590 Commits

Author SHA1 Message Date
David Garske
b4673344c0 Adds new wc_ecc_get_curve_params API for getting the ecc_set_type params for a curve index. Fix for example client and server using wrong macro for detecting ECC 256-bit enabled. 2019-08-02 05:50:00 -07:00
toddouska
d620433d1d
Merge pull request from tmael/maintenanceDefects
Increased ciphers buffer size for testsuite and ECC API for getting curve from dp
2019-07-15 16:49:13 -07:00
toddouska
bd40a59f3e
Merge pull request from SparkiDev/server_fuzz
Changes to server example for fuzz testing
2019-07-08 13:16:17 -07:00
David Garske
b2f919ec13 Fix to include errno.h in tls_bench.c 2019-07-01 13:41:17 -07:00
Sean Parkinson
373bbf6660 Changes to server example for fuzz testing 2019-07-01 13:35:33 +10:00
Hideki Miyazaki
efcf06ef7c use tlsv1_2 client method when tls13 is enabled 2019-06-07 19:13:46 +09:00
Hideki Miyazaki
292aa196fb minor fix to print stats in tls_bench 2019-06-07 12:05:19 +09:00
Tesfa Mael
3e7a6054a9 Use the macro instead of sizeof() 2019-05-02 14:13:48 -07:00
toddouska
547c09e1d7
Merge pull request from JacobBarthelmeh/Compatibility-Layer-Part2
JSSE additions
2019-04-24 11:04:05 -07:00
Tesfa Mael
f8c9285b92 Added a WOLFSSL_CIPHER_LIST_MAX_SIZE macro 2019-04-22 16:30:38 -07:00
Jacob Barthelmeh
efc96e40d1 add test cases 2019-04-18 10:41:51 -06:00
David Garske
364bf50a94 Fixed example server to not try and write on failure. 2019-04-11 11:30:41 -07:00
John Safranek
fbfd7a4dea Release Fixes
1. Rearrange the deprecation cryptodev option so it doesn't overwrite the cryptocb option, and so it doesn't break its case in the build-test.
2. Fix the content length in the sample HTTP used by the example server.
3. Disable OCSP stapling in the example server if RSA is disabled.
4. Fix a variable in asn.c that was declared in the middle of its scope.
5. Retag the xmalloc, xrealloc, xfree functions used in the memory test as WOLFSSL_API like all the other allocators, instead of extern.
2019-03-20 11:01:24 -07:00
John Safranek
22b2ae7358 Release Fixes
1. Fix for the enable-afalg option from Jacob Barthelmeh.
2. Client fix for enable-sp+enable-sp-math option from David Garske.
3. Added a couple of typecasts to some mallocs.
4. Modified the option guard for the mask member of Options for the webserver build.
5. Added some more padding to the opaque structures used for SHA_CTX and AES_KEY.
6. Added WOLFSSL_API to the stack logging functions.
2019-03-19 13:55:17 -07:00
John Safranek
246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske
6ff2039b1f
Merge pull request from ejohnstown/config-fixes
Configuration Fixes
2019-03-14 15:21:41 -07:00
David Garske
d19c37de2e Fix for example client arg -4 not working. 2019-03-13 22:59:50 -07:00
John Safranek
27ea9d9bce Configure Fixes
1. The combination enable-all and disable-rsa breaks some of the
testing. Added the NO_RSA guards as appropriate.
2. Disabled the OCSP stapling and CRL tests when RSA is disabled as they
use test certificates with RSA keys.
2019-03-13 17:54:33 -07:00
toddouska
70490a4db6
Merge pull request from ejohnstown/trust-ca
Trusted CA Key Indication Extension
2019-03-12 13:52:27 -07:00
toddouska
554af3dcfa
Merge pull request from JacobBarthelmeh/Testing
path include adjustment, rename internal OBJ function, and client pri…
2019-03-11 16:48:19 -07:00
John Safranek
201c85478e Move the -5 option text into the localization array and add a Japanese translation. 2019-03-11 12:42:13 -07:00
John Safranek
a1ed8e7a67 Fix a fall-through bug in the server options parsing around a new
option.
2019-03-11 12:36:58 -07:00
John Safranek
b7663a940e Trusted CA Key Indication Extension
Added an API for enabling the Trusted CA Key Indication extension from
RFC6066 section 6. If the server doesn't have a match for the client,
the client will abandon the session.
2019-03-11 12:35:12 -07:00
toddouska
6e1b05316d
Merge pull request from ejohnstown/renegotiation-testing
Secure Renegotiation
2019-03-11 12:10:48 -07:00
Jacob Barthelmeh
9c9279817b path include adjustment, rename internal OBJ function, and client print outs added 2019-03-11 09:57:04 -06:00
toddouska
3be4682cda
Merge pull request from dgarske/fixes_nightly
Fixes for minor nightly build errors
2019-03-08 10:15:46 -08:00
David Garske
0e962aa6e5
Merge pull request from jrblixt/feature-WICED6_1-serverChange
examples server HTTP update needed for WICED HTTP parser.
2019-03-06 16:46:36 -08:00
Chris Conlon
d699b65a25
Merge pull request from kojo1/mdk-CMSISv2
MDK CMSIS RTOSv2
2019-03-06 09:36:49 -07:00
jrblixt
222f9f4f47 Adjust count. 2019-03-01 20:04:20 -07:00
David Garske
8569d14cb3 Fixes for minor nightly build errors. Missing wc_ecc_fp_free declaration and "Value stored to 'useSupCurve' is never read". 2019-03-01 16:12:08 -08:00
jrblixt
5f332fa29e review changes. 2019-03-01 14:06:27 -07:00
toddouska
e2e3b835d6
Merge pull request from SparkiDev/tls13_vers
Support FFDHE in TLS 1.2 and below. Better TLS 1.3 version support.
2019-02-27 14:55:29 -08:00
Sean Parkinson
8bb4e23f8d Various improvements for testing
Fix wc_ecc_fp_free() to be called when using HAVE_STACK_SIZE.
Increase size of replyin client.c so all HTTP reply is displayed.
Fix api.c to support only Ed25519 (not RSA and ECC)
Fix suites.c to detect when CA for client won't work (Ed25519 only)
For Static Memory add debugging and small profile.
Also allow realloc to be called with NULL.
Add more Ed25519 certs and keys.
Fix names of Ed25519 filenames for client and server.
Do NOT turn on ECC_SHAMIR by default with lowresource.
Enable WOLFSSL_STATIC_MEMORY_SMALL if low resource and no RSA.
2019-02-22 17:14:19 +10:00
John Safranek
39626bb349 1. Add a newline to the client's "non-blocking socket and renegotiation" notice.
2. Add suite test cases for more renegotiation setting combinations.
2019-02-21 10:06:55 -08:00
Hideki Miyazaki
b68eab6450 fixed to take additioanl option for -? 2019-02-21 13:44:08 +09:00
Sean Parkinson
b4996e35fa Set MAX_PRF_HALF bigger for large FFDHE parameters
Stack size measurement is in a thread - free local fp_cache
2019-02-21 08:09:52 +10:00
John Safranek
f78ba4649b Update the help text so the Japanese translations of the new options are printed. 2019-02-20 11:23:00 -08:00
John Safranek
1f6314746c Secure Renegotiation
1. Split the wolfSSL_Rehandshake() function into wolfSSL_Rehadshake()
which performs a full handshake on secure renegotiation and
wolfSSL_SecureResume() which performs a session resumption on a
secure renegotiation.
2. Add option to example client to perform a secure resumption instead
of a full secure handshake.
2019-02-19 15:50:55 -08:00
Sean Parkinson
7aa5cd6f10 Support FFDHE in TLS 1.2 and below. Better TLS 1.3 version support.
Add support for the fixed FFDHE curves to TLS 1.2. Same curves in TLS
1.3 already. On by default - no checking of prime required.
Add option to require client to see FFDHE parameters from server as per
'may' requirements in RFC 7919.

Change TLS 1.3 ClientHello and ServerHello parsing to find the
SupportedVersions extension first and process it. Then it can handle
other extensions knowing which protocol we are using.
2019-02-18 14:51:59 +10:00
jrblixt
6c3ed46542 examples server HTTP update. 2019-02-15 15:45:30 -07:00
David Garske
e0b46734d6 Enhnacement to the tls_bench tool to support new -S command to indicate total size of data to exchange. Previously was just sending one packet back and forth. Imporved the shutdown handling code. 2019-02-12 16:03:10 -08:00
Takashi Kojo
f8ff68ca7a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2019-02-03 16:19:59 +09:00
toddouska
66987b4f2a
Merge pull request from SparkiDev/tls13_earlydata_bench
Added EarlyData support to benchmark loop
2019-01-25 14:31:54 -08:00
Sean Parkinson
0fe7591b0f Added EarlyData support to benchmark loop 2019-01-24 18:10:56 +10:00
John Safranek
cc3c2ef683 DTLS Nonblocking Updates
Add command line option to the example server to fake a write block on a
specified DTLS sequence number in epoch 0.
2019-01-18 09:15:11 -08:00
John Safranek
8356c3d7e2 DTLS Nonblocking Updates
1. Add a second select for tx.
2. Revised tcp_select to work for either rx or tx.
3. Updated client and server to use new tcp_select_tx() for checking the
tx socket if the nonblocking connect/accept would block on transmit.
2019-01-18 09:15:11 -08:00
John Safranek
8edd7d0b17 Fix Checks
1. In the tls_bench, check the return code on wolfSSL_CTX_SetMinDhKey_Sz() as it is checked in the examples.
2019-01-17 10:32:34 -08:00
John Safranek
f6240e5558 Fix Checks
1. In the client, check the return code on wolfSSL_CTX_SetMinDhKey_Sz() as it is checked in the server. (Resolves issue #2037.)
2. In HashOutput(), check that the hsHashes exists for the session before hashing. (Resolves issue #2038.)
2019-01-17 09:52:00 -08:00
toddouska
d7ecdf110e
Merge pull request from dgarske/tls_bench
Enhancements to the TLS benchmark tool
2019-01-16 10:30:55 -08:00
Jacob Barthelmeh
6ac384793f memory management with OCSP requests 2019-01-14 09:49:50 -07:00