mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,195 Commits 5 Branches 162 Tags
Commit Graph

8195 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
487c60df78 Fixes to work when compiled with TLS 1.3 only 
TLS 1.3 Early Data can be used with PSK and not session tickets.
If only TLS 1.3 and no session tickets then no resumption.
External sites don't support TLS 1.3 yet.
 2018-08-28 15:37:15 +10:00
David Garske
205088d1bc
Merge pull request #1787 from ejohnstown/patches 
Patches for various build errors
 2018-08-24 14:46:28 -07:00
David Garske
459455328f
Merge pull request #1788 from ejohnstown/oid 
OID handling in DecodeExtKeyUsage
 2018-08-24 14:46:19 -07:00
John Safranek
1d9b482711
Merge pull request #1747 from kaleb-himes/XCODE-UPDATES 
Xcode updates
 2018-08-24 14:01:39 -07:00
John Safranek
86ce22c32e
Merge pull request #1785 from embhorn/zd4225 
Fix for old certs not discarded when server does not resume session
 2018-08-24 13:22:06 -07:00
David Garske
1005ca0703
Merge pull request #1786 from kaleb-himes/USER-HEAP-WITH-CM 
Unloading from CM, and using custom heap, ensure XFREE has acces…
 2018-08-24 11:56:48 -07:00
John Safranek
bd5e507617 OID 
1. When checking an OID sum against an OID string based on context, skip the unknown OIDs instead of treating them as parse errors.
2. When getting an OID, pass the lower error upstream instead of just PARSE error.
 2018-08-24 11:51:25 -07:00
John Safranek
4eb0d32fa8 Patches 
1. Define Timeval in callbacks.h if the file sys/time.h is missing.
2. When picking the correct strtok() function, take into account MINGW64.
3. In the example server, changed the call to SSL_accept_ex() as it doesn't exist. Using wolfSSL_accept_ex(). Only a problem when setting WOLFSSL_CALLBACKS.
4. PickHashSigAlgo() is missing a ; when WOLFSSL_CALLBACKS is set.
 2018-08-24 11:46:02 -07:00
toddouska
7f324d2c3b
Merge pull request #1781 from JacobBarthelmeh/Compatibility-Layer 
fix for IV of DES_ncbc function
 2018-08-24 10:16:21 -07:00
kaleb-himes
b7b99a2e92 Unloading from CM, and using custom heap, ensure XFREE has access to custom heap 2018-08-24 10:07:10 -06:00
Kaleb Himes
274b41dea5
Merge pull request #1782 from JacobBarthelmeh/SanityChecks 
refactor CloseSocket for WOLFSSL_BIO free with USER IO
 2018-08-24 09:08:05 -06:00
Eric Blankenhorn
498d8e6c15 Fix for old certs not discarded when server does not resume session 2018-08-24 07:53:35 -05:00
Jacob Barthelmeh
40551720ab refactor CloseSocket and add guard 2018-08-23 16:30:53 -06:00
kaleb-himes
689da22799 Refactor and updates for XCODE projects following peer review 2018-08-23 15:41:35 -06:00
David Garske
c7dde6c682
Merge pull request #1656 from danielinux/contiki-port 
Contiki port
 2018-08-23 12:31:56 -07:00
toddouska
cc39f3211a
Merge pull request #1780 from dgarske/pkcs7_ex 
Added new PKCS7 ex API's to support signing and validation of large data
 2018-08-23 08:41:25 -07:00
toddouska
5d8a2a7702
Merge pull request #1778 from SparkiDev/sp_mem 
Make ALT_ECC_SIZE with SP work
 2018-08-23 08:25:44 -07:00
toddouska
554d40a62e
Merge pull request #1777 from dgarske/async_fixes 
Build fixes for async
 2018-08-23 08:23:20 -07:00
toddouska
0d171e591b
Merge pull request #1776 from SparkiDev/inline_cmpl_fix 
Fix for clang builds with configs not using inline funcs
 2018-08-23 08:22:39 -07:00
toddouska
54a379d8e0
Merge pull request #1775 from SparkiDev/tls_no_cert_vfy 
Fix for no certificates and calling DoVerifyCallback.
 2018-08-23 08:22:07 -07:00
toddouska
8477d5ba1b
Merge pull request #1773 from ejohnstown/critical-option 
Certificate Extension Critical Check Optionality
 2018-08-23 08:21:19 -07:00
JacobBarthelmeh
5ce1757e05
Merge pull request #1779 from dgarske/pic32mz_crypt_align 
Fix for PIC32MZ crypto hardware alignment
 2018-08-23 09:05:50 -06:00
Jacob Barthelmeh
f23eb37ade fix for IV of DES_ncbc function 2018-08-23 09:03:09 -06:00
David Garske
57d72028f6 Fix for missing return code on wc_Pic32HashFree. 2018-08-22 16:38:55 -07:00
David Garske
d0d28c82cd Added new PKCS7 ex API's for supporting signing and validation of large data blobs. New API's are wc_PKCS7_EncodeSignedData_ex and wc_PKCS7_VerifySignedData_ex. Includes header docx and unit tests for new API's. Cleanup for the PKCS7 small stack and const oid's. 2018-08-22 15:46:37 -07:00
David Garske
53af520911 Fix to resolve issue with PIC32MZ crypto hardware (AES/DES3 only) where an unaligned input/output buffer was not handled correctly. This results in a BUFFER_E. This was seen with DTLS v1.0 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher suite. Fix is to allocate a dynamic buffer from heap if the input/output are not aligned. Tested and verified with a PIC32MZ2048EFM144 and the wolfssl_udp_client example for Harmony using DTLS v1.0 and the setudppacketoptions 192.168.0.107 11111 hello -> sendudppacket commands. Cleanups in older ctoacrypt/settings.h for PIC32MZ. 2018-08-22 13:39:03 -07:00
Daniele Lacamera
d7d2fb34af fixed ifdef WOLFSSL_CONTIKI 2018-08-22 17:37:47 +02:00
Daniele Lacamera
bdb5d3c191 Improved support for contiki/uIP. 2018-08-22 09:15:10 +02:00
Daniele Lacamera
7bd16a2582 Fixed after second review 2018-08-22 09:15:10 +02:00
Daniele Lacamera
b74869a61a Moved contiki + uIP support in the library 2018-08-22 09:15:10 +02:00
Daniele Lacamera
b7385476f0 Removed empty ifdef section 2018-08-22 09:15:09 +02:00
Daniele Lacamera
79a7518fdd Using inline functions for XMALLOC/XFREE/XREALLOC in contiki 
This is necessary to avoid the "unused variable" warnings
 2018-08-22 09:15:09 +02:00
Daniele Lacamera
3d27a8dc53 Contiki port 2018-08-22 09:15:09 +02:00
Sean Parkinson
783c4a0c5e Make ALT_ECC_SIZE with SP work 
Change to more relevant dynamic types in SP also.
 2018-08-22 16:02:51 +10:00
David Garske
9ae4ef2d5c Build fixes for --enable-async --enable-all --with-intelqa. Resolves conflict for stat variable name. Fix for DH with async. Fix for async devSize. 2018-08-21 19:51:13 -07:00
Sean Parkinson
31bd844d6f Fix for clang builds with configs not using inline funcs 2018-08-22 11:16:57 +10:00
Sean Parkinson
fff5cff273 Fix for no certificates and calling DoVerifyCallback. 2018-08-22 10:57:19 +10:00
toddouska
776fd51720
Merge pull request #1768 from SparkiDev/tls13_final 
Use final TLS 1.3 version value by default.
 2018-08-21 12:29:51 -07:00
toddouska
e635e49635
Merge pull request #1772 from SparkiDev/tls13_point_ext 
Send EC poiint format extension if downgradable from TLS 1.3
 2018-08-21 12:27:10 -07:00
toddouska
a505f2b063
Merge pull request #1662 from SparkiDev/mem_track 
Add memory usage tracking and logging
 2018-08-21 12:25:49 -07:00
John Safranek
a0f1c9dbe4 Make the check of the certificate extension critical flag optional based on compile option. 2018-08-21 10:57:04 -07:00
Sean Parkinson
1ab17ac827 More changes to minimize dynamic memory usage. 
Change define to WOLFSSL_MEMORY_LOG.
Fix for ED25519 server certificate - single cert to allow comparison
with ECC dynamic memory usage.
Free memory earlier to reduce maximum memory usage in a connection.
Make MAX_ENCODED_SIG_SZ only as big as necessary.
Change memory allocation type in sha256 from RNG to DIGEST.
If we know the key type use it in decoding private key
 2018-08-21 14:41:01 +10:00
Sean Parkinson
d29118ba58
Merge pull request #1771 from dgarske/tls13only 
Fixes for building with TLS v1.3 only enabled.
 2018-08-21 14:25:54 +10:00
Sean Parkinson
103a0d351b Send EC poiint format extension if downgradable from TLS 1.3 2018-08-21 10:11:12 +10:00
David Garske
389f56b5c7 Fix for building with TLS 1.3 only when AES CBC is enabled. Algorithm is allowed to be enabled, but the AES CBC cipher suites should not be. Fixed AEAD enable to check AES CBC based on HAVE_AES_CBC define. 2018-08-20 16:29:48 -07:00
Sean Parkinson
506c858ed6 Add memory usage tracking and logging 
Add WOLFSSL_MEMORY_TRACKING to report allocations and frees with the
type.
Fix places where memory can be freed earlier.
 2018-08-21 08:54:57 +10:00
David Garske
b12386fbb1 Fixes for building with TLS v1.3 only (./configure --disable-tlsv12 --enable-tls13 --disable-aescbc --enable-ed25519 --enable-curve25519) 2018-08-20 15:49:03 -07:00
Sean Parkinson
20950ffde8 Remove TODOs around TLS 1.3 draft version. 2018-08-21 08:41:50 +10:00
David Garske
3d16ed9c02
Merge pull request #1770 from ejohnstown/prime-fix 
Prime Test Bug Fix
 2018-08-20 13:24:05 -07:00
John Safranek
e4757f1283 Prime Test Bug Fix 
Using the wrong size for the MR test check value. Converting from size
of FP_MAX_BITS to the DH prime size, dividing too much. Switched it to
its own constant.
 2018-08-20 11:43:06 -07:00