mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,197 Commits 5 Branches 162 Tags
Commit Graph

403 Commits

Author SHA1 Message Date
toddouska
554af3dcfa
Merge pull request #2151 from JacobBarthelmeh/Testing 
path include adjustment, rename internal OBJ function, and client pri…
 2019-03-11 16:48:19 -07:00
toddouska
6e1b05316d
Merge pull request #2104 from ejohnstown/renegotiation-testing 
Secure Renegotiation
 2019-03-11 12:10:48 -07:00
Jacob Barthelmeh
9c9279817b path include adjustment, rename internal OBJ function, and client print outs added 2019-03-11 09:57:04 -06:00
toddouska
3be4682cda
Merge pull request #2134 from dgarske/fixes_nightly 
Fixes for minor nightly build errors
 2019-03-08 10:15:46 -08:00
Chris Conlon
d699b65a25
Merge pull request #2026 from kojo1/mdk-CMSISv2 
MDK CMSIS RTOSv2
 2019-03-06 09:36:49 -07:00
David Garske
8569d14cb3 Fixes for minor nightly build errors. Missing wc_ecc_fp_free declaration and "Value stored to 'useSupCurve' is never read". 2019-03-01 16:12:08 -08:00
toddouska
e2e3b835d6
Merge pull request #2100 from SparkiDev/tls13_vers 
Support FFDHE in TLS 1.2 and below. Better TLS 1.3 version support.
 2019-02-27 14:55:29 -08:00
Sean Parkinson
8bb4e23f8d Various improvements for testing 
Fix wc_ecc_fp_free() to be called when using HAVE_STACK_SIZE.
Increase size of replyin client.c so all HTTP reply is displayed.
Fix api.c to support only Ed25519 (not RSA and ECC)
Fix suites.c to detect when CA for client won't work (Ed25519 only)
For Static Memory add debugging and small profile.
Also allow realloc to be called with NULL.
Add more Ed25519 certs and keys.
Fix names of Ed25519 filenames for client and server.
Do NOT turn on ECC_SHAMIR by default with lowresource.
Enable WOLFSSL_STATIC_MEMORY_SMALL if low resource and no RSA.
 2019-02-22 17:14:19 +10:00
John Safranek
39626bb349 1. Add a newline to the client's "non-blocking socket and renegotiation" notice. 
2. Add suite test cases for more renegotiation setting combinations.
 2019-02-21 10:06:55 -08:00
Sean Parkinson
b4996e35fa Set MAX_PRF_HALF bigger for large FFDHE parameters 
Stack size measurement is in a thread - free local fp_cache
 2019-02-21 08:09:52 +10:00
John Safranek
f78ba4649b Update the help text so the Japanese translations of the new options are printed. 2019-02-20 11:23:00 -08:00
John Safranek
1f6314746c Secure Renegotiation 
1. Split the wolfSSL_Rehandshake() function into wolfSSL_Rehadshake()
which performs a full handshake on secure renegotiation and
wolfSSL_SecureResume() which performs a session resumption on a
secure renegotiation.
2. Add option to example client to perform a secure resumption instead
of a full secure handshake.
 2019-02-19 15:50:55 -08:00
Sean Parkinson
7aa5cd6f10 Support FFDHE in TLS 1.2 and below. Better TLS 1.3 version support. 
Add support for the fixed FFDHE curves to TLS 1.2. Same curves in TLS
1.3 already. On by default - no checking of prime required.
Add option to require client to see FFDHE parameters from server as per
'may' requirements in RFC 7919.

Change TLS 1.3 ClientHello and ServerHello parsing to find the
SupportedVersions extension first and process it. Then it can handle
other extensions knowing which protocol we are using.
 2019-02-18 14:51:59 +10:00
Takashi Kojo
f8ff68ca7a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2019-02-03 16:19:59 +09:00
toddouska
66987b4f2a
Merge pull request #2058 from SparkiDev/tls13_earlydata_bench 
Added EarlyData support to benchmark loop
 2019-01-25 14:31:54 -08:00
Sean Parkinson
0fe7591b0f Added EarlyData support to benchmark loop 2019-01-24 18:10:56 +10:00
John Safranek
8356c3d7e2 DTLS Nonblocking Updates 
1. Add a second select for tx.
2. Revised tcp_select to work for either rx or tx.
3. Updated client and server to use new tcp_select_tx() for checking the
tx socket if the nonblocking connect/accept would block on transmit.
 2019-01-18 09:15:11 -08:00
John Safranek
f6240e5558 Fix Checks 
1. In the client, check the return code on wolfSSL_CTX_SetMinDhKey_Sz() as it is checked in the server. (Resolves issue #2037.)
2. In HashOutput(), check that the hsHashes exists for the session before hashing. (Resolves issue #2038.)
 2019-01-17 09:52:00 -08:00
Takashi Kojo
cca27f6724 examples/celient.c, server.c: removing unused headers 2019-01-12 07:29:19 +09:00
David Garske
a4a6895900 Fix for scan-build "Value stored to 'err' is never read`" 2019-01-11 09:42:41 -08:00
David Garske
6eea924a5c Fix for non-blocking read timeout. 2019-01-11 08:45:34 -08:00
David Garske
3f46250994 Fix to timeout after 10 seconds in non-blocking mode if connect does not complete. 2019-01-10 17:12:37 -08:00
David Garske
2351047409 Fixes for various scan-build reports. 2018-12-27 11:08:30 -08:00
David Garske
00dd222aa5 Fix for example client with -X external tests to not disable for PSK build unless usePsk is set. Resolves issue with external tests being skipped if building with PSK enabled. 2018-12-21 08:21:59 -08:00
John Safranek
b145aab6b2 Server Side Renegotiation 
1. Fix testing issue with a client using the SCSV cipher suite to indicate desire for renegotiation.
2. Add indication to both the server and client examples that the renegotiation was successful.
 2018-12-05 13:08:24 -08:00
John Safranek
a55f11cdd8 DHE Speed Up 
1. Also apply the setting to the client side.
2. Updated the server and client command line options to use "-2" for disabling the DHE check.
 2018-12-03 13:56:14 -08:00
Takashi Kojo
a203cd4901 NO_MULTIBYTE to NO_MULTIBYTE_PRINT 2018-11-29 07:04:01 +09:00
Takashi Kojo
0e94ae529c Rollback stacing 2018-11-29 06:52:43 +09:00
Takashi Kojo
c529e011a7 NO_MULTIBYTE for multibyte non-supported IDEs 2018-11-26 08:11:31 +09:00
Sean Parkinson
95bd340de5 Add support for more OpenSSL APIs 
Add support for PEM_read and PEM_write
Add OpenSSL PKCS#7 signed data support
Add OpenSSL PKCS#8 Private key APIs
Add X509_REQ OpenSSL APIs
 2018-11-20 07:54:24 +10:00
David Garske
d5dddd2b29 Fix for unused useSupCurve in example client with --disable-ecc. 2018-11-08 15:43:18 -08:00
toddouska
0eb115e7a1
Merge pull request #1884 from kaleb-himes/ECC_DISABLED_TEST_FIX 
Fixes to resolve skipped tests with ECC disabled
 2018-10-24 09:30:47 -07:00
Sean Parkinson
7586e1df42 Only do early data in initial handshake when using PSK 2018-10-24 09:47:30 +10:00
Hideki Miyazaki
6953677a8f Keep the max line length to 80 2018-10-20 17:15:17 +09:00
Hideki Miyazaki
a27b4c2efb Added Japanese message into the examples client and server 2018-10-20 13:40:01 +09:00
David Garske
4a4ae446aa Fix for unit.test fails with -H verifyFail. 2018-10-18 11:58:00 -07:00
David Garske
d7d102d90a Added cipher suite unit tests for max fragment options 1-6 for TLS v1.2 and DTLS v1.2. Fix for client usage comment for max fragment. 2018-10-16 16:47:24 -07:00
David Garske
4adaeb8585 Added new 256-byte max fragment option WOLFSSL_MFL_2_8. 2018-10-15 17:06:21 -07:00
David Garske
0293686990 Added example client/server support for loading certificate and private key into WOLFSSL object using -H loadSSL. Added load_ssl_buffer function to load buffers into WOLFSSL objects. Changed wolfSSL_get_SSL_CTX API to always be exposed. Added TEST_LOAD_BUFFER build option to use the load_buffer and load_ssl_buffer calls for example client/server. 2018-10-09 12:54:41 -07:00
David Garske
bbdb17975c Adds build option WOLFSSL_EITHER_SIDE for deferring the "side" of the TLS session until first connect or accept. Added the DTLS generic v1.0 and v1.2 methods for "either" side. Added "either" methods unit tests. Added "either" -v e support to example client/server. Fix to expose wolfSSL_use_certificate_file and wolfSSL_use_PrivateKey_file without OPENSSL_EXTRA. Cleanup of the methods for (void)heap and log messages. Spelling fixes. 2018-10-04 15:47:50 -07:00
David Garske
24f9f12844 Fix for the curve logic to pick the hightest strength, not just the default 256-bit. Added test for setting user curve. ./examples -H useSupCurve. 2018-09-21 09:27:48 -07:00
Chris Conlon
085daa78cd
Merge pull request #1833 from dgarske/norng_fixes 
Fixes for building without RNG enabled
 2018-09-18 14:52:21 -06:00
David Garske
77cd361bca Fixes for building with WC_NO_RNG. 2018-09-13 13:23:55 -07:00
John Safranek
b330c6e035
Merge pull request #1801 from kaleb-himes/OCSP-GLOBALSIGN-FIXr2 
Address issues when testing with WOLFSSL_OCSP_TEST set
 2018-09-12 11:36:41 -07:00
kaleb-himes
3729b12fae Address issues when testing with WOLFSSL_OCSP_TEST set 2018-08-30 14:44:49 -06:00
David Garske
3d0d10345a Added test cases for ensuring forced error fails on client and server. Added test cases to ensure bad certificate can be overriden. 2018-08-30 11:17:21 -07:00
Sean Parkinson
487c60df78 Fixes to work when compiled with TLS 1.3 only 
TLS 1.3 Early Data can be used with PSK and not session tickets.
If only TLS 1.3 and no session tickets then no resumption.
External sites don't support TLS 1.3 yet.
 2018-08-28 15:37:15 +10:00
Sean Parkinson
506c858ed6 Add memory usage tracking and logging 
Add WOLFSSL_MEMORY_TRACKING to report allocations and frees with the
type.
Fix places where memory can be freed earlier.
 2018-08-21 08:54:57 +10:00
toddouska
0f539616be
Merge pull request #1766 from JacobBarthelmeh/UnitTests 
cleanup with test cases and access to FP_MAX_BITS
 2018-08-20 09:19:14 -07:00
toddouska
555714afa3
Merge pull request #1764 from SparkiDev/tls13_psk_cb 
Separate PSK callback for TLS 1.3
 2018-08-20 09:17:01 -07:00