mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,814 Commits 5 Branches 162 Tags 807 MiB
fb00110b77
Commit Graph

672 Commits

Author SHA1 Message Date
John Safranek
c35a635fd7 Added initial PKCS7_VerifySignedData(). Only saves 
the first included certificate if available.
 2014-01-20 15:52:41 -08:00
John Safranek
28f3a2dc21 Added deallocator function for PKCS7 initializer data. 2014-01-20 10:51:26 -08:00
John Safranek
c4eb5642b1 1. Sign the PKCS#7 with a supplied private key, not 
the single cert's public key.
2. Rename PKCS7 Envelope Data function as
   `PKCS7_EncodeEnvelopedData()`.
3. Encode signed data to check input parameters.
 2014-01-17 14:07:40 -08:00
John Safranek
cf22e49117 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-16 16:19:34 -08:00
John Safranek
264ce75041 1. Split SetTagged into SetExplicit and SetImplicit. 
2. Updated code using SetTagged to use new functions.
 2014-01-16 16:17:17 -08:00
Chris Conlon
a75b95facc more comments to PKCS#7 files 2014-01-16 13:29:37 -07:00
John Safranek
85c5c29e7a Merge branch 'master' of github.com:cyassl/cyassl 
Conflicts:
	ctaocrypt/test/test.c
	cyassl/ctaocrypt/pkcs7.h
 2014-01-15 13:23:26 -08:00
John Safranek
c33a8a890e Added encoding PKCS#7 signed data messages. 2014-01-15 12:31:51 -08:00
Chris Conlon
9f7e33e7e1 add PKCS7_DecodeEnvelopedData() 2014-01-14 22:57:55 -07:00
Chris Conlon
d63c58864f expose more ASN.1 helper functions with CYASSL_LOCAL 2014-01-14 22:48:55 -07:00
Chris Conlon
80c19aaf33 add PKCS7 error codes 2014-01-14 22:46:54 -07:00
toddouska
8a1971d52b add CyaSSL_CertPemToDer for certs, ca certs, and cert reqs 2014-01-14 15:13:43 -08:00
Chris Conlon
f072d92ed8 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-13 13:20:29 -07:00
Chris Conlon
69ffa3a481 add PKCS7_EncodeEnvelopeData() 2014-01-13 13:19:44 -07:00
toddouska
bb6b2e86c6 add base64 encode with esacped line ending, keep existing api intact 2014-01-13 12:17:12 -08:00
John Safranek
ef9cfc2172 Added method to encode PKCS7 data type messages. 2014-01-13 10:58:01 -08:00
Chris Conlon
3a984990c2 update pkcs7.h 2014-01-10 16:17:02 -07:00
Chris Conlon
71e13a3c3a expose ASN.1 helper fns, add blkType 2014-01-10 16:13:56 -07:00
Chris Conlon
1d67d9217e initial PKCS#7 stubs, tie into ./configure 2014-01-10 15:17:03 -07:00
John Safranek
f9e73a8aeb Added setting the cert req challenge password. 2014-01-09 14:17:55 -08:00
John Safranek
f545a33e77 Cert Req 
1. Added support for the cert req attributes.
2. Added setting the Basic Constraints extenstion request.
3. Added error checking for the cert req attribs.
 2014-01-08 16:26:42 -08:00
John Safranek
4de6a6d902 Cert Request 
1. Added function to make simple DER format cert reqs.
2. Added cert req type to DerToPem.
 2014-01-07 17:25:46 -08:00
Chris Conlon
99ac08cf3d lower case mp_sqr() parameters, missed in previous commit 2014-01-02 13:37:11 -07:00
Chris Conlon
9f4ea7d059 update TYTO settings, FREESCALE_MMCAU AES check for NULL 2014-01-02 13:13:18 -07:00
Chris Conlon
7cc9ab3d6f use lower case variables, prevent conflict with some toolchain defines 2014-01-02 13:11:27 -07:00
John Safranek
d46c68ba10 Moved OCSP into the CertManager like the CRL. 2013-12-27 12:11:47 -08:00
John Safranek
4ce2e59adf For Atomic user: 
1. Added a getter for the session's IV size.
2. The HMAC size getter should return 0 for AEAD ciphers
   and the hash length for the others.
 2013-12-23 22:32:08 -08:00
John Safranek
75e6ac534e Force Cygwin to use function tolower() rather than macro version 2013-12-18 10:58:10 -08:00
toddouska
9db9f52c9c don't install internal.h, not for public consumption 2013-12-16 15:24:02 -08:00
Moisés Guimarães
ffd58e27ef removing deprecated TRUNCATED_HMAC_SIZE 2013-12-12 21:05:31 -03:00
Chris Conlon
5909f5c2c0 Merge branch 'master' of github.com:cyassl/cyassl 2013-12-11 16:20:43 -08:00
Chris Conlon
8c7f5817ac NO_FILESYSTEM fix for CyaSSL_X509_load_certificate_file 2013-12-11 16:19:09 -08:00
John Safranek
0d85a85d59 Bumped version for point release. 2013-12-10 12:05:55 -08:00
John Safranek
9fe165e8f8 1. Added a couple missing checks for NULL pointers in DTLS code. 
2. Fixed compiler warning under Windows.
3. DTLS sliding window packet filter.
 2013-12-03 15:11:00 -08:00
Moisés Guimarães
0c1e02ddd0 added truncated_hmac handing on SanityCheckCipherText, VerifyMac and BuildMessage 2013-12-02 16:19:52 -03:00
Moisés Guimarães
f8b30b3379 changing variable names to build on Ubuntu. 2013-12-02 15:50:21 -03:00
Moisés Guimarães
ba18f8b03e added new function to retrieve SNI from a buffer. 2013-11-21 21:25:42 -03:00
toddouska
7585e92fee allow cert signing w/o Cert object, buffer only 2013-11-19 16:56:49 -08:00
John Safranek
74c9ddcffb bump dev version 2013-11-19 16:25:18 -08:00
John Safranek
4377996d87 Saved original SKID and AKID from certificate for later use with X.509 functions. 2013-11-19 16:20:18 -08:00
John Safranek
0fd6aed9b6 Save more decoded data from certificate for later use with X.509 functions. 2013-11-19 14:44:55 -08:00
Chris Conlon
c0007ad6b3 move Coldfire SEC specific DES/3DES header sections into define 2013-11-19 14:34:05 -07:00
toddouska
d91e8ab38e add cert gen for ecc certs 2013-11-14 20:34:39 -08:00
toddouska
a7bcca84c3 add ecdsa cert signing 2013-11-14 15:00:22 -08:00
Chris Conlon
7a1fb428d1 fix ecc_set_type member name conflict 2013-11-14 11:10:29 -07:00
toddouska
cf4230b073 add ecc encrypt secure message exchange, hide ecEncCtx 2013-11-13 17:53:11 -08:00
toddouska
2e9e372875 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-11 17:01:39 -08:00
toddouska
0ef44329ef add thread local storage to ecc fp cache, no locking required but cache is per thread, higher conncurrent performance but more memory needed 2013-11-11 17:00:35 -08:00
Takashi Kojo
5a9140fd13 For PIC32MZ 2013-11-12 08:12:01 +09:00
Takashi Kojo
23cada35ba Catch up master 2013-11-10 21:06:34 +09:00
Takashi Kojo
a4e61cbdbb For PIC32MZ 2013-11-10 20:42:21 +09:00
toddouska
c2f9064ae4 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-07 16:00:34 -08:00
toddouska
554adff672 add basic ecc encrypt/decrypt 2013-11-07 15:59:31 -08:00
Takashi Kojo
16bda74536 For MDK5 Pack 2013-11-07 10:29:01 +09:00
John Safranek
20e6ac7104 Added public key type to PKEY copy 2013-11-06 14:16:21 -08:00
John Safranek
4dc30fcde5 Added X.509 accessor for signature. 2013-11-06 11:49:49 -08:00
Takashi Kojo
f26cf50ff2 Merge branch 'master' of https://github.com/cyassl/cyassl into MDK5 2013-11-06 10:22:21 +09:00
John Safranek
9d5d1cbbc9 bump dev version 2013-11-04 11:39:53 -08:00
John Safranek
913e200cd0 X.509 Additions: 
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
 2013-11-04 11:02:17 -08:00
toddouska
5e00d62ea3 add HMAC-KDF 2013-10-31 18:03:00 -07:00
toddouska
f402d7eed9 add ecc export pirvate only 2013-10-29 16:44:33 -07:00
toddouska
9438d0d41b add Microchip MPLAB Harmony support 2013-10-28 11:03:50 -07:00
toddouska
8c7715ee33 remove CBC naming from HC-128 suites 2013-10-24 12:10:09 -07:00
toddouska
f833674171 remove CBC from RABBIT suite naming 2013-10-24 11:52:21 -07:00
toddouska
4c04b6e714 add AES Blake2b 256 basic suites for speed tests 2013-10-24 11:30:51 -07:00
Takashi Kojo
b4a03de8ee port.h for MDK5 2013-10-24 20:55:21 +09:00
Takashi Kojo
558735c862 port.[ch] for MDK5 2013-10-24 20:33:36 +09:00
Takashi Kojo
2f98233825 For MDK5 2013-10-24 18:50:26 +09:00
toddouska
c039b0106a add HC-128 Blake2b 256 cipher suite for speed test 2013-10-23 17:13:54 -07:00
John Safranek
14f4162180 bump dev version 2013-10-23 16:22:10 -07:00
Chris Conlon
f45d0709b3 case insensitivity fix for domain name check 2013-10-18 15:17:19 -06:00
Chris Conlon
dba488ba70 add option to always call verify callback with CYASSL_ALWAYS_VERIFY_CB 2013-10-14 15:04:26 -06:00
John Safranek
33bcc76a07 Merge branch 'master' of github.com:cyassl/cyassl 2013-10-02 15:27:10 -07:00
Chris Conlon
3e12f43342 add CyaSSL_GetHmacMaxSize for JNI wrapper 2013-09-25 14:20:36 -06:00
toddouska
363f157f50 fix sniffer build w/o fastmath 2013-09-23 13:37:04 -07:00
toddouska
bdb8b9396c Merge branch 'master' of github.com:cyassl/cyassl 2013-09-20 10:37:16 -07:00
toddouska
d1fcce2f73 more settings 2013-09-20 10:36:05 -07:00
John Safranek
5e4ca53496 clean up Windows build issues with OCSP 2013-09-18 14:47:51 -07:00
John Safranek
b0f94a34e6 Deleted stray semicolon from struct Des definition 2013-09-17 16:42:52 -07:00
Chris Conlon
ee78b108cf CTaoCrypt test mods for MQX 2013-09-16 15:48:36 -06:00
John Safranek
e564b614bf Decode the serialNumber field in the X.509 names 2013-09-15 22:10:58 -07:00
toddouska
74e7ba8536 fix Kojo-san pull errors 2013-09-11 10:07:33 -07:00
kojo
0869da34a0 Coldfire SEC 2013-09-11 17:06:28 +09:00
John Safranek
03d7c694e8 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-10 16:49:40 -07:00
John Safranek
d3db1a42de Added GMAC wrapper functions around AES-GCM 2013-09-10 16:47:39 -07:00
toddouska
bab790ab87 add port.c to visual studio builds 2013-09-09 13:48:28 -07:00
toddouska
6e05d4317f add proper locking to fp ecc 2013-09-06 16:53:33 -07:00
toddouska
a14af5f0b0 move mutex to port layer at crypto level 2013-09-06 16:38:27 -07:00
toddouska
782cb0e077 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-06 14:25:51 -07:00
toddouska
46be3b8508 add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next 2013-09-06 14:24:31 -07:00
Moisés Guimarães
d7a08b1a76 centralizing MAX_DIGEST_SIZE definition in hmac.h 2013-09-06 15:53:46 -03:00
John Safranek
f2c75a9e87 ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values 2013-09-05 15:00:01 -07:00
toddouska
e93a0640f1 break up huge math into individual parts so can add piece by piece, e.g., ECC256 2013-09-03 13:13:13 -07:00
toddouska
f813182efd release update 2013-08-30 12:34:26 -07:00
toddouska
e8fcf35098 add Rsa Public/Private client key exchange callbacks, examples 2013-08-26 17:14:19 -07:00
toddouska
f3f80bd66e add Rsa Sign/Verify callbacks, client/server examples 2013-08-26 16:27:29 -07:00
John Safranek
0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek
d734c86c72 cleanup build warnings 
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
 2013-08-23 10:09:35 -07:00
toddouska
e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
John Safranek
64ba0587a3 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-21 22:42:15 -07:00
John Safranek
957cf90118 Added function to read certificate from file into CYASSL_X509 buffer. 2013-08-21 22:36:43 -07:00
toddouska
54a2f8b9aa add useratomic DecryptVerify Callbacks, example 2013-08-21 16:55:34 -07:00
John Safranek
9f07a7dd2b modified SEP X509 functions to behave like the NAME_oneline function 2013-08-20 16:47:38 -07:00
John Safranek
442886a207 Added x509 accessors for the SEP build certificate additions. 2013-08-17 09:01:15 -07:00
toddouska
65f0e9f6b9 add atomic user macencrypt cb 2013-08-09 17:27:15 -07:00
toddouska
16db0c234e bump dev version 2013-08-06 15:08:05 -07:00
toddouska
3378f8f25e add DTLS cookie ctx geter 2013-08-06 15:06:33 -07:00
toddouska
5c5cee0789 use external CYASSL_MAX_ERROR_SZ for buffer size 2013-08-06 11:48:00 -07:00
John Safranek
831d9cf640 SEP Profile 
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
   a CYASSL_SESSION record.
 2013-08-02 16:03:41 -07:00
John Safranek
1357cdb0e4 SEP Profile 
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
 2013-07-28 17:11:22 -07:00
toddouska
505b1a8a67 fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size 2013-07-25 15:59:09 -07:00
Moisés Guimarães
55401c13dd Truncated HMAC first part (protocol). Extension processing will be coded later. 2013-07-23 15:42:43 -03:00
toddouska
37a9a7a457 add IOCb Ctx getters 2013-07-22 11:01:00 -07:00
John Safranek
43f320d5e2 SEP Extensions 
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
   device type.
4. Copy an other type Alt Name extension into the cert as the
   hwType and hwSerialNumber, if the alt name has a
   hardwareModuleName OID.
 2013-07-09 13:23:56 -07:00
Moisés Guimarães
593e466a44 limiting max_fragment API for client side only. 2013-07-01 10:13:43 -03:00
toddouska
98e6ad3ee9 add comverge switch for settings 2013-06-27 10:28:58 -07:00
toddouska
307c71d9cb add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake 2013-06-27 10:26:04 -07:00
toddouska
d0c2e9b7a2 switch comverge settings to ecc by default 2013-06-26 17:05:30 -07:00
toddouska
87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska
b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek
e0a84521c5 Make alert description and level enumerations public. 2013-06-21 14:56:42 -07:00
Moisés Guimarães
4502716fc4 Merge branch 'master' of https://github.com/cyassl/cyassl 2013-06-19 17:04:43 -03:00
Moisés Guimarães
5f3ee80407 added: 
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
 2013-06-19 15:45:06 -03:00
toddouska
85d25798a5 update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing 2013-06-17 14:48:51 -07:00
toddouska
a1f25a9299 release 2.7.0 init 2013-06-17 12:06:37 -07:00
toddouska
8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
toddouska
7f7c595d10 differentiate between THREADX and RTP_SYS 2013-06-14 13:45:25 -07:00
toddouska
33a7d7481d Merge branch 'master' of github.com:cyassl/cyassl 2013-06-03 14:57:40 -07:00
toddouska
ae84982777 add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create() 2013-06-03 14:56:37 -07:00
Moisés Guimarães
f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH 
Added new function to SNI API: CyaSSL_SNI_Matched()
 2013-06-03 17:55:06 -03:00
Moisés Guimarães
cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00
Moisés Guimarães
5c665fe614 Added options to SNI (now it is possible to choose whether or not to abort on a SNI Host Name mismatch) 
Exposed SNI Type at ssl.h
 2013-05-30 15:26:41 -03:00
toddouska
8df0e43384 fix merge differences from this week 2013-05-22 15:50:13 -07:00
toddouska
d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
John Safranek
b347df8d9a DTLS rx size check, ssn10 
Allows for receiving datagrams larger than the MTU that are reassembled
by the IP stack.
 2013-05-21 13:52:22 -07:00
toddouska
fd5937b599 MDK-ARM updates 2013-05-20 17:56:27 -07:00
toddouska
7693b4282a turn on large static buffers for callbacks, easier for user 2013-05-20 12:46:54 -07:00
Chris Conlon
a4c6ed0dda add support for Microchip TCP/IP 6.0 beta 2013-05-17 10:59:18 -06:00
toddouska
dcf88daae7 fix KEIL warnings 2013-05-17 09:49:46 -07:00
toddouska
cfdfa7b2b3 pull in Kojo MDK-ARM projects, changes 2013-05-16 09:47:27 -07:00
Chris Conlon
091c7a7ef3 separate STM32F2 hardware hash support, disable by default 2013-05-15 10:48:35 -06:00
John Safranek
ac716c96d3 Output buffer size check when sending transmit pool. 
1. Added a call to CheckAvailableSize() when sending the DTLS transmit pool.
2. Rename CheckAvailableSize().
 2013-05-13 12:32:47 -07:00
toddouska
32705fb380 make sure pwdbased w/o fastmath works like fastmath define wise 2013-05-10 11:00:37 -07:00
toddouska
8f0b695249 fix leanpsk build with keep cert / session cert 2013-05-09 15:29:25 -07:00
toddouska
47b468d14f add dtls recv timeout max user setting too 2013-05-08 12:49:55 -07:00
toddouska
8cb5f6d5d4 add user setting for dtls recv timeout init value 2013-05-07 16:14:26 -07:00
toddouska
a7228d0463 Merge branch 'master' of github.com:cyassl/cyassl 2013-05-02 11:35:56 -07:00
toddouska
a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00
Chris Conlon
864f0468aa Cygwin/Mingw64 fixes 2013-05-01 14:17:11 -06:00
toddouska
bc1a6282eb bump dev version 2013-04-30 12:56:28 -07:00