mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,067 Commits 5 Branches 162 Tags
Commit Graph

9067 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
dad88b4c81 Improvements to the STM32L4 random generation code for improved performance and error handling. Added new WOLFSSL_STM32_RNG_NOLIB define to support generic STM32 series RNG without external ST library. 2019-02-12 16:03:10 -08:00
Chris Conlon
08bcef7c0c adjust wolfSSL_PKCS7_verify API test 2019-02-12 14:48:49 -07:00
Kaleb Himes
f824c8c769
Merge pull request #2077 from ejohnstown/ocsp-ecdsa 
OCSP and ECDSA Signers
 2019-02-12 09:50:37 -07:00
David Garske
acb983a154 Fix for ATECC make key case when curve_id == 0 (default). ZD 4383 2019-02-12 08:34:34 -08:00
toddouska
feae776ee3
Merge pull request #2078 from SparkiDev/ssl_priv_id 
Support in SSL for setting a private key id
 2019-02-12 07:56:47 -08:00
Hideki Miyazaki
e5f94e5884 modified script to avoid unnecessary file copy 2019-02-12 10:37:30 +09:00
Sean Parkinson
66ab6d8c22 Check FindObjectFinal call for error 2019-02-12 09:07:14 +10:00
Jacob Barthelmeh
acc0121e0f account for WOLF_C99 with ipv6 test cases 2019-02-11 15:07:12 -07:00
Chris Conlon
fb6aaf2ae2 rearrange order of default CMS SignedData signed attributes for better interop compatibility 2019-02-11 14:48:37 -07:00
Chris Conlon
56736a3563 always include default signed attributes for CMS SignedData bundles, add function to remove if needed 2019-02-11 14:41:32 -07:00
toddouska
4e5ea71118
Merge pull request #2081 from dgarske/dh_max_sz 
Fix to detect maximum DH key size
 2019-02-11 13:21:08 -08:00
Sean Parkinson
e86aae00ed Change to allow setting of devId for private key 2019-02-11 12:37:44 +10:00
Sean Parkinson
47922a4d87 Support in SSL for setting a private key id 
Works with PKCS #11 to use key on device.
 2019-02-11 10:38:38 +10:00
Sean Parkinson
88050de1ff Fix length passed to key share entry parsing 2019-02-11 08:29:28 +10:00
David Garske
dd32df5df1
Merge pull request #2080 from kaleb-himes/ZD4795 
fix typo revcd vs recvd and spell out to avoid confusion: received
 2019-02-08 17:38:48 -08:00
David Garske
aa21a0e6df Fix to increase maximum DH key size if using fast math and FP_MAX_BITS supports it. 2019-02-08 17:36:40 -08:00
kaleb-himes
b6d322cd14 fix typo revcd vs recvd and spell out to avoid confusion: received 2019-02-08 14:27:19 -07:00
John Safranek
6298074f93 OCSP and ECDSA Signers 
OCSP uses an identified hash of the issuer's public key to identify the
certificate's signer. (Typically this is SHA-1, but can be any SHA
hash.) The AKID/SKID for the certificates usually are the SHA-1 hash of
the public key, but may be anything. We cannot depend on the AKID for
OCSP purposes. For OCSP lookups, wolfSSL calculates the hash of the
public key based on the copy saved for use with the handshake signing.
For RSA, that was fine. For ECDSA, we use the whole public key including
the curve ID, but for OCSP the curve ID isn't hashed. Stored the hash of
the public key at the point where we are looking at the key when reading
in the certificate, and saving the hash in the signer record.
 2019-02-07 17:34:25 -08:00
toddouska
e52f4494f0
Merge pull request #2069 from dgarske/fix_8192 
Fixes for handling 6144 and 8192 bit with TLS v1.3
 2019-02-07 15:02:40 -08:00
toddouska
4f4d16d9e5
Merge pull request #2068 from dgarske/pkcs7_verify_degenerate 
Fixes to handle degenerate PKCS 7 with BER encoding
 2019-02-07 15:00:21 -08:00
Jacob Barthelmeh
8666b7de9a add test-ber-exp02-05-2022.p7b file for test 2019-02-06 11:11:27 -07:00
Jacob Barthelmeh
ec28376e7f add PKCS7 BER verify test and fix for streaming 2019-02-06 11:05:15 -07:00
David Garske
f61d99526b
Merge pull request #2072 from JacobBarthelmeh/Testing 
fix macro with pic32 mx build
 2019-02-04 17:11:13 -08:00
David Garske
53bf510740
Merge pull request #2073 from JacobBarthelmeh/Jenkins 
fix typo with getting cipher suite : Jenkins Nightly Build test 499
 2019-02-04 17:10:57 -08:00
Jacob Barthelmeh
be4d6bc204 fix typo with getting cipher suite 2019-02-04 10:53:59 -07:00
Sean Parkinson
390f3f5fca
Merge pull request #4 from SparkiDev/pr_2069 
Disallow SupportedGroups in ServerHello for TLS 1.3
 2019-02-04 09:05:36 +10:00
Sean Parkinson
b7179c2a54 Disallow SupportedGroups in ServerHello for TLS 1.3 
But allowed when downgrading to TLS 1.2.
 2019-02-04 09:04:11 +10:00
toddouska
73fbf845f2
Merge pull request #2066 from SparkiDev/sec_reneg_scsv 
Fix empty renegotiation info ciphersuite handling
 2019-02-01 10:05:59 -08:00
toddouska
8fc1780688
Merge pull request #2065 from SparkiDev/ossl_fix1 
Changes to make symbols available for OpenSSL compat
 2019-02-01 10:04:41 -08:00
toddouska
14a2343118
Merge pull request #2064 from SparkiDev/tls13_dhkeysz 
Set the DH key size for TLS 1.3 when secret calculated
 2019-02-01 10:04:15 -08:00
toddouska
4a5652f318
Merge pull request #2061 from SparkiDev/x86_asm_not_in_c 
Pull out x86_64 ASM into separate files
 2019-02-01 10:01:34 -08:00
toddouska
1258467b0a
Merge pull request #2054 from SparkiDev/pkcs11_rng 
Add support for random and getting entropy (seed) with PKCS#11
 2019-02-01 09:59:12 -08:00
toddouska
4a177a8a30
Merge pull request #1997 from tmael/portingDeos 
Initial Deos RTOS port
 2019-02-01 09:56:55 -08:00
David Garske
c080050c80 Fix to detect larger key size requirement based on FP_MAX_BITS. Fix for TLSv1.3 to allow server_hello for TLSX_SUPPORTED_GROUPS. ZD 4754. 2019-02-01 09:53:30 -08:00
David Garske
c82d11f47d Cleanup of the PKCS7 stream long rc and braces. 2019-01-31 14:37:25 -08:00
David Garske
3a0afc3506 Fixes to handle degenerate PKCS 7 with BER encoding in PKCS7_VerifySignedData. Fix for PKCS7 API unit test with SHA512 disabled. ZD 4757. 2019-01-31 14:36:46 -08:00
Sean Parkinson
7822cef1ac Pull out x86_64 ASM into separate files 2019-01-29 13:08:24 +10:00
Sean Parkinson
e8b46caf75 Fix empty renegotiation info ciphersuite handling 2019-01-29 12:51:49 +10:00
Sean Parkinson
574238dea0 Set the DH key size for TLS 1.3 when secret calculated 2019-01-29 08:59:49 +10:00
Chris Conlon
0b2bbc33bd
Merge pull request #2059 from miyazakh/openssl_bksize_digest 
Added EVP_MD_CTX_block_size and exposed EVP_Digest()
 2019-01-28 15:17:26 -07:00
John Safranek
1288036dbe
Merge pull request #2047 from kojo1/freeCRL 
wolfSSL_CertManagerFreeCRL: exposing FreeCRL
 2019-01-25 16:08:31 -08:00
Tesfa Mael
5c6b42e60d cast to a char 2019-01-25 15:30:09 -08:00
toddouska
66987b4f2a
Merge pull request #2058 from SparkiDev/tls13_earlydata_bench 
Added EarlyData support to benchmark loop
 2019-01-25 14:31:54 -08:00
toddouska
67f615f42f
Merge pull request #2053 from dgarske/warn_secrets 
Show warning if secrets debugging options are enabled
 2019-01-25 14:26:47 -08:00
toddouska
0d8ca06928
Merge pull request #2052 from dgarske/atecc_fixes 
Fixes for ATECC with PMS outlen and `ATECC_MAX_SLOT`
 2019-01-25 14:26:09 -08:00
Jacob Barthelmeh
61e8d1ab92 fix macro with pic32 mx build 2019-01-25 14:13:51 -07:00
Hideki Miyazaki
e4abcc0a15 fixed api unit test 2019-01-25 09:38:19 +09:00
Hideki Miyazaki
53adb93ae4 Added EVP_MD_CTX_block_size and publicized EVP_Digest() 2019-01-25 09:05:36 +09:00
Sean Parkinson
743f8b576f Add support for random and getting entropy (seed) with PKCS#11 
Getting the seed from a device has been added.
If the HASH_DRBG is available, PKCS#11 will be used for generating the
seed.
Otherwise, all generated random data will come from PKCS#11 device.
 2019-01-25 08:01:30 +10:00
Sean Parkinson
0fe7591b0f Added EarlyData support to benchmark loop 2019-01-24 18:10:56 +10:00