1. When using multiple filenames, keep the original entered string
around so it may be reused for each IP address.
2. Strip the trailing newline from the entered filename list.
- I observed that client TX throughput < client RX throughput, but server TX
throughput > server RX throughput. Turns out this is just a typo in the
printing of the stats. The RX stat was being printed as the TX stat and vice-
versa.
- I added a note to scripts/benchmark.test about a 2 second sleep we do waiting
for the server to come up. If you were to time this script with the time
command, you'll see that 2 seconds in the result, which might be confusing
if you didn't realize the sleep was there.
Was opening and closing sessions when operations not compiled in were
being attempted (e.g. hashing during certificate signing).
C_Sign can be used with X509 RSA (raw) as it does the same operations as
C_Decrypt. Use the function matching hig level operation where
supported.
Make debugging functions take a CK_ULONG rather than an int - to avoid
casting.
- Use OcspEntry in OcspResponse instead of CertStatus. OcspEntry is more
analogous to an OCSP SingleResponse, which contains issuer name and key
hashes. Correspondingly, remove these hashes from OcspResponse, since they'll
now be stored per SingleResponse in an OcspEntry.
- Add a hashAlgoOID to OcspEntry (corresponds to hashAlgorithm in CertId in RFC
6960). This makes OcspEntry more closely resemble an OCSP SingleResponse.
- Change WOLFSSL_OCSP_CERTID to map to OcspEntry. OcspEntry contains all the
information that an OCSP CertID contains, and is a better fit than
OcspRequest.
- Add a pointer to the raw CertId in an OCSP SingleResponse to OcspEntry, along
with a size field to indicate how many bytes the CertId occupies. This will
be used in an OpenSSL compatibility function, i2d_OCSP_CERTID, which yields
the raw bytes of the CertId.
Changes to atmel.c file that lets a user to
1. Use Harmony3 generated configurations to initialize the device in atmel_init().
2. Read the device certificate chain from ECC608 TNGTLS and initialize the ctx with it to use as device certificate.
- This is the true purpose of going with TNGTLS
