- Postal Code
- Street Address
- External Key Usage
- Netscape Certificate Type
- CRL Distribution Points
- Storing full Authority Key Identifier information
- Add new certificates to `certs/test` for testing
- Update WOLFSSL_ASN_TEMPLATE to match new features
* This PR resolves issues with using TLS client authentication (mutual auth) with crypto callbacks. The TLS client auth will not be sent without a private key being set. The solution is to allow setting a public key only if crypto callbacks is enabled and a devId is set.
* Fix to allow using crypto callbacks with TLS mutual authentication where a private key is not available.
* Fix for ED25519 sign when only a private key is loaded.
* Fix to enable crypto callbacks for ED25519 and Curve25519 in TLS by using the _ex init functions.
* Fix for wc_PemToDer return code where a PKCS8 header does not exist.
* Remove duplicate logs in DoCertificateVerify.
* Doxygen API updates: Added crypto callback help and updated use_PrivateKey with info about public key use.
* * Added crypto callback tests for TLS client and server with mutual auth for RSA, ECC and ED25519.
* Enhanced the API unit test TLS code to allow setting CA, cert and key.
* Revert ED25519 changes. Opt to calculate public key directly when required for signing in the TLS crypto callback test. Build configuration fixes.
* Fix to use proper devId in `ProcessBufferTryDecode`.
* Various build fixes due to changes in PR. G++ issue with `missing-field-initializers`. Unused api.c func with DTLS and session export. Duplicate `eccKeyPubFile` def.
* Added crypto callback TLS tests at WOLFSSL object level. Fix for ED25519/ED448 with client mutual auth where the private key is not set till WOLFSSL object. Fix issues with `wolfSSL_CTX_GetDevId` where devId is set on WOLFSSL object. Enable the `_id` API's for crypto callbacks.
* Proper fix for `eccKeyPubFile` name conflict. Was causing RSA test to fail (expected DER, not PEM).
* add DIST_POINT compatibility functions
* switch X509_LU_* from enum to define, prevent compiler type warnings
* refactoring, adding in comments, and formating
* refactoring and a memory leak fix
* cast return value for g++ warning
* refactor wolfSSL_sk_DIST_POINT_pop_free and remove NULL assign after free
* fix get next DIST_POINT node for free function
Co-authored-by: Jacob Barthelmeh <jacob@wolfssl.com>
* Remove NTRU and OQS
* Keep the DTLS serialization format backwards compatible.
* Remove n from mygetopt_long() call.
* Fix over-zealous deletion.
* Resolve problems found by @SparkiDev
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
- `EVP_PKEY_assign_RSA` should store the private key in DER format, not the
public key.
- The last call to `infoCb` in `wolfSSL_BIO_write` should provide the length of
the data to write.
- We should be able to parse RSA public keys starting with BEGIN RSA PUBLIC KEY
and ending with END RSA PUBLIC KEY.
SHAKE-256 is off by default now. Make sure WOLFSSL_SHAKE256 doesn't make
it into options.h.
Fix openssl.test usage of ed25519 certificates.
Add scripts that regenerate certificates
