feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
18,216 Commits 28 Branches 172 Tags
cfe0278d35fbf5633c8e1ffb51b1c39ba86e82f5
Commit Graph

2075 Commits

Author SHA1 Message Date
Hayden Roche
3be13f7358 Make improvements to wolfSSL_EVP_PKEY_encrypt and wolfSSL_EVP_PKEY_decrypt. 
- Handle case where output buffer is NULL. In this case, passed in output buffer
  length pointer should be given the maximum output buffer size needed.
- Add better debug messages.
 2021-08-12 18:46:15 -07:00
Juliusz Sosinowicz
7dea1dcd39 OpenResty 1.13.6.2 and 1.19.3.1 support 
# New or Updated APIs
- wolfSSL_get_tlsext_status_type
- wolfSSL_X509_chain_up_ref
- wolfSSL_get0_verified_chain
- SSL_CTX_set_cert_cb
- SSL_certs_clear
- SSL_add0_chain_cert ssl_cert_add0_chain_cert
- SSL_add1_chain_cert ssl_cert_add1_chain_cert
- sk_X509_NAME_new_null
- SSL_CTX_set_cert_cb
- SSL_set0_verify_cert_store
- SSL_set_client_CA_list

# Other Changes
- Ignore gdbinit
- Add api.c tests for new API
- Add `WOLFSSL_X509_STORE* x509_store_pt` to `WOLFSSL`
- Add macro to select the `WOLFSSL` specific store when available and the associated `WOLFSSL_CTX` store otherwise. Calls to `ssl->ctx->cm` and `ssl->ctx->x509_store*` were replaced by macros.
- NO-OP when setting existing store
- Add reference counter to `WOLFSSL_X509_STORE`
- Cleanup MD5 redundant declarations
- WOLFSSL_ERROR may map to nothing so make assignment outside of it
- refMutex fields are excluded with SINGLE_THREADED macro
- Chain cert refactor
- Make `wolfSSL_add0_chain_cert` and `wolfSSL_add1_chain_cert` not affect the context associated with the SSL object
- `wolfSSL_CTX_add1_chain_cert` now updates the `ctx->certChain` on success and stores the cert in `ctx->x509Chain` for later free'ing
 2021-08-12 23:58:22 +02:00
David Garske
cccb8f940a Merge pull request #4209 from julek-wolfssl/net-snmp 
Add support for net-snmp
 2021-08-12 13:06:21 -07:00
David Garske
93a1fe4580 Merge pull request #4205 from julek-wolfssl/wpas-include-extra-stuff 
Include stuff needed for EAP in hostap
 2021-08-12 11:17:23 -07:00
Chris Conlon
d4b0ec0705 Merge pull request #4290 from TakayukiMatsuo/general 
Add wolfSSL_GENERAL_NAME_print
 2021-08-12 09:51:28 -06:00
TakayukiMatsuo
517309724a Add wolfSSL_GENERAL_NAME_print 2021-08-12 14:17:41 +09:00
Chris Conlon
fc4e4eacba Merge pull request #4292 from kojo1/evp 
EVP_CIPHER_CTX_set_iv_length
 2021-08-11 16:13:26 -06:00
David Garske
fdb6c8141e Merge pull request #4274 from haydenroche5/pyopenssl 
Add support for pyOpenSSL.
 2021-08-10 11:49:07 -07:00
Takashi Kojo
c0b085dd4a EVP_CIPHER_CTX_set_iv_length 2021-08-08 14:49:28 +09:00
Hideki Miyazaki
a066c48f55 fix jenkins failure 2021-08-07 11:13:41 +09:00
Hideki Miyazaki
a851e13f1d implemented X509_VERIFY_PARAM_set1_ip 2021-08-07 10:50:57 +09:00
Daniel Pouzzner
1b2d57123f tests/api.c: add missing (void) arg lists. 2021-08-05 15:30:33 -05:00
Juliusz Sosinowicz
fab227411f Free ECC cache per thread when used 2021-08-05 15:34:47 +02:00
JacobBarthelmeh
1e491993ca add a2i_IPADDRESS 2021-08-05 16:53:36 +07:00
Hideki Miyazaki
67e773db91 implement SSL_CIPHER_xxxx 2021-08-05 09:42:55 +09:00
David Garske
5465d40ee3 Attempt to move asn.c RSA API defs into asn_public.h, since ASN is not in FIPS boundary. 2021-08-04 17:42:46 -07:00
Hayden Roche
35a33b2f00 Add support for pyOpenSSL. 
pyOpenSSL needs the OpenSSL function X509_EXTENSION_dup, so this commit adds
that to the compatibility layer. It also needs to be able to access the DER
encoding of the subject alt names in a cert, so that's added as well.
 2021-08-04 14:08:43 -07:00
Chris Conlon
fdbe3f0ff1 Merge pull request #4258 from miyazakh/evp_md_do_all 
add EVP_MD_do_all and OBJ_NAME_do_all support
 2021-08-04 12:17:27 -06:00
JacobBarthelmeh
d39893baa0 add ctx set msg callback 2021-08-04 16:49:01 +07:00
Chris Conlon
d64768abff Merge pull request #4265 from miyazakh/ecc_pubkey 
update der size in actual length
 2021-08-03 16:41:36 -06:00
Juliusz Sosinowicz
c7a6b17922 Need to free ecc cache 2021-08-03 19:29:08 +02:00
Juliusz Sosinowicz
2bbd04f10f Implement BIO_new_accept and BIO_do_accept 2021-08-03 19:29:08 +02:00
Juliusz Sosinowicz
46b061c7bc Include stuff needed for EAP in hostap 
Patch that includes the API needed for EAP in hostapd and wpa_supplicant
 2021-08-03 17:52:50 +02:00
Hayden Roche
dc7ae37f7a Make changes to support port of NTP from OpenSSL to wolfSSL. 2021-08-02 13:33:18 -07:00
John Safranek
a5b55344b1 Merge pull request #2760 from kojo1/EVP-test 
additional test on EVP_CipherUpdate/Final
 2021-08-02 09:23:00 -07:00
TakayukiMatsuo
0dc98b8299 Add support for EVP_shake128/256 2021-08-02 13:00:31 +09:00
Takashi Kojo
bad9a973b4 remove hard tabs and other minor fixes 2021-07-30 07:07:40 +09:00
Takashi Kojo
297ae23521 additional test on EVP_CipherUpdate/Final 2021-07-30 06:50:01 +09:00
David Garske
c69d6d2491 Added public API wc_RsaKeyToPublicDer_ex to allow getting RSA public key without ASN.1 header (can return only seq + n + e). Related to PR #4068. Cleanup documentation for RSA and wolfIO. Consolidate duplicate code in wc_RsaPublicKeyDerSize. 2021-07-29 09:27:50 -07:00
John Safranek
6f2853ef28 Merge pull request #4251 from dgarske/openssl_all 
Fixes for edge case builds with openssl all
 2021-07-29 08:58:22 -07:00
Hideki Miyazaki
2b43052f36 update pkey sz in actual length 2021-07-29 23:28:10 +09:00
Hideki Miyazaki
e333632ad0 add obj_name_do_all 2021-07-29 14:37:10 +09:00
Hideki Miyazaki
2abf23cbc9 fix jenkins failure 2021-07-29 09:03:38 +09:00
Hideki Miyazaki
b2b5d4e603 add evp_md_do_all 2021-07-29 08:59:26 +09:00
David Garske
2c1fed8262 Fixes for edge case builds with openssl all. Improvements to the test_wolfSSL_PKCS8_d2i. Allow forceful disable of OCSP with ./configure --enable-opensslall --disable-ocsp. 2021-07-28 12:32:08 -07:00
Per Allansson
4da7fbb654 tests: use different IPv4 address in + add IPv6 SAN to generated cert 2021-07-28 09:36:21 +02:00
Sean Parkinson
0d0dfc3f5e Merge pull request #4238 from dgarske/xc32 
Fixes for building with Microchip XC32 and ATECC
 2021-07-28 09:33:01 +10:00
Chris Conlon
2dac9a2a81 Merge pull request #4228 from miyazakh/EVP_blake2xx 
add EVP_blake2 compatibility layer API
 2021-07-27 11:45:37 -06:00
David Garske
d49d8a9286 Merge pull request #4204 from SparkiDev/ecies_sec1 
ECIES: SEC.1 and ISO 18033 support
 2021-07-27 09:43:53 -07:00
David Garske
a92f03a11e Fixes for building with Microchip XC32 and ATECC. 2021-07-27 08:20:20 -07:00
John Safranek
8c63701577 Merge pull request #4247 from SparkiDev/dhp_to_der_fix 
OpenSSL API: DH params to der
 2021-07-26 17:00:34 -07:00
Sean Parkinson
31dde4706e ECIES: Support SEC 1 and ISO 18033 
Default is SEC 1.
To use old ECIES implementation: --enable-eccencrypt=old or define
WOLFSSL_ECIES_OLD
To use ISO-18033 implememtation: --enable-eccencrypt=iso18033 or
define WOLFSSL_ECIES_ISO18033
Support passing NULL for public key into wc_ecc_decrypt().
Support not having public key in privKey passed into wc_ecc_encrypt() -
public key is calculated and stored in priKey.
Add decrypt KAT test for ECIES.
 2021-07-27 09:30:53 +10:00
JacobBarthelmeh
028c056c55 Merge pull request #4213 from lealem47/leakFixes 
Addressing possible leaks in ssl.c and api.c
 2021-07-26 23:32:19 +07:00
Chris Conlon
ce7e1ef94a Merge pull request #4230 from douzzer/configure-max-bits-and-ex-data 
configure options for max rsa/ecc bits and ex_data
 2021-07-26 09:27:20 -06:00
Sean Parkinson
7d5271ed71 OpenSSL API: DH params to der 
Fix calculation of length of encoding in ssl.c.
Fix encoding to check proper length in asn.c.
Fix tests to check for correct value (api.c).
 2021-07-26 22:47:46 +10:00
JacobBarthelmeh
27c49b1673 Merge pull request #4075 from julek-wolfssl/bind-dns 
Bind 9.17.9 and 9.11.22 Support
 2021-07-26 11:24:57 +07:00
Daniel Pouzzner
494e285cf1 configure.ac: add --with-max-rsa-bits, --with-max-ecc-bits, and --enable-context-extra-user-data[=#]; untabify and otherwise clean up whitespace; tweak api.c, ecc.h, rsa.h, and settings.h, for compatibility with new options. 2021-07-23 22:02:58 -05:00
John Safranek
e8d636771f Merge pull request #4231 from haydenroche5/des3-iv-fips 
Use correct DES IV size when using FIPS v2.
 2021-07-23 09:38:56 -07:00
Juliusz Sosinowicz
10168e093a Rebase fixes 2021-07-23 18:14:54 +02:00
Juliusz Sosinowicz
142ff6d885 Bind 9.11.22 2021-07-23 18:14:18 +02:00