wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 21:32:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,853 Commits 12 Branches 184 Tags
b29cd414efe5d8269b9da4968157cc24855e2b95
Commit Graph

2182 Commits

Author SHA1 Message Date
Sean Parkinson
7aee92110b Code review fixes 
Also put in configuration option for sending HRR Cookie extension with
state.
 2017-06-27 08:52:53 +10:00
Sean Parkinson
9ca1903ac5 Change define name for sending HRR Cookie 2017-06-27 08:37:55 +10:00
Sean Parkinson
8bd6a1e727 Add TLS v1.3 Cookie extension support 
Experimental stateless cookie
 2017-06-26 16:41:05 +10:00
toddouska
d017274bff Merge pull request #976 from levi-wolfssl/PemToDer-overflow-fix 
Fix potential buffer over-read in PemToDer()
 2017-06-22 10:07:11 -07:00
dgarske
06fa3de31c Merge pull request #980 from SparkiDev/tls13_0rtt 
TLS v1.3 0-RTT
 2017-06-22 09:44:41 -07:00
Sean Parkinson
207b275d24 Fix HelloRetryRequest for Draft 18 2017-06-22 14:40:09 +10:00
Sean Parkinson
08a0b98f52 Updates from code review 2017-06-22 12:40:41 +10:00
Levi Rak
a37808b32c Sanity checkes added 2017-06-21 17:14:20 -06:00
toddouska
9ead657723 Merge pull request #989 from dgarske/testing 
Fixes for CRL handling and possible false failure in `wolfSSL_CTX_load_verify_locations`
 2017-06-21 14:10:49 -07:00
toddouska
cd570a01f2 Merge pull request #975 from dgarske/ed_curve_small 
Allow different Ed25519/Curve25519 math versions
 2017-06-21 13:00:33 -07:00
Levi Rak
247388903b Remove double cast + move min() calls 2017-06-21 13:56:34 -06:00
David Garske
fec75e445e Fix for build error in master from QAT fixes in PR #967. Odd that this build error didn’t show up till just now. 2017-06-21 12:52:03 -07:00
David Garske
d75a9f2436 Fix for wc_ReadDirFirst to return non-zero value if no files found. Fix for wolfSSL_CTX_load_verify_locations to not return failure due to wc_ReadDirNext “no more files” -1 response. 2017-06-21 10:36:49 -07:00
David Garske
2f9f746053 Fix for CRL serial number matching to also check length. Fix for testing the verify callback override ‘-j’ to not enable CRL since the CA’s are not loaded for this test. 2017-06-21 10:36:49 -07:00
Sean Parkinson
decdf7ae8b Cleanup 2017-06-21 16:56:51 +10:00
Sean Parkinson
1549a60aa5 Put back Draft 18 code 2017-06-21 08:35:28 +10:00
Sean Parkinson
350ce5fcef TLS v1.3 0-RTT 2017-06-21 08:35:28 +10:00
toddouska
8b637cbd1b Merge pull request #967 from dgarske/fix_qat 
Fixes and Improvements for Intel QuickAssist
 2017-06-20 14:49:56 -07:00
Sean Parkinson
d5b1698c43 Fix for Nginx - return specific error when at end of file 2017-06-20 09:27:24 +10:00
David Garske
7fdb7037d8 Fixes for building Ed/Curve for building on 32/64 bit with uint64_t. Fixes for build with Ed/Curve with ECC disabled. 2017-06-19 10:09:12 -07:00
jrblixt
6a2824f199 Add Camellia unit test functions.. 2017-06-16 16:27:03 -06:00
Levi Rak
17936d65e0 please Jenkins + a bit of cleanup 2017-06-16 12:27:59 -06:00
Levi Rak
4389d271cc Fixed potential buffer overflows when configured with --enable-opensslextra 2017-06-16 11:02:06 -06:00
David Garske
3c173ba366 Enhancement to support different sized Curve/Ed math library implementations for FE/GE. Remains backwards compatible with CURVED25519_SMALL define. Adds new defines CURVE25519_SMALL and ED25519_SMALL to allow individual enabling of math library choice (_low_mem or _operations). Example: ./configure --enable-ed25519=small --enable-curve25519. 2017-06-16 09:41:10 -07:00
Jacob Barthelmeh
bb6582896d add sanity check for wolfSSL_X509_NAME_oneline function 2017-06-15 11:55:37 -06:00
David Garske
68439d4317 Completed refactor to cleanup dynamic types. Refined the tmp buffers to new types for more granularity. Fixed several places where malloc/free type was mis-matched. Cleanup of the PKCS12 code to improve cleanup handling. Fix wc_PKCS12_parse to return 0 on success else failure. 2017-06-14 15:11:43 -07:00
David Garske
88afc7a92f Progress on dynamic type cleanup for over-use of tmp_buffer. Increases performance on NUMA memory platform having ability to be more selective about the types that are NUMA allocated for use against QuickAssist hardware. 2017-06-14 15:11:43 -07:00
David Garske
40d94724eb Added async hardware support for p_hash (PRF). Fix BuildTls13HandshakeHmac to use async devId. Rename poor global variable names for rng with QSH/NTRU. 2017-06-14 15:11:43 -07:00
toddouska
b778ddfea2 Merge pull request #957 from SparkiDev/tls13_updates 
Tls13 updates
 2017-06-14 14:59:11 -07:00
JacobBarthelmeh
c283d4aece Merge pull request #962 from NickolasLapp/linux-sgx 
Add LINUX SGX Support for building of wolfSSL static library. See README
 2017-06-14 15:56:30 -06:00
toddouska
70eddc4336 Merge pull request #965 from cconlon/threadx 
ThreadX/NetX warning and optional dc_log_printf exclusion
 2017-06-14 14:56:12 -07:00
Sean Parkinson
89e6ac91bf Improve PSK timeout checks 
Post-handshake Authentication

Fix KeyUpdate to derive keys properly

Fix supported curves (not checking ctx extensions)
 2017-06-14 11:28:53 -07:00
Chris Conlon
ea9e4887e9 ThreadX/NetX warning and optional dc_log_printf exclusion 2017-06-14 11:12:27 -06:00
Nickolas Lapp
1e94868432 Add LINUX SGX Support for building of wolfSSL static library. See README 
in IDE/LINUX-SGX/README.md.
 2017-06-13 17:34:45 -07:00
David Garske
adf819458c Fixes for TLS 1.3 without ECC or RSA. Fix for building without ECC where HAVE_SUPPORTED_CURVES was getting defined because of ENABLED_TLSX. 2017-06-13 09:44:14 -07:00
David Garske
af2cbcdbab Added new arg documentation for asyncOkay in doxygen style. 2017-06-12 11:42:48 -07:00
David Garske
ce231e0cbc Fixes for asynchronous TLS 1.3. Fixes for PK_CALLBACKS with async. New helper API's for wolfSSL_CTX_GetDevId and wolfSSL_CTX_GetHeap. Fix for build to not include tls13.c if not enabled to suppress empty object file warning. Fix typo in fe_low_mem.c. General cleanup. Extra tls13.c debug messages. 2017-06-12 11:42:48 -07:00
toddouska
1d2b4226a4 Merge pull request #959 from SparkiDev/tls_pss_fix 
Fix check for PSS availability in peer
 2017-06-12 11:20:29 -07:00
toddouska
7cc455259e Merge pull request #941 from SparkiDev/ed25519 
ED25519 with certificates and TLS
 2017-06-12 10:47:21 -07:00
Sean Parkinson
8dbd9a88ee Fix for CCM - TLS v1.3 needs all nonce/IV bytes 2017-06-12 14:21:43 +10:00
Sean Parkinson
044417ba01 Fix for cache only SNI and TLS v1.3 2017-06-12 09:46:50 +10:00
Sean Parkinson
fdcf25b6d1 Fix check for PSS availability in peer 2017-06-12 09:05:32 +10:00
kaleb-himes
a00165768c Fix compile error, too many args with --enabl-wpas 2017-06-08 13:34:44 -06:00
Sean Parkinson
1db52f0c04 Fix to use different PEM header for EDDSA keys 
Include new cert and key files in distribution
Fix compile issue when only doing TLS13.
 2017-06-08 09:26:49 +10:00
Sean Parkinson
613d30bcae ED25519 TLS support 2017-06-08 09:26:49 +10:00
Sean Parkinson
5d5ff56336 External PSK working in TLS13 2017-06-07 17:20:22 +10:00
toddouska
26f106c42b Merge pull request #948 from SparkiDev/tls13_down 
Implement TLS v1.3 specified downgrade protection mechanism
 2017-06-05 16:17:49 -07:00
toddouska
af03b7a4ff Merge pull request #944 from SparkiDev/tls13_20 
Updates for Draft 20 of TLS v1.3
 2017-06-05 14:06:09 -07:00
Sean Parkinson
642795db1b Implement TLS v1.3 specified downgrade protection mechanism 
TLS v1.2 implementations whould implement the downgrade protection
mechanism too and so is included.
 2017-06-05 09:18:46 +10:00
David Garske
c55575665f Cleanup to use WANT_READ instead of async WC_PENDING_E for non-blocking OCSP and CRL. 2017-06-02 10:35:26 -07:00