mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,057 Commits 5 Branches 162 Tags
Commit Graph

9057 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toddouska
3013cdd925
Merge pull request #2095 from SparkiDev/asm_macosx 
Get Mac OS X working with the x86_64 assembly files
 2019-02-20 09:19:29 -08:00
toddouska
025fba8ec6
Merge pull request #2093 from dgarske/tls13_async_dh 
Fix for TLSv1.3 with DH key share when using QAT
 2019-02-20 09:16:54 -08:00
toddouska
5d667ed1b8
Merge pull request #2075 from SparkiDev/port_zephyr 
Zephyr port of crypto
 2019-02-20 09:10:04 -08:00
David Garske
c2fbef2f7f Refactor to populate preMasterSz on XMALLOC. Fix for DoClientKeyExchange and ecdhe_psk_kea, which assumes preMasterSz is zero. Fix for TLS v1.3 resumption not properly setting preMasterSz. Removed for TLS v1.3 PSK setup test for preMasterSz == 0, which is not required. Spelling fixes for tls13.c. 2019-02-19 13:01:21 -08:00
David Garske
dc1f0d7822 Fix for DH with QuickAssist to only use hardware for supported key sizes. Fix in random.c for seed devId when building async without crypto callbacks. 2019-02-19 11:57:55 -08:00
Sean Parkinson
e3997558a9 Fixes from review and added REAMEs and setup.sh 
Add README.md and setup.sh.
Add READMEs with license information.
 2019-02-19 11:47:45 +10:00
Sean Parkinson
5e1eee091a Add threaded samples using buffers and sockets 2019-02-19 11:47:45 +10:00
Sean Parkinson
4302c02e67 Include zephyr directories in the release 2019-02-19 11:47:44 +10:00
Sean Parkinson
2c447b24cd Fixes from review and add IDE files 2019-02-19 11:47:44 +10:00
Sean Parkinson
3366acc9ce Zephyr port of crypto 2019-02-19 11:47:44 +10:00
toddouska
25dd5882f8
Merge pull request #2094 from dgarske/ecdsa_der_len 
Adds strict checking of the ECDSA signature DER encoding length
 2019-02-15 10:53:57 -08:00
toddouska
7275ee5f19
Merge pull request #2089 from SparkiDev/tls13_sup_ver 
Make SupportedVersions respect SSL_OP_NO_TLSv*
 2019-02-15 10:36:32 -08:00
toddouska
d9a5898e91
Merge pull request #2082 from SparkiDev/parse_kse 
Fix length passed to key share entry parsing
 2019-02-15 10:31:14 -08:00
toddouska
c04cade97c
Merge pull request #2083 from JacobBarthelmeh/Testing 
Expected Configurations Test - NIGHTLY BUILD #505
 2019-02-15 10:23:55 -08:00
Sean Parkinson
16f31cf8c6 Get Mac OS X working with the x86_64 assembly files 2019-02-15 15:08:47 +10:00
Sean Parkinson
e47797f700 Make SupportedVersions respect SSL_OP_NO_TLSv* 2019-02-15 08:26:03 +10:00
David Garske
a9f29dbb61 Adds strict checking of the ECDSA signature DER encoding length. With this change the total signature size should be (sequence + r int + s int) as ASN.1 encoded. While I could not find any "must" rules for the signature length I do think this is a good change. 
If the old length checking method is desired `NO_STRICT_ECDSA_LEN` can be used. This would allow extra signature byes at the end (unused and not altering verification result). This is kept for possible backwards compatibility.

Per RFC6979: `How a signature is to be encoded is not covered by the DSA and ECDSA standards themselves; a common way is to use a DER-encoded ASN.1 structure (a SEQUENCE of two INTEGERs, for r and s, in that order).`

ANSI X9.62: ASN.1 Encoding of ECDSA:

```
ECDSA-Sig-Value ::= SEQUENCE {
  r INTEGER,
  s INTEGER
}
```

Fixes #2088
 2019-02-14 12:05:34 -08:00
David Garske
64cb07557d
Merge pull request #2091 from SparkiDev/pkcs11_fixes 
Fix PKCS #11 AES-GCM and handling of unsupported algorithms
 2019-02-14 09:49:02 -08:00
Sean Parkinson
5856d6b3dc Fix PKCS #11 AES-GCM and handling of unsupported algorithms 2019-02-14 17:06:15 +10:00
Jacob Barthelmeh
275667f0e9 remove ocsp attempt with ipv6 enabled 2019-02-13 19:01:09 -07:00
toddouska
46bb2591c8
Merge pull request #2070 from dgarske/fix_cryptocb 
Fixes and improvements to Crypto Callbacks and STM32 RNG performance
 2019-02-13 12:44:19 -08:00
David Garske
d98ebc4da2 Reverted the Hmac_UpdateFinal change to call final as it causing constant timing issues. Improved the wc_HmacFree to handle the case were final isn't called for Crypto callbacks. 2019-02-13 10:24:53 -08:00
toddouska
272181bc2e
Merge pull request #2086 from dgarske/atecc_makekey 
Fix for ATECC make key case when `curve_id == 0`
 2019-02-13 09:52:54 -08:00
toddouska
817b82e453
Merge pull request #2084 from cconlon/cmsFeb19 
Changes for CMS signedData default signed attributes
 2019-02-13 09:49:55 -08:00
Chris Conlon
1fab970316
Merge pull request #2085 from miyazakh/esp-idf_fix_script 
modified esp-idf setup script to avoid unnecessary file copy
 2019-02-13 08:01:13 -07:00
David Garske
95db819d45 Fixes for warnings when building with --enable-pkcs11. 2019-02-12 16:05:48 -08:00
David Garske
e0b46734d6 Enhnacement to the tls_bench tool to support new -S command to indicate total size of data to exchange. Previously was just sending one packet back and forth. Imporved the shutdown handling code. 2019-02-12 16:03:10 -08:00
David Garske
1a8388641d Change new hash SetFlag/GetFlag API's to private. 2019-02-12 16:03:10 -08:00
David Garske
c9521b56f2 Fix warning about HAL_RNG_GenerateRandomNumber type. 2019-02-12 16:03:10 -08:00
David Garske
eb8a2f3a03 Minor fixes to CryptoCb wolfCrypt test for AES test and hash support for update/final in same callback. 2019-02-12 16:03:10 -08:00
David Garske
454687f429 Fix for TLS HMAC constant timing to ensure final is called for dummy operations. Added devCtx to AES for CryptoCb. 2019-02-12 16:03:10 -08:00
David Garske
dcdb1d7094 Added flag to indicate if hash is copied. 2019-02-12 16:03:10 -08:00
David Garske
e7b23646a5 Updates to HMAC crypto callback support to capture raw KEY and require hmac struct. 2019-02-12 16:03:10 -08:00
David Garske
838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
David Garske
40a7bcfc20 Fix for new random seed crypto callback to properly reset error code in NOT_COMPILED_IN case. 2019-02-12 16:03:10 -08:00
David Garske
88d3abb1e6 Added Crypto callback HMAC support. 2019-02-12 16:03:10 -08:00
David Garske
18d5b3393c Correct NULL cryptocb case. 2019-02-12 16:03:10 -08:00
David Garske
891abe130a Added Crypto callback support for ASN CalcHashId. Added arg checking to cryptocb functions. 2019-02-12 16:03:10 -08:00
David Garske
9fc0610720 Fix to ensure hash devCtx is cleared. 2019-02-12 16:03:10 -08:00
David Garske
7e3082906e Fix for ensuring devId is passed into symmetric init. 2019-02-12 16:03:10 -08:00
David Garske
dad88b4c81 Improvements to the STM32L4 random generation code for improved performance and error handling. Added new WOLFSSL_STM32_RNG_NOLIB define to support generic STM32 series RNG without external ST library. 2019-02-12 16:03:10 -08:00
Chris Conlon
08bcef7c0c adjust wolfSSL_PKCS7_verify API test 2019-02-12 14:48:49 -07:00
Kaleb Himes
f824c8c769
Merge pull request #2077 from ejohnstown/ocsp-ecdsa 
OCSP and ECDSA Signers
 2019-02-12 09:50:37 -07:00
David Garske
acb983a154 Fix for ATECC make key case when curve_id == 0 (default). ZD 4383 2019-02-12 08:34:34 -08:00
toddouska
feae776ee3
Merge pull request #2078 from SparkiDev/ssl_priv_id 
Support in SSL for setting a private key id
 2019-02-12 07:56:47 -08:00
Hideki Miyazaki
e5f94e5884 modified script to avoid unnecessary file copy 2019-02-12 10:37:30 +09:00
Sean Parkinson
66ab6d8c22 Check FindObjectFinal call for error 2019-02-12 09:07:14 +10:00
Jacob Barthelmeh
acc0121e0f account for WOLF_C99 with ipv6 test cases 2019-02-11 15:07:12 -07:00
Chris Conlon
fb6aaf2ae2 rearrange order of default CMS SignedData signed attributes for better interop compatibility 2019-02-11 14:48:37 -07:00
Chris Conlon
56736a3563 always include default signed attributes for CMS SignedData bundles, add function to remove if needed 2019-02-11 14:41:32 -07:00