wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 00:39:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,667 Commits 12 Branches 184 Tags
49b82456eb74cab4795cbf0929f7f2fca771dccd
Commit Graph

2864 Commits

Author SHA1 Message Date
toddouska
49b82456eb Merge pull request #1618 from cconlon/opensslcompat 
Align return values for EVP_DigestUpdate/Final for OpenSSL Compatibility
 2018-06-12 08:25:18 -07:00
toddouska
29410ada1e Merge pull request #1595 from SparkiDev/tls13_cipher_down 
Fix for downgrading from TLS 1.3 due to old cipher suite
 2018-06-12 08:24:26 -07:00
toddouska
f2a20c4232 Merge pull request #1573 from SparkiDev/tls_pad_vfy 
Constant time padding and HMAC verification in TLS
 2018-06-12 08:22:32 -07:00
Chris Conlon
a472325f89 return WOLFSSL_FAILURE on error from EVP_DigestUpdate() and EVP_DigestFinal() 2018-06-11 14:27:08 -06:00
toddouska
bea0e6142a Merge pull request #1608 from dgarske/maxcerfix 
Resolves issue with reassembling large certificates
 2018-06-08 08:25:14 -07:00
David Garske
00ddeb07d8 Resolves issue with reassembling large certificates. The ProcessPeerCerts function was using the wrong max size check for certs. Built and test with ./configure CFLAGS="-DMAX_CERTIFICATE_SZ=20000". 2018-06-07 15:56:37 -07:00
Sean Parkinson
fcd2234841 Fix for downgrading from TLS 1.3 due to old cipher suite 
TLS 1.3 specification doesn't allow downgrading based on cipher suite.
 2018-06-04 12:42:41 +10:00
Takashi Kojo
3ff8c45aa8 FILE to XFILE 2018-06-01 09:30:20 +09:00
John Safranek
8a61b7303a Remove execute bit from a few files. 2018-05-31 10:14:47 -07:00
David Garske
a2fdc6262d Merge pull request #1586 from ejohnstown/suite-info 
Rerefactor Cipher Suite List
 2018-05-30 07:54:13 -07:00
Go Hosohara
b84f111d51 rebase with master branch and fix some code. 2018-05-30 17:15:07 +09:00
Go Hosohara
8cd357aa3a d2i_PKCS12_fp 2018-05-30 12:10:41 +09:00
Go Hosohara
c715bb5ade X509_check_ca 2018-05-30 12:08:27 +09:00
Go Hosohara
3f6b7c8833 Merge with openSSL-Compat-CRL-STORE on kojo1/wolfssl 2018-05-30 12:08:27 +09:00
Go Hosohara
0fb446ad36 i2c_ASN1_INTEGER 2018-05-30 12:03:58 +09:00
Go Hosohara
d7e4bbf1cf ASN1_STRING_print_ex 2018-05-30 11:56:43 +09:00
Go Hosohara
5c11e1440f ASN1_TIME_to_generalizedtime 2018-05-30 11:56:43 +09:00
Go Hosohara
b1ef0c808e Add all stubs. 2018-05-30 11:56:42 +09:00
Go Hosohara
5ff460bb7f OPENSSL_add_all_algorightms_noconf 2018-05-30 11:53:18 +09:00
Go Hosohara
005284a127 ASN1_GENERALIZEDTIME_free 2018-05-30 11:53:17 +09:00
Go Hosohara
24ff55b085 RAND_poll 2018-05-30 11:53:17 +09:00
Sean Parkinson
e684156a1e Constant time padding and HMAC verification in TLS 2018-05-30 09:10:46 +10:00
John Safranek
b2225a0bc0 Rerefactor Cipher Suite List 
1. Do not add iana_name to the struct if disabling error strings.
2. Change the IANA_NAME macro to SUITE_INFO, and build the suite info records as appropriate for the error string enablement.
 2018-05-29 14:34:57 -07:00
toddouska
0a35c37211 Merge pull request #1584 from SparkiDev/tls_many_nst 
Allow multiple NewSessionTicket messages
 2018-05-29 13:43:59 -07:00
toddouska
2cf853d1f1 Merge pull request #1582 from SparkiDev/tls13_only 
Allow TLS 1.2 to be compiled out.
 2018-05-29 13:26:54 -07:00
Chris Conlon
16738f1449 Merge pull request #1569 from kojo1/openSSL-Compat-CRL-STORE 
openSSL compatibility APIs: X509_CRL, STORE
 2018-05-29 09:47:22 -06:00
Sean Parkinson
1d8fb7be82 Allow multiple NewSessionTicket messages 
Interopability testing with OpenSSL
 2018-05-28 09:18:26 +10:00
Takashi Kojo
c60b60c50c #if condition to refer wc_PKCS12_new, wc_d2i_PKCS12 2018-05-26 16:02:51 +09:00
Takashi Kojo
ba03f6e08b wolfSSL_d2i_PKCS12_fp 2018-05-26 13:04:06 +09:00
Takashi Kojo
3939eadf9c get derLen by RsaPublicKeyDerSize 2018-05-26 10:55:17 +09:00
Sean Parkinson
ba8e441e53 Allow TLS 1.2 to be compiled out. 2018-05-25 11:00:00 +10:00
toddouska
453daee965 Merge pull request #1523 from SparkiDev/ed25519_key 
Allow Ed25519 private-only keys to work in TLS
 2018-05-24 09:56:17 -07:00
toddouska
87f9d0f141 Merge pull request #1566 from ejohnstown/tcp-timeout 
Fix TCP with Timeout
 2018-05-24 09:07:50 -07:00
Sean Parkinson
450741f8ef Change checks for message chaching to happen once 
Add compile option to remove Ed25119 client auth in TLS 1.2.
Cipher suite choice does not affect client auth.
 2018-05-24 08:43:28 +10:00
Sean Parkinson
982119b495 Only cache messages when required. 2018-05-24 08:43:28 +10:00
Sean Parkinson
9358edf5dd Fixes from code review 
Include new private key files in release.
Set messages field to NULL after free.
 2018-05-24 08:43:28 +10:00
Sean Parkinson
58f523beba Allow Ed25519 private-only keys to work in TLS 
Change Ed25519 in TLS 1.2 to keep a copy of all the messages for
certificate verification - interop with OpenSSL.
 2018-05-24 08:43:28 +10:00
John Safranek
b1ed852f36 Fix TCP with Timeout 
wolfSSL remains agnostic to network socket behavior be it blocking or non-blocking. The non-blocking flag was meant for the default EmbedRecvFrom() callback for use with UDP to assist the timing of the handshake.

1. Deprecate wolfSSL_set_using_nonblock() and wolfSSL_get_using_nonblock() for use with TLS sockets. They become don't-cares when used with TLS sessions.
2. Added functions wolfSSL_dtls_set_using_nonblock() and wolfSSL_dtls_get_using_nonblock().
3. Removed a test case from EmbedReceive() that only applied to UDP.
4. Removed the checks for non-blocking sockets from EmbedReceive().
5. Socket timeouts only apply to DTLS sessions.
 2018-05-23 11:29:16 -07:00
Jacob Barthelmeh
89fbb1b40d only compile SEQ increment function in case of DTLS or HAVE_AEAD 2018-05-23 12:07:35 -06:00
toddouska
2021bcb188 Merge pull request #1560 from dgarske/ciphernamecleanup 
Refactor of the cipher suite names to use single array
 2018-05-21 14:24:53 -06:00
toddouska
e7de654b61 Merge pull request #1558 from dgarske/fsanitize 
Fixes for fsanitize reports
 2018-05-21 14:18:07 -06:00
Takashi Kojo
22078d6811 wc_Sha512 type 2018-05-20 15:50:16 +09:00
Takashi Kojo
874022d938 fix #if conditions and others 2018-05-20 13:55:47 +09:00
Takashi Kojo
153bcb5297 d2i_X509_fp 2018-05-20 13:55:47 +09:00
Takashi Kojo
460becf739 SHA256, SHA384, SHA512 2018-05-20 13:55:47 +09:00
Takashi Kojo
c275dfc5ab X509_STORE_add_crl 2018-05-20 13:55:46 +09:00
Takashi Kojo
98ef7f43e1 use wolfSSL_X509_CRL_free instead of XFREE 2018-05-20 13:55:46 +09:00
Takashi Kojo
c26bcdd199 Enable RSA_LoadDer with HAVE_FAST_RSA 2018-05-20 13:55:45 +09:00
Takashi Kojo
ad71f44f3c suppress i2d_RSAPublicKey with HAVE_FAST_RSA 2018-05-20 13:55:45 +09:00
Takashi Kojo
6cef2e5d31 memory leak in d2i_X509_CRL 2018-05-20 13:55:45 +09:00