JacobBarthelmeh
fd9f8125e3
Merge pull request #521 from dgarske/improve_inline_misc
...
Change misc.c error to warning when trying to be compiled and inline enabled
2016-08-09 13:09:20 -06:00
toddouska
a8b2ced588
Merge pull request #519 from dgarske/fix_compat_wo_ecc
...
Fix for openssl compatibility without ECC
2016-08-08 13:46:58 -07:00
David Garske
317a7f2662
Change misc.c error to warning and exclude the misc.c code from being compiled. Most people include all .c files and by default inlining is allowed, which in turn causes an #error in misc.c and it must be excluded. Since we know its already been properly included there is no reason to throw error here. Instead, show warning and exclude code in .c file.
2016-08-08 13:13:59 -07:00
David Garske
b0e4acaac1
Fix for openssl compatibility without ECC. Disable "wolf_OBJ_nid2sn", "wolf_OBJ_sn2nid" and "wolf_OBJ_obj2nid" when "OPENSSL_EXTRA" defined and "HAVE_ECC" is not defined.
2016-08-08 10:29:58 -07:00
toddouska
76e8438059
Merge pull request #518 from dgarske/fix_build_w_callbacks
...
Fix build with "WOLFSSL_CALLBACKS" defined.
2016-08-06 10:11:53 -07:00
toddouska
49fb0d56b0
Merge pull request #516 from dgarske/fix_asn_wo_hmac
...
Fix build issue with ASN enabled and no HMAC
2016-08-06 10:07:00 -07:00
toddouska
c8cfe1ffa1
Merge pull request #511 from dgarske/openssl_compat_fixes
...
Various improvements to support openssl compatibility
2016-08-06 09:59:31 -07:00
toddouska
dd03af2cf4
Merge pull request #512 from dgarske/fix_crl_pad
...
Fixed issue with CRL check and zero pad
2016-08-06 09:56:59 -07:00
dgarske
cc462e2c50
Merge pull request #513 from kojo1/Der2Pem
...
Adds "wc_DerToPem" CRL_TYPE support
2016-08-05 14:35:15 -07:00
David Garske
d8c63b8e66
Various improvements to support openssl compatibility.
...
* Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it).
* Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist).
* Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same).
* Added "WOLFSSL*" to HandShakeInfo.
* Allowed "SetName" to be exposed.
* Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code).
2016-08-05 14:15:47 -07:00
David Garske
32b0303beb
Fix build with "WOLFSSL_CALLBACKS" defined.
2016-08-05 14:06:58 -07:00
David Garske
6b1ff8e9d7
Only try and return serial number or check padding if the serial number size is greater than 1.
2016-08-05 12:53:26 -07:00
David Garske
a17bc2a42e
Fix build issue with ASN enabled and no HMAC (missing MAX_DIGEST_SIZE). Switch to using WC_MAX_DIGEST_SIZE from hash.h, which is always available. Added small stack option for digest in MakeSignature. Fixed build error with unused "testVerifyCount" if "NO_ECC_SIGN" or "NO_ECC_VERIFY".
2016-08-05 12:19:30 -07:00
toddouska
eeb506b8c0
Merge pull request #514 from dgarske/fix_arm_cc_warn
...
Fixes for warnings when cross-compiling with GCC ARM.
2016-08-05 10:07:32 -07:00
David Garske
96da2df7ec
Additional max index and serial number size checks in "GetSerialNumber".
2016-08-03 17:04:44 -07:00
David Garske
2c1309ffc7
Fixes for warnings when cross-compiling with GCC ARM.
2016-08-03 16:53:53 -07:00
Takashi Kojo
e01dcb671d
eliminate tail nl
2016-08-03 11:12:10 +09:00
Takashi Kojo
ed4cd2438f
CRL_Type to wc_DerToPem
2016-08-03 10:53:54 +09:00
David Garske
9ddfe93c43
Fixed issue with CRL check and zero pad (the GetRevoked function was not trimming pad). Added new ASN "GetSerialNumber" function and implemented it in three places in asn.c.
2016-08-02 16:47:21 -07:00
toddouska
67d607324a
Merge pull request #509 from JacobBarthelmeh/Release
...
prepare for release 3.9.8
2016-07-28 18:47:39 -07:00
Jacob Barthelmeh
32c0b6d97a
prepare for release 3.9.8
2016-07-28 15:46:45 -06:00
JacobBarthelmeh
dcc0f87ce6
Merge pull request #506 from toddouska/del_point
...
fix remaining non fpecc ecc_del_point w/o heap
2016-07-27 18:54:46 -06:00
dgarske
303561c1a1
Merge pull request #505 from toddouska/timing
...
fix scan-build warning on ecc memory alloc failure
2016-07-27 15:52:01 -07:00
toddouska
a94f34c8e2
fix remaining non fpecc ecc_del_point w/o heap
2016-07-27 14:24:34 -07:00
toddouska
6cd4acbdba
Merge pull request #504 from dgarske/oid_unknown_fix
...
Fix for "OID Check Failed"
2016-07-27 14:16:04 -07:00
toddouska
20c991717f
Merge pull request #503 from JacobBarthelmeh/mysql
...
change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2016-07-27 12:13:47 -07:00
toddouska
7cf0b8fe85
fix scan-build warning on ecc memory alloc failure
2016-07-27 11:20:08 -07:00
David Garske
b0e72dd692
Fix for "OID Check Failed". This restores behavior to what it was prior to commit "7a1acc7". If an OID is not known internally skip the verify and return success and the OID sum.
2016-07-27 10:39:42 -07:00
Jacob Barthelmeh
37b84abe0b
change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2016-07-27 09:36:16 -06:00
toddouska
c834216cca
Merge pull request #501 from ejohnstown/key-usage
...
only check server's cert key encipher on client for RSA key exchange
2016-07-26 15:45:38 -07:00
John Safranek
0265b0f4bb
only check server's cert key encipher on client for RSA key exchange
2016-07-26 13:32:54 -07:00
John Safranek
993838153e
Merge pull request #487 from moisesguimaraes/fix-ocspstapling-getca
...
fixes ocsp signer lookup in the cert manager.
2016-07-26 12:42:47 -07:00
John Safranek
edbec4db20
Merge pull request #500 from dgarske/ocsp2_asn_fix
...
Fix for failing OID check with "ocspstapling2" enabled
2016-07-26 12:41:50 -07:00
toddouska
242d26eba2
Merge pull request #488 from cconlon/sig_algo
...
leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined
2016-07-26 11:05:24 -07:00
David Garske
c80f1805f0
Fix for failing OID check with "ocspstapling2" enabled. Found OID type in "ToTraditional" that should be keyType, not sigType. Added optional OID decode function and optional OID info dump in "GetObjectId" (both off by default).
2016-07-26 10:35:40 -07:00
dgarske
5bb250583e
Merge pull request #499 from toddouska/timing
...
add --enable-harden swtich for timing resistance and blinding, on by …
2016-07-26 10:14:20 -07:00
toddouska
fc6a5c0702
fix mcapi w/o harden
2016-07-26 09:06:46 -07:00
toddouska
a274386693
fix user rsa no error codes?
2016-07-25 19:19:46 -07:00
toddouska
51042e166f
fix mcapi with blinding API addition
2016-07-25 15:57:38 -07:00
toddouska
cd5486a4e6
fix user_rsa with blinding API addition
2016-07-25 15:33:28 -07:00
John Safranek
ea683f493a
Merge pull request #498 from kaleb-himes/cert-updates
...
update certs pre-release: NTRU certs expired in mid june
2016-07-25 15:19:34 -07:00
toddouska
16336e37ec
fix blinding with fips
2016-07-25 13:47:53 -07:00
toddouska
88f847de90
add --enable-harden swtich for timing resistance and blinding, on by default
2016-07-25 13:24:36 -07:00
kaleb-himes
4121667586
update certs pre-release: NTRU certs expired in mid june
2016-07-25 13:05:52 -06:00
toddouska
096e3f9b8b
Merge pull request #496 from JacobBarthelmeh/staticmemory
...
add helper functions for choosing static buffer size
2016-07-21 16:17:34 -07:00
Jacob Barthelmeh
e8f7d78fc4
add helper functions for choosing static buffer size
2016-07-21 12:11:15 -06:00
toddouska
b81e687bf3
Merge pull request #490 from JacobBarthelmeh/master
...
Static Memory Fixes
2016-07-20 20:27:03 -07:00
toddouska
8f2af608a7
Merge pull request #492 from JacobBarthelmeh/staticmemory
...
set heap hint for ctx
2016-07-20 20:25:38 -07:00
dgarske
e920e6cee0
Merge pull request #495 from toddouska/rng-redef
...
fix WC_RNG redeclare
2016-07-20 19:22:08 -07:00
toddouska
2c92fee59f
fix WC_RNG redeclare
2016-07-20 17:18:58 -07:00