Commit Graph

642 Commits

Author SHA1 Message Date
John Safranek c5f3eace7d DTLS timeout init wasn't initializing the timeout until after the first timeout. 2013-09-11 14:28:01 -07:00
toddouska 44ba0af192 free fp ecc resources on cleanup 2013-09-06 17:08:57 -07:00
toddouska a14af5f0b0 move mutex to port layer at crypto level 2013-09-06 16:38:27 -07:00
Moisés Guimarães d7a08b1a76 centralizing MAX_DIGEST_SIZE definition in hmac.h 2013-09-06 15:53:46 -03:00
John Safranek f2c75a9e87 ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values 2013-09-05 15:00:01 -07:00
toddouska b9540bf579 check NULL to match docs 2013-08-29 08:25:14 -07:00
John Safranek 78b8da9949 Initialize the AEAD explicit IV to 0. 2013-08-27 10:44:04 -07:00
toddouska e8fcf35098 add Rsa Public/Private client key exchange callbacks, examples 2013-08-26 17:14:19 -07:00
toddouska f3f80bd66e add Rsa Sign/Verify callbacks, client/server examples 2013-08-26 16:27:29 -07:00
toddouska 664c6de5d5 send blank cert on client if TLS instead of TLSv1.2, more accept this now and some even incorrectly require it 2013-08-26 12:34:39 -07:00
John Safranek 081a3a57d4 move variable declaration before function code 2013-08-23 10:26:42 -07:00
John Safranek 33a7a7f762 initialize return variable 2013-08-23 10:20:39 -07:00
John Safranek 0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek d734c86c72 cleanup build warnings
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
2013-08-23 10:09:35 -07:00
toddouska e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
toddouska bc958f5798 C comments only 2013-08-22 10:35:46 -07:00
John Safranek 64ba0587a3 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-21 22:42:15 -07:00
John Safranek 957cf90118 Added function to read certificate from file into CYASSL_X509 buffer. 2013-08-21 22:36:43 -07:00
toddouska 54a2f8b9aa add useratomic DecryptVerify Callbacks, example 2013-08-21 16:55:34 -07:00
John Safranek 9f07a7dd2b modified SEP X509 functions to behave like the NAME_oneline function 2013-08-20 16:47:38 -07:00
John Safranek 442886a207 Added x509 accessors for the SEP build certificate additions. 2013-08-17 09:01:15 -07:00
toddouska 65f0e9f6b9 add atomic user macencrypt cb 2013-08-09 17:27:15 -07:00
toddouska 3378f8f25e add DTLS cookie ctx geter 2013-08-06 15:06:33 -07:00
toddouska 5c5cee0789 use external CYASSL_MAX_ERROR_SZ for buffer size 2013-08-06 11:48:00 -07:00
John Safranek 831d9cf640 SEP Profile
1. Changed session index shift values to constants.
2. Added bounds checking when retrieving a session.
3. Added function to retrieve the peer cert chain from
   a CYASSL_SESSION record.
2013-08-02 16:03:41 -07:00
toddouska 3b4ff94931 add paramter validation to SSL I/O calls 2013-08-02 12:12:51 -07:00
John Safranek 1357cdb0e4 SEP Profile
1. Add session cache index to CYASSL structure.
2. Add accessor for cache index in CYASSL structure.
3. Add copy function for session cache item.
2013-07-28 17:11:22 -07:00
Moisés Guimarães 55401c13dd Truncated HMAC first part (protocol). Extension processing will be coded later. 2013-07-23 15:42:43 -03:00
toddouska 14b100fee6 fix savecert with no_skid, gcc warnings 2013-07-22 14:30:35 -07:00
toddouska 37a9a7a457 add IOCb Ctx getters 2013-07-22 11:01:00 -07:00
toddouska 705aa0f453 fix user malloc define w/ opensslextra 2013-07-05 09:42:49 -07:00
John Safranek 226f018829 Fixed memory leak of http buffer in OCSP lookup. 2013-07-02 17:35:30 -07:00
Moisés Guimarães 593e466a44 limiting max_fragment API for client side only. 2013-07-01 10:13:43 -03:00
toddouska 307c71d9cb add CyaSSL_UnloadCertsKeys to free SSL certs and keys after handshake 2013-06-27 10:26:04 -07:00
John Safranek 773d0da1bc Fixed issue with the DTLS EmbedReceiveFrom() callback using IPv6. 2013-06-26 17:40:21 -07:00
John Safranek 29b32e582a DTLS IPv6 Hello Cookie Update
1. Add support for IPv6 addresses when calculating DTLS Cookie.
2. Simplify cookie calculation.
2013-06-26 16:32:01 -07:00
toddouska 60c2388ae7 fix potential NetX packet memory leak 2013-06-26 11:03:54 -07:00
toddouska 87eb94b7c4 Merge branch 'master' of github.com:cyassl/cyassl 2013-06-24 14:02:40 -07:00
toddouska b51d6f3b8f add NetX default IO context handling 2013-06-24 14:00:48 -07:00
John Safranek 0c34ecb451 OCSP Updates
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
   when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
   Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
   response and obtain the complete OCSP response.
2013-06-24 10:47:24 -07:00
John Safranek 17ab84eb07 Update call to DoAlert()
When handling the alerts, the return code wasn't checked for error codes. A corrupted alert message could cause a control flow issue.
2013-06-19 15:01:13 -07:00
Moisés Guimarães 25e910a0a9 max fragment length tests and fixes 2013-06-19 16:38:57 -03:00
Moisés Guimarães 5f3ee80407 added:
- max fragment length extension;
 - CyaSSL_SNI_GetRequest() to get client's request at server side;
 - Automated tests for SNI;
2013-06-19 15:45:06 -03:00
toddouska d02af46256 windows build warning fixes 2013-06-17 12:26:21 -07:00
toddouska 8c70b11528 add newSession flag to SetServerID to do full handshake w/ new session 2013-06-14 15:29:18 -07:00
toddouska 7f7c595d10 differentiate between THREADX and RTP_SYS 2013-06-14 13:45:25 -07:00
toddouska 9559f09028 warning fixes 2013-06-13 12:13:46 -07:00
John Safranek b40c2c0b1f Fixed issue with no_server/no_client optional compile losing two functions 2013-06-06 21:59:05 +02:00
Moisés Guimarães f1d1898ddf Added new option to SNI: CYASSL_SNI_ANSWER_ON_MISMATCH
Added new function to SNI API: CyaSSL_SNI_Matched()
2013-06-03 17:55:06 -03:00
Moisés Guimarães cb2082edee changed CYASSL_SNI_ABORT_ON_MISMATCH to CYASSL_SNI_CONTINUE_ON_MISMATCH 2013-06-03 10:04:49 -03:00