mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,443 Commits 5 Branches 162 Tags
Commit Graph

11443 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toddouska
29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
Chris Conlon
fb51a2298e
Merge pull request #3019 from kaleb-himes/ZD10380 
init components as best practice
 2020-06-09 17:23:55 -05:00
toddouska
e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska
48783c1982
Merge pull request #2996 from dgarske/stm32hal 
Fixes and improvements for STM32 crypto hardware
 2020-06-09 13:24:27 -07:00
toddouska
c023efb2aa
Merge pull request #3025 from JacobBarthelmeh/Compatibility-Layer 
fix macro to match *_FLAGS_*
 2020-06-09 13:19:29 -07:00
toddouska
7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
toddouska
ef742c4a42
Merge pull request #3027 from danielinux/psoc6_crypto 
Cypress PSoC6 wolfcrypt driver
 2020-06-09 13:17:37 -07:00
toddouska
8fc908989a
Merge pull request #3029 from SparkiDev/aes-ccm-fix 
Fix optimized AES-CCM - counter
 2020-06-09 13:13:42 -07:00
David Garske
8b6b54603f Add STM32WB55 crypto hardware support for AES. 2020-06-08 08:48:59 -07:00
Tesfa Mael
28913a276f Include GCM in latest FIPS and Windows build 2020-06-08 08:38:59 -07:00
David Garske
5837c70e99 Support for STM32L5 PKA ECC sign/verify acceleration. 2020-06-08 08:37:55 -07:00
David Garske
16c0160e63 Added support for STM32L5. 2020-06-08 08:37:55 -07:00
David Garske
21a34bde8c Fix whitespace. 2020-06-08 08:37:55 -07:00
David Garske
6f82f15d1b Performance improvements for STM32 AES CBC and GCM crypto hardware. 
* AES CBC:
  - Do all blocks, not just one at a time.
* AES GCM:
  - Use local stack for authentication header if < block size.
  - Use hardware GHASH for all authentication header sizes.

Tested with STM32F437II (old/new Cube HAL/StdPeriLib), STM32F777ZI (CubeMX) and STM32L4A6ZG (CubeMX).
 2020-06-08 08:37:55 -07:00
David Garske
efe9da0994 Fix for STM32 crypto hash with WOLFSSL_SMALL_STACK_CACHE possible free of invalid pointer. 2020-06-08 08:37:55 -07:00
David Garske
dff7c0fcfa Fix for hardware mutex protection in case where STM32 hardware acceleration is used for RNG or HASH only. 2020-06-08 08:37:55 -07:00
David Garske
42ee313286 Fix for using WOLFSSL_SMALL_STACK_CACHE with STM32 SHA256 hardware acceleration. 2020-06-08 08:37:55 -07:00
David Garske
8791573dfe Fix for building with NO_PUBLIC_GCM_SET_IV when ChaCha20/Poly1305 is enabled. Cleanup use of not used STD_PERI_LIB. 2020-06-08 08:37:54 -07:00
Sean Parkinson
d543e305f1 Fix optimized AES-CCM - counter 
AES-NI optimized 4 block at a time was not incrementing counter
poprerly.
 2020-06-08 10:48:19 +10:00
David Garske
3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in AddSession. 2020-06-05 13:33:03 -07:00
David Garske
fb5c9e5268 Adjust static memory case with TLS v1.3 enabled. 2020-06-05 11:11:23 -07:00
David Garske
3b8455fcd0 Fix for building without ECC and DH (TLS v1.3 cannot be enabled). 2020-06-05 10:26:32 -07:00
Daniele Lacamera
254dd9f823 Added new files to include.am 2020-06-05 15:28:49 +02:00
Daniele Lacamera
76ab8bfb6b Added psoc6 ECDSA verification support 2020-06-05 11:30:29 +02:00
Daniele Lacamera
b1947478bb Added support for SHA512 via psoc6 crypto 2020-06-05 11:30:29 +02:00
Daniele Lacamera
82520572b0 Initial support for psoc6_crypto (sha256 only) 2020-06-05 11:30:29 +02:00
David Garske
dffc677561 Fix for TLS v1.3 with --enable-sniffer. 2020-06-04 16:42:40 -07:00
David Garske
7879e83ae0 Fixes for building with ./configure --enable-tls13 --disable-rsa --disable-ecc --enable-psk. Fix to properly detect if missing a asymmetric key algorithm (required by TLS v1.3). 2020-06-04 16:31:19 -07:00
David Garske
1d01b87741 Fix to detect if NO_CERTS / --disable-asn is used in scripts/tls13.test. 2020-06-04 16:08:08 -07:00
David Garske
66fdc2c536 Disable TLS v1.3 if none of these are available "ECC, CURVE25519, CURVE448 or DH". 2020-06-04 15:31:19 -07:00
David Garske
93be04f380 Can't send empty list for the client when sniffer is enabled or it will use AES128-SHA. 2020-06-04 15:31:18 -07:00
David Garske
ad93813d75 Fix for expected failure case on client write. Resolves test-fails.con server TLSv1.3 fail on no client certificate test. 2020-06-04 15:31:18 -07:00
David Garske
d4fdd1e590 Fix for TLS v1.3 test PSK callback to support cipher list. Add support for GetCipherSuiteFromName to accept a name ending with colon. 2020-06-04 15:31:18 -07:00
David Garske
3b63e55a68 Fix for TLS v1.3 PSK tests work with additional cipher suites (not just TLS13-AES128-GCM-SHA256) and the echo server/client. 2020-06-04 15:31:18 -07:00
David Garske
8823a581d0 Add PSK user context support (Fixes #2952.). 2020-06-04 15:31:18 -07:00
David Garske
0228d1eeea Cleanups for the TLS v1.3 build requirements. Add check for TLS v1.3 call to EncodeSigAlg. 2020-06-04 15:31:18 -07:00
David Garske
ab2afbd37b Allow the TLS 13 draft 18 build option and just use the final version. This allows the automated test scripts to pass. 2020-06-04 15:31:18 -07:00
David Garske
4d8cf5b571 Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF). 2020-06-04 15:31:18 -07:00
David Garske
8300754ecd Fix for "testsuite" with TLSv1.3 and --enable-sniffer. 2020-06-04 15:31:18 -07:00
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
093d9981fb Disable fast-rsa if RSA PSS is enabled (not supported). 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
toddouska
3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
JacobBarthelmeh
976db2545d
Merge pull request #3007 from embhorn/zd10318 
Fix OOB access in ParseCRL
 2020-06-04 13:11:59 -06:00
toddouska
23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
b48699c1f0
Merge pull request #3022 from cconlon/jnisni 
enable SNI by default for JNI/JSSE build
 2020-06-04 11:07:56 -07:00
toddouska
79465d70f7
Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00
Jacob Barthelmeh
c8b87eab5f fix macro to match *_FLAGS_* 2020-06-04 11:53:46 -06:00
kaleb-himes
5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00