mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,851 Commits 5 Branches 162 Tags
Commit Graph

210 Commits

Author SHA1 Message Date
David Garske
039aedcfba Added "wolfSSL_use_certificate_chain_buffer_format". Added "wolfSSL_SESSION_CIPHER_get_name" to get cipher suite name using WOLFSSL_SESSION*. Moved the "wolfSSL_get_cipher_name_from_suite" function to internal.c. Added new server-cert-chain.der, which is combination of ca-cert.der and server-cert.der. Enhanced load_buffer to detect format using file extension. Can test use of DER cert chain with NO_FILESYSTEM defined using "./examples/server/server -c ./certs/server-cert-chain.der -k ./certs/server-key.der". 2016-11-30 16:26:02 -08:00
toddouska
092916c253 Merge pull request #536 from ejohnstown/dtls-sctp 
DTLS over SCTP
 2016-08-30 13:09:40 -07:00
David Garske
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
John Safranek
46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
Jacob Barthelmeh
e8f7d78fc4 add helper functions for choosing static buffer size 2016-07-21 12:11:15 -06:00
John Safranek
2f9c9b9a22 Add cipher suite ECDHE-ECDSA-AES128-CCM 
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
   against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.

Tested against GnuTLS's client and server using the options:

    $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
    $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"

To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
 2016-06-13 14:39:41 -07:00
Jacob Barthelmeh
3d3591a227 typdef gaurd / error out on bad mutex init / handle no maxHa or maxIO set 2016-06-10 14:13:27 -06:00
Jacob Barthelmeh
ea3d1f8e17 extended method function 2016-06-09 23:41:51 -06:00
Jacob Barthelmeh
8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh
e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh
2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh
104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
Chris Conlon
8f3e1165a1 add Whitewood netRandom client library support 2016-05-05 15:31:25 -06:00
Kaleb Himes
b2af02a783 Merge pull request #383 from kojo1/MDK5 
fixes for MDK5 compiler
 2016-04-26 16:11:59 -06:00
Jacob Barthelmeh
77a9343973 use short for RSA min key size and check casts 2016-04-22 12:56:51 -06:00
Jacob Barthelmeh
1dac3841ca change type to short for comparision and up default min size 2016-04-20 15:44:45 -06:00
Jacob Barthelmeh
3129bb22cd minimum ECC key size check at TLS/SSL level 2016-04-19 15:50:25 -06:00
toddouska
117231c0e3 Merge pull request #387 from JacobBarthelmeh/RSA-min 
add check for min RSA key size at TLS/SSL level
 2016-04-19 13:57:26 -07:00
toddouska
0dbdc8eab0 Merge pull request #372 from dgarske/mingwfixes 
MinGW fixes
 2016-04-18 12:50:13 -07:00
Jacob Barthelmeh
c9891567e8 add check for min RSA key size at TLS/SSL level 2016-04-14 13:35:49 -06:00
Takashi Kojo
cab1ebf2d6 move MDK5 current_time to test.h 2016-04-14 18:47:16 +09:00
Takashi Kojo
35c5353698 fixed current_time argument 2016-04-14 16:26:51 +09:00
Takashi Kojo
cfd5af341b fixed test.c compile error and server.c/client.c/ssl.c warnings with MDK5 compiler. 2016-04-12 11:05:30 +09:00
kaleb-himes
1b7cd5cb06 consolidate handling of dead assignment warnings 2016-04-11 13:39:44 -06:00
kaleb-himes
c6e9021732 scan-build warnings related to enable-psk, disable-asn,rsa,ecc 2016-04-11 11:13:26 -06:00
David Garske
993972162e MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used. 2016-04-08 11:48:14 -06:00
Jacob Barthelmeh
85a9c55048 fix c89 build on windows 2016-04-06 11:16:40 -06:00
toddouska
63b1282e67 Merge pull request #335 from dgarske/asynccrypt 
Asynchronous crypto and wolf event support
 2016-03-30 20:12:41 -07:00
David Garske
4472152b18 Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files. 2016-03-30 15:15:38 -07:00
Jacob Barthelmeh
696169634e check return value of wolfSSL_set_fd 2016-03-25 13:59:04 -06:00
Jacob Barthelmeh
e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske
e1787fe160 Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo. 2016-03-17 13:31:03 -07:00
Jacob Barthelmeh
060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00
David Garske
0ed26ad262 Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option. 2016-03-08 08:35:28 -08:00
Jacob Barthelmeh
aab44eb26b adjest example server PSK plus flag 2016-03-02 15:43:17 -07:00
Jacob Barthelmeh
d969e2ba11 automated test for trusted peer certs 2016-03-02 11:42:00 -07:00
Jacob Barthelmeh
05d2cec7c1 addition to api tests and refactor location of trusted peer cert check 2016-03-02 11:35:03 -07:00
Jacob Barthelmeh
7df22ee210 Trusted peer certificate use 2016-03-02 11:22:34 -07:00
Jacob Barthelmeh
ff7a9d9f78 option for fail on no peer cert except PSK suites 2016-02-10 13:26:03 -07:00
David Garske
2db6246abc Fixed typo with testsuite preprocessor. Added missing chacha.c, chacha20_poly1305.c, pkcs7.c and poly1305.c. Also added the IDE/WIN/user_settings.h to the project so its easy to find. 2016-02-04 11:19:51 -08:00
David Garske
ebd14a657d Added signature.c to Visual Studio project files. Added new "IDE/WIN/user_settings.h" which contains all the defines for the various Windows Visual Studio projects. Moved the settings into this new file and added the WOLFSSL_USER_SETTINGS and CYASSL_USER_SETTINGS macros and include path to IDE/WIN to all project files. This allows the settings (defines) to be adjusted in a single place for Win VS. 2016-01-29 14:29:31 -08:00
Moisés Guimarães
ec9d23a9c3 Merge branch 'csr' 2015-12-28 19:38:04 -03:00
toddouska
2d33380abc Merge pull request #225 from JacobBarthelmeh/master 
help message to use NTRU key in example server
 2015-12-28 11:56:13 -08:00
John Safranek
92cb8eee61 revise the comments about port 0 use in the example client and server 2015-12-24 15:42:52 -08:00
John Safranek
4b836f8476 added note to client and server regarding port 0 2015-12-23 12:20:53 -08:00
toddouska
22385f2b39 add random ports for all make check scripts, unique ready file 2015-12-22 14:35:34 -08:00
Jacob Barthelmeh
0721b79282 help message to use NTRU key in example server 2015-12-22 11:51:26 -07:00
John Safranek
917edc5f18 Merge pull request #218 from toddouska/ssl3-aes256 
add aes256 key derivation to ssl3
 2015-12-17 18:30:23 -08:00
Chris Conlon
b89354880f switch pragma once uses, causes warnings on some compilers 2015-12-17 13:19:17 -07:00