feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
14,844 Commits 28 Branches 172 Tags
162f14aaf9a43d2ab1b69f64a8b7244885f039b3
Commit Graph

1580 Commits

Author SHA1 Message Date
Juliusz Sosinowicz
162f14aaf9 Implement DH_set_length. 2021-08-18 13:24:51 +02:00
Juliusz Sosinowicz
d4391bd997 Parse distinguished names in DoCertificateRequest 
The CA names sent by the server are now being parsed in `DoCertificateRequest` and are saved on a stack in `ssl->ca_names`.
 2021-08-14 00:24:08 +02:00
Juliusz Sosinowicz
647e007eea Implement wolfSSL_set_client_CA_list and add 'HIGH' cipher suite 2021-08-14 00:24:08 +02:00
elms
b2380069f0 Merge pull request #4261 from dgarske/rsa_der_pub 2021-08-13 13:36:01 -07:00
Chris Conlon
ca06694bfb Merge pull request #4282 from miyazakh/SSL_CIPHER_xx 
Add SSL_CIPHER_get_xxx_nid support
 2021-08-13 13:48:31 -06:00
Chris Conlon
5235b7d1e6 Merge pull request #4291 from miyazakh/PARAM_set1_ip 
Add X509_VERIFY_PARAM_set1_ip support
 2021-08-13 13:45:33 -06:00
David Garske
ec4e336866 Merge pull request #4299 from haydenroche5/evp_pkey_dec_enc_improvements 
Make improvements to wolfSSL_EVP_PKEY_encrypt and wolfSSL_EVP_PKEY_decrypt.
 2021-08-13 08:10:20 -07:00
Hayden Roche
3be13f7358 Make improvements to wolfSSL_EVP_PKEY_encrypt and wolfSSL_EVP_PKEY_decrypt. 
- Handle case where output buffer is NULL. In this case, passed in output buffer
  length pointer should be given the maximum output buffer size needed.
- Add better debug messages.
 2021-08-12 18:46:15 -07:00
Juliusz Sosinowicz
7dea1dcd39 OpenResty 1.13.6.2 and 1.19.3.1 support 
# New or Updated APIs
- wolfSSL_get_tlsext_status_type
- wolfSSL_X509_chain_up_ref
- wolfSSL_get0_verified_chain
- SSL_CTX_set_cert_cb
- SSL_certs_clear
- SSL_add0_chain_cert ssl_cert_add0_chain_cert
- SSL_add1_chain_cert ssl_cert_add1_chain_cert
- sk_X509_NAME_new_null
- SSL_CTX_set_cert_cb
- SSL_set0_verify_cert_store
- SSL_set_client_CA_list

# Other Changes
- Ignore gdbinit
- Add api.c tests for new API
- Add `WOLFSSL_X509_STORE* x509_store_pt` to `WOLFSSL`
- Add macro to select the `WOLFSSL` specific store when available and the associated `WOLFSSL_CTX` store otherwise. Calls to `ssl->ctx->cm` and `ssl->ctx->x509_store*` were replaced by macros.
- NO-OP when setting existing store
- Add reference counter to `WOLFSSL_X509_STORE`
- Cleanup MD5 redundant declarations
- WOLFSSL_ERROR may map to nothing so make assignment outside of it
- refMutex fields are excluded with SINGLE_THREADED macro
- Chain cert refactor
- Make `wolfSSL_add0_chain_cert` and `wolfSSL_add1_chain_cert` not affect the context associated with the SSL object
- `wolfSSL_CTX_add1_chain_cert` now updates the `ctx->certChain` on success and stores the cert in `ctx->x509Chain` for later free'ing
 2021-08-12 23:58:22 +02:00
David Garske
cccb8f940a Merge pull request #4209 from julek-wolfssl/net-snmp 
Add support for net-snmp
 2021-08-12 13:06:21 -07:00
David Garske
93a1fe4580 Merge pull request #4205 from julek-wolfssl/wpas-include-extra-stuff 
Include stuff needed for EAP in hostap
 2021-08-12 11:17:23 -07:00
Chris Conlon
d4b0ec0705 Merge pull request #4290 from TakayukiMatsuo/general 
Add wolfSSL_GENERAL_NAME_print
 2021-08-12 09:51:28 -06:00
TakayukiMatsuo
517309724a Add wolfSSL_GENERAL_NAME_print 2021-08-12 14:17:41 +09:00
Chris Conlon
fc4e4eacba Merge pull request #4292 from kojo1/evp 
EVP_CIPHER_CTX_set_iv_length
 2021-08-11 16:13:26 -06:00
David Garske
fdb6c8141e Merge pull request #4274 from haydenroche5/pyopenssl 
Add support for pyOpenSSL.
 2021-08-10 11:49:07 -07:00
Takashi Kojo
c0b085dd4a EVP_CIPHER_CTX_set_iv_length 2021-08-08 14:49:28 +09:00
Hideki Miyazaki
a066c48f55 fix jenkins failure 2021-08-07 11:13:41 +09:00
Hideki Miyazaki
a851e13f1d implemented X509_VERIFY_PARAM_set1_ip 2021-08-07 10:50:57 +09:00
Daniel Pouzzner
1b2d57123f tests/api.c: add missing (void) arg lists. 2021-08-05 15:30:33 -05:00
Juliusz Sosinowicz
fab227411f Free ECC cache per thread when used 2021-08-05 15:34:47 +02:00
Hideki Miyazaki
67e773db91 implement SSL_CIPHER_xxxx 2021-08-05 09:42:55 +09:00
David Garske
5465d40ee3 Attempt to move asn.c RSA API defs into asn_public.h, since ASN is not in FIPS boundary. 2021-08-04 17:42:46 -07:00
Hayden Roche
35a33b2f00 Add support for pyOpenSSL. 
pyOpenSSL needs the OpenSSL function X509_EXTENSION_dup, so this commit adds
that to the compatibility layer. It also needs to be able to access the DER
encoding of the subject alt names in a cert, so that's added as well.
 2021-08-04 14:08:43 -07:00
Chris Conlon
fdbe3f0ff1 Merge pull request #4258 from miyazakh/evp_md_do_all 
add EVP_MD_do_all and OBJ_NAME_do_all support
 2021-08-04 12:17:27 -06:00
Chris Conlon
d64768abff Merge pull request #4265 from miyazakh/ecc_pubkey 
update der size in actual length
 2021-08-03 16:41:36 -06:00
Juliusz Sosinowicz
c7a6b17922 Need to free ecc cache 2021-08-03 19:29:08 +02:00
Juliusz Sosinowicz
2bbd04f10f Implement BIO_new_accept and BIO_do_accept 2021-08-03 19:29:08 +02:00
Juliusz Sosinowicz
46b061c7bc Include stuff needed for EAP in hostap 
Patch that includes the API needed for EAP in hostapd and wpa_supplicant
 2021-08-03 17:52:50 +02:00
Hayden Roche
dc7ae37f7a Make changes to support port of NTP from OpenSSL to wolfSSL. 2021-08-02 13:33:18 -07:00
John Safranek
a5b55344b1 Merge pull request #2760 from kojo1/EVP-test 
additional test on EVP_CipherUpdate/Final
 2021-08-02 09:23:00 -07:00
TakayukiMatsuo
0dc98b8299 Add support for EVP_shake128/256 2021-08-02 13:00:31 +09:00
Takashi Kojo
bad9a973b4 remove hard tabs and other minor fixes 2021-07-30 07:07:40 +09:00
Takashi Kojo
297ae23521 additional test on EVP_CipherUpdate/Final 2021-07-30 06:50:01 +09:00
David Garske
c69d6d2491 Added public API wc_RsaKeyToPublicDer_ex to allow getting RSA public key without ASN.1 header (can return only seq + n + e). Related to PR #4068. Cleanup documentation for RSA and wolfIO. Consolidate duplicate code in wc_RsaPublicKeyDerSize. 2021-07-29 09:27:50 -07:00
John Safranek
6f2853ef28 Merge pull request #4251 from dgarske/openssl_all 
Fixes for edge case builds with openssl all
 2021-07-29 08:58:22 -07:00
Hideki Miyazaki
2b43052f36 update pkey sz in actual length 2021-07-29 23:28:10 +09:00
Hideki Miyazaki
e333632ad0 add obj_name_do_all 2021-07-29 14:37:10 +09:00
Hideki Miyazaki
2abf23cbc9 fix jenkins failure 2021-07-29 09:03:38 +09:00
Hideki Miyazaki
b2b5d4e603 add evp_md_do_all 2021-07-29 08:59:26 +09:00
David Garske
2c1fed8262 Fixes for edge case builds with openssl all. Improvements to the test_wolfSSL_PKCS8_d2i. Allow forceful disable of OCSP with ./configure --enable-opensslall --disable-ocsp. 2021-07-28 12:32:08 -07:00
Per Allansson
4da7fbb654 tests: use different IPv4 address in + add IPv6 SAN to generated cert 2021-07-28 09:36:21 +02:00
Sean Parkinson
0d0dfc3f5e Merge pull request #4238 from dgarske/xc32 
Fixes for building with Microchip XC32 and ATECC
 2021-07-28 09:33:01 +10:00
Chris Conlon
2dac9a2a81 Merge pull request #4228 from miyazakh/EVP_blake2xx 
add EVP_blake2 compatibility layer API
 2021-07-27 11:45:37 -06:00
David Garske
d49d8a9286 Merge pull request #4204 from SparkiDev/ecies_sec1 
ECIES: SEC.1 and ISO 18033 support
 2021-07-27 09:43:53 -07:00
David Garske
a92f03a11e Fixes for building with Microchip XC32 and ATECC. 2021-07-27 08:20:20 -07:00
John Safranek
8c63701577 Merge pull request #4247 from SparkiDev/dhp_to_der_fix 
OpenSSL API: DH params to der
 2021-07-26 17:00:34 -07:00
Sean Parkinson
31dde4706e ECIES: Support SEC 1 and ISO 18033 
Default is SEC 1.
To use old ECIES implementation: --enable-eccencrypt=old or define
WOLFSSL_ECIES_OLD
To use ISO-18033 implememtation: --enable-eccencrypt=iso18033 or
define WOLFSSL_ECIES_ISO18033
Support passing NULL for public key into wc_ecc_decrypt().
Support not having public key in privKey passed into wc_ecc_encrypt() -
public key is calculated and stored in priKey.
Add decrypt KAT test for ECIES.
 2021-07-27 09:30:53 +10:00
JacobBarthelmeh
028c056c55 Merge pull request #4213 from lealem47/leakFixes 
Addressing possible leaks in ssl.c and api.c
 2021-07-26 23:32:19 +07:00
Chris Conlon
ce7e1ef94a Merge pull request #4230 from douzzer/configure-max-bits-and-ex-data 
configure options for max rsa/ecc bits and ex_data
 2021-07-26 09:27:20 -06:00
Sean Parkinson
7d5271ed71 OpenSSL API: DH params to der 
Fix calculation of length of encoding in ssl.c.
Fix encoding to check proper length in asn.c.
Fix tests to check for correct value (api.c).
 2021-07-26 22:47:46 +10:00