toddouska
717f3adb47
fix item 9 from report by Ivan Fratric of the Google Security Team
2014-03-26 13:28:19 -07:00
toddouska
86ebc48032
fix for item 7 report by Ivan Fratric of the Google Security Team
2014-03-26 13:16:43 -07:00
toddouska
23300a201f
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-26 12:15:04 -07:00
toddouska
43909ac725
fix sslv3 verify mac pad check, item 6 by report from Ivan Fratric of the Google Security Team
2014-03-26 12:14:18 -07:00
John Safranek
dd61daef70
When saving the signature from a DecodedCert to a CYASSL_X509 only copy
...
the signature if it exists.
2014-03-26 12:01:26 -07:00
toddouska
d5be4c4663
SHA-256 fips mode
2014-03-25 17:11:15 -07:00
toddouska
18d178f325
add ShaFinal fips mode
2014-03-25 16:20:03 -07:00
toddouska
b41186a6dd
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-25 16:02:12 -07:00
toddouska
3607db9077
add SHA1 fips mode
2014-03-25 16:01:17 -07:00
Chris Conlon
67672171c1
udpate .gitignore, ignore MPLABX generated files
2014-03-25 16:20:24 -06:00
Chris Conlon
0d25d6f11d
update MCAPI projects to use zlib 1.2.8
2014-03-25 16:18:55 -06:00
Chris Conlon
746fd7d74d
increase MCAPI CRYPT_AES_CTX to hold Aes
2014-03-25 16:16:44 -06:00
Chris Conlon
73e0ef76f7
fix unclosed MPLABX ifdef
2014-03-25 15:39:37 -06:00
toddouska
0fd8ca5409
NO_MAIN_DRIVER for settings
2014-03-25 14:10:07 -07:00
toddouska
b6fc109c1d
add ecc_ctx_reset() so user can reuse ctx w/o init/free
2014-03-25 12:48:25 -07:00
toddouska
43c6ae3691
no C++ comments
2014-03-25 11:44:00 -07:00
toddouska
fb6d671629
resolve pull request merge conflict
2014-03-25 11:39:07 -07:00
toddouska
8c5d958a8b
add Aes SetIV fips mode
2014-03-24 14:01:36 -07:00
toddouska
0ea10a4388
add 3DES fips mode
2014-03-24 13:37:52 -07:00
toddouska
8889e17489
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-21 14:50:52 -07:00
toddouska
9fe9276236
finish fips aes w/ tests
2014-03-21 14:49:49 -07:00
John Safranek
e19e2a801d
Ext Key Usage
...
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
2014-03-21 09:37:10 -07:00
John Safranek
08ae775406
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-21 09:34:08 -07:00
toddouska
a0d4c34900
allow snifftest to handle jumbo frames + potential partial 16k record from previous data packet on the stack
2014-03-20 15:34:20 -07:00
toddouska
98c6e3f3af
have Base16 Decode on for FIPS tests
2014-03-20 11:38:14 -07:00
toddouska
c934f6b4b5
linux doesn't suport -o ping, -i 0.2 is more compatible
2014-03-20 11:05:03 -07:00
toddouska
ef8458f754
return right away after valid ping response, use TLSv1.2 for google
2014-03-20 10:37:53 -07:00
toddouska
0e9f2b5996
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-20 10:32:50 -07:00
toddouska
8bc6bf9424
add lower case support to Base16 decode for better known answer test support, export
2014-03-20 10:31:52 -07:00
John Safranek
1e041abf04
decode Extended Key Usage extension
2014-03-20 10:07:47 -07:00
John Safranek
5c41acb6be
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-19 21:31:15 -07:00
John Safranek
acfa8fb966
Added a test script to perform a client/webserver connection.
2014-03-19 21:20:43 -07:00
toddouska
58885b36eb
add AesCbc fips mode
2014-03-19 16:43:52 -07:00
toddouska
388436c53e
add AesSetKey fips mode
2014-03-19 13:56:11 -07:00
toddouska
faecf7f849
require thread local storage for power on self thread check
2014-03-19 10:19:08 -07:00
toddouska
be9451fbc5
rm --cahced didn't work to stop tracking
2014-03-19 09:55:20 -07:00
toddouska
8bbc30f3e1
add fips enable switch
2014-03-19 09:43:57 -07:00
toddouska
90b08761c4
fix benchmark output with 3 decimals
2014-03-18 12:28:54 -07:00
John Safranek
ac452eebdc
in DecodeAltNames, skip unknown name types, don't treat as error
2014-03-18 09:24:07 -07:00
John Safranek
1ea620cece
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-14 16:02:38 -07:00
John Safranek
bcd7f03495
X.509
...
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
2014-03-14 15:48:33 -07:00
Chris Conlon
a28d0dd276
add EROAD settings
2014-03-14 15:54:21 -06:00
Chris Conlon
5a1d420652
move CyaSSL_dtls() and CyaSSL_get_using_nonblock() out of #ifndef CYASSL_LEANPSK for use of leanPSK with standard I/O
2014-03-14 15:33:49 -06:00
toddouska
692cbf111f
remove -Wunreachable becuase older clang is buggy and gcc always was when it had it
2014-03-14 11:47:39 -07:00
toddouska
4ac70de055
Merge branch 'master' of github.com:cyassl/cyassl
2014-03-13 18:56:07 -07:00
toddouska
b56ecd1842
add enable-iopool , simple I/O pool example using memory overrides
2014-03-13 18:54:51 -07:00
Moisés Guimarães
0a5b758de3
Boundaries check for DoCertificate .
...
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the hello size);
-- OPAQUE24_LEN used whenever 3 bytes are needed;
-- removed unnecessary variable i;
-- Moved BUFFER_E check outside of the while, check against certSz is not needed, in this case the problem is a malformed packet since certSz can never be bigger than listSz.
2014-03-13 19:15:26 -03:00
Moisés Guimarães
2d2d1341cf
Boundaries check for DoCertificateVerify.
...
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the hello size);
-- ENUM_LEN and OPAQUE8_LEN used whenever 1 byte is needed;
-- OPAQUE16_LEN used whenever 2 bytes are needed;
-- removed unnecessary variables (signature, sigLen);
-- removed unnecessary #ifdef HAVE_ECC.
2014-03-13 19:14:13 -03:00
Moisés Guimarães
eba36226dc
Boundaries check for DoCertificateRequest.
...
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
2014-03-13 19:14:13 -03:00
Moisés Guimarães
7630b1d222
Boundaries check for DoHelloVerifyRequest.
...
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
2014-03-13 19:14:13 -03:00