mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,104 Commits 5 Branches 162 Tags 807 MiB
d09f26a69f
Commit Graph

7104 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacob Barthelmeh
c09e55c749 add check for having ECC enabled when testing with ECC certificate 2018-02-12 09:59:35 -07:00
toddouska
95ed1a88ed
Merge pull request #1364 from SparkiDev/aesni_authtagsz 
AES-GCM AES-NI code now handles different tag lengths
 2018-02-09 13:19:14 -08:00
toddouska
e254f25baf
Merge pull request #1359 from SparkiDev/nginx_fixes 
Fixes to get Nginx working again.
 2018-02-09 13:17:38 -08:00
toddouska
44be47a83b
Merge pull request #1358 from dgarske/fix_aesgcm_emb 
Fix for missing `ret` in some `wc_AesGcmEncrypt` functions
 2018-02-09 13:16:21 -08:00
toddouska
a27d2448e2
Merge pull request #1344 from dgarske/portability_cleanups 
Portability cleanups and `tls_bench` fixes
 2018-02-09 13:15:47 -08:00
toddouska
d827e93af9
Merge pull request #1329 from JacobBarthelmeh/PKCS12 
PKCS12 reverse order that certificates are compared for keypair
 2018-02-09 13:15:07 -08:00
Kaleb Himes
87179837e7
Merge pull request #1365 from cconlon/p7karifix 
detect and set keyAgreeOID from CMS EnvelopedData if user has not set
 2018-02-09 13:27:40 -07:00
Chris Conlon
fa676d96cf detect and set keyAgreeOID from CMS EnvelopedData if user has not set 2018-02-09 09:37:51 -07:00
Sean Parkinson
35c993e55d AES-GCM AES-NI code now handles different tag lengths 
Encrypt and decrypt code modified.
AES-NI, AVX1 and AVX2 code modified.
Test of 15 byte tag added.
 2018-02-09 17:21:06 +10:00
Sean Parkinson
0da8694ff3 Fix Hello Retry Request parsing of new KeyShare choice 2018-02-09 11:12:04 +10:00
Sean Parkinson
9a0c822582 Support TLS v1.3 Draft 23 
Change KeyShare number.
Support SignatureAlgorithmsCert extension - nothing done with
information as only one chain supported on server.
Compiling for Draft 22 supported: --enable-tls-draft22
Compiling for Draft 18 still supported.
 2018-02-09 10:42:15 +10:00
David Garske
e8a5af2651
Merge pull request #1362 from ejohnstown/aesgcmtest 
Add AES-GCM Test Case
 2018-02-08 16:41:06 -08:00
John Safranek
6907241180 Add AES-GCM Test Case 
Added a new AES-GCM test case where the provided IV is of length 1 byte.
 2018-02-08 11:37:21 -08:00
Sean Parkinson
a3a4f2d59c Minimal implementation of MP when using SP. 
--enable-sp-math to include minimal implementation of MP (only with
--enable-sp.)
Add futher functionality for ECC (conditionally compiled):
- check key
- is point on curve
- API to add and double projective points
- API to map from project to affine
- Uncompress point (including sqrt)
Some configuration options will not work with SP math - configure.ac
detects this and errors out.
Change test code to better support SP sizes only.
 2018-02-08 15:50:17 +10:00
Sean Parkinson
297fb1a447 Fixes to get Nginx working again. 
Only use weOwnDH as Nginx can change from client to server.
Allow TLS v1.3 with client method for Nginx.
 2018-02-08 11:14:31 +10:00
Jacob Barthelmeh
62b8c0c3fd add test case for order of certificates with PKCS12 parse 2018-02-07 16:52:39 -07:00
David Garske
fbdcd3c67f Fix for missing ret in some wc_AesGcmEncrypt functions due to refactor in commit 0765aa0. 2018-02-07 15:40:28 -08:00
David Garske
c2a0de93b8 Fix to resolve wolfCrypt test for `cert_test nameConstraints test. Fixed ASN check to properly determine if certificate is CA type. 2018-02-07 12:48:33 -08:00
Kaleb Himes
266b6fe7a7
Merge pull request #1356 from JacobBarthelmeh/Compatibility-Layer 
Fix for Windows FIPS build
 2018-02-07 13:18:36 -07:00
David Garske
4a6bb20ba6 Refactor the VERIFY_AND_SET_OID macro to simplify so it works on older C compilers like Visual Studio. 2018-02-07 12:17:03 -08:00
David Garske
d78e45dbb6 Added check to enforce RFC 5280 Sec 4.2: "A certificate MUST NOT include more than one instance of a particular extension". Refactor of the DecodedCert struct to combine bit type options into bit-fields. Fix for wolfCrypt test for error codes to allow -161. 2018-02-07 11:15:22 -08:00
David Garske
d9002bb072 Fix to enforce RFC 5280 Sec 4.2.1.6: "The name MUST NOT be a relative URI". Verifies the URI contains "://". Can be disabled using WOLFSSL_NO_ASN_STRICT. 2018-02-07 11:15:22 -08:00
David Garske
f4ad808d12 Added check to enforce RFC 5280 Sec 4.2.1.10 rule: "The name constraints extension, which MUST be used only in a CA certificate". Added new define WOLFSSL_NO_ASN_STRICT to restore old behavior for compatability. Fix wc_port time HAVE_RTP_SYS (noticed it was missed during ASN time move to wc_port). 2018-02-07 11:15:22 -08:00
David Garske
3e05118995 * Added the tls_bench example to the build output when threading is supported. 
* Fixed some `tls_bench` build issues with various configure options.
* Moved the `WOLFSSL_PACK` and `WC_NORETURN` macros into types.h.
* Added support for `__builtin_bswap32` and `__builtin_bswap64`. Since the performance of the builtins varries by platform its off by default, but can be enabled by customer using `WOLF_ALLOW_BUILTIN`. Quick check on x86 showed the 32-bit swap performance matched, but 64-bit swap was slower.
 2018-02-07 11:13:13 -08:00
David Garske
e1c246f918
Merge pull request #1355 from JacobBarthelmeh/Testing 
Fix for build with having opensslextra and IGNORE_NAME_CONSTRAINTS
 2018-02-07 11:12:55 -08:00
toddouska
69db17fcda
Merge pull request #1352 from dgarske/freertos_static 
Fix to allow `FREERTOS` and `WOLFSSL_STATIC_MEMORY`
 2018-02-07 10:06:51 -08:00
toddouska
012fb31f00
Merge pull request #1351 from dgarske/fix_ipv6 
Fix for building with IPV6
 2018-02-07 10:04:41 -08:00
toddouska
7769ba83ad
Merge pull request #1346 from dgarske/stm32_hash_ctx 
STM32 Hashing Improvements
 2018-02-07 10:03:50 -08:00
Jacob Barthelmeh
47aa4bbe2f handle disable md5 case 2018-02-07 10:44:16 -07:00
Jacob Barthelmeh
61da8ec1dc Fix for Windows FIPS build 2018-02-07 10:13:28 -07:00
Jacob Barthelmeh
a1a1ca9991 Fix for build with having opensslextra and IGNORE_NAME_CONSTRAINTS 2018-02-07 09:54:24 -07:00
David Garske
9afd26e853 Fixes for better supporting FREERTOS with and without static memory. Added fallback case to use pvPortMalloc/vPortFree when heap ptr not available. 2018-02-06 09:28:27 -08:00
David Garske
b3b3a28616 Fix logic typo for IPV6 any addr. 2018-02-06 09:18:42 -08:00
David Garske
172989c3c4
Merge pull request #1343 from ghoso/dev201801 
Fix decryption error when EVP_CipherInit is called mulitple times.
 2018-02-05 16:51:08 -08:00
Sean Parkinson
82850422fc
Merge pull request #1338 from JacobBarthelmeh/Testing 
set have session id flag
 2018-02-05 14:58:55 -08:00
David Garske
0be1c10fcd Moved the STM32 functions to their own .c file. Added GPL header. Finished testing on STM32 CubeMX with F4 and F7 and StdPeriLib with F4. 2018-02-05 12:57:06 -08:00
Kaleb Himes
4803b3316e
Update settings.h 2018-02-05 13:05:24 -07:00
David Garske
81b64742f3 Fix to allow FREERTOS and WOLFSSL_STATIC_MEMORY. 2018-02-05 11:55:35 -08:00
David Garske
1ca56f97a4 Fix warning with pointer compare to zero for IPV6 peer == INADDR_ANY in test.h. Fixes issue #1350. 2018-02-05 11:03:19 -08:00
Jacob Barthelmeh
a196fac0c2 itterate through certificates with PKCS7 2018-02-05 10:52:54 -07:00
toddouska
0765aa0f20
Merge pull request #1342 from SparkiDev/aes_gcm_sb2 
Improve performance of AES-GCM for AVX1 and AVX2
 2018-02-02 10:56:14 -08:00
toddouska
7ad0ea808c
Merge pull request #1341 from JacobBarthelmeh/master 
fix build for OLD_HELLO_ALLOWED macro
 2018-02-02 10:53:16 -08:00
toddouska
02ef52c3cd
Merge pull request #1340 from dgarske/ecc_pub_import_wcurve 
Adds curve information to public key import for `wc_EccPublicKeyDecode`
 2018-02-02 10:52:06 -08:00
toddouska
d63373066b
Merge pull request #1331 from JacobBarthelmeh/Compatibility-Layer 
add comments and better error checking for PKCS8 strip
 2018-02-02 10:50:29 -08:00
toddouska
c66ebb6748
Merge pull request #1317 from SparkiDev/chacha20_sb_avx2 
Improve performance of chacha20-poly1305 on AVX and AVX2.
 2018-02-02 10:46:39 -08:00
Jacob Barthelmeh
19ce41c3cc pkcs7 attribute parsing 2018-02-02 09:01:32 -07:00
kaleb-himes
15486ae379 windows configuration changes 2018-01-31 15:09:16 -07:00
David Garske
a4a5f4f27a STM32 refactor to move hashing code into wolfssl/wolfcrypt/port/stm32.h. Supports CubeMX HAL or StdPeriLib with MD5, SHA1, SHA224 and SHA256. Detects if hardware supports SHA2. Adds hashing context save/restore and hashing clock/power optimizations. Fix for building *.c in wolfcrypt/src/port for caam_driver.c. Fix for warning with wolfSSL_CryptHwMutexUnLock when no threading defined and return code not checked. 2018-01-31 11:25:20 -08:00
JacobBarthelmeh
640015ed5f
Merge pull request #1345 from kaleb-himes/SGX-FIPS-UPDATES 
Updates to settings necessary for SGX FIPS
 2018-01-31 11:09:19 -07:00
JacobBarthelmeh
5b083497da
Merge pull request #1300 from kaleb-himes/SGX-FIPS-LINUX 
Add build scripts for default SGX build and improve cleanup
 2018-01-31 09:34:06 -07:00