mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,767 Commits 5 Branches 162 Tags
Commit Graph

259 Commits

Author SHA1 Message Date
Hayden Roche
dc7ae37f7a Make changes to support port of NTP from OpenSSL to wolfSSL. 2021-08-02 13:33:18 -07:00
JacobBarthelmeh
020e23783b
Merge pull request #4180 from kaleb-himes/DEFAULT_CA_BOOL 
Fix basic constraints extension present and CA Boolean not asserted
 2021-07-19 23:08:27 +07:00
Jacob Barthelmeh
88b70a3906 update google cert that was set to expire in Dec 2021 2021-07-09 23:57:50 +07:00
kaleb-himes
93a8f36530 Fix basic constraints extension present and CA Boolean not asserted 2021-07-02 12:16:16 -06:00
Jacob Barthelmeh
3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske
3d5c5b39ac
Merge pull request #4134 from embhorn/joi-cert 
Update use of joi cert and add to renew script.
 2021-06-17 18:28:12 -07:00
Kaleb Himes
93ae372c55
Merge pull request #4132 from dgarske/exebits 
Remove execute bit on update pem/der files
 2021-06-16 17:20:53 -05:00
Eric Blankenhorn
1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
David Garske
90d894b9fd Remove execute bit on update pem/der files. 2021-06-16 10:17:20 -07:00
Jacob Barthelmeh
d8fc01aabf add cert generation to renewcerts script 2021-06-16 14:31:33 +07:00
Sean Parkinson
5bb639f6db
Merge pull request #4126 from dgarske/certs_test_expired 
Fixes for expired test certs
 2021-06-16 11:25:54 +10:00
Sean Parkinson
b73673a218
Merge pull request #3794 from TakayukiMatsuo/os_keyprint 
Add wolfSSL_EVP_PKEY_print_public
 2021-06-16 08:43:41 +10:00
David Garske
6d95188f4b Fixes for expired test certs. Generated using cd certs/test && ./gen-testcerts.sh. 2021-06-15 15:07:34 -07:00
David Garske
5a78574a8a Add new scripts to include.am. 2021-06-11 08:19:23 -07:00
TakayukiMatsuo
779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson
ed14e593c7 ED25119 and SHAKE-256: fixes 
SHAKE-256 is off by default now. Make sure WOLFSSL_SHAKE256 doesn't make
it into options.h.
Fix openssl.test usage of ed25519 certificates.
Add scripts that regenerate certificates
 2021-06-11 10:13:31 +10:00
Sean Parkinson
3ecb8d5a3e
Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
David Garske
4a85127507 Improve wc_DhKeyToDer for public key size calculation. Fixes bug with the output too (was missing 1 byte in length for the unused bits byte in bit string). 2021-06-08 09:55:56 -07:00
David Garske
9b215c5138 Fixes for DH Pub key import/export and new test case. Improve wc_DhParamsToDer. 2021-06-08 09:27:30 -07:00
Sean Parkinson
8779c3a884 ECC: Disable ECC but have Curve25519/448 and PK callbacks fix 
Fix ed25519 certificates.
Tidy up testsuite.c
 2021-05-10 10:32:55 +10:00
Kareem Abuobeid
8071fac306 S/MIME: Add smime-test-canon.p7s to include.am 2021-04-30 15:30:55 -07:00
Kareem Abuobeid
effcecf40d S/MIME: Add non-canonicalized test case 2021-04-30 15:07:37 -07:00
TakayukiMatsuo
491f3bc423 Add two public key files in certs folder and register them to gencertbuf.pl 2021-03-19 14:52:58 +09:00
Hideki Miyazaki
44a20c8ce6
add more unit test case for load_crl_file 2021-03-05 08:19:14 +09:00
Jacob Barthelmeh
f4519018eb remove execute bit on smime bundles 2021-02-15 23:33:31 +07:00
toddouska
67b1280bbf
Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
Jacob Barthelmeh
41e5e547c4 run renewcerts.sh script 2021-02-11 03:12:54 +07:00
Kareem Abuobeid
a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
Jacob Barthelmeh
e2b411805d add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen script 2021-01-12 00:40:15 +07:00
Juliusz Sosinowicz
6226edb394 Use CSR with smaller key size 4096 -> 2048 2020-12-18 12:48:25 +01:00
Juliusz Sosinowicz
383df620bf Add CSR test with Extension Request attribute 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz
77c730361e Jenkins fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz
2a9bb906a9 Implement wolfSSL_BIO_*_connect and wolfSSL_BIO_set_conn_port 
Forgot to commit csr.dsa.pem for api.c
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz
2689d499b9 Tests starting to pass 2020-12-17 14:26:49 +01:00
Jacob Barthelmeh
04e22b0747 add restriction to excluded DIR name constraint 2020-12-11 10:00:11 +07:00
Jacob Barthelmeh
f00263889b add test case 2020-12-11 08:20:48 +07:00
David Garske
10f459f891 Added TLS v1.2 and v1.3 test cases for ECC Koblitz and Brainpool curves (both server auth and mutual auth). Cipher suites: ECDHE-ECDSA-AES128-GCM-SHA256, ECDH-ECDSA-AES128-GCM-SHA256 and TLS13-AES128-GCM-SHA256. 2020-11-10 09:47:36 -08:00
Chris Conlon
79dea1c85c add test-servercert-rc2.p12 to include.am 2020-10-19 08:01:19 -06:00
Chris Conlon
062df01737 add PKCS12 RC2 test case, example p12 bundle 2020-10-16 12:02:20 -06:00
John Safranek
c2bb359eb4
Automake Fixes 
1. A couple cert scripts don't need to be included in the makefile or the distribution.
 2020-10-14 17:23:58 -07:00
toddouska
0f6d391ea1
Merge pull request #3295 from SparkiDev/tls13_p521 
TLS 1.3: Fix P-521 algorithm matching
 2020-09-21 13:36:48 -07:00
Sean Parkinson
409daa665d Script to find exipred CRLs and certificates 
Check for expiration in 3 months.
First argument is the offset. e.g. "+1 year"
 2020-09-18 11:26:27 +10:00
Sean Parkinson
d63ff07edc TLS 1.3: Fix P-521 algorithm matching 
Digest size compared to key size - P521 has large key size.
Fixed to round down.
Added P-521 keys and certificates.
Added testing of P-521 keys and certificcates to unittest.
 2020-09-18 10:51:55 +10:00
John Safranek
3bd27f7912
fix a bad path in renewcerts 2020-08-12 15:17:21 -07:00
John Safranek
95337e666c
Release Update 
1. Update the usual versions.
2. Update README and ChangeLog.
3. Modify genecc and renewcerts to update two certificate files that had expired.
4. Update the expired certificate files.
 2020-08-12 14:43:47 -07:00
Juliusz Sosinowicz
fe1f815761 wolfSSL_X509V3_EXT_i2d: NID_ext_key_usage 2020-08-06 13:45:36 +02:00
David Garske
1b051d9c5b TLS v1.3 sniffer support: 
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
 2020-07-17 15:22:35 -07:00
kaleb-himes
aa704420fd Fix typo in include.am 2020-07-07 16:39:39 -06:00
kaleb-himes
42f3a6d7a4 Put both potential roots for login.live.com into collection for stapling test 2020-07-07 16:02:48 -06:00
David Garske
efa169e595 Fix for invalid files in include.am. Improvement to new alt-chain tests to catch case this PR fixes. 2020-06-18 08:33:59 -07:00