wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-05 21:15:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,360 Commits 12 Branches 184 Tags
8a01d725da08253d45af1945856a5bda9ff48352
Commit Graph

1135 Commits

Author SHA1 Message Date
toddouska
c0105b3008 Merge pull request #1175 from dgarske/cleanup_inlines 
Cleanup to consolidate the inline helpers
 2017-10-24 08:15:12 -07:00
Moisés Guimarães
96667b47ee ec point format TLS extension (#1034) 
* adds client support to ec_point_format
* adds ec_point_format support for server side
* makes ec-point-format activation dependent on supported-curves activation
* removes recursive functions preserving the writing order
* renames EllipticCurves to SupportedCurves
 2017-10-23 14:06:20 -07:00
David Garske
7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske
911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske
7f2e6e1d8a Cleanup to consolidate the inline helpers like cto, ato and bto into misc.c. Relocate the word24 typedef into types.h. 2017-10-18 09:06:48 -07:00
toddouska
1377577af5 Merge pull request #1187 from dgarske/build_fixes 
Build fixes for various TLS 1.3 disable options
 2017-10-18 08:59:46 -07:00
David Garske
8659140494 Build fixes for various TLS 1.3 disable options (RSA, ECC and ED/Curve 25519). 2017-10-17 09:39:32 -07:00
Sean Parkinson
9e4e58fe8c Disallow upgrading to TLS v1.3 
Change SupportedVersions extension to only include TLS v1.3 if downgrade
is disabled.
Fix parsing of SupportedVersions extension
Don't upgrade
Only downgrade in SupportedVersions extension if option enabled
 2017-10-17 08:52:12 +10:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
toddouska
04106a0089 Merge pull request #1174 from dgarske/ocsp_cb_ctx 
Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object
 2017-10-12 10:02:49 -07:00
David Garske
6021c37ec7 Refactor WOLF_SSL_ to WOLFSSL_ (much better). 2017-10-11 09:10:43 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
David Garske
280de41515 Improvement to wolfSSL_SetOCSP_Cb to set the context per WOLFSSL object (callback functions are same). Adding API unit tests next. 2017-10-06 12:18:21 -07:00
Jacob Barthelmeh
f7ea118dd7 downgrade with options set when using opensslextra feature 2017-09-01 13:47:56 -06:00
Jacob Barthelmeh
3dbe5d2af9 fixes for Windows build 2017-08-29 12:02:24 -06:00
toddouska
c330c6b7f9 Merge pull request #1109 from JacobBarthelmeh/Testing 
fix check on ephemeral key type before free'ing
 2017-08-18 11:53:08 -07:00
toddouska
8a37af42bf Merge pull request #1108 from dgarske/fix_async_misc 
Fixes for async ECC encrypt, ParseCertRelative and API Unit test inits
 2017-08-18 11:44:28 -07:00
Jacob Barthelmeh
c6e722170e fix check on ephemeral key type before free'ing 2017-08-18 10:55:38 -06:00
Jacob Barthelmeh
f6ad5524eb remove invalid test-qsh version tests, revert if statement check in internal.c 2017-08-17 11:27:47 -06:00
David Garske
f7ca2f157d Improvement on the ParseCertRelative fixes for intializing the event prior to operation. Fix possible uninitialized value with DecryptKey and DES3. 2017-08-16 13:19:31 -07:00
toddouska
53e05786da Merge pull request #1101 from dgarske/fix_bench_async 
Fixes for async multi-threading
 2017-08-16 10:15:55 -07:00
David Garske
ccc226eae4 Fixes for refactor to initialize the asyncDev.event prior to call for ParseCertRelative, ConfirmSignature and ECC shared secret (return code). Scan-build and G++ fixes. 2017-08-15 21:20:32 -07:00
David Garske
b32be20110 Refactored async event intialization so its done prior to making possible async calls. Added threadId and removed volatile attribs in WOLF_EVENT. Fixed possible unitialized value in benchmark ret. 2017-08-15 21:19:28 -07:00
Chris Conlon
f6d0b2898d update Micrium uC/OS-III port 2017-08-11 14:30:15 -06:00
toddouska
e77e93ef2e Merge pull request #1065 from JacobBarthelmeh/Testing 
update DTLS export session version and tests
 2017-08-02 11:40:38 -07:00
dgarske
bd20729fba Merge pull request #1069 from ejohnstown/dtls-mac 
DTLS Bad MAC Checks
 2017-08-01 13:45:19 -07:00
Jacob Barthelmeh
c93d348ecd fix sesion export buffer to be not dependent on macros defined 2017-08-01 14:19:06 -06:00
Sean Parkinson
24e9f7c43d Add NULL check after signature alg extension search 2017-08-01 13:55:06 +10:00
dgarske
7cee1c5e8a Merge pull request #1072 from toddouska/alert 
add AlertCount to detect dos attempt
 2017-07-31 18:29:23 -07:00
Jacob Barthelmeh
08da8df455 sanity check on peer sequence for static analysis report 2017-07-31 16:37:34 -06:00
toddouska
66852a9252 add AlertCount to detect dos attempt 2017-07-31 15:17:54 -07:00
John Safranek
36a539760a DTLS Bad MAC Checks 
1. Make the decrypt and verify MAC failure cases behave the same with
   respect to DTLS messages. It should pretend the message never happened.
2. Allow the echoclient to survive the echoserver sending a message with
   a bad MAC.
3. Allow the server to survive the client sending a message with a bad MAC.
 2017-07-31 13:54:53 -07:00
toddouska
fb53fac1c1 Merge pull request #1067 from JacobBarthelmeh/Memory 
sanity check on index when adding cipher suites
 2017-07-31 12:03:49 -07:00
Jacob Barthelmeh
5564be6113 sanity check on index when adding cipher suites 2017-07-28 17:42:52 -06:00
David Garske
3387b12a9a Fix for building with NO_CERTS or NO_WOLFSSL_SERVER defined. 2017-07-28 15:24:53 -07:00
Jacob Barthelmeh
e1ccc5acad update DTLS export session version and tests 2017-07-28 14:27:24 -06:00
David Garske
c03487d463 Fix for dynamic type of ED25519 key and PK_CALLBACK buffer not being free’d. Fix for portNumber stack var being used out of scope. 2017-07-25 15:07:58 -07:00
toddouska
36c2ee92dc Merge pull request #1050 from JacobBarthelmeh/ARMv8 
Xilinx port
 2017-07-24 15:37:05 -07:00
Jacob Barthelmeh
59a46d08d9 Xilinx port 2017-07-21 17:39:47 -06:00
John Safranek
935bf9028d DTLS Multicast 
1. Keep track of the number of records a session drops for having a
   bad MAC or detected as replayed.
2. Add function to access the drop statistics.
 2017-07-19 13:38:31 -07:00
John Safranek
1d32409651 DTLS Multicast 
1. Allow the MTU size to be changed at compile time for memory
   contrained environments using static memory.
2. Add compile time option to disable the check for DTLS messages
   in the current epoch with an outside-the-window sequence number.
 2017-07-19 13:36:42 -07:00
John Safranek
6509faa78d Several parameters stored with DTLS session export have moved into 
a wrapper structure. Updated the references.
 2017-07-19 13:36:42 -07:00
John Safranek
fbd7f7972b Multicast 
1. Used quotes rather than angle-brackets when including
   user_settings.h.
2. Used angle-brackets rather than quotes when including
   the ThreadX and NetX headers.
3. Added a define flag to include types.h with NetX or ThreadX.
4. Added a void typecast to hush a warning about an unused variable
   in the I/O callbacks for NetX.
5. Clean up static analysis warning in the peer sequence
   number selection for DTLS.
 2017-07-19 13:36:41 -07:00
John Safranek
af1a9ca908 Multicast 
1. Squash a couple unused variable warnings.
 2017-07-19 13:34:32 -07:00
John Safranek
1657569605 DTLS Multicast 
1. Adding the prototypes for the sequence number high water callback.
2. Added the accessors to set the highwater callback function,
   trigger levels, and application context.
3. Calls the highwater callback at specified sequence number thresholds
   per peer.
 2017-07-19 13:34:32 -07:00
John Safranek
96c25b2caa DTLS Multicast 
1. Separated the peer ID from the array index into the peer sequence
   list. This allows peer IDs to range from 0..255, and to have an
   arbitrary size for the sequence list.
2. Add API to add and remove peer IDs from the sequence number list.
 2017-07-19 13:33:58 -07:00
John Safranek
fa4a8fee8c DTLS Multicast 
1. Temporary change to io.c to recieve datagrams from any peer.
2. Uses an array of Peer Sequence structures to track the current
   sequence number of all the peers.
 2017-07-19 13:33:57 -07:00
John Safranek
30a54a4860 Multicast 
1. Add haveMcast as an exception case for needing a signing key along
   with havePSK and haveAnon.
 2017-07-19 13:31:39 -07:00
John Safranek
41638b437b DTLS Multicast 
1. Add configured group ID to outbound DTLS datagrams.
2. Parse the group ID from inbound DTLS datagrams.
 2017-07-19 13:31:39 -07:00