mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,579 Commits 5 Branches 162 Tags
Commit Graph

3579 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toddouska
5c9089651a fix github issue #174 , disable des3 with (else if) logic broken 2015-11-03 12:03:35 -08:00
toddouska
8d4d9ebe12 fix jenkins ec 56 2015-11-03 11:30:56 -08:00
toddouska
37f4fbc000 Merge branch 'openssl-script' 2015-11-02 13:27:20 -08:00
toddouska
fbd4f8a6ed fix merge conflict 2015-11-02 13:26:46 -08:00
toddouska
54a0a3370a fix wolfSSL_Init to only call new wolfCrypt_Init() once 2015-11-02 12:35:43 -08:00
toddouska
a1d1155b0c add missing error strings 2015-11-02 12:18:12 -08:00
toddouska
b13ae543ec bump dev version v3.7.1 2015-11-02 11:15:21 -08:00
Moisés Guimarães
3db5a5f2c2 Merge branch csr into 'master' 2015-11-02 15:54:41 -03:00
Moisés Guimarães
21d70636dc Merge branch csr into 'master' 2015-11-02 15:51:01 -03:00
toddouska
1d32ff2c59 Merge branch 'aes-ni-gcm' 2015-11-02 09:42:10 -08:00
toddouska
28dcef2d71 gcm benchmark results format alignment 2015-11-02 09:39:34 -08:00
John Safranek
f8aeac608c 1. Add C NI-intrinsic AES-GCM encrypt and decrypt. 
2. Fix error string for wolfcrypt test of GMAC.
3. Add AES-GCM Decrypt to benchmark.
 2015-10-30 16:03:26 -07:00
toddouska
5d2d249673 turn on OpenSSL public key type decodes unless explicitly turned off 2015-10-30 13:40:05 -07:00
toddouska
e76f95465d Merge pull request #170 from dgarske/master 
Fixes initialization of the Crypto HW protection, which could leak a …
 2015-10-29 13:56:18 -07:00
Leah
8dfa1af9e9 Merge pull request #169 from lchristina26/master 
updates for VxWorks

Update example client/server to be compatible with VxWorks builds
 2015-10-29 13:50:13 -06:00
lchristina26
5bcb7e98cb readme updates 2015-10-29 13:47:40 -06:00
lchristina26
1a96ff6766 readme updates 2015-10-29 13:45:58 -06:00
lchristina26
4061346f77 more readme updates 2015-10-29 13:44:22 -06:00
lchristina26
dd99948bcd Workbench readme update 2015-10-29 13:41:17 -06:00
lchristina26
723fc3761b Example client/server compatible with VxWorks 2015-10-29 13:39:02 -06:00
David Garske
dacfd84bea Enhanced "ChangeToWolfRoot" to report error if the root was not found. Also fixed the depth limit. 2015-10-29 10:45:37 -07:00
David Garske
f977caa492 Cleanup of the test code that looks for the WolfSSL root directory. Now it tries to open the certs/ntru-cert.pem file in each directory up (limited to 5) until it opens it. 2015-10-28 23:54:08 -07:00
David Garske
d31cec0df0 Fixes initialization of the Crypto HW protection, which could leak a mutex if two calls to "wolfSSL_CryptHwMutexLock()" occurred at the same time prior to calling "wolfSSL_CryptHwMutexInit()". Fixes #164. 2015-10-28 23:07:52 -07:00
Jacob Barthelmeh
2c41a5b961 adjust wolfssl lib value in rpm spec.in v3.7.0 2015-10-28 17:33:31 -06:00
Jacob Barthelmeh
55a56cac05 Release 3.7.0 2015-10-28 15:07:22 -06:00
Moisés Guimarães
3e9fd1c542 Merge branch 'master' into csr 
Conflicts:
	configure.ac
	wolfssl/wolfcrypt/types.h
 2015-10-28 14:34:15 -03:00
Moisés Guimarães
071a452bec fix indentation and enum conflict 2015-10-28 12:20:20 -03:00
lchristina26
a914ca74f2 updates for VxWorks 2015-10-27 21:24:21 -06:00
toddouska
542b59d90a Merge pull request #150 from JacobBarthelmeh/master 
Intel RSA IPP plug in
 2015-10-27 16:57:32 -07:00
Jacob Barthelmeh
8bd228a391 remove libusercrypto.dylib and adjust gitignore 2015-10-27 17:11:31 -06:00
toddouska
5b2fbd9747 Merge pull request #168 from NickolasLapp/uninitWarn 
Fixed gcc variable-mayble-uninitialized warning
 2015-10-27 16:07:12 -07:00
Nickolas Lapp
b7848481a3 Fixed gcc variable-mayble-uninitialized warning 2015-10-27 16:42:19 -06:00
Moisés Guimarães
cddebfa941 changes --enable-statusrequest to --enable-ocspstapling 2015-10-27 19:27:56 -03:00
toddouska
f477168cf7 make it easier for user to define custom bigint types 2015-10-27 14:52:07 -07:00
Jacob Barthelmeh
fa1a356888 add DYNAMIC_TYPE_USER_CRYPTO tag for malloced memory 2015-10-27 13:26:32 -06:00
Moisés Guimarães
8dc154ff71 adds support for TLS downgrading against buggy TLS servers. 
reference: RFC 5246 - TLS 1.2 - Appendix E.1:

   Note: some server implementations are known to implement version
   negotiation incorrectly.  For example, there are buggy TLS 1.0
   servers that simply close the connection when the client offers a
   version newer than TLS 1.0.  Also, it is known that some servers will
   refuse the connection if any TLS extensions are included in
   ClientHello.  Interoperability with such buggy servers is a complex
   topic beyond the scope of this document, and may require multiple
   connection attempts by the client.

   Earlier versions of the TLS specification were not fully clear on
   what the record layer version number (TLSPlaintext.version) should
   contain when sending ClientHello (i.e., before it is known which
   version of the protocol will be employed).  Thus, TLS servers
   compliant with this specification MUST accept any value {03,XX} as
   the record layer version number for ClientHello.

   TLS clients that wish to negotiate with older servers MAY send any
   value {03,XX} as the record layer version number.  Typical values
   would be {03,00}, the lowest version number supported by the client,
   and the value of ClientHello.client_version.  No single value will
   guarantee interoperability with all old servers, but this is a
   complex topic beyond the scope of this document.
 2015-10-27 16:10:23 -03:00
Moisés Guimarães
f37ea955ec improves OCSP response signature verification; 
reference: RFC 2560 -  Section 4.2.2.2  Authorized Responders:

   The key that signs a certificate’s status information need not be the
   same key that signed the certificate. It is necessary however to
   ensure that the entity signing this information is authorized to do
   so.  Therefore, a certificate’s issuer MUST either sign the OCSP
   responses itself or it MUST explicitly designate this authority to
   another entity.
 2015-10-26 19:33:35 -03:00
Moisés Guimarães
a47f98ee19 adds support to nonce extension in OCSP stapling (status request tls extension); 
fix nonce encoding, there was a missing ASN.1 OctetString header;
 2015-10-26 18:11:38 -03:00
Moisés Guimarães
14fa980dad adds contingence plan (force OCSP check when the server answer the status_request extension but doesn't sends a CertificateStatus message); 
adds back status_request to context level;
 2015-10-26 18:11:38 -03:00
Moisés Guimarães
42380793c9 adds comparison of OcspRequest and OcspResponse; 
removes TLS Extension Status Request at context level as specific data is always needed for each session;
 2015-10-26 18:11:38 -03:00
Moisés Guimarães
daf3155d3c adds partial client support to TLS Extension Status Request, a.k.a. OCSP stapling; 
missing:
 - compare OcspRequest and OcspResponse;
 - execute contingence plan;
 - add nonce extension;
 2015-10-26 18:11:38 -03:00
Moisés Guimarães
82f86adb8e renames TLS Extension types to follow the TLSX_ + "extension name" pattern; using names listed by IANA: 
http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml

fixes ocsp response extensions parsing in asn.c;

fixes dir slashes in .gitignore: replaces '\' with '/';

removes trailing white spaces;
 2015-10-26 18:11:38 -03:00
Jacob Barthelmeh
975452f585 configure error out when not finding libraries with fast-rsa 2015-10-26 13:11:11 -06:00
John Safranek
a42308e28a Add function ssl_FreeDecodeBuffer() to release the sniffer allocated data buffer and reset the pointer. 2015-10-26 12:01:21 -07:00
John Safranek
b05332c417 Merge branch 'master' of github.com:wolfSSL/wolfssl 2015-10-26 10:17:46 -07:00
toddouska
f99d3067c9 sniffer dynamic buffer release v3.69.d v3.6.9d 2015-10-23 16:56:17 -07:00
toddouska
ab68f38236 have allocate extra byte in case user wants to null terminate returned plaintext 2015-10-23 16:38:59 -07:00
toddouska
d53b6a9132 handle sniffer realloc failure w/o leak 2015-10-23 16:19:26 -07:00
toddouska
880ec8cb09 sniffer owns data buffer now, user free(s) after use v3.6.9c 2015-10-23 14:12:45 -07:00
toddouska
c90d0d9607 Merge branch 'sniffer' 2015-10-23 14:10:51 -07:00