Commit Graph

403 Commits

Author SHA1 Message Date
toddouska e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
John Safranek 74712b4e71 1. Added the following cipher suites:
* TLS_PSK_WITH_AES_128_GCM_SHA256
 * TLS_PSK_WITH_AES_256_GCM_SHA384
 * TLS_PSK_WITH_AES_256_CBC_SHA384
 * TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
2014-05-19 21:44:04 -07:00
toddouska 6d3a46ebec Merge branch 'master' into ti 2014-05-19 17:08:51 -07:00
John Safranek da5b042d21 AEAD additional data for encrypt and decrypt should be AEAD_AUTH_DATA_SZ 2014-05-19 09:14:10 -07:00
John Safranek 4a511fe36d Added epoch to sequence number for AES-GCM with DTLS encrypt/decrypt. 2014-05-19 09:14:10 -07:00
toddouska 91df5e52a6 Merge branch 'master' into ti 2014-05-16 09:13:21 -07:00
John Safranek 628e7b4d72 adjust SendData() output buffer check for DTLS header size 2014-05-15 15:55:32 -07:00
toddouska f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska 519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
Vikram Adiga 5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
John Safranek 85d453f2d1 fix const issue with PK callbacks 2014-04-30 10:15:15 -07:00
Moisés Guimarães 8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães 644bb9c524 SHA256, SHA384 and SHA512 error propagation. Minor impact on some of internal.c static functions. 2014-04-14 21:28:23 -03:00
John Safranek d7eff191ce Merge branch 'master' of github.com:cyassl/cyassl 2014-04-14 10:35:39 -07:00
John Safranek ede2aa9c91 allow key use extension errors to be overriden with verify callback 2014-04-14 10:29:29 -07:00
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek 421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
John Safranek 603192f153 Removed an incorrect key use check. 2014-04-10 23:31:43 -07:00
John Safranek e79ce42ef4 Added checking of the key usage and extended key usage extensions in the
certificates.
2014-04-10 16:50:14 -07:00
toddouska 4a99031b8d fix psk requires with different first byte 2014-04-10 14:58:15 -07:00
toddouska e40bc9b72d remove extra spaces 2014-04-10 14:13:18 -07:00
toddouska 5de34bf987 add client suite verify, detect mismatch early 2014-04-10 14:11:30 -07:00
John Safranek 2c97d38c2c Removed previous change. Fixed it in the Sanity check instead. 2014-04-08 17:00:21 -07:00
John Safranek 52503c713c fix calls to AesGcmDecrypt and AesCcmDecrypt 2014-04-08 16:35:26 -07:00
toddouska e0534da461 mp Harmony 0.80 beta fix 2014-04-01 13:49:30 -07:00
toddouska c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska 05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska 7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon 59c1adaf0e version 2.9.2 release 2014-03-27 10:35:57 -06:00
Chris Conlon 4677f2f2c1 fix windows warnings, ignore empty file ones 2014-03-27 10:09:14 -06:00
toddouska 7e9be23628 fix item 5 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:54:16 -07:00
toddouska 717f3adb47 fix item 9 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:28:19 -07:00
toddouska 86ebc48032 fix for item 7 report by Ivan Fratric of the Google Security Team 2014-03-26 13:16:43 -07:00
toddouska 23300a201f Merge branch 'master' of github.com:cyassl/cyassl 2014-03-26 12:15:04 -07:00
toddouska 43909ac725 fix sslv3 verify mac pad check, item 6 by report from Ivan Fratric of the Google Security Team 2014-03-26 12:14:18 -07:00
John Safranek dd61daef70 When saving the signature from a DecodedCert to a CYASSL_X509 only copy
the signature if it exists.
2014-03-26 12:01:26 -07:00
toddouska d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska 3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska 0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
Moisés Guimarães 0a5b758de3 Boundaries check for DoCertificate .
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the hello size);
-- OPAQUE24_LEN used whenever 3 bytes are needed;
-- removed unnecessary variable i;
-- Moved BUFFER_E check outside of the while, check against certSz is not needed, in this case the problem is a malformed packet since certSz can never be bigger than listSz.
2014-03-13 19:15:26 -03:00
Moisés Guimarães 2d2d1341cf Boundaries check for DoCertificateVerify.
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the hello size);
-- ENUM_LEN and OPAQUE8_LEN used whenever 1 byte is needed;
-- OPAQUE16_LEN used whenever 2 bytes are needed;
-- removed unnecessary variables (signature, sigLen);
-- removed unnecessary #ifdef HAVE_ECC.
2014-03-13 19:14:13 -03:00
Moisés Guimarães eba36226dc Boundaries check for DoCertificateRequest.
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
2014-03-13 19:14:13 -03:00
Moisés Guimarães 7630b1d222 Boundaries check for DoHelloVerifyRequest.
-- added size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- OPAQUE16_LEN used where 2 bytes are needed.
2014-03-13 19:14:13 -03:00
Moisés Guimarães 881de67196 Boundaries check for DoHelloRequest.
-- added size and totalSz in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- INCOMPLETE_DATA returned in case of buffer overflow (piece smaller than the expected size);
-- removed unnecessary variable mac;
2014-03-13 19:14:13 -03:00
Moisés Guimarães 244e335e81 Boundaries check for DoFinished.
-- added size and totalSz in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the message size);
-- INCOMPLETE_DATA returned in case of buffer overflow (piece smaller than the expected size);
-- removed unnecessary variable idx;
-- fixed the sniffer to adapt to the changes.
2014-03-13 19:14:13 -03:00
Moisés Guimarães 4821b5d5fe Boundaries check for DoCertificateVerify.
-- switched from totalSz to size in the function parameters;
-- BUFFER_ERROR returned in case of message overflow (piece larger than the hello size);
-- ENUM_LEN used whenever 1 byte is needed;
-- OPAQUE16_LEN used whenever 2 bytes are needed;
-- removed unnecessary variables;
-- removed unnecessary #ifdef HAVE_ECC and #ifndef NO_RSA.
2014-03-13 19:14:13 -03:00