wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 16:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,368 Commits 12 Branches 184 Tags
2a6ab9549b30c38ca807cdbe661ce8169c24f2ae
Commit Graph

3419 Commits

Author SHA1 Message Date
toddouska
378f5c0d4b Merge pull request #2204 from dgarske/server_fixups 
Improvements to TLS write handling in error cases
 2019-04-18 09:21:27 -07:00
Chris Conlon
2cf264a9d5 Merge pull request #2207 from ejohnstown/evp-init-fix 
EVP Init Fix
 2019-04-17 17:16:42 -07:00
John Safranek
3bf01072d8 EVP Init Fix 
When calling wolfSSL_EVP_DigestInit() with an unsupported string, the
macType should be set to NONE, rather than ignored. In a particular
build combination, functions using that EVP could false the type because
of memory garbage. Just set it in the else case.
 2019-04-17 14:04:00 -07:00
Hideki Miyazaki
1ab5a022c6 updated as the latest version of sw use 2019-04-17 16:30:11 +09:00
toddouska
013e4429da Merge pull request #2202 from SparkiDev/curve25519_asm_file 
Curve25519 converted from inline assembly to asm only
 2019-04-12 16:31:08 -07:00
David Garske
68390b1ba3 Improvement to wolfSSL_write to not allow for VERIFY_MAC_ERROR or DECRYPT_ERROR errors. This resolves possible end user application implentation issue where a wolfSSL_read failure isn't handled and a wolfSSL_write is done anyways. 2019-04-12 11:29:28 -07:00
Sean Parkinson
e5bf2ed1d1 Curve25519 converted from inline assembly to asm only 
Fixed large values (top bit set) in tables to be negative as the type is
signed.
Put C++ protection around function prototypes in fe_operations.h.
 2019-04-11 16:17:48 +10:00
David Garske
2c5f268f16 Port for Telit IoT AppZone SDK 
* Added new `WOLFSSL_TELIT_M2MB` build option to enable support for RNG, Time, Mutex, FileSystem and Directory.
* Added `XTIME_MS` macro to simplify the tls13.c layer time requirement.
* Cleanup of the wolfCrypt benchmark and test printf remapping.
* Added wolfCrypt optional memory test enabled with `COMPLEX_MEM_TEST`.
* Added wolfCrypt test / benchmark feature for allowing "sleep" between long operations using `TEST_SLEEP()`.
* Fix for extern with `sp_ModExp_2048` when building with `--cpp` option.
 2019-04-08 06:43:25 -07:00
David Garske
56d7766ba3 Merge pull request #2192 from SparkiDev/small_server 
Fixes for small server build without client code
 2019-04-05 06:18:57 -07:00
Sean Parkinson
ad857c40d1 Fixes for small server build without client code 2019-04-05 09:38:14 +10:00
Chris Conlon
9c3cb2fbba Merge pull request #2176 from miyazakh/no_signature_algo 
Add macro definition to disable signature algorithms extension
 2019-04-04 15:35:00 -07:00
Hideki Miyazaki
f81446bf69 Fixed compiling error while enabling opensslextra 2019-04-04 10:04:09 +09:00
toddouska
b224f6fac9 Merge pull request #2181 from JacobBarthelmeh/Compatibility-Layer 
update wolfSSL_i2d_RSAPrivateKey function
 2019-04-03 09:16:10 -07:00
John Safranek
e4059a65b9 Merge pull request #2177 from dgarske/async_rel_v4 
wolfSSL Asynchronous release v4 fixes
 2019-04-01 11:07:12 -07:00
David Garske
e8afb6ea51 Merge pull request #2174 from embhorn/zd4879 
Fixes for static analysis issues
 2019-04-01 08:48:40 -07:00
Hideki Miyazaki
6c0989ba4d no_signature_algo 2019-03-30 10:41:40 +09:00
David Garske
7e9e50c03b Fix for Async TLS v1.3 wolfSSL_write with AES GCM offload. The args->idx was being incremented on the repeated call with BUILD_MSG_HASH state. 2019-03-28 17:52:08 -07:00
Jacob Barthelmeh
b599dc2b9d update wolfSSL_i2d_RSAPrivateKey function 2019-03-28 14:15:57 -06:00
Eric Blankenhorn
cffe7eccde Fixes for high impact issues 2019-03-28 12:08:19 -05:00
David Garske
b1c791dbd9 Merge pull request #2180 from miyazakh/wolfsslclean_fix 
Initialized sendVerify when calling wolfSSL_clear
 2019-03-27 23:32:41 -07:00
JacobBarthelmeh
8c6316eb9c Merge pull request #2179 from kojo1/X509_STORE_CTX 
X509_STORE_CTX_free compatibility
 2019-03-27 17:17:26 -06:00
Hideki Miyazaki
05987ec717 Initialized sendVerify when reseting WOLFSSL object 2019-03-27 10:18:43 +09:00
John Safranek
7aa159ca6d Merge pull request #2157 from kojo1/ocsp_staple 
Expose CheckResponse as wolfSSL_CertManagerCheckOCSP_Staple
 2019-03-25 13:48:29 -07:00
JacobBarthelmeh
6b325929e5 Merge pull request #2175 from kojo1/BN_init 
add BN_init
 2019-03-25 09:04:36 -06:00
Takashi Kojo
3e42c6edcd remove sk_X509_free for compatibility 2019-03-24 16:57:08 +09:00
Chris Conlon
d9e6b8a62d Merge pull request #2168 from aaronjense/master 
Remove NULL check before pub and priv have a chance to be set
 2019-03-22 16:34:34 -06:00
Takashi Kojo
744c247e92 change CheckOCSP_staple to OCSPResponse, move to ssl.h 2019-03-22 13:56:32 +09:00
John Safranek
22b2ae7358 Release Fixes 
1. Fix for the enable-afalg option from Jacob Barthelmeh.
2. Client fix for enable-sp+enable-sp-math option from David Garske.
3. Added a couple of typecasts to some mallocs.
4. Modified the option guard for the mask member of Options for the webserver build.
5. Added some more padding to the opaque structures used for SHA_CTX and AES_KEY.
6. Added WOLFSSL_API to the stack logging functions.
 2019-03-19 13:55:17 -07:00
Aaron Jense
fed2bc5f72 Remove NULL check before pub and priv have a chance to be set 2019-03-18 13:18:04 -06:00
John Safranek
eebf07b67c Release Fixes 
1. Fix two potentially unitialized variables, discovered on a VS build.
 2019-03-18 10:14:16 -07:00
Takashi Kojo
6a3eccd344 add BN_init, working with tfm, only. 2019-03-17 13:28:04 +09:00
John Safranek
246c444b93 Updates for v4.0.0 
Update the copyright dates on all the source files to the current year.
 2019-03-15 10:37:36 -07:00
David Garske
6ff2039b1f Merge pull request #2163 from ejohnstown/config-fixes 
Configuration Fixes
 2019-03-14 15:21:41 -07:00
John Safranek
b1ea7c035f Merge pull request #2118 from kojo1/ocsp_proxy 
OCSP, CRL request with "Cache-Control: no-cache" for proxy
 2019-03-14 13:26:03 -07:00
David Garske
6361ec2f10 Fix for AES GCM and CCM ex to NOT increment counter or update IV if failure or async response code. Resolves TLS v1.3 with async simulator. 2019-03-13 23:32:53 -07:00
David Garske
5a2cd5fc90 Fixes to resolve async crash (using stack pointer after return) due to 16-bit fixes in PR #2133 (commit 700eca4566). Revert to using the "unsigned int" length directly for word32 but cast it. 2019-03-13 22:59:00 -07:00
John Safranek
27ea9d9bce Configure Fixes 
1. The combination enable-all and disable-rsa breaks some of the
testing. Added the NO_RSA guards as appropriate.
2. Disabled the OCSP stapling and CRL tests when RSA is disabled as they
use test certificates with RSA keys.
 2019-03-13 17:54:33 -07:00
toddouska
0d48a4a1a7 Merge pull request #2133 from dgarske/fixes_16bit 
Fixes for data types, cast warnings and shift operations when using 16-bit platform
 2019-03-12 16:53:27 -07:00
toddouska
b4ba3d7ca6 Merge pull request #2136 from dgarske/asncapathlen 
Fixes issue with CA path length for self signed root CA's
 2019-03-12 14:11:15 -07:00
toddouska
28a1ff5d59 Merge pull request #2146 from dgarske/sigalgo_ecdh 
ECDSA option to limit sig/algos to key size with `USE_ECDSA_KEYSZ_HASH_ALGO`
 2019-03-12 14:08:10 -07:00
toddouska
70490a4db6 Merge pull request #1855 from ejohnstown/trust-ca 
Trusted CA Key Indication Extension
 2019-03-12 13:52:27 -07:00
David Garske
7d1bb05c0c Fix return code for GetMacDigestSize. 2019-03-11 19:37:04 -07:00
David Garske
700eca4566 Fixes from peer review. Improved compatibility of API's. Clarification on integer.h mp_digit sizes. 2019-03-11 19:34:07 -07:00
toddouska
554af3dcfa Merge pull request #2151 from JacobBarthelmeh/Testing 
path include adjustment, rename internal OBJ function, and client pri…
 2019-03-11 16:48:19 -07:00
John Safranek
1eb46c697f 1. In the loop in TCA parse, when checking the list of IDs that the 
server has keys for, change the polarity of the comparison. If the
current ID is in the list, set the response flag and break out of
the loop.
 2019-03-11 12:42:13 -07:00
John Safranek
9bd40353c2 1. Rename the parameters cert and certSz on the function 
wolfSSL_UseTrustedCA() to certId and certIdSz.
2. Add better parameter checking to wolfSSL_UseTrustedCA() based on the
ID type.
 2019-03-11 12:42:13 -07:00
John Safranek
8a4e8067f6 1. In the trusted CA extension code, add guards for NO_SHA around the cases that use SHA-1. 
2. Check the trusted CA id pointer for NULL before copying.
3. Updated the api test for the NO_SHA change.
4. Remove the TCA options member as redundant.
 2019-03-11 12:42:13 -07:00
John Safranek
2342ea15eb Remove the CTX versions of the UseTrustedCA functions. A session needs 
to be able to set a flag in the extension and that isn't allowed in the
CTX extensions.
 2019-03-11 12:36:58 -07:00
John Safranek
b7663a940e Trusted CA Key Indication Extension 
Added an API for enabling the Trusted CA Key Indication extension from
RFC6066 section 6. If the server doesn't have a match for the client,
the client will abandon the session.
 2019-03-11 12:35:12 -07:00
toddouska
6e1b05316d Merge pull request #2104 from ejohnstown/renegotiation-testing 
Secure Renegotiation
 2019-03-11 12:10:48 -07:00