Commit Graph

3412 Commits

Author SHA1 Message Date
David Garske 2c5f268f16 Port for Telit IoT AppZone SDK
* Added new `WOLFSSL_TELIT_M2MB` build option to enable support for RNG, Time, Mutex, FileSystem and Directory.
* Added `XTIME_MS` macro to simplify the tls13.c layer time requirement.
* Cleanup of the wolfCrypt benchmark and test printf remapping.
* Added wolfCrypt optional memory test enabled with `COMPLEX_MEM_TEST`.
* Added wolfCrypt test / benchmark feature for allowing "sleep" between long operations using `TEST_SLEEP()`.
* Fix for extern with `sp_ModExp_2048` when building with `--cpp` option.
2019-04-08 06:43:25 -07:00
David Garske 56d7766ba3 Merge pull request #2192 from SparkiDev/small_server
Fixes for small server build without client code
2019-04-05 06:18:57 -07:00
Sean Parkinson ad857c40d1 Fixes for small server build without client code 2019-04-05 09:38:14 +10:00
Chris Conlon 9c3cb2fbba Merge pull request #2176 from miyazakh/no_signature_algo
Add macro definition to disable signature algorithms extension
2019-04-04 15:35:00 -07:00
Hideki Miyazaki f81446bf69 Fixed compiling error while enabling opensslextra 2019-04-04 10:04:09 +09:00
toddouska b224f6fac9 Merge pull request #2181 from JacobBarthelmeh/Compatibility-Layer
update wolfSSL_i2d_RSAPrivateKey function
2019-04-03 09:16:10 -07:00
John Safranek e4059a65b9 Merge pull request #2177 from dgarske/async_rel_v4
wolfSSL Asynchronous release v4 fixes
2019-04-01 11:07:12 -07:00
David Garske e8afb6ea51 Merge pull request #2174 from embhorn/zd4879
Fixes for static analysis issues
2019-04-01 08:48:40 -07:00
Hideki Miyazaki 6c0989ba4d no_signature_algo 2019-03-30 10:41:40 +09:00
David Garske 7e9e50c03b Fix for Async TLS v1.3 wolfSSL_write with AES GCM offload. The args->idx was being incremented on the repeated call with BUILD_MSG_HASH state. 2019-03-28 17:52:08 -07:00
Jacob Barthelmeh b599dc2b9d update wolfSSL_i2d_RSAPrivateKey function 2019-03-28 14:15:57 -06:00
Eric Blankenhorn cffe7eccde Fixes for high impact issues 2019-03-28 12:08:19 -05:00
David Garske b1c791dbd9 Merge pull request #2180 from miyazakh/wolfsslclean_fix
Initialized sendVerify when calling wolfSSL_clear
2019-03-27 23:32:41 -07:00
JacobBarthelmeh 8c6316eb9c Merge pull request #2179 from kojo1/X509_STORE_CTX
X509_STORE_CTX_free compatibility
2019-03-27 17:17:26 -06:00
Hideki Miyazaki 05987ec717 Initialized sendVerify when reseting WOLFSSL object 2019-03-27 10:18:43 +09:00
John Safranek 7aa159ca6d Merge pull request #2157 from kojo1/ocsp_staple
Expose CheckResponse as wolfSSL_CertManagerCheckOCSP_Staple
2019-03-25 13:48:29 -07:00
JacobBarthelmeh 6b325929e5 Merge pull request #2175 from kojo1/BN_init
add BN_init
2019-03-25 09:04:36 -06:00
Takashi Kojo 3e42c6edcd remove sk_X509_free for compatibility 2019-03-24 16:57:08 +09:00
Chris Conlon d9e6b8a62d Merge pull request #2168 from aaronjense/master
Remove NULL check before pub and priv have a chance to be set
2019-03-22 16:34:34 -06:00
Takashi Kojo 744c247e92 change CheckOCSP_staple to OCSPResponse, move to ssl.h 2019-03-22 13:56:32 +09:00
John Safranek 22b2ae7358 Release Fixes
1. Fix for the enable-afalg option from Jacob Barthelmeh.
2. Client fix for enable-sp+enable-sp-math option from David Garske.
3. Added a couple of typecasts to some mallocs.
4. Modified the option guard for the mask member of Options for the webserver build.
5. Added some more padding to the opaque structures used for SHA_CTX and AES_KEY.
6. Added WOLFSSL_API to the stack logging functions.
2019-03-19 13:55:17 -07:00
Aaron Jense fed2bc5f72 Remove NULL check before pub and priv have a chance to be set 2019-03-18 13:18:04 -06:00
John Safranek eebf07b67c Release Fixes
1. Fix two potentially unitialized variables, discovered on a VS build.
2019-03-18 10:14:16 -07:00
Takashi Kojo 6a3eccd344 add BN_init, working with tfm, only. 2019-03-17 13:28:04 +09:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske 6ff2039b1f Merge pull request #2163 from ejohnstown/config-fixes
Configuration Fixes
2019-03-14 15:21:41 -07:00
John Safranek b1ea7c035f Merge pull request #2118 from kojo1/ocsp_proxy
OCSP, CRL request with "Cache-Control: no-cache" for proxy
2019-03-14 13:26:03 -07:00
David Garske 6361ec2f10 Fix for AES GCM and CCM ex to NOT increment counter or update IV if failure or async response code. Resolves TLS v1.3 with async simulator. 2019-03-13 23:32:53 -07:00
David Garske 5a2cd5fc90 Fixes to resolve async crash (using stack pointer after return) due to 16-bit fixes in PR #2133 (commit 700eca4566). Revert to using the "unsigned int" length directly for word32 but cast it. 2019-03-13 22:59:00 -07:00
John Safranek 27ea9d9bce Configure Fixes
1. The combination enable-all and disable-rsa breaks some of the
testing. Added the NO_RSA guards as appropriate.
2. Disabled the OCSP stapling and CRL tests when RSA is disabled as they
use test certificates with RSA keys.
2019-03-13 17:54:33 -07:00
toddouska 0d48a4a1a7 Merge pull request #2133 from dgarske/fixes_16bit
Fixes for data types, cast warnings and shift operations when using 16-bit platform
2019-03-12 16:53:27 -07:00
toddouska b4ba3d7ca6 Merge pull request #2136 from dgarske/asncapathlen
Fixes issue with CA path length for self signed root CA's
2019-03-12 14:11:15 -07:00
toddouska 28a1ff5d59 Merge pull request #2146 from dgarske/sigalgo_ecdh
ECDSA option to limit sig/algos to key size with `USE_ECDSA_KEYSZ_HASH_ALGO`
2019-03-12 14:08:10 -07:00
toddouska 70490a4db6 Merge pull request #1855 from ejohnstown/trust-ca
Trusted CA Key Indication Extension
2019-03-12 13:52:27 -07:00
David Garske 7d1bb05c0c Fix return code for GetMacDigestSize. 2019-03-11 19:37:04 -07:00
David Garske 700eca4566 Fixes from peer review. Improved compatibility of API's. Clarification on integer.h mp_digit sizes. 2019-03-11 19:34:07 -07:00
toddouska 554af3dcfa Merge pull request #2151 from JacobBarthelmeh/Testing
path include adjustment, rename internal OBJ function, and client pri…
2019-03-11 16:48:19 -07:00
John Safranek 1eb46c697f 1. In the loop in TCA parse, when checking the list of IDs that the
server has keys for, change the polarity of the comparison. If the
current ID is in the list, set the response flag and break out of
the loop.
2019-03-11 12:42:13 -07:00
John Safranek 9bd40353c2 1. Rename the parameters cert and certSz on the function
wolfSSL_UseTrustedCA() to certId and certIdSz.
2. Add better parameter checking to wolfSSL_UseTrustedCA() based on the
ID type.
2019-03-11 12:42:13 -07:00
John Safranek 8a4e8067f6 1. In the trusted CA extension code, add guards for NO_SHA around the cases that use SHA-1.
2. Check the trusted CA id pointer for NULL before copying.
3. Updated the api test for the NO_SHA change.
4. Remove the TCA options member as redundant.
2019-03-11 12:42:13 -07:00
John Safranek 2342ea15eb Remove the CTX versions of the UseTrustedCA functions. A session needs
to be able to set a flag in the extension and that isn't allowed in the
CTX extensions.
2019-03-11 12:36:58 -07:00
John Safranek b7663a940e Trusted CA Key Indication Extension
Added an API for enabling the Trusted CA Key Indication extension from
RFC6066 section 6. If the server doesn't have a match for the client,
the client will abandon the session.
2019-03-11 12:35:12 -07:00
toddouska 6e1b05316d Merge pull request #2104 from ejohnstown/renegotiation-testing
Secure Renegotiation
2019-03-11 12:10:48 -07:00
Jacob Barthelmeh 9c9279817b path include adjustment, rename internal OBJ function, and client print outs added 2019-03-11 09:57:04 -06:00
Takashi Kojo ea13e0482a wolfIO_HttpBuildRequest_ex 2019-03-09 06:31:52 +09:00
David Garske 619cf89106 Enhancement for ECDSA with USE_ECDSA_KEYSZ_HASH_ALGO to not send sig/algo hash sizes larger than the ECC key size. 2019-03-07 08:56:35 -08:00
Chris Conlon d699b65a25 Merge pull request #2026 from kojo1/mdk-CMSISv2
MDK CMSIS RTOSv2
2019-03-06 09:36:49 -07:00
Jacob Barthelmeh dc3b81f633 adjust comments on key type for function 2019-03-05 10:53:10 -07:00
David Garske 980970da86 Fixes issue with CA path length basic constraint checking for self signed root CA's. ZD 4863 2019-03-04 11:27:51 -08:00
David Garske 621e1656b4 Fixes for data types, cast warnings and shift operations when using 16-bit platform. Added new --enable-16bit build option, which defines WC_16BIT_CPU. Fix build error when using WOLFSSL_LEANPSK and NO_WOLFSSL_MEMORY.
Tested using `avr-gcc` version 8.3.0 with: `./configure --host=avr --enable-16bit --disable-filesystem --enable-singlethreaded CFLAGS="-DWOLFSSL_GENSEED_FORTEST -DWOLFSSL_USER_CURRTIME -DWOLFSSL_USER_IO -DWOLFSSL_NO_SOCK -DNO_WRITEV -DUSER_TICKS" --enable-tls13 --enable-compkey --enable-certgen --enable-certext --enable-keygen --enable-session-ticket --enable-maxfragment`. Also with `--enable-fastmath`.
2019-03-01 15:54:08 -08:00