Commit Graph

1941 Commits

Author SHA1 Message Date
Moisés Guimarães
9339d7d5b1 add support to TLS extensions in DTLS 2014-06-25 13:26:42 -03:00
toddouska
eb56afdbf6 remove spaces 2014-06-25 09:28:44 -06:00
Moisés Guimarães
e2a6d68abf fix - add missing FreeDecodeCert on success. 2014-06-24 20:03:52 -03:00
Moisés Guimarães
f2c8826e16 fix missing FreeRsaKey on error. 2014-06-23 15:28:57 -03:00
Moisés Guimarães
edb94557e9 pkcs7: refactoring PKCS7_EncodeEnvelopedData to reduce stack usage: ~ 1300 bytes moved to the heap.
--- variable contentKeyEnc moved to the heap (512 bytes saved)
--- variable recip moved to the heap (~800 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
46d0f68097 pkcs7: refactoring PKCS7_DecodeEnvelopedData to reduce stack usage: ~ 9 * sizeof(mp_int) bytes + 512 bytes moved to the heap.
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable encryptedKey moved to the heap (512 bytes saved)
--- variable serialNum moved to the heap (sizeof(mp_int) bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
21982b50db pkcs7: refactoring CreateRecipientInfo to reduce stack usage: ~ 8 * sizeof(mp_int) bytes + ~935 bytes moved to the heap.
--- variable pubKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable decoded moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
--- variable serial moved to the heap (35 bytes saved)
--- variable keyAlgArray moved to the heap (20 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
90e9696ad6 pkcs7: refactoring PKCS7_InitWithCert to reduce stack usage: ~ 880 bytes moved to the heap.
--- variable dCert moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
eacff3ba83 pkcs7: refactoring PKCS7_VerifySignedData to reduce stack usage: ~ 50 bytes + 8 * sizeof(mp_int) bytes moved to the heap.
--- variable key moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable digest moved to the heap (50 bytes saved)
2014-06-20 14:52:15 -03:00
Moisés Guimarães
60b2495f47 pkcs7: refactoring PKCS7_EncodeSignedData to reduce stack usage: ~1300 bytes + ~ 8 * sizeof(mp_int) bytes moved to the heap.
--- variable esd moved to the heap (1264 bytes saved)
--- variable digestInfo moved to the heap (50 bytes saved)
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
2014-06-20 14:52:15 -03:00
toddouska
e6d9151f47 add user cert chain functionality at SSL level instead of just CTX 2014-06-20 10:49:21 -07:00
toddouska
0c12f7c9ac Merge branch 'master' of github.com:cyassl/cyassl 2014-06-20 09:23:30 -07:00
toddouska
6371b3c262 send ecdsa_sign for client cert request type is sig algo ecdsa 2014-06-20 09:22:40 -07:00
Chris Conlon
544c86b8e4 update taoCerts.txt to use 1024 RSA by default, SHA1 instead of MD5 2014-06-20 10:16:07 -06:00
toddouska
9642902c07 fix disable rsa w/ opensslextra 2014-06-19 15:59:24 -07:00
Moisés Guimarães
ae073cb1f9 fix pkcs7 memory leaks and XMALLOC result verification. 2014-06-18 14:32:20 -03:00
Moisés Guimarães
8eae068000 fix error codes checking to use enum value from error-ssl.h 2014-06-16 17:57:47 -03:00
toddouska
8350d91780 fix PemToDer encrypted key search start position for bundled files 2014-06-16 12:30:04 -07:00
John Safranek
acb3b1afb2 fix bug with DTLS and IO Pools 2014-06-15 17:26:18 -07:00
John Safranek
33fb679334 fix small config bug between AES-GCM and AES-CCM 2014-06-15 13:59:33 -07:00
Moisés Guimarães
a3687a200a fix tests based on Wolfcrypt error codes. 2014-06-13 15:30:30 -03:00
toddouska
0223708ac4 make crl monitor watch init -1 2014-06-12 16:01:34 -07:00
toddouska
ceafd298f3 fix linux crl monitor newer gcc warning 2014-06-12 15:56:44 -07:00
toddouska
ddf5924b3b add error code for hmac min key len in new error range 2014-06-11 11:56:17 -07:00
toddouska
b3abbbb0ce make more room for wolfCrypt error range 2014-06-11 11:50:14 -07:00
toddouska
aad204428f fips mode hmac min key length for 2014 requirements 2014-06-11 11:43:17 -07:00
Moisés Guimarães
9c905b6519 fix on TLSX_SNI_GetFromBuffer - > should be >= so extensions of length 0 get inside the while.
added test to cover case.
2014-06-10 16:56:45 -03:00
Moisés Guimarães
ba36c24fc1 fix on TLSX_SNI_GetFromBuffer - undo last fix and return 0 when there is no SNI extension. Now the return is the same when there is no extensions at all. 2014-06-10 15:28:29 -03:00
Moisés Guimarães
064483035c fix on TLSX_SNI_GetFromBuffer - set inOutSz value to zero when there is no SNI extension in the client hello buffer. 2014-06-09 17:31:32 -03:00
toddouska
e0c5c89bf6 add sanity check on send callback sent value 2014-06-09 12:55:17 -07:00
toddouska
257959bcde fix intel asm comment and xmm stack size needed 2014-06-05 17:37:39 -07:00
Chris Conlon
ae6fe9397c check NTRU DRBG uninstantiate ret value in test.c 2014-06-05 17:07:19 -06:00
John Safranek
ee45558810 fixes , --enable-debug=no and --disable-debug to actually disable debug 2014-06-05 14:39:05 -07:00
Chris Conlon
a86e710fc1 make clean to remove generated certs/keys 2014-06-05 15:06:59 -06:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
665bda3ce6 ecb encrypt asm restore correct registers 2014-06-04 15:20:04 -07:00
toddouska
81a5bdc6f9 fix intel syntax backwards 2014-06-04 15:15:29 -07:00
toddouska
d728474ef3 store non volatile xmm6-15 for aesni on microsoft 2014-06-04 15:00:42 -07:00
toddouska
2494217a87 add sanity check on output buffer size for BuildMessage() 2014-06-04 09:58:15 -07:00
John Safranek
d301ab001c fix Windows compile warnings 2014-06-03 23:11:18 -07:00
toddouska
0c2c8c7fa3 Merge pull request from jspada/max-altname-buffer-len
Increased max AltName buffer size (for cert generation)
2014-06-03 14:37:14 -07:00
Joseph Spadavecchia
3d94a41740 Increased max AltName buffer size (for cert generation) 2014-06-03 10:58:22 +01:00
toddouska
24b556689f fix psk define w/ opensslextra 2014-06-02 11:22:47 -07:00
toddouska
66eb3caac5 bump dev version 2014-05-30 17:02:30 -07:00
toddouska
5b7a5fe0bb Merge branch 'master' of github.com:cyassl/cyassl 2014-05-30 16:56:28 -07:00
toddouska
0f311adb2c if icc doesn't have 128bit type on x64 don't use it 2014-05-30 16:54:09 -07:00
John Safranek
61ca922c46 Updated for v3.0.2 2014-05-30 16:01:02 -07:00
John Safranek
b60a61fa94 DHE-PSK cipher suites
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
 * TLS_DHE_PSK_WITH_NULL_SHA256
 * TLS_DHE_PSK_WITH_NULL_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CCM
 * TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
2014-05-30 11:26:48 -07:00
toddouska
4c9fa39d34 fix icc aesni warning where claims to be gcc 2014-05-28 17:48:08 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00