wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 00:09:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,305 Commits 12 Branches 184 Tags
b82a529ec2ee5ca2f86bd2f0d06d65c45ca1578a
Commit Graph

1298 Commits

Author SHA1 Message Date
David Garske
b82a529ec2 Cleanup to move the secret length to ssl.h so its accessible for the compatability layer as well. 2017-10-17 09:56:34 -07:00
David Garske
aab1e060a0 Minor openssl compatability layer improvements to AES, MD5 and SSL. 2017-10-17 09:50:25 -07:00
David Garske
02ee22e73b Support for mapping to new names with old for FIPS build. Fix to revert HMAC SHA224 type check, since SHA224 type isn't in FIPS wolfCrypt. 2017-10-16 09:57:22 -07:00
toddouska
2c2217fcdc Merge pull request #1181 from dgarske/cert_serial 
Certificate serial number enhancements
 2017-10-13 09:22:11 -07:00
toddouska
b79b816276 Merge pull request #1168 from dgarske/ctx_get_cm 
Add method to get WOLFSSL_CTX certificate manager
 2017-10-13 09:13:54 -07:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
toddouska
04106a0089 Merge pull request #1174 from dgarske/ocsp_cb_ctx 
Improvement to `wolfSSL_SetOCSP_Cb` to allow context per WOLFSSL object
 2017-10-12 10:02:49 -07:00
David Garske
34cac68f81 Added wolfCrypt test example for setting a custom serial number. Changed CTC_SERIAL_SIZE to 16 (more common max). 2017-10-11 19:16:58 -07:00
David Garske
6548f32ee0 Enhancement to allow a serial number to be customized via Cert.serial and Cert.serialSz for cert request or generation. Fix to make sure serial number is always postive and has no leading zeros. Increase the size of the certificate serial number to 20 bytes. 2017-10-11 17:21:26 -07:00
David Garske
6021c37ec7 Refactor WOLF_SSL_ to WOLFSSL_ (much better). 2017-10-11 09:10:43 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
David Garske
280de41515 Improvement to wolfSSL_SetOCSP_Cb to set the context per WOLFSSL object (callback functions are same). Adding API unit tests next. 2017-10-06 12:18:21 -07:00
David Garske
dcf61bd10e Added new API wolfSSL_CTX_GetCertManager for getting the WOLFSSL_CTX certificate manager. 2017-10-03 08:46:15 -07:00
Jacob Barthelmeh
8cd0b7dfc7 fix for wolfSSL_ASN1_TIME_print function 2017-09-28 15:30:46 -06:00
JacobBarthelmeh
09e92c518d Merge pull request #1163 from cconlon/mysql_sha 
Add returns to OpenSSL compatibility SHA functions
 2017-09-28 13:12:14 -06:00
JacobBarthelmeh
3b12b7223a Merge pull request #1160 from dgarske/asn_extkeyusage 
ASN Extended Key Usage Support
 2017-09-28 11:31:04 -06:00
Chris Conlon
eff781c0aa add int return to OpenSSL compatibility MD5 functions 2017-09-28 11:12:18 -06:00
JacobBarthelmeh
c836724685 Merge pull request #1162 from cconlon/mysql_compat 
wolfSSL_ERR_peek_error() with WOLFSSL_MYSQL_COMPATIBLE
 2017-09-28 09:51:07 -06:00
JacobBarthelmeh
fd9b2d3b8d Merge pull request #1116 from dgarske/stm32_hash 
Fixes for STM32 hardware acceleration
 2017-09-28 09:35:36 -06:00
Chris Conlon
ef141c3ce9 add int return to OpenSSL compatibility SHA functions 2017-09-27 14:28:19 -06:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
David Garske
9eb7e2aafa ASN1 Extended Key Usage support. Adds new wc_SetExtKeyUsage() API. Available only with --enable-certext or WOLFSSL_CERT_EXT. 2017-09-26 12:05:46 -07:00
Koichi Tsujino
e8f95b9252 add EVP_get_cipherbynid 2017-09-26 08:58:36 +09:00
dgarske
8f3aa49ef6 Merge pull request #1149 from ejohnstown/aesgcm-init 
AES-GCM-NI Init
 2017-09-25 16:13:55 -07:00
Chris Conlon
46f7e786cb exclude wolfSSL_SSL_get0_session when NO_SESSION_CACHE is defined 2017-09-25 14:07:17 -06:00
John Safranek
0ced1f4847 AESGCM Init 
1. Update the AES-GCM with AES-NI 128-bit constant initializers so they work on both GCC/Clang and MSC.
* MSC uses a union for the type where the first member is a 16-byte array.
* GCC/Clang uses a 16-byte vector masking as a long long array.
2. Disable AES-GCM loop unrolling for Windows, when using AES-NI in 32-bit mode.
 2017-09-22 15:28:47 -07:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
Jacob Barthelmeh
80333979a9 fix for wolfSSL_X509_NAME_get_text_by_NID 2017-09-20 17:31:53 -06:00
dgarske
2f96f1ae9f Merge pull request #1150 from kaleb-himes/HASH_DRBG_UPDATE 
Update HASH_DRBG Reseed mechanism and add test case
 2017-09-20 13:15:17 -07:00
dgarske
1c2199be24 Merge pull request #1137 from JacobBarthelmeh/Windows 
rename the file io.h to wolfio.h
 2017-09-20 11:34:33 -07:00
kaleb-himes
5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
Jacob Barthelmeh
3763b88397 rename the file io.h to wolfio.h 2017-09-20 10:53:11 -06:00
kaleb-himes
60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
David Garske
816767744f Fix for STM32 AES-CTR (tested on STM32F437). Improvement to the STM32 RNG code to detect improper RNG_CLK. Cleanup of the PIC32MZ Aes struct variables and the AES-CTR (tested on PIC32MZ2048). 2017-09-18 16:08:09 -07:00
John Safranek
2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
David Garske
dcab2f47ee Fixes for STM32 hardware acceleration. Adds CubeMX HAL hashing support for MD5, SHA1, SHA224 and SHA256. Adds support for STM32F7 (WOLFSSL_STM32F7). Fixes issue with AES-GCM and STM32F2. Cleanup of the STM32 macros (adds NO_STM32_HASH, NO_STM32_CRYPTO and NO_STM32_RNG to optionally disable hardware acceleration). 2017-09-15 10:39:09 -07:00
Jacob Barthelmeh
1b3a8f40b8 account for 8k keys with MySQL compatibility 2017-09-14 09:37:32 -06:00
toddouska
4c31c53f37 Merge pull request #1128 from JacobBarthelmeh/AES 
AES XTS feature addition
 2017-09-13 14:38:15 -07:00
Jacob Barthelmeh
398252ddad add XtsAes structure and change XTS-AES API 2017-09-08 16:00:33 -06:00
Jacob Barthelmeh
c482524b78 big endian testing and packing Aes struct 2017-09-01 15:32:55 -06:00
Jacob Barthelmeh
d48c940334 add comments for AES-XTS functions to aes.h 2017-08-30 17:52:26 -06:00
Jacob Barthelmeh
ef73c1df7c add AES-XTS mode --enable-xts 2017-08-30 17:50:15 -06:00
Sean Parkinson
e6cf3c88f2 Fix for the AVX implemetation of Poly1305 
Need one more multiple of r (0..6 instead of 0..5)
 2017-08-28 11:44:27 +10:00
Jacob Barthelmeh
71f4d546a8 add function to generate public ECC key from private key 2017-08-22 14:06:25 -06:00
toddouska
fbae4420ad Merge pull request #1110 from dgarske/pic32mz_largehash 
Fixes for PIC32MZ to support large hashing using hardware
 2017-08-22 09:24:05 -07:00
toddouska
c330c6b7f9 Merge pull request #1109 from JacobBarthelmeh/Testing 
fix check on ephemeral key type before free'ing
 2017-08-18 11:53:08 -07:00
toddouska
8a37af42bf Merge pull request #1108 from dgarske/fix_async_misc 
Fixes for async ECC encrypt, ParseCertRelative and API Unit test inits
 2017-08-18 11:44:28 -07:00
David Garske
74ed94ddb1 Fixes to support large hashing against HW without caching (in exclusive hardware access) Large hashing uses previous hash code with two descriptors and polling. Added wolfCrypt large hash tests for MD5, SHA and SHA256. Add missing MCAPI set size API's. Cleanup AES GCM large test. Changed MPLABX projects to default to PIC32MZ2048EFM144. 2017-08-18 11:25:30 -07:00
Jacob Barthelmeh
c6e722170e fix check on ephemeral key type before free'ing 2017-08-18 10:55:38 -06:00