wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 15:42:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,502 Commits 12 Branches 184 Tags
5a5bc34aa562ef5b2d7ca6c22d7575add247d404
Commit Graph

11502 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
5a5bc34aa5 Added second intermediate CA to testing certs. This creates a chain that looks like: ROOT (www.wolfssl.com) -> INT (wolfSSL Intermediate CA) -> INT2 (wolfSSL Intermediate2 CA) -> PEER (wolfSSL Client Chain / wolfSSL Server Chain). 2020-06-18 08:33:59 -07:00
David Garske
0ef5a3d00e Fix for WOLFSSL_ALT_CERT_CHAINS incorrectly failing on success case. 2020-06-18 08:33:59 -07:00
David Garske
21e0f863b9 Fix for NO_WOLFSSL_SERVER typo. 2020-06-18 08:33:58 -07:00
toddouska
220e2634af Merge pull request #3056 from dgarske/nullcipher_noaes 
Fixes for a few build edge cases (async w/o DTLS, null cipher w/o AES)
 2020-06-17 16:48:48 -07:00
toddouska
f20a2de284 Merge pull request #3055 from dgarske/ocsp_resp 
Fix for possible use of NULL in the OCSP response nonce
 2020-06-17 16:45:53 -07:00
toddouska
3acc31400c Merge pull request #3053 from SparkiDev/ed448_fixes 
Fix ED448 calls to use context and correct variable name
 2020-06-17 16:41:40 -07:00
David Garske
3fb432cef8 Fix for building async without DTLS. 2020-06-17 11:20:08 -07:00
David Garske
81892f4594 Fix for use of WC_MAX_SYM_KEY_SIZE in macro. Fixes build case with --enable-nullcipher --disable-aes. 2020-06-17 11:16:33 -07:00
David Garske
0a38ab8ac2 Fix for possible use of NULL is the OCSP response nonce. This is optional and may not be provided in the OCSP response and should be skipped if not set in the response. ZD 10475. 2020-06-17 11:00:05 -07:00
Kaleb Himes
b1aa903c1b Merge pull request #3052 from julek-wolfssl/infinite-loop-fuzzer 
Alert level must be cleared or ProcessReply will loop indefinitely
 2020-06-16 18:55:15 -06:00
Sean Parkinson
6bb73fb25d Fix ED448 calls to use context and correct variable name 
Added basic test of OpenSSL compatability APIs:
  - wolfSSL_ED25519_generate_key
  - wolfSSL_ED25519_sign
  - wolfSSL_ED25519_verify
  - wolfSSL_ED2448_generate_key
  - wolfSSL_ED448_sign
  - wolfSSL_ED448_verify
 2020-06-17 10:05:50 +10:00
Juliusz Sosinowicz
90caeaf925 Alert level must be cleared or ProcessReply will loop indefinitely 2020-06-16 23:21:54 +02:00
JacobBarthelmeh
7c6dccd4a0 Merge pull request #3038 from embhorn/zd10457 
Unused var error
 2020-06-16 14:10:54 -06:00
Chris Conlon
b9f13dba61 Merge pull request #3030 from TakayukiMatsuo/usertime 
ASN1_TIME_new in correct macro condition
 2020-06-15 17:49:44 -05:00
toddouska
aa7168df0b Merge pull request #3045 from SparkiDev/aes_small_fix 
AES small table fix
 2020-06-15 14:19:09 -07:00
toddouska
096d0073ef Merge pull request #3043 from dgarske/renesas_ra6m3 
Renesas requested name change to "RA6M3"
 2020-06-15 14:18:19 -07:00
toddouska
9d932d09bf Merge pull request #3042 from dgarske/xcode_updates 
Updates to Xcode projects to add new files / features
 2020-06-15 14:16:14 -07:00
toddouska
74098340ff Merge pull request #3031 from dgarske/stm32cubeide 
Adding STM32CubeIDE support
 2020-06-15 14:14:43 -07:00
Sean Parkinson
3f344b7d89 AES small table fix 
Symbol not needed when only compiling AES algorithms (AES-GCM, AES-CCM,
AES-CTR) not using AES decrypt.
Allow AES-CCM to be compiled without AES-GCM.
 2020-06-15 14:46:39 +10:00
David Garske
baaf741c79 Merge pull request #3037 from JacobBarthelmeh/CSharp 
add peer certificate print to callback with C#
 2020-06-12 13:32:50 -07:00
toddouska
1e07563411 Merge pull request #2984 from julek-wolfssl/dtls-scr 
Add secure renegotiation to DTLS 1.2
 2020-06-12 11:22:55 -07:00
toddouska
6166902f66 Merge pull request #2990 from julek-wolfssl/fix-leak 
Fix leak in SetIndividualInternal
 2020-06-12 11:17:40 -07:00
toddouska
4c2dee77d8 Merge pull request #3028 from julek-wolfssl/CRYPTO_memcmp 
Implement CRYPTO_memcmp
 2020-06-12 11:16:18 -07:00
David Garske
eea22eb65d Renesas requested name change to "RA6M3". 2020-06-12 10:58:20 -07:00
David Garske
d43d75bf81 Updates to xcode projects to add new files. 
Ran updated iPhone X benchmarks:

```
RNG                330 MB took 1.010 seconds,  326.879 MB/s
AES-128-CBC-enc    920 MB took 1.005 seconds,  915.507 MB/s
AES-128-CBC-dec   6095 MB took 1.000 seconds, 6092.130 MB/s
AES-192-CBC-enc    820 MB took 1.000 seconds,  819.644 MB/s
AES-192-CBC-dec   4860 MB took 1.001 seconds, 4855.794 MB/s
AES-256-CBC-enc    710 MB took 1.005 seconds,  706.419 MB/s
AES-256-CBC-dec   3935 MB took 1.001 seconds, 3930.830 MB/s
AES-128-GCM-enc   1245 MB took 1.003 seconds, 1241.589 MB/s
AES-128-GCM-dec    575 MB took 1.001 seconds,  574.547 MB/s
AES-192-GCM-enc   1235 MB took 1.001 seconds, 1234.343 MB/s
AES-192-GCM-dec    570 MB took 1.003 seconds,  568.521 MB/s
AES-256-GCM-enc   1230 MB took 1.003 seconds, 1226.034 MB/s
AES-256-GCM-dec    570 MB took 1.001 seconds,  569.199 MB/s
3DES                10 MB took 1.386 seconds,    7.213 MB/s
MD5                 95 MB took 1.037 seconds,   91.629 MB/s
SHA                 80 MB took 1.013 seconds,   78.943 MB/s
SHA-256           1625 MB took 1.000 seconds, 1624.565 MB/s
SHA3-224            60 MB took 1.010 seconds,   59.399 MB/s
SHA3-256            60 MB took 1.073 seconds,   55.921 MB/s
SHA3-384            45 MB took 1.042 seconds,   43.195 MB/s
SHA3-512            35 MB took 1.164 seconds,   30.063 MB/s
HMAC-MD5            95 MB took 1.044 seconds,   91.014 MB/s
HMAC-SHA            80 MB took 1.007 seconds,   79.480 MB/s
HMAC-SHA256       1705 MB took 1.001 seconds, 1703.126 MB/s
RSA     2048 public      32800 ops took 1.003 sec, avg 0.031 ms, 32716.405 ops/sec
RSA     2048 private      1200 ops took 1.041 sec, avg 0.868 ms, /33 ops/sec
DH      2048 key gen      2354 ops took 1.000 sec, avg 0.425 ms, 2353.254 ops/sec
DH      2048 agree        2500 ops took 1.013 sec, avg 0.405 ms, 2467.525 ops/sec
ECC      256 key gen     46503 ops took 1.000 sec, avg 0.022 ms, 46502.069 ops/sec
ECDHE    256 agree       14100 ops took 1.005 sec, avg 0.071 ms, 14034.697 ops/sec
ECDSA    256 sign        29600 ops took 1.003 sec, avg 0.034 ms, 29500.554 ops/sec
ECDSA    256 verify      11000 ops took 1.007 sec, avg 0.092 ms, 10921.516 ops/sec
```
 2020-06-12 10:39:26 -07:00
toddouska
f30eb0197b Merge pull request #3032 from JacobBarthelmeh/PKCS12 
fix error checking when parsing a PKCS12 DER into an internal structure
 2020-06-12 09:57:40 -07:00
JacobBarthelmeh
2b5ed1564c add error function and print out 2020-06-12 09:45:23 -07:00
Eric Blankenhorn
0f36cdf066 Unused var error 2020-06-12 10:43:01 -05:00
Unknown
cab8dd3731 Ignore duplicate or out of order CCS message 
Init variables since compiler complains they might be used without initialization.
 2020-06-12 12:27:48 +02:00
Juliusz Sosinowicz
ac028e551d Code Review 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
69802ed1a9 Missing ssl->heap in FreeBuildMsgArgs 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
3980d6117d Fix Jenkins 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
01b446f469 Fix SessionTicket length in unencrypted case 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
f2d2dadc89 ASYNC: Fix issues with TLS and DTLS 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
eb7a49a1d7 ASYNC: Working TLS SCR 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
a7c4d88876 ASYNC: Working AES128-SHA 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
7b604ad714 WIP 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
73105305cf WIP 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
a107688891 Fix asynchronous DTLS issue 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
d88f6f1156 DTLS test cases 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
4e60e4b3b7 DTLS Message Grouping 
Flush output buffer when we suspect that the grouped messages may exceed MTU.
 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
d2542dcf38 Restore StoreKeys functionality for TLS case 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
c2ca9f614e Jenkins tests fixes 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
eb910a64d0 Comments and formatting 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
651a7a97b9 Add secure renegotiation to DTLS 1.2 
- Hash of fragmented certificate was not calculated as a single message and instead we were hashing individual fragments which produced the wrong digest, shared secret, etc...
- Reset handshake number after server Finished packet is sent or received (depending on side)
- Reserve space in buffer for cipher stuff
- Take `DTLS_RECORD_EXTRA` and  `DTLS_HANDSHAKE_EXTRA` into size and offset calculations for DTLS path
- Fix renegotiation in DTLS with AES128-SHA
- Fix renegotiation in DTLS with AES-GCM
- Support HelloVerify request during secure renegotiation
- Save renegotiation handshake messages for retransmission in timeout
- Handle cipher parameters from different epochs. DTLS may need to resend and receive messages from previous epochs so handling different sets of encryption and decryption parameters is crucial.
 2020-06-12 11:36:43 +02:00
David Garske
255cc016b3 Merge pull request #3034 from kaleb-himes/FORUM_DSA_ISSUE 
Seperate QT and DSA dependencies
 2020-06-11 15:40:12 -07:00
David Garske
ad7e636e34 Adds STM32H7 support. Tested on NUCLEO-H753ZI board. 
STM32H753ZI at 480MHz

```
Running wolfCrypt Benchmarks...
------------------------------------------------------------------------------
 wolfSSL version 4.4.1
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
RNG                250 KB took 1.047 seconds,  238.777 KB/s
AES-128-CBC-enc      4 MB took 1.004 seconds,    3.623 MB/s
AES-128-CBC-dec      4 MB took 1.004 seconds,    3.623 MB/s
AES-192-CBC-enc      4 MB took 1.000 seconds,    3.613 MB/s
AES-192-CBC-dec      4 MB took 1.000 seconds,    3.613 MB/s
AES-256-CBC-enc      4 MB took 1.000 seconds,    3.613 MB/s
AES-256-CBC-dec      4 MB took 1.000 seconds,    3.613 MB/s
AES-128-GCM-enc      3 MB took 1.004 seconds,    3.380 MB/s
AES-128-GCM-dec      3 MB took 1.004 seconds,    3.356 MB/s
AES-192-GCM-enc      3 MB took 1.004 seconds,    3.380 MB/s
AES-192-GCM-dec      3 MB took 1.003 seconds,    3.359 MB/s
AES-256-GCM-enc      3 MB took 1.000 seconds,    3.369 MB/s
AES-256-GCM-dec      3 MB took 1.004 seconds,    3.356 MB/s
CHACHA             850 KB took 1.020 seconds,  833.333 KB/s
CHA-POLY           650 KB took 1.015 seconds,  640.394 KB/s
POLY1305             4 MB took 1.004 seconds,    4.037 MB/s
SHA-256              3 MB took 1.004 seconds,    3.088 MB/s
HMAC-SHA256          3 MB took 1.004 seconds,    3.015 MB/s
RSA     2048 public         78 ops took 1.023 sec, avg 13.115 ms, 76.246 ops/sec
RSA     2048 private         4 ops took 1.682 sec, avg 420.500 ms, 2.378 ops/sec
DH      2048 key gen         6 ops took 1.165 sec, avg 194.167 ms, 5.150 ops/sec
DH      2048 agree           6 ops took 1.165 sec, avg 194.167 ms, 5.150 ops/sec
ECC      256 key gen        96 ops took 1.004 sec, avg 10.458 ms, 95.618 ops/sec
ECDHE    256 agree          50 ops took 1.027 sec, avg 20.540 ms, 48.685 ops/sec
ECDSA    256 sign           64 ops took 1.000 sec, avg 15.625 ms, 64.000 ops/sec
ECDSA    256 verify         32 ops took 1.039 sec, avg 32.469 ms, 30.799 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
 2020-06-11 15:17:29 -07:00
David Garske
3b86a4db20 Adding STM32CubeIDE support (and deprecation of OpenSTM32). 
* Updated example to add support for CMSIS v2 and static memory.
* Improved example to support more build options.
* Added support for detecting Cube HAL and including `wolfSSL.wolfSSL_conf.h`.
 2020-06-11 14:45:17 -07:00
JacobBarthelmeh
d97c23edd8 set dynamic flag 2020-06-11 12:46:21 -07:00
JacobBarthelmeh
6af052faae add peer certificate print to callback 2020-06-11 10:57:26 -07:00