mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,742 Commits 5 Branches 162 Tags
Commit Graph

615 Commits

Author SHA1 Message Date
David Garske
628f740363 Added support for inline CRL lookup when HAVE_CRL_IO is defined (shares code with OCSP lookup in io.c). Added http chunk transfer encoding support. Added default connection timeout value (DEFAULT_TIMEOUT_SEC) and new wolfIO_SetTimeout() API with HAVE_IO_TIMEOUT. Added generic wolfIO_ API’s for connect, select, non-blocking, read and write. Added new define USE_WOLFSSL_IO to enable access to new wolfIO_* socket wrappers even when WOLFSSL_USER_IO is defined. Moved all API declarations for io.c into new io.h header. Added HAVE_HTTP_CLIENT to expose HTTP API’s. Moved SOCKET_T and SOCKET_ defines into io.h. Added WOLFIO_DEBUG define to display request/responses. 2017-03-15 12:26:18 -07:00
Sean Parkinson
003e18ecbc Fixes for scan-build 2017-03-15 09:38:53 +10:00
Sean Parkinson
e6434f380b Get Nginx working with wolfSSL 2017-03-01 08:38:54 +10:00
David Garske
01f4a7b5bd Added code to automatically populate supported ECC curve information, unless already provided by user via wolfSSL_CTX_UseSupportedCurve or wolfSSL_UseSupportedCurve. 2017-01-18 11:54:43 -08:00
Sean Parkinson
ba1315a499 Fixes from failure testing 2017-01-12 16:22:35 +10:00
Jacob Barthelmeh
091fc10147 adjust read ahead, some sanity checks and rebase 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh
aabe456592 sanity checks, remove some magic numbers, TLS read ahead 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh
ff05c8a7a5 expanding compatibility layer 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh
79472e11a1 add bio.c to dist and implement wolfSSL_check_private_key , wolfSSL_get_server_random 2016-12-28 14:44:05 -07:00
Jacob Barthelmeh
f2f52c3ec9 add more compatiblity functions 2016-12-28 14:44:05 -07:00
David Garske
650ddb8d23 Fixes so make check works with NO_FILESYSTEM and FORCE_BUFFER_TEST. Example: ./configure CFLAGS="-DNO_FILESYSTEM -DFORCE_BUFFER_TEST" 2016-11-30 16:27:24 -08:00
David Garske
039aedcfba Added "wolfSSL_use_certificate_chain_buffer_format". Added "wolfSSL_SESSION_CIPHER_get_name" to get cipher suite name using WOLFSSL_SESSION*. Moved the "wolfSSL_get_cipher_name_from_suite" function to internal.c. Added new server-cert-chain.der, which is combination of ca-cert.der and server-cert.der. Enhanced load_buffer to detect format using file extension. Can test use of DER cert chain with NO_FILESYSTEM defined using "./examples/server/server -c ./certs/server-cert-chain.der -k ./certs/server-key.der". 2016-11-30 16:26:02 -08:00
Jacob Barthelmeh
f7a951709f COMPAT. LAYER : get SSL client random bytes 2016-11-07 13:21:35 -07:00
toddouska
87e3f45f52 add SCR client and server verify data check 2016-11-03 14:45:24 -07:00
toddouska
f191cf206e allow single threaded mode to share an RNG at WOLFSSL_CTX level 2016-09-16 13:35:29 -07:00
John Safranek
b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon
0f0e0ca9a5 add extended master to example client 2016-09-01 15:17:46 -06:00
toddouska
092916c253 Merge pull request #536 from ejohnstown/dtls-sctp 
DTLS over SCTP
 2016-08-30 13:09:40 -07:00
David Garske
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
John Safranek
05a35a8332 fix scan-build warning on the simple SCTP example server 2016-08-26 20:33:05 -07:00
John Safranek
aed68e1c69 1. Needed to tell the client to use sctp. 
2. Creating the example sockets needed the IPPROTO type.
 2016-08-26 19:58:36 -07:00
John Safranek
46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
John Safranek
6d5df3928f SCTP-DTLS examples 
1. Added the set SCTP mode command to client and server.
2. Added a 4K buffer test case.
 2016-08-26 19:58:36 -07:00
John Safranek
52e2f1a7ab typecasts to clear static analysis warnings on SCTP examples 2016-08-26 19:58:36 -07:00
John Safranek
b7a35eabd2 Add simple SCTP example tools 2016-08-26 19:40:50 -07:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
David Garske
32b0303beb Fix build with "WOLFSSL_CALLBACKS" defined. 2016-08-05 14:06:58 -07:00
Jacob Barthelmeh
e8f7d78fc4 add helper functions for choosing static buffer size 2016-07-21 12:11:15 -06:00
David Garske
5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska
ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Jacob Barthelmeh
49934a5c91 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-24 14:22:14 -06:00
Jacob Barthelmeh
0b91e000bb fix secure renegotiation build 2016-06-23 13:10:39 -06:00
Jacob Barthelmeh
f6bbe845f5 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-22 09:14:53 -06:00
toddouska
a859cf189d Merge pull request #443 from ejohnstown/new-ccm-suite 
Add cipher suite ECDHE-ECDSA-AES128-CCM
 2016-06-20 15:34:55 -07:00
Jacob Barthelmeh
ea71814518 Merge https://github.com/wolfSSL/wolfssl 2016-06-17 13:58:53 -06:00
Chris Conlon
a7c7407406 fix windows example echoserver 2016-06-16 16:39:18 -06:00
John Safranek
2f9c9b9a22 Add cipher suite ECDHE-ECDSA-AES128-CCM 
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
   against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.

Tested against GnuTLS's client and server using the options:

    $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
    $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"

To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
 2016-06-13 14:39:41 -07:00
Jacob Barthelmeh
3d3591a227 typdef gaurd / error out on bad mutex init / handle no maxHa or maxIO set 2016-06-10 14:13:27 -06:00
Jacob Barthelmeh
ea3d1f8e17 extended method function 2016-06-09 23:41:51 -06:00
Jacob Barthelmeh
8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh
e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh
2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh
104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
Ludovic FLAMENT
ed4f67058a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2016-05-20 21:51:13 +02:00
toddouska
b8c0802e3c Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore 
Dtls multi core
 2016-05-17 17:39:18 -07:00
Jacob Barthelmeh
8c45cb1938 add DTLS session export option 2016-05-10 13:27:45 -06:00
Chris Conlon
8f3e1165a1 add Whitewood netRandom client library support 2016-05-05 15:31:25 -06:00
Chris Conlon
4b16600011 fix type comparison on 32bit for starttls, zero tmp buffer 2016-05-03 13:52:04 -06:00
John Safranek
f9ab61db5d Merge pull request #402 from cconlon/starttls 
use send/recv instead of write/read with STARTTLS
 2016-05-02 17:19:50 -07:00
Chris Conlon
a94383037c use send/recv instead of write/read with STARTTLS for winsock compatibility 2016-05-02 14:36:59 -06:00