mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,568 Commits 5 Branches 160 Tags 772 MiB
Commit Graph

455 Commits

Author SHA1 Message Date
toddouska 78ca9e7716 Merge pull request #482 from dgarske/async 
Asynchronous wolfCrypt RSA and TLS client support
 2016-08-25 10:06:18 -07:00
Chris Conlon 91ccf1bd86 do not enable ARC4 or sniffer in distro build 2016-08-22 15:33:45 -06:00
Chris Conlon 1a94c0bbdd add distro build option 2016-08-22 10:00:37 -06:00
David Garske 17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
Jacob Barthelmeh 32c0b6d97a prepare for release 3.9.8 2016-07-28 15:46:45 -06:00
toddouska 88f847de90 add --enable-harden swtich for timing resistance and blinding, on by default 2016-07-25 13:24:36 -07:00
David Garske aa1a405dd1 Fixes for compressed keys. Fix to fast math "mp_cnt_lsb" to return proper value, which fixes "mp_jacobi", which fixes "mp_sqrtmod_prime", which fixes compressed keys for 224-bit key. Removed workarounds for compressed keys. Added new configure option "--enable-compkey". Fixed issue with normal math and custom curves where "t2" could be free'd and used. Fixed issue with mp_dump in integer.c, with not allocating correctly sized buffer for toradix. 2016-06-21 14:06:02 -07:00
toddouska f4473edfb1 bump dev version 2016-06-20 16:20:18 -07:00
David Garske d55663eaee Added ECC API's for using custom curves that are not in the "ecc_sets" list. Added wolfCrypt test to validate/demonstrate custom curve using BRAINPOOL256R1. Exposed "wc_ecc_make_key_ex" and added "wc_ecc_import_x963_ex" / "wc_ecc_import_raw_ex" API's that accept "const ecc_set_type*" for custom curve. Internally use "ECC_CUSTOM_IDX" (-1) to define custom curve is used. Added "--enable-ecccustcurves" option to configure.ac. 2016-06-16 10:09:41 -07:00
Jacob Barthelmeh 03de8e3464 prepare for version 3.9.6 2016-06-14 14:35:12 -06:00
toddouska a156cedabc Merge pull request #435 from JacobBarthelmeh/staticmemory 
Staticmemory
 2016-06-10 17:03:49 -07:00
David Garske b3068ffef5 Added new public "wc_GetTime" API for getting seconds from the asn.c XTIME. Added new "./configure --enable-base64encode" to enable Base64 encoding (now enabled by default for "x86_64"). 2016-06-09 16:26:39 -07:00
Jacob Barthelmeh 8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh 2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh 104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
John Safranek c0cbc97b06 add AES-CMAC 2016-05-23 17:50:36 -07:00
toddouska b8c0802e3c Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore 
Dtls multi core
 2016-05-17 17:39:18 -07:00
Jacob Barthelmeh 8c45cb1938 add DTLS session export option 2016-05-10 13:27:45 -06:00
David Garske fe58db2a07 Fixed typo with new "eccshamir" configure option. 2016-05-09 09:51:11 -07:00
David Garske 9f0fa7500f Added configure "--disable-eccshamir" option. 2016-05-09 09:51:11 -07:00
Chris Conlon 8f3e1165a1 add Whitewood netRandom client library support 2016-05-05 15:31:25 -06:00
kaleb-himes 3e19316f8a update version to 3.9.1 2016-05-04 16:45:51 -06:00
toddouska 0dbdc8eab0 Merge pull request #372 from dgarske/mingwfixes 
MinGW fixes
 2016-04-18 12:50:13 -07:00
Jacob Barthelmeh 09e4e13958 update comment about MinGW 2016-04-18 12:14:47 -06:00
Jacob Barthelmeh e15aca4189 static and shared library with MinGW 2016-04-15 16:04:15 -06:00
David Garske 993972162e MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used. 2016-04-08 11:48:14 -06:00
Jacob Barthelmeh 5b4f17545b autoconf checks on some builds that break, macro for no server, and user rsa 2016-04-06 15:36:50 -06:00
toddouska 63b1282e67 Merge pull request #335 from dgarske/asynccrypt 
Asynchronous crypto and wolf event support
 2016-03-30 20:12:41 -07:00
David Garske 4472152b18 Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files. 2016-03-30 15:15:38 -07:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske e1787fe160 Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo. 2016-03-17 13:31:03 -07:00
Jacob Barthelmeh db758dc98b update test script, fall back to cert name search, fix der free 2016-03-12 09:37:32 -07:00
Jacob Barthelmeh 060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00
David Garske 0ed26ad262 Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option. 2016-03-08 08:35:28 -08:00
David Garske 2891939098 Remove NO_CERT and NO_CODING. Enable building of the client with leantls. 2016-03-08 08:35:28 -08:00
David Garske 8e8ee45828 LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System). 2016-03-08 08:35:28 -08:00
Jacob Barthelmeh d969e2ba11 automated test for trusted peer certs 2016-03-02 11:42:00 -07:00
Moisés Guimarães fb9697bda6 adds check for missing rsa and ecc at the same time 2016-02-24 18:57:16 -03:00
Moisés Guimarães 1824a494d1 adds missing ENABLED_OCSP test 2016-02-24 16:45:07 -03:00
Moisés Guimarães 143b9fda1b adds build dependency check for OCSP 2016-02-23 15:19:04 -03:00
Moisés Guimarães a92d2d582f Revert "fixes ocsp dependency check on asn during configure." 
This reverts commit 46ade8f03f.
 2016-02-23 14:13:52 -03:00
Moisés Guimarães 46ade8f03f fixes ocsp dependency check on asn during configure. 2016-02-21 20:54:45 -03:00
toddouska 3d8f91d418 Merge pull request #302 from dgarske/EccOnlyNoSignVerify 
New ECC and ASN build options for reduce build size options
 2016-02-15 12:13:43 -08:00
Jacob Barthelmeh 1197f88c4f add psk.test script for testing 2016-02-11 09:15:04 -07:00
David Garske a83ff6aada Updated the configure.ac comments about big int being used for ECC and DH. Moved the checks for ecc/asn and psk/asn until after cryptonly value is set and fixed so those checks work for normal build and are excluded for crypt only builds. 2016-02-10 13:03:53 -08:00
David Garske 8d0d5a3f90 Fixes so ECC only build works. Fixes so ECC enabled with ASN disabled works and will prevent ECC sign/verify. 2016-02-10 08:53:09 -08:00
David Garske be4c400d16 Fixes for disabling the crypt test and benchmark. Added new "./configure --disable-crypttests" option. Also made sure use of both NO_CRYPT_BENCHMARK and NO_CRYPT_TEST in "./configure CFLAGS=-D" scenario work correctly. 2016-02-04 12:06:24 -08:00
toddouska ee512cac4a bump dev version 2016-01-25 13:12:45 -08:00
Moisés Guimarães 1bef0ba455 cosmetic changes to OCSP Stapling options. 2015-12-30 17:10:25 -03:00
Jacob Barthelmeh 5040820f98 prepare for 3.8.0 release 2015-12-30 12:09:31 -07:00