wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 12:52:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,520 Commits 12 Branches 184 Tags
153c7cc684e8d5b6082607cd777cdd28e87c2ab8
Commit Graph

8520 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
153c7cc684 Fix for unused variable in new fast-rsa function wc_RsaPublicKeyDecode_ex. 2018-10-25 11:12:33 -07:00
David Garske
81651c351b Added optional logging for example PK callbacks in test.h enabled with DEBUG_PK_CB. 2018-10-25 09:15:34 -07:00
David Garske
86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects HAVE_PK_CALLBACKS on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API wc_RsaPublicKeyDecode_ex for parsing an RSA public key for the modulus and exponent. Changed wolfSSL_CTX_SetTmpEC_DHE_Sz to support a size == 0 for using the long-term private key's size. Changed ECDHE_SIZE so it can be overridden and build-time. Added tests for wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. 2018-10-25 09:15:23 -07:00
toddouska
23445546c5 Merge pull request #1892 from dgarske/ecdhe_keysize 
Fix for ephemeral key size selection
 2018-10-25 07:27:20 -07:00
David Garske
c4d6f886b7 Revert change from PR #1845 commit 24f9f12844. This ensure the ephemeral key is P-256 or the overridden value determined by wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. This restores previous behavior from last release. 2018-10-24 09:48:03 -07:00
toddouska
0eb115e7a1 Merge pull request #1884 from kaleb-himes/ECC_DISABLED_TEST_FIX 
Fixes to resolve skipped tests with ECC disabled
 2018-10-24 09:30:47 -07:00
Sean Parkinson
7586e1df42 Only do early data in initial handshake when using PSK 2018-10-24 09:47:30 +10:00
toddouska
c173d72423 Merge pull request #1891 from SparkiDev/nginx-1.15.5 
Add defines for latest nginx
 2018-10-23 08:07:52 -07:00
Sean Parkinson
ef8b564d2e Add defines for latest nginx 2018-10-23 22:08:44 +10:00
toddouska
22aa01a547 Merge pull request #1881 from SparkiDev/pkcs7_no_si 
Return error when attempting to verify signed data without signers
 2018-10-22 15:00:55 -07:00
toddouska
878b5925fc Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
toddouska
42fecee77b Merge pull request #1859 from SparkiDev/pkcs7-cons 
Support constructed OCTET_STRING in PKCS#7 signed data
 2018-10-22 14:52:50 -07:00
Chris Conlon
353f9018f5 Merge pull request #1890 from miyazakh/jamsg 
Added Japanese message into the examples client and server
 2018-10-22 13:44:11 -06:00
David Garske
0b720c4412 Fixes for TLSv1.3 early data. 2018-10-22 11:35:40 -07:00
Chris Conlon
96abf43238 Merge pull request #1888 from MJSPollard/nidFIX 
Fixed compilation issues with Asio, Websocket++, and HAProxy
 2018-10-22 10:19:05 -06:00
Hideki Miyazaki
6953677a8f Keep the max line length to 80 2018-10-20 17:15:17 +09:00
Hideki Miyazaki
a27b4c2efb Added Japanese message into the examples client and server 2018-10-20 13:40:01 +09:00
David Garske
7ce236f3af Fix for new test_wolfSSL_PKCS8 changes to init/free the ecc_key. 2018-10-19 16:04:02 -07:00
David Garske
c268829b68 Fix bug with SendClientKeyExchange and ifdef logic for ecdhe_psk_kea, which was preventing ECDHE-PSK from working if HAVE_CURVE25519 was defined. Disabled broken downgrade test in test-tls13-down.conf (@SpariDev will need to investigate). Various spelling fixes. 2018-10-19 13:21:56 -07:00
Carie Pointer
fac6ce794d Fix HAProxy redefinition warning 2018-10-19 12:14:57 -06:00
MJSPollard
355184bc9b added fix for failing asio and haproxy tests 2018-10-18 17:32:42 -06:00
David Garske
4a4ae446aa Fix for unit.test fails with -H verifyFail. 2018-10-18 11:58:00 -07:00
David Garske
84fb23cfab Merge pull request #1880 from kojo1/NID 
NID definitions are in asn.h
 2018-10-18 09:48:20 -07:00
Sean Parkinson
67bb558025 Return error when attempting to verify signed data without signers 2018-10-18 13:44:13 +10:00
Takashi Kojo
8a872891c5 NID_domainComponent is moved to asn.h 2018-10-18 09:28:15 +09:00
kaleb-himes
cdd8f6b950 Macro guard on cipher suite added - Thanks Jacob\! 2018-10-17 16:44:47 -06:00
kaleb-himes
dc519e6a45 When no cert specified using default, do not return failure in suite tests 2018-10-17 15:20:39 -06:00
David Garske
095337b1cf Merge pull request #1878 from kaleb-himes/TEST_COVERAGE_3 
Test coverage 3
 2018-10-17 13:47:10 -07:00
toddouska
dcb105deff Merge pull request #1876 from dgarske/max_frag_256 
Added new 256-byte max fragment option `WOLFSSL_MFL_2_8`
 2018-10-17 13:21:57 -07:00
David Garske
8b529d3d57 Add test for ECC private key with PKCS 8 encoding (no crypt) and -----BEGIN EC PRIVATE KEY----- header. 2018-10-17 10:01:29 -07:00
kaleb-himes
5ca822b1e9 Peer review changes requested 2018-10-17 10:46:45 -06:00
toddouska
7391f4db90 Merge pull request #1815 from dgarske/atecc508_fixes 
Fixes for ATECC508A
 2018-10-17 08:35:09 -07:00
toddouska
969098518f Merge pull request #1873 from dgarske/fix_async_multi_rec 
Fixes and improvements for wolfSSL asynchronous mode
 2018-10-17 08:23:27 -07:00
kaleb-himes
2aa6f91144 Reset IV after update via call to encrypt 2018-10-16 18:31:16 -06:00
David Garske
0d7d8f54e0 Added support for ECC private key with PKCS8 parsing. Fix is to attempt pkcs8 parse for -----BEGIN EC PRIVATE KEY----- and if parse fails to treat as normal private key. ZD 4379. 2018-10-16 16:56:42 -07:00
David Garske
d7d102d90a Added cipher suite unit tests for max fragment options 1-6 for TLS v1.2 and DTLS v1.2. Fix for client usage comment for max fragment. 2018-10-16 16:47:24 -07:00
David Garske
ab61cefa58 Fix max frag error case tests to use min/max. 2018-10-16 08:58:46 -07:00
David Garske
4adaeb8585 Added new 256-byte max fragment option WOLFSSL_MFL_2_8. 2018-10-15 17:06:21 -07:00
David Garske
e53694b351 Fix for shared secret callback for client side, where it was not using the provided peer's public key. Fix for ATECC508A to put it into idle mode after operations to prevent watchdog fault mode (can be disabled by defining WOLFSSL_ATECC508A_NOIDLE). Fixes for callbacks to support using software for non P-256 curves (can be disabled by defining WOLFSSL_ATECC508A_NOSOFTECC). 2018-10-15 16:01:04 -07:00
David Garske
bd57f5b385 Fix to resolve possible buffer overflow with atmel_get_rev_info when using byte. 2018-10-15 14:17:43 -07:00
David Garske
177bf49fa6 Updates to the atmel.c code to allow easier customization of the hardware interface. 2018-10-15 14:17:43 -07:00
David Garske
bb737ec99d Fixes for building against latest CryptoAuthLib. Refactor to eliminate the atcatls function calls, since these have been removed from latest CryptoAuthLib. Cleanup of the slot assignment handling. 2018-10-15 14:17:43 -07:00
David Garske
d67cb9e875 Added new build option for Microchip CryptoAuthLib (--enable-cryptoauthlib). Build fixes with WOLFSSL_ATECC508A enabled. 2018-10-15 14:17:43 -07:00
David Garske
ba9f21bad6 Improvements to the ATECC508A README.md. 2018-10-15 14:17:42 -07:00
David Garske
c51c607e96 Fix to use inLen for raw public key copy. No need to throw an error for other curve types as this function may be used for software only import/export. In the TLS case with only SECP256R1 there are other places where an error will be thrown. 2018-10-15 14:17:42 -07:00
David Garske
53c2264327 Fix for checking the inLen when setting raw public key len for hardware. Finished the ATECC508A ECC functions to support native TLS with the WOLFSSL_ATECC508A option and SECP256R1. Added slot type for alloc/free. Added helper functions for setting the PK callbacks and custom content. Updated the README.md with build options. Added support for overriding the ATECC_MAX_SLOT. Added overridable define for encryption slot number ATECC_SLOT_I2C_ENC. Added new build option WOLFSSL_ATECC_PKCB for using just the reference PK callbacks. 2018-10-15 14:17:42 -07:00
David Garske
7074625048 Added slot callbacks. Improvements for the Atmel time support. Fix to make sure read encryption key is cleared from stack buffer. 2018-10-15 14:17:42 -07:00
David Garske
e78ddfce75 Fix for wc_ecc_import_x963_ex to handle ATECC508A raw public key. Cleanup of the ATECC508A encryption key support. Added new macro ATCA_TLS_GET_ENC_KEY to allow setting your own function at build-time for getting the encryption key. 2018-10-15 14:17:42 -07:00
David Garske
be318abbc2 Fixes for building with WOLFSSL_ATECC508A with latest atca. 2018-10-15 14:17:42 -07:00
David Garske
7c3313481a Fix for memory cleanup cases in MakeTlsMasterSecret. 2018-10-15 13:22:55 -07:00