mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,883 Commits 5 Branches 160 Tags 771 MiB
Commit Graph

5883 Commits

Author SHA1 Message Date
jrblixt fdb371e82e Changes per Chris. 2017-07-17 10:43:36 -06:00
jrblixt 00724c95a9 Add RSA to unit test. 2017-07-11 09:57:33 -06:00
Chris Conlon f8c0a52170 Merge pull request #996 from jrblixt/unitTest_api_addAes-PR06152017 
Unit test api add AES.
 2017-07-11 08:36:13 -07:00
dgarske f9c949e7e5 Merge pull request #871 from danielinux/rm-wolfssl.pc 
Remove automatically generated file wolfssl.pc
 2017-07-10 14:16:48 -07:00
toddouska b6854d620f Merge pull request #1009 from dgarske/fix_tls13_async_aes 
Fix problem with async TLS 1.3 and raw AES encryption key change
 2017-07-06 15:39:22 -07:00
toddouska 626eeaa63d Merge pull request #1005 from SparkiDev/nginx-1.13.2 
Changes for Nginx
 2017-07-06 14:33:46 -07:00
jrblixt ced45ced41 Changes requested by Chris. 2017-07-06 13:42:54 -06:00
Sean Parkinson 31ac379c4f Code review fixes 
Change verify depth and set curve to be compiled in whe using:
OPENSSL_EXTRA
Fix comparison of curve name strings to use ecc function.
Fix verify depth check when compiling with both OPENSSL_EXTRA and
WOLFSSL_TRUST_PEER_CERT.
 2017-07-06 15:32:34 +10:00
toddouska 4b9069f786 Merge pull request #1008 from dgarske/fix_async_frag 
Fixes for using async with max fragment
 2017-07-05 11:00:26 -07:00
toddouska e767d40656 Merge pull request #1006 from cconlon/mqx 
Update MQX Classic, mmCAU Ports
 2017-07-05 10:30:20 -07:00
David Garske df119692d1 Fixes for using async with `HAVE_MAX_FRAGMENT` or `--enable-maxfragment` which affected TLS 1.2/1.3. Added TLS 1.2 test for using max fragment. 2017-07-03 19:57:37 -07:00
Sean Parkinson 5bddb2e4ef Changes for Nginx 
Support TLS v1.3 clients connecting to Nginx.
Fix for PSS to not advertise hash unless the signature fits the private
key size.
Allow curves to be chosen by user.
Support maximum verification depth (maximum number of untrusted certs in
chain.)
Add support for SSL_is_server() API.
Fix number of certificates in chain when using
wolfSSL_CTX_add_extra_chain_cert().
Allow TLS v1.2 client hello parsing to call TLS v1.3 parsing when
SupportedVersions extension seen.
Minor fixes.
 2017-07-04 09:37:44 +10:00
toddouska 2939fbe242 Merge pull request #1004 from dgarske/fix_qat_dh 
Fixes for QAT with DH and HMAC
 2017-07-03 12:31:48 -07:00
David Garske c9a2c4ef02 Fix problem with async TLS 1.3 with hardware where encryption key is referenced into ssl->keys and changes before it should be used. Solution is to make raw copy of key and IV for async AES. 2017-06-30 16:41:01 -07:00
David Garske 6a695b76cb Fixed server side case for DH agree issue with QAT hardware where agreeSz is not set. Fix to allow QAT start failure to continue (this is useful since only one process can use hardware with default QAT configuration). 2017-06-30 11:48:59 -07:00
David Garske a025417877 Fix issue with QAT and DH operations where key size is larger than block size. Fix issue with DhAgree in TLS not setting agreeSz, which caused result to not be returned. Renamed the internal.c HashType to HashAlgoToType static function because of name conflict with Cavium. Optimize the Hmac struct to replace keyRaw with ipad. Enable RNG HW for benchmark. Fixed missing AES free in AES 192/256 tests. 2017-06-30 11:35:51 -07:00
JacobBarthelmeh a3375ef961 Merge pull request #997 from NickolasLapp/master 
Updates to Linux-SGX README, and disable automatic include of
 2017-06-30 11:48:12 -06:00
dgarske d956181911 Merge pull request #1003 from jrblixt/asn_cMemLeak-fix 
Fix possible memory leak in wc_SetKeyUsage.
 2017-06-29 15:28:53 -07:00
jrblixt baf6bdd6e1 asn.c memory leak fix. 2017-06-29 14:55:19 -06:00
toddouska 31e1d469c0 Merge pull request #1002 from SparkiDev/tls13_imprv 
Improvements to TLS v1.3 code
 2017-06-29 09:21:20 -07:00
Chris Conlon bba914f92e protect wolfSSL_BN_print_fp with NO_STDIO_FILESYSTEM 2017-06-29 08:52:45 -06:00
Sean Parkinson d2ce95955d Improvements to TLS v1.3 code 
Reset list of supported sig algorithms before sending certificate
request on server.
Refactored setting of ticket for both TLS13 and earlier.
Remember the type of key for deciding which sig alg to use with TLS13
CertificateVerify.
RSA PKCS #1.5 not allowed in TLS13 for CertificateVerify.
Remove all remaining DTLS code as spec barely started.
Turn off SHA512 code where decision based on cipher suite hash.
Fix fragment handling to work with encrypted messages.
Test public APIS.
 2017-06-29 09:00:44 +10:00
Chris Conlon c099137450 add classic Kinetis mmCAU support, FREESCALE_USE_MMCAU_CLASSIC 2017-06-28 16:32:35 -06:00
Chris Conlon 15a1c9d48e fixes for MQX classic with Codewarrior 2017-06-28 12:28:40 -06:00
Chris Conlon a89e50b7b7 include settings.h in wc_port.h to pick up user_settings.h 2017-06-28 12:25:44 -06:00
toddouska c748d9dae9 Merge pull request #998 from dgarske/fix_no_server_or_client 
Fix build with either `NO_WOLFSSL_SERVER` or `NO_WOLFSSL_CLIENT` defined
 2017-06-28 10:30:08 -07:00
toddouska b29cd414ef Merge pull request #995 from SparkiDev/tls13_cookie 
Add TLS v1.3 Cookie extension support
 2017-06-28 10:12:49 -07:00
David Garske 47cc3ffdbc Fix build with either `NO_WOLFSSL_SERVER` or `NO_WOLFSSL_CLIENT` defined. 2017-06-26 23:05:32 -07:00
Sean Parkinson 7aee92110b Code review fixes 
Also put in configuration option for sending HRR Cookie extension with
state.
 2017-06-27 08:52:53 +10:00
Sean Parkinson 9ca1903ac5 Change define name for sending HRR Cookie 2017-06-27 08:37:55 +10:00
Nickolas Lapp d4e104231c Updates to Linux-SGX README, and disable automatic include of 
benchmark/wolfcrypt tests in static library compile
 2017-06-26 14:55:13 -07:00
jrblixt a3b21f0394 Aes unit test functions. 2017-06-26 15:16:51 -06:00
Sean Parkinson 8bd6a1e727 Add TLS v1.3 Cookie extension support 
Experimental stateless cookie
 2017-06-26 16:41:05 +10:00
JacobBarthelmeh 3bdf8b3cfd remove fcntl.h include when custom generate seed macro is defined (#994) 2017-06-23 14:03:07 -07:00
Kincade Pavich fbc4123ec0 Added `-x` option to allow example server to continue running when errors occur. 2017-06-22 21:19:59 -07:00
toddouska 8ef556c2a0 Merge pull request #991 from JacobBarthelmeh/Testing 
update .am files for make dist
 2017-06-22 15:02:12 -07:00
Jacob Barthelmeh b0f87fdcf7 update .am files for make dist 2017-06-22 14:14:45 -06:00
toddouska 72da8a9a07 Merge pull request #731 from moisesguimaraes/fixes-ocsp-responder 
adds OCSP Responder extKeyUsage validation
 2017-06-22 11:43:51 -07:00
toddouska d017274bff Merge pull request #976 from levi-wolfssl/PemToDer-overflow-fix 
Fix potential buffer over-read in PemToDer()
 2017-06-22 10:07:11 -07:00
David Garske 3a4edf75bd Rename the option to disable the new issuer sign check to ‘WOLFSSL_NO_OCSP_ISSUER_CHECK`. 2017-06-22 09:56:43 -07:00
dgarske 06fa3de31c Merge pull request #980 from SparkiDev/tls13_0rtt 
TLS v1.3 0-RTT
 2017-06-22 09:44:41 -07:00
Chris Conlon ccb8e8c976 Merge pull request #988 from jrblixt/unitTest_api_addArc4-PR06212017 
Add Arc4 to unit test.
 2017-06-22 09:15:28 -06:00
Sean Parkinson 207b275d24 Fix HelloRetryRequest for Draft 18 2017-06-22 14:40:09 +10:00
Sean Parkinson 08a0b98f52 Updates from code review 2017-06-22 12:40:41 +10:00
Levi Rak a37808b32c Sanity checkes added 2017-06-21 17:14:20 -06:00
jrblixt 1aee054902 Add Arc4 to unit test. 2017-06-21 17:03:27 -06:00
David Garske a3578c6643 Adds `WOLFSSL_NO_OCSP_EXTKEYUSE_OCSP_SIGN` option to provide backwards compatibility option for OCSP checking. 2017-06-21 14:12:12 -07:00
David Garske 7a3769f435 Fix wolfCrypt errors test to allow -178. 2017-06-21 14:12:12 -07:00
Moisés Guimarães 4bb17205fe adds new ocsp test 2017-06-21 14:12:12 -07:00
Moisés Guimarães a9d5dcae58 updates ocsp tests; adds check for OCSP response signed by issuer. 2017-06-21 14:12:12 -07:00