Commit Graph

11142 Commits

Author SHA1 Message Date
David Garske a3af2fc960 Fix for single threaded case with double free on suites. 2019-02-26 11:03:02 -08:00
David Garske 38303cf27b More spelling fixes. 2019-02-26 10:47:42 -08:00
David Garske eecc823208 Fixes for scan-build warnings with ASN, PKCS12 and PKCS7. 2019-02-26 10:47:22 -08:00
jrblixt e01723a435 Code review changes. 2019-02-26 10:42:02 -07:00
jrblixt 8a47af0edc Added benchmark tests to WICED wolfcrypt test app.
Updated the user_settings.h loc per David.
TLS13; SNI; MAX_FRAG
Configure for wolfCrypt bench.
Update README.
2019-02-26 10:37:58 -07:00
Kiwamu Okabe 95658be0ce WICED wolfCrypt-TLS_cli_srv-Https_cli 2019-02-26 10:37:48 -07:00
David Garske 9a129e89c1 Fixes for building with no filesystem and --enable-testcert or WOLFSSL_TEST_CERT. Fixes nightly expected configurations test. 2019-02-26 09:36:31 -08:00
Sean Parkinson fe620b5250 Compile error when FP_MAX_BITS doesn't support FFHDE parameters 2019-02-26 16:44:59 +10:00
Sean Parkinson a2f8747652 Fix DecodePrivateKey to return NOT_COMPILED_IN with PKCS#11 2019-02-26 09:22:03 +10:00
Sean Parkinson cb830a088f Fix for configurations without specific algorithms 2019-02-26 09:22:03 +10:00
Sean Parkinson 700e9896d4 PKCS #11 support for HMAC with MD5, SHA, SHA-2 2019-02-26 09:22:03 +10:00
David Garske 2bb5dd710c Fix for curve load failure leak. 2019-02-25 15:19:31 -08:00
David Garske b45241f6f8 Fix to use QAT for ECC sign and verify when SP is enabled and key was initialized with devId. Fixes issues with wolfCrypt test and QAT not properly calling "again" for the ECC sign, verify and shared secret. 2019-02-25 14:51:15 -08:00
Sean Parkinson a44751cd39 PKCS #11 use private key id double free issue fixed 2019-02-26 08:27:59 +10:00
toddouska efc1ab8c42 Merge pull request #2111 from SparkiDev/ed25519_fixes_1
Various improvements for testing
2019-02-25 13:55:28 -08:00
toddouska 0360b38de4 Merge pull request #2116 from SparkiDev/pkcs11_id_fix_1
Fixes for PKCS #11 private key id and ECC
2019-02-25 13:09:15 -08:00
David Garske 3785bafdf4 Merge pull request #2096 from kaleb-himes/ZD4707
Update for newer versions of the TI compiler
2019-02-25 13:05:43 -08:00
toddouska 603a9b2e59 Merge pull request #2110 from dgarske/spelling
Fixes for various spelling errors
2019-02-25 13:04:12 -08:00
toddouska 72a50b8d46 Merge pull request #2109 from dgarske/pkcs7_buf
Fix for proper detection of PKCS7 buffer overflow case
2019-02-25 13:02:09 -08:00
Max aa70ac0be2 Added defines to force OCSP nonce check and omit OCSP date before check. 2019-02-25 14:40:19 +01:00
Sean Parkinson 0e914d81dc Fixes for PKCS #11 private key id and ECC 2019-02-25 11:17:56 +10:00
Sean Parkinson feea036ec9 Fix generation of certs_test.h
Fix formatting of certs_test.h:
- remove trailing spaces
- change leading tab stops to spaces
2019-02-25 09:00:26 +10:00
David Garske 712ecabf36 Fix for ECC sign with hardware to ensure the input is truncated to the key order. 2019-02-22 15:30:52 -08:00
David Garske 9ff976a6e1 Fixes for wolfCrypt test with asynchronous support enabled and --enable-nginx. 2019-02-22 13:47:34 -08:00
toddouska b037334732 Merge pull request #2106 from dgarske/ecc_pubkey
Adds `ECC_PUBLICKEY_TYPE` to the support PEM header types
2019-02-22 12:09:10 -08:00
toddouska 04e3c4414d Merge pull request #2102 from SparkiDev/pkcs11_aes_cbc
Add support to PKCS #11 for AES-CBC and NO_PKCS11 defines
2019-02-22 12:07:23 -08:00
toddouska 9b125c5797 Merge pull request #2107 from JacobBarthelmeh/Compatibility-Layer
remove null terminators on substrings
2019-02-22 10:26:06 -08:00
Jacob Barthelmeh 8b0bcdaf29 EVP decrypt with padding fix 2019-02-22 10:05:15 -07:00
Sean Parkinson 8bb4e23f8d Various improvements for testing
Fix wc_ecc_fp_free() to be called when using HAVE_STACK_SIZE.
Increase size of replyin client.c so all HTTP reply is displayed.
Fix api.c to support only Ed25519 (not RSA and ECC)
Fix suites.c to detect when CA for client won't work (Ed25519 only)
For Static Memory add debugging and small profile.
Also allow realloc to be called with NULL.
Add more Ed25519 certs and keys.
Fix names of Ed25519 filenames for client and server.
Do NOT turn on ECC_SHAMIR by default with lowresource.
Enable WOLFSSL_STATIC_MEMORY_SMALL if low resource and no RSA.
2019-02-22 17:14:19 +10:00
Takashi Kojo 7b44fbe265 OCSP, CRL request with "Cache-Control: no-cache" for proxy 2019-02-22 09:23:06 +09:00
David Garske ee3eb8fb4c Fix for proper detection of buffer overflow case when calling wc_PKCS7_EncodeSignedData. 2019-02-21 13:32:28 -08:00
David Garske 289f51a77d Fixes for various spelling errors. 2019-02-21 13:29:44 -08:00
Takashi Kojo 5e0a77704b argument check 2019-02-22 06:17:45 +09:00
Takashi Kojo 801ef2c62c add wolfSSL_CertManagerCheckOCSP_Staple 2019-02-22 05:39:38 +09:00
Takashi Kojo 28d8730948 exporse OcspEntry in asn.h 2019-02-22 05:20:54 +09:00
Jacob Barthelmeh 5932cdab15 cast on strlen return value 2019-02-21 13:04:38 -07:00
David Garske 55ca2c2da7 Added build-time override for benchmark thread count WC_ASYNC_BENCH_THREAD_COUNT. 2019-02-21 10:45:09 -08:00
John Safranek 39626bb349 1. Add a newline to the client's "non-blocking socket and renegotiation" notice.
2. Add suite test cases for more renegotiation setting combinations.
2019-02-21 10:06:55 -08:00
David Garske 5801e7773b Merge pull request #2108 from miyazakh/server_help_in_jp
fixed examples/server to take additional parameter for "-?"
2019-02-21 05:55:32 -08:00
Sean Parkinson ee4e27afe2 Fix lengths to support large DH params 2019-02-21 17:13:43 +10:00
Hideki Miyazaki b68eab6450 fixed to take additioanl option for -? 2019-02-21 13:44:08 +09:00
Jacob Barthelmeh 18d3e04dbf remove null terminators on substrings 2019-02-20 16:39:18 -07:00
Sean Parkinson b0957c68fb ForceZero the devKey field of Aes in PKCS#11
Don't memset the key field of AES in PKCS#11.
2019-02-21 08:22:56 +10:00
Sean Parkinson b4996e35fa Set MAX_PRF_HALF bigger for large FFDHE parameters
Stack size measurement is in a thread - free local fp_cache
2019-02-21 08:09:52 +10:00
John Safranek 7389553bd6 1. For secure renegotiation, remove the check of the peer certificate's
subject ID on renegotiation. Both endpoints are already
cryptographically linked on an encrypted channel.
2. The error code list has gaps where deprecated codes were deleted,
remove the redundant gaps where there aren't missing codes.
2019-02-20 11:45:21 -08:00
toddouska 9c9221432f Merge pull request #2087 from ejohnstown/aesgcm
Update TLS for AES-GCM/CCM changes
2019-02-20 11:43:06 -08:00
John Safranek a376e17aee Switch the bound for the XMEMSET of the sessionID when starting a
renegotiation to use sizeof the sessionID rather than the constat used
to set the size of the array.
2019-02-20 11:26:33 -08:00
John Safranek f78ba4649b Update the help text so the Japanese translations of the new options are printed. 2019-02-20 11:23:00 -08:00
toddouska b8dc772ef8 Merge pull request #2105 from dgarske/fix_stm_aesgcm
Fix for STM32 AES GCM
2019-02-20 09:23:11 -08:00
toddouska 3013cdd925 Merge pull request #2095 from SparkiDev/asm_macosx
Get Mac OS X working with the x86_64 assembly files
2019-02-20 09:19:29 -08:00