wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 05:25:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,144 Commits 12 Branches 184 Tags
3129bb22cd67c03fb3181d319e5c8ecf1df5c76f
Commit Graph

783 Commits

Author SHA1 Message Date
Jacob Barthelmeh
3129bb22cd minimum ECC key size check at TLS/SSL level 2016-04-19 15:50:25 -06:00
Jacob Barthelmeh
789f346c5f follow verifyNone variable when checking key size 2016-04-19 10:23:01 -06:00
Jacob Barthelmeh
0eb57ccab0 set return error before jumping to end of function 2016-04-18 14:27:34 -06:00
Jacob Barthelmeh
c9891567e8 add check for min RSA key size at TLS/SSL level 2016-04-14 13:35:49 -06:00
kaleb-himes
c6e9021732 scan-build warnings related to enable-psk, disable-asn,rsa,ecc 2016-04-11 11:13:26 -06:00
toddouska
85505b99b9 Merge pull request #380 from cconlon/utasker 
uTasker Port
 2016-04-08 15:08:39 -07:00
Chris Conlon
46f4be357b uTasker: add note about XTIME to settings.h 2016-04-08 11:20:58 -06:00
Chris Conlon
8d040ad41f uTasker: add initial port, WOLFSSL_UTASKER 2016-04-08 11:12:17 -06:00
Jacob Barthelmeh
5b4f17545b autoconf checks on some builds that break, macro for no server, and user rsa 2016-04-06 15:36:50 -06:00
David Garske
2d4aa1bbb5 Better fix for scan-build warning regarding possible use of NULL in AddRecordHeader. Scan-build considers paths where output is set to NULL, but ssl->spec.kea is corrupted/changed, which could result in output == NULL (even though it should never happen). So added proper NULL check in SendServerKeyExchange on AddHeader to make sure output isn't NULL. 2016-04-01 12:57:33 -07:00
David Garske
19f0769ec4 Fix for scan-build warning where async changes make it appear like the output buffer could be NULL (even though its not). Added NULL check on the AddRecordHeader function. 2016-04-01 10:55:01 -07:00
David Garske
dd28d53cfb Fix build issues with new async changes. Fixed issue with unused args preSigSz and preSigIdx with PSK enabled and ECC + RSA disabled. Fixed issue with missing qsSz variable in DoClientKeyExchange. Fixed missing DhAgree and DhKeyGen with NO_CERTS and PSK enabled. Fixed a couple scan-build warnings with "Value stored to '' is never read". 2016-04-01 09:23:46 -07:00
toddouska
63b1282e67 Merge pull request #335 from dgarske/asynccrypt 
Asynchronous crypto and wolf event support
 2016-03-30 20:12:41 -07:00
Jacob Barthelmeh
e60adfc9da better naming of macro and alter misc.c check 2016-03-29 13:42:40 -06:00
Jacob Barthelmeh
2665db73a4 check for compiling misc.c when not needed 2016-03-28 16:03:15 -06:00
Jacob Barthelmeh
67b4d2e2f4 case where memory is exhausted before ctx copied to ssl 2016-03-25 14:19:51 -06:00
David Garske
71683e23e9 Resolve 2nd unused "typeH" warning. 2016-03-18 06:27:42 -07:00
David Garske
0e43fca1f3 Resolve unused "typeH" warning. 2016-03-17 15:56:51 -07:00
Jacob Barthelmeh
e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske
e1787fe160 Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo. 2016-03-17 13:31:03 -07:00
Jacob Barthelmeh
db758dc98b update test script, fall back to cert name search, fix der free 2016-03-12 09:37:32 -07:00
Jacob Barthelmeh
060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00
JacobBarthelmeh
154f027c54 Merge pull request #347 from dgarske/ScanBuildFix214 
Address scan-build issue on build #214 after DerBuffer refactor part 2
 2016-03-11 16:53:41 -07:00
David Garske
81b0ccdb1a Address scan-build issue on build #214 after DerBuffer refactor part 2 (ceafb25). 2016-03-11 09:39:13 -08:00
Moisés Guimarães
2e1c1ca7f8 remove unnecessary condition 2016-03-10 23:07:36 -03:00
David Garske
80aa431689 Fixes multiple Jenkins warnings/failures. First is PickHashSigAlgo is required for client builds or if certs are enabled. Fixed scan-build warning with OCSP not recognized ForceZero as cleaning memory and using possible garbage value. Also cleaned up the OCSP functions to use struct buffer* instead of void* for clarity with a little forward declaration. 2016-03-10 09:38:11 -08:00
Kaleb Joseph Himes
0a1871e77c Merge pull request #337 from dgarske/WarnDoubleFree 
Fixes scan-build warning with "--enable-opensslextra --disable-memory"
 2016-03-09 16:28:18 -08:00
toddouska
ceafb25f49 Merge pull request #338 from dgarske/DerBufferRefactor2 
Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a re…
 2016-03-09 12:36:22 -08:00
David Garske
f17dfa5b03 Moved the x509 XFREE to outside the FreeX509 function. Internally FreeX509 is only used in two places. One is for the ssl->peerCert, which is not dynamic anyways. The second is in the ExternalFreeX509 where it calls FreeX509 if its dynamic and will XFREE there. 2016-03-09 09:15:00 -08:00
David Garske
0f93b86b61 Fixes for PK_CALLBACKS and sniffer after DerBuffer refactor #2. 2016-03-08 08:56:14 -08:00
David Garske
ce9f14f713 Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a result of additional functionality. Removed InitDer. Changed all DerBuffers to use pointer and pass pointer to DerBuffer* to AllocDer and FreeDer. Result is more efficient code and reduced WOLFSSL object size. AllocDer uses first part of the allocated buffer for the actual DerBuffer. 2016-03-08 08:56:14 -08:00
David Garske
daa1cd634e Fixes scan-build warning with "--enable-opensslextra --disable-memory". Problem was different #if defines on the InitX509 and FreeX509, which caused the static analyzer to think the "x509->dynamicMemory" was always true. 2016-03-08 08:38:02 -08:00
David Garske
8e8ee45828 LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System). 2016-03-08 08:35:28 -08:00
dgarske
98a72a3f9d Merge pull request #334 from JacobBarthelmeh/master 
update wolfssl-ntru vs project and fix warnings
 2016-03-03 15:53:52 -08:00
dgarske
8ca1c3935d Merge pull request #322 from ejohnstown/dtls-handshake 
DTLS Handshake Update
 2016-03-03 14:33:31 -08:00
Jacob Barthelmeh
c98c457b9b update wolfssl-ntru vs project and fix warnings 2016-03-03 14:35:39 -07:00
dgarske
a0f1e1e3ea Merge pull request #331 from kaleb-himes/CID-66006-coverity 
Move assignment to after the null check
 2016-03-02 15:23:58 -08:00
Jacob Barthelmeh
267dc48d95 fixs after testing : hash table, using NO_SKID, sanity check, and freeing dCert 2016-03-02 15:23:50 -07:00
Jacob Barthelmeh
05d2cec7c1 addition to api tests and refactor location of trusted peer cert check 2016-03-02 11:35:03 -07:00
kaleb-himes
01cd43c319 Seperate declaration and assignment per c99 standards 2016-03-02 11:31:08 -07:00
kaleb-himes
1f4ddb20df Move assignment to after the null check 2016-03-01 17:00:27 -07:00
David Garske
a46fd6612b Changed CopyDecodedToX509 AllocDer error code handing to return MEMORY_E, since that is an explicitly handled case. Also resolves the issue with "warning: Value stored to 'ret' is never read". 2016-02-25 14:35:54 +01:00
David Garske
1227db4e44 Fixed issue with not properly returning memory error in CopyDecodedToX509 after DER refactor. 2016-02-24 07:04:03 +01:00
John Safranek
f621f81fa2 1. Some DTLS code was missing an ifdef. 
2. If receiving a handshake message that's already been processed,
    retransmit the previous message flight.
 2016-02-22 14:08:35 -08:00
John Safranek
f6fafe6738 for DTLS, retain the handshake resources until peer sends application data record 2016-02-21 21:52:38 -08:00
David Garske
3fe5ee1a7c Refactor of the DER buffer handling. Added new DerBuffer struct that includes the type and heap ptr. Added new InitDer, AllocDer and FreeDer functions. Cleanup of some missing "heap" args on XMALLOC/XFREE. In FreeDer uses ForceZero if type is private key. 2016-02-18 22:42:15 -08:00
Jacob Barthelmeh
9defe9b42b fix warning of unused variable and adjust debug statements 2016-02-10 13:57:10 -07:00
Jacob Barthelmeh
2f74706367 allow use of RSA signed ECC key certs 2016-02-10 13:26:03 -07:00
Jacob Barthelmeh
ff7a9d9f78 option for fail on no peer cert except PSK suites 2016-02-10 13:26:03 -07:00
toddouska
f30ef33d8b Merge pull request #295 from JacobBarthelmeh/master 
ECDHE-PSK and added cipher suites
 2016-02-09 09:40:13 -08:00