mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,487 Commits 5 Branches 162 Tags
Commit Graph

880 Commits

Author SHA1 Message Date
Go Hosohara
3bf776baf4 wolfSSL_ASN1_TIME_get_data() changed 2018-09-25 15:39:54 +09:00
Go Hosohara
29d3303995 Add tests for d2i_PKCS12_fp,i2d_RSAPublicKey,RSA_verify and X509_print 2018-09-25 15:39:54 +09:00
Go Hosohara
b588e6ab29 ERR_peek_last_error() and SSL_get_SSL_CTX reference error on opensslextra. 
Implemented wolfSSL_X509_get_version().
 2018-09-25 15:39:54 +09:00
Go Hosohara
e79cdefcde X509_NAME_ENTRY_get_object 2018-09-25 15:39:54 +09:00
Go Hosohara
2922a93bf7 PEM_read_X509_CRL 2018-09-25 15:39:54 +09:00
Go Hosohara
050fa2f8f8 wolfSSL_X509_CA_num() 2018-09-25 15:39:54 +09:00
Go Hosohara
aaa26f3f41 wolfSSL_ASN1_TIME_get_data() 2018-09-25 15:39:54 +09:00
Go Hosohara
a002a6715f wolfSSL_ASN1_TIME_get_length() 2018-09-25 15:39:54 +09:00
Sean Parkinson
c4e1cdf335
Merge pull request #1845 from dgarske/tls_curve_order 
TLS supported curve selection fixes
 2018-09-25 08:26:14 +10:00
JacobBarthelmeh
3be25441fa
Merge pull request #1843 from dgarske/async_fixes 
Fixes for wolfCrypt async use with TLS
 2018-09-24 09:51:19 -06:00
David Garske
dfec7f2263 Fix for TLS v1.3 async case with cipher suite TLS_AES_128_GCM_SHA256 and RSA key type. Fix for issue with long cipher suite name test for TLS 1.3. 2018-09-21 16:30:05 -07:00
David Garske
24f9f12844 Fix for the curve logic to pick the hightest strength, not just the default 256-bit. Added test for setting user curve. ./examples -H useSupCurve. 2018-09-21 09:27:48 -07:00
Jacob Barthelmeh
2e88151cfd crypto only sha256 cryptodev 
formating and refactoring

update configure for devcrypto

add AES algorithms to cyrptodev port

increase structure size for compatibility AES with cryptodev

add wc_devcrypto.h to install path
 2018-09-19 10:41:29 -06:00
Chris Conlon
085daa78cd
Merge pull request #1833 from dgarske/norng_fixes 
Fixes for building without RNG enabled
 2018-09-18 14:52:21 -06:00
David Garske
9e305a01b4 More fixes for building with ./configure --disable-rng. 2018-09-18 11:17:39 -07:00
David Garske
77cd361bca Fixes for building with WC_NO_RNG. 2018-09-13 13:23:55 -07:00
toddouska
e071f1ca7e
Merge pull request #1825 from SparkiDev/compat_apis_1 
Add more compatability APIs.
 2018-09-13 13:13:12 -07:00
Chris Conlon
8a6a9e7620
Merge pull request #1820 from kojo1/portingAid 
Porting aid
 2018-09-13 11:06:55 -06:00
Sean Parkinson
0275366fb6 Fixes from code review 
Document how length of ECDSA signature calculated.
Check parameter not NULL before use.
Formatting fix.
Also, disable RSA test of EVP_DigestSign/Verify* when HAVE_USER_RSA.
 2018-09-13 08:47:09 +10:00
toddouska
324235f698
Merge pull request #1823 from dgarske/cert_ext_only 
Fix for build with cert extensions and openssl extra only
 2018-09-12 13:03:37 -07:00
Sean Parkinson
df20daa1ae Support RSA and ECC in wolfSSL_DigestSign/Verify* 2018-09-12 16:31:39 +10:00
Takashi Kojo
7ddc756d15 eliminate double semi-colon 2018-09-12 10:13:30 +09:00
Sean Parkinson
330a7048c7 Add more compatability APIs. 
d2i_ECDSA_SIG, i2d_ECDSA_SIG, EVP_DigestVerifyInit,
EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_PKEY_id,
PEM_read_bio_PUBKEY
 2018-09-11 09:28:03 +10:00
David Garske
238f45d89d Fix for build with ./configure --enable-certext --enable-opensslextra. 2018-09-10 08:22:17 -07:00
David Garske
f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
Sean Parkinson
f8ac5b5f71
Merge pull request #1819 from dgarske/fix_load_loc 
Fix for load location test to handle multiple failure codes
 2018-09-10 08:36:19 +10:00
Takashi Kojo
0d44252608 error pass though build flag WOLFSSL_PASSTHRU_ERR 2018-09-08 10:19:31 +09:00
Takashi Kojo
902008f5ea refer unit_PassThrough flag at least once 2018-09-08 09:17:52 +09:00
Eric Blankenhorn
412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798) 
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
 2018-09-07 16:22:23 -07:00
David Garske
575382e5a9 Fix for load location test to handle multiple failure codes (failure may return ProcessFile error code or WOLFSSL_FAILURE). Moved expired certs and setup load location test for expired certs. 2018-09-07 15:30:30 -07:00
Takashi Kojo
e677c32714 test file access functions 2018-09-08 07:27:33 +09:00
Takashi Kojo
294a22e938 flag to pass throug errors for correcting as many error information as possible. 2018-09-08 06:02:20 +09:00
Daniele Lacamera
27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
David Garske
ae3d8d3779 * Fixed wolfSSL_CTX_load_verify_locations to continue loading if there is an error (ZD 4265). 
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
 2018-09-06 12:51:22 -07:00
toddouska
d149795648
Merge pull request #1759 from dgarske/verifycbfail 
Fix to resolve issue with verify callback not causing an error
 2018-09-04 15:52:58 -07:00
Sean Parkinson
17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
David Garske
d2b9b230a0 Added additional verify callback override test cases. 2018-08-31 16:26:51 -07:00
David Garske
b369e524d4 Fix for the ECDSA verify callback override test case. Switched to AES128-GCM cipher suite (better cipher suite overall). 2018-08-30 11:48:08 -07:00
David Garske
3d0d10345a Added test cases for ensuring forced error fails on client and server. Added test cases to ensure bad certificate can be overriden. 2018-08-30 11:17:21 -07:00
toddouska
7f324d2c3b
Merge pull request #1781 from JacobBarthelmeh/Compatibility-Layer 
fix for IV of DES_ncbc function
 2018-08-24 10:16:21 -07:00
Jacob Barthelmeh
f23eb37ade fix for IV of DES_ncbc function 2018-08-23 09:03:09 -06:00
David Garske
d0d28c82cd Added new PKCS7 ex API's for supporting signing and validation of large data blobs. New API's are wc_PKCS7_EncodeSignedData_ex and wc_PKCS7_VerifySignedData_ex. Includes header docx and unit tests for new API's. Cleanup for the PKCS7 small stack and const oid's. 2018-08-22 15:46:37 -07:00
Takashi Kojo
08c2d94011 return value check of XFSEEK 2018-08-22 10:46:46 +09:00
David Garske
b12386fbb1 Fixes for building with TLS v1.3 only (./configure --disable-tlsv12 --enable-tls13 --disable-aescbc --enable-ed25519 --enable-curve25519) 2018-08-20 15:49:03 -07:00
toddouska
0f539616be
Merge pull request #1766 from JacobBarthelmeh/UnitTests 
cleanup with test cases and access to FP_MAX_BITS
 2018-08-20 09:19:14 -07:00
toddouska
555714afa3
Merge pull request #1764 from SparkiDev/tls13_psk_cb 
Separate PSK callback for TLS 1.3
 2018-08-20 09:17:01 -07:00
Jacob Barthelmeh
cc10c971cd make sure that even if wolfSSL_Init has been called multiple times that wolfSSL_Cleanup gets called in tests 2018-08-17 11:04:21 -06:00
Sean Parkinson
f1222c3f9f Separate PSK callback for TLS 1.3 
It is highly recommended that the PSK be different for each protocol.
Example callback already returns a different key for TLS 1.3.
New callback includes the ciphersuite, as a string, to use with the key.
 2018-08-17 10:18:28 +10:00
Sean Parkinson
f487b0d96a Config option to disable AES-CBC 
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
 2018-08-16 08:25:13 +10:00
Eric Blankenhorn
2420af3cf2
Merge pull request #1758 from dgarske/certext 
Fix for building certext without certgen
 2018-08-14 17:00:51 -05:00