wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-07 01:14:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,387 Commits 12 Branches 184 Tags
9ef26679dff9d38ae5dad57508e4e479498cfae5
Commit Graph

197 Commits

Author SHA1 Message Date
David Garske
4e829bc0a5 Fix to assign default OID for TLS supported curves based on loaded extension order. 2017-03-30 13:54:24 -07:00
David Garske
75abeaecfc Updates for TKernel port (WOLFSSL_uTKERNEL2). Added support for InterNiche prconnect_pro using WOLFSSL_PRCONNECT_PRO. Cleanup the min/max functions. Add NO_STDIO_FGETS_REMAP to not include the fgets remap for WOLFSSL_uTKERNEL2. Fix TFM build warning. Added HAVE_POCO_LIB. Added wolfCrypt test temp cert path for WOLFSSL_uTKERNEL2 = /uda/. Added WOLFSSL_CURRTIME_REMAP for benchmark to allow different function name to be used for system which have a conflicting name. Add ability to use normal malloc/free with WOLFSSL_uTKERNEL2 using NO_TKERNEL_MEM_POOL. Added new XMALLOC_OVERRIDE to allow custom XMALLOC/XFREE/XREALLOC macros. Move CUSTOM_RAND_GENERATE up in RNG choices. Rename tls.c STK macros due to conflict. 2017-03-28 19:10:19 -07:00
David Garske
e98a0465ae tenAsys INtime RTOS port. Porting complete for mutex semaphores, threading, file, socket and RNG. Added projects for libwolfssl and wolfExamples. The wolfExamples project includes examples for wolfCrypt Test/Benchmark and wolfSSL TLS client/server. Provided reference user_settings.h with comments and enable/disable gates. Added README.md with overview and instructions. Fixed issue building master with NO_WOLFSSL_DIR defined. Added check if old TLS is enabled that SHA and MD5 are enabled. Cleanup of the wolfCrypt test use of USE_CERT_BUFFERS with file system enabled. 2017-03-13 09:48:55 -07:00
Sean Parkinson
80fe2a3524 Fix elliptic curve selection. 
Preference by:
1. the default for the curve strength (eccTempKeySz),
2. a curve at the curve strength (eccTempKeySz),
3. the default for next higher curve strength,
4. the first curve (client order) with the next highest curve strength
 2017-03-11 10:17:15 +10:00
toddouska
2bb14903f9 Merge pull request #698 from SparkiDev/nginx 
Get Nginx working with wolfSSL
 2017-03-09 10:23:20 -08:00
David Garske
a55ebb4c18 Fixes for building CRL with Windows. Refactor load_verify_buffer and LoadCRL to use new wc_ReadDir* functions. Added new directory/file API's: wc_ReadDirFirst(), wc_ReadDirNext(), wc_ReadDirClose(). Moved MAX_PATH and MAX_FILENAME_SZ to wc_port.h. Moved BAD_PATH_ERROR into error-crypt.h. The wc_ReadDir is only supported when NO_WOLFSSL_DIR and NO_FILESYSTEM are not defined. Add map to __FUNCTION__ macro in Windows with debug enabled (to resolve build error with VS and __func__ missing). Fix cast warning on response from EncodeOcspRequestExtensions. Fix for cast to call to BuildCertificateStatus. 2017-03-08 11:21:11 -08:00
Sean Parkinson
e6434f380b Get Nginx working with wolfSSL 2017-03-01 08:38:54 +10:00
toddouska
a1b79abedb Merge pull request #717 from wolfSSL/auto_ecc_sup_curves 
Added code to automatically populate supported ECC curve information
 2017-01-23 13:57:56 -08:00
David Garske
784ce57f45 Fix for TLSX_PopulateExtensions to not use #else HAVE_QSH case for populating supported curves. 2017-01-19 09:23:07 -08:00
David Garske
01f4a7b5bd Added code to automatically populate supported ECC curve information, unless already provided by user via wolfSSL_CTX_UseSupportedCurve or wolfSSL_UseSupportedCurve. 2017-01-18 11:54:43 -08:00
Moisés Guimarães
762064c292 fixes certificate status parsing, adds behavior for unknown status type. 2016-12-29 22:29:46 -02:00
toddouska
073aa95496 Merge pull request #678 from dgarske/cleanup_macros 
Cleanup min(), TRUE, FALSE, ALIGN16 and ALIGN32
 2016-12-29 11:19:05 -08:00
Jacob Barthelmeh
511f41b0e4 fix C++ compiler warnings for distro build 2016-12-27 14:38:14 -07:00
David Garske
3bec816f97 Cleanup min(), TRUE, FALSE, ALIGN16 and ALIGN32. Replace only use of BYTE3_LEN with OPAQUE24_LEN. Replace “ “ with “\t” (saves bytes and is consistent). Fix align issue with “WOLFSSL_EVP_MD_CTX” hash. 2016-12-21 14:05:00 -08:00
John Safranek
e80331e03a fix Windows debug build warning with secure renegotiation 2016-12-09 14:31:21 -08:00
toddouska
f167fe3d4a Merge pull request #625 from dgarske/tls_nosha256 
Fix to allow TLS with NO_SHA256
 2016-11-17 16:14:28 -08:00
Chris Conlon
49978d1417 server side empty renegotiation_info support 2016-11-14 15:33:36 -07:00
David Garske
82e8210208 Support for building without SHA256 with NO_OLD_TLS and SHA384/512. Although TLS 1.2 default digest for certs is SHA256 and our test cert signatures use SHA256, so make check will fail. Also requires disabling the P-RNG which uses SHA256. Added missing "wc_InitRng_ex" when using "CUSTOM_RAND_GENERATE_BLOCK". Cleanup of the BuildCertHashes, DoRounds, HashInput, HashOutput and HashOutputRaw return codes. 2016-11-14 12:47:24 -08:00
toddouska
87e3f45f52 add SCR client and server verify data check 2016-11-03 14:45:24 -07:00
toddouska
11102b6726 Merge pull request #585 from NickolasLapp/master 
Rename *Mutex Functions with wc_ prefix. Expose these functions for Stunnel.
 2016-10-12 11:19:32 -07:00
dgarske
81a8ad0a48 Merge pull request #587 from ejohnstown/seq64 
64-bit Sequence Number
 2016-10-04 06:01:26 -07:00
Nickolas Lapp
1792eba1a2 Rename *Mutex Functions with wc_ prefix. Expose these functions for 
Stunnel. Various other changes to enable stunnel compling
 2016-10-03 16:36:05 -06:00
John Safranek
12ac0346f5 change magic numbers to constants, rename verify parameter of WriteSEQ() and subfunctions 2016-10-03 13:51:10 -07:00
John Safranek
a839b61e81 initialize temp sequence number 2016-10-02 13:02:20 -07:00
John Safranek
4522fa335e Fixing DTLS for 64-bit sequence numbering 
1. Simplify away the DtlsState record.
2. Adding in high order bits for the DTLS sequence number.
3. For DTLS, separated copying the sequence number from incrementing it.
 2016-09-29 15:51:33 -07:00
Kaleb Himes
124a8c0c1f Merge pull request #582 from ejohnstown/lean-psk 
Fixes for building the library for Lean PSK
 2016-09-24 10:59:54 -06:00
John Safranek
8d1aa2238b Fixes for building the library for Lean PSK 
1. Needed to enable static PSK when using Lean PSK
2. Fixed complaints about unused variables.
 2016-09-24 00:18:36 -07:00
John Safranek
5e852dc1a1 Fixes for building the library with a C++ compiler with TLSX enabled 
1. Add many typecasts for malloc() data to proper pointer type.
2. Add many typecasts for constants in tertiary operators.
3. ECC to use local copy of wc_off_on_addr instead of extern copy.
 2016-09-23 23:22:58 -07:00
kaleb-himes
4fc0c6c646 fix unused parameter build time error 
fix unused parameter build time error
 2016-09-23 12:23:26 -06:00
JacobBarthelmeh
c43fd150e9 Static Analysis : fix a warning of unused variable 2016-09-22 09:31:26 -07:00
toddouska
21726d5ae4 64bit sequence tls proof of concept, dlts needs some work 2016-09-19 16:02:27 -07:00
John Safranek
b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon
e4f527a332 initial extended master secret support 2016-09-01 15:12:54 -06:00
toddouska
7a419ba6d8 Merge pull request #472 from dgarske/ecc_brainpool_koblitz 
ECC and TLS support for all SECP, Koblitz and Brainpool curves
 2016-07-19 11:44:53 -07:00
toddouska
c7b969b5b4 don't echo session id on blank ticket if we're going to create a new ticket 2016-07-13 18:45:10 -07:00
toddouska
5f21f93c61 allow bogus sessionID when ticket callback rejects ticket 2016-07-13 12:47:59 -06:00
David Garske
7a1acc7e56 Added TLS support for all SECP and Brainpool curves. Added ECC curve specs for all Brainpool, Koblitz and R2/R3. Adds new "HAVE_ECC_BRAINPOOL", "HAVE_ECC_KOBLITZ", "HAVE_ECC_SECPR2" and "HAVE_ECC_SECPR3" options. ECC refactor to use curve_id in _ex functions. NID and ECC Id's match now. Added ability to encode OID (HAVE_OID_ENCODING), but leave off by default and will use pre-encoded value for best performance. 2016-07-07 10:59:45 -07:00
David Garske
5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska
ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Ludovic FLAMENT
4215182945 fix macro error 2016-06-24 13:27:49 +02:00
Ludovic FLAMENT
0c43123a01 Fix BIO based on review 2016-06-24 10:54:58 +02:00
Jacob Barthelmeh
8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh
664d2190ba session ticket extension fix with static memory heap hint 2016-06-08 10:50:20 -06:00
Jacob Barthelmeh
e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh
2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Nickolas Lapp
0eb59d5c35 Fix rand num generation on MacOS, Improve organization with tic storage 2016-04-22 10:35:44 -06:00
Nickolas Lapp
c8b20d9090 Add support for dynamic session tickets, add openssl.test to testuiste 2016-04-22 10:35:44 -06:00
Jacob Barthelmeh
e60adfc9da better naming of macro and alter misc.c check 2016-03-29 13:42:40 -06:00
Jacob Barthelmeh
2665db73a4 check for compiling misc.c when not needed 2016-03-28 16:03:15 -06:00
Jacob Barthelmeh
e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00