Commit Graph

2312 Commits

Author SHA1 Message Date
Kiwamu Okabe 95658be0ce WICED wolfCrypt-TLS_cli_srv-Https_cli 2019-02-26 10:37:48 -07:00
toddouska efc1ab8c42 Merge pull request #2111 from SparkiDev/ed25519_fixes_1
Various improvements for testing
2019-02-25 13:55:28 -08:00
David Garske 3785bafdf4 Merge pull request #2096 from kaleb-himes/ZD4707
Update for newer versions of the TI compiler
2019-02-25 13:05:43 -08:00
toddouska 603a9b2e59 Merge pull request #2110 from dgarske/spelling
Fixes for various spelling errors
2019-02-25 13:04:12 -08:00
Sean Parkinson feea036ec9 Fix generation of certs_test.h
Fix formatting of certs_test.h:
- remove trailing spaces
- change leading tab stops to spaces
2019-02-25 09:00:26 +10:00
toddouska 04e3c4414d Merge pull request #2102 from SparkiDev/pkcs11_aes_cbc
Add support to PKCS #11 for AES-CBC and NO_PKCS11 defines
2019-02-22 12:07:23 -08:00
Sean Parkinson 8bb4e23f8d Various improvements for testing
Fix wc_ecc_fp_free() to be called when using HAVE_STACK_SIZE.
Increase size of replyin client.c so all HTTP reply is displayed.
Fix api.c to support only Ed25519 (not RSA and ECC)
Fix suites.c to detect when CA for client won't work (Ed25519 only)
For Static Memory add debugging and small profile.
Also allow realloc to be called with NULL.
Add more Ed25519 certs and keys.
Fix names of Ed25519 filenames for client and server.
Do NOT turn on ECC_SHAMIR by default with lowresource.
Enable WOLFSSL_STATIC_MEMORY_SMALL if low resource and no RSA.
2019-02-22 17:14:19 +10:00
David Garske 289f51a77d Fixes for various spelling errors. 2019-02-21 13:29:44 -08:00
Sean Parkinson 520ae52ece Add support to PKCS #11 for AES-CBC and NO_PKCS11 defines
Added PKCS #11 specific defines to turn off support for algorithms.
2019-02-19 13:50:12 +10:00
Sean Parkinson e3997558a9 Fixes from review and added REAMEs and setup.sh
Add README.md and setup.sh.
Add READMEs with license information.
2019-02-19 11:47:45 +10:00
Sean Parkinson 5e1eee091a Add threaded samples using buffers and sockets 2019-02-19 11:47:45 +10:00
Sean Parkinson 3366acc9ce Zephyr port of crypto 2019-02-19 11:47:44 +10:00
kaleb-himes d806134cbf Update for newer versions of the TI compiler 2019-02-15 13:05:37 -07:00
toddouska c04cade97c Merge pull request #2083 from JacobBarthelmeh/Testing
Expected Configurations Test - NIGHTLY BUILD #505
2019-02-15 10:23:55 -08:00
Jacob Barthelmeh 275667f0e9 remove ocsp attempt with ipv6 enabled 2019-02-13 19:01:09 -07:00
toddouska 46bb2591c8 Merge pull request #2070 from dgarske/fix_cryptocb
Fixes and improvements to Crypto Callbacks and STM32 RNG performance
2019-02-13 12:44:19 -08:00
toddouska 817b82e453 Merge pull request #2084 from cconlon/cmsFeb19
Changes for CMS signedData default signed attributes
2019-02-13 09:49:55 -08:00
David Garske 1a8388641d Change new hash SetFlag/GetFlag API's to private. 2019-02-12 16:03:10 -08:00
David Garske 454687f429 Fix for TLS HMAC constant timing to ensure final is called for dummy operations. Added devCtx to AES for CryptoCb. 2019-02-12 16:03:10 -08:00
David Garske dcdb1d7094 Added flag to indicate if hash is copied. 2019-02-12 16:03:10 -08:00
David Garske e7b23646a5 Updates to HMAC crypto callback support to capture raw KEY and require hmac struct. 2019-02-12 16:03:10 -08:00
David Garske 838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
David Garske 88d3abb1e6 Added Crypto callback HMAC support. 2019-02-12 16:03:10 -08:00
David Garske 891abe130a Added Crypto callback support for ASN CalcHashId. Added arg checking to cryptocb functions. 2019-02-12 16:03:10 -08:00
Kaleb Himes f824c8c769 Merge pull request #2077 from ejohnstown/ocsp-ecdsa
OCSP and ECDSA Signers
2019-02-12 09:50:37 -07:00
toddouska feae776ee3 Merge pull request #2078 from SparkiDev/ssl_priv_id
Support in SSL for setting a private key id
2019-02-12 07:56:47 -08:00
Jacob Barthelmeh acc0121e0f account for WOLF_C99 with ipv6 test cases 2019-02-11 15:07:12 -07:00
Chris Conlon 56736a3563 always include default signed attributes for CMS SignedData bundles, add function to remove if needed 2019-02-11 14:41:32 -07:00
Sean Parkinson e86aae00ed Change to allow setting of devId for private key 2019-02-11 12:37:44 +10:00
Sean Parkinson 47922a4d87 Support in SSL for setting a private key id
Works with PKCS #11 to use key on device.
2019-02-11 10:38:38 +10:00
David Garske aa21a0e6df Fix to increase maximum DH key size if using fast math and FP_MAX_BITS supports it. 2019-02-08 17:36:40 -08:00
John Safranek 6298074f93 OCSP and ECDSA Signers
OCSP uses an identified hash of the issuer's public key to identify the
certificate's signer. (Typically this is SHA-1, but can be any SHA
hash.) The AKID/SKID for the certificates usually are the SHA-1 hash of
the public key, but may be anything. We cannot depend on the AKID for
OCSP purposes. For OCSP lookups, wolfSSL calculates the hash of the
public key based on the copy saved for use with the handshake signing.
For RSA, that was fine. For ECDSA, we use the whole public key including
the curve ID, but for OCSP the curve ID isn't hashed. Stored the hash of
the public key at the point where we are looking at the key when reading
in the certificate, and saving the hash in the signer record.
2019-02-07 17:34:25 -08:00
toddouska e52f4494f0 Merge pull request #2069 from dgarske/fix_8192
Fixes for handling 6144 and 8192 bit with TLS v1.3
2019-02-07 15:02:40 -08:00
toddouska 4f4d16d9e5 Merge pull request #2068 from dgarske/pkcs7_verify_degenerate
Fixes to handle degenerate PKCS 7 with BER encoding
2019-02-07 15:00:21 -08:00
Jacob Barthelmeh ec28376e7f add PKCS7 BER verify test and fix for streaming 2019-02-06 11:05:15 -07:00
toddouska 8fc1780688 Merge pull request #2065 from SparkiDev/ossl_fix1
Changes to make symbols available for OpenSSL compat
2019-02-01 10:04:41 -08:00
toddouska 4a5652f318 Merge pull request #2061 from SparkiDev/x86_asm_not_in_c
Pull out x86_64 ASM into separate files
2019-02-01 10:01:34 -08:00
toddouska 1258467b0a Merge pull request #2054 from SparkiDev/pkcs11_rng
Add support for random and getting entropy (seed) with PKCS#11
2019-02-01 09:59:12 -08:00
toddouska 4a177a8a30 Merge pull request #1997 from tmael/portingDeos
Initial Deos RTOS port
2019-02-01 09:56:55 -08:00
David Garske c080050c80 Fix to detect larger key size requirement based on FP_MAX_BITS. Fix for TLSv1.3 to allow server_hello for TLSX_SUPPORTED_GROUPS. ZD 4754. 2019-02-01 09:53:30 -08:00
Sean Parkinson 7822cef1ac Pull out x86_64 ASM into separate files 2019-01-29 13:08:24 +10:00
Chris Conlon 0b2bbc33bd Merge pull request #2059 from miyazakh/openssl_bksize_digest
Added EVP_MD_CTX_block_size and exposed EVP_Digest()
2019-01-28 15:17:26 -07:00
John Safranek 1288036dbe Merge pull request #2047 from kojo1/freeCRL
wolfSSL_CertManagerFreeCRL: exposing FreeCRL
2019-01-25 16:08:31 -08:00
toddouska 0d8ca06928 Merge pull request #2052 from dgarske/atecc_fixes
Fixes for ATECC with PMS outlen and `ATECC_MAX_SLOT`
2019-01-25 14:26:09 -08:00
Hideki Miyazaki 53adb93ae4 Added EVP_MD_CTX_block_size and publicized EVP_Digest() 2019-01-25 09:05:36 +09:00
Sean Parkinson 743f8b576f Add support for random and getting entropy (seed) with PKCS#11
Getting the seed from a device has been added.
If the HASH_DRBG is available, PKCS#11 will be used for generating the
seed.
Otherwise, all generated random data will come from PKCS#11 device.
2019-01-25 08:01:30 +10:00
Sean Parkinson 4ef6841465 Changes to make symbols available for OpenSSL compat 2019-01-24 08:38:05 +10:00
toddouska d16c2ca7c6 Merge pull request #1865 from JacobBarthelmeh/Optimizations
--enable-afalg=xilinx
2019-01-22 14:19:54 -08:00
David Garske c48786c649 Correct the ATECC slot maximum. 2019-01-22 12:14:05 -08:00
David Garske eaf5c3042d Merge pull request #2050 from toddouska/sub
remove outdated submission note
2019-01-21 18:41:38 -08:00