mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,195 Commits 5 Branches 162 Tags
Commit Graph

357 Commits

Author SHA1 Message Date
Jacob Barthelmeh
aabe456592 sanity checks, remove some magic numbers, TLS read ahead 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh
79472e11a1 add bio.c to dist and implement wolfSSL_check_private_key , wolfSSL_get_server_random 2016-12-28 14:44:05 -07:00
David Garske
650ddb8d23 Fixes so make check works with NO_FILESYSTEM and FORCE_BUFFER_TEST. Example: ./configure CFLAGS="-DNO_FILESYSTEM -DFORCE_BUFFER_TEST" 2016-11-30 16:27:24 -08:00
Jacob Barthelmeh
f7a951709f COMPAT. LAYER : get SSL client random bytes 2016-11-07 13:21:35 -07:00
toddouska
87e3f45f52 add SCR client and server verify data check 2016-11-03 14:45:24 -07:00
toddouska
f191cf206e allow single threaded mode to share an RNG at WOLFSSL_CTX level 2016-09-16 13:35:29 -07:00
John Safranek
b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon
0f0e0ca9a5 add extended master to example client 2016-09-01 15:17:46 -06:00
John Safranek
aed68e1c69 1. Needed to tell the client to use sctp. 
2. Creating the example sockets needed the IPPROTO type.
 2016-08-26 19:58:36 -07:00
John Safranek
46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
David Garske
32b0303beb Fix build with "WOLFSSL_CALLBACKS" defined. 2016-08-05 14:06:58 -07:00
David Garske
5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska
ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Jacob Barthelmeh
49934a5c91 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-24 14:22:14 -06:00
Jacob Barthelmeh
0b91e000bb fix secure renegotiation build 2016-06-23 13:10:39 -06:00
Jacob Barthelmeh
f6bbe845f5 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-22 09:14:53 -06:00
Jacob Barthelmeh
ea71814518 Merge https://github.com/wolfSSL/wolfssl 2016-06-17 13:58:53 -06:00
John Safranek
2f9c9b9a22 Add cipher suite ECDHE-ECDSA-AES128-CCM 
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
   against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.

Tested against GnuTLS's client and server using the options:

    $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
    $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"

To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
 2016-06-13 14:39:41 -07:00
Jacob Barthelmeh
e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh
2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh
104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
Ludovic FLAMENT
ed4f67058a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2016-05-20 21:51:13 +02:00
toddouska
b8c0802e3c Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore 
Dtls multi core
 2016-05-17 17:39:18 -07:00
Jacob Barthelmeh
8c45cb1938 add DTLS session export option 2016-05-10 13:27:45 -06:00
Chris Conlon
8f3e1165a1 add Whitewood netRandom client library support 2016-05-05 15:31:25 -06:00
Chris Conlon
4b16600011 fix type comparison on 32bit for starttls, zero tmp buffer 2016-05-03 13:52:04 -06:00
John Safranek
f9ab61db5d Merge pull request #402 from cconlon/starttls 
use send/recv instead of write/read with STARTTLS
 2016-05-02 17:19:50 -07:00
Chris Conlon
a94383037c use send/recv instead of write/read with STARTTLS for winsock compatibility 2016-05-02 14:36:59 -06:00
toddouska
52d6fb575b Merge pull request #395 from cconlon/starttls 
add STARTTLS support to example client
 2016-04-29 14:24:08 -07:00
Chris Conlon
46addfb130 move example client STARTTLS into separate funcs 2016-04-28 14:21:33 -06:00
Chris Conlon
5abeeff919 add STARTTLS support to example client 2016-04-22 13:46:54 -06:00
Takashi Kojo
cab1ebf2d6 move MDK5 current_time to test.h 2016-04-14 18:47:16 +09:00
Takashi Kojo
35c5353698 fixed current_time argument 2016-04-14 16:26:51 +09:00
Takashi Kojo
cfd5af341b fixed test.c compile error and server.c/client.c/ssl.c warnings with MDK5 compiler. 2016-04-12 11:05:30 +09:00
kaleb-himes
1b7cd5cb06 consolidate handling of dead assignment warnings 2016-04-11 13:39:44 -06:00
kaleb-himes
c6e9021732 scan-build warnings related to enable-psk, disable-asn,rsa,ecc 2016-04-11 11:13:26 -06:00
toddouska
63b1282e67 Merge pull request #335 from dgarske/asynccrypt 
Asynchronous crypto and wolf event support
 2016-03-30 20:12:41 -07:00
David Garske
4472152b18 Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files. 2016-03-30 15:15:38 -07:00
Jacob Barthelmeh
696169634e check return value of wolfSSL_set_fd 2016-03-25 13:59:04 -06:00
Jacob Barthelmeh
e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske
e1787fe160 Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo. 2016-03-17 13:31:03 -07:00
Jacob Barthelmeh
060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00
David Garske
0ed26ad262 Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option. 2016-03-08 08:35:28 -08:00
David Garske
2891939098 Remove NO_CERT and NO_CODING. Enable building of the client with leantls. 2016-03-08 08:35:28 -08:00
Jacob Barthelmeh
112cf1f0c9 fix example client help print out 2016-03-02 16:51:57 -07:00
Jacob Barthelmeh
d969e2ba11 automated test for trusted peer certs 2016-03-02 11:42:00 -07:00
Jacob Barthelmeh
05d2cec7c1 addition to api tests and refactor location of trusted peer cert check 2016-03-02 11:35:03 -07:00
kaleb-himes
46b34c19d0 wolfssl.com and google.com now differ in pre-reqs for external test 2016-02-15 13:30:11 -07:00
kaleb-himes
ffe7b38409 correct logic to allow for static RSA if ECC and no Curves 
use same coding standards as the rest of the libraries
 2016-02-10 13:39:59 -07:00