mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,484 Commits 5 Branches 162 Tags 807 MiB
e09d14f6f8
Commit Graph

184 Commits

Author SHA1 Message Date
Moisés Guimarães
d61af5d9ae adds record_overflow alert used by max_fragment_length tls extension. 2014-09-18 21:53:10 -03:00
Moisés Guimarães
d80e820654 Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions. 
Adds SecureRenegotiation functions
 2014-09-16 20:33:17 -03:00
toddouska
aaf4e74453 Merge https://github.com/ShaneIsrael/cyassl into shane 2014-08-15 10:03:50 -07:00
JacobBarthelmeh
856aab7f30 add fuzzer CYASSL* and fuzzer ctx 2014-08-12 16:25:58 -06:00
ShaneIsrael
bb9696c9f2 Added CyaSSL_get_ciphers() and necessary functions 2014-08-12 16:17:36 -06:00
JacobBarthelmeh
a18602951b record header fuzz 2014-08-12 11:56:20 -06:00
JacobBarthelmeh
5c72bf6272 fuzzer callbacks 2014-08-11 16:29:19 -06:00
JacobBarthelmeh
b77a1fdbbb refactoring 2014-07-17 15:00:40 -06:00
JacobBarthelmeh
c322cb05ad uses most recent version of cyassl 2014-07-10 11:18:49 -06:00
JacobBarthelmeh
53c63dd257 progress on suite 2014-07-01 16:08:52 -06:00
JacobBarthelmeh
5bf411f345 progress on suite 2014-07-01 14:16:44 -06:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
Takashi Kojo
fb00110b77 CyaSSL library project and README 2014-05-01 17:03:01 +09:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
Chris Conlon
85a47b4596 add NO_STDIO_FILESYSTEM to exclude FILE usage from non standard filesystems 2014-02-14 14:57:43 -07:00
toddouska
1cf884dccc add enable-certservice, ease of use 2014-02-11 13:08:12 -08:00
Moisés Guimarães
36b5bf0df1 Renaming Elliptic Curves to Supported Curves for better extension representation and avoid confusion. 2014-02-03 16:14:35 -03:00
Moisés Guimarães
9490c0dbaf validating curves 2014-01-31 16:52:14 -03:00
Moisés Guimarães
afd38d11cd removing unused curve names. 2014-01-31 16:52:13 -03:00
Moisés Guimarães
75ae9dc973 added external api for Elliptic Curves Extension. 2014-01-31 16:52:13 -03:00
John Safranek
cfa9007199 1. Bumped release version in configure.ac. 
2. Added enable option for SCEP. Enables prereqs.
3. Added CyaSSL_wolfSCEP() for ac to test for CyaSSL SCEP.
 2014-01-27 11:35:43 -08:00
toddouska
8a1971d52b add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs 2014-01-14 15:13:43 -08:00
John Safranek
d46c68ba10 Moved OCSP into the CertManager like the CRL. 2013-12-27 12:11:47 -08:00
John Safranek
4ce2e59adf For Atomic user: 
1. Added a getter for the session's IV size.
2. The HMAC size getter should return 0 for AEAD ciphers
   and the hash length for the others.
 2013-12-23 22:32:08 -08:00
rofl0r
a36c18c27f implement CyaSSL_ERR_reason_error_string 
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
  which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
  user to supply storage for them and copying them around.
 2013-12-19 19:40:48 +01:00
Chris Conlon
8c7f5817ac NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file 2013-12-11 16:19:09 -08:00
Moisés Guimarães
f8b30b3379 changing variable names to build on Ubuntu. 2013-12-02 15:50:21 -03:00
Moisés Guimarães
ba18f8b03e added new function to retrieve SNI from a buffer. 2013-11-21 21:25:42 -03:00
John Safranek
0fd6aed9b6 Save more decoded data from certificate for later use with X.509 functions. 2013-11-19 14:44:55 -08:00
Takashi Kojo
5a9140fd13 For PIC32MZ 2013-11-12 08:12:01 +09:00
John Safranek
4dc30fcde5 Added X.509 accessor for signature. 2013-11-06 11:49:49 -08:00
John Safranek
913e200cd0 X.509 Additions: 
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
 2013-11-04 11:02:17 -08:00
toddouska
e8fcf35098 add Rsa Public/Private client key exchange callbacks, examples 2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e add Rsa Sign/Verify callbacks, client/server examples 2013-08-26 16:27:29 -07:00
John Safranek
0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72 cleanup build warnings 
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
 2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
John Safranek
64ba0587a3 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-21 22:42:15 -07:00
John Safranek
957cf90118 Added function to read certificate from file into CYASSL_X509 buffer. 2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa add useratomic DecryptVerify Callbacks, example 2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b modified SEP X509 functions to behave like the NAME_oneline function 2013-08-20 16:47:38 -07:00
John Safranek
442886a207 Added x509 accessors for the SEP build certificate additions. 2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9 add atomic user macencrypt cb 2013-08-09 17:27:15 -07:00
toddouska
3378f8f25e add DTLS cookie ctx geter 2013-08-06 15:06:33 -07:00
John Safranek
831d9cf640 SEP Profile 
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
   a CYASSL_SESSION record.
 2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4 SEP Profile 
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
 2013-07-28 17:11:22 -07:00
Moisés Guimarães
55401c13dd Truncated HMAC first part (protocol). Extension processing will be coded later. 2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457 add IOCb Ctx getters 2013-07-22 11:01:00 -07:00
Moisés Guimarães
593e466a44 limiting max_fragment API for client side only. 2013-07-01 10:13:43 -03:00
toddouska
307c71d9cb add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake 2013-06-27 10:26:04 -07:00
toddouska
87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5 Make alert description and level enumerations public. 2013-06-21 14:56:42 -07:00
Moisés Guimarães
5f3ee80407 added: 
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
 2013-06-19 15:45:06 -03:00
toddouska
8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
Moisés Guimarães
f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH 
Added new function to SNI API: CyaSSL_SNI_Matched()
 2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614 Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch) 
Exposed SNI Type at ssl.h
 2013-05-30 15:26:41 -03:00
toddouska
d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
toddouska
cfdfa7b2b3 pull in Kojo MDK-ARM projects, changes 2013-05-16 09:47:27 -07:00
toddouska
47b468d14f add dtls recv timeout max user setting too 2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4 add user setting for dtls recv timeout init value 2013-05-07 16:14:26 -07:00
toddouska
a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00
toddouska
5c4fdb30ad add client session table lookup based on serverID, use CyaSSL_SetServerID to set/store with serverid 2013-04-29 14:22:32 -07:00
toddouska
791767e026 make sure unloadcas works w/o filesystem 2013-04-26 10:28:30 -07:00
toddouska
411a096b2b add memory versions of session cache save/restore 2013-04-25 17:23:58 -07:00
toddouska
956ac08cab add persistent session cache, ssn9 2013-04-24 11:10:23 -07:00
toddouska
bad1c32df2 add session cert conversion to x509, and free x509 for dynamic variety 2013-04-23 11:50:06 -07:00
toddouska
4491de3b77 add UnloadCAs ability for CTX or CertManager 2013-04-22 13:18:08 -07:00
toddouska
d665e16bd8 add user ctx to verify callback with CyaSSL_SetCertCbCtx 2013-04-18 10:37:10 -07:00
toddouska
729fc1e603 add discardSessionCerts flag for verify callback 2013-04-18 09:11:35 -07:00
John Safranek
fe13b4b6c6 moved and renamed the CBIO error codes so they are publically available 2013-04-16 12:32:55 -07:00
John Safranek
f65f86bb88 improvements to CCM, ssn6 2013-03-22 11:30:12 -07:00
toddouska
e515638503 make EmbedGenerateCookie a callback, USER_IO can install their own or default to ours 2013-03-13 16:41:50 -07:00
John Safranek
20e4889092 Merge branch 'dtls' 
Conflicts:
	src/ssl.c
 2013-03-08 17:45:35 -08:00
toddouska
85b3346bbf NO_RSA build, cipher suite tests need work for this build optoin, ssn2 2013-03-07 17:44:40 -08:00
John Safranek
591e1fc772 DTLSv1.2, fixed DTLS socket timeout 2013-03-06 23:02:33 -08:00
toddouska
dfa1553548 3rd scan build fixes 2013-02-14 16:23:48 -08:00
toddouska
44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska
f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
Todd Ouska
44b6593fe5 add cavium ciphers to SSL, and example client 2013-02-01 12:21:38 -08:00
John Safranek
ac227910f1 modify OCSP to use a replacable callback to perform the OCSP transaction 2013-01-03 17:19:56 -08:00
John Safranek
4e657debfc added the ability to disable OCSP nonces 2012-12-19 10:18:11 -08:00
toddouska
dd259b12c7 add CyaSSL_peek() 2012-11-16 12:16:00 -08:00
John Safranek
9aa8b71525 Merge branch 'nocerts' 2012-11-01 15:47:02 -07:00
John Safranek
134c6b8b1b cleaning warnings in OCSP build 2012-11-01 15:03:29 -07:00
John Safranek
85e8f1988a leanpsk build removes cert code, moved ctaocrypt error strings to own file 2012-11-01 12:36:47 -07:00
Chris Conlon
f6304ae37a add support for Freescale MQX 2012-11-01 11:23:42 -06:00
toddouska
35b4f08049 add CyaSSL_send()/recv() with flags parameter 2012-10-26 15:09:58 -07:00
toddouska
d4d5243f4d add user ability to set IO read/write flags 2012-10-25 14:17:11 -07:00
John Safranek
6d1e485ef4 DTLS to use recvfrom and sendto in embed recv and send callbacks. Added support for storing dtls peer address. 2012-10-02 09:15:50 -07:00
John Safranek
dfb84dff37 added accessors for CYASSL members for use in send/recv callbacks 2012-09-25 15:51:56 -07:00
John Safranek
40972868ce fix merge conflicts 2012-09-14 21:19:06 -07:00
John Safranek
56ee2eaba8 added dtls message retry 2012-09-14 09:35:34 -07:00
John Safranek
97ca8439a4 Merge branch 'master' of github.com:cyassl/cyassl 2012-09-07 08:30:03 -07:00
John Safranek
407397e8be adding DTLS retry timeout, added CYASSL pointer to recv/send callbacks 2012-09-06 22:41:55 -07:00
toddouska
43a0a21fb6 add GetOjbectSize for CYASSL* 2012-09-05 08:26:08 -07:00
toddouska
a5af2e3d51 add altname retrieval from peer cert 2012-07-31 17:45:48 -07:00
toddouska
fbc5c8d6dc add SSL set version, different from ctx version 2012-05-31 15:24:25 -07:00
toddouska
f528f5a7d3 add CertManager Verify with Buffer 2012-05-29 12:04:48 -07:00