wolfssl

Author	SHA1	Message	Date
David Garske	5801e7773b	Merge pull request #2108 from miyazakh/server_help_in_jp fixed examples/server to take additional parameter for "-?"	2019-02-21 05:55:32 -08:00
Hideki Miyazaki	b68eab6450	fixed to take additioanl option for -?	2019-02-21 13:44:08 +09:00
toddouska	9c9221432f	Merge pull request #2087 from ejohnstown/aesgcm Update TLS for AES-GCM/CCM changes	2019-02-20 11:43:06 -08:00
toddouska	b8dc772ef8	Merge pull request #2105 from dgarske/fix_stm_aesgcm Fix for STM32 AES GCM	2019-02-20 09:23:11 -08:00
toddouska	3013cdd925	Merge pull request #2095 from SparkiDev/asm_macosx Get Mac OS X working with the x86_64 assembly files	2019-02-20 09:19:29 -08:00
toddouska	025fba8ec6	Merge pull request #2093 from dgarske/tls13_async_dh Fix for TLSv1.3 with DH key share when using QAT	2019-02-20 09:16:54 -08:00
toddouska	5d667ed1b8	Merge pull request #2075 from SparkiDev/port_zephyr Zephyr port of crypto	2019-02-20 09:10:04 -08:00
David Garske	ba14564c49	Fix for STM32 AES GCM, which was incorrectly using software crypto when `authInSz != 16`. The `wc_AesGcmEncrypt_STM32` and `wc_AesGcmDecrypt_STM32` functions correctly handle all variations of `authInSz`.	2019-02-19 15:38:09 -08:00
David Garske	c2fbef2f7f	Refactor to populate `preMasterSz` on XMALLOC. Fix for `DoClientKeyExchange` and `ecdhe_psk_kea`, which assumes `preMasterSz` is zero. Fix for TLS v1.3 resumption not properly setting `preMasterSz`. Removed for TLS v1.3 PSK setup test for `preMasterSz == 0`, which is not required. Spelling fixes for tls13.c.	2019-02-19 13:01:21 -08:00
David Garske	dc1f0d7822	Fix for DH with QuickAssist to only use hardware for supported key sizes. Fix in random.c for seed devId when building async without crypto callbacks.	2019-02-19 11:57:55 -08:00
Sean Parkinson	e3997558a9	Fixes from review and added REAMEs and setup.sh Add README.md and setup.sh. Add READMEs with license information.	2019-02-19 11:47:45 +10:00
Sean Parkinson	5e1eee091a	Add threaded samples using buffers and sockets	2019-02-19 11:47:45 +10:00
Sean Parkinson	4302c02e67	Include zephyr directories in the release	2019-02-19 11:47:44 +10:00
Sean Parkinson	2c447b24cd	Fixes from review and add IDE files	2019-02-19 11:47:44 +10:00
Sean Parkinson	3366acc9ce	Zephyr port of crypto	2019-02-19 11:47:44 +10:00
John Safranek	c0d1241786	Modify the TLSv1.3 calls to the AES-GCM and AES-CCM encrypt functions to use the FIPS compatible APIs with external nonce.	2019-02-15 13:52:23 -08:00
toddouska	25dd5882f8	Merge pull request #2094 from dgarske/ecdsa_der_len Adds strict checking of the ECDSA signature DER encoding length	2019-02-15 10:53:57 -08:00
toddouska	7275ee5f19	Merge pull request #2089 from SparkiDev/tls13_sup_ver Make SupportedVersions respect SSL_OP_NO_TLSv*	2019-02-15 10:36:32 -08:00
toddouska	d9a5898e91	Merge pull request #2082 from SparkiDev/parse_kse Fix length passed to key share entry parsing	2019-02-15 10:31:14 -08:00
toddouska	c04cade97c	Merge pull request #2083 from JacobBarthelmeh/Testing Expected Configurations Test - NIGHTLY BUILD #505	2019-02-15 10:23:55 -08:00
Sean Parkinson	16f31cf8c6	Get Mac OS X working with the x86_64 assembly files	2019-02-15 15:08:47 +10:00
Sean Parkinson	e47797f700	Make SupportedVersions respect SSL_OP_NO_TLSv*	2019-02-15 08:26:03 +10:00
David Garske	a9f29dbb61	Adds strict checking of the ECDSA signature DER encoding length. With this change the total signature size should be (sequence + r int + s int) as ASN.1 encoded. While I could not find any "must" rules for the signature length I do think this is a good change. If the old length checking method is desired `NO_STRICT_ECDSA_LEN` can be used. This would allow extra signature byes at the end (unused and not altering verification result). This is kept for possible backwards compatibility. Per RFC6979: `How a signature is to be encoded is not covered by the DSA and ECDSA standards themselves; a common way is to use a DER-encoded ASN.1 structure (a SEQUENCE of two INTEGERs, for r and s, in that order).` ANSI X9.62: ASN.1 Encoding of ECDSA: ``` ECDSA-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER } ``` Fixes #2088	2019-02-14 12:05:34 -08:00
John Safranek	e2d7b402e7	Update so TLSv1.3 will work. Needed to make the implicit IVs full sized when copying. Added a flag to SetKeys() to skip the IV set (used for TLSv1.3).	2019-02-14 12:04:32 -08:00
John Safranek	3223920fd9	Add a guard for AES-GCM and AES-CCM for the change in Encrypt for the AES-AEAD type and macros.	2019-02-14 12:04:05 -08:00
John Safranek	cd7f8cc653	Update AES-GCM/CCM use in TLS with a wrapper to select the correct API depending on using old FIPS, or non-FIPS/FIPSv2.	2019-02-14 12:04:05 -08:00
John Safranek	67e70d6cb6	Update TLS to use the new AES-GCM and AES-CCM APIs that output the IV on encrypt rather than take the IV as an input.	2019-02-14 12:04:05 -08:00
David Garske	64cb07557d	Merge pull request #2091 from SparkiDev/pkcs11_fixes Fix PKCS #11 AES-GCM and handling of unsupported algorithms	2019-02-14 09:49:02 -08:00
Sean Parkinson	5856d6b3dc	Fix PKCS #11 AES-GCM and handling of unsupported algorithms	2019-02-14 17:06:15 +10:00
Jacob Barthelmeh	275667f0e9	remove ocsp attempt with ipv6 enabled	2019-02-13 19:01:09 -07:00
toddouska	46bb2591c8	Merge pull request #2070 from dgarske/fix_cryptocb Fixes and improvements to Crypto Callbacks and STM32 RNG performance	2019-02-13 12:44:19 -08:00
David Garske	d98ebc4da2	Reverted the `Hmac_UpdateFinal` change to call final as it causing constant timing issues. Improved the `wc_HmacFree` to handle the case were final isn't called for Crypto callbacks.	2019-02-13 10:24:53 -08:00
toddouska	272181bc2e	Merge pull request #2086 from dgarske/atecc_makekey Fix for ATECC make key case when `curve_id == 0`	2019-02-13 09:52:54 -08:00
toddouska	817b82e453	Merge pull request #2084 from cconlon/cmsFeb19 Changes for CMS signedData default signed attributes	2019-02-13 09:49:55 -08:00
Chris Conlon	1fab970316	Merge pull request #2085 from miyazakh/esp-idf_fix_script modified esp-idf setup script to avoid unnecessary file copy	2019-02-13 08:01:13 -07:00
David Garske	95db819d45	Fixes for warnings when building with `--enable-pkcs11`.	2019-02-12 16:05:48 -08:00
David Garske	e0b46734d6	Enhnacement to the tls_bench tool to support new `-S` command to indicate total size of data to exchange. Previously was just sending one packet back and forth. Imporved the shutdown handling code.	2019-02-12 16:03:10 -08:00
David Garske	1a8388641d	Change new hash SetFlag/GetFlag API's to private.	2019-02-12 16:03:10 -08:00
David Garske	c9521b56f2	Fix warning about `HAL_RNG_GenerateRandomNumber` type.	2019-02-12 16:03:10 -08:00
David Garske	eb8a2f3a03	Minor fixes to CryptoCb wolfCrypt test for AES test and hash support for update/final in same callback.	2019-02-12 16:03:10 -08:00
David Garske	454687f429	Fix for TLS HMAC constant timing to ensure final is called for dummy operations. Added devCtx to AES for CryptoCb.	2019-02-12 16:03:10 -08:00
David Garske	dcdb1d7094	Added flag to indicate if hash is copied.	2019-02-12 16:03:10 -08:00
David Garske	e7b23646a5	Updates to HMAC crypto callback support to capture raw KEY and require hmac struct.	2019-02-12 16:03:10 -08:00
David Garske	838652c03b	Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake.	2019-02-12 16:03:10 -08:00
David Garske	40a7bcfc20	Fix for new random seed crypto callback to properly reset error code in NOT_COMPILED_IN case.	2019-02-12 16:03:10 -08:00
David Garske	88d3abb1e6	Added Crypto callback HMAC support.	2019-02-12 16:03:10 -08:00
David Garske	18d5b3393c	Correct NULL cryptocb case.	2019-02-12 16:03:10 -08:00
David Garske	891abe130a	Added Crypto callback support for ASN `CalcHashId`. Added arg checking to cryptocb functions.	2019-02-12 16:03:10 -08:00
David Garske	9fc0610720	Fix to ensure hash devCtx is cleared.	2019-02-12 16:03:10 -08:00
David Garske	7e3082906e	Fix for ensuring devId is passed into symmetric init.	2019-02-12 16:03:10 -08:00

1 2 3 4 5 ...

9067 Commits