wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-28 23:03:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,845 Commits 13 Branches 184 Tags
9898b5d82b7d0b2692d68025f52e8a7f19c52d69
Commit Graph

259 Commits

Author SHA1 Message Date
Hayden Roche dc7ae37f7a Make changes to support port of NTP from OpenSSL to wolfSSL. 2021-08-02 13:33:18 -07:00
JacobBarthelmeh 020e23783b Merge pull request #4180 from kaleb-himes/DEFAULT_CA_BOOL 
Fix basic constraints extension present and CA Boolean not asserted
 2021-07-19 23:08:27 +07:00
Jacob Barthelmeh 88b70a3906 update google cert that was set to expire in Dec 2021 2021-07-09 23:57:50 +07:00
kaleb-himes 93a8f36530 Fix basic constraints extension present and CA Boolean not asserted 2021-07-02 12:16:16 -06:00
Jacob Barthelmeh 3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske 3d5c5b39ac Merge pull request #4134 from embhorn/joi-cert 
Update use of joi cert and add to renew script.
 2021-06-17 18:28:12 -07:00
Kaleb Himes 93ae372c55 Merge pull request #4132 from dgarske/exebits 
Remove execute bit on update pem/der files
 2021-06-16 17:20:53 -05:00
Eric Blankenhorn 1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
David Garske 90d894b9fd Remove execute bit on update pem/der files. 2021-06-16 10:17:20 -07:00
Jacob Barthelmeh d8fc01aabf add cert generation to renewcerts script 2021-06-16 14:31:33 +07:00
Sean Parkinson 5bb639f6db Merge pull request #4126 from dgarske/certs_test_expired 
Fixes for expired test certs
 2021-06-16 11:25:54 +10:00
Sean Parkinson b73673a218 Merge pull request #3794 from TakayukiMatsuo/os_keyprint 
Add wolfSSL_EVP_PKEY_print_public
 2021-06-16 08:43:41 +10:00
David Garske 6d95188f4b Fixes for expired test certs. Generated using cd certs/test && ./gen-testcerts.sh. 2021-06-15 15:07:34 -07:00
David Garske 5a78574a8a Add new scripts to include.am. 2021-06-11 08:19:23 -07:00
TakayukiMatsuo 779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson ed14e593c7 ED25119 and SHAKE-256: fixes 
SHAKE-256 is off by default now. Make sure WOLFSSL_SHAKE256 doesn't make
it into options.h.
Fix openssl.test usage of ed25519 certificates.
Add scripts that regenerate certificates
 2021-06-11 10:13:31 +10:00
Sean Parkinson 3ecb8d5a3e Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
David Garske 4a85127507 Improve wc_DhKeyToDer for public key size calculation. Fixes bug with the output too (was missing 1 byte in length for the unused bits byte in bit string). 2021-06-08 09:55:56 -07:00
David Garske 9b215c5138 Fixes for DH Pub key import/export and new test case. Improve wc_DhParamsToDer. 2021-06-08 09:27:30 -07:00
Sean Parkinson 8779c3a884 ECC: Disable ECC but have Curve25519/448 and PK callbacks fix 
Fix ed25519 certificates.
Tidy up testsuite.c
 2021-05-10 10:32:55 +10:00
Kareem Abuobeid 8071fac306 S/MIME: Add smime-test-canon.p7s to include.am 2021-04-30 15:30:55 -07:00
Kareem Abuobeid effcecf40d S/MIME: Add non-canonicalized test case 2021-04-30 15:07:37 -07:00
TakayukiMatsuo 491f3bc423 Add two public key files in certs folder and register them to gencertbuf.pl 2021-03-19 14:52:58 +09:00
Hideki Miyazaki 44a20c8ce6 add more unit test case for load_crl_file 2021-03-05 08:19:14 +09:00
Jacob Barthelmeh f4519018eb remove execute bit on smime bundles 2021-02-15 23:33:31 +07:00
toddouska 67b1280bbf Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
Jacob Barthelmeh 41e5e547c4 run renewcerts.sh script 2021-02-11 03:12:54 +07:00
Kareem Abuobeid a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
Jacob Barthelmeh e2b411805d add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen script 2021-01-12 00:40:15 +07:00
Juliusz Sosinowicz 6226edb394 Use CSR with smaller key size 4096 -> 2048 2020-12-18 12:48:25 +01:00
Juliusz Sosinowicz 383df620bf Add CSR test with Extension Request attribute 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 77c730361e Jenkins fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 2a9bb906a9 Implement wolfSSL_BIO_*_connect and wolfSSL_BIO_set_conn_port 
Forgot to commit csr.dsa.pem for api.c
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 2689d499b9 Tests starting to pass 2020-12-17 14:26:49 +01:00
Jacob Barthelmeh 04e22b0747 add restriction to excluded DIR name constraint 2020-12-11 10:00:11 +07:00
Jacob Barthelmeh f00263889b add test case 2020-12-11 08:20:48 +07:00
David Garske 10f459f891 Added TLS v1.2 and v1.3 test cases for ECC Koblitz and Brainpool curves (both server auth and mutual auth). Cipher suites: ECDHE-ECDSA-AES128-GCM-SHA256, ECDH-ECDSA-AES128-GCM-SHA256 and TLS13-AES128-GCM-SHA256. 2020-11-10 09:47:36 -08:00
Chris Conlon 79dea1c85c add test-servercert-rc2.p12 to include.am 2020-10-19 08:01:19 -06:00
Chris Conlon 062df01737 add PKCS12 RC2 test case, example p12 bundle 2020-10-16 12:02:20 -06:00
John Safranek c2bb359eb4 Automake Fixes 
1. A couple cert scripts don't need to be included in the makefile or the distribution.
 2020-10-14 17:23:58 -07:00
toddouska 0f6d391ea1 Merge pull request #3295 from SparkiDev/tls13_p521 
TLS 1.3: Fix P-521 algorithm matching
 2020-09-21 13:36:48 -07:00
Sean Parkinson 409daa665d Script to find exipred CRLs and certificates 
Check for expiration in 3 months.
First argument is the offset. e.g. "+1 year"
 2020-09-18 11:26:27 +10:00
Sean Parkinson d63ff07edc TLS 1.3: Fix P-521 algorithm matching 
Digest size compared to key size - P521 has large key size.
Fixed to round down.
Added P-521 keys and certificates.
Added testing of P-521 keys and certificcates to unittest.
 2020-09-18 10:51:55 +10:00
John Safranek 3bd27f7912 fix a bad path in renewcerts 2020-08-12 15:17:21 -07:00
John Safranek 95337e666c Release Update 
1. Update the usual versions.
2. Update README and ChangeLog.
3. Modify genecc and renewcerts to update two certificate files that had expired.
4. Update the expired certificate files.
 2020-08-12 14:43:47 -07:00
Juliusz Sosinowicz fe1f815761 wolfSSL_X509V3_EXT_i2d: NID_ext_key_usage 2020-08-06 13:45:36 +02:00
David Garske 1b051d9c5b TLS v1.3 sniffer support: 
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
 2020-07-17 15:22:35 -07:00
kaleb-himes aa704420fd Fix typo in include.am 2020-07-07 16:39:39 -06:00
kaleb-himes 42f3a6d7a4 Put both potential roots for login.live.com into collection for stapling test 2020-07-07 16:02:48 -06:00
David Garske efa169e595 Fix for invalid files in include.am. Improvement to new alt-chain tests to catch case this PR fixes. 2020-06-18 08:33:59 -07:00