Commit Graph

479 Commits

Author SHA1 Message Date
John Safranek
5e516cc2e0 Merge branch 'master' into fipsv2 2018-06-12 10:10:50 -07:00
Sean Parkinson
b7caab938e Fix post authentication for TLS 1.3 2018-06-12 09:49:23 +10:00
John Safranek
a6dd93aa2e Removed replaced the last two references to "CYASSL" macros with "WOLFSSL" in the example server. 2018-06-06 13:14:06 -07:00
John Safranek
7e9a32fffd FIPS Revalidation
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
2018-06-06 12:43:15 -07:00
Sean Parkinson
ba8e441e53 Allow TLS 1.2 to be compiled out. 2018-05-25 11:00:00 +10:00
toddouska
453daee965
Merge pull request #1523 from SparkiDev/ed25519_key
Allow Ed25519 private-only keys to work in TLS
2018-05-24 09:56:17 -07:00
John Safranek
0315b378f5 Fix TCP with Timeout
Updated example client and server to use the new wolfSSL_dtls_set_using_nonblock() function.
2018-05-23 16:07:45 -07:00
Sean Parkinson
58f523beba Allow Ed25519 private-only keys to work in TLS
Change Ed25519 in TLS 1.2 to keep a copy of all the messages for
certificate verification - interop with OpenSSL.
2018-05-24 08:43:28 +10:00
John Safranek
3685b7b176 Test Fixes
1. AesGcmEncrypt_ex requires the RNG, remove function if RNG disabled.
2. Fix a couple function name changes in the example server.
3. Removed the old FIPS wrapping added to dh.h, was redundant.
4. Move include of random.h in the aes.h file.
5. Fix where ecc.c was being left out of old FIPS builds.
6. Exclude the AES-GCM internal IV test case when building without the RNG.
7. Fix api test where AES-GCM Encrypt was called with a too-long IV in old FIPS mode. Non-FIPS and new FIPS are allowed longer IVs.
2018-05-16 15:47:12 -04:00
John Safranek
f6fe3744a7 FIPS Update
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-05-16 15:47:12 -04:00
toddouska
6e5258b56e
Merge pull request #1538 from dgarske/fixmatchdomainnull
Fix for handling match on domain name that may have a null terminator inside
2018-05-04 10:25:28 -07:00
David Garske
3fd47bdff3 Fix for example client/server with -H exitWithRet option to make sure all cleanup is performed. Resolves valgrind report due to TicketCleanup() not being called. 2018-05-03 13:39:37 -07:00
David Garske
325402cf5a Minor fix for the expected failure case use of ssl after free. Renamed skipExit to exitWithRet. 2018-05-03 10:02:59 -07:00
David Garske
89a4c98670 * Added support for expected fail test cases with example client/server and suites unit test.
* Added test for certificate with bad alt name containing a null character mid byte stream.
* Fix for issue with suites unit test where last arg in file doesn't conain data for a param, causing it to skip test.
* Fix for last test in tests/test.conf not being run for `TLSv1.2 RSA 3072-bit DH 3072-bit`.
* Moved the `tls-cert-fail.test` tests into the new expected failure suite test (`./tests/test-fails.conf`). Now it explicilty checks RSA and ECC for the no signer and no sig tests.
2018-05-03 09:40:51 -07:00
Sean Parkinson
5845482fc0 Fixes for tests
Fix the benchmark client to set all groups supported.
Fix TLS 1.3 test script to work on PPC - check counter in separate test.
2018-05-01 14:27:38 +10:00
toddouska
5c61810d4d
Merge pull request #1497 from SparkiDev/tls13_draft28
Tls13 draft28
2018-04-25 10:17:37 -07:00
thivyaashok
7d425a5ce6 Added support for an anonymous cipher suite (#1267)
* Added support for cipher suite TLS_DH_anon_WITH_AES256_GCM_SHA384
* Added test cases for verification of anonymous cipher suite
2018-04-20 10:35:37 -07:00
Sean Parkinson
94157634e1 TLS 1.3 fixes/improvements
Support Draft 28: able to compile code to return BAD_BINDER if no PSKs
match and certificates not to be used.
Change key share implementation to use server preference - server now
checks each client key share's group is in supported_groups extension.
Client and server examples modified to support server preference.
Application can set client's and server's supported groups by rank.
Server's supported groups is sent back in encrypted_extensions if
preferred group is not in client's list - able to be turned off at
compile time.
Application can query server's preferred group from client.
Able to compile using 0x0304 as version instead of draft version.
Fix state machine in TLS 1.3 to support unexpected hello_retry_request.
Also fixes non-blocking.
Fix resumption to use the named group from session.
Fix named group in session structure to be a 2-byte field.
Better detection of errors in message flow.
Fix DoTls13ClientHello when downgrading - don't do TLS 1.3 things.
Not downgrading on client fixed.
Downgrade protocol version from TLS 1.3 when not TLS 1.3 ciphersuite.
Get downgrading from TLS 1.3 and resumption working.
Change earlyData value to an enum.
Support no extensions data (as opposed to zero length extension data) in
TLS 1.3 ClientHello.
Check PSK cipher suite is available to both client and server before
using.
Check first PSK identity chosen when server says it is using early data
at client.
Check PSK extension is last in client_hello on server.
Check the PSK cipher suite to use is supported on client.
Check the returned cipher suite for pre-shared keys is the same as
client expects.
Send alert decrypt_error when verification fails in certificate_verify
or finished message doesn't match calculated value.
Fail when certificate messages recieved in handshake when using PSK.
Validate on the server that EndOfEarlyData message has been recieved
before finished message when server sent EarlyData extension.
2018-04-20 09:44:02 +10:00
toddouska
09706a4ed2
Merge pull request #1488 from SparkiDev/tls13_perf
Changes for interop and performance
2018-04-16 09:16:13 -07:00
Eric Blankenhorn
a0d8327320 Coverity fixes 2 (#1493)
* Coverity fixes for wolfcrypt folder
* Fixes for remaining issues
* Fixes for test files
2018-04-13 05:35:18 -07:00
Sean Parkinson
9600266483 WOLFSSL_FUNC_TIME changes
Warning in code about using this define.
Remove usage of WOLFSSL_FUNC_TIME from server.c.
2018-04-13 12:13:31 +10:00
Sean Parkinson
0b47811c46 Changes for interop and performance
Changes made to test.h to allow interop of PSK with OpenSSL.
Changes to allow server to pre-generate key share and perform other
operations at later time.
Fix ChaCha20 code header to have bigger state to support assembly code
for AVX1.
Fix Curve25519 code to use define instead.
Change Curve25519 to memset all object data on init.
Change Poly1305 to put both sizes into one buffer to avoid a second call
to wc_Poly1305Update().
Added WOLFSSL_START and WOLFSSL_END API and calls to show time of
protocol message function enter and leave to analyse performance
differences.
Moved Curve25519 code in KeyShare extension out of general ECC code.
2018-04-13 12:01:20 +10:00
David Garske
6de8348918 Fixes for various build configurations. Added --enable-enckeys option to enable support for encrypted PEM private keys using password callback without having to use opensslextra. Moved ASN CryptKey function to wc_encrypt.c as wc_CryptKey. Fixup some missing heap args on XMALLOC/XFREE in asn.c. 2018-04-09 13:28:15 -07:00
toddouska
2b48a074eb
Merge pull request #1480 from dgarske/extcache
Fix for HAVE_EXT_CACHE callbacks not being available without OPENSSL_EXTRA
2018-04-05 10:52:44 -07:00
Eric Blankenhorn
5439402c1d Refactor for max record size (#1475)
* Added new internal function `wolfSSL_GetMaxRecordSize`.
* Modified tls_bench to use dynamic buffer based on max record size.
* Added comment for DTLS maxFragment calculation.
2018-04-05 09:11:58 -07:00
David Garske
412d4d76ee Fix for HAVE_EXT_CACHE callbacks not being available without OPENSSL_EXTRA defined. Added tests for external cache callbacks. 2018-04-05 07:10:04 -07:00
Eric Blankenhorn
adb817e8d2 Feature update for tls_bench test that will allow passing in arguments (#1466)
* Feature update for tls_bench test that will allow passing in command line arguments that enable test features.
* Fix type conversion errors.
* Fixed use of uninitialized data. Declare DH arrays as const.
2018-04-02 14:00:34 -07:00
toddouska
a92696edec
Merge pull request #1454 from dgarske/noprivkey
Support for not loading a private key when using `HAVE_PK_CALLBACKS`
2018-03-22 12:47:22 -07:00
David Garske
e564c973b6 Refactor IO callback function names to use _CTX_ to eliminate confusion about the first parameter. 2018-03-21 16:08:55 -07:00
David Garske
dbb34126f6 * Added support for not loading a private key for server or client when HAVE_PK_CALLBACK is defined and the private PK callback is set. Tested with all cipher suites, TLS 1.2/1.3, client/server certs, RSA/ECC/ED25519.
* Added PK callback context tests for client/server examples (`SetupPkCallbackContexts`).
* Added new test define for `TEST_PK_PRIVKEY` to allows simulating hardware based private key.
* Added new test.h function for loading PEM key file and converting to DER (`load_key_file`).
* Added way to get private key signature size (`GetPrivateKeySigSize`).
* Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
* Added inline comments to help track down handshake message types.
* Cleanup of RSS PSS terminating byte (0xbc) to use enum value.
* Fixed bug with PK callback for `myEccVerify` public key format.
* Fixed bug with PK callback for ED25519 verify key buffer in DoServerKeyExchange.
2018-03-21 11:27:08 -07:00
David Garske
fa73f7bc55 Fix for handling OCSP with non-blocking. The HashInput function was being called on the re-entry, which produced a bad mac response from server. Also cleanup for some of the WC_PENDING_E logic for the non-async cases to reduce code size. 2018-03-16 12:05:07 -07:00
John Safranek
ecb2463bbe modify the client external test list to skip the test case when aes and aes-gcm are disabled 2018-03-01 15:22:38 -08:00
Chris Conlon
306600cba6 resolve variable shadow warnings on older compilers in tls_bench example 2018-02-26 16:14:15 -07:00
Sean Parkinson
da4024b46a Fix downgrading from TLS v1.3 to TLS v1.2
Fix handling of ServerHello in TLS v1.3 to support TLS v1.2 when
downgrading.
Added support in client and server examples for using downgrade method:
wolfSSLv23_client_method_ex() or wolfSSLv23_server_method_ex().
Add tests, using downgrade version, of client or server downgrading from
TLS v1.3 to TLS v1.2.
2018-02-22 12:48:50 +10:00
David Garske
9ff97997a6
Merge pull request #1360 from SparkiDev/sp_math
Minimal implementation of MP when using SP.
2018-02-14 15:49:23 -08:00
Sean Parkinson
a3a4f2d59c Minimal implementation of MP when using SP.
--enable-sp-math to include minimal implementation of MP (only with
--enable-sp.)
Add futher functionality for ECC (conditionally compiled):
- check key
- is point on curve
- API to add and double projective points
- API to map from project to affine
- Uncompress point (including sqrt)
Some configuration options will not work with SP math - configure.ac
detects this and errors out.
Change test code to better support SP sizes only.
2018-02-08 15:50:17 +10:00
David Garske
3e05118995 * Added the tls_bench example to the build output when threading is supported.
* Fixed some `tls_bench` build issues with various configure options.
* Moved the `WOLFSSL_PACK` and `WC_NORETURN` macros into types.h.
* Added support for `__builtin_bswap32` and `__builtin_bswap64`. Since the performance of the builtins varries by platform its off by default, but can be enabled by customer using `WOLF_ALLOW_BUILTIN`. Quick check on x86 showed the 32-bit swap performance matched, but 64-bit swap was slower.
2018-02-07 11:13:13 -08:00
toddouska
2efe7f6d96
Merge pull request #1319 from JacobBarthelmeh/Compatibility-Layer-Part5
Compatibility layer part4
2018-01-19 14:49:12 -08:00
Jacob Barthelmeh
60b329f7e5 fix example client error print out and ASN1_TIME_print after rebase 2018-01-16 15:39:58 -07:00
Jacob Barthelmeh
990e1f3ddf implement wolfSSL set msg callback function 2018-01-16 10:39:20 -07:00
Takashi Kojo
8c000c05ee refactor MDK options in client/server.c 2018-01-11 06:55:50 +09:00
Takashi Kojo
76e1a34fd0 update SimpleClient example 2018-01-11 06:53:32 +09:00
Moisés Guimarães
263525d812 enables OCSPStapling CM for ocspstapling2 2017-12-26 22:57:20 -03:00
Moisés Guimarães
43c234029b adds a call to wolfSSL_CTX_EnableOCSPStapling() on client.c to fix ocspstapling2 tests and removes unnecessary 'kill ' from the test scripts 2017-12-26 22:32:21 -03:00
David Garske
4712376ce1 Fix for OCSP non-blocking with check all flag set. 2017-12-19 16:52:47 -08:00
toddouska
ddae61afbd
Merge pull request #1259 from dgarske/fix_ocsp_nonblock
Fixes for handling non-blocking OCSP
2017-12-18 16:43:24 -08:00
David Garske
de05c563b6 Fix to handle non-blocking OCSP when WOLFSSL_NONBLOCK_OCSP is defined and not using async. OCSP callback should return OCSP_WANT_READ. Added ability to simulate non-blocking OCSP using TEST_NONBLOCK_CERTS. 2017-12-08 03:12:33 +01:00
David Garske
bababf115a Moved to IDE/XCODE. Fixed build warnings with xcode. Updated the user_settings.h to support fast math, ECC, timing resistance, single precision math, ARMv8, SHA3, ChaCha20/Poly1305, Ed/Curve25519 and ensure default disables are defined. Added Xcode iOS benchmark example. Runs wolfCrypt test, wolfCrypt benchmark and the new TLS benchmark by cipher suite. 2017-12-07 11:02:19 +01:00
dgarske
8c15c65343
Merge pull request #1216 from abrahamsonn/windows-errors
Windows errors
2017-11-21 15:21:14 -08:00
abrahamsonn
f17470b42b Added more of the requested changes & made an attempt to remove merge conflicts 2017-11-14 15:05:32 -07:00