feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
5,086 Commits 28 Branches 172 Tags
b3721c68088bb01a7089b43cd5d93b51e4e4fac3
Commit Graph

5086 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Safranek
2d4757b446 Disable DES3 by default. Force it enabled when it is a prereq for 
another option. (SCEP and PKCS7)
 2016-09-15 11:23:36 -07:00
John Safranek
19434e285a Update the resume test to rerun itself with the "-n" option to disable 
extended master secret if the option is enabled.
 2016-09-15 10:13:31 -07:00
toddouska
8cdaa06127 prevent compiler from optimzing out PreFetch Td4 2016-09-15 10:02:30 -07:00
kaleb-himes
9d49fae600 Updates to make building for ARDUINO more intuitive 
NO_INLINE not necessary, update README
 2016-09-14 17:01:35 -06:00
JacobBarthelmeh
01be5cdc07 Merge pull request #550 from toddouska/rsainit 
make sure rsa rng is null on init
 2016-09-14 16:31:07 -06:00
toddouska
dc337946d5 make sure rsa rng is null on init 2016-09-14 14:33:08 -07:00
John Safranek
8b713adcfd Extended Master Secret Peer Review Changes 
1. Checked the returns on the hash functions in the sniffer,
   return new error if any fail.
2. Removed the SHA-512 hash from the sniffer's collection of
   hashes. Never used in a cipher suite.
3. Added some logging messages in the EMS support in wolfSSL.
 2016-09-14 13:43:02 -07:00
John Safranek
7410b5784f Merge pull request #548 from toddouska/nocache 
add WC_NO_CACHE_RESISTANT option for old code paths
 2016-09-14 10:24:29 -07:00
toddouska
e039fcefc0 Merge pull request #549 from JacobBarthelmeh/master 
aes.c : check ILP32 macro defined
 2016-09-14 09:58:19 -07:00
Jacob Barthelmeh
109642fef4 aes.c : check ILP32 macro defined 2016-09-14 09:33:48 -06:00
toddouska
b6937626b4 don't require uneeded temp with WC_NO_CACHE_RESISTANT 2016-09-13 17:01:50 -07:00
toddouska
7b3fc558ec add WC_NO_CACHE_RESISTANT option for old code path 2016-09-13 16:45:15 -07:00
John Safranek
b77c350153 Merge pull request #547 from toddouska/mathca 
Remove timing resistant cache key bit monitor leaks
 2016-09-13 14:34:23 -07:00
toddouska
05d78dc2ce Merge pull request #544 from cconlon/rsafix 
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
 2016-09-13 11:24:03 -07:00
toddouska
46a0ee8e69 switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor 2016-09-13 11:10:10 -07:00
John Safranek
0477d5379e Merge pull request #546 from toddouska/aesca 
AES T table cache preload.
 2016-09-13 11:05:28 -07:00
toddouska
6ef9e79ff5 switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor 2016-09-13 09:13:39 -07:00
toddouska
6ae1a14c9f do aes cache line stride by bytes, not word32s 2016-09-12 21:09:08 -07:00
John Safranek
77cf700657 Update to allow resumption with session tickets and extended master secret. 2016-09-12 16:06:51 -07:00
toddouska
c6256211d6 compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round 2016-09-12 13:04:30 -07:00
toddouska
97a64bcc7c remove unique aes last round Te table, pre fetch Te tables during software aes encrypt 2016-09-12 12:03:37 -07:00
John Safranek
c1136a30e9 1. Enabled the extended master secret in the Windows IDE user_settings.h 
file by default.
2. Fixed scan-build warning about an assignment to a variable that isn't
used again in the function. Commented out the line.
 2016-09-12 09:42:42 -07:00
John Safranek
b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon
a149d83bff include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys 2016-09-09 16:11:56 -06:00
John Safranek
68e48e84fd Merge pull request #541 from toddouska/comp 
detect server forcing compression on client w/o support
 2016-09-09 13:00:22 -07:00
toddouska
fc54c53f38 Merge pull request #543 from JacobBarthelmeh/ARMv8 
ARMv8 : increase performance with SHA256
 2016-09-09 10:23:44 -07:00
Jacob Barthelmeh
3ec66dd662 ARMv8 : sanity checks and change constraint type 2016-09-09 00:27:40 +00:00
dgarske
bd3e40d2fc Merge pull request #542 from JacobBarthelmeh/master 
verify case with unexpected input
 2016-09-08 16:07:28 -07:00
Jacob Barthelmeh
f4e604dec3 verify case with unexpected input 2016-09-08 15:32:09 -06:00
toddouska
0c21d76ce3 detect client not sending any compression types 2016-09-08 12:06:22 -07:00
John Safranek
4fb1431727 Added support for the extended master secret extension to the sniffer. 2016-09-08 11:25:02 -07:00
Jacob Barthelmeh
79af4d30e0 ARMv8 : increase performance with SHA256 2016-09-08 18:00:24 +00:00
toddouska
3e80d966d2 Merge pull request #540 from dgarske/fix_noprng_nosha2 
Fix to allow disabling P-RNG and SHA256 with CUSTOM_RAND_GENERATE_BLOCK
 2016-09-07 16:33:32 -07:00
toddouska
3aefc42f04 have TLS server side verify no compression is in list if not using compression 2016-09-07 15:28:30 -07:00
David Garske
f6b786cfb5 Updated the random.h source inline comments to clarify SHA256 and RC4. 2016-09-07 09:23:43 -07:00
toddouska
baebec4ca4 Merge pull request #538 from JacobBarthelmeh/ARMv8 
initial ARMv8 instructions
 2016-09-07 09:20:14 -07:00
toddouska
a5db13cd01 detect server forcing compression on client w/o support 2016-09-07 09:17:14 -07:00
David Garske
8d6ea61a4f Fix to allow disabling P-RNG and SHA256 when CUSTOM_RAND_GENERATE_BLOCK is used. Added inline documentation to describe RNG source options. Example: ./configure --enable-cryptonly --disable-hashdrbg CFLAGS="-DNO_SHA256 -DCUSTOM_RAND_GENERATE_BLOCK" 2016-09-06 16:42:53 -07:00
Jacob Barthelmeh
09b29cb1d4 ARMv8 AES: remove extra memcpy during encrypt/decrypt 2016-09-02 22:55:17 +00:00
JacobBarthelmeh
33f24ebaa8 Merge pull request #537 from ejohnstown/ocsp-issuerKeyHash 
OCSP Fixes
 2016-09-02 14:57:07 -06:00
Jacob Barthelmeh
8e4ccd355c refactor ALIGN16 macro to types.h 2016-09-01 21:24:03 +00:00
Chris Conlon
0f0e0ca9a5 add extended master to example client 2016-09-01 15:17:46 -06:00
Chris Conlon
88fab67804 add extended master unit tests 2016-09-01 15:15:17 -06:00
Chris Conlon
e4f527a332 initial extended master secret support 2016-09-01 15:12:54 -06:00
Chris Conlon
5bf8806655 add wc_Sha384/512GetHash() functions 2016-09-01 15:05:27 -06:00
Jacob Barthelmeh
41912b92c6 initial ARMv8 instructions 2016-09-01 18:10:06 +00:00
John Safranek
963b9d4c4d OCSP Fixes 
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
 2016-09-01 09:58:34 -07:00
Chris Conlon
a0b02236b8 Merge pull request #527 from danielinux/master 
Support for Frosted OS
 2016-08-31 10:07:25 -06:00
toddouska
092916c253 Merge pull request #536 from ejohnstown/dtls-sctp 
DTLS over SCTP
 2016-08-30 13:09:40 -07:00
John Safranek
e0a035a063 DTLS-SCTP Tests 
1. Added a check to configure for SCTP availablility.
2. Added DTLS-SCTP to the cipher suite test.
 2016-08-29 15:24:51 -07:00