wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-29 03:53:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,414 Commits 13 Branches 184 Tags
5fc70f2fa466acde852c247e32c6becfd53e36c7
Commit Graph

2773 Commits

Author SHA1 Message Date
toddouska 7ce2efd572 Merge pull request #1431 from JacobBarthelmeh/Optimizations 
more aes macro key size guards
 2018-03-19 09:07:05 -07:00
Sean Parkinson bd53d7ba59 TLS v1.3 support for Draft 23 and Draft 27 
Draft 24: Second ClientHello usees version 0x0303 - no change.
Draft 25: The record layer header is now additional authentication data to
encryption.
Draft 26: Disallow SupportedVersion being used in ServerHello for
negotiating below TLS v1.3.
Draft 27: Older versions can be negotiated (by exclusion of 0x0304) in
SupportedVersion - no change.
 2018-03-19 16:15:02 +10:00
Sean Parkinson b325e0ff91 Fixes for wpa_supplicant 2018-03-19 11:46:38 +10:00
David Garske fa73f7bc55 Fix for handling OCSP with non-blocking. The HashInput function was being called on the re-entry, which produced a bad mac response from server. Also cleanup for some of the WC_PENDING_E logic for the non-async cases to reduce code size. 2018-03-16 12:05:07 -07:00
David Garske e858ec11ac Fix unused arg when building with pk callbacks disabled. 2018-03-16 09:37:07 -07:00
David Garske ed7774e94a Added new callbacks for the VerifyRsaSign, which uses a private key to verify a created signature. The new callbacks API's are wolfSSL_CTX_SetRsaVerifySignCb and wolfSSL_CTX_SetRsaPssVerifySignCb. These use the same callback prototype as the CallbackRsaVerify and use the same context. 2018-03-15 14:43:41 -07:00
Sean Parkinson 3f99a2a391 Fix PEM_write_bio_X509 to work with new BIO code 2018-03-15 10:45:49 +10:00
David Garske d8fe341998 First pass at added PK_CALLBACK support for VerifyRsaSign. 2018-03-14 09:54:18 -07:00
toddouska 717ba83deb Merge pull request #1434 from SparkiDev/tls13_multi_recs 
Fix multiple handshake messages in last record of certs
 2018-03-14 09:46:32 -07:00
Sean Parkinson afe300acc0 Fix multiple handshake messages in last record of certs 2018-03-14 16:37:58 +10:00
Jacob Barthelmeh 8fb3ccacb7 opensslextra fixs and warning for unused variable 2018-03-12 18:05:24 -06:00
Jacob Barthelmeh 6b04ebe3a4 fix for compiling with different build settings 2018-03-12 16:12:10 -06:00
toddouska b297d9dce0 Merge pull request #1427 from JacobBarthelmeh/Compatibility-Layer 
return value on bad mutex with error nodes and add x509 host check to OPENSSL_EXTRA
 2018-03-12 11:33:20 -07:00
toddouska 0ab4166a80 Merge pull request #1421 from JacobBarthelmeh/Optimizations 
trim out more strings and fix DN tag
 2018-03-08 14:03:10 -08:00
toddouska 1f9583c59c Merge pull request #1409 from SparkiDev/tls13_old_ver_fix 
Fix downgrading when WOLFSSL_TLS13 is defined (despite NO_OLD_TLS being defined)
 2018-03-08 13:59:59 -08:00
Jacob Barthelmeh e0afec0600 fix RSA macro, tickets without server, and add test case 2018-03-08 14:36:43 -07:00
Jacob Barthelmeh e960e0544a try to clear out error queue with failing mutex 2018-03-08 11:49:16 -07:00
Jacob Barthelmeh 2a0ef55a66 fix for check on return value with mutex error case 2018-03-08 11:26:22 -07:00
Jacob Barthelmeh 74475a26ba compile more functions in with OPENSSL_EXTRA 2018-03-08 11:06:40 -07:00
Sean Parkinson d6ffa0dd8e Fix downgrade when doing TLS v1.3 2018-03-08 15:05:36 +10:00
Sean Parkinson d35a3f1e69 Fixes from code review 
If doing TLS v1.3 and version on ServerHello is below TLS v1.2 then
handle message with old code.
If doing TLS v1.3, downgrading and version ClientHello is less than
minimum downgrade then this is a version error.
 2018-03-08 09:00:36 +10:00
Jacob Barthelmeh 612a80609a warning about extra set of parentheses 2018-03-07 10:35:31 -07:00
Jacob Barthelmeh 799a6b6d2d fix warning of unused variable and add guard for disable ecc build 2018-03-07 10:35:31 -07:00
Jacob Barthelmeh a9c6385fd1 trim out more strings and fix DN tag 2018-03-07 10:35:31 -07:00
David Garske a4000ba196 Merge pull request #1418 from SparkiDev/sp_armasm 
Add assembly code for ARM and 64-bit ARM
 2018-03-07 09:18:16 -08:00
Sean Parkinson 89182f5ca9 Add assembly code for ARM and 64-bit ARM 
Split out different implementations into separate file.
Turn on SP asm by configuring with: --enable-sp-asm
Changed small ASM code for ECC on x86_64 to be smaller and slower.
 2018-03-07 11:57:09 +10:00
Jacob Barthelmeh 3f80006b25 add stub code for flag with x509 check host 2018-03-06 11:55:20 -07:00
Sean Parkinson dee74e98dd Fix downgrading when WOLFSSL_TLS13 is defined (despite NO_OLD_TLS being defined) 2018-03-05 10:11:51 +10:00
toddouska 48cd2806af Merge pull request #1412 from JacobBarthelmeh/PKCS12 
clean up memory in error case with PKCS12 create
 2018-03-02 12:37:12 -08:00
toddouska 2c12b0d678 Merge pull request #1411 from ejohnstown/dtls-null-fix 
DTLS Import/Export with Null Cipher
 2018-03-02 11:41:04 -08:00
Jacob Barthelmeh ae23f777d6 clean up memory in error case with PKCS12 create 2018-03-02 11:35:16 -07:00
John Safranek da76ee0877 allow import of DTLS sessions with null cipher as the null cipher is allowed with dtls when enabled 2018-03-02 09:57:07 -08:00
Jacob Barthelmeh 223903717a add sanity check for short read 2018-03-02 09:38:11 -07:00
Jacob Barthelmeh e80e82a89b sanity check on reading newline character 2018-03-01 18:00:52 -07:00
Jacob Barthelmeh d46a2b449d fix for smallstack buffer size 2018-03-01 18:00:52 -07:00
Jacob Barthelmeh 2a368abd20 fix build for haproxy 2018-03-01 18:00:52 -07:00
toddouska b527f6fb81 Merge pull request #1397 from JacobBarthelmeh/Optimizations 
Optimizations
 2018-02-26 08:43:22 -08:00
Jacob Barthelmeh 9391c608cc remove error string function when no error strings is defined 2018-02-23 17:31:20 -07:00
toddouska 9b90cdc919 Merge pull request #1396 from JacobBarthelmeh/Testing 
fix for static analysis warning of null dereference
 2018-02-23 15:51:29 -08:00
toddouska 22e55e72c1 Merge pull request #1394 from cconlon/selftest 
Add CAVP-only Self Test for special build
 2018-02-23 15:50:06 -08:00
Jacob Barthelmeh 9757effdc1 fix for static analysis warning of null dereference 2018-02-23 14:49:06 -07:00
Chris Conlon ad53037852 add CAVP selftest option for special build 2018-02-23 10:14:56 -07:00
JacobBarthelmeh 89390180a0 Merge branch 'master' into Compatibility-Layer 2018-02-22 15:24:31 -07:00
toddouska 41ae47fa3c Merge pull request #1390 from SparkiDev/tls13_downgrade 
Fix downgrading from TLS v1.3 to TLS v1.2
 2018-02-22 08:53:48 -08:00
Sean Parkinson 7160384a19 Explicit curve data in public ECC key 
Certificate's public key data contains more of the encoding.
PKCS #7 using public key from certificates calls proper decode.
 2018-02-22 14:59:19 +10:00
Sean Parkinson da4024b46a Fix downgrading from TLS v1.3 to TLS v1.2 
Fix handling of ServerHello in TLS v1.3 to support TLS v1.2 when
downgrading.
Added support in client and server examples for using downgrade method:
wolfSSLv23_client_method_ex() or wolfSSLv23_server_method_ex().
Add tests, using downgrade version, of client or server downgrading from
TLS v1.3 to TLS v1.2.
 2018-02-22 12:48:50 +10:00
Sean Parkinson dc4edd0cd9 SNI fix for nginx 2018-02-21 23:48:43 +10:00
Sean Parkinson d1f19e8ecc Fix resumption code around when not available 
Can't set a ticket if the encryption callback is NULL.
If no useable pre-shared key is found then we won't do PSK.
 2018-02-21 17:45:13 +10:00
toddouska 7a2aa6bc13 Merge pull request #1382 from dgarske/cleanup_strncpy 
Fixes for ensuring null termination on all strncpy calls
 2018-02-20 08:18:08 -08:00
Jacob Barthelmeh a275022dbe account for pwdbased being enabled with x509small 2018-02-19 17:32:39 -07:00