mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,104 Commits 5 Branches 162 Tags
Commit Graph

6104 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dgarske
8b55122ba0 Merge pull request #1024 from JacobBarthelmeh/UnitTests 
adjust size of test buffer
 2017-07-13 16:48:00 -07:00
dgarske
a0e918c350 Merge pull request #1022 from JacobBarthelmeh/curve25519 
build for ed25519 only
 2017-07-13 12:30:26 -07:00
Jacob Barthelmeh
ba48221c41 adjust size of test buffer 2017-07-13 13:21:09 -06:00
dgarske
af8b96e277 Merge pull request #1021 from toddouska/zeroret 
don't treat peer closed / zero return as hard error in example servers
 2017-07-13 09:11:31 -07:00
toddouska
4491102eed Merge pull request #1018 from dgarske/fix_tfm_rusb_max 
Fix for fast math `fp_read_unsigned_bin` function to check max size
 2017-07-13 09:27:02 -06:00
David Garske
d559eb0f4f Fix for fast math fp_read_unsigned_bin function to check max and correctly set a->used (is handled in fp_mul_2d). 2017-07-12 16:39:26 -07:00
Chris Conlon
43260f02f4 Merge pull request #1020 from toddouska/null 
add NULL checks to check_domain_name()
 2017-07-12 14:58:07 -07:00
toddouska
b12e3c6579 Merge pull request #1019 from JacobBarthelmeh/Testing 
update AES CTR API with ARMv8 port
 2017-07-12 15:57:25 -06:00
Jacob Barthelmeh
c4fe67b633 build for ed25519 only 2017-07-12 15:53:11 -06:00
JacobBarthelmeh
b4f9c46069 Merge pull request #1011 from dgarske/fixes_armv8 
Fixes for building ARMv8 (--enable-armasm)
 2017-07-12 15:44:31 -06:00
toddouska
19787e6d4f don't treat peer closed / zero return as hard error in example servers 2017-07-12 14:15:16 -06:00
David Garske
c777097e54 Fix wc_AesGcmDecrypt arg check for authIn. 2017-07-12 09:49:27 -07:00
toddouska
b02c995fff add NULL checks to check_domain_name() 2017-07-12 10:16:31 -06:00
David Garske
5bb8de627e Fixes based on peer review (thanks). 2017-07-12 09:04:10 -07:00
toddouska
43ad30d364 Merge pull request #1016 from dgarske/fix_harden 
Warn if hardening options are not defined and not disabled using `WC_NO_HARDEN`
 2017-07-12 09:27:32 -06:00
toddouska
dc5e6f789d Merge pull request #1017 from dgarske/bigend 
Fix for big endian seg fault in `SendCertificateVerify`
 2017-07-12 09:25:25 -06:00
Jacob Barthelmeh
9d7e8a83c9 update AES CTR API with ARMv8 port 2017-07-11 17:13:32 -06:00
toddouska
7853440d89 Merge pull request #1015 from dgarske/config_ignore_cleanup 
Improve the Git ignore formula for `config`
 2017-07-11 15:42:08 -07:00
toddouska
3ff088b92f Merge pull request #1014 from dgarske/atecc508a 
Fixes for building with ATECC508A
 2017-07-11 15:41:05 -07:00
jrblixt
00724c95a9 Add RSA to unit test. 2017-07-11 09:57:33 -06:00
Chris Conlon
f8c0a52170 Merge pull request #996 from jrblixt/unitTest_api_addAes-PR06152017 
Unit test api add AES.
 2017-07-11 08:36:13 -07:00
David Garske
69e9aa29f2 Fix for big endian platform in SendCertificateVerify where seg fault occurred due to passing a int pointer to a word16 pointer, which caused wrong bits to get set. Fix to replace int with word16. Tests pass now. Also searched for other (word16*)& scenarios and only other place was in ntru code, which was also fixed. 2017-07-10 20:00:37 -07:00
David Garske
a5cdbb18cb Reworked the AES Key Wrap to use existing code in aes.c (instead of duplicating code in armv8-aes.c). Cleanup for GE/FE math on 32-bit to remove duplicate #ifdef check. Fixed AES GCM arg check for authIn to allows NULL. 2017-07-10 19:12:41 -07:00
David Garske
792fcefbb7 Fix to not warn about WC_RSA_BLINDING in FIPS mode. Add WC_RSA_BLINDING to Windows user_settings.h. 2017-07-10 18:41:22 -07:00
David Garske
171796e8e2 Fix up for building without ./configure to warn if hardening options are not enabled. Currently ./configure defaults to --enable-harden, but if building sources directly and using settings.h or user_settings.h the hardening defines will not be set by default. If a user wants to use without hardening they can suppress the warning by defining WC_NO_HARDEN. 2017-07-10 14:40:07 -07:00
David Garske
cebcee34dd Improve the Git ignore formula for config. Fixes issue #1012. 2017-07-10 14:21:19 -07:00
dgarske
f9c949e7e5 Merge pull request #871 from danielinux/rm-wolfssl.pc 
Remove automatically generated file wolfssl.pc
 2017-07-10 14:16:48 -07:00
David Garske
58c05123da Fixes for building with ATECC508A. Allow ECC check key to pass if slot numb is valid. 2017-07-10 11:07:24 -07:00
David Garske
205da48416 Fixes for building ARMv8. Adds missing SHA224 and AES KeyWrap. Fixes for FE/GE warning with Aarch32. Fix possible build error with ed25519_test with ret not defined. 2017-07-07 15:12:51 -07:00
toddouska
b6854d620f Merge pull request #1009 from dgarske/fix_tls13_async_aes 
Fix problem with async TLS 1.3 and raw AES encryption key change
 2017-07-06 15:39:22 -07:00
toddouska
626eeaa63d Merge pull request #1005 from SparkiDev/nginx-1.13.2 
Changes for Nginx
 2017-07-06 14:33:46 -07:00
jrblixt
ced45ced41 Changes requested by Chris. 2017-07-06 13:42:54 -06:00
Sean Parkinson
31ac379c4f Code review fixes 
Change verify depth and set curve to be compiled in whe using:
OPENSSL_EXTRA
Fix comparison of curve name strings to use ecc function.
Fix verify depth check when compiling with both OPENSSL_EXTRA and
WOLFSSL_TRUST_PEER_CERT.
 2017-07-06 15:32:34 +10:00
toddouska
4b9069f786 Merge pull request #1008 from dgarske/fix_async_frag 
Fixes for using async with max fragment
 2017-07-05 11:00:26 -07:00
toddouska
e767d40656 Merge pull request #1006 from cconlon/mqx 
Update MQX Classic, mmCAU Ports
 2017-07-05 10:30:20 -07:00
David Garske
df119692d1 Fixes for using async with HAVE_MAX_FRAGMENT or --enable-maxfragment which affected TLS 1.2/1.3. Added TLS 1.2 test for using max fragment. 2017-07-03 19:57:37 -07:00
Sean Parkinson
5bddb2e4ef Changes for Nginx 
Support TLS v1.3 clients connecting to Nginx.
Fix for PSS to not advertise hash unless the signature fits the private
key size.
Allow curves to be chosen by user.
Support maximum verification depth (maximum number of untrusted certs in
chain.)
Add support for SSL_is_server() API.
Fix number of certificates in chain when using
wolfSSL_CTX_add_extra_chain_cert().
Allow TLS v1.2 client hello parsing to call TLS v1.3 parsing when
SupportedVersions extension seen.
Minor fixes.
 2017-07-04 09:37:44 +10:00
toddouska
2939fbe242 Merge pull request #1004 from dgarske/fix_qat_dh 
Fixes for QAT with DH and HMAC
 2017-07-03 12:31:48 -07:00
Moisés Guimarães
1729e0205f reads _CADATA from file 2017-07-03 12:39:42 -03:00
Moisés Guimarães
54177c14b4 imports certs from ./certs 2017-07-03 12:31:47 -03:00
Moisés Guimarães
bba3fcf772 removes certs 2017-07-03 12:22:22 -03:00
David Garske
c9a2c4ef02 Fix problem with async TLS 1.3 with hardware where encryption key is referenced into ssl->keys and changes before it should be used. Solution is to make raw copy of key and IV for async AES. 2017-06-30 16:41:01 -07:00
David Garske
6a695b76cb Fixed server side case for DH agree issue with QAT hardware where agreeSz is not set. Fix to allow QAT start failure to continue (this is useful since only one process can use hardware with default QAT configuration). 2017-06-30 11:48:59 -07:00
David Garske
a025417877 Fix issue with QAT and DH operations where key size is larger than block size. Fix issue with DhAgree in TLS not setting agreeSz, which caused result to not be returned. Renamed the internal.c HashType to HashAlgoToType static function because of name conflict with Cavium. Optimize the Hmac struct to replace keyRaw with ipad. Enable RNG HW for benchmark. Fixed missing AES free in AES 192/256 tests. 2017-06-30 11:35:51 -07:00
JacobBarthelmeh
a3375ef961 Merge pull request #997 from NickolasLapp/master 
Updates to Linux-SGX README, and disable automatic include of
 2017-06-30 11:48:12 -06:00
dgarske
d956181911 Merge pull request #1003 from jrblixt/asn_cMemLeak-fix 
Fix possible memory leak in wc_SetKeyUsage.
 2017-06-29 15:28:53 -07:00
jrblixt
baf6bdd6e1 asn.c memory leak fix. 2017-06-29 14:55:19 -06:00
toddouska
31e1d469c0 Merge pull request #1002 from SparkiDev/tls13_imprv 
Improvements to TLS v1.3 code
 2017-06-29 09:21:20 -07:00
Chris Conlon
bba914f92e protect wolfSSL_BN_print_fp with NO_STDIO_FILESYSTEM 2017-06-29 08:52:45 -06:00
Sean Parkinson
d2ce95955d Improvements to TLS v1.3 code 
Reset list of supported sig algorithms before sending certificate
request on server.
Refactored setting of ticket for both TLS13 and earlier.
Remember the type of key for deciding which sig alg to use with TLS13
CertificateVerify.
RSA PKCS #1.5 not allowed in TLS13 for CertificateVerify.
Remove all remaining DTLS code as spec barely started.
Turn off SHA512 code where decision based on cipher suite hash.
Fix fragment handling to work with encrypted messages.
Test public APIS.
 2017-06-29 09:00:44 +10:00