 11:34:15 -07:00
toddouska
2d63c559cc dh now disabled by default but can be enabled w/o opensslextra 2014-07-03 11:32:24 -07:00
toddouska
6817e3cd2e Merge branch 'master' into ti 2014-07-02 16:31:55 -07:00
JacobBarthelmeh
18119610fb Update tls.c 2014-07-02 16:06:41 -06:00
toddouska
0272d51ce4 remove C++ comments from cyassl proper 2014-07-02 12:11:01 -07:00
JacobBarthelmeh
a1e8eb0802 progress on suite 2014-07-02 12:49:14 -06:00
toddouska
0950b19da8 Merge branch 'master' into ti 2014-07-02 10:49:22 -07:00
toddouska
4aac37bff9 move CipherRequires() to both client and server, VerifyClientSuite() to client only 2014-07-02 10:48:04 -07:00
JacobBarthelmeh
53c63dd257 progress on suite 2014-07-01 16:08:52 -06:00
JacobBarthelmeh
6c366a1863 progress on suite 2014-07-01 15:19:55 -06:00
JacobBarthelmeh
5bf411f345 progress on suite 2014-07-01 14:16:44 -06:00
toddouska
f2de04ae46 Merge branch 'master' into ti 2014-06-26 08:57:35 -06:00
Moisés Guimarães
9339d7d5b1 add support to TLS extensions in DTLS 2014-06-25 13:26:42 -03:00
toddouska
a6ea32461d Merge branch 'master' into ti 2014-06-20 14:48:53 -07:00
toddouska
e6d9151f47 add user cert chain functionality at SSL level instead of just CTX 2014-06-20 10:49:21 -07:00
toddouska
a319354e92 Merge branch 'master' into ti 2014-06-20 09:24:11 -07:00
toddouska
6371b3c262 send ecdsa_sign for client cert request type is sig algo ecdsa 2014-06-20 09:22:40 -07:00
toddouska
4fe938cf3a Merge branch 'master' into ti 2014-06-19 16:01:35 -07:00
toddouska
9642902c07 fix disable rsa w/ opensslextra 2014-06-19 15:59:24 -07:00
toddouska
59196df818 Merge branch 'master' into ti 2014-06-16 12:31:24 -07:00
toddouska
8350d91780 fix PemToDer encrypted key search start position for bundled files 2014-06-16 12:30:04 -07:00
toddouska
9a180b0ec8 Merge branch 'master' into ti 2014-06-16 11:05:20 -07:00
John Safranek
acb3b1afb2 fix bug with DTLS and IO Pools 2014-06-15 17:26:18 -07:00
toddouska
675f99294b Merge branch 'master' into ti 2014-06-12 16:02:37 -07:00
toddouska
0223708ac4 make crl monitor watch init -1 2014-06-12 16:01:34 -07:00
toddouska
b14bf25881 merge master 2014-06-12 16:00:25 -07:00
toddouska
ceafd298f3 fix linux crl monitor newer gcc warning 2014-06-12 15:56:44 -07:00
toddouska
8237319d80 merge with master 2014-06-10 15:19:45 -07:00
Moisés Guimarães
9c905b6519 fix on TLSX_SNI_GetFromBuffer - > should be >= so extensions of length 0 get inside the while. 
added test to cover case.
 2014-06-10 16:56:45 -03:00
Moisés Guimarães
ba36c24fc1 fix on TLSX_SNI_GetFromBuffer - undo last fix and return 0 when there is no SNI extension. Now the return is the same when there is no extensions at all. 2014-06-10 15:28:29 -03:00
Moisés Guimarães
064483035c fix on TLSX_SNI_GetFromBuffer - set inOutSz value to zero when there is no SNI extension in the client hello buffer. 2014-06-09 17:31:32 -03:00
toddouska
c6740feee7 Merge branch 'master' into ti 2014-06-09 12:57:43 -07:00
toddouska
e0c5c89bf6 add sanity check on send callback sent value 2014-06-09 12:55:17 -07:00
toddouska
f4c96c68c9 Merge branch 'master' into ti 2014-06-05 17:55:56 -07:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
bc3cbee2b6 Merge branch 'master' into ti 2014-06-04 09:59:07 -07:00
toddouska
2494217a87 add sanity check on output buffer size for BuildMessage() 2014-06-04 09:58:15 -07:00
toddouska
e4c33cb51e Merge branch 'master' into ti 2014-06-04 08:08:52 -07:00
John Safranek
d301ab001c fix Windows compile warnings 2014-06-03 23:11:18 -07:00
toddouska
6ae76721f2 Merge branch 'master' into ti 2014-06-02 11:24:32 -07:00
toddouska
24b556689f fix psk define w/ opensslextra 2014-06-02 11:22:47 -07:00
toddouska
a920795665 Merge branch 'master' into ti 2014-05-30 16:57:15 -07:00
John Safranek
b60a61fa94 DHE-PSK cipher suites 
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
 * TLS_DHE_PSK_WITH_NULL_SHA256
 * TLS_DHE_PSK_WITH_NULL_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CCM
 * TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
 2014-05-30 11:26:48 -07:00
toddouska
71a5aeeb81 Merge branch 'master' into ti 2014-05-28 17:37:48 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00
toddouska
8a0fbcb83e Merge branch 'master' into ti 2014-05-28 13:06:51 -07:00
Chris Conlon
7e13e414cb rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts 2014-05-28 10:28:01 -06:00
toddouska
e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
John Safranek
12841e6093 fix integration bugs with new suites 2014-05-20 14:07:08 -07:00
John Safranek
74712b4e71 1. Added the following cipher suites: 
* TLS_PSK_WITH_AES_128_GCM_SHA256
 * TLS_PSK_WITH_AES_256_GCM_SHA384
 * TLS_PSK_WITH_AES_256_CBC_SHA384
 * TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
 2014-05-19 21:44:04 -07:00
toddouska
6d3a46ebec Merge branch 'master' into ti 2014-05-19 17:08:51 -07:00
John Safranek
da5b042d21 AEAD additional data for encrypt and decrypt should be AEAD_AUTH_DATA_SZ 2014-05-19 09:14:10 -07:00
John Safranek
4a511fe36d Added epoch to sequence number for AES-GCM with DTLS encrypt/decrypt. 2014-05-19 09:14:10 -07:00
toddouska
91df5e52a6 Merge branch 'master' into ti 2014-05-16 09:13:21 -07:00
John Safranek
628e7b4d72 adjust SendData() output buffer check for DTLS header size 2014-05-15 15:55:32 -07:00
toddouska
f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska
ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
toddouska
a3a12a7010 merge resolution in io.c 2014-05-12 13:36:20 -07:00
toddouska
8c9c257921 Merge pull request #79 from kojo1/IAR 
sample projects for IAR EWARM

Why is SINGLE_THREADED assumed for IAR with ARM?
 2014-05-12 13:28:02 -07:00
toddouska
ec5f3cc681 Merge branch 'master' of https://github.com/tisb/cyassl into ti 2014-05-09 11:38:40 -07:00
Vikram Adiga
5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
toddouska
e57d5d1d2f Merge branch 'master' of github.com:cyassl/cyassl 2014-05-08 10:27:54 -07:00
toddouska
abbfcde0dc add fips in core first/last files for code/data hashing 2014-05-08 10:26:31 -07:00
John Safranek
d6b98c1fab moved OCSP config code outside NO_FILESYSTEM fence 2014-05-05 16:13:08 -07:00
John Safranek
ec13f65ef0 made OCSP callback not dependent on stdio 2014-05-05 16:11:02 -07:00
toddouska
4104b74c40 fix resource leak on bad user cert chain big buffer 2014-05-02 10:30:07 -07:00
toddouska
3e62da0bc9 add linux crl monitor clean shutdown 2014-05-02 10:14:40 -07:00
Takashi Kojo
35d5b66d2c Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-02 09:32:55 +09:00
toddouska
912ec25a0f fix linux crl monitor build 2014-05-01 09:34:16 -07:00
toddouska
14c978ca67 remove space 2014-05-01 09:30:17 -07:00
toddouska
5ff0336491 add custom kqueue event for crl monitor shutdown 2014-05-01 09:28:33 -07:00
Takashi Kojo
f225714e75 io.c, #include 2014-05-01 17:09:28 +09:00
John Safranek
fb5200aa95 1. Added more options to the full commit test. 
2. Cleanups from static analysis.
 2014-04-30 15:01:10 -07:00
John Safranek
85d453f2d1 fix const issue with PK callbacks 2014-04-30 10:15:15 -07:00
John Safranek
09a7a087a2 fix static analysis warnings 2014-04-29 14:52:42 -07:00
John Safranek
618d282d94 Decodes the Name Constraints certificate extension on the CA cert 
and checks the names on the peer cert, rejecting it if invalid
based on the name.
 2014-04-28 11:03:24 -07:00
Moisés Guimarães
8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães
32e2d7016f SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation. 2014-04-14 21:36:04 -03:00
Moisés Guimarães
644bb9c524 SHA256, SHA384 and SHA512 error propagation. Minor impact on some of internal.c static functions. 2014-04-14 21:28:23 -03:00
Moisés Guimarães
41cc5f06e4 camellia_setup128 and camellia_setup256 refactory to reduce stack usage: 
--- subL and subR variables moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in CamelliaSetKey function.
 2014-04-14 21:28:22 -03:00
John Safranek
d7eff191ce Merge branch 'master' of github.com:cyassl/cyassl 2014-04-14 10:35:39 -07:00
John Safranek
ede2aa9c91 allow key use extension errors to be overriden with verify callback 2014-04-14 10:29:29 -07:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek
421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
John Safranek
603192f153 Removed an incorrect key use check. 2014-04-10 23:31:43 -07:00
John Safranek
e79ce42ef4 Added checking of the key usage and extended key usage extensions in the 
certificates.
 2014-04-10 16:50:14 -07:00
toddouska
4a99031b8d fix psk requires with different first byte 2014-04-10 14:58:15 -07:00
toddouska
e40bc9b72d remove extra spaces 2014-04-10 14:13:18 -07:00
toddouska
5de34bf987 add client suite verify, detect mismatch early 2014-04-10 14:11:30 -07:00
John Safranek
2c97d38c2c Removed previous change. Fixed it in the Sanity check instead. 2014-04-08 17:00:21 -07:00
John Safranek
52503c713c fix calls to AesGcmDecrypt and AesCcmDecrypt 2014-04-08 16:35:26 -07:00
toddouska
1863af0762 remove CYASSL_MSG undef 2014-04-04 15:13:44 -07:00
toddouska
562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
toddouska
e0534da461 mp Harmony 0.80 beta fix 2014-04-01 13:49:30 -07:00
toddouska
c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska
4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
John Safranek
b5a27b0f41 Add compile flag to disable Cert Sign key usage flag check. 2014-03-28 11:21:07 -07:00
John Safranek
4b22986e74 Check for Certificate Sign key usage bit on intermediate CAs. 2014-03-28 10:10:22 -07:00
Moisés Guimarães
6b9f711de0 DesSetKey refactory to reduce stack usage: 
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
 2014-03-28 12:59:39 -03:00
toddouska
05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska
7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska
e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon
59c1adaf0e version 2.9.2 release 2014-03-27 10:35:57 -06:00
Chris Conlon
4677f2f2c1 fix windows warnings, ignore empty file ones 2014-03-27 10:09:14 -06:00
toddouska
7e9be23628 fix item 5 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:54:16 -07:00
toddouska
717f3adb47 fix item 9 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:28:19 -07:00
toddouska
86ebc48032 fix for item 7 report by Ivan Fratric of the Google Security Team 2014-03-26 13:16:43 -07:00
toddouska
23300a201f Merge branch 'master' of github.com:cyassl/cyassl 2014-03-26 12:15:04 -07:00
toddouska
43909ac725 fix sslv3 verify mac pad check, item 6 by report from Ivan Fratric of the Google Security Team 2014-03-26 12:14:18 -07:00
John Safranek
dd61daef70 When saving the signature from a DecodedCert to a CYASSL_X509 only copy 
the signature if it exists.
 2014-03-26 12:01:26 -07:00
toddouska
d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska
b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska
3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska
fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska
8c5d958a8b add Aes SetIV fips mode 2014-03-24 14:01:36 -07:00
toddouska
0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
toddouska
9fe9276236 finish fips aes w/ tests 2014-03-21 14:49:49 -07:00
toddouska
58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska
388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
toddouska
8bbc30f3e1 add fips enable switch 2014-03-19 09:43:57 -07:00