Commit Graph

828 Commits

Author SHA1 Message Date
toddouska
54049c6000 allow dhe 4096bit for ssl key exchange 2014-10-07 15:50:33 -07:00
toddouska
c65b14a891 add scr check against subject hash, only allow explicit session ticket resupmtion during scr 2014-10-06 16:12:45 -07:00
John Safranek
7c67a9261c trimmed some unused code for session tickets 2014-10-06 12:44:52 -07:00
John Safranek
954740e2a8 Added check for expected session ticket 2014-10-04 12:41:51 -07:00
John Safranek
80a474ebad 1. Fixed encoding of session ticket hello extension.
2. Session tickets used as alternative resumption.
2014-10-03 13:19:59 -07:00
John Safranek
9dbc1d2d00 Parse the NewSessionTicket handshake message 2014-10-01 16:28:01 -07:00
toddouska
8e96234513 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-01 09:45:57 -07:00
toddouska
41647e441a preview scr 2014-10-01 09:44:24 -07:00
Moisés Guimarães
ee68797cf1 Adds a flag to tell the handshake framework to expect a session ticket. 2014-09-30 18:50:19 -03:00
Moisés Guimarães
a937040087 Adds Session Ticket TLS Extension handling.
New Session Ticket Handshake Message handling is still needed for Session Tickets to work.
2014-09-30 09:30:23 -03:00
toddouska
dcde28db51 add server initiated scr 2014-09-29 14:48:49 -07:00
toddouska
369b7559c5 fix session ticket warnings 2014-09-26 16:16:11 -07:00
Moisés Guimarães
c340d78c93 adds SESSION_TICKET extension id.
adds HAVE_TLS_EXTENSIONS as a dependency to HAVE_SECURE_RENEGOTIATION
reduces tlsx semaphore from 16 to 8 bytes (128 flags to 64 flags).
refactors ConvertExtType() to TLSX_ToSemaphore() for a better name and behavior. Now the overflowing flags are set backwards from the end of the flags to avoid collisions.
2014-09-26 16:01:50 -03:00
Jacob Barthelmeh
f5a95a9f62 struct for one time authentication ciphers 2014-09-25 16:19:50 -06:00
toddouska
0c20584ed3 add client side initiated secure r, same specs 2014-09-24 18:48:23 -07:00
toddouska
74c6f35766 new handShakeDone flag to allow app data during scr 2014-09-24 13:10:01 -07:00
toddouska
21f46373f3 delay SetKeys() with SetKeysSide() until last possible moment, needed for scr 2014-09-24 11:27:13 -07:00
Moisés Guimarães
d9472d65da ssl: refactoring ProcessBuffer to reduce stack usage:
--- variable password moved to the heap (80 bytes saved)
--- variable key moved to the heap (32 bytes saved)
--- variable iv moved to the heap (16 bytes saved)
--- variable Des moved to the heap (sizeof(Des) saved)
--- variable Des3 moved to the heap (sizeof(Des3) saved)
--- variable Aes moved to the heap (sizeof(Aes) saved)
--- variable RsaKey moved to the heap (sizeof(RsaKey) saved)

Utility functions added to Des, Des3 and Aes for easier decryption.
2014-09-22 11:37:36 -03:00
Moisés Guimarães
d61af5d9ae adds record_overflow alert used by max_fragment_length tls extension. 2014-09-18 21:53:10 -03:00
toddouska
a735a52608 switch to extensions secure r state 2014-09-16 17:26:57 -07:00
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions.
Adds SecureRenegotiation functions
2014-09-16 20:33:17 -03:00
Moisés Guimarães
32cea012d9 Adds secure renegotiation TLSX_Type, structure and enabler function. 2014-09-16 20:21:29 -03:00
toddouska
4bb20612a1 move secure r inside of tls extensions 2014-09-16 12:42:13 -07:00
toddouska
9a90a0c113 save secure r verify data 2014-09-16 11:51:13 -07:00
toddouska
996418c383 add secure reneg state variables 2014-09-15 15:18:01 -07:00
Chris Conlon
7ea5d6c509 bump version to 3.2.0 2014-09-10 16:46:39 -06:00
toddouska
2c595139db fix tirtos merge 2014-09-08 19:40:03 -07:00
toddouska
ca3f879907 Merge branch 'master' of github.com:cyassl/cyassl 2014-09-08 11:35:06 -07:00
toddouska
9e40e967a0 add ecc key to DER, make sure ctaocrypt test errors always caught at make check level 2014-09-08 11:33:06 -07:00
Moisés Guimarães
d6b4f85d7c Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList() 2014-09-08 15:03:30 -03:00
Chris Conlon
422a2b8be8 change word type to cyassl_word to prevent conflicts with some toolchains 2014-09-05 10:17:24 -06:00
John Safranek
1a88e9fbdc Added function to flatten the RSA public key to a pair of byte arrays 2014-09-03 23:10:10 -07:00
Moisés Guimarães
8bb52380a8 TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList.
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
2014-09-01 18:35:30 -03:00
toddouska
03800a9df4 Merge branch 'keycomp' 2014-08-29 14:34:44 -07:00
toddouska
3072edb696 add compressed key support 2014-08-29 14:25:58 -07:00
Chris Conlon
7e7cbdc715 add raw ECC key import functionality and tests 2014-08-29 10:46:25 -06:00
John Safranek
496228e5b0 Merge branch 'master' of github.com:cyassl/cyassl 2014-08-19 22:38:42 -07:00
John Safranek
100f0e8a96 Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.) 2014-08-19 22:38:04 -07:00
toddouska
87564bdffe get_cipher fixes 2014-08-15 10:56:38 -07:00
toddouska
aaf4e74453 Merge https://github.com/ShaneIsrael/cyassl into shane 2014-08-15 10:03:50 -07:00
ShaneIsrael
57f2affe20 Added GetCipherName() which takes an index 2014-08-13 09:46:13 -06:00
JacobBarthelmeh
856aab7f30 add fuzzer CYASSL* and fuzzer ctx 2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2 Added CyaSSL_get_ciphers() and necessary functions 2014-08-12 16:17:36 -06:00
JacobBarthelmeh
6620df2e4e Merge remote-tracking branch 'upstream/master' 2014-08-12 13:03:55 -06:00
JacobBarthelmeh
a18602951b record header fuzz 2014-08-12 11:56:20 -06:00
Kaleb Himes
20f8493046 All encryptions work. settings.h generic, allow end user mod 2014-08-12 10:41:11 -06:00
JacobBarthelmeh
5c72bf6272 fuzzer callbacks 2014-08-11 16:29:19 -06:00
toddouska
0919a2927c fix digest sizes in internal.h 2014-08-06 06:53:24 -07:00
toddouska
9429f07a8a add MD5_DIGEST_SZ to NO_MD5 for non no-old-tls build types that still need it 2014-08-05 13:41:55 -07:00
toddouska
7a95bc452d Merge branch 'master' into ti 2014-07-29 16:20:57 -07:00