Commit Graph

2507 Commits

Author SHA1 Message Date
John Safranek
580289375c Fix memory leak in CyaSSL when using Hash DRBG 2014-11-06 15:44:24 -08:00
toddouska
f11d2c435d add fips continuous test error code/msg 2014-11-06 14:56:11 -08:00
toddouska
202a1a152d fix jenkins report for smallstack derive tls keys 2014-11-04 15:39:54 -08:00
toddouska
322f79f521 allow user to set minimum downgrade version with v23 methods() 2014-11-03 15:12:48 -08:00
toddouska
d9f5ada772 add external wrappers for TLS Master Secret generation and Key Expansion 2014-11-03 09:56:40 -08:00
toddouska
02f7c71222 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-31 13:24:29 -07:00
toddouska
0f641e07a2 remove old client hello processing by default, can turn on with OLD_HELLO_ALLOWED, add sanity checks before size front alloc 2014-10-31 13:23:50 -07:00
Chris Conlon
2fe0d9b38d update RNG_HealthTest to output generated bits 2014-10-31 14:05:13 -06:00
John Safranek
bb8853aa50 fix memory leak when resetting the peer address on a DTLS session 2014-10-30 16:23:25 -07:00
John Safranek
56c12c9716 For sniffer with SNI, refactored ssl_SetPrivateKey and
ssl_SetNamedPrivateKey so they can be called in any order
for a particular server.
2014-10-30 14:08:45 -07:00
toddouska
1e7b579777 sniffer signals got change cipher 2014-10-29 14:14:32 -07:00
toddouska
7fed36b09d explicit check for change cipher before finished instead of encryptionOn implicit 2014-10-29 14:07:41 -07:00
toddouska
a4228740f5 add FIPS pos errors and messages, better output for in core check and how to fix 2014-10-28 14:21:55 -07:00
toddouska
247bef6be3 add fips pos cb for fail codes, generated hash 2014-10-28 14:03:58 -07:00
toddouska
c982dd2281 allow aes gcm fips wrappers, no void returns 2014-10-27 15:52:22 -07:00
John Safranek
bf718a7d51 Added a callback function to set the master secret on the client 2014-10-24 15:26:47 -07:00
Moisés Guimarães
6138ce720c internal.c: refactoring SendServerKeyExchange to reduce stack usage:
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable hash moved to the heap (36 bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable hash256 moved to the heap (32 bytes saved)
--- variable sha384 moved to the heap (sizeof(sha384) saved)
--- variable hash256 moved to the heap (48 bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
*** the variables above appear twice in the code
2014-10-24 13:51:58 -03:00
Moisés Guimarães
dc90935fc7 internal.c: refactoring SendServerKeyExchange to reduce stack usage:
--- variable exportBuf moved to the heap (256 bytes saved)
--- indentation fixes
2014-10-24 13:29:18 -03:00
Moisés Guimarães
0e43240180 trims trailing white spaces. 2014-10-24 10:33:24 -03:00
John Safranek
62f0c9f661 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-23 14:08:11 -07:00
John Safranek
4d7f26af8d Add continuous block test to Hash DRBG 2014-10-23 14:07:31 -07:00
Chris Conlon
6108f9cd45 add LICENSING file 2014-10-22 14:26:20 -06:00
Chris Conlon
b64b864431 Merge pull request #130 from tass-belgium/master
Updated picoTCP support, based on newer HTTPS demo
2014-10-22 14:10:57 -06:00
Daniele Lacamera
fde4d56845 Updated picoTCP support, based on newer HTTPS demo 2014-10-22 12:11:31 +02:00
Moisés Guimarães
a60332d9a3 internal.c: refactoring DoServerKeyExchange to reduce stack usage:
--- using goto to centralize resources deallocation.
2014-10-21 20:23:50 -03:00
Moisés Guimarães
5056ebe829 internal.c: refactoring DoServerKeyExchange to reduce stack usage:
--- variable hash256 moved to the heap (32 bytes saved)
--- variable hash384 moved to the heap (48 bytes saved)
--- variable hash moved to the heap (36 bytes saved)
--- variable messageVerify moved to the heap (612 bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
0447bf7551 internal.c: refactoring DoServerKeyExchange to reduce stack usage:
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable sha384 moved to the heap (sizeof(Sha384) saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
7f836cd6b3 internal.c: refactoring SendClientKeyExchange to reduce stack usage:
--- variable encSecret moved to the heap (1027 bytes saved)
--- variables priv moved to the heap (1024 bytes saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
949094cfbc internal.c: refactoring DoCertificateVerify to reduce stack usage:
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
9368c8d1e8 internal.c: refactoring SendCertificateVerify to reduce stack usage:
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
845e49781f internal.c: refactoring DoServerHello to reduce stack usage:
--- variable clSuites removed (sizeof(Suites) saved)

ps.: TLSX_Parse() does not requires the suites parameter at client side.
2014-10-21 20:23:50 -03:00
Moisés Guimarães
a7e585b63d internal.c: refactoring BuildMessage to reduce stack usage:
--- variable hmac moved to the heap (up to 64 bytes saved)
2014-10-21 20:23:50 -03:00
Moisés Guimarães
5ef9a21eaa internal.c: refactoring DoCertificate to reduce stack usage:
--- variable domain moved to the heap (256 bytes saved)
--- variable dCert moved to the heap (sizeof(DecodedCert) saved)
--- variable store moved to the heap (sizeof(CYASSL_X509_STORE_CTX) saved)
2014-10-21 20:23:49 -03:00
Moisés Guimarães
37c1627234 internal.c: refactoring BuildFinished to reduce stack usage:
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable sha384 moved to the heap (sizeof(Sha384) saved)
2014-10-21 20:23:49 -03:00
Chris Conlon
50a00d4ff0 add PicoTCP support 2014-10-21 15:43:43 -06:00
John Safranek
e35e02a283 Added SNI named keys to the sniffer. 2014-10-21 12:22:12 -07:00
John Safranek
35bcc98948 Added a callback when receiving a NewSessionTicket handshake message. 2014-10-20 09:25:14 -07:00
John Safranek
60790ee4ae Merge branch 'master' of github.com:cyassl/cyassl 2014-10-16 22:01:55 -07:00
John Safranek
b2f25cd91c 1. Added accessors for session tickets.
2. Fixed client case when server doesn't want to resume session with ticket.
2014-10-16 22:00:13 -07:00
Moisés Guimarães
c2ade678e1 Adds use of ssl->session.sessionIDSz during SendClientHello(). 2014-10-13 23:16:11 -03:00
Moisés Guimarães
b10fdbf1f0 Adds storage of ssl->arrays->sessionIDSz in SessionCache at AddSession();
Adds storage of ssl->arrays->sessionIDSz in ssl->session at FreeArrays();
2014-10-13 23:16:11 -03:00
Moisés Guimarães
6956d146d1 Adds capture of ssl->arrays->sessionIDSz at DoServerHello. 2014-10-13 23:16:11 -03:00
Moisés Guimarães
e98eb1ba4d Adds sessionIDSz to CYASSL_SESSION and Arrays. 2014-10-13 23:16:11 -03:00
toddouska
08cdf91761 bump version 2014-10-13 14:44:39 -07:00
toddouska
d457ff8d71 don't set GetLength input value to negative in error case, shouldn't matter if return value checked 2014-10-10 10:25:42 -07:00
toddouska
159abadd73 add NO_FORCE_SCR_SAME_SUITE flag for scr 2014-10-09 11:10:40 -07:00
toddouska
5019eab073 Merge branch 'master' of github.com:cyassl/cyassl 2014-10-07 15:51:38 -07:00
toddouska
54049c6000 allow dhe 4096bit for ssl key exchange 2014-10-07 15:50:33 -07:00
Moisés Guimarães
557f19db0b Adds support to session IDs of size 1 to 31 bytes.
Only session IDs of size 0 or 32 bytes was allowed before, now the session ID size may be from 0 to 32 bytes.
A size of zero bytes means that is no session ID provided by the server.
2014-10-07 13:02:59 -03:00
toddouska
c65b14a891 add scr check against subject hash, only allow explicit session ticket resupmtion during scr 2014-10-06 16:12:45 -07:00