wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 01:02:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,376 Commits 12 Branches 184 Tags
9c9978ce9f7e56eb24daee462aecc4eac322834d
Commit Graph

2324 Commits

Author SHA1 Message Date
Go Hosohara
9c9978ce9f OpenSSL Compatibility functions on PR#942. 2017-11-01 13:00:47 +09:00
Moisés Guimarães
5cf175c49b adds check for server side sig-algo extension 2017-10-30 23:02:36 -03:00
toddouska
264c481c71 Merge pull request #1191 from SparkiDev/tls13_no_ecc 
Fix no ECC builds with TLS13 code.
 2017-10-26 10:49:59 -07:00
toddouska
ee489b12ef Merge pull request #1198 from dgarske/fix_build 
Fix build errors with various configs.
 2017-10-26 09:46:50 -07:00
David Garske
94e0b06b9f Fix build errors with configs for no ASN and no PKI with PSK. 2017-10-26 07:34:41 -07:00
David Garske
b4d802d524 Fix cipher_name_idx to be const. 2017-10-25 16:57:53 -07:00
Sean Parkinson
323db1a95d Fix no ECC builds with TLS13 code. 
Fix tests so that having ECC disabled works as well.
Fix define protection for Draft 18 and HRR Cookie.
 2017-10-24 09:11:24 -07:00
toddouska
c0105b3008 Merge pull request #1175 from dgarske/cleanup_inlines 
Cleanup to consolidate the inline helpers
 2017-10-24 08:15:12 -07:00
Moisés Guimarães
96667b47ee ec point format TLS extension (#1034) 
* adds client support to ec_point_format
* adds ec_point_format support for server side
* makes ec-point-format activation dependent on supported-curves activation
* removes recursive functions preserving the writing order
* renames EllipticCurves to SupportedCurves
 2017-10-23 14:06:20 -07:00
David Garske
7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske
911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske
e904a38092 Fix to not send OCSP stapling extensions in client_hello when not enabled. Fix for typo in WOLFSSL_SHUTDOWN_NOT_DONE. 2017-10-19 11:18:34 -07:00
David Garske
c9558ee27b Updated a few more old names. Added PR for new configs to Jenkins. 2017-10-18 10:38:27 -07:00
David Garske
7f2e6e1d8a Cleanup to consolidate the inline helpers like cto, ato and bto into misc.c. Relocate the word24 typedef into types.h. 2017-10-18 09:06:48 -07:00
toddouska
1377577af5 Merge pull request #1187 from dgarske/build_fixes 
Build fixes for various TLS 1.3 disable options
 2017-10-18 08:59:46 -07:00
toddouska
ccda176bfa Merge pull request #1183 from SparkiDev/tls13_nu 
Disallow upgrading to TLS v1.3
 2017-10-18 08:53:00 -07:00
toddouska
9920bdf097 Merge pull request #1103 from SparkiDev/sp_rsa 
Single Precision maths for RSA, DH and ECC
 2017-10-18 08:44:47 -07:00
David Garske
3d7e86f08d Added missing API's for disabling OCSP stapling. Added OCSP stapling enable/disable for WOLFSSL. 2017-10-17 13:52:05 -07:00
David Garske
8659140494 Build fixes for various TLS 1.3 disable options (RSA, ECC and ED/Curve 25519). 2017-10-17 09:39:32 -07:00
Sean Parkinson
9e4e58fe8c Disallow upgrading to TLS v1.3 
Change SupportedVersions extension to only include TLS v1.3 if downgrade
is disabled.
Fix parsing of SupportedVersions extension
Don't upgrade
Only downgrade in SupportedVersions extension if option enabled
 2017-10-17 08:52:12 +10:00
Sean Parkinson
90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
toddouska
819acd18a7 Merge pull request #1180 from SparkiDev/tls13_nd 
Fixed DRAFT_18 define and fixed downgrading with TLS v1.3
 2017-10-13 09:24:55 -07:00
toddouska
b79b816276 Merge pull request #1168 from dgarske/ctx_get_cm 
Add method to get WOLFSSL_CTX certificate manager
 2017-10-13 09:13:54 -07:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
toddouska
04106a0089 Merge pull request #1174 from dgarske/ocsp_cb_ctx 
Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object
 2017-10-12 10:02:49 -07:00
David Garske
6021c37ec7 Refactor WOLF_SSL_ to WOLFSSL_ (much better). 2017-10-11 09:10:43 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
Sean Parkinson
7dca25ea88 Fixed DRAFT_18 define and fixed downgrading with TLS v1.3 
Changed the define in configure.ac to match the one used in the code.
Fixed downgrading to disallow unless ssl->options.downgrade is set.
TLS 1.3 client method does not have downgrade on anymore.
Test changed to not expect downgrading to work.
Test of TLS v1.3 client downgrade is actually upgrading on server.
Fixed 80 character line problems.
 2017-10-11 12:17:28 +10:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
David Garske
280de41515 Improvement to wolfSSL_SetOCSP_Cb to set the context per WOLFSSL object (callback functions are same). Adding API unit tests next. 2017-10-06 12:18:21 -07:00
David Garske
19ea4716f3 Add unit tests for wolfSSL_CTX_GetCertManager, wolfSSL_CTX_UnloadCAs, wolfSSL_CertManagerUnloadCAs and wolfSSL_CTX_get_cert_cache_memsize. Fixed comment typo PERSISTE_CERT_CACHE. 2017-10-03 10:00:20 -07:00
David Garske
dcf61bd10e Added new API wolfSSL_CTX_GetCertManager for getting the WOLFSSL_CTX certificate manager. 2017-10-03 08:46:15 -07:00
Jacob Barthelmeh
9bf14a152f change return value for wolfSSL_ASN1_TIME_print 2017-09-29 10:28:10 -06:00
Jacob Barthelmeh
8cd0b7dfc7 fix for wolfSSL_ASN1_TIME_print function 2017-09-28 15:30:46 -06:00
JacobBarthelmeh
09e92c518d Merge pull request #1163 from cconlon/mysql_sha 
Add returns to OpenSSL compatibility SHA functions
 2017-09-28 13:12:14 -06:00
Chris Conlon
34ef7207f9 check hash function returns in wolfSSL_EVP_DigestInit 2017-09-28 11:19:51 -06:00
Chris Conlon
eff781c0aa add int return to OpenSSL compatibility MD5 functions 2017-09-28 11:12:18 -06:00
Chris Conlon
ef141c3ce9 add int return to OpenSSL compatibility SHA functions 2017-09-27 14:28:19 -06:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
dgarske
fadee8fbf2 Merge pull request #1161 from cconlon/mysql_compat 
Enable ASN1_TIME_print when WOLFSSL_MYSQL_COMPATIBLE is defined
 2017-09-26 15:44:50 -07:00
Chris Conlon
b4f7997fdc enable ASN1_TIME_print when WOLFSSL_MYSQL_COMPATIBLE is defined 2017-09-26 15:02:13 -06:00
Koichi Tsujino
e8f95b9252 add EVP_get_cipherbynid 2017-09-26 08:58:36 +09:00
Chris Conlon
46f7e786cb exclude wolfSSL_SSL_get0_session when NO_SESSION_CACHE is defined 2017-09-25 14:07:17 -06:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
Jacob Barthelmeh
80333979a9 fix for wolfSSL_X509_NAME_get_text_by_NID 2017-09-20 17:31:53 -06:00
Jacob Barthelmeh
3763b88397 rename the file io.h to wolfio.h 2017-09-20 10:53:11 -06:00
John Safranek
2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
toddouska
23fff62d8b Merge pull request #1135 from dgarske/cy 
Fix issue with empty array (requires C99 compliance).
 2017-09-13 14:39:50 -07:00
toddouska
bea82ce214 Merge pull request #1118 from JacobBarthelmeh/mysql 
downgrade with options set when using opensslextra feature
 2017-09-13 14:12:09 -07:00
David Garske
932773735b Cleanup the wolfIO_Send function. 2017-09-11 05:48:41 -07:00