872d222b59
* Adds the following openssl compatibility API's:
...
- SSL_CIPHER_get_id
- SSL_CIPHER_get_rfc_name
- SSL_get_cipher_by_value
- X509_print_ex
- X509_NAME_add_entry_by_NID
- X509_time_adj
- X509_time_adj_ex
- DTLSv1_get_timeout
- DTLSv1_handle_timeout
- DTLSv1_set_initial_timeout_duration
- SSL_CTX_set_current_time_cb
- PEM_write_bio_RSA_PUBKEY
- PEM_read_bio_RSA_PUBKEY
- PEM_write_bio_PUBKEY
- EVP_PKEY_missing_parameters
- EVP_PKEY_cmp
- BN_is_negative
- BIO_set_retry_write
* Improvements to the notBefore and notAfter date handling.
* Improvements to BIO and BIO_METHOD
- Moved structure to public area to allow for dereferencing
- Renamed members to provide compatibility.
- Added support for custom BIO methods for read/write.
* Added advanced openssl compatibility test cases for key and certificate generation.
* Fix for `ASN1_STRING_set` to allow NULL data.
* Fix to populate public key information on `EVP_PKEY_assign_RSA` and `EVP_PKEY_assign_EC_KEY`.
* Fix naming for `X509_get_notBefore` and `X509_get_notAfter` functions.
* Added `wc_EccPublicKeyDerSize`.
* Improvements to `wc_RsaPublicKeyDerSize`, so dummy memory doesn't have to be allocated.
* Made the `wc_*PublicKeyDerSize` functions public.
* Eliminate use of snprintf for UTC to generalized time conversion in `wolfSSL_ASN1_TIME_to_generalizedtime`.
2019-09-26 08:42:35 -07:00
51251bc421
Fix for ssl23.h include for openssl compat with cyassl.
2019-04-01 11:10:29 -07:00
246c444b93
Updates for v4.0.0
...
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
f7c0a77c9c
reomved outdated submission note
2019-01-21 09:14:58 -08:00
45cd80b4b7
Fix define check of `NO_CERT` to be `NO_CERTS`.
2019-01-11 21:10:07 -08:00
53af520911
Fix to resolve issue with PIC32MZ crypto hardware (AES/DES3 only) where an unaligned input/output buffer was not handled correctly. This results in a BUFFER_E. This was seen with DTLS v1.0 and `TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA` cipher suite. Fix is to allocate a dynamic buffer from heap if the input/output are not aligned. Tested and verified with a PIC32MZ2048EFM144 and the `wolfssl_udp_client` example for Harmony using DTLS v1.0 and the `setudppacketoptions 192.168.0.107 11111 hello` -> `sendudppacket` commands. Cleanups in older ctoacrypt/settings.h for PIC32MZ.
2018-08-22 13:39:03 -07:00
b1ed852f36
Fix TCP with Timeout
...
wolfSSL remains agnostic to network socket behavior be it blocking or non-blocking. The non-blocking flag was meant for the default EmbedRecvFrom() callback for use with UDP to assist the timing of the handshake.
1. Deprecate wolfSSL_set_using_nonblock() and wolfSSL_get_using_nonblock() for use with TLS sockets. They become don't-cares when used with TLS sessions.
2. Added functions wolfSSL_dtls_set_using_nonblock() and wolfSSL_dtls_get_using_nonblock().
3. Removed a test case from EmbedReceive() that only applied to UDP.
4. Removed the checks for non-blocking sockets from EmbedReceive().
5. Socket timeouts only apply to DTLS sessions.
2018-05-23 11:29:16 -07:00
a38576146e
* Added support for disabling PEM to DER functionality using `WOLFSSL_PEM_TO_DER`. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests.
...
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
2018-04-09 13:28:15 -07:00
e564c973b6
Refactor IO callback function names to use `_CTX_` to eliminate confusion about the first parameter.
2018-03-21 16:08:55 -07:00
a784142edf
RSA Update
...
1. Added FIPS wrappers for MakeRsaKey(), CheckProbablePrime(), and RsaFlattenPublicKey().
2. Update the API test so that it used appropriate key and message sizes for the RSA testing.
3. Add function to get all parts of a flattened RSA key.
2018-01-10 11:29:01 -08:00
54c663ed49
Added new API `wolfSSL_GetVersion` to get version as wolfSSL value which can be passed into `wolfSSL_SetVersion`. Fixed duplicate `CyaSSL_CTX_use_PrivateKey_buffer` define. Added TLS1.3 to `wolfSSL_SetVersion`.
2017-11-10 11:13:48 -08:00
911b6f95f8
Release v3.12.2 (lib 14.0.0). Updated copywright.
2017-10-22 15:58:35 -07:00
3763b88397
rename the file io.h to wolfio.h
2017-09-20 10:53:11 -06:00
e98a0465ae
tenAsys INtime RTOS port. Porting complete for mutex semaphores, threading, file, socket and RNG. Added projects for libwolfssl and wolfExamples. The wolfExamples project includes examples for wolfCrypt Test/Benchmark and wolfSSL TLS client/server. Provided reference user_settings.h with comments and enable/disable gates. Added README.md with overview and instructions. Fixed issue building master with NO_WOLFSSL_DIR defined. Added check if old TLS is enabled that SHA and MD5 are enabled. Cleanup of the wolfCrypt test use of USE_CERT_BUFFERS with file system enabled.
2017-03-13 09:48:55 -07:00
2ef4525d4d
Changes to bring wolfssl up to date with stunnel 5.40
2017-02-22 11:15:59 -07:00
a2dc01413c
For distro build don't install options.h (conflicts with multi-arch). Fix for BUILD_DISTRO excludes with indent.
2016-11-29 13:29:19 -08:00
9e81261f1e
Fixes
2016-11-11 16:11:16 +10:00
4214f52d77
addition to previous customer request
2016-09-19 16:01:24 -06:00
17a34c5899
Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com.
2016-08-15 13:59:41 -06:00
85a9c55048
fix c89 build on windows
2016-04-06 11:16:40 -06:00
e99a5b0483
prepare for release v3.9.0
2016-03-17 16:02:13 -06:00
2e0d05f727
Fixes issues with new IDE/WIN/user_settings.h and FIPS. Fixed issue with using CYASSL_USER_SETTINGS in ctaocrypt/settings.h with FIPS by moving settings_comp.h to after user_settings.h. Fixed issue with non-existent ctaocrypt/signature.c file being included. Added the user_settings.h file to the FIPS project.
2016-02-08 12:22:20 -08:00
b89354880f
switch pragma once uses, causes warnings on some compilers
2015-12-17 13:19:17 -07:00
f64f326ab3
work on cyassl -> wolfssl compatibility
2015-10-20 15:25:00 -06:00
d2cc582939
fips related macros for configurations using AES direct and DES ECB
2015-10-14 10:51:39 -06:00
d050c10581
add support for curve 25519 and Ed25519 in OpenSSH
...
refactor curve25519 and Ed25519 code
fix warning in PEM_xxx_mem_xxx functions
2015-08-06 08:51:41 -07:00
55677aa5ae
fix BLAKE2b cyassl compat header includes
2015-07-15 11:56:14 -06:00
1d663d3bff
merge conflict
2015-07-01 12:24:11 -07:00
1f8701540d
change SESSION_STATS to PRINT_SESSION_STATS, will add WOLFSSL_SESSION_STATS
2015-04-14 12:35:24 -07:00
7d213011c1
fix fips make dist for misc.c
2015-04-11 08:47:13 -07:00
fe303c97c6
refactor CRL/OCSP lookup for peer cert. add option to allow checking all certs in peer cert chain.
2015-03-23 17:35:56 -07:00
9f2454fc78
Added a noop function wc_FreeRng() for when not using the HashDRBG to keep
...
the calls to InitRng and FreeRng simple and balanced.
2015-03-20 14:19:35 -07:00
33e767a1b4
sniffer should fail a session missing a RSA key
2015-03-16 18:13:51 -07:00
4d62389389
added Certificate Status handshake message to sniffer
2015-03-16 11:19:16 -07:00
db8619cc76
compatibility layer psk updates
2015-02-23 09:45:22 -07:00
55d30ca277
new client-ecc-cert.pem/renewcerts updates/certs relavent name changes
2015-02-02 09:10:07 -07:00
29be69b92b
change CYASSL_DEBUG to DEBUG_CYASSL for compatibility
2015-01-30 09:11:42 -07:00
0e4c008247
add pic32mz header to distribution
2015-01-28 15:30:41 -08:00
14eaa69eae
version git diff fix
2015-01-27 11:42:25 -07:00
466d8a970c
bump version
2015-01-26 14:02:57 -08:00
3393c3a4b4
CYASSL_DEBUG in compatibility layer
2015-01-23 11:06:01 -07:00
859c22f2c2
update to asn compatibility
2015-01-19 21:18:35 -07:00
780d01afc6
tirtos compatibility
2015-01-19 09:07:13 -07:00
03345f1024
catch cyassl_sniffer macro
2015-01-13 13:40:53 -07:00
288d9a039d
legacy defines and updates
2015-01-13 13:27:01 -07:00
7f3184b0ed
header file includes for compatibility and macros added to cyassl/ssl.h
2015-01-12 14:45:21 -07:00
6b1484ef2f
sniffer underscore
2015-01-09 11:33:40 -07:00
d6dcaab89e
sniffer added to compatibility layer
2015-01-09 11:31:31 -07:00
be35f0df47
3.3.3
2015-01-09 10:37:42 -07:00
819a303a79
version update
2015-01-09 10:08:43 -07:00
David Garske