wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 02:22:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,768 Commits 12 Branches 184 Tags
3f7ced3ed55ea7db5c6e02294de05776efeabc16
Commit Graph

8768 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toddouska
5d8f4351ff Merge pull request #1903 from dgarske/dhkeycheck 
Speed improvements for DH public key prime checking
 2018-11-06 16:35:27 -08:00
Jacob Barthelmeh
7a2a66743b fix side init for set connect/accept functions 2018-11-06 16:48:06 -07:00
kaleb-himes
bc2bb78010 Fix -x option in server to continue in event of error (R) 2018-11-06 14:09:46 -07:00
toddouska
144ff68cfb Merge pull request #1882 from SparkiDev/pkcs11_lib 
Improvements for PKCS#11 library
 2018-11-06 08:53:57 -08:00
toddouska
2c7ff56a3e Merge pull request #1907 from JacobBarthelmeh/Testing 
infer and g++ build fixes
 2018-11-06 08:48:28 -08:00
David Garske
95092696bf Fix to make sure mp_toradix and mp_radix_size are included for OPENSSL_EXTRA. 2018-11-06 08:38:47 -08:00
David Garske
efb1efcc0d Fixes and additional tests for compatibility function BN_bn2hex. In the DEBUG_WOLFSSL case it was returning a (char*)"", which was trying to be free'd. We cannot return const char* here, since its assumed to be an allocated pointer. Fix the dynamic type for XMALLOC/XFREE to match, since OPENSSL_free is used to free returned value. Fix to add room for null term. Added missing API unit test for BN_print_fp. Exposed these functions for OPENSSL_EXTRA. 2018-11-06 05:55:25 -08:00
David Garske
1a4533f166 Merge pull request #1910 from embhorn/zd4324 
Handle incomplete shutdown
 2018-11-06 05:19:58 -08:00
JacobBarthelmeh
ee00852509 Merge pull request #1909 from ejohnstown/filedist 
Added the resource.h and wolfssl.rc to the list of EXTRA_DIST files.
 2018-11-05 14:40:04 -07:00
Eric Blankenhorn
d61ae3a02a Handle incomplete shutdown 2018-11-05 10:30:48 -06:00
kaleb-himes
92d6dc36af Fix pre-processor checks in wolfCrypt test for unique configuration 2018-11-02 15:22:11 -06:00
John Safranek
c1ca1f1b78 Remove DH prime check on selftest/fips builds. 2018-11-02 12:55:07 -07:00
David Garske
6372c3d6e1 * Added RSA non-blocking support enabled with WC_RSA_NONBLOCK. Adds new wc_RsaSetNonBlock function for enabling / non-block context. Added wolfCrypt test function rsa_nb_test to validate. Result is: RSA non-block sign: 8200 times and RSA non-block verify: 264 times 
* Signature wrapper improvements to eliminate mallocs/frees unless small stack is used. If small stack is used only one allocation is done based on actual max (was previously was allocating too much and in the encoding case was reallocating a second buffer).
 2018-11-02 12:41:23 -07:00
John Safranek
98291f8465 Update comment in dh.c. 2018-11-02 11:38:52 -07:00
John Safranek
1261247e2a Added the resource.h and wolfssl.rc to the list of EXTRA_DIST files. 2018-11-02 11:30:29 -07:00
John Safranek
cfafbd9659 Added the prime check to the functions wolfSSL_SetTmpDh() and wolfSSL_CTX_SetTmpDh(). 2018-11-02 11:01:39 -07:00
JacobBarthelmeh
1ffc1108a6 Merge pull request #1906 from cconlon/selftest-fixes 
fixes for CAVP selftest build errors
 2018-11-01 11:31:39 -06:00
Jacob Barthelmeh
a953a3141e infer and g++ build fixes 2018-11-01 09:59:35 -06:00
Sean Parkinson
81650d6cef Fix for subtract 
Added cortex-m support using umull for faster implementation.
 2018-11-01 15:21:51 +10:00
Sean Parkinson
2b3b19d1c8 Merge pull request #1904 from JacobBarthelmeh/PKCS7 
add test for degenerate case and allow degenerate case by default
 2018-11-01 08:36:15 +10:00
Jacob Barthelmeh
6dd4fba888 fix for clang warning 2018-10-30 17:41:03 -06:00
Jacob Barthelmeh
cc3ccbaf0c add test for degenerate case and allow degenerate case by default 2018-10-30 17:04:33 -06:00
David Garske
f6093e1e0d Fixes to remove DH prime checks for server side DH parameters. 2018-10-30 15:51:47 -07:00
Chris Conlon
def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske
f4b0261ca7 Fix to not do prime test on DH key the server loaded. Now it will only do the prime test on the peer's provided public DH key using 8 miller rabbins. Refactored the fast math miller rabin function to reuse mp_int's, which improved peformance for mp_prime_is_prime_ex from 100ms to 80ms. Normal math mp_prime_is_prime_ex is ~40ms (as-is). Added test for wc_DhSetCheckKey. 2018-10-30 11:20:07 -07:00
Chris Conlon
2c0edae96f Merge pull request #1889 from kojo1/t4_demo 
Renesas RX demo
 2018-10-30 10:14:02 -06:00
Sean Parkinson
ab458db504 Review comment changes 
Add heap as a device initialization parameter.
Allocate slot info pointer wiht device heap pointer.
ForceZero user pin on token finalization.
Add comments to structure definitions.
 2018-10-30 15:56:31 +10:00
Takashi Kojo
b64c527138 added files under t4_demo to include.am 2018-10-30 13:18:58 +09:00
David Garske
ba90674357 Merge pull request #1897 from WolfWalter/fix_sigrs_length 
ATECC508 reference PK callback fix for signature length
 2018-10-29 08:54:46 -07:00
toddouska
ae07ba93ad Merge pull request #1894 from dgarske/pk_keysize 
Fixes for key size detection when using PK callbacks
 2018-10-26 09:46:10 -07:00
toddouska
d18c9cad61 Merge pull request #1895 from dgarske/test_384bit 
Added ECC P-384 bit test certs and keys
 2018-10-26 09:44:41 -07:00
toddouska
a6adfd434d Merge pull request #1893 from dgarske/ecdsa_hashalgo 
New build option to match ECDSA hash algo digest size with ephemeral key size
 2018-10-26 09:43:07 -07:00
Wolf Walter
a47eeec145 fixed sigRs length 
atmel_ecc_sign and atmel_ecc_verify expect sigRS length to be 64 Byte (32 Byte each).
 2018-10-26 16:43:03 +02:00
David Garske
153c7cc684 Fix for unused variable in new fast-rsa function wc_RsaPublicKeyDecode_ex. 2018-10-25 11:12:33 -07:00
David Garske
3be7eacea9 Added client/server certs and keys for P-384-bit signed by P-384 CA. Fix for broken certs/ecc/genecc.sh script. Added simple P-384 cipher suite test. 2018-10-25 09:21:27 -07:00
David Garske
d21603334b Added build option USE_ECDSA_KEYSZ_HASH_ALGO to alter the hash algorithm selection for ecc_dsa_sa_algo. With this build option we try and choose a hash algorithm digest size that matches the ephemeral key size, if not found then will match on next highest. We've seen cases with some Windows based TLS client's where they do not properly support hashing a smaller ephemeral key with a larger hash digest size (such as P-256 key and SHA512 hash). 2018-10-25 09:19:35 -07:00
David Garske
81651c351b Added optional logging for example PK callbacks in test.h enabled with DEBUG_PK_CB. 2018-10-25 09:15:34 -07:00
David Garske
86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects HAVE_PK_CALLBACKS on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API wc_RsaPublicKeyDecode_ex for parsing an RSA public key for the modulus and exponent. Changed wolfSSL_CTX_SetTmpEC_DHE_Sz to support a size == 0 for using the long-term private key's size. Changed ECDHE_SIZE so it can be overridden and build-time. Added tests for wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. 2018-10-25 09:15:23 -07:00
toddouska
23445546c5 Merge pull request #1892 from dgarske/ecdhe_keysize 
Fix for ephemeral key size selection
 2018-10-25 07:27:20 -07:00
David Garske
c4d6f886b7 Revert change from PR #1845 commit 24f9f12844. This ensure the ephemeral key is P-256 or the overridden value determined by wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. This restores previous behavior from last release. 2018-10-24 09:48:03 -07:00
toddouska
0eb115e7a1 Merge pull request #1884 from kaleb-himes/ECC_DISABLED_TEST_FIX 
Fixes to resolve skipped tests with ECC disabled
 2018-10-24 09:30:47 -07:00
Sean Parkinson
7586e1df42 Only do early data in initial handshake when using PSK 2018-10-24 09:47:30 +10:00
toddouska
c173d72423 Merge pull request #1891 from SparkiDev/nginx-1.15.5 
Add defines for latest nginx
 2018-10-23 08:07:52 -07:00
Sean Parkinson
ef8b564d2e Add defines for latest nginx 2018-10-23 22:08:44 +10:00
toddouska
22aa01a547 Merge pull request #1881 from SparkiDev/pkcs7_no_si 
Return error when attempting to verify signed data without signers
 2018-10-22 15:00:55 -07:00
toddouska
878b5925fc Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
toddouska
42fecee77b Merge pull request #1859 from SparkiDev/pkcs7-cons 
Support constructed OCTET_STRING in PKCS#7 signed data
 2018-10-22 14:52:50 -07:00
Chris Conlon
353f9018f5 Merge pull request #1890 from miyazakh/jamsg 
Added Japanese message into the examples client and server
 2018-10-22 13:44:11 -06:00
David Garske
0b720c4412 Fixes for TLSv1.3 early data. 2018-10-22 11:35:40 -07:00
Chris Conlon
96abf43238 Merge pull request #1888 from MJSPollard/nidFIX 
Fixed compilation issues with Asio, Websocket++, and HAProxy
 2018-10-22 10:19:05 -06:00