toddouska
|
78ca9e7716
|
Merge pull request #482 from dgarske/async
Asynchronous wolfCrypt RSA and TLS client support
|
2016-08-25 10:06:18 -07:00 |
Chris Conlon
|
91ccf1bd86
|
do not enable ARC4 or sniffer in distro build
|
2016-08-22 15:33:45 -06:00 |
Chris Conlon
|
1a94c0bbdd
|
add distro build option
|
2016-08-22 10:00:37 -06:00 |
David Garske
|
17a34c5899
|
Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com.
|
2016-08-15 13:59:41 -06:00 |
Jacob Barthelmeh
|
32c0b6d97a
|
prepare for release 3.9.8
|
2016-07-28 15:46:45 -06:00 |
toddouska
|
88f847de90
|
add --enable-harden swtich for timing resistance and blinding, on by default
|
2016-07-25 13:24:36 -07:00 |
David Garske
|
aa1a405dd1
|
Fixes for compressed keys. Fix to fast math "mp_cnt_lsb" to return proper value, which fixes "mp_jacobi", which fixes "mp_sqrtmod_prime", which fixes compressed keys for 224-bit key. Removed workarounds for compressed keys. Added new configure option "--enable-compkey". Fixed issue with normal math and custom curves where "t2" could be free'd and used. Fixed issue with mp_dump in integer.c, with not allocating correctly sized buffer for toradix.
|
2016-06-21 14:06:02 -07:00 |
toddouska
|
f4473edfb1
|
bump dev version
|
2016-06-20 16:20:18 -07:00 |
David Garske
|
d55663eaee
|
Added ECC API's for using custom curves that are not in the "ecc_sets" list. Added wolfCrypt test to validate/demonstrate custom curve using BRAINPOOL256R1. Exposed "wc_ecc_make_key_ex" and added "wc_ecc_import_x963_ex" / "wc_ecc_import_raw_ex" API's that accept "const ecc_set_type*" for custom curve. Internally use "ECC_CUSTOM_IDX" (-1) to define custom curve is used. Added "--enable-ecccustcurves" option to configure.ac.
|
2016-06-16 10:09:41 -07:00 |
Jacob Barthelmeh
|
03de8e3464
|
prepare for version 3.9.6
|
2016-06-14 14:35:12 -06:00 |
toddouska
|
a156cedabc
|
Merge pull request #435 from JacobBarthelmeh/staticmemory
Staticmemory
|
2016-06-10 17:03:49 -07:00 |
David Garske
|
b3068ffef5
|
Added new public "wc_GetTime" API for getting seconds from the asn.c XTIME. Added new "./configure --enable-base64encode" to enable Base64 encoding (now enabled by default for "x86_64").
|
2016-06-09 16:26:39 -07:00 |
Jacob Barthelmeh
|
8be5409bc5
|
static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint
|
2016-06-09 11:36:31 -06:00 |
Jacob Barthelmeh
|
2feee8856e
|
revise static memory and update heap hint
|
2016-06-04 19:03:48 -06:00 |
Jacob Barthelmeh
|
104ff12e76
|
add staticmemory feature
|
2016-06-04 19:01:23 -06:00 |
John Safranek
|
c0cbc97b06
|
add AES-CMAC
|
2016-05-23 17:50:36 -07:00 |
toddouska
|
b8c0802e3c
|
Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore
Dtls multi core
|
2016-05-17 17:39:18 -07:00 |
Jacob Barthelmeh
|
8c45cb1938
|
add DTLS session export option
|
2016-05-10 13:27:45 -06:00 |
David Garske
|
fe58db2a07
|
Fixed typo with new "eccshamir" configure option.
|
2016-05-09 09:51:11 -07:00 |
David Garske
|
9f0fa7500f
|
Added configure "--disable-eccshamir" option.
|
2016-05-09 09:51:11 -07:00 |
Chris Conlon
|
8f3e1165a1
|
add Whitewood netRandom client library support
|
2016-05-05 15:31:25 -06:00 |
kaleb-himes
|
3e19316f8a
|
update version to 3.9.1
|
2016-05-04 16:45:51 -06:00 |
toddouska
|
0dbdc8eab0
|
Merge pull request #372 from dgarske/mingwfixes
MinGW fixes
|
2016-04-18 12:50:13 -07:00 |
Jacob Barthelmeh
|
09e4e13958
|
update comment about MinGW
|
2016-04-18 12:14:47 -06:00 |
Jacob Barthelmeh
|
e15aca4189
|
static and shared library with MinGW
|
2016-04-15 16:04:15 -06:00 |
David Garske
|
993972162e
|
MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used.
|
2016-04-08 11:48:14 -06:00 |
Jacob Barthelmeh
|
5b4f17545b
|
autoconf checks on some builds that break, macro for no server, and user rsa
|
2016-04-06 15:36:50 -06:00 |
toddouska
|
63b1282e67
|
Merge pull request #335 from dgarske/asynccrypt
Asynchronous crypto and wolf event support
|
2016-03-30 20:12:41 -07:00 |
David Garske
|
4472152b18
|
Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files.
|
2016-03-30 15:15:38 -07:00 |
Jacob Barthelmeh
|
e99a5b0483
|
prepare for release v3.9.0
|
2016-03-17 16:02:13 -06:00 |
David Garske
|
e1787fe160
|
Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo.
|
2016-03-17 13:31:03 -07:00 |
Jacob Barthelmeh
|
db758dc98b
|
update test script, fall back to cert name search, fix der free
|
2016-03-12 09:37:32 -07:00 |
Jacob Barthelmeh
|
060e278559
|
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs
|
2016-03-11 23:48:39 -07:00 |
David Garske
|
0ed26ad262
|
Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option.
|
2016-03-08 08:35:28 -08:00 |
David Garske
|
2891939098
|
Remove NO_CERT and NO_CODING. Enable building of the client with leantls.
|
2016-03-08 08:35:28 -08:00 |
David Garske
|
8e8ee45828
|
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
|
2016-03-08 08:35:28 -08:00 |
Jacob Barthelmeh
|
d969e2ba11
|
automated test for trusted peer certs
|
2016-03-02 11:42:00 -07:00 |
Moisés Guimarães
|
fb9697bda6
|
adds check for missing rsa and ecc at the same time
|
2016-02-24 18:57:16 -03:00 |
Moisés Guimarães
|
1824a494d1
|
adds missing ENABLED_OCSP test
|
2016-02-24 16:45:07 -03:00 |
Moisés Guimarães
|
143b9fda1b
|
adds build dependency check for OCSP
|
2016-02-23 15:19:04 -03:00 |
Moisés Guimarães
|
a92d2d582f
|
Revert "fixes ocsp dependency check on asn during configure."
This reverts commit 46ade8f03f .
|
2016-02-23 14:13:52 -03:00 |
Moisés Guimarães
|
46ade8f03f
|
fixes ocsp dependency check on asn during configure.
|
2016-02-21 20:54:45 -03:00 |
toddouska
|
3d8f91d418
|
Merge pull request #302 from dgarske/EccOnlyNoSignVerify
New ECC and ASN build options for reduce build size options
|
2016-02-15 12:13:43 -08:00 |
Jacob Barthelmeh
|
1197f88c4f
|
add psk.test script for testing
|
2016-02-11 09:15:04 -07:00 |
David Garske
|
a83ff6aada
|
Updated the configure.ac comments about big int being used for ECC and DH. Moved the checks for ecc/asn and psk/asn until after cryptonly value is set and fixed so those checks work for normal build and are excluded for crypt only builds.
|
2016-02-10 13:03:53 -08:00 |
David Garske
|
8d0d5a3f90
|
Fixes so ECC only build works. Fixes so ECC enabled with ASN disabled works and will prevent ECC sign/verify.
|
2016-02-10 08:53:09 -08:00 |
David Garske
|
be4c400d16
|
Fixes for disabling the crypt test and benchmark. Added new "./configure --disable-crypttests" option. Also made sure use of both NO_CRYPT_BENCHMARK and NO_CRYPT_TEST in "./configure CFLAGS=-D" scenario work correctly.
|
2016-02-04 12:06:24 -08:00 |
toddouska
|
ee512cac4a
|
bump dev version
|
2016-01-25 13:12:45 -08:00 |
Moisés Guimarães
|
1bef0ba455
|
cosmetic changes to OCSP Stapling options.
|
2015-12-30 17:10:25 -03:00 |
Jacob Barthelmeh
|
5040820f98
|
prepare for 3.8.0 release
|
2015-12-30 12:09:31 -07:00 |