mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,362 Commits 5 Branches 162 Tags 807 MiB
9fff57839f
Commit Graph

865 Commits

Author SHA1 Message Date
toddouska
99f6fd8450 have explicit Rsa Padding error 2014-07-16 13:52:31 -07:00
Chris Conlon
237bde7918 bump version to 3.1.0 2014-07-15 10:50:45 -06:00
Chris Conlon
54b02c3979 fix order of variables in myDateCb for Windows/VS 2014-07-15 09:39:37 -06:00
Kaleb Himes
15f432c521 updated certs 2014-07-11 13:55:10 -06:00
JacobBarthelmeh
e62fbdd49f added ECDSA and DHE_RSA support for chacha-poly 2014-07-10 16:35:56 -06:00
JacobBarthelmeh
c322cb05ad uses most recent version of cyassl 2014-07-10 11:18:49 -06:00
toddouska
7c608af579 Merge branch 'master' into ti 2014-07-09 17:48:35 -07:00
JacobBarthelmeh
fb25db9c28 progress on suite 2014-07-09 15:48:40 -06:00
Moisés Guimarães
f8cf3bf853 remove stack reduction macros 2014-07-08 10:51:27 -03:00
toddouska
4ed9b3fa33 Merge branch 'master' into ti 2014-07-07 10:32:52 -07:00
Moisés Guimarães
de14fac069 add hash utility functions to promote cleaner code, smaller footprint, centralized logs and error handling. 2014-07-04 09:17:18 -03:00
Moisés Guimarães
a281c6bc6c asn: refactoring ConfirmSignature to reduce stack usage: 
--- variable digest moved to the heap (20..64 bytes saved)
--- variable pubKey moved to the heap (sizeof(RsaKey) bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
--- variable plain moved to the heap (512 bytes saved)
--- variable pubKey moved to the heap (sizeof(ecc_key) bytes saved)
--- variable md2 moved to the heap (sizeof(Md2) bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) bytes saved)
--- variable sha moved to the heap (sizeof(Sha) bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) bytes saved)
--- variable sha384 moved to the heap (sizeof(Sha384) bytes saved)
--- variable sha512 moved to the heap (sizeof(Sha512) bytes saved)

fix - In some cases, the function was returning error codes, that could be interpreted as a false positive.
 2014-07-04 09:17:17 -03:00
Moisés Guimarães
b875f6f631 add stack reduction macros 2014-07-04 09:17:17 -03:00
toddouska
61e989ed99 Merge branch 'master' into ti 2014-07-03 11:34:15 -07:00
toddouska
2d63c559cc dh now disabled by default but can be enabled w/o opensslextra 2014-07-03 11:32:24 -07:00
toddouska
cc74206f9c Merge branch 'master' into ti 2014-07-02 20:06:49 -07:00
toddouska
cac799f683 add optional ecc ctx info 2014-07-02 16:59:45 -07:00
toddouska
6817e3cd2e Merge branch 'master' into ti 2014-07-02 16:31:55 -07:00
toddouska
be402277e0 add override cert date example for bad clock testing 2014-07-02 12:07:25 -07:00
JacobBarthelmeh
53c63dd257 progress on suite 2014-07-01 16:08:52 -06:00
JacobBarthelmeh
5bf411f345 progress on suite 2014-07-01 14:16:44 -06:00
toddouska
1122f2a399 master merge resolve 2014-07-01 11:58:33 -07:00
toddouska
4eebba8162 Merge branch 'master' of github.com:cyassl/cyassl 2014-07-01 09:28:40 -07:00
toddouska
c957e9a909 make default I/O callbacks external for user to base/wrap if desired 2014-07-01 09:27:31 -07:00
Chris Conlon
ee0d989c24 add sizeof ints back to certs_test.h, fix cert buffer usage in benchmark.c 2014-07-01 09:38:12 -06:00
Chris Conlon
3ea0f7b4ab add key/cert buffers for CA cert, server key/cert 2014-07-01 08:58:47 -06:00
toddouska
f2de04ae46 Merge branch 'master' into ti 2014-06-26 08:57:35 -06:00
Moisés Guimarães
9339d7d5b1 add support to TLS extensions in DTLS 2014-06-25 13:26:42 -03:00
toddouska
a6ea32461d Merge branch 'master' into ti 2014-06-20 14:48:53 -07:00
toddouska
e6d9151f47 add user cert chain functionality at SSL level instead of just CTX 2014-06-20 10:49:21 -07:00
toddouska
a319354e92 Merge branch 'master' into ti 2014-06-20 09:24:11 -07:00
toddouska
6371b3c262 send ecdsa_sign for client cert request type is sig algo ecdsa 2014-06-20 09:22:40 -07:00
toddouska
9a180b0ec8 Merge branch 'master' into ti 2014-06-16 11:05:20 -07:00
John Safranek
33fb679334 fix small config bug between AES-GCM and AES-CCM 2014-06-15 13:59:33 -07:00
toddouska
e30e1c40f7 Merge branch 'master' into ti 2014-06-11 11:57:11 -07:00
toddouska
ddf5924b3b add error code for hmac min key len in new error range 2014-06-11 11:56:17 -07:00
toddouska
b3abbbb0ce make more room for wolfCrypt error range 2014-06-11 11:50:14 -07:00
toddouska
aad204428f fips mode hmac min key length for 2014 requirements 2014-06-11 11:43:17 -07:00
toddouska
c6740feee7 Merge branch 'master' into ti 2014-06-09 12:57:43 -07:00
toddouska
e0c5c89bf6 add sanity check on send callback sent value 2014-06-09 12:55:17 -07:00
toddouska
f4c96c68c9 Merge branch 'master' into ti 2014-06-05 17:55:56 -07:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
e4c33cb51e Merge branch 'master' into ti 2014-06-04 08:08:52 -07:00
Joseph Spadavecchia
3d94a41740 Increased max AltName buffer size (for cert generation) 2014-06-03 10:58:22 +01:00
toddouska
65ad0c987b Merge branch 'master' into ti 2014-05-30 17:06:36 -07:00
toddouska
66eb3caac5 bump dev version 2014-05-30 17:02:30 -07:00
toddouska
a920795665 Merge branch 'master' into ti 2014-05-30 16:57:15 -07:00
toddouska
5b7a5fe0bb Merge branch 'master' of github.com:cyassl/cyassl 2014-05-30 16:56:28 -07:00
toddouska
0f311adb2c if icc doesn't have 128bit type on x64 don't use it 2014-05-30 16:54:09 -07:00
John Safranek
b60a61fa94 DHE-PSK cipher suites 
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
 * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
 * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
 * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
 * TLS_DHE_PSK_WITH_NULL_SHA256
 * TLS_DHE_PSK_WITH_NULL_SHA384
 * TLS_DHE_PSK_WITH_AES_128_CCM
 * TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
 2014-05-30 11:26:48 -07:00
toddouska
71a5aeeb81 Merge branch 'master' into ti 2014-05-28 17:37:48 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00
toddouska
8a0fbcb83e Merge branch 'master' into ti 2014-05-28 13:06:51 -07:00
Chris Conlon
7e13e414cb rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts 2014-05-28 10:28:01 -06:00
toddouska
21ebf9485d Merge branch 'master' into ti 2014-05-28 08:39:11 -07:00
Moisés Guimarães
263d3439d9 DecodedCert: 
* add structure fields to persist encoding format of subject parts;
* set default encoding formats at InitDecodedCert;
* retrieve encoding format from buffer at GetName;
* copy encoding format from DecodedCert to CertName at SetNameFromCert.
 2014-05-23 15:48:50 -03:00
Moisés Guimarães
e517459f89 CertName: 
* add structure fields to persist encoding format;
 * set default encoding formats at InitCert;
 * add function to retrieve encoding format of a specific field based on it's id.
 2014-05-23 11:11:46 -03:00
toddouska
e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
toddouska
15d3d3f790 fix visual studio 64 warnings 2014-05-20 14:31:26 -07:00
John Safranek
b46b8516ae Merge branch 'master' of github.com:cyassl/cyassl 2014-05-20 14:11:58 -07:00
John Safranek
12841e6093 fix integration bugs with new suites 2014-05-20 14:07:08 -07:00
toddouska
fc084e9978 Merge branch 'master' into ti 2014-05-20 13:46:27 -07:00
toddouska
3d803653c6 add visual studio 64 project files to autoconf, fix distclcean 2014-05-20 13:45:11 -07:00
John Safranek
74712b4e71 1. Added the following cipher suites: 
* TLS_PSK_WITH_AES_128_GCM_SHA256
 * TLS_PSK_WITH_AES_256_GCM_SHA384
 * TLS_PSK_WITH_AES_256_CBC_SHA384
 * TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
 2014-05-19 21:44:04 -07:00
toddouska
e024c8af41 Merge branch 'master' into ti 2014-05-15 10:37:15 -07:00
John Safranek
5ab2ccfa96 Added FIPS wrappers for the DRBG and improved CTaoCrypt test. 2014-05-14 15:25:55 -07:00
toddouska
f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska
ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
toddouska
6ea8f6cb17 Merge branch 'master' into ti 2014-05-13 16:05:51 -07:00
toddouska
aa5234ae0e fix des return values for ecb and plain cbc, allow errors 2014-05-13 16:04:52 -07:00
toddouska
d92869067c Merge branch 'master' into ti 2014-05-13 15:52:33 -07:00
toddouska
0a8804b3f8 add freescale mmcau hardware crypto alignment requirement, error out if not met 2014-05-13 15:51:35 -07:00
toddouska
28b6c5b998 Merge branch 'master' into ti 2014-05-12 14:02:22 -07:00
toddouska
7f938f3bdf Merge pull request #80 from kojo1/MDK5 
MDK5 sw pack 3.0.0
 2014-05-12 14:01:42 -07:00
toddouska
a3a12a7010 merge resolution in io.c 2014-05-12 13:36:20 -07:00
toddouska
8c9c257921 Merge pull request #79 from kojo1/IAR 
sample projects for IAR EWARM

Why is SINGLE_THREADED assumed for IAR with ARM?
 2014-05-12 13:28:02 -07:00
toddouska
4c8d94023b Merge branch 'master' into ti 2014-05-09 14:50:44 -07:00
toddouska
7fcaa03436 Merge pull request #75 from kojo1/ColdFire 
ColdFire SEC, PIC32 updates
 2014-05-09 14:41:40 -07:00
toddouska
34f2e51415 remove extra spaces from ti cyassl proper files 2014-05-09 11:55:59 -07:00
Vikram Adiga
f643ca5f48 Added TI-RTOS support for CyaSSL tests 2014-05-08 15:52:20 -07:00
Vikram Adiga
5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
John Safranek
72e9ea8e4b added Hash DRBG as configure option 2014-05-07 11:54:12 -07:00
Takashi Kojo
eeb2e28f54 Sync with 3.0.0 2014-05-05 09:45:25 +09:00
John Safranek
fd707ebafb Hash_DRBG refactoring 
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
 2014-05-02 15:35:10 -07:00
Takashi Kojo
35d5b66d2c Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-02 09:32:55 +09:00
Takashi Kojo
b680e62832 set up Simulator 2014-05-02 09:31:22 +09:00
toddouska
5ff0336491 add custom kqueue event for crl monitor shutdown 2014-05-01 09:28:33 -07:00
Takashi Kojo
fb00110b77 CyaSSL library project and README 2014-05-01 17:03:01 +09:00
Takashi Kojo
3de36b106e Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-01 14:33:49 +09:00
Takashi Kojo
169c0eee20 IAR EWARM project: test, benchmark 2014-05-01 14:29:09 +09:00
John Safranek
838d9ea780 bump dev version, update README for v3.0.0 2014-04-29 10:45:01 -07:00
John Safranek
70dee7e190 Added the directoryName comparison to the name constraint checks. 2014-04-28 13:29:44 -07:00
John Safranek
618d282d94 Decodes the Name Constraints certificate extension on the CA cert 
and checks the names on the peer cert, rejecting it if invalid
based on the name.
 2014-04-28 11:03:24 -07:00
Takashi Kojo
6e3bbd135e des3.h 2014-04-25 14:21:28 +09:00
Takashi Kojo
2460679718 des3.h 2014-04-25 14:11:56 +09:00
Takashi Kojo
41199a480d ColdFire SEC, fix cache control in aes, des3 driver 2014-04-23 16:56:37 +09:00
Moisés Guimarães
8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães
32e2d7016f SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation. 2014-04-14 21:36:04 -03:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek
421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
Takashi Kojo
b712380a60 Sync MDK5 Software Pack with 2.9.4 2014-04-11 16:20:12 +09:00
John Safranek
603192f153 Removed an incorrect key use check. 2014-04-10 23:31:43 -07:00
John Safranek
e79ce42ef4 Added checking of the key usage and extended key usage extensions in the 
certificates.
 2014-04-10 16:50:14 -07:00
toddouska
5de34bf987 add client suite verify, detect mismatch early 2014-04-10 14:11:30 -07:00
toddouska
78ebc49bd2 bump dev version 2014-04-10 13:53:01 -07:00
toddouska
a44fb0596a update ecc ccm8 suites to approved cipher suite numbers 2014-04-10 13:18:31 -07:00
toddouska
06faa47001 version bump 2014-04-09 09:51:11 -07:00
Chris Conlon
e84487d121 fix SHA384 define 2014-04-07 10:29:16 -06:00
toddouska
6be3094494 remove debug logging macro left in 2014-04-06 12:45:41 -07:00
toddouska
562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
Chris Conlon
9e02937389 minor EROAD settings adjustments 2014-04-04 12:35:41 -06:00
toddouska
c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska
348f50b4b1 bump dev version 2014-04-01 12:08:18 -07:00
toddouska
4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
Moisés Guimarães
6b9f711de0 DesSetKey refactory to reduce stack usage: 
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
 2014-03-28 12:59:39 -03:00
toddouska
05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska
7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska
e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon
59c1adaf0e version 2.9.2 release 2014-03-27 10:35:57 -06:00
John Safranek
dd61daef70 When saving the signature from a DecodedCert to a CYASSL_X509 only copy 
the signature if it exists.
 2014-03-26 12:01:26 -07:00
toddouska
d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska
18d178f325 add ShaFinal fips mode 2014-03-25 16:20:03 -07:00
toddouska
b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska
3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska
0fd8ca5409 NO_MAIN_DRIVER for settings 2014-03-25 14:10:07 -07:00
toddouska
b6fc109c1d add ecc_ctx_reset() so user can reuse ctx w/o init/free 2014-03-25 12:48:25 -07:00
toddouska
43c6ae3691 no C++ comments 2014-03-25 11:44:00 -07:00
toddouska
fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska
8c5d958a8b add Aes SetIV fips mode 2014-03-24 14:01:36 -07:00
toddouska
0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
toddouska
8889e17489 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 14:50:52 -07:00
toddouska
9fe9276236 finish fips aes w/ tests 2014-03-21 14:49:49 -07:00
John Safranek
e19e2a801d Ext Key Usage 
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
 2014-03-21 09:37:10 -07:00
John Safranek
08ae775406 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 09:34:08 -07:00
toddouska
98c6e3f3af have Base16 Decode on for FIPS tests 2014-03-20 11:38:14 -07:00
toddouska
8bc6bf9424 add lower case support to Base16 decode for better known answer test support, export 2014-03-20 10:31:52 -07:00
John Safranek
1e041abf04 decode Extended Key Usage extension 2014-03-20 10:07:47 -07:00
toddouska
58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska
388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
John Safranek
1ea620cece Merge branch 'master' of github.com:cyassl/cyassl 2014-03-14 16:02:38 -07:00
John Safranek
bcd7f03495 X.509 
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
   extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
 2014-03-14 15:48:33 -07:00
Chris Conlon
a28d0dd276 add EROAD settings 2014-03-14 15:54:21 -06:00
toddouska
4ac70de055 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-13 18:56:07 -07:00
toddouska
b56ecd1842 add enable-iopool , simple I/O pool example using memory overrides 2014-03-13 18:54:51 -07:00
Moisés Guimarães
eba36226dc Boundaries check for DoCertificateRequest. 
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
 2014-03-13 19:14:13 -03:00
Moisés Guimarães
244e335e81 Boundaries check for DoFinished. 
-- added size and totalSz in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- INCOMPLETE_DATA returned in case of buffer overflow (piece smaller than the expected size);
-- removed unnecessary variable idx;
-- fixed the sniffer to adapt to the changes.
 2014-03-13 19:14:13 -03:00
toddouska
2b8ee45a18 change default static buffer size to record header size to prevent memory fragmentation, only adds 8 bytes to SSL 2014-03-13 11:35:14 -07:00
John Safranek
1c35e5929a Merge branch 'master' of github.com:cyassl/cyassl 2014-03-12 15:41:40 -07:00
John Safranek
92c31d81f9 X.509 with unsupported critical extensions should be rejected 2014-03-11 11:50:45 -07:00