wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-05 14:24:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,425 Commits 13 Branches 184 Tags
c619bfebdae686f887096ccdd891dfadc9caea94
Commit Graph

8425 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Aaron d658701350 Added NO_WOLF_C99 define, replaced sp.c with relevant sp_*.c, removed evp.c and bio.c from compiling seperately from ssl.c 2018-09-11 11:16:04 -05:00
Eric Blankenhorn 01dc018cda Make DecodedCert elements available with WOLFSSL_CERT_EXT 2018-09-11 10:41:12 -05:00
Chris Conlon 8060deb40a pass arguments through to Nucleus memory functions in 1.2 build 2018-09-11 09:26:12 -06:00
Sean Parkinson 330a7048c7 Add more compatability APIs. 
d2i_ECDSA_SIG, i2d_ECDSA_SIG, EVP_DigestVerifyInit,
EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_PKEY_id,
PEM_read_bio_PUBKEY
 2018-09-11 09:28:03 +10:00
David Garske f90b7d6c37 Merge pull request #1826 from embhorn/serialnumOID_new 
`wolfSSL_CTX_load_verify_chain_buffer_format` and device serial number OID
 2018-09-10 11:33:37 -07:00
David Garske 238f45d89d Fix for build with ./configure --enable-certext --enable-opensslextra. 2018-09-10 08:22:17 -07:00
David Garske f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
David Garske 2c5b0d82da Fix for dh_test to make sure the provided agree size is populated. This resolves issue with async and QuickAssist DH. 2018-09-10 07:13:52 -07:00
David Garske a2be7590d1 Fixes for NXP LTC support with K82. Fix for SHA384/512. Fix for AES CBC not storing previous IV. Fix for wc_AesSetKey arg check. Fix for AES GCM IV != 12 test. Changed LTC default in settings.h to not enable SHA512 and Ed/Curve25519. Tested using Rowley Crossworks v4.2.0 on a FRDM-K82F. There is an initial stack pointer issue with the arm-startup code here for Rowley still outstanding, but these fixes are valid as-is. 2018-09-10 07:13:32 -07:00
David Garske 8fdb6b79d0 Merge pull request #1824 from SparkiDev/tls_cam_no_aes 
Camellia is a block cipher in TLS - can't turn on AEAD only define
 2018-09-09 17:28:34 -07:00
Sean Parkinson f8ac5b5f71 Merge pull request #1819 from dgarske/fix_load_loc 
Fix for load location test to handle multiple failure codes
 2018-09-10 08:36:19 +10:00
Sean Parkinson 2d413c5bb8 Camellia is a block cipher in TLS - can't turn on AEAD only define 2018-09-10 08:18:03 +10:00
Takashi Kojo 0d44252608 error pass though build flag WOLFSSL_PASSTHRU_ERR 2018-09-08 10:19:31 +09:00
Takashi Kojo 902008f5ea refer unit_PassThrough flag at least once 2018-09-08 09:17:52 +09:00
Eric Blankenhorn 412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798) 
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
 2018-09-07 16:22:23 -07:00
David Garske 7d1ab5e9d2 Merge pull request #1817 from danielinux/fix-old-style-definitions 
Remove old-style function definitions
 2018-09-07 15:52:45 -07:00
David Garske 575382e5a9 Fix for load location test to handle multiple failure codes (failure may return ProcessFile error code or WOLFSSL_FAILURE). Moved expired certs and setup load location test for expired certs. 2018-09-07 15:30:30 -07:00
Takashi Kojo e677c32714 test file access functions 2018-09-08 07:27:33 +09:00
Takashi Kojo 294a22e938 flag to pass throug errors for correcting as many error information as possible. 2018-09-08 06:02:20 +09:00
David Garske c98f8842a3 Merge pull request #1816 from ejohnstown/ocsp-no-server 
OCSP Stapling/No Server Build
 2018-09-07 11:48:13 -07:00
Daniele Lacamera 27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
toddouska a7fb48e157 Merge pull request #1783 from dgarske/load_loc 
Enhanced load verify locations to support flags
 2018-09-06 17:00:09 -07:00
John Safranek 15be0aceed OCSP Stapling/No Server Build 
In the case of OCSP Stapling being enabled and NO_WOLFSSL_SERVER being
set, there was a spot where the ocsp_stapling list was still being
touched even though it is left out of the build. Just needed to add the
right #ifdefs.
 2018-09-06 16:56:09 -07:00
David Garske ed14b68c38 Merge pull request #1813 from ejohnstown/bitfield 
Bitfield Fixes
 2018-09-06 16:01:59 -07:00
John Safranek 5360faac9d Bitfield Fixes 
A couple flags were being implemented as bitfields from an int type.
GCC-8 is being more strict of type and value checking and is treating
single bit ints as both 1 and -1 and complaining about value changes.
Change the two int bitfields to use word16 bitfields as is the
pattern elsewhere.
 2018-09-06 13:46:00 -07:00
David Garske d9a6484b75 Fix to improve return code logic in wolfSSL_CTX_load_verify_locations_ex. 2018-09-06 13:01:44 -07:00
David Garske ae3d8d3779 * Fixed wolfSSL_CTX_load_verify_locations to continue loading if there is an error (ZD 4265). 
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
 2018-09-06 12:51:22 -07:00
David Garske d998d10f02 Merge pull request #1805 from dgarske/fix_csr 
Fix for CSR generation email value
 2018-09-05 19:44:41 -07:00
David Garske a7821e0d6d Merge pull request #1810 from quinnmiller1997/fp_mul_comba_7-typo 
Fixed typo in fp_mul_comba_7
 2018-09-05 19:43:47 -07:00
David Garske 30d968d6b0 Merge pull request #1811 from SparkiDev/tls_sig_ret 
Fix CheckCertSignature return to be remembered past ParseCertRelative
 2018-09-05 19:43:23 -07:00
Sean Parkinson a3cc2119d7 Fix CheckCertSignature return to be remembered past ParseCertRelative 2018-09-06 10:42:49 +10:00
Quinn Miller b8605fa544 Fixed typo in fp_mul_comba_7 2018-09-05 14:51:50 -06:00
kaleb-himes 0626338be2 Fix for HAVE_POLY1305 without one time auth 2018-09-05 14:41:57 -06:00
Chris Conlon 5ee09f77a1 Merge pull request #1796 from ghoso/e2studio 
add project files for Renesas e2studio
 2018-09-05 11:41:01 -06:00
David Garske d432d346aa Merge pull request #1809 from cconlon/stm32rngfix 
enable RNG clock when WOLFSSL_STM32F427_RNG is defined
 2018-09-04 17:21:01 -07:00
Eric Blankenhorn 28ad8e591d Adding comment for empty case in GetNameType 2018-09-04 18:08:40 -05:00
toddouska bac8b78a8c Merge pull request #1803 from SparkiDev/tfm_stack 
Small stack for fast math code
 2018-09-04 15:57:59 -07:00
toddouska d149795648 Merge pull request #1759 from dgarske/verifycbfail 
Fix to resolve issue with verify callback not causing an error
 2018-09-04 15:52:58 -07:00
toddouska 8e67ef33b2 Merge pull request #1799 from SparkiDev/cert_vfy_small 
Smaller dynamic memory usage in TLS
 2018-09-04 15:40:11 -07:00
toddouska 8584da60a8 Merge pull request #1802 from SparkiDev/tls13_0rtt_ch 
Group Early Data message with ClientHello for faster delivery
 2018-09-04 15:39:14 -07:00
toddouska e1c4d3f5e6 Merge pull request #1808 from ejohnstown/vali-date 
Validate Date
 2018-09-04 15:33:41 -07:00
Chris Conlon d3ea903c55 enable RNG clock when WOLFSSL_STM32F427_RNG is defined 2018-09-04 16:13:09 -06:00
John Safranek e730cda550 Validate Date 
The ValidateDate() function is wrapped by a macro so it may be replaced
in environments without ASN_TIME built in. In two cases, OCSP and CRL,
ValidateDate() is called directly instead of by the macro. This change
fixes that.
 2018-09-04 13:39:26 -07:00
Sean Parkinson 17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
Sean Parkinson 4b208f4fe5 Make grouping EarlyData and ClientHello a configuration option 2018-09-03 08:48:28 +10:00
Sean Parkinson 4d0478a287 Fix fp_div_2d to return remainder correctly 
If a == c are then a and c don't equal d:
calculate d before c
If a != c then a doesn't change in calculating c:
calculate d after c
 2018-09-03 08:32:55 +10:00
David Garske d2b9b230a0 Added additional verify callback override test cases. 2018-08-31 16:26:51 -07:00
David Garske 6171e29fe8 Fix for CSR generation after PR (https://github.com/wolfSSL/wolfssl/pull/1734). This resolves issue with email name in CSR. (Thanks to Forum post https://www.wolfssl.com/forums/post4137.html). 
Failed examples:

```
145:d=5  hl=2 l=  16 prim: EOC
      0000 - 69 6e 66 6f 40 77 6f 6c-66 73 73 6c 2e 63 6f 6d   info@wolfssl.com
```

```
SET {
138  23:         SEQUENCE {
140   3:           OBJECT IDENTIFIER objectClass (2 5 4 0)
       :             Error: Spurious EOC in definite-length item.
```

Success Examples:

```
140:d=5  hl=2 l=   9 prim: OBJECT            :emailAddress
  151:d=5  hl=2 l=  16 prim: IA5STRING         :info@wolfssl.com
```

```
SET {
138  29:         SEQUENCE {
140   9:           OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1)
151  16:           IA5String 'info@wolfssl.com'
```
 2018-08-31 11:20:04 -07:00
Sean Parkinson 41ab3d91fd Small stack for fast math code 
Any large stack usages have been changed to dynamic memory allocations
when WOLFSSL_SMALL_STACK is defined.
Modified functions to return error codes.
 2018-08-31 17:55:49 +10:00
Go Hosohara 697c61af35 correct typo in IDE/include.am 2018-08-31 14:57:16 +09:00