mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,512 Commits 5 Branches 160 Tags 785 MiB
Commit Graph

858 Commits

Author SHA1 Message Date
John Safranek ac18ce03df DRBG Update 
1. picked better values for entropy and nonce sizes based on
   security strength
2. changed output block length to be the SHA-256 digest size
3. use constant drbgReseed when reseeding
4. renamed the "drgb" type constants from "dbrg"
5. removed the small stack change due to buffer size changes
6. internal helper function Hash_DRBG_Instantiate now also
   takes a pointer to a nonce and a personalization string
7. the InitRng gathers enough bits from GenerateSeed() to
   supply the entropy input and a nonce
8. lowered the reseed interval to 1 million
 2014-05-06 14:05:52 -07:00
Takashi Kojo 6ac7b056ee Pic benchmark, clock config 2014-05-05 16:41:07 +09:00
Takashi Kojo eeb2e28f54 Sync with 3.0.0 2014-05-05 09:45:25 +09:00
John Safranek 2f39b50063 fixed DateLessThan() 
It was returning true on less-than or equal-to.
 2014-05-03 16:46:56 -07:00
John Safranek fd707ebafb Hash_DRBG refactoring 
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
 2014-05-02 15:35:10 -07:00
toddouska fbe09780ca remove deadcode redundant length check 2014-05-02 11:40:36 -07:00
toddouska 697f77bef5 help coverity with max size issue on unsigned addition 2014-05-02 11:06:59 -07:00
Takashi Kojo 2069394386 benchmark.c: cert file name 2014-05-01 15:26:55 +09:00
Takashi Kojo 3de36b106e Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-01 14:33:49 +09:00
Takashi Kojo 169c0eee20 IAR EWARM project: test, benchmark 2014-05-01 14:29:09 +09:00
John Safranek fb5200aa95 1. Added more options to the full commit test. 
2. Cleanups from static analysis.
 2014-04-30 15:01:10 -07:00
John Safranek 09a7a087a2 fix static analysis warnings 2014-04-29 14:52:42 -07:00
John Safranek 70dee7e190 Added the directoryName comparison to the name constraint checks. 2014-04-28 13:29:44 -07:00
John Safranek 68878d33d9 Merge branch 'frankencert' 2014-04-28 11:10:37 -07:00
John Safranek 618d282d94 Decodes the Name Constraints certificate extension on the CA cert 
and checks the names on the peer cert, rejecting it if invalid
based on the name.
 2014-04-28 11:03:24 -07:00
Takashi Kojo 6cf1c8149b AesCbcEncrypt/Decrypt return value 2014-04-28 10:52:35 +09:00
Takashi Kojo f9ad1888cb Fixed pic32mx/mz clock for benchmark 2014-04-28 10:51:18 +09:00
Takashi Kojo cb70631512 aes.c indentation 2014-04-25 14:18:23 +09:00
Takashi Kojo 11aff767fd corrected pic32mz header path 2014-04-25 13:50:12 +09:00
Takashi Kojo e3becc3a65 des3 parity. internal.h to ctaocrypt/types.h 2014-04-25 13:35:35 +09:00
Chris Conlon f20b25b510 add RSA_DECODE_EXTRA to RsaPublicKeyDecode() to handle OpenSSL-generated keys 2014-04-23 15:53:20 -06:00
Moisés Guimarães 30b63bda6f random: InitRng and RNG_GenerateBlock to reduce stack usage: (up to 512 bytes - pointer sizes) moved to the heap. 
with ARC4
--- InitRng: entropy variable moved to the heap; (256 bytes)
--- RNG_GenerateBlock: entropy variable moved to the heap; (256 bytes)
without ARC4
--- InitRng: key variable moved to the heap; (32 bytes)
--- InitRng: junk variable moved to the heap; (256 bytes)
 2014-04-23 16:06:14 -03:00
Moisés Guimarães 6e3349f8ec fix code format, only spaces added, no code has been modified. 2014-04-23 11:58:44 -03:00
Moisés Guimarães ce655f61c5 ecc: ecc_make_key_ex, ecc_export_x963, accel_fp_mul, accel_fp_mul2add, ecc_encrypt and ecc_decrypt refactory to reduce stack usage: (1350 bytes - pointer sizes) moved to the heap. 
--- ecc_make_key_ex: buf variable moved to the heap; (66 bytes)
--- ecc_export_x963: buf variable moved to the heap; (256 bytes)
--- accel_fp_mul: kb variable moved to the heap; (128 bytes)
--- accel_fp_mul2add: kb variable moved to the heap; (256 bytes)
--- ecc_encrypt: sharedSecret and keys variables moved to the heap; (66 + 256 bytes)
--- ecc_decrypt: sharedSecret and keys variables moved to the heap; (66 + 256 bytes)
 2014-04-23 11:44:54 -03:00
Takashi Kojo a67cb1207b ColdFire SEC for aes, des3: Eliminated type mismatch 2014-04-23 20:45:19 +09:00
Takashi Kojo 41199a480d ColdFire SEC, fix cache control in aes, des3 driver 2014-04-23 16:56:37 +09:00
Moisés Guimarães fc24dca12d fix code format, only spaces added, no code has been modified. 2014-04-21 14:55:43 -03:00
Moisés Guimarães eaaf0a7c28 pwdbased: PBKDF2 refactory to reduce stack usage: (up to 64 bytes - pointer size) moved to the heap. 
--- buffer variable moved to the heap; (up to 64 bytes)
--- returns changed to breaks

pwdbased: PKCS12_PBKDF refactory to reduce stack usage: (up to 1023 + 128 bytes - pointer sizes) moved to the heap.
--- staticBuffer variable changed to have size = 1 byte (1023 bytes saved)
--- Ai variable moved to the heap; (up to 64 bytes)
--- B variable moved to the heap; (up to 64 bytes)

hmac: HKDF refactory to restore previous behavior inside while loop.
 2014-04-21 14:45:07 -03:00
Moisés Guimarães 6d0fbfe7e9 hmac: HKDF refactory to reduce stack usage: (up to 128 bytes - pointer sizes) moved to the heap. 
--- tmp variable moved to the heap; (up to 64 bytes)
--- prk variable moved to the heap; (up to 64 bytes)
 2014-04-21 11:31:42 -03:00
Moisés Guimarães ac56927e20 CYASSL_SMALL_STACK build option (default enabled) 2014-04-16 13:25:51 -03:00
Moisés Guimarães 48af915a35 fix camellia memory leak 2014-04-15 14:06:13 -03:00
Moisés Guimarães 69890dd023 blake2b: blake2b_init_key and blake2b_compress refactory to reduce stack usage: (384 bytes - pointer sizes) moved to the heap. 
--- block variable moved to the heap; (128 bytes)
--- m and w variables moved to the heap; (256 bytes)
--- chain of dependency updated to propagate the error.
 2014-04-15 12:46:43 -03:00
Moisés Guimarães 8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães 32e2d7016f SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation. 2014-04-14 21:36:04 -03:00
Moisés Guimarães 644bb9c524 SHA256, SHA384 and SHA512 error propagation. Minor impact on some of internal.c static functions. 2014-04-14 21:28:23 -03:00
Moisés Guimarães 45f9f3cdc2 SHA256, SHA384 and SHA512 error verification on test files. 2014-04-14 21:28:22 -03:00
Moisés Guimarães 329cd0b241 sha256: XTRANSFORM refactory to reduce stack usage: (256 bytes - pointer size) moved to the heap. 
--- W variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in Sha256Update and Sha256Final functions.

sha512: Transform and Transform384 refactory to reduce stack usage: (128 bytes - pointer size) moved to the heap in each function
--- W variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in Sha512Update, Sha512Final, Sha384Update and Sha384Final functions.
 2014-04-14 21:28:22 -03:00
Moisés Guimarães 41cc5f06e4 camellia_setup128 and camellia_setup256 refactory to reduce stack usage: 
--- subL and subR variables moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in CamelliaSetKey function.
 2014-04-14 21:28:22 -03:00
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek 421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
Takashi Kojo b712380a60 Sync MDK5 Software Pack with 2.9.4 2014-04-11 16:20:12 +09:00
John Safranek e79ce42ef4 Added checking of the key usage and extended key usage extensions in the 
certificates.
 2014-04-10 16:50:14 -07:00
toddouska b59b3d7c36 remove unused blake2b helper f()s 2014-04-07 11:35:13 -07:00
toddouska 5a70aba3bc fix InitSha 2014-04-04 15:37:04 -07:00
toddouska 562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
Chris Conlon c4f483aaa2 Fix order of GenerateSeed() when MQX is used with leanPSK 2014-04-04 12:37:22 -06:00
toddouska 6504d605a0 fix des malloc cast 2014-04-01 14:02:36 -07:00
toddouska c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska 4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
John Safranek 1f3bc9263d error to have v1 or v2 certificates with extensions 2014-03-28 11:25:05 -07:00
Moisés Guimarães bbc9c53b90 fix error include 2014-03-28 14:01:10 -03:00
Moisés Guimarães 6b9f711de0 DesSetKey refactory to reduce stack usage: 
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
 2014-03-28 12:59:39 -03:00
toddouska 05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska 7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon 74a6916606 remove fips file stubs 2014-03-27 12:47:38 -06:00
Chris Conlon 62b8abafc5 fix variable shadow warning in asn.c 2014-03-26 23:43:44 -06:00
Chris Conlon 9d74775934 add fips file placeholders 2014-03-26 23:40:07 -06:00
toddouska 717f3adb47 fix item 9 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:28:19 -07:00
toddouska d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska 18d178f325 add ShaFinal fips mode 2014-03-25 16:20:03 -07:00
toddouska b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska 3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska b6fc109c1d add ecc_ctx_reset() so user can reuse ctx w/o init/free 2014-03-25 12:48:25 -07:00
toddouska fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska 0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
John Safranek e19e2a801d Ext Key Usage 
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
 2014-03-21 09:37:10 -07:00
John Safranek 08ae775406 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 09:34:08 -07:00
toddouska 98c6e3f3af have Base16 Decode on for FIPS tests 2014-03-20 11:38:14 -07:00
toddouska 8bc6bf9424 add lower case support to Base16 decode for better known answer test support, export 2014-03-20 10:31:52 -07:00
John Safranek 1e041abf04 decode Extended Key Usage extension 2014-03-20 10:07:47 -07:00
toddouska 58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska 388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
toddouska faecf7f849 require thread local storage for power on self thread check 2014-03-19 10:19:08 -07:00
toddouska be9451fbc5 rm --cahced didn't work to stop tracking 2014-03-19 09:55:20 -07:00
toddouska 8bbc30f3e1 add fips enable switch 2014-03-19 09:43:57 -07:00
toddouska 90b08761c4 fix benchmark output with 3 decimals 2014-03-18 12:28:54 -07:00
John Safranek ac452eebdc in DecodeAltNames, skip unknown name types, don't treat as error 2014-03-18 09:24:07 -07:00
John Safranek bcd7f03495 X.509 
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
   extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
 2014-03-14 15:48:33 -07:00
toddouska b56ecd1842 add enable-iopool , simple I/O pool example using memory overrides 2014-03-13 18:54:51 -07:00
John Safranek 4724c23a05 added critical extension error to error strings 2014-03-13 11:15:16 -07:00
John Safranek 1c35e5929a Merge branch 'master' of github.com:cyassl/cyassl 2014-03-12 15:41:40 -07:00
John Safranek dc14fafb2e reversed a change to clear a warning, replaced some tabs 2014-03-12 14:32:02 -07:00
John Safranek dcb39d5554 bug fixes 2014-03-12 05:50:37 -07:00
John Safranek 92c31d81f9 X.509 with unsupported critical extensions should be rejected 2014-03-11 11:50:45 -07:00
John Safranek 65475fdfe3 Merge branch 'PIC32MZ' of github.com:kojo1/cyassl-test into kojo1-PIC32MZ 
Conflicts:
	ctaocrypt/benchmark/benchmark.c
 2014-03-11 09:54:36 -07:00
John Safranek 6f55549fed fixes for Xcode 5.1, clang 503.0.38 stricter with some warnings 2014-03-11 09:38:36 -07:00
Takashi Kojo e02fa2c571 random.c, indentation 2014-03-11 13:53:37 +09:00
Takashi Kojo 5dbe391d92 sha256.c, mplabx/test_main.c 2014-03-11 13:43:24 +09:00
Takashi Kojo 6235c949b3 PIC32MZ 2014-03-11 11:32:16 +09:00
Takashi Kojo a9ca608030 Sync with CyaSSL master 2014-03-11 11:22:39 +09:00
Takashi Kojo 3e41d8cecb Merge branch 'PIC32MZ-HWCrypt' 
Conflicts:
	configure.ac
	ctaocrypt/benchmark/benchmark.c
	ctaocrypt/src/asn.c
	ctaocrypt/src/coding.c
	ctaocrypt/src/des3.c
	ctaocrypt/src/md5.c
	ctaocrypt/src/random.c
	ctaocrypt/src/sha.c
	ctaocrypt/src/sha256.c
	cyassl/ctaocrypt/aes.h
	cyassl/ctaocrypt/settings.h
	cyassl/ssl.h
	cyassl/version.h
	examples/server/server.c
	m4/ax_debug.m4
	m4/ax_tls.m4
	mplabx/benchmark_main.c
	mplabx/ctaocrypt_test.X/nbproject/configurations.xml
	mplabx/test_main.c
	src/io.c
	src/ocsp.c
	src/ssl.c
	src/tls.c
	testsuite/testsuite.c
 2014-03-11 10:11:36 +09:00
Takashi Kojo 8ea2eec773 Merge https://github.com/cyassl/cyassl 2014-03-11 09:55:57 +09:00
Takashi Kojo a12fe60723 Add AES-Counter to benchmark.c 2014-03-10 10:46:40 +09:00
Takashi Kojo e5a51ca516 PIC32MZ Crypt Engine 2014-03-04 22:10:19 +09:00
Takashi Kojo f5922255b0 Catching up 2.9.0 2014-03-04 22:09:38 +09:00
toddouska f1597c86b1 fix clang -Wconversion except -Wsign-conversion 2014-03-03 16:46:48 -08:00
toddouska 1fd6245600 fix all clang warnings except Wpadded (diagnostic), Wconversion which inludes Wsign-conversion (implicit conversions part of standard) 2014-03-03 13:27:52 -08:00
John Safranek ec7c79c12e fix a couple more uninitialized variables 2014-03-02 18:38:12 -08:00
toddouska a50d2e1e21 fix -Wcast-align 2014-03-02 11:47:43 -08:00
toddouska f0f6497526 fix -Wconditional-uninitialized 2014-03-02 11:11:39 -08:00
toddouska 7b00374930 fix -Wmissing-variable-declarations 2014-03-02 11:06:41 -08:00
toddouska ac7cb3c8aa add -Wunreachable-code 2014-02-24 11:15:22 -08:00
toddouska 45859e97bf fix arm thumb mode assembly 2014-02-18 16:45:43 -08:00
Chris Conlon cf6eaf219a tyto build - add GenerateSeed, exclude ctype.h, test.h 2014-02-12 13:39:38 -07:00
John Safranek f1c2250652 fix static analysis warning, g++ compile warning 2014-02-07 14:52:44 -08:00
John Safranek f669e73c8d Merge branch 'master' of github.com:cyassl/cyassl 2014-02-03 14:49:38 -08:00
John Safranek 2758f40a09 For OCSP, when decoding X.509 Auth Info Access record, find the first 
OCSP responder, rather than only looking at the first item.
 2014-02-03 14:39:41 -08:00
Takashi Kojo 80cf1b20b3 Merge https://github.com/cyassl/cyassl 
Conflicts:
	configure.ac
	ctaocrypt/src/asn.c
	cyassl/ctaocrypt/asn.h
	cyassl/ctaocrypt/settings.h
	src/internal.c
	src/io.c
 2014-02-03 09:01:50 +09:00
toddouska 51b3b1cb6c fix pkCurveOID c files, doesn't require openssl extra 2014-02-01 12:14:41 -08:00
Moisés Guimarães de6a537896 exporting pkCurve info to ctx and ssl 2014-01-31 16:52:14 -03:00
Takashi Kojo 07af9913c3 LwIP native TCP 2014-01-31 08:49:39 +09:00
Takashi Kojo e28d256197 CyaSSL master, 2.8.6 2014-01-31 08:44:42 +09:00
John Safranek 12e9309618 fix Windows function name conflict 2014-01-28 12:30:01 -08:00
John Safranek 631cfbcf27 fix output size check bug 2014-01-28 11:57:49 -08:00
toddouska 2084e9869d fix pkcs7 leaks with normal math 2014-01-27 16:29:15 -08:00
toddouska e040e0ba7a fix scep 32 2014-01-27 12:50:29 -08:00
toddouska c0f9780c70 fix challenge pwd init bug 2014-01-24 14:08:14 -08:00
toddouska 21c9eb7b22 fix forgotten leading 0 on SetRsaPublicKey 2014-01-24 13:58:20 -08:00
toddouska 5945723d87 linux pkcs7 build fixes 2014-01-24 13:15:26 -08:00
John Safranek 1dac5d28e3 Allow PKCS7_VerifyDecodedData to have an empty set of SignerInfos. Save first certificate. 2014-01-24 12:14:53 -08:00
John Safranek 595fe0b445 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-23 21:48:37 -08:00
toddouska 18365df209 add non block length test case, including test again, to aes ctr 2014-01-23 15:18:42 -08:00
Chris Conlon 43199cd573 PKCS7_DecodeEnvelopedData, only do ParseCert once in PKCS7_InitWithCert 2014-01-23 14:48:18 -07:00
toddouska 45c05ffd30 add non block size AesCtr support 2014-01-23 12:34:27 -08:00
John Safranek 0972fbbf9d PKCS7_VerifySignedMessage() decodes more of the 
message and performs an RSA verify on it.
 2014-01-23 11:24:50 -08:00
Chris Conlon 9f8dcccc61 PKCS7_DecodeEnvelopedData, RsaPrivateDecryptInline can return 0 upon error 2014-01-22 15:26:43 -07:00
John Safranek 38c2373c4f PKCS7_VerifySignedData() also saves pointer to signed data. 2014-01-21 22:11:21 -08:00
John Safranek 15f94b2f98 1. Resized sample PKCS7 signed data attribute. 
2. Removed unnecessary PKCS7 signed data attribute.
 2014-01-21 11:45:15 -08:00
John Safranek c35a635fd7 Added initial PKCS7_VerifySignedData(). Only saves 
the first included certificate if available.
 2014-01-20 15:52:41 -08:00
John Safranek 2187955fe9 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-20 10:53:14 -08:00
John Safranek 28f3a2dc21 Added deallocator function for PKCS7 initializer data. 2014-01-20 10:51:26 -08:00
Chris Conlon ce7fe56de5 adjust next PKCS#7 envelopedData recipient check 2014-01-20 11:42:45 -07:00
John Safranek c4eb5642b1 1. Sign the PKCS#7 with a supplied private key, not 
the single cert's public key.
2. Rename PKCS7 Envelope Data function as
   `PKCS7_EncodeEnvelopedData()`.
3. Encode signed data to check input parameters.
 2014-01-17 14:07:40 -08:00
Chris Conlon e9b82d8174 place PKCS#7 IV in AlgoID optional params, resolve merge conflicts 2014-01-16 17:46:28 -07:00
Chris Conlon 366f42a91b remove NULL tag from block cipher AlgoId, IV there instead 2014-01-16 17:45:10 -07:00
John Safranek eb2e987a29 Split two PKCS7 tests into two functions. 2014-01-16 16:29:33 -08:00
John Safranek cf22e49117 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-16 16:19:34 -08:00
John Safranek 264ce75041 1. Split SetTagged into SetExplicit and SetImplicit. 
2. Updated code using SetTagged to use new functions.
 2014-01-16 16:17:17 -08:00
Chris Conlon a75b95facc more comments to PKCS#7 files 2014-01-16 13:29:37 -07:00
Chris Conlon 590dde753a only store issuer into issuerRaw 2014-01-16 10:45:52 -07:00
John Safranek 36f78c5e1d 1. Bug fix for taking the size of something. 
(Used wrong variable name.)
2. Renamed PKCS7 signed data test output file.
3. Added PKCS7 data test output files to gitignore.
 2014-01-15 15:42:27 -08:00
John Safranek cd44227945 Cleaned up warnings when using sizeof() in math. 2014-01-15 14:25:15 -08:00
John Safranek 85c5c29e7a Merge branch 'master' of github.com:cyassl/cyassl 
Conflicts:
	ctaocrypt/test/test.c
	cyassl/ctaocrypt/pkcs7.h
 2014-01-15 13:23:26 -08:00
John Safranek c33a8a890e Added encoding PKCS#7 signed data messages. 2014-01-15 12:31:51 -08:00
Chris Conlon 46a03daf5f initial PKCS#7 crypto test 2014-01-15 11:05:18 -07:00
Chris Conlon 9f7e33e7e1 add PKCS7_DecodeEnvelopedData() 2014-01-14 22:57:55 -07:00
Chris Conlon d63c58864f expose more ASN.1 helper functions with CYASSL_LOCAL 2014-01-14 22:48:55 -07:00
Chris Conlon 80c19aaf33 add PKCS7 error codes 2014-01-14 22:46:54 -07:00
toddouska 3152c28650 add escape for 64encdoe + and = too 2014-01-14 09:36:21 -08:00
Chris Conlon f072d92ed8 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-13 13:20:29 -07:00
Chris Conlon 69ffa3a481 add PKCS7_EncodeEnvelopeData() 2014-01-13 13:19:44 -07:00
toddouska bb6b2e86c6 add base64 encode with esacped line ending, keep existing api intact 2014-01-13 12:17:12 -08:00
John Safranek ef9cfc2172 Added method to encode PKCS7 data type messages. 2014-01-13 10:58:01 -08:00
Chris Conlon 71e13a3c3a expose ASN.1 helper fns, add blkType 2014-01-10 16:13:56 -07:00
Chris Conlon 1d67d9217e initial PKCS#7 stubs, tie into ./configure 2014-01-10 15:17:03 -07:00
John Safranek 4a975e8d00 SetRsaPublicKey() to support ASN.1 unsigned intergers correctly. 2014-01-10 11:29:08 -08:00
John Safranek f9e73a8aeb Added setting the cert req challenge password. 2014-01-09 14:17:55 -08:00
John Safranek f545a33e77 Cert Req 
1. Added support for the cert req attributes.
2. Added setting the Basic Constraints extenstion request.
3. Added error checking for the cert req attribs.
 2014-01-08 16:26:42 -08:00
John Safranek 7b4cf370d0 In test: Cert req now signed by correct key. Removed loading of CA key. 2014-01-08 11:47:59 -08:00
John Safranek f0a7d94c48 Cert Request 
1. Added setting the request's version.
2. Added certreq test code to the ctaocrypt test.
3. Added the certreq test outputs to gitignore.
 2014-01-08 10:57:46 -08:00
John Safranek 4de6a6d902 Cert Request 
1. Added function to make simple DER format cert reqs.
2. Added cert req type to DerToPem.
 2014-01-07 17:25:46 -08:00
toddouska d6ad10f027 add USE_SLOW_SHA2 for sha384 and sha512, over twice as small code but over 50% slower too 2014-01-03 12:32:14 -08:00
toddouska 9d0e991e41 fix 32bit no asm combos 2014-01-02 16:58:54 -08:00
Chris Conlon 9f4ea7d059 update TYTO settings, FREESCALE_MMCAU AES check for NULL 2014-01-02 13:13:18 -07:00
Chris Conlon 64912b37f6 adjust key buffer length when using ToTraditional() or ToTraditionalEnc() 2013-12-23 14:07:58 -07:00
rofl0r a36c18c27f implement CyaSSL_ERR_reason_error_string 
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
  which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
  user to supply storage for them and copying them around.
 2013-12-19 19:40:48 +01:00
Chris Conlon 8c8a1b0db8 add Freescale K60 mmCAU AES, DES, 3DES support 2013-12-17 16:29:21 -07:00
Chris Conlon c466fac597 add Freescale K60 mmCAU MD5, SHA, SHA256 support 2013-12-17 16:28:08 -07:00
toddouska ba95c33ed4 more clang warnings 2013-12-11 15:47:40 -08:00
toddouska b41d09b1a2 fix newer clang warnings 2013-12-11 12:03:09 -08:00
toddouska 276a9c871e eccfp warning fix 2013-12-06 08:58:06 -08:00
Takashi Kojo 1bcd61f134 Eliminating unused files 2013-11-28 09:05:33 +09:00
Takashi Kojo 9a67901081 Eliminate unused files 2013-11-28 00:16:49 +09:00
toddouska 6e7c9fb8de Merge branch 'master' of github.com:cyassl/cyassl 2013-11-20 17:07:33 -08:00
toddouska 8bf18d31c9 fix smartos warnings 2013-11-20 17:03:19 -08:00
Chris Conlon 2f7970ab65 add FREERTOS current_time() to benchmark.c 2013-11-20 17:03:58 -07:00
toddouska 864b25843e Merge branch 'master' of github.com:cyassl/cyassl 2013-11-20 15:13:14 -08:00
toddouska 10a3f8ead3 make cert names more consistent with str type that openssl uses 2013-11-20 15:12:33 -08:00
John Safranek 67b1b00a2c OCSP Nonces are not critical extensions. Allow a response to be missing the nonce. 2013-11-20 13:46:46 -08:00
toddouska c545202de0 don't allow inplace DerToPem, not supported 2013-11-20 13:17:39 -08:00
toddouska 7585e92fee allow cert signing w/o Cert object, buffer only 2013-11-19 16:56:49 -08:00
John Safranek 4377996d87 Saved original SKID and AKID from certificate for later use with X.509 functions. 2013-11-19 16:20:18 -08:00
John Safranek 0fd6aed9b6 Save more decoded data from certificate for later use with X.509 functions. 2013-11-19 14:44:55 -08:00
toddouska e92860bda7 ecc enc/dec offset init fix 2013-11-19 11:17:23 -08:00
toddouska d91e8ab38e add cert gen for ecc certs 2013-11-14 20:34:39 -08:00
toddouska a7bcca84c3 add ecdsa cert signing 2013-11-14 15:00:22 -08:00
toddouska cf4230b073 add ecc encrypt secure message exchange, hide ecEncCtx 2013-11-13 17:53:11 -08:00
toddouska 2e9e372875 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-11 17:01:39 -08:00
toddouska 0ef44329ef add thread local storage to ecc fp cache, no locking required but cache is per thread, higher conncurrent performance but more memory needed 2013-11-11 17:00:35 -08:00
Takashi Kojo b54b92bc2a benchmark.c conflicts resolved 2013-11-12 08:21:41 +09:00
Takashi Kojo 5a9140fd13 For PIC32MZ 2013-11-12 08:12:01 +09:00
Takashi Kojo 0048c20fe5 PIC32MZ RNG 2013-11-11 12:15:19 +09:00
Takashi Kojo 23cada35ba Catch up master 2013-11-10 21:06:34 +09:00
Takashi Kojo a4e61cbdbb For PIC32MZ 2013-11-10 20:42:21 +09:00
toddouska 3e072c8dda random.c missing settings include fix 2013-11-08 10:56:50 -08:00
toddouska c2f9064ae4 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-07 16:00:34 -08:00
toddouska 554adff672 add basic ecc encrypt/decrypt 2013-11-07 15:59:31 -08:00
toddouska 7866d51ee9 fix benchmark pull changes 2013-11-07 11:00:56 -08:00
Takashi Kojo 16bda74536 For MDK5 Pack 2013-11-07 10:29:01 +09:00
Takashi Kojo f26cf50ff2 Merge branch 'master' of https://github.com/cyassl/cyassl into MDK5 2013-11-06 10:22:21 +09:00
John Safranek 913e200cd0 X.509 Additions: 
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
 2013-11-04 11:02:17 -08:00
toddouska 5e00d62ea3 add HMAC-KDF 2013-10-31 18:03:00 -07:00
toddouska c88d0d5739 fix mplab harmony random ifdef 2013-10-31 10:47:03 -07:00
toddouska cc323fb4cc ecc shamir requires bigger LUT in fp mode 2013-10-31 10:43:48 -07:00
toddouska 12b074fbe9 add worst case estimate to ecc_sign_size() 2013-10-30 13:33:23 -07:00
toddouska 3d19604bfb make sure to always check mp_to_*, normal math could fail 2013-10-29 17:38:12 -07:00
toddouska f402d7eed9 add ecc export pirvate only 2013-10-29 16:44:33 -07:00
toddouska 071338bf39 fix fpecc normal math init/free issue 2013-10-28 13:17:33 -07:00
toddouska 9438d0d41b add Microchip MPLAB Harmony support 2013-10-28 11:03:50 -07:00
Takashi Kojo 849bbdefae Updates for MDK4 2013-10-26 17:18:18 +09:00
Takashi Kojo 33ccf62ff5 MDK5 support 2013-10-25 15:49:39 +09:00
Takashi Kojo 558735c862 port.[ch] for MDK5 2013-10-24 20:33:36 +09:00
Takashi Kojo 2f98233825 For MDK5 2013-10-24 18:50:26 +09:00
Takashi Kojo 3ed2085e77 ctaocrypt/{benchmark,src,test} files fro MDK5 2013-10-24 17:20:12 +09:00
toddouska b45370a599 remove test output 2013-10-23 17:17:47 -07:00
toddouska c039b0106a add HC-128 Blake2b 256 cipher suite for speed test 2013-10-23 17:13:54 -07:00
John Safranek 8295d8bb4a 1. Reject DSA certificates instead of ignoring them. 
2. Resolved potential crash when trying to calculate a Subject Key
   ID when the public key is missing from a certificate.
 2013-10-16 10:16:04 -07:00
toddouska 0126a39d68 fix shamir speed up init buffer 2013-10-10 18:47:25 -07:00
John Safranek 33bcc76a07 Merge branch 'master' of github.com:cyassl/cyassl 2013-10-02 15:27:10 -07:00
Chris Conlon 3e12f43342 add CyaSSL_GetHmacMaxSize for JNI wrapper 2013-09-25 14:20:36 -06:00
Chris Conlon 17b220e9c7 add Freescale MQX time functionality 2013-09-24 20:12:48 -06:00
toddouska 363f157f50 fix sniffer build w/o fastmath 2013-09-23 13:37:04 -07:00
John Safranek 5e4ca53496 clean up Windows build issues with OCSP 2013-09-18 14:47:51 -07:00
John Safranek 49d3e74fde Fixed a Windows build warning in the benchmark 2013-09-17 22:15:59 -07:00
Chris Conlon ee78b108cf CTaoCrypt test mods for MQX 2013-09-16 15:48:36 -06:00
Chris Conlon abff02532d add Freescale K53 RNGB support 2013-09-16 14:43:33 -06:00
John Safranek e564b614bf Decode the serialNumber field in the X.509 names 2013-09-15 22:10:58 -07:00
John Safranek 49f82c4717 Added two more GMAC test cases 2013-09-12 14:10:57 -07:00
toddouska 74e7ba8536 fix Kojo-san pull errors 2013-09-11 10:07:33 -07:00
kojo 0869da34a0 Coldfire SEC 2013-09-11 17:06:28 +09:00
John Safranek 03d7c694e8 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-10 16:49:40 -07:00
John Safranek d3db1a42de Added GMAC wrapper functions around AES-GCM 2013-09-10 16:47:39 -07:00
toddouska bab790ab87 add port.c to visual studio builds 2013-09-09 13:48:28 -07:00
John Safranek 0ae966b350 fix shadow warning 2013-09-08 17:46:29 -07:00
toddouska 44ba0af192 free fp ecc resources on cleanup 2013-09-06 17:08:57 -07:00
toddouska 6e05d4317f add proper locking to fp ecc 2013-09-06 16:53:33 -07:00
toddouska a14af5f0b0 move mutex to port layer at crypto level 2013-09-06 16:38:27 -07:00
toddouska 782cb0e077 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-06 14:25:51 -07:00
toddouska 46be3b8508 add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next 2013-09-06 14:24:31 -07:00
Moisés Guimarães d7a08b1a76 centralizing MAX_DIGEST_SIZE definition in hmac.h 2013-09-06 15:53:46 -03:00
John Safranek f2c75a9e87 ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values 2013-09-05 15:00:01 -07:00
toddouska 08c9f61f16 add accelerated ecc_proj* and ECC SHAMIR to speed up ecdsa verify 2013-09-04 13:13:10 -07:00
toddouska e93a0640f1 break up huge math into individual parts so can add piece by piece, e.g., ECC256 2013-09-03 13:13:13 -07:00
John Safranek 0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek d734c86c72 cleanup build warnings 
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
 2013-08-23 10:09:35 -07:00
toddouska e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
toddouska 840e958ae5 add ecc verify to benchmark 2013-08-09 17:06:02 -07:00
toddouska 5c5cee0789 use external CYASSL_MAX_ERROR_SZ for buffer size 2013-08-06 11:48:00 -07:00
toddouska 505b1a8a67 fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size 2013-07-25 15:59:09 -07:00