wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-04 02:40:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,928 Commits 13 Branches 184 Tags
a975ba9e97a2837d3389ffbc9f9441a97ca47c52
Commit Graph

414 Commits

Author SHA1 Message Date
David Garske 2c13ea9a67 Cleanup name conflicts with test.h cert files (by adding “File” to end). Fix memory leak in ecc_test_buffers function. 2017-04-06 15:54:59 -07:00
David Garske 34a4f1fae0 Move wolfCrypt test/benchmark to move static memory pool to global (not in stack). Fix wolfCrypt test wc_InitRng to use _ex with HEAP_HINT (when not FIPS). Added ability to use HAVE_STACK_SIZE with wolfCrypt test and benchmark. Cleanup of the benchmark_test function main wrapper. 2017-03-31 13:11:23 -07:00
David Garske 628f740363 Added support for inline CRL lookup when HAVE_CRL_IO is defined (shares code with OCSP lookup in io.c). Added http chunk transfer encoding support. Added default connection timeout value (DEFAULT_TIMEOUT_SEC) and new wolfIO_SetTimeout() API with HAVE_IO_TIMEOUT. Added generic wolfIO_ API’s for connect, select, non-blocking, read and write. Added new define USE_WOLFSSL_IO to enable access to new wolfIO_* socket wrappers even when WOLFSSL_USER_IO is defined. Moved all API declarations for io.c into new io.h header. Added HAVE_HTTP_CLIENT to expose HTTP API’s. Moved SOCKET_T and SOCKET_ defines into io.h. Added WOLFIO_DEBUG define to display request/responses. 2017-03-15 12:26:18 -07:00
Sean Parkinson 003e18ecbc Fixes for scan-build 2017-03-15 09:38:53 +10:00
David Garske 01f4a7b5bd Added code to automatically populate supported ECC curve information, unless already provided by user via wolfSSL_CTX_UseSupportedCurve or wolfSSL_UseSupportedCurve. 2017-01-18 11:54:43 -08:00
Sean Parkinson ba1315a499 Fixes from failure testing 2017-01-12 16:22:35 +10:00
Jacob Barthelmeh 091fc10147 adjust read ahead, some sanity checks and rebase 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh aabe456592 sanity checks, remove some magic numbers, TLS read ahead 2016-12-28 14:45:29 -07:00
Jacob Barthelmeh 79472e11a1 add bio.c to dist and implement wolfSSL_check_private_key , wolfSSL_get_server_random 2016-12-28 14:44:05 -07:00
David Garske 650ddb8d23 Fixes so make check works with NO_FILESYSTEM and FORCE_BUFFER_TEST. Example: ./configure CFLAGS="-DNO_FILESYSTEM -DFORCE_BUFFER_TEST" 2016-11-30 16:27:24 -08:00
Jacob Barthelmeh f7a951709f COMPAT. LAYER : get SSL client random bytes 2016-11-07 13:21:35 -07:00
toddouska 87e3f45f52 add SCR client and server verify data check 2016-11-03 14:45:24 -07:00
toddouska f191cf206e allow single threaded mode to share an RNG at WOLFSSL_CTX level 2016-09-16 13:35:29 -07:00
John Safranek b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon 0f0e0ca9a5 add extended master to example client 2016-09-01 15:17:46 -06:00
John Safranek aed68e1c69 1. Needed to tell the client to use sctp. 
2. Creating the example sockets needed the IPPROTO type.
 2016-08-26 19:58:36 -07:00
John Safranek 46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
David Garske 17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
David Garske 32b0303beb Fix build with "WOLFSSL_CALLBACKS" defined. 2016-08-05 14:06:58 -07:00
David Garske 5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Jacob Barthelmeh 49934a5c91 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-24 14:22:14 -06:00
Jacob Barthelmeh 0b91e000bb fix secure renegotiation build 2016-06-23 13:10:39 -06:00
Jacob Barthelmeh f6bbe845f5 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-22 09:14:53 -06:00
Jacob Barthelmeh ea71814518 Merge https://github.com/wolfSSL/wolfssl 2016-06-17 13:58:53 -06:00
John Safranek 2f9c9b9a22 Add cipher suite ECDHE-ECDSA-AES128-CCM 
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
   against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.

Tested against GnuTLS's client and server using the options:

    $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
    $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"

To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
 2016-06-13 14:39:41 -07:00
Jacob Barthelmeh e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
Jacob Barthelmeh 2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh 104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
Ludovic FLAMENT ed4f67058a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2016-05-20 21:51:13 +02:00
toddouska b8c0802e3c Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore 
Dtls multi core
 2016-05-17 17:39:18 -07:00
Jacob Barthelmeh 8c45cb1938 add DTLS session export option 2016-05-10 13:27:45 -06:00
Chris Conlon 8f3e1165a1 add Whitewood netRandom client library support 2016-05-05 15:31:25 -06:00
Chris Conlon 4b16600011 fix type comparison on 32bit for starttls, zero tmp buffer 2016-05-03 13:52:04 -06:00
John Safranek f9ab61db5d Merge pull request #402 from cconlon/starttls 
use send/recv instead of write/read with STARTTLS
 2016-05-02 17:19:50 -07:00
Chris Conlon a94383037c use send/recv instead of write/read with STARTTLS for winsock compatibility 2016-05-02 14:36:59 -06:00
toddouska 52d6fb575b Merge pull request #395 from cconlon/starttls 
add STARTTLS support to example client
 2016-04-29 14:24:08 -07:00
Chris Conlon 46addfb130 move example client STARTTLS into separate funcs 2016-04-28 14:21:33 -06:00
Chris Conlon 5abeeff919 add STARTTLS support to example client 2016-04-22 13:46:54 -06:00
Takashi Kojo cab1ebf2d6 move MDK5 current_time to test.h 2016-04-14 18:47:16 +09:00
Takashi Kojo 35c5353698 fixed current_time argument 2016-04-14 16:26:51 +09:00
Takashi Kojo cfd5af341b fixed test.c compile error and server.c/client.c/ssl.c warnings with MDK5 compiler. 2016-04-12 11:05:30 +09:00
kaleb-himes 1b7cd5cb06 consolidate handling of dead assignment warnings 2016-04-11 13:39:44 -06:00
kaleb-himes c6e9021732 scan-build warnings related to enable-psk, disable-asn,rsa,ecc 2016-04-11 11:13:26 -06:00
toddouska 63b1282e67 Merge pull request #335 from dgarske/asynccrypt 
Asynchronous crypto and wolf event support
 2016-03-30 20:12:41 -07:00
David Garske 4472152b18 Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files. 2016-03-30 15:15:38 -07:00
Jacob Barthelmeh 696169634e check return value of wolfSSL_set_fd 2016-03-25 13:59:04 -06:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske e1787fe160 Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo. 2016-03-17 13:31:03 -07:00
Jacob Barthelmeh 060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00