wolfssl

feedc0de/wolfssl

Fork 0

forked from wolfSSL/wolfssl

Commit Graph

Select branches

Hide Pull Requests

cert-3389

devin-lifeguard/update-rules-d59f9c48

devin/1739556249-pem-hash-algorithm

devin/1739556249-pem-hash-algorithm-fix

devin/1739556249-pem-hash-algorithm-fix2

devin/1739784730-fix-tlsext-constants

devin/1739818351-optimize-test-suite

devin/1739818351-optimize-test-suite-fix

devin/1739917420-rename-kyberkey-to-mlkem

devin/1739920896-esp32-fixes

devin/1740705266-update-mlkemkey-apis

devin/1740757542-null-cipher-evp-update

devin/1740759575-null-cipher-fix

devin/1741319666-remove-qt-guard-add-tests

devin/1741708186-add-cmake-wolfclu

devin/1742172556-aes-xts-tests

devin/1742405136-cipherType-to-string

devin/1742841122-add-dod-pki-oids

devin/1747238512-add-ssl-remove-session

devin/invalid-gentime-crl-test

fixes_with_new_idf

master

nightly-snapshot

pr-8603

remove-arc4

revert-5549-fix_sha256_debug

revert-8277-aarch64_no_crypto

rm_arc4

WCv4-rng-stable

WCv4-stable

WCv4.0-RC1

WCv4.0-RC2

WCv4.0-RC3

WCv4.0-RC4

WCv4.0-RC5

WCv4.0-RC6

WCv4.0-RC7

WCv4.0-RC8

WCv4.0-RC9

WCv5.0-RC10

WCv5.0-RC11

WCv5.0-RC12

WCv5.0-RC2

WCv5.0-RC3

WCv5.0-RC4

WCv5.0-RC5

WCv5.0-RC6

WCv5.0-RC7

WCv5.0-RC8

WCv5.0-RC9

WCv5.2.1-PILOT

WCv5.2.3-ARMv8-PAA

WCv5.2.3-ARMv8-PAA-r2

WCv5.2.3-DHGENPUB

WCv5.2.3-DHGENPUB-r2

WCv5.2.3-STM32-PAA

WCv6.0.0-RC1

WCv6.0.0-RC2

WCv6.0.0-RC3

WCv6.0.0-RC4

WCv6.0.0-RC5

l

list

v0.5

v1.8.8.0

v1.9.0

v2.0.2

v2.0.3

v2.0.6

v2.0.8

v2.0rc1

v2.0rc2

v2.0rc2b

v2.0rc3

v2.1.1

v2.1.2

v2.1.4

v2.2.0

v2.2.1

v2.2.2

v2.3.0

v2.4.0

v2.4.2

v2.4.6

v2.4.7

v2.5.0

v2.5.2

v2.5.2b

v2.6.0

v2.6.2

v2.7.0

v2.7.2

v2.8.0

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.5a

v2.8.6

v2.9.0

v2.9.1

v2.9.2

v2.9.4

v3.0.0

v3.0.2

v3.1.0

v3.10.0-stable

v3.10.0a

v3.10.2-stable

v3.10.3

v3.10.4

v3.11.0-stable

v3.11.1-tls13-beta

v3.12.0-stable

v3.12.2-stable

v3.13.0-stable

v3.13.2

v3.13.3

v3.14.0-stable

v3.14.0a

v3.14.0b

v3.14.2

v3.14.4

v3.14.5

v3.15.0-stable

v3.15.3-stable

v3.15.5-stable

v3.15.5a

v3.15.6

v3.15.7-stable

v3.15.8

v3.2.0

v3.2.4

v3.2.6

v3.3.0

v3.3.2

v3.3.3

v3.4.0

v3.4.2

v3.4.6

v3.4.8

v3.6.0

v3.6.0b

v3.6.2

v3.6.6

v3.6.8

v3.6.9

v3.6.9b

v3.6.9c

v3.6.9d

v3.69.d

v3.7.0

v3.7.1

v3.7.3

v3.8.0

v3.9.0

v3.9.1

v3.9.10-stable

v3.9.10b

v3.9.6

v3.9.6w

v3.9.8

v4.0.0-stable

v4.1.0-stable

v4.2.0-stable

v4.2.0c

v4.3.0-stable

v4.4.0-stable

v4.5.0-stable

v4.6.0-stable

v4.7.0-stable

v4.7.1r

v4.8.0-stable

v4.8.1-stable

v5.0.0-stable

v5.1.0-stable

v5.1.1-stable

v5.2.0-stable

v5.2.1-stable

v5.2.1-stable-OS_Seed-HdrOnly

v5.3.0-stable

v5.4.0-stable

v5.5.0-stable

v5.5.1-stable

v5.5.2-stable

v5.5.3-stable

v5.5.4-stable

v5.6.0-stable

v5.6.2-stable

v5.6.3-stable

v5.6.4-stable

v5.6.6-stable

v5.7.0-stable

v5.7.2-stable

v5.7.4-stable

v5.7.6-stable

v5.8.0-stable

wolfEntropy1

wolfRand-RC1

wolfRand-RC2

4954043def release lock on client side cache bad hash toddouska 2014-12-01 14:11:32 -08:00
1742e0ddb6 Merge in the ADH-AES128-SHA changes and add a check for it during the packet order sanity checking. John Safranek 2014-12-01 11:44:32 -08:00
b2f9d62852 make HASH-DRBG default RNG w/ autoconf toddouska 2014-12-01 09:12:26 -08:00
fe81c2855d sanity size check on handshake headers toddouska 2014-12-01 08:58:52 -08:00
1f8d84553c add server_ready file to externally monitor example server for ready to accept, -r option toddouska 2014-11-26 12:13:47 -08:00
438cb515d5 added a make clean after updating the verify hash when running the fips check John Safranek 2014-11-24 15:52:47 -08:00
98db39a913 fixed the check in commit-tests to see if FIPS test should run John Safranek 2014-11-24 13:33:14 -08:00
f7235819d2 bugfix in the FIPS check script John Safranek 2014-11-24 12:50:55 -08:00
a352908c61 fix optimized fastmath read digit for explicit 32bit digits toddouska 2014-11-24 10:00:13 -08:00
65c0dd4f8a Added fips-check script when running commit-tests. John Safranek 2014-11-19 12:00:04 -08:00
17a4cc8239 fix ctaocrypt test RNG leak when using HASH-DRBG toddouska 2014-11-18 16:52:37 -08:00
f1ab188949 disallow client to fast forward handshake messages toddouska 2014-11-18 16:27:39 -08:00
25362268db Merge pull request #132 from tisb/master toddouska 2014-11-17 17:16:11 -08:00
9fd6e680a2 Removed extra comma to avoid TI compiler warnings. Vikram Adiga 2014-11-17 14:50:52 -08:00
e0bec88f76 fixed build errors for TI-RTOS. Vikram Adiga 2014-11-17 14:49:31 -08:00
59e62b7c49 Merge pull request #131 from lchristina26/master toddouska 2014-11-17 15:30:14 -08:00
57522d217b disallow basic server fast forwards during handshake toddouska 2014-11-17 15:25:49 -08:00
31858d2a34 move gotChangeCipher from options into msgsReceived toddouska 2014-11-17 13:11:45 -08:00
5318b243ba add messages received framework, disallow duplicates toddouska 2014-11-17 12:55:07 -08:00
b3b0c8d1fc Add braces around empty if statements lchristina26 2014-11-17 11:10:23 -07:00
de388bf37f version 3.2.6 v3.2.6 toddouska 2014-11-14 11:49:14 -08:00
2c85756130 fixed carry error on array add in HashDRBG John Safranek 2014-11-13 18:08:23 -08:00
6c2a238c9b bump version toddouska 2014-11-13 10:19:03 -08:00
730cede82d add HAVE_FORCE_FIPS_FAILURE for operational testing v3.2.4 toddouska 2014-11-12 17:09:16 -08:00
6944eb69f6 added error code for AESGCM FIPS KAT test error John Safranek 2014-11-10 15:38:41 -08:00
654c421441 fix benchmark error with NO_AES, jenkins found Chris Conlon 2014-11-10 10:13:23 -07:00
eb59597fed fix bug in sniffer when using old client hellos where large hello message may be ignored John Safranek 2014-11-07 17:11:38 -08:00
54f678b9ee Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-11-07 17:06:04 -08:00
12a6978401 refactored HashDRBG to remove some redundant code John Safranek 2014-11-07 17:05:18 -08:00
eda2103dc3 add size check to fips core hash gen toddouska 2014-11-07 16:43:32 -08:00
e6e24d92fb Merge branch 'master' of github.com:cyassl/cyassl toddouska 2014-11-07 16:23:56 -08:00
81fd594c9f add fips get status functions toddouska 2014-11-07 16:23:19 -08:00
4d819dea87 fix hashType warning on Linux Chris Conlon 2014-11-07 17:19:11 -07:00
138ce50bae Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-11-07 15:36:49 -08:00
00965d44dc fix sniffer bug with detecting old client hello John Safranek 2014-11-07 15:35:36 -08:00
71da84122f expose EncodeSignature() for DER-encoded comparisons Chris Conlon 2014-11-07 16:33:38 -07:00
a45a8f2cd8 Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-11-07 14:40:21 -08:00
d829b5f93b Allow sniffer to follow ports using STARTTLS. John Safranek 2014-11-07 14:37:00 -08:00
233bca3346 add RsaPublicKeyDecodeRaw() to load key from existing n, e Chris Conlon 2014-11-07 15:24:02 -07:00
b36f823da5 only do fips verify core check on fips files toddouska 2014-11-07 13:09:32 -08:00
4441e3be1a HashDRBG continuity failure passed up to caller John Safranek 2014-11-07 12:08:26 -08:00
3130145213 Added note to SSL_ResourceFree() John Safranek 2014-11-06 16:07:05 -08:00
580289375c Fix memory leak in CyaSSL when using Hash DRBG John Safranek 2014-11-06 15:44:24 -08:00
f11d2c435d add fips continuous test error code/msg toddouska 2014-11-06 14:56:11 -08:00
202a1a152d fix jenkins report for smallstack derive tls keys toddouska 2014-11-04 15:39:54 -08:00
322f79f521 allow user to set minimum downgrade version with v23 methods() toddouska 2014-11-03 15:12:48 -08:00
d9f5ada772 add external wrappers for TLS Master Secret generation and Key Expansion toddouska 2014-11-03 09:56:40 -08:00
02f7c71222 Merge branch 'master' of github.com:cyassl/cyassl toddouska 2014-10-31 13:24:29 -07:00
0f641e07a2 remove old client hello processing by default, can turn on with OLD_HELLO_ALLOWED, add sanity checks before size front alloc toddouska 2014-10-31 13:23:50 -07:00
2fe0d9b38d update RNG_HealthTest to output generated bits Chris Conlon 2014-10-31 14:05:13 -06:00
bb8853aa50 fix memory leak when resetting the peer address on a DTLS session John Safranek 2014-10-30 16:23:25 -07:00
56c12c9716 For sniffer with SNI, refactored ssl_SetPrivateKey and ssl_SetNamedPrivateKey so they can be called in any order for a particular server. John Safranek 2014-10-30 14:08:45 -07:00
1e7b579777 sniffer signals got change cipher toddouska 2014-10-29 14:14:32 -07:00
7fed36b09d explicit check for change cipher before finished instead of encryptionOn implicit toddouska 2014-10-29 14:07:41 -07:00
a4228740f5 add FIPS pos errors and messages, better output for in core check and how to fix toddouska 2014-10-28 14:21:55 -07:00
247bef6be3 add fips pos cb for fail codes, generated hash toddouska 2014-10-28 14:03:58 -07:00
c982dd2281 allow aes gcm fips wrappers, no void returns toddouska 2014-10-27 15:52:22 -07:00
bf718a7d51 Added a callback function to set the master secret on the client John Safranek 2014-10-24 15:26:47 -07:00
6138ce720c internal.c: refactoring SendServerKeyExchange to reduce stack usage: --- variable md5 moved to the heap (sizeof(Md5) saved) --- variable sha moved to the heap (sizeof(Sha) saved) --- variable hash moved to the heap (36 bytes saved) --- variable sha256 moved to the heap (sizeof(Sha256) saved) --- variable hash256 moved to the heap (32 bytes saved) --- variable sha384 moved to the heap (sizeof(sha384) saved) --- variable hash256 moved to the heap (48 bytes saved) --- variable encodedSig moved to the heap (512 bytes saved) *** the variables above appear twice in the code Moisés Guimarães 2014-10-24 13:47:49 -03:00
dc90935fc7 internal.c: refactoring SendServerKeyExchange to reduce stack usage: --- variable exportBuf moved to the heap (256 bytes saved) --- indentation fixes Moisés Guimarães 2014-10-24 13:29:18 -03:00
0e43240180 trims trailing white spaces. Moisés Guimarães 2014-10-24 10:33:24 -03:00
62f0c9f661 Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-10-23 14:08:11 -07:00
4d7f26af8d Add continuous block test to Hash DRBG John Safranek 2014-10-23 14:07:31 -07:00
6108f9cd45 add LICENSING file Chris Conlon 2014-10-22 14:26:20 -06:00
b64b864431 Merge pull request #130 from tass-belgium/master Chris Conlon 2014-10-22 14:10:57 -06:00
fde4d56845 Updated picoTCP support, based on newer HTTPS demo Daniele Lacamera 2014-10-22 12:11:31 +02:00
a60332d9a3 internal.c: refactoring DoServerKeyExchange to reduce stack usage: --- using goto to centralize resources deallocation. Moisés Guimarães 2014-10-21 12:39:02 -03:00
5056ebe829 internal.c: refactoring DoServerKeyExchange to reduce stack usage: --- variable hash256 moved to the heap (32 bytes saved) --- variable hash384 moved to the heap (48 bytes saved) --- variable hash moved to the heap (36 bytes saved) --- variable messageVerify moved to the heap (612 bytes saved) --- variable encodedSig moved to the heap (512 bytes saved) Moisés Guimarães 2014-10-20 16:44:44 -03:00
0447bf7551 internal.c: refactoring DoServerKeyExchange to reduce stack usage: --- variable md5 moved to the heap (sizeof(Md5) saved) --- variable sha moved to the heap (sizeof(Sha) saved) --- variable sha256 moved to the heap (sizeof(Sha256) saved) --- variable sha384 moved to the heap (sizeof(Sha384) saved) Moisés Guimarães 2014-10-18 16:08:52 -03:00
7f836cd6b3 internal.c: refactoring SendClientKeyExchange to reduce stack usage: --- variable encSecret moved to the heap (1027 bytes saved) --- variables priv moved to the heap (1024 bytes saved) Moisés Guimarães 2014-10-18 15:21:40 -03:00
949094cfbc internal.c: refactoring DoCertificateVerify to reduce stack usage: --- variable encodedSig moved to the heap (512 bytes saved) Moisés Guimarães 2014-10-18 14:38:57 -03:00
9368c8d1e8 internal.c: refactoring SendCertificateVerify to reduce stack usage: --- variable encodedSig moved to the heap (512 bytes saved) Moisés Guimarães 2014-10-18 14:31:14 -03:00
845e49781f internal.c: refactoring DoServerHello to reduce stack usage: --- variable clSuites removed (sizeof(Suites) saved) Moisés Guimarães 2014-10-17 16:44:42 -03:00
a7e585b63d internal.c: refactoring BuildMessage to reduce stack usage: --- variable hmac moved to the heap (up to 64 bytes saved) Moisés Guimarães 2014-10-17 16:31:09 -03:00
5ef9a21eaa internal.c: refactoring DoCertificate to reduce stack usage: --- variable domain moved to the heap (256 bytes saved) --- variable dCert moved to the heap (sizeof(DecodedCert) saved) --- variable store moved to the heap (sizeof(CYASSL_X509_STORE_CTX) saved) Moisés Guimarães 2014-10-17 16:16:50 -03:00
37c1627234 internal.c: refactoring BuildFinished to reduce stack usage: --- variable md5 moved to the heap (sizeof(Md5) saved) --- variable sha moved to the heap (sizeof(Sha) saved) --- variable sha256 moved to the heap (sizeof(Sha256) saved) --- variable sha384 moved to the heap (sizeof(Sha384) saved) Moisés Guimarães 2014-10-17 15:04:22 -03:00
50a00d4ff0 add PicoTCP support Chris Conlon 2014-10-21 15:43:43 -06:00
e35e02a283 Added SNI named keys to the sniffer. John Safranek 2014-10-16 11:40:32 -07:00
35bcc98948 Added a callback when receiving a NewSessionTicket handshake message. John Safranek 2014-10-20 09:25:14 -07:00
60790ee4ae Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-10-16 22:01:55 -07:00
b2f25cd91c 1. Added accessors for session tickets. 2. Fixed client case when server doesn't want to resume session with ticket. John Safranek 2014-10-16 22:00:13 -07:00
c2ade678e1 Adds use of ssl->session.sessionIDSz during SendClientHello(). Moisés Guimarães 2014-10-13 23:15:34 -03:00
b10fdbf1f0 Adds storage of ssl->arrays->sessionIDSz in SessionCache at AddSession(); Adds storage of ssl->arrays->sessionIDSz in ssl->session at FreeArrays(); Moisés Guimarães 2014-10-13 23:13:51 -03:00
6956d146d1 Adds capture of ssl->arrays->sessionIDSz at DoServerHello. Moisés Guimarães 2014-10-13 23:04:31 -03:00
e98eb1ba4d Adds sessionIDSz to CYASSL_SESSION and Arrays. Moisés Guimarães 2014-10-13 23:01:21 -03:00
08cdf91761 bump version toddouska 2014-10-13 14:44:39 -07:00
d457ff8d71 don't set GetLength input value to negative in error case, shouldn't matter if return value checked toddouska 2014-10-10 10:25:42 -07:00
159abadd73 add NO_FORCE_SCR_SAME_SUITE flag for scr toddouska 2014-10-09 11:10:40 -07:00
5019eab073 Merge branch 'master' of github.com:cyassl/cyassl toddouska 2014-10-07 15:51:38 -07:00
54049c6000 allow dhe 4096bit for ssl key exchange toddouska 2014-10-07 15:50:33 -07:00
557f19db0b Adds support to session IDs of size 1 to 31 bytes. Only session IDs of size 0 or 32 bytes was allowed before, now the session ID size may be from 0 to 32 bytes. A size of zero bytes means that is no session ID provided by the server. Moisés Guimarães 2014-10-07 13:02:59 -03:00
c65b14a891 add scr check against subject hash, only allow explicit session ticket resupmtion during scr toddouska 2014-10-06 16:12:45 -07:00
214eba0325 fix session ticket get size toddouska 2014-10-06 14:52:05 -07:00
7c67a9261c trimmed some unused code for session tickets John Safranek 2014-10-06 12:44:52 -07:00
954740e2a8 Added check for expected session ticket John Safranek 2014-10-04 12:41:51 -07:00
b95b2a8463 Merge branch 'master' of github.com:cyassl/cyassl John Safranek 2014-10-03 13:27:22 -07:00
80a474ebad 1. Fixed encoding of session ticket hello extension. 2. Session tickets used as alternative resumption. John Safranek 2014-10-03 13:19:59 -07:00
24bfade874 catch user error with write() after WANT_WRITE with short size toddouska 2014-10-03 12:03:20 -07:00
3f01f097e7 allow scr sessoin ticket toddouska 2014-10-02 10:43:06 -07:00
668fed4796 don't allow scr and fake indication together toddouska 2014-10-02 10:18:11 -07:00