wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 06:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,888 Commits 12 Branches 184 Tags
3f87d28190fe6031b2aa263148f1cf16bf1946ae
Commit Graph

723 Commits

Author SHA1 Message Date
Jacob Barthelmeh
611e37b3e8 naming for AEAD macros and TLSX with chacha-poly 2016-01-29 09:38:13 -07:00
Jacob Barthelmeh
7d71d756f3 update ChaCha20-Poly1305 to most recent RFCs 2016-01-27 14:03:05 -07:00
Jacob Barthelmeh
18f1faa13d check error strings and update comment 2016-01-27 09:50:20 -07:00
Chris Conlon
0801eeac8d update support for Freescale KSDK 1.3.0 2016-01-25 10:41:26 -07:00
JacobBarthelmeh
f84722bbac Merge pull request #267 from moisesguimaraes/fix_ocspstapling_dtls_typo 
Fix ocspstapling dtls typo
 2016-01-19 10:34:15 -07:00
Moisés Guimarães
a6a2214306 removes 'end of line' spaces; 2016-01-18 20:51:27 -03:00
Moisés Guimarães
08c67e5cdc fixes typo; 2016-01-18 20:51:27 -03:00
Jacob Barthelmeh
3a65f55bd3 check not CHACHA_BYTE before considering normal suite 2016-01-18 15:33:32 -07:00
John Safranek
5360e22ba5 fix a sequence number issue with DTLS epoch 0 messages earlier in the handshake 2016-01-07 13:18:01 -08:00
kaleb-himes
a6ca2c3bdd Avoid un-necessary cast 2016-01-05 14:32:45 -07:00
kaleb-himes
29e6f283cf Implement peer suggestion 2016-01-05 14:19:46 -07:00
kaleb-himes
dd469bb67d avoid unused variable warnings 2016-01-04 15:03:39 -07:00
toddouska
0a14e6f3c6 Merge pull request #230 from cconlon/mcp_time_fix 
fix LowResTimer on Microchip ports
 2015-12-28 21:56:07 -08:00
Moisés Guimarães
ec9d23a9c3 Merge branch 'csr' 2015-12-28 19:38:04 -03:00
Chris Conlon
47426b1f8d fix LowResTimer on Microchip ports 2015-12-28 13:58:01 -07:00
Chris Conlon
b153ac002c fix Visual Studio warnings 2015-12-21 16:11:02 -07:00
toddouska
6c69b7f109 make hello suite size user settable, increase default 2015-12-17 09:57:44 -08:00
John Safranek
a834c2acf6 improved DTLS handshake sequence numbering when retransmitting finished message 2015-12-11 18:41:09 -08:00
Jacob Barthelmeh
1c4b3016e6 set required tls1_2 for when using ChaCha20-Poly1305 suite 2015-12-10 11:45:27 -07:00
John Safranek
c7fdc9ba9e DTLS Hello Verify and Server Hello should use the sequence number of the Client Hello 2015-12-07 11:24:14 -08:00
David Garske
89a65b0aa0 Fixed compile error in signature.c with g++. Corrected comment. 2015-12-04 15:22:06 -08:00
toddouska
37bc497f21 fix merge conflict 2015-12-03 12:37:49 -08:00
toddouska
532d1da9c0 Merge pull request #206 from dgarske/FixExtraMalloc_wNotTLS12 
Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServer…
 2015-12-03 11:26:43 -08:00
toddouska
1c2a920b8f Merge pull request #203 from dgarske/SendServerHelloRNGCombine 
Combined "wc_RNG_GenerateBlock" calls in "SendServerHello".
 2015-12-03 11:16:00 -08:00
David Garske
b1d18d8455 Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServerKeyExchange" where "encodedSig" is allocated and not used. 2015-12-02 19:43:05 -08:00
toddouska
e08fa67a32 fix clang --disable-memory issues 2015-12-02 14:40:32 -08:00
John Safranek
5cf94166b2 silently drop epoch 0 messages when handshake completed 2015-12-01 14:59:32 -08:00
John Safranek
5687562e7b back out change to decryptedCur flag 2015-12-01 13:32:00 -08:00
John Safranek
a5f689168e fix call to IsEncryptionOn for session tickets 2015-12-01 09:18:21 -08:00
Jacob Barthelmeh
bb5de34e5c cast type on XMALLOC with ntru 2015-12-01 09:24:44 -07:00
David Garske
654e17379e Combined "wc_RNG_GenerateBlock" calls in "SendServerHello". 2015-11-30 19:29:20 -08:00
John Safranek
251d0364f8 check DTLS sequence number against window a little earlier 2015-11-30 17:16:47 -08:00
John Safranek
514aa331f8 wrapped checks for encryptionOn with a function to allow more complicated checks like for epoch 0 being unencrypted 2015-11-30 14:43:03 -08:00
John Safranek
7f1b9a1e13 storing DTLS handshake messages takes into account overlapping data 2015-11-25 20:25:57 -08:00
toddouska
32b2d7f9e4 have calling thread wait for crl monitor thread to setup for simpler cleanup 2015-11-23 14:15:12 -08:00
toddouska
2698736aaf fix missing XMALLOC/FREE types 2015-11-19 10:20:28 -08:00
Moisés Guimarães
21d70636dc Merge branch csr into 'master' 2015-11-02 15:51:01 -03:00
Moisés Guimarães
8dc154ff71 adds support for TLS downgrading against buggy TLS servers. 
reference: RFC 5246 - TLS 1.2 - Appendix E.1:

   Note: some server implementations are known to implement version
   negotiation incorrectly.  For example, there are buggy TLS 1.0
   servers that simply close the connection when the client offers a
   version newer than TLS 1.0.  Also, it is known that some servers will
   refuse the connection if any TLS extensions are included in
   ClientHello.  Interoperability with such buggy servers is a complex
   topic beyond the scope of this document, and may require multiple
   connection attempts by the client.

   Earlier versions of the TLS specification were not fully clear on
   what the record layer version number (TLSPlaintext.version) should
   contain when sending ClientHello (i.e., before it is known which
   version of the protocol will be employed).  Thus, TLS servers
   compliant with this specification MUST accept any value {03,XX} as
   the record layer version number for ClientHello.

   TLS clients that wish to negotiate with older servers MAY send any
   value {03,XX} as the record layer version number.  Typical values
   would be {03,00}, the lowest version number supported by the client,
   and the value of ClientHello.client_version.  No single value will
   guarantee interoperability with all old servers, but this is a
   complex topic beyond the scope of this document.
 2015-10-27 16:10:23 -03:00
John Safranek
2569cd2ca4 simplify the size check for storing a DTLS handshake message fragment 2015-10-21 15:04:55 -07:00
John Safranek
54e06cd04e added deallocator for DtlsPools 2015-10-21 15:04:55 -07:00
Ludovic FLAMENT
d4f3419758 ALPN : add function to get in a server the list of supported protocols sent by the client. 2015-10-15 14:59:35 +02:00
Ludovic FLAMENT
ee8537fb6d Merge branch 'master' of https://github.com/wolfssl/wolfssl 2015-10-14 20:53:30 +02:00
Ludovic FLAMENT
826034315e Merge branch 'master' of https://github.com/wolfssl/wolfssl 2015-10-09 15:23:41 +02:00
Ludovic FLAMENT
bf3b0a228d add support for Application-Layer Protocol Name (RFC 7301) in the TLS extensions 2015-10-09 15:18:41 +02:00
John Safranek
a7ae5155ce fix defragment of handshake messages in TLS 2015-10-06 20:18:55 -07:00
John Safranek
d6a5bfb53d Revert "revert defragment of handshake messages in TLS" 
This reverts commit 6d21d328fb.
 2015-10-05 15:31:39 -07:00
toddouska
27450aca7d increment explicit iv and zero nonce even on GCM/CCM failure 2015-10-02 11:24:32 -07:00
Jacob Barthelmeh
10276944d3 return value on AES CCM encrypt 2015-10-02 11:40:47 -06:00
Ludovic FLAMENT
86d74efc37 return IdeaCbc{Encrypt/Decrypt} error code 2015-09-24 08:13:43 +02:00
Ludovic FLAMENT
f68400da40 add IDEA cipher (ECB and CBC mode) 
add support of SSL_RSA_WITH_IDEA_CBC_SHA cipher suite (SSLv3, TLS v1.0 and TLSv1.1)
 2015-09-23 16:16:39 +02:00