wolfssl

feedc0de/wolfssl

Fork 0

forked from wolfSSL/wolfssl

Commit Graph

Select branches

Hide Pull Requests

cert-3389

devin-lifeguard/update-rules-d59f9c48

devin/1739556249-pem-hash-algorithm

devin/1739556249-pem-hash-algorithm-fix

devin/1739556249-pem-hash-algorithm-fix2

devin/1739784730-fix-tlsext-constants

devin/1739818351-optimize-test-suite

devin/1739818351-optimize-test-suite-fix

devin/1739917420-rename-kyberkey-to-mlkem

devin/1739920896-esp32-fixes

devin/1740705266-update-mlkemkey-apis

devin/1740757542-null-cipher-evp-update

devin/1740759575-null-cipher-fix

devin/1741319666-remove-qt-guard-add-tests

devin/1741708186-add-cmake-wolfclu

devin/1742172556-aes-xts-tests

devin/1742405136-cipherType-to-string

devin/1742841122-add-dod-pki-oids

devin/1747238512-add-ssl-remove-session

devin/invalid-gentime-crl-test

fixes_with_new_idf

master

nightly-snapshot

pr-8603

remove-arc4

revert-5549-fix_sha256_debug

revert-8277-aarch64_no_crypto

rm_arc4

WCv4-rng-stable

WCv4-stable

WCv4.0-RC1

WCv4.0-RC2

WCv4.0-RC3

WCv4.0-RC4

WCv4.0-RC5

WCv4.0-RC6

WCv4.0-RC7

WCv4.0-RC8

WCv4.0-RC9

WCv5.0-RC10

WCv5.0-RC11

WCv5.0-RC12

WCv5.0-RC2

WCv5.0-RC3

WCv5.0-RC4

WCv5.0-RC5

WCv5.0-RC6

WCv5.0-RC7

WCv5.0-RC8

WCv5.0-RC9

WCv5.2.1-PILOT

WCv5.2.3-ARMv8-PAA

WCv5.2.3-ARMv8-PAA-r2

WCv5.2.3-DHGENPUB

WCv5.2.3-DHGENPUB-r2

WCv5.2.3-STM32-PAA

WCv6.0.0-RC1

WCv6.0.0-RC2

WCv6.0.0-RC3

WCv6.0.0-RC4

WCv6.0.0-RC5

l

list

v0.5

v1.8.8.0

v1.9.0

v2.0.2

v2.0.3

v2.0.6

v2.0.8

v2.0rc1

v2.0rc2

v2.0rc2b

v2.0rc3

v2.1.1

v2.1.2

v2.1.4

v2.2.0

v2.2.1

v2.2.2

v2.3.0

v2.4.0

v2.4.2

v2.4.6

v2.4.7

v2.5.0

v2.5.2

v2.5.2b

v2.6.0

v2.6.2

v2.7.0

v2.7.2

v2.8.0

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.5a

v2.8.6

v2.9.0

v2.9.1

v2.9.2

v2.9.4

v3.0.0

v3.0.2

v3.1.0

v3.10.0-stable

v3.10.0a

v3.10.2-stable

v3.10.3

v3.10.4

v3.11.0-stable

v3.11.1-tls13-beta

v3.12.0-stable

v3.12.2-stable

v3.13.0-stable

v3.13.2

v3.13.3

v3.14.0-stable

v3.14.0a

v3.14.0b

v3.14.2

v3.14.4

v3.14.5

v3.15.0-stable

v3.15.3-stable

v3.15.5-stable

v3.15.5a

v3.15.6

v3.15.7-stable

v3.15.8

v3.2.0

v3.2.4

v3.2.6

v3.3.0

v3.3.2

v3.3.3

v3.4.0

v3.4.2

v3.4.6

v3.4.8

v3.6.0

v3.6.0b

v3.6.2

v3.6.6

v3.6.8

v3.6.9

v3.6.9b

v3.6.9c

v3.6.9d

v3.69.d

v3.7.0

v3.7.1

v3.7.3

v3.8.0

v3.9.0

v3.9.1

v3.9.10-stable

v3.9.10b

v3.9.6

v3.9.6w

v3.9.8

v4.0.0-stable

v4.1.0-stable

v4.2.0-stable

v4.2.0c

v4.3.0-stable

v4.4.0-stable

v4.5.0-stable

v4.6.0-stable

v4.7.0-stable

v4.7.1r

v4.8.0-stable

v4.8.1-stable

v5.0.0-stable

v5.1.0-stable

v5.1.1-stable

v5.2.0-stable

v5.2.1-stable

v5.2.1-stable-OS_Seed-HdrOnly

v5.3.0-stable

v5.4.0-stable

v5.5.0-stable

v5.5.1-stable

v5.5.2-stable

v5.5.3-stable

v5.5.4-stable

v5.6.0-stable

v5.6.2-stable

v5.6.3-stable

v5.6.4-stable

v5.6.6-stable

v5.7.0-stable

v5.7.2-stable

v5.7.4-stable

v5.7.6-stable

v5.8.0-stable

wolfEntropy1

wolfRand-RC1

wolfRand-RC2

bad6be5c76 1. Updated sniffer to allow DES3 to be disabled. 2. Fixed an unused variable in OpenSSL Extras when DES3 is disabled. 3. Force DES3 enabled when enabling MCAPI. John Safranek 2016-09-15 14:53:28 -07:00
e92f0e32b0 Undo making the ECC supported curves extension default to enabled. John Safranek 2016-09-15 13:15:49 -07:00
78c0f98ea9 Merge pull request #551 from kaleb-himes/arduino-updates dgarske 2016-09-15 13:01:42 -07:00
0ee7d7cc17 1. Add DES3 enable to full commit test. 2. Added DES3 to the list of FIPS prereqs. John Safranek 2016-09-15 12:19:32 -07:00
e3bb4c29e2 Fix openssl.test with the lean-TLS option 1. Make new CA cert for test that is both client-cert.pem andr client-ecc-cert.pem. 2. Use the new client-ca.pem cert in the test script. 3. Update renewcerts script to generate client-ca.pem. John Safranek 2016-09-15 11:28:21 -07:00
c1ac0c0f8c Merge pull request #545 from ejohnstown/ems toddouska 2016-09-15 11:25:41 -07:00
2d4757b446 Disable DES3 by default. Force it enabled when it is a prereq for another option. (SCEP and PKCS7) John Safranek 2016-09-15 11:17:30 -07:00
19434e285a Update the resume test to rerun itself with the "-n" option to disable extended master secret if the option is enabled. John Safranek 2016-09-15 10:13:31 -07:00
8cdaa06127 prevent compiler from optimzing out PreFetch Td4 toddouska 2016-09-15 10:02:30 -07:00
9d49fae600 Updates to make building for ARDUINO more intuitive kaleb-himes 2016-09-14 16:53:06 -06:00
01be5cdc07 Merge pull request #550 from toddouska/rsainit JacobBarthelmeh 2016-09-14 16:31:07 -06:00
dc337946d5 make sure rsa rng is null on init toddouska 2016-09-14 14:33:08 -07:00
8b713adcfd Extended Master Secret Peer Review Changes 1. Checked the returns on the hash functions in the sniffer, return new error if any fail. 2. Removed the SHA-512 hash from the sniffer's collection of hashes. Never used in a cipher suite. 3. Added some logging messages in the EMS support in wolfSSL. John Safranek 2016-09-14 13:43:02 -07:00
7410b5784f Merge pull request #548 from toddouska/nocache John Safranek 2016-09-14 10:24:29 -07:00
e039fcefc0 Merge pull request #549 from JacobBarthelmeh/master toddouska 2016-09-14 09:58:19 -07:00
109642fef4 aes.c : check ILP32 macro defined Jacob Barthelmeh 2016-09-14 09:33:48 -06:00
b6937626b4 don't require uneeded temp with WC_NO_CACHE_RESISTANT toddouska 2016-09-13 17:01:50 -07:00
7b3fc558ec add WC_NO_CACHE_RESISTANT option for old code path toddouska 2016-09-13 16:45:15 -07:00
b77c350153 Merge pull request #547 from toddouska/mathca John Safranek 2016-09-13 14:34:23 -07:00
05d78dc2ce Merge pull request #544 from cconlon/rsafix toddouska 2016-09-13 11:24:03 -07:00
46a0ee8e69 switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor toddouska 2016-09-13 11:10:10 -07:00
0477d5379e Merge pull request #546 from toddouska/aesca John Safranek 2016-09-13 11:05:28 -07:00
6ef9e79ff5 switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor toddouska 2016-09-13 09:13:39 -07:00
6ae1a14c9f do aes cache line stride by bytes, not word32s toddouska 2016-09-12 21:09:08 -07:00
77cf700657 Update to allow resumption with session tickets and extended master secret. John Safranek 2016-09-12 14:24:56 -07:00
c6256211d6 compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round toddouska 2016-09-12 13:04:30 -07:00
97a64bcc7c remove unique aes last round Te table, pre fetch Te tables during software aes encrypt toddouska 2016-09-12 12:03:37 -07:00
c1136a30e9 1. Enabled the extended master secret in the Windows IDE user_settings.h file by default. 2. Fixed scan-build warning about an assignment to a variable that isn't used again in the function. Commented out the line. John Safranek 2016-09-12 09:42:42 -07:00
b994244011 Revising the Extended Master Secret support. Removing the dynamic TLSX support for the extention and treating it like the Signature and Hash algorithms extension. It is to be enabled by default and the user can turn it off at run time or build time. John Safranek 2016-09-09 23:16:52 -07:00
a149d83bff include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys Chris Conlon 2016-09-09 16:11:56 -06:00
68e48e84fd Merge pull request #541 from toddouska/comp John Safranek 2016-09-09 13:00:22 -07:00
fc54c53f38 Merge pull request #543 from JacobBarthelmeh/ARMv8 toddouska 2016-09-09 10:23:44 -07:00
3ec66dd662 ARMv8 : sanity checks and change constraint type Jacob Barthelmeh 2016-09-09 00:27:40 +00:00
bd3e40d2fc Merge pull request #542 from JacobBarthelmeh/master dgarske 2016-09-08 16:07:28 -07:00
f4e604dec3 verify case with unexpected input Jacob Barthelmeh 2016-09-08 15:32:09 -06:00
0c21d76ce3 detect client not sending any compression types toddouska 2016-09-08 12:06:22 -07:00
4fb1431727 Added support for the extended master secret extension to the sniffer. John Safranek 2016-09-08 11:25:02 -07:00
79af4d30e0 ARMv8 : increase performance with SHA256 Jacob Barthelmeh 2016-09-08 18:00:24 +00:00
3e80d966d2 Merge pull request #540 from dgarske/fix_noprng_nosha2 toddouska 2016-09-07 16:33:32 -07:00
3aefc42f04 have TLS server side verify no compression is in list if not using compression toddouska 2016-09-07 15:28:30 -07:00
f6b786cfb5 Updated the random.h source inline comments to clarify SHA256 and RC4. David Garske 2016-09-07 09:23:43 -07:00
baebec4ca4 Merge pull request #538 from JacobBarthelmeh/ARMv8 toddouska 2016-09-07 09:20:14 -07:00
a5db13cd01 detect server forcing compression on client w/o support toddouska 2016-09-07 09:17:14 -07:00
8d6ea61a4f Fix to allow disabling P-RNG and SHA256 when CUSTOM_RAND_GENERATE_BLOCK is used. Added inline documentation to describe RNG source options. Example: ./configure --enable-cryptonly --disable-hashdrbg CFLAGS="-DNO_SHA256 -DCUSTOM_RAND_GENERATE_BLOCK" David Garske 2016-09-06 16:42:53 -07:00
09b29cb1d4 ARMv8 AES: remove extra memcpy during encrypt/decrypt Jacob Barthelmeh 2016-09-03 03:49:20 +00:00
33f24ebaa8 Merge pull request #537 from ejohnstown/ocsp-issuerKeyHash JacobBarthelmeh 2016-09-02 14:57:07 -06:00
8e4ccd355c refactor ALIGN16 macro to types.h Jacob Barthelmeh 2016-09-01 21:24:03 +00:00
0f0e0ca9a5 add extended master to example client Chris Conlon 2016-09-01 15:17:46 -06:00
88fab67804 add extended master unit tests Chris Conlon 2016-09-01 15:15:17 -06:00
e4f527a332 initial extended master secret support Chris Conlon 2016-09-01 15:12:54 -06:00
5bf8806655 add wc_Sha384/512GetHash() functions Chris Conlon 2016-09-01 15:05:27 -06:00
41912b92c6 initial ARMv8 instructions Jacob Barthelmeh 2016-07-22 15:49:15 +00:00
963b9d4c4d OCSP Fixes 1. When using Cert Manager OCSP lookup, the issuer key hash wasn't being set correctly. This could lead to unknown responses from lookup. 2. Default OCSP lookup callback could get blocked waiting for server to close socket. John Safranek 2016-09-01 09:58:34 -07:00
a0b02236b8 Merge pull request #527 from danielinux/master Chris Conlon 2016-08-31 10:07:25 -06:00
092916c253 Merge pull request #536 from ejohnstown/dtls-sctp toddouska 2016-08-30 13:09:40 -07:00
e0a035a063 DTLS-SCTP Tests 1. Added a check to configure for SCTP availablility. 2. Added DTLS-SCTP to the cipher suite test. John Safranek 2016-08-29 15:15:59 -07:00
de3f66b946 Merge pull request #515 from dgarske/cryptonly_static_mem JacobBarthelmeh 2016-08-29 15:23:28 -06:00
ddff90ea26 Fix duplicate declaration of "wolfSSL_init_memory_heap" (errors after rebase). David Garske 2016-08-29 11:50:43 -07:00
6a70403547 Fix for "not used" devId in benchmark. David Garske 2016-08-29 11:01:16 -07:00
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. David Garske 2016-08-29 10:38:06 -07:00
05a35a8332 fix scan-build warning on the simple SCTP example server John Safranek 2016-08-26 20:33:05 -07:00
aed68e1c69 1. Needed to tell the client to use sctp. 2. Creating the example sockets needed the IPPROTO type. John Safranek 2016-08-26 10:47:01 -07:00
46e92e0211 DTLS-SCTP example client and server 1. Update the example client and server to test DTLS-SCTP. 2. Modify the test.h functions for setting up connections to allow for a SCTP option. 3. Update other examples to use the new test.h functions. 4. Removed some prototypes in the client header file were some functions that should have been static to the client.c file and made them static. John Safranek 2016-08-25 22:20:35 -07:00
6d5df3928f SCTP-DTLS examples 1. Added the set SCTP mode command to client and server. 2. Added a 4K buffer test case. John Safranek 2016-08-25 09:25:12 -07:00
bab071f961 1. Implemented the SCTP MTU size changes for transmit. 2. Simplified the MAX_FRAGMENT size when calling SendData(). John Safranek 2016-08-24 18:26:17 -07:00
a6c0d4fed7 1. Added missing -DWOLFSSL_SCTP to configure.ac. 2. Don't do hello verify requests in SCTP mode. 3. Implemented the SCTP MTU size changes. 4. Simplified the MAX_FRAGMENT size when calling ReceiveData(). John Safranek 2016-08-24 13:17:38 -07:00
52e2f1a7ab typecasts to clear static analysis warnings on SCTP examples John Safranek 2016-08-23 09:27:37 -07:00
f3dca48e99 Fix polarity on the DTLS-SCTP check. John Safranek 2016-08-23 08:53:38 -07:00
7b3255b5bb 1. Simplified the IsDtlsSctpMode() check. 2. Checked IsDtlsSctpMode() to skip saving messages to retransmit and skip retransmissions. John Safranek 2016-08-22 13:25:05 -07:00
c1970434d1 simplify the SCTP options John Safranek 2016-08-22 08:49:10 -07:00
b7a35eabd2 Add simple SCTP example tools John Safranek 2016-08-18 17:02:54 -07:00
ebbf5ec72b add new options and accessors for SCTP John Safranek 2016-08-03 08:12:55 -07:00
2d9b6cf27a added SCTP to configure.ac John Safranek 2016-08-01 07:51:42 -07:00
d7ac7af4b0 Merge pull request #532 from toddouska/sb-aiaddr dgarske 2016-08-26 16:29:20 -07:00
930c692598 Merge pull request #535 from toddouska/ecc521-no64 dgarske 2016-08-26 14:59:01 -07:00
bd312cb766 Merge pull request #533 from dgarske/dg_fixes toddouska 2016-08-26 14:30:55 -07:00
401463a983 Merge pull request #534 from dgarske/ecc_cust_fix toddouska 2016-08-26 14:25:15 -07:00
efabbcf305 fix normal math 16bit digit_bit for all ecc sizes toddouska 2016-08-26 13:47:53 -07:00
bf23b2f9d1 Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup. David Garske 2016-08-26 12:35:47 -07:00
925e5e3484 Fixes typo issue with heap in hmac and small stack enabled. Fixed "never read" scan-build warnings with typeH and verify when RSA is disabled. David Garske 2016-08-26 10:33:01 -07:00
86e889a7fa only force exit() in all cases with gcc since we know noreturn attribute there toddouska 2016-08-26 10:20:58 -07:00
dd7f9b618d make sure static analysis realizes err_sys does exit() toddouska 2016-08-25 12:23:57 -07:00
78ca9e7716 Merge pull request #482 from dgarske/async toddouska 2016-08-25 10:06:18 -07:00
07345579ec Merge pull request #531 from cconlon/distro toddouska 2016-08-23 14:31:23 -07:00
a9278fe492 Added check for GetLength result in asn GetIntRsa function. Fixed return code in random.c for "wolfAsync_DevCtxInit" due to copy/paste error. Added RSA wc_RsaCleanup to make sure allocated tmp buffer is always free'd. Eliminated invalid RSA key type checks and "RSA_CHECK_KEYTYPE". David Garske 2016-08-23 11:31:15 -07:00
91ccf1bd86 do not enable ARC4 or sniffer in distro build Chris Conlon 2016-08-22 15:33:45 -06:00
45c8ed1436 remove -X from ocsp stapling tests that are not external Chris Conlon 2016-08-22 14:18:35 -06:00
ebba0efaa4 Merge pull request #528 from jrblixt/tests_api_develop toddouska 2016-08-22 09:38:23 -07:00
1a94c0bbdd add distro build option Chris Conlon 2016-08-22 10:00:37 -06:00
6f0239441b Merge pull request #530 from ejohnstown/dtls-ticket Chris Conlon 2016-08-22 09:37:28 -06:00
a9935cbc28 Made changes found by Jenkins. John Blixt 2016-08-19 10:23:55 -06:00
fa1989b729 fix building the new session ticket message for DTLS, take into account the additional header sizes John Safranek 2016-08-18 17:51:25 -07:00
813a9b05b5 Clean up and Chris check added the changes. John Blixt 2016-08-18 15:07:07 -06:00
f61c045e65 Changes to the Assert Macros used and added wolfSSL_CTX_use_certificate_buffer() John Blixt 2016-08-18 10:03:33 -06:00
3d3f8c9dd3 Support for Frosted OS Daniele Lacamera 2016-08-18 14:54:21 +02:00
b068eec96d added wolfSSL_CTX_SetMinVersion John Blixt 2016-08-17 14:41:37 -06:00
73089200bf Merge branch 'master' of https://github.com/wolfSSL/wolfssl into tests_api_develop John Blixt 2016-08-17 14:12:43 -06:00
cddc771829 Added wolfSSL_SetMinVersion John Blixt 2016-08-17 14:05:37 -06:00
584733b138 Chris looked at functions added for correctness. John Blixt 2016-08-17 11:27:14 -06:00
65b2b14a0f added test functions for wolfCrypt_Init and OCSP stapling v1 and v2 John Blixt 2016-08-17 10:32:03 -06:00