John Safranek
f2c75a9e87
ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values
2013-09-05 15:00:01 -07:00
toddouska
b9540bf579
check NULL to match docs
2013-08-29 08:25:14 -07:00
John Safranek
78b8da9949
Initialize the AEAD explicit IV to 0.
2013-08-27 10:44:04 -07:00
toddouska
e8fcf35098
add Rsa Public/Private client key exchange callbacks, examples
2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e
add Rsa Sign/Verify callbacks, client/server examples
2013-08-26 16:27:29 -07:00
toddouska
664c6de5d5
send blank cert on client if TLS instead of TLSv1.2, more accept this now and some even incorrectly require it
2013-08-26 12:34:39 -07:00
John Safranek
081a3a57d4
move variable declaration before function code
2013-08-23 10:26:42 -07:00
John Safranek
33a7a7f762
initialize return variable
2013-08-23 10:20:39 -07:00
John Safranek
0002ba4ee8
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72
cleanup build warnings
...
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
`process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
`CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
`Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
`CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
`AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2
add public key callbacks for ecc sign/verify, examples
2013-08-22 18:19:39 -07:00
toddouska
bc958f5798
C comments only
2013-08-22 10:35:46 -07:00
John Safranek
64ba0587a3
Merge branch 'master' of github.com:cyassl/cyassl
2013-08-21 22:42:15 -07:00
John Safranek
957cf90118
Added function to read certificate from file into CYASSL_X509 buffer.
2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa
add useratomic DecryptVerify Callbacks, example
2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b
modified SEP X509 functions to behave like the NAME_oneline function
2013-08-20 16:47:38 -07:00
John Safranek
442886a207
Added x509 accessors for the SEP build certificate additions.
2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9
add atomic user macencrypt cb
2013-08-09 17:27:15 -07:00
toddouska
3378f8f25e
add DTLS cookie ctx geter
2013-08-06 15:06:33 -07:00
toddouska
5c5cee0789
use external CYASSL_MAX_ERROR_SZ for buffer size
2013-08-06 11:48:00 -07:00
John Safranek
831d9cf640
SEP Profile
...
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
toddouska
3b4ff94931
add paramter validation to SSL I/O calls
2013-08-02 12:12:51 -07:00
John Safranek
1357cdb0e4
SEP Profile
...
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
Moisés Guimarães
55401c13dd
Truncated HMAC first part (protocol). Extension processing will be coded later.
2013-07-23 15:42:43 -03:00
toddouska
14b100fee6
fix savecert with no_skid, gcc warnings
2013-07-22 14:30:35 -07:00
toddouska
37a9a7a457
add IOCb Ctx getters
2013-07-22 11:01:00 -07:00
toddouska
705aa0f453
fix user malloc define w/ opensslextra
2013-07-05 09:42:49 -07:00
John Safranek
226f018829
Fixed memory leak of http buffer in OCSP lookup.
2013-07-02 17:35:30 -07:00
Moisés Guimarães
593e466a44
limiting max_fragment API for client side only.
2013-07-01 10:13:43 -03:00
toddouska
307c71d9cb
add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake
2013-06-27 10:26:04 -07:00
John Safranek
773d0da1bc
Fixed issue with the DTLS EmbedReceiveFrom() callback using IPv6.
2013-06-26 17:40:21 -07:00
John Safranek
29b32e582a
DTLS IPv6 Hello Cookie Update
...
1. Add support for IPv6 addresses when calculating DTLS Cookie.
2. Simplify cookie calculation.
2013-06-26 16:32:01 -07:00
toddouska
60c2388ae7
fix potential NetX packet memory leak
2013-06-26 11:03:54 -07:00
toddouska
87eb94b7c4
Merge branch 'master' of github.com:cyassl/cyassl
2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f
add NetX default IO context handling
2013-06-24 14:00:48 -07:00
John Safranek
0c34ecb451
OCSP Updates
...
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek
17ab84eb07
Update call to DoAlert()
...
When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
2013-06-19 15:01:13 -07:00
Moisés Guimarães
25e910a0a9
max fragment length tests and fixes
2013-06-19 16:38:57 -03:00
Moisés Guimarães
5f3ee80407
added:
...
- max fragment length extension;
- CyaSSL_SNI_GetRequest() to get client's request at server side;
- Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska
d02af46256
windows build warning fixes
2013-06-17 12:26:21 -07:00
toddouska
8c70b11528
add newSession flag to SetServerID to do full handshake w/ new session
2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10
differentiate between THREADX and RTP_SYS
2013-06-14 13:45:25 -07:00
toddouska
9559f09028
warning fixes
2013-06-13 12:13:46 -07:00
John Safranek
b40c2c0b1f
Fixed issue with no_server/no_client optional compile losing two functions
2013-06-06 21:59:05 +02:00
Moisés Guimarães
f1d1898ddf
Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
...
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee
changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH
2013-06-03 10:04:49 -03:00
John Safranek
ebd03368c7
for DTLS handshakes, put change cipher spec and finished messages in same datagram
2013-05-31 13:48:49 -07:00
Moisés Guimarães
79fad81c32
shrinking function names
2013-05-30 15:40:10 -03:00
Moisés Guimarães
5c665fe614
Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch)
...
Exposed SNI Type at ssl.h
2013-05-30 15:26:41 -03:00
Jasper Spaans
2b59554245
fix cipherSuite0 byte in sniffer, so ECC is recognised correctly.
2013-05-28 10:56:13 +02:00