wolfssl

feedc0de/wolfssl

Fork 0

forked from wolfSSL/wolfssl

Commit Graph

Select branches

Hide Pull Requests

cert-3389

devin-lifeguard/update-rules-d59f9c48

devin/1739556249-pem-hash-algorithm

devin/1739556249-pem-hash-algorithm-fix

devin/1739556249-pem-hash-algorithm-fix2

devin/1739784730-fix-tlsext-constants

devin/1739818351-optimize-test-suite

devin/1739818351-optimize-test-suite-fix

devin/1739917420-rename-kyberkey-to-mlkem

devin/1739920896-esp32-fixes

devin/1740705266-update-mlkemkey-apis

devin/1740757542-null-cipher-evp-update

devin/1740759575-null-cipher-fix

devin/1741319666-remove-qt-guard-add-tests

devin/1741708186-add-cmake-wolfclu

devin/1742172556-aes-xts-tests

devin/1742405136-cipherType-to-string

devin/1742841122-add-dod-pki-oids

devin/1747238512-add-ssl-remove-session

devin/invalid-gentime-crl-test

fixes_with_new_idf

master

nightly-snapshot

pr-8603

remove-arc4

revert-5549-fix_sha256_debug

revert-8277-aarch64_no_crypto

rm_arc4

WCv4-rng-stable

WCv4-stable

WCv4.0-RC1

WCv4.0-RC2

WCv4.0-RC3

WCv4.0-RC4

WCv4.0-RC5

WCv4.0-RC6

WCv4.0-RC7

WCv4.0-RC8

WCv4.0-RC9

WCv5.0-RC10

WCv5.0-RC11

WCv5.0-RC12

WCv5.0-RC2

WCv5.0-RC3

WCv5.0-RC4

WCv5.0-RC5

WCv5.0-RC6

WCv5.0-RC7

WCv5.0-RC8

WCv5.0-RC9

WCv5.2.1-PILOT

WCv5.2.3-ARMv8-PAA

WCv5.2.3-ARMv8-PAA-r2

WCv5.2.3-DHGENPUB

WCv5.2.3-DHGENPUB-r2

WCv5.2.3-STM32-PAA

WCv6.0.0-RC1

WCv6.0.0-RC2

WCv6.0.0-RC3

WCv6.0.0-RC4

WCv6.0.0-RC5

l

list

v0.5

v1.8.8.0

v1.9.0

v2.0.2

v2.0.3

v2.0.6

v2.0.8

v2.0rc1

v2.0rc2

v2.0rc2b

v2.0rc3

v2.1.1

v2.1.2

v2.1.4

v2.2.0

v2.2.1

v2.2.2

v2.3.0

v2.4.0

v2.4.2

v2.4.6

v2.4.7

v2.5.0

v2.5.2

v2.5.2b

v2.6.0

v2.6.2

v2.7.0

v2.7.2

v2.8.0

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.5a

v2.8.6

v2.9.0

v2.9.1

v2.9.2

v2.9.4

v3.0.0

v3.0.2

v3.1.0

v3.10.0-stable

v3.10.0a

v3.10.2-stable

v3.10.3

v3.10.4

v3.11.0-stable

v3.11.1-tls13-beta

v3.12.0-stable

v3.12.2-stable

v3.13.0-stable

v3.13.2

v3.13.3

v3.14.0-stable

v3.14.0a

v3.14.0b

v3.14.2

v3.14.4

v3.14.5

v3.15.0-stable

v3.15.3-stable

v3.15.5-stable

v3.15.5a

v3.15.6

v3.15.7-stable

v3.15.8

v3.2.0

v3.2.4

v3.2.6

v3.3.0

v3.3.2

v3.3.3

v3.4.0

v3.4.2

v3.4.6

v3.4.8

v3.6.0

v3.6.0b

v3.6.2

v3.6.6

v3.6.8

v3.6.9

v3.6.9b

v3.6.9c

v3.6.9d

v3.69.d

v3.7.0

v3.7.1

v3.7.3

v3.8.0

v3.9.0

v3.9.1

v3.9.10-stable

v3.9.10b

v3.9.6

v3.9.6w

v3.9.8

v4.0.0-stable

v4.1.0-stable

v4.2.0-stable

v4.2.0c

v4.3.0-stable

v4.4.0-stable

v4.5.0-stable

v4.6.0-stable

v4.7.0-stable

v4.7.1r

v4.8.0-stable

v4.8.1-stable

v5.0.0-stable

v5.1.0-stable

v5.1.1-stable

v5.2.0-stable

v5.2.1-stable

v5.2.1-stable-OS_Seed-HdrOnly

v5.3.0-stable

v5.4.0-stable

v5.5.0-stable

v5.5.1-stable

v5.5.2-stable

v5.5.3-stable

v5.5.4-stable

v5.6.0-stable

v5.6.2-stable

v5.6.3-stable

v5.6.4-stable

v5.6.6-stable

v5.7.0-stable

v5.7.2-stable

v5.7.4-stable

v5.7.6-stable

v5.8.0-stable

wolfEntropy1

wolfRand-RC1

wolfRand-RC2

3e6be9bf2c Fix in "wc_InitRsaKey_ex" for normal math so mp_init isn't called to defer allocation. David Garske 2016-08-15 14:07:16 -06:00
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. David Garske 2016-08-15 13:59:41 -06:00
5347e32d63 Merge pull request #526 from toddouska/fm64-types Chris Conlon 2016-08-15 13:14:59 -06:00
d1d6571575 Merge pull request #525 from toddouska/session Chris Conlon 2016-08-15 13:11:53 -06:00
527c375884 don't setup 64bit typedef with fastmath if not needed toddouska 2016-08-15 11:02:06 -07:00
d74fa8299a add resume session string script check, make GetDeepCopySession static local and check reutrn code toddouska 2016-08-15 09:32:36 -07:00
b38218a0b9 Merge pull request #524 from kaleb-himes/certs-buffs-and-tests dgarske 2016-08-14 08:39:37 -07:00
da18e463ed remove constraints on inclusion of certs_test.h kaleb-himes 2016-08-12 17:00:22 -06:00
03295ec6d7 update certs, extend ntru to 1000 days, add der formatted ecc, new ecc buffer test kaleb-himes 2016-08-11 17:02:03 -06:00
7cf13f84b7 Merge pull request #522 from JacobBarthelmeh/master toddouska 2016-08-10 16:37:16 -07:00
b502d9dcf7 help static analysis tools Jacob Barthelmeh 2016-08-10 14:23:27 -06:00
fd9f8125e3 Merge pull request #521 from dgarske/improve_inline_misc JacobBarthelmeh 2016-08-09 13:09:20 -06:00
a8b2ced588 Merge pull request #519 from dgarske/fix_compat_wo_ecc toddouska 2016-08-08 13:46:58 -07:00
317a7f2662 Change misc.c error to warning and exclude the misc.c code from being compiled. Most people include all .c files and by default inlining is allowed, which in turn causes an #error in misc.c and it must be excluded. Since we know its already been properly included there is no reason to throw error here. Instead, show warning and exclude code in .c file. David Garske 2016-08-08 13:13:59 -07:00
b0e4acaac1 Fix for openssl compatibility without ECC. Disable "wolf_OBJ_nid2sn", "wolf_OBJ_sn2nid" and "wolf_OBJ_obj2nid" when "OPENSSL_EXTRA" defined and "HAVE_ECC" is not defined. David Garske 2016-08-08 10:29:58 -07:00
76e8438059 Merge pull request #518 from dgarske/fix_build_w_callbacks toddouska 2016-08-06 10:11:53 -07:00
49fb0d56b0 Merge pull request #516 from dgarske/fix_asn_wo_hmac toddouska 2016-08-06 10:07:00 -07:00
c8cfe1ffa1 Merge pull request #511 from dgarske/openssl_compat_fixes toddouska 2016-08-06 09:59:31 -07:00
dd03af2cf4 Merge pull request #512 from dgarske/fix_crl_pad toddouska 2016-08-06 09:56:59 -07:00
cc462e2c50 Merge pull request #513 from kojo1/Der2Pem dgarske 2016-08-05 14:35:15 -07:00
d8c63b8e66 Various improvements to support openssl compatibility. * Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it). * Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist). * Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same). * Added "WOLFSSL*" to HandShakeInfo. * Allowed "SetName" to be exposed. * Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code). David Garske 2016-08-05 14:15:47 -07:00
32b0303beb Fix build with "WOLFSSL_CALLBACKS" defined. David Garske 2016-08-05 14:06:58 -07:00
6b1ff8e9d7 Only try and return serial number or check padding if the serial number size is greater than 1. David Garske 2016-08-05 12:53:26 -07:00
a17bc2a42e Fix build issue with ASN enabled and no HMAC (missing MAX_DIGEST_SIZE). Switch to using WC_MAX_DIGEST_SIZE from hash.h, which is always available. Added small stack option for digest in MakeSignature. Fixed build error with unused "testVerifyCount" if "NO_ECC_SIGN" or "NO_ECC_VERIFY". David Garske 2016-08-05 12:19:30 -07:00
eeb506b8c0 Merge pull request #514 from dgarske/fix_arm_cc_warn toddouska 2016-08-05 10:07:32 -07:00
96da2df7ec Additional max index and serial number size checks in "GetSerialNumber". David Garske 2016-08-03 17:04:44 -07:00
2c1309ffc7 Fixes for warnings when cross-compiling with GCC ARM. David Garske 2016-08-03 16:53:53 -07:00
e01dcb671d eliminate tail nl Takashi Kojo 2016-08-03 11:12:10 +09:00
ed4cd2438f CRL_Type to wc_DerToPem Takashi Kojo 2016-08-03 10:53:54 +09:00
9ddfe93c43 Fixed issue with CRL check and zero pad (the GetRevoked function was not trimming pad). Added new ASN "GetSerialNumber" function and implemented it in three places in asn.c. David Garske 2016-08-02 16:47:21 -07:00
67d607324a Merge pull request #509 from JacobBarthelmeh/Release v3.9.8 toddouska 2016-07-28 18:47:39 -07:00
32c0b6d97a prepare for release 3.9.8 Jacob Barthelmeh 2016-07-28 15:46:45 -06:00
dcc0f87ce6 Merge pull request #506 from toddouska/del_point JacobBarthelmeh 2016-07-27 18:54:46 -06:00
303561c1a1 Merge pull request #505 from toddouska/timing dgarske 2016-07-27 15:52:01 -07:00
a94f34c8e2 fix remaining non fpecc ecc_del_point w/o heap toddouska 2016-07-27 14:24:34 -07:00
6cd4acbdba Merge pull request #504 from dgarske/oid_unknown_fix toddouska 2016-07-27 14:16:04 -07:00
20c991717f Merge pull request #503 from JacobBarthelmeh/mysql toddouska 2016-07-27 12:13:47 -07:00
7cf0b8fe85 fix scan-build warning on ecc memory alloc failure toddouska 2016-07-27 11:20:08 -07:00
b0e72dd692 Fix for "OID Check Failed". This restores behavior to what it was prior to commit "7a1acc7". If an OID is not known internally skip the verify and return success and the OID sum. David Garske 2016-07-27 10:39:42 -07:00
37b84abe0b change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA Jacob Barthelmeh 2016-07-27 09:36:16 -06:00
c834216cca Merge pull request #501 from ejohnstown/key-usage toddouska 2016-07-26 15:45:38 -07:00
0265b0f4bb only check server's cert key encipher on client for RSA key exchange John Safranek 2016-07-26 13:32:54 -07:00
993838153e Merge pull request #487 from moisesguimaraes/fix-ocspstapling-getca John Safranek 2016-07-26 12:42:47 -07:00
edbec4db20 Merge pull request #500 from dgarske/ocsp2_asn_fix John Safranek 2016-07-26 12:41:50 -07:00
242d26eba2 Merge pull request #488 from cconlon/sig_algo toddouska 2016-07-26 11:05:24 -07:00
c80f1805f0 Fix for failing OID check with "ocspstapling2" enabled. Found OID type in "ToTraditional" that should be keyType, not sigType. Added optional OID decode function and optional OID info dump in "GetObjectId" (both off by default). David Garske 2016-07-26 10:35:40 -07:00
5bb250583e Merge pull request #499 from toddouska/timing dgarske 2016-07-26 10:14:20 -07:00
fc6a5c0702 fix mcapi w/o harden toddouska 2016-07-26 09:06:46 -07:00
a274386693 fix user rsa no error codes? toddouska 2016-07-25 19:19:46 -07:00
51042e166f fix mcapi with blinding API addition toddouska 2016-07-25 15:57:38 -07:00
cd5486a4e6 fix user_rsa with blinding API addition toddouska 2016-07-25 15:33:28 -07:00
ea683f493a Merge pull request #498 from kaleb-himes/cert-updates John Safranek 2016-07-25 15:19:34 -07:00
16336e37ec fix blinding with fips toddouska 2016-07-25 13:47:53 -07:00
88f847de90 add --enable-harden swtich for timing resistance and blinding, on by default toddouska 2016-07-25 13:24:36 -07:00
4121667586 update certs pre-release: NTRU certs expired in mid june kaleb-himes 2016-07-25 13:05:52 -06:00
096e3f9b8b Merge pull request #496 from JacobBarthelmeh/staticmemory toddouska 2016-07-21 16:17:34 -07:00
e8f7d78fc4 add helper functions for choosing static buffer size Jacob Barthelmeh 2016-07-21 12:11:15 -06:00
b81e687bf3 Merge pull request #490 from JacobBarthelmeh/master toddouska 2016-07-20 20:27:03 -07:00
8f2af608a7 Merge pull request #492 from JacobBarthelmeh/staticmemory toddouska 2016-07-20 20:25:38 -07:00
e920e6cee0 Merge pull request #495 from toddouska/rng-redef dgarske 2016-07-20 19:22:08 -07:00
2c92fee59f fix WC_RNG redeclare toddouska 2016-07-20 17:18:58 -07:00
b265666174 Merge pull request #491 from toddouska/rsab-fixes dgarske 2016-07-20 15:22:19 -07:00
81526f8384 move wolfSSL Get RNG out of ifdef in header toddouska 2016-07-20 10:37:31 -07:00
1b980867d6 fix rsablind other builds toddouska 2016-07-19 11:29:22 -07:00
5d8a78be30 set heap hint for ctx Jacob Barthelmeh 2016-07-19 09:34:29 -06:00
1f5b6d4e66 sanity check on buffer size Jacob Barthelmeh 2016-07-19 15:57:09 -06:00
01ecc64052 avoid race condition with IO and handshake counter Jacob Barthelmeh 2016-07-19 10:48:49 -06:00
17207ff61b account for when FreeHandshakeResources is not called Jacob Barthelmeh 2016-07-19 10:32:25 -06:00
8423ad0e96 Merge pull request #493 from dgarske/ecc_fixes toddouska 2016-07-20 10:40:14 -07:00
e0f2bbd1b4 Added comment about why 0's test is disabled. ECC without Shamir fails with fast or normal math. David Garske 2016-07-19 19:12:45 -07:00
5e2502fa95 ECC without Shamir has issues testing all zero's digest, so disable this test if not using Shamir method. Fixed comment about "NO_ECC_SECP". David Garske 2016-07-19 14:34:32 -07:00
7a419ba6d8 Merge pull request #472 from dgarske/ecc_brainpool_koblitz toddouska 2016-07-19 11:44:53 -07:00
bdbf972d42 Merge pull request #486 from cconlon/openssl-script toddouska 2016-07-19 11:38:52 -07:00
32a2bd3863 Merge pull request #489 from toddouska/rsablind dgarske 2016-07-19 09:03:09 -07:00
f88f501923 add unique RNG missing error toddouska 2016-07-18 18:10:38 -07:00
e866b55bb7 removes fallback. Moisés Guimarães 2016-07-18 22:02:41 -03:00
1c71fb4ad1 scope tmpa/b with blinding, document RSA options toddouska 2016-07-18 17:37:03 -07:00
c2b55f69fa fix 32bit mp_add_d need toddouska 2016-07-18 12:49:31 -07:00
d235a5f0cc add WC_RSA_BLINDING, wc_RsaSetRNG() for RSA Private Decrypt which doesn't have an RNG toddouska 2016-07-18 11:57:47 -07:00
d3f7ddc486 leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined Chris Conlon 2016-07-15 14:32:24 -06:00
dd329ac97b fixes ocsp signer lookup in the cert manager. Moisés Guimarães 2016-07-15 17:12:04 -03:00
e75642f011 openssl.test, switch -Verify to -verify to accomodate ADH cipher suites Chris Conlon 2016-07-15 13:39:32 -06:00
c47f5f404c Merge pull request #480 from toddouska/noecho Chris Conlon 2016-07-15 13:12:27 -06:00
b1de4dcbbb Merge pull request #481 from wolfSSL/fix_anon_cipher Chris Conlon 2016-07-15 13:05:32 -06:00
9a6f66a093 Merge pull request #484 from JacobBarthelmeh/master dgarske 2016-07-15 09:50:39 -07:00
aa9b1e964c Fix for possible seg fault with anonymous cipher mode enabled. Do not perform signature/verify when using anon_cipher. David Garske 2016-07-14 15:58:35 -07:00
515bf5e135 add ARM 64bit type macro Jacob Barthelmeh 2016-07-14 15:29:32 -06:00
c7b969b5b4 don't echo session id on blank ticket if we're going to create a new ticket toddouska 2016-07-13 18:45:10 -07:00
9a9a98ac82 Merge pull request #479 from toddouska/idlen Chris Conlon 2016-07-13 14:57:33 -06:00
5f21f93c61 allow bogus sessionID when ticket callback rejects ticket toddouska 2016-07-13 12:47:59 -06:00
c20551cc56 Merge pull request #478 from toddouska/flatten-fix dgarske 2016-07-13 08:50:39 -07:00
7b76c3ab36 allow bogus client sessoinID of non 32 bytes with session ticket toddouska 2016-07-13 09:47:49 -06:00
b6aefad568 Merge pull request #477 from JacobBarthelmeh/master toddouska 2016-07-12 16:31:13 -06:00
7a906e47ed fix rsa flatten eSz check toddouska 2016-07-12 16:28:59 -06:00
97f60bc831 Merge pull request #476 from dgarske/fix_lpcxpresso toddouska 2016-07-12 15:23:09 -06:00
92341292c7 remove hard tabs and replace with spaces Jacob Barthelmeh 2016-07-12 14:12:44 -06:00
8a20f7a909 Fix to exclude misc.c by default to eliminate #error about inline. David Garske 2016-07-12 13:07:08 -07:00
1c9f013c09 Include the .project and .cproject files in distribution. Fix issue with adding wolfssl to existing project, so the <name> is "wolfssl", not "lib_wolfssl". David Garske 2016-07-12 13:03:47 -07:00
1b149d3941 Merge pull request #474 from ejohnstown/dtls-ver Kaleb Himes 2016-07-11 12:35:27 -07:00
3dc09ae0fb one last fix of the DTLS version numbers John Safranek 2016-07-08 17:20:56 -07:00