mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,593 Commits 5 Branches 162 Tags
Commit Graph

743 Commits

Author SHA1 Message Date
John Safranek
963b9d4c4d OCSP Fixes 
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
 2016-09-01 09:58:34 -07:00
Chris Conlon
a0b02236b8 Merge pull request #527 from danielinux/master 
Support for Frosted OS
 2016-08-31 10:07:25 -06:00
David Garske
6a70403547 Fix for "not used" devId in benchmark. 2016-08-29 11:01:16 -07:00
David Garske
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
toddouska
bd312cb766 Merge pull request #533 from dgarske/dg_fixes 
Fixes for HMAC/small stack heap and disable RSA warnings
 2016-08-26 14:30:55 -07:00
David Garske
bf23b2f9d1 Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup. 2016-08-26 12:35:47 -07:00
David Garske
925e5e3484 Fixes typo issue with heap in hmac and small stack enabled. Fixed "never read" scan-build warnings with typeH and verify when RSA is disabled. 2016-08-26 10:33:01 -07:00
David Garske
a9278fe492 Added check for GetLength result in asn GetIntRsa function. Fixed return code in random.c for "wolfAsync_DevCtxInit" due to copy/paste error. Added RSA wc_RsaCleanup to make sure allocated tmp buffer is always free'd. Eliminated invalid RSA key type checks and "RSA_CHECK_KEYTYPE". 2016-08-23 11:31:15 -07:00
Daniele Lacamera
3d3f8c9dd3 Support for Frosted OS 2016-08-18 14:56:14 +02:00
David Garske
3e6be9bf2c Fix in "wc_InitRsaKey_ex" for normal math so mp_init isn't called to defer allocation. 2016-08-15 14:07:16 -06:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
dgarske
b38218a0b9 Merge pull request #524 from kaleb-himes/certs-buffs-and-tests 
cert updates, new buffers, new test with buffers
 2016-08-14 08:39:37 -07:00
kaleb-himes
da18e463ed remove constraints on inclusion of certs_test.h 2016-08-12 17:00:22 -06:00
kaleb-himes
03295ec6d7 update certs, extend ntru to 1000 days, add der formatted ecc, new ecc buffer test 
changes from first review

move to 256 bit defines
 2016-08-12 13:00:52 -06:00
Jacob Barthelmeh
b502d9dcf7 help static analysis tools 2016-08-10 14:23:27 -06:00
David Garske
317a7f2662 Change misc.c error to warning and exclude the misc.c code from being compiled. Most people include all .c files and by default inlining is allowed, which in turn causes an #error in misc.c and it must be excluded. Since we know its already been properly included there is no reason to throw error here. Instead, show warning and exclude code in .c file. 2016-08-08 13:13:59 -07:00
toddouska
49fb0d56b0 Merge pull request #516 from dgarske/fix_asn_wo_hmac 
Fix build issue with ASN enabled and no HMAC
 2016-08-06 10:07:00 -07:00
toddouska
c8cfe1ffa1 Merge pull request #511 from dgarske/openssl_compat_fixes 
Various improvements to support openssl compatibility
 2016-08-06 09:59:31 -07:00
toddouska
dd03af2cf4 Merge pull request #512 from dgarske/fix_crl_pad 
Fixed issue with CRL check and zero pad
 2016-08-06 09:56:59 -07:00
dgarske
cc462e2c50 Merge pull request #513 from kojo1/Der2Pem 
Adds "wc_DerToPem" CRL_TYPE support
 2016-08-05 14:35:15 -07:00
David Garske
d8c63b8e66 Various improvements to support openssl compatibility. 
* Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it).
* Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist).
* Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same).
* Added "WOLFSSL*" to HandShakeInfo.
* Allowed "SetName" to be exposed.
* Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code).
 2016-08-05 14:15:47 -07:00
David Garske
6b1ff8e9d7 Only try and return serial number or check padding if the serial number size is greater than 1. 2016-08-05 12:53:26 -07:00
David Garske
a17bc2a42e Fix build issue with ASN enabled and no HMAC (missing MAX_DIGEST_SIZE). Switch to using WC_MAX_DIGEST_SIZE from hash.h, which is always available. Added small stack option for digest in MakeSignature. Fixed build error with unused "testVerifyCount" if "NO_ECC_SIGN" or "NO_ECC_VERIFY". 2016-08-05 12:19:30 -07:00
David Garske
96da2df7ec Additional max index and serial number size checks in "GetSerialNumber". 2016-08-03 17:04:44 -07:00
David Garske
2c1309ffc7 Fixes for warnings when cross-compiling with GCC ARM. 2016-08-03 16:53:53 -07:00
Takashi Kojo
ed4cd2438f CRL_Type to wc_DerToPem 2016-08-03 10:53:54 +09:00
David Garske
9ddfe93c43 Fixed issue with CRL check and zero pad (the GetRevoked function was not trimming pad). Added new ASN "GetSerialNumber" function and implemented it in three places in asn.c. 2016-08-02 16:47:21 -07:00
JacobBarthelmeh
dcc0f87ce6 Merge pull request #506 from toddouska/del_point 
fix remaining non fpecc ecc_del_point w/o heap
 2016-07-27 18:54:46 -06:00
dgarske
303561c1a1 Merge pull request #505 from toddouska/timing 
fix scan-build warning on ecc memory alloc failure
 2016-07-27 15:52:01 -07:00
toddouska
a94f34c8e2 fix remaining non fpecc ecc_del_point w/o heap 2016-07-27 14:24:34 -07:00
toddouska
7cf0b8fe85 fix scan-build warning on ecc memory alloc failure 2016-07-27 11:20:08 -07:00
David Garske
b0e72dd692 Fix for "OID Check Failed". This restores behavior to what it was prior to commit "7a1acc7". If an OID is not known internally skip the verify and return success and the OID sum. 2016-07-27 10:39:42 -07:00
John Safranek
993838153e Merge pull request #487 from moisesguimaraes/fix-ocspstapling-getca 
fixes ocsp signer lookup in the cert manager.
 2016-07-26 12:42:47 -07:00
David Garske
c80f1805f0 Fix for failing OID check with "ocspstapling2" enabled. Found OID type in "ToTraditional" that should be keyType, not sigType. Added optional OID decode function and optional OID info dump in "GetObjectId" (both off by default). 2016-07-26 10:35:40 -07:00
toddouska
a274386693 fix user rsa no error codes? 2016-07-25 19:19:46 -07:00
toddouska
cd5486a4e6 fix user_rsa with blinding API addition 2016-07-25 15:33:28 -07:00
Jacob Barthelmeh
e8f7d78fc4 add helper functions for choosing static buffer size 2016-07-21 12:11:15 -06:00
toddouska
1b980867d6 fix rsablind other builds 2016-07-20 11:35:57 -07:00
David Garske
e0f2bbd1b4 Added comment about why 0's test is disabled. ECC without Shamir fails with fast or normal math. 2016-07-19 19:12:45 -07:00
David Garske
5e2502fa95 ECC without Shamir has issues testing all zero's digest, so disable this test if not using Shamir method. Fixed comment about "NO_ECC_SECP". 2016-07-19 14:34:32 -07:00
toddouska
7a419ba6d8 Merge pull request #472 from dgarske/ecc_brainpool_koblitz 
ECC and TLS support for all SECP, Koblitz and Brainpool curves
 2016-07-19 11:44:53 -07:00
toddouska
f88f501923 add unique RNG missing error 2016-07-18 18:10:38 -07:00
Moisés Guimarães
e866b55bb7 removes fallback. 2016-07-18 22:02:41 -03:00
toddouska
1c71fb4ad1 scope tmpa/b with blinding, document RSA options 2016-07-18 17:37:03 -07:00
toddouska
c2b55f69fa fix 32bit mp_add_d need 2016-07-18 12:49:31 -07:00
toddouska
d235a5f0cc add WC_RSA_BLINDING, wc_RsaSetRNG() for RSA Private Decrypt which doesn't have an RNG 2016-07-18 11:57:47 -07:00
Moisés Guimarães
dd329ac97b fixes ocsp signer lookup in the cert manager. 2016-07-15 17:12:04 -03:00
dgarske
c20551cc56 Merge pull request #478 from toddouska/flatten-fix 
fix rsa flatten eSz check
 2016-07-13 08:50:39 -07:00
toddouska
7a906e47ed fix rsa flatten eSz check 2016-07-12 16:28:59 -06:00
Jacob Barthelmeh
92341292c7 remove hard tabs and replace with spaces 2016-07-12 14:12:44 -06:00