mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,808 Commits 5 Branches 160 Tags 772 MiB
Commit Graph

579 Commits

Author SHA1 Message Date
Jacob Barthelmeh df7917fcd9 add --enable-aescfb, add comments, include of stdio with snprintf 2018-01-12 11:05:43 -07:00
Chris Conlon 8bebadcd4b update library version for 3.13.0 in configure.ac/version.h 2017-12-21 09:54:19 -07:00
Go Hosohara bfed9f28d3 Modification for compliling application with libsignal-protocol-c. 2017-12-19 13:19:05 +09:00
Chris Conlon e3a4f468c1 PKCS7 and SCEP need either AES or 3DES enabled, error out if not 2017-11-20 13:16:44 -07:00
toddouska 53ec80b291
Merge pull request #1238 from cconlon/pkcs7cleanup 
PKCS7 cleanup: remove dependencies on 3DES and SHA1
 2017-11-16 13:51:57 -08:00
Chris Conlon 30e8f5539b PKCS7 cleanup: remove dependencies on 3DES and SHA1 2017-11-16 10:37:47 -07:00
David Garske d5cc3ca198 Disable TLS v1.0 by default. Added new `--enable-tlsv10` option to force enable (only works if --enable-oldtls is set, which is on by default). 2017-11-14 14:01:31 -08:00
David Garske 5a5fea7b46 Add `USE_SLOW_SHA256` and `USE_SLOW_SHA512` options for reduced code size of SHA. Existing `USE_SLOW_SHA2` applies for SHA512 only. Cleanup formatting of the sha256.c and sha512.c code. Added new `./configure --lowresource` option, which defines the memory reduction defines. Fix for `make check` resume.test scipt with `NO_SESSION_CACHE` defined. 2017-11-09 11:05:28 -08:00
David Garske b8cc132e99 Added ability to force 32-bit mode using `--enable-32bit`. Added ability to disable all inline asembly using `--disable-asm`. Added check for `__EMSCRIPTEN__` define in types.h to properly setup 64-bit type. Fixes for build combinations with SHA512 and CHACHA20. 2017-11-06 14:37:34 -08:00
Sean Parkinson 32cbff7257 Remove coverage rules not required. 2017-11-02 09:46:57 +10:00
Sean Parkinson 323db1a95d Fix no ECC builds with TLS13 code. 
Fix tests so that having ECC disabled works as well.
Fix define protection for Draft 18 and HRR Cookie.
 2017-10-24 09:11:24 -07:00
toddouska 8a01d725da Merge pull request #1177 from dgarske/certreq_tests 
Testing improvements for cert gen and TLS cert validation
 2017-10-24 08:21:37 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske 024c8725ad Testing improvements for cert gen and TLS cert validation: 
* Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled.
* Added new ECC CA for 384-bit tests.
* Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem)
* Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL.
* Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`.
* Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function.
* Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack).
* Cleanup to combine all certificate subject information into global `certDefaultName`.
* Updated cert request info to use wolfSSL instead of Yassl.
* Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`.
* Re-number error codes in rsa_test.
* Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.
 2017-10-19 16:17:51 -07:00
Sean Parkinson c49188cc89 Turn off SP by default 2017-10-17 09:32:24 +10:00
Sean Parkinson 90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
toddouska 819acd18a7 Merge pull request #1180 from SparkiDev/tls13_nd 
Fixed DRAFT_18 define and fixed downgrading with TLS v1.3
 2017-10-13 09:24:55 -07:00
David Garske 6707be2b0e Added new `--disable-oldnames` option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add `--enable-opensslcoexist` which makes sure `oldnames` is disabled. Refactor of `SSL_` to `WOLF_SSL_`. Refactor of `SHA`, `MD5`, `SHA224`, `SHA256`, `SHA512` and `SHA384` to `WC_` naming. 2017-10-11 09:10:42 -07:00
Sean Parkinson 7dca25ea88 Fixed DRAFT_18 define and fixed downgrading with TLS v1.3 
Changed the define in configure.ac to match the one used in the code.
Fixed downgrading to disallow unless ssl->options.downgrade is set.
TLS 1.3 client method does not have downgrade on anymore.
Test changed to not expect downgrading to work.
Test of TLS v1.3 client downgrade is actually upgrading on server.
Fixed 80 character line problems.
 2017-10-11 12:17:28 +10:00
John Safranek f344f04e60 wolfSSH Option 
Added a configure convenience option for building wolfSSL to work with wolfSSH.
 2017-10-04 16:11:52 -07:00
Sean Parkinson 00e073424a Fix WPAS config to not use FORTRESS config 2017-09-15 10:49:07 +10:00
Jacob Barthelmeh ef73c1df7c add AES-XTS mode --enable-xts 2017-08-30 17:50:15 -06:00
Jacob Barthelmeh 3fda99cbc4 seperate build of QSH from build of NTRU 2017-08-16 14:19:38 -06:00
David Garske 44a3622248 Fixes to better handle threading with async. Fix `wc_CamelliaCbcEncrypt` return code checking. Fix to ensure cycles per byte shows on same line. Refactor of async event state. Refactor to initalize event prior to operation (in case it finishes before adding to queue). Add `HAVE_AES_DECRYPT` to --enable-all option. Cleanup benchmark error display. 2017-08-15 21:19:28 -07:00
Jacob Barthelmeh b55f981d5b prepare for release v3.12.0 2017-08-04 15:32:27 -06:00
David Garske 3be4e0823e Adds option `--enable-chacha=noasm` to allow disabling the Intel AVX/AVX2 speedups when used with `--enable-intelasm`. 2017-08-03 13:39:46 -07:00
dgarske 05ed5cafc2 Merge pull request #1061 from SparkiDev/tls13_leantls 
Fixes for LEANTLS and TLS13 builds
 2017-07-25 21:01:00 -07:00
Sean Parkinson 038d16212f Fixes for LEANTLS and TLS13 builds 2017-07-26 10:43:36 +10:00
Sean Parkinson bde6a35ac4 Assembly optimization for AES-NI, and AVX1 and AVX2 
Unroll the loop for 8.
Use new optimized maths.
Fix SHA-384 to use SHA-512 assembly code.
Only perform CPU id check in one place.
 2017-07-25 08:50:39 +10:00
toddouska 36c2ee92dc Merge pull request #1050 from JacobBarthelmeh/ARMv8 
Xilinx port
 2017-07-24 15:37:05 -07:00
Jacob Barthelmeh 59a46d08d9 Xilinx port 2017-07-21 17:39:47 -06:00
John Safranek 431a0cbea9 Multicast 
1. Since multicast's only cipher suite uses null cipher
   automatically enable it.
2. Add options to example client and server to start
   testing multicast API. (Uses TLS over TCP.)
3. Updates to use the forced secrets set by API.
 2017-07-19 13:31:39 -07:00
John Safranek 5154584576 Multicast DTLS 
1. Add DTLS-multicast to the enable options.
2. Reorg DTLS related enable options together.
3. Update a couple enable option texts to use the AS_HELP_STRING() macro.
4. Add three new APIs for managing a DTLS Multicast session.
5. Add test code for new APIs.
6. Add stub code for the new APIs.
 2017-07-19 13:26:23 -07:00
David Garske 8612d52844 Fix issue with ARMv8 not performing 128-bit math against constants correctly in debug builds. Fix was to use the `__int128_t` as const for integers. Also added `./configure --enable-curve25519=no128bit` option to force FE to not use the `int128_t` math. 2017-07-14 10:39:30 -07:00
David Garske 171796e8e2 Fix up for building without `./configure` to warn if hardening options are not enabled. Currently `./configure` defaults to `--enable-harden`, but if building sources directly and using `settings.h` or `user_settings.h` the hardening defines will not be set by default. If a user wants to use without hardening they can suppress the warning by defining `WC_NO_HARDEN`. 2017-07-10 14:40:07 -07:00
Sean Parkinson 7aee92110b Code review fixes 
Also put in configuration option for sending HRR Cookie extension with
state.
 2017-06-27 08:52:53 +10:00
dgarske 06fa3de31c Merge pull request #980 from SparkiDev/tls13_0rtt 
TLS v1.3 0-RTT
 2017-06-22 09:44:41 -07:00
Sean Parkinson 08a0b98f52 Updates from code review 2017-06-22 12:40:41 +10:00
Sean Parkinson 350ce5fcef TLS v1.3 0-RTT 2017-06-21 08:35:28 +10:00
David Garske 3c173ba366 Enhancement to support different sized Curve/Ed math library implementations for FE/GE. Remains backwards compatible with `CURVED25519_SMALL` define. Adds new defines `CURVE25519_SMALL` and `ED25519_SMALL` to allow individual enabling of math library choice (`_low_mem` or `_operations`). Example: `./configure --enable-ed25519=small --enable-curve25519`. 2017-06-16 09:41:10 -07:00
David Garske adf819458c Fixes for TLS 1.3 without ECC or RSA. Fix for building without ECC where HAVE_SUPPORTED_CURVES was getting defined because of ENABLED_TLSX. 2017-06-13 09:44:14 -07:00
Sean Parkinson 4134073c8d Initial revision of SHA-3 2017-05-25 09:09:50 +10:00
toddouska 6b09a7c6e1 Merge pull request #922 from SparkiDev/tls_pss 
TLS v1.2 and v1.3 RSA PSS
 2017-05-23 14:57:10 -07:00
toddouska 0e860b0d55 Merge pull request #925 from dgarske/enable_all 
Added new `./configure --enable-all` option to enable all features
 2017-05-22 09:22:50 -07:00
Jacob Barthelmeh b6c2e2acf9 require using wolfSSL memory when enabling trackmemory 2017-05-19 15:24:38 -06:00
David Garske 0a28b76e8b Refactor of the ./configure help to use AS_HELP_STRING. 2017-05-19 10:54:13 -07:00
Sean Parkinson 4390f4c711 TLS v1.2 and PSS 
Cleanup the TLS v1.3 PSS code as well.
Added RSA API wc_RsaPSS_CheckPadding() to check the padding - no longer
a simple memcmp with the digest.
 2017-05-19 11:49:43 +10:00
Jacob Barthelmeh 4737b97503 add trackmemory enable option 2017-05-18 16:46:56 -06:00
David Garske 7bd1e0b80a Added new `./configure --enable-all` option to enable all features. Allows building all features without using the `--enable-distro` option, which only allows shared build and does not generate an options.h file. 2017-05-18 10:57:28 -07:00
David Garske 7c7503449f Removed the `-Wimplicit-fallthrough=5` from autogen.sh, since older GCC throws “error: unknown warning option”. 2017-05-11 15:28:49 -07:00