wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 20:29:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,708 Commits 12 Branches 184 Tags
c03c10e1d4a422aeab5845380350ecf656e3af36
Commit Graph

7708 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacob Barthelmeh
c03c10e1d4 move location of wolfSSL_d2i_RSA_PublicKey to fix x509 small build 2018-06-14 14:38:15 -06:00
toddouska
139a08a98e Merge pull request #1621 from SparkiDev/tls13_no_cs 
Allow NO_WOLFSSL_CLIENT/SERVER to compile and pass tests
 2018-06-14 09:08:13 -07:00
toddouska
aa01fd8adf Merge pull request #1619 from JacobBarthelmeh/HardwareAcc 
RAW hash function APIs not supported with ARMv8 build
 2018-06-13 16:07:53 -07:00
toddouska
15348d4936 Merge pull request #1612 from dgarske/fixmatchdomainname 
Fixes for `MatchDomainName` to properly detect failures
 2018-06-13 13:13:52 -07:00
David Garske
61056829c5 Added success test cases for domain name match (SNI) in common name and alternate name. 2018-06-13 09:26:54 -07:00
Sean Parkinson
a03c15e598 Allow NO_WOLFSSL_CLIENT/SERVER to compile and pass tests 2018-06-13 11:42:16 +10:00
toddouska
e60262cbf1 Merge pull request #1604 from TimParrish/addAMDFunk 
Update cpuid.c to optimize intelasm for performance on AMD processors
 2018-06-12 16:19:33 -07:00
David Garske
8fa1592542 Fix to use SHA256 for the self-signed test certificates. 2018-06-12 16:12:29 -07:00
Jacob Barthelmeh
9dc560dd01 RAW hash function APIs not supported with ARMv8 build 2018-06-12 16:45:38 -06:00
David Garske
1f16b36402 Fixes for MatchDomainName to properly detect failures: 
* Fix `MatchDomainName` to also check for remaining len on success check.
* Enhanced `DNS_entry` to include actual ASN.1 length and use it thoughout (was using XSTRLEN).

Added additional tests for matching on domain name:
* Check for bad common name with embedded null (CN=localhost\0h, Alt=None) - Note: Trouble creating cert with this criteria
* Check for bad alternate name with embedded null (CN=www.nomatch.com, Alt=localhost\0h)
* Check for bad common name (CN=www.nomatch.com, Alt=None)
* Check for bad alternate name (CN=www.nomatch.com, Alt=www.nomatch.com)
* Check for good wildcard common name (CN=*localhost, Alt=None)
* Check for good wildcard alternate name (CN=www.nomatch.com, Alt=*localhost)
 2018-06-12 14:15:34 -07:00
Tim Parrish
9448b96afd updated change log 2018-06-12 14:15:57 -06:00
Tim Parrish
26835bef79 Updated README.md 2018-06-12 13:54:50 -06:00
Tim Parrish
1dd7f83752 Merge branch 'addAMDFunk' of https://github.com/TimParrish/wolfssl into addAMDFunk 2018-06-12 13:50:07 -06:00
John Safranek
af7b676405 Merge pull request #1602 from dgarske/compat_withnotls 
Fixes for building with openssl compatibility enabled and no SSL/TLS
 2018-06-12 12:25:32 -07:00
Tim
d043b2c559 Merge branch 'addAMDFunk' of github.com:TimParrish/wolfssl into addAMDFunk 2018-06-12 13:17:53 -06:00
Tim
d518e0b7f6 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into addAMDFunk 2018-06-12 13:16:01 -06:00
Tim Parrish
53b0d2cba3 updated readme to show that AMD processors are supported 2018-06-12 10:59:42 -06:00
David Garske
dac5f84f61 Fix build error with missing bio. Fix for pkey not being reset to NULL for d2i_PrivateKey failure case test. 2018-06-12 09:38:18 -07:00
David Garske
292e9535ae Fix for wolfSSL_ERR_clear_error to call wc_ClearErrorNodes when its available (mismatched macros), which was incorrectly causing test_wolfSSL_ERR_put_error to fail. Added test_wolfSSL_PEM_PrivateKey test for ECC based key. Refactored the RNG test to only run the reseed test if TEST_RESEED_INTERVAL is defined. This is the test that was causing the tests/api.c to take so long to complete. Will add this macro to the enable options test. 2018-06-12 09:38:18 -07:00
David Garske
9cbd2b00d4 Added test for PEM_read_bio_PrivateKey using BIO loaded using BIO_new_mem_buf. 2018-06-12 09:38:18 -07:00
David Garske
e1890a4b0e Added some bad argument checks on compatibility functions BIO_new_mem_buf and PEM_read_bio_PrivateKey. 2018-06-12 09:38:18 -07:00
David Garske
ad0a10441d Fixes for building with openssl compatibility enabled and no TLS client/server. 
Resolves issues building with:
`./configure --enable-opensslextra --disable-rsa --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`
`./configure --enable-opensslextra --disable-ecc --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`

Ticket 3872
 2018-06-12 09:38:18 -07:00
toddouska
39f3df0778 Merge pull request #1610 from SparkiDev/ed25519_priv 
Fix private-only keys and make them script generated
 2018-06-12 08:34:38 -07:00
toddouska
8ecb9aacd3 Merge pull request #1592 from SparkiDev/psk_test_fix 
Fix test to work with configurations not including AES-GCM
 2018-06-12 08:33:44 -07:00
toddouska
82550b2f8c Merge pull request #1617 from dgarske/fix_arduino 
Fixes for Arduino
 2018-06-12 08:31:51 -07:00
toddouska
cb8351c027 Merge pull request #1607 from SparkiDev/tls13_interop_ver 
Return TLS 1.3 draft version in ServerHello
 2018-06-12 08:30:48 -07:00
toddouska
766323e90f Merge pull request #1613 from SparkiDev/tls13_post_auth 
Fix post authentication for TLS 1.3
 2018-06-12 08:29:38 -07:00
toddouska
83ffb64cda Merge pull request #1599 from dgarske/pkcs7free 
Fixes for PKCS7 error case that might leak memory
 2018-06-12 08:28:19 -07:00
toddouska
3b74dbf86a Merge pull request #1609 from SparkiDev/tls13_time 
Don't include sys/time.h explicitly in tls13.c
 2018-06-12 08:27:43 -07:00
toddouska
2c8f89ae33 Merge pull request #1611 from kaleb-himes/AN_UP2 
Allow for wc_SetAltNamesBuffer call with larger than 16384 bytes
 2018-06-12 08:26:58 -07:00
toddouska
49b82456eb Merge pull request #1618 from cconlon/opensslcompat 
Align return values for EVP_DigestUpdate/Final for OpenSSL Compatibility
 2018-06-12 08:25:18 -07:00
toddouska
29410ada1e Merge pull request #1595 from SparkiDev/tls13_cipher_down 
Fix for downgrading from TLS 1.3 due to old cipher suite
 2018-06-12 08:24:26 -07:00
toddouska
f2a20c4232 Merge pull request #1573 from SparkiDev/tls_pad_vfy 
Constant time padding and HMAC verification in TLS
 2018-06-12 08:22:32 -07:00
toddouska
22ddd41b61 Merge pull request #1581 from ejohnstown/update-configure 
Update configure.ac
 2018-06-12 08:17:35 -07:00
Sean Parkinson
b7caab938e Fix post authentication for TLS 1.3 2018-06-12 09:49:23 +10:00
toddouska
35c8ba3188 Merge pull request #1601 from SparkiDev/ecdsa_sign 
Change ECDSA signing to use blinding.
 2018-06-11 14:13:24 -07:00
toddouska
637eaa08ba Merge pull request #1614 from SparkiDev/tls13_log_file 
Remove log file and change location to local
 2018-06-11 13:51:51 -07:00
Chris Conlon
a472325f89 return WOLFSSL_FAILURE on error from EVP_DigestUpdate() and EVP_DigestFinal() 2018-06-11 14:27:08 -06:00
Sean Parkinson
74d4a02542 Remove log file and change location to local 2018-06-11 15:00:17 +10:00
David Garske
cf9c352d91 Fixes for Arduino. Don't use C99 for Arduino. Enhanced the script to create as new folder in IDE/ARDUINO/wolfSSL. Updated README.md. 2018-06-08 14:27:54 -07:00
John Safranek
ce2f393bc7 Autoconf Update 
1. Remove many redundant macros.
2. Reorder several macros to more appropriate locations.
3. Several macros take lists of items to process, not just individual items. Combined duplicated macros' parameters into lists.
4. Some macros had unnecessary parameters.
5. Added some AX_REQUIRE_DEFINED() checks for the macros used.
6. Add cyassl/options.h to the AC_CONFIG_FILES list. It will be recreated from the template when running config.status the same as wolfssl/options.h
7. Remove the dist-dir rule from Makefile.am. This is prefering the process rather than automating that one step. Make dist will not run config.status.

* AC_PROG_CC must be before any macros that will try to compile for tests.
* AC_CHECK_SIZEOF takes a single type, no size values.
* Only one of the AC_CANONICAL_X macros are expanded. Removed AC_CANONICAL_BUILD since it is never actually used.
* Removed the AC_PROG_CXX and anything C++ related.
* Removed LT_LANG([C]) as it is the default and the C doesn't do anything.
 2018-06-08 10:47:14 -07:00
David Garske
e99fc3026d Fixed issue with MatchDomainName. Fixes issue #1606. This is a valid and confirmed bug report in v3.15.0. Applies to ./configure --enable-sni case with wolfSSL_CTX_UseSNI where common name has wildcards. Pushing fix for visibility now and will add test case. 2018-06-08 10:09:53 -07:00
kaleb-himes
1123beb2d2 Allow for wc_SetAltNamesBuffer call with larger than 16384 buffers at user discretion 2018-06-08 10:16:40 -06:00
toddouska
bea0e6142a Merge pull request #1608 from dgarske/maxcerfix 
Resolves issue with reassembling large certificates
 2018-06-08 08:25:14 -07:00
Sean Parkinson
5547a7b4bd Fix private-only keys and make them script generated 2018-06-08 17:38:11 +10:00
Sean Parkinson
587f4ae79e Don't include sys/time.h explicitly in tls13.c 2018-06-08 09:00:12 +10:00
David Garske
00ddeb07d8 Resolves issue with reassembling large certificates. The ProcessPeerCerts function was using the wrong max size check for certs. Built and test with ./configure CFLAGS="-DMAX_CERTIFICATE_SZ=20000". 2018-06-07 15:56:37 -07:00
Tim Parrish
c6e2585fbc added check for AMD processor to asm.c 2018-06-07 10:35:54 -06:00
Sean Parkinson
020b69aba0 Return TLS 1.3 draft version in ServerHello 2018-06-07 22:01:42 +10:00
David Garske
e673cdf2d2 Merge pull request #1594 from kojo1/openSSL-Compat-CRL-STORE 
FILE* to XFILE
 2018-06-06 16:34:59 -07:00