jepler/axtls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
255 commits 5 branches 1 tag 4 MiB
Commit graph

77 commits

Author SHA1 Message Date
Paul Sokolovsky
4fa4fb3461 tls1.c: CONFIG_SSL_ENABLE_SERVER 2016-07-10 23:17:15 +03:00
Paul Sokolovsky
9bf4489a9f tls1.c: CONFIG_SSL_DIAGNOSTICS 2016-07-10 23:17:14 +03:00
Paul Sokolovsky
e941743c1b Add namespace prefix to hmac_md5/hmac_sha1 functions. 
These are pretty common names and can easily clash with other libraries.
At least, add "ssl_" prefix, as many other axTLS functions have.
 2016-07-10 23:17:13 +03:00
Paul Sokolovsky
463a64723a En-masse other changes to minimize size and make embeddable into uPy. 2016-07-10 23:17:13 +03:00
Paul Sokolovsky
7e9e63023d os_port, tls1: Let port decide whether POSIX-style select() will be used. 
POSIX-style select() is unlikely a good fit for embedded socket
implementation. It actually needed only for non-blocking sockets,
so let ports just be able to skip it. Going forward, this need
to be refactored into direct-purpose function to wait for socket
to be writable to be implemented per port.
 2016-07-10 22:00:24 +03:00
Paul Sokolovsky
b5ba024a9f tls1: Abstract away getting last errno for a socket operation. 
For usage with embedded ports where socket library may have other way to
pass errors rather than via C errno variable.
 2016-07-10 22:00:24 +03:00
cameronrich
eabbfc866f Removed some printfs in skeleton mode 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@258 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2016-07-05 20:16:05 +00:00
cameronrich
240f39fa5a Fixed some skeleton mode warnings 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@257 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2016-07-05 20:07:17 +00:00
cameronrich
ef28667444 Can handle SSL chains which are out of order (thanks Paul Johnstone) 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@254 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2016-07-05 07:07:45 +00:00
cameronrich
3d0da1dc19 Fixed a memset issue and removed some doubled code (thanks Jens Muller) 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@253 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2016-07-05 06:46:55 +00:00
cameronrich
e223aa2133 Removed RC4 from the list of negotiated ciphers as browsers don't support it anymore 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@252 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2016-06-12 10:51:12 +00:00
cameronrich
b0bd12beda * Added SHA384 and SHA512 digests. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@245 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2015-03-10 03:08:16 +00:00
cameronrich
0d334d81c2 * PT_APP_PROTOCOL_DATA has a test for hs_status=SSL_OK to prevent possible exchanges before the handshake is complete. 
* Changed license on sha256.c to full BSD.

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@244 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2015-03-09 01:42:59 +00:00
cameronrich
82a7638efa * Added SHA256 
* Return code checked for get_random()
* MD2 code removed.

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@238 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2014-11-19 03:51:22 +00:00
olereinhardt
29e7d3554d Fixed array access out of bounds bug in add_cert() 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@234 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2014-09-24 10:21:23 +00:00
cameronrich
97f9f969a3 added printf changes from Fabian Frank to stop warnings/erros 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@231 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2013-09-22 10:34:51 +00:00
ehuman
5c51893035 Moved setting encryption flags to after handshake completion 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@230 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2013-08-05 15:47:52 +00:00
cameronrich
f74c9cafca Client version number comes from client hello and not the record layer. This was causing issues in Chrome 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@229 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2013-01-06 12:38:42 +00:00
cameronrich
8ac6264444 looks like some stuff didn't get checked in 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@226 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2012-06-08 10:42:11 +00:00
cameronrich
c0074b3044 Fixed issue with session id's in the future 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@224 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2012-02-25 08:07:12 +00:00
cameronrich
42cd25fa9d Fixed closure alerts. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@208 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-05-07 00:10:20 +00:00
cameronrich
70a8f79fa6 TLSv1.1 feature added. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@207 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-05-06 12:35:32 +00:00
cameronrich
8558c49351 Fixed variable length macs used by gnutls. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@205 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-04-28 13:00:20 +00:00
cameronrich
2ae9a3ec83 Started to implement TLS1.1 (but disabled for now) 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@204 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-04-26 20:33:55 +00:00
cameronrich
222f2d98f1 Fixed SOCKET_WRITE() when blocked. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@203 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-02-11 12:43:01 +00:00
cameronrich
7f3d1265ef fixed issue with bad certs on cygwin 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@202 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-02-08 11:38:05 +00:00
cameronrich
9c91e355da Now load PEM cert bundles correctly for verification. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@201 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-24 22:49:20 +00:00
cameronrich
18c3faf4a8 added test case for non-blocking sockets. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@199 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-19 22:41:03 +00:00
cameronrich
faba18dfc1 Check made in ssl_write for EAGAIN return from write(). 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@197 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-16 21:44:03 +00:00
cameronrich
529d87ba09 Added Visual Studio 2010 support and fixed some VS compilation issues. 
Removed code to force blocking mode.


git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@196 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-14 23:25:33 +00:00
cameronrich
9e1cb29c54 Added comments to hmac and rc4 code and extra diagnotics to cert # out of 
bounds.


git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@192 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-08 03:44:47 +00:00
cameronrich
26e256c758 Added some certificate loading tweaks. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@190 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-04 04:20:21 +00:00
cameronrich
9e082c868e Ignore CA cert errors (caused by invalid signature types in cert bundles) 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@189 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-04 01:34:46 +00:00
cameronrich
f5dbc8875e Removed os_port.h dependency. Fixed CA number issue (default now 120). 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@188 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2011-01-03 23:08:49 +00:00
cameronrich
0d2e75b9c7 fixed regular_square. Some scan-build tweaks. Made os_port.h "private". 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@181 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2010-12-29 11:49:30 +00:00
cameronrich
7e570e3943 Fixed 3132700 (close_notify), 3078672 (regular_square), 3072881 
(process_server_hello). Using Montgomery until q_dash issue solved.


git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@180 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2010-12-27 09:40:51 +00:00
cameronrich
c69b6901fb removed redundant x509_free() in do_client_connect() 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@176 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2010-08-07 07:34:41 +00:00
cameronrich
09e79822d5 some fixes to bigint library 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@175 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2010-08-06 09:58:26 +00:00
cameronrich
e686f3b6c6 added alert for renegotiation failure 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@172 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2010-05-08 07:37:49 +00:00
cameronrich
13dee95d97 Fix for ssl client renotiation SSL error 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@166 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2009-12-12 04:11:56 +00:00
cameronrich
2cedd59384 Added SAN ("Subject Alternative Name" support 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@159 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2009-09-23 12:38:23 +00:00
cameronrich
1b9a2cad7b Extended the openssl compatibility layer a bit. 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@154 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2009-01-30 12:35:07 +00:00
cameronrich
85e157927a double check on a bad signature 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@152 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2008-12-03 09:36:59 +00:00
cameronrich
0abda1ca64 changed x509 verification code 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@151 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2008-11-05 12:01:50 +00:00
cameronrich
31efa00831 changes for 1.1.8 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@145 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-12-02 22:15:46 +00:00
cameronrich
785380660e finishing touches to cert generation 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@144 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-12-02 08:01:12 +00:00
cameronrich
bffc3b2197 certificate generation 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@143 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-11-29 13:02:54 +00:00
cameronrich
70ed44946e changed to BSD style license 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@140 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-11-05 02:28:37 +00:00
cameronrich
2f2dd59545 changed var arrays to alloca 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@138 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-10-22 13:17:02 +00:00
cameronrich
fa0bf09b86 some more memory tweaks 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@135 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
 2007-10-04 11:25:28 +00:00