wolfssl

mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:59:54 +01:00

Author	SHA1	Message	Date
David Garske	3f1c3392e5	Fixes for build with opensslextra and 3072-bit cert buffers. Adds 3072-bit RSA public key der. Eliminates duplicate 3072-bit client cert/key.	2020-01-29 06:37:06 -08:00
David Garske	4d9dbc9ec3	Adds 3072-bit RSA tests using `USE_CERT_BUFFERS_3072`.	2020-01-21 22:16:54 -08:00
Carie Pointer	28cf563c76	Fixes from PR review: styling and formatting, remove duplicate code	2020-01-07 17:01:53 -07:00
Carie Pointer	ee13dfd878	Add Qt 5.12 and 5.13 support Co-Authored-By: aaronjense <aaron@wolfssl.com> Co-Authored-By: MJSPollard <mpollard@wolfssl.com> Co-Authored-By: Quinn Miller <quinnmiller1997@users.noreply.github.com> Co-Authored-By: Tim Parrish <timparrish@users.noreply.github.com>	2019-12-06 14:27:01 -07:00
toddouska	7a5c8f4e07	Merge pull request #2584 from SparkiDev/sp_rsa4096 SP now has support for RSA/DH 4096-bit operations	2019-11-18 15:38:47 -08:00
Sean Parkinson	411b130369	Add new 4096-bit cert and key to distribution	2019-11-14 09:13:24 +10:00
David Garske	2bae1d27a1	wolfSSL Compatibility support for OpenVPN * Adds compatibility API's for: * `sk_ASN1_OBJECT_free` * `sk_ASN1_OBJECT_num` * `sk_ASN1_OBJECT_value` * `sk_X509_OBJECT_num` * `sk_X509_OBJECT_value` * `sk_X509_OBJECT_delete` * `sk_X509_NAME_find` * `sk_X509_INFO_free` * `BIO_get_len` * `BIO_set_ssl` * `BIO_should_retry` (stub) * `X509_OBJECT_free` * `X509_NAME_get_index_by_OBJ` * `X509_INFO_free` * `X509_STORE_get0_objects` * `X509_check_purpose` (stub) * `PEM_read_bio_X509_CRL` * `PEM_X509_INFO_read_bio` * `ASN1_BIT_STRING_new` * `ASN1_BIT_STRING_free` * `ASN1_BIT_STRING_get_bit` * `ASN1_BIT_STRING_set_bit` * `DES_check_key_parity` * `EC_GROUP_order_bits` * `EC_get_builtin_curves` * `EVP_CIPHER_CTX_cipher` * `EVP_PKEY_get0_EC_KEY` * `EVP_PKEY_get0_RSA` * `EVP_PKEY_get0_DSA` (stub) * `HMAC_CTX_new` * `HMAC_CTX_free` * `HMAC_CTX_reset` * `HMAC_size` * `OBJ_txt2obj` * `RSA_meth_new` * `RSA_meth_free` * `RSA_meth_set_pub_enc` * `RSA_meth_set_pub_dec` * `RSA_meth_set_priv_enc` * `RSA_meth_set_priv_dec` * `RSA_meth_set_init` * `RSA_meth_set_finish` * `RSA_meth_set0_app_data` * `RSA_get_method_data` * `RSA_set_method` * `RSA_get0_key` * `RSA_set0_key` * `RSA_flags` * `RSA_set_flags` * `RSA_bits` * `SSL_CTX_set_ciphersuites` * `SSL_CTX_set_security_level` (stub) * `SSL_export_keying_material` (stub) * `DSA_bits` (stub) * Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505. * Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`. * Cleanup of "sk" compatibility.	2019-11-11 14:58:23 -08:00
David Garske	644e7a8f45	Fixes for PKCS8 w/wo encryption as DER/ASN.1. Fixes for building with `--disable-oldnames`. Fix to enable the PKCS8 enc test without openssl comat. Added additional PKCS8 tests.	2019-08-19 16:27:46 -07:00
David Garske	51251bc421	Fix for ssl23.h include for openssl compat with cyassl.	2019-04-01 11:10:29 -07:00
David Garske	c7b5f772aa	Add missing cert to include.am for make dist, which is required for `./gencertbuf.pl`.	2019-04-01 10:09:34 -07:00
Jacob Barthelmeh	ec28376e7f	add PKCS7 BER verify test and fix for streaming	2019-02-06 11:05:15 -07:00
David Garske	59a3b4a110	New tests for cert chains, alternate cert chains, trusted peer certs and DH prime cleanup: * Added ECC and RSA intermediate CA's and server/client chain certificates for testing. * Enhanced suites test to support expected fail arg `-H exitWithRet` in any test .conf file. * Added new `test-altchains.conf` for testing with `WOLFSSL_ALT_CERT_CHAINS` defined. * Added new `test-chains` for testing chains. * Added new `test-dhprime.conf` for DH prime check tests. * Added new `test-trustedpeer.conf` for testing `WOLFSSL_TRUST_PEER_CERT`. * Refactor to add `-2` to disable DH prime check by default (except for new test-dhprime.conf). * Added ability to run a specific test.conf file using syntax like `./tests/unit.test tests/test-altchains.conf`.	2018-12-21 09:54:55 -08:00
Sean Parkinson	95bd340de5	Add support for more OpenSSL APIs Add support for PEM_read and PEM_write Add OpenSSL PKCS#7 signed data support Add OpenSSL PKCS#8 Private key APIs Add X509_REQ OpenSSL APIs	2018-11-20 07:54:24 +10:00
Jacob Barthelmeh	cc3ccbaf0c	add test for degenerate case and allow degenerate case by default	2018-10-30 17:04:33 -06:00
David Garske	8b529d3d57	Add test for ECC private key with PKCS 8 encoding (no crypt) and `-----BEGIN EC PRIVATE KEY-----` header.	2018-10-17 10:01:29 -07:00
David Garske	ed1c56a4fc	Benchmark support for 3072-bit RSA and DH when `USE_CERT_BUFFERS_3072` is defined.	2018-06-22 09:30:33 -07:00
John Safranek	f1588e0ad9	Fix Cert Includes 1. Added files that were missing from the certs directory include.am files. 2. Fixed the duplicate items in the certs directory's include.am files. 3. Reorganized the certs directory include.am files to be a tree.	2018-05-31 17:38:47 -07:00
John Safranek	8a61b7303a	Remove execute bit from a few files.	2018-05-31 10:14:47 -07:00
Sean Parkinson	9358edf5dd	Fixes from code review Include new private key files in release. Set messages field to NULL after free.	2018-05-24 08:43:28 +10:00
Jacob Barthelmeh	62b8c0c3fd	add test case for order of certificates with PKCS12 parse	2018-02-07 16:52:39 -07:00
David Garske	024c8725ad	Testing improvements for cert gen and TLS cert validation: * Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled. * Added new ECC CA for 384-bit tests. * Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem) * Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL. * Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`. * Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function. * Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack). * Cleanup to combine all certificate subject information into global `certDefaultName`. * Updated cert request info to use wolfSSL instead of Yassl. * Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`. * Re-number error codes in rsa_test. * Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.	2017-10-19 16:17:51 -07:00
Sean Parkinson	f724206e37	Add test for 3072-bit RSA and DH and fix modexp	2017-10-17 08:36:39 +10:00
Sean Parkinson	13c4fe6cc4	Add test	2017-06-14 09:44:26 +10:00
Sean Parkinson	1db52f0c04	Fix to use different PEM header for EDDSA keys Include new cert and key files in distribution Fix compile issue when only doing TLS13.	2017-06-08 09:26:49 +10:00
Sean Parkinson	ff4fcf21d6	Add test for private key only ecc key	2017-05-15 10:04:42 +10:00
Sean Parkinson	4d77e80d04	Fix loading of CRLs and certs. Change function wolfSSL_X509_LOOKUP_load_file to load multiple CRLs and certificates from a file. Change CRL loading to have a flag to not verify CRL signature - only do this when using wolfSSL_X509_LOOKUP_load_file() as the certificate is not always available. Add test case for loading multiple CRLs in one file without certificate.	2017-05-15 10:04:42 +10:00
toddouska	d8261796a6	Merge pull request #813 from cconlon/addcert add server-keyPkcs8.der to include.am	2017-03-22 14:58:22 -07:00
Chris Conlon	c46eb36b4e	add server-keyPkcs8.der to include.am	2017-03-21 09:53:24 -06:00
Jacob Barthelmeh	3f33f2b995	add duplicate policy OID cert to dist	2017-03-16 15:49:40 -06:00
Sean Parkinson	5c9eedbf69	Fixes from merge of test coverage changes Include new certificates in distribution. Casting changes for clang. Extra error code - recognize in test.	2017-03-10 09:15:18 +10:00
Jacob Barthelmeh	2daeecdb90	BIO s_socket and BN mod exp	2016-12-28 14:45:29 -07:00
Chris Conlon	41f6863970	add missing certs and keys to certs/include.am	2016-12-14 09:46:41 -07:00
David Garske	039aedcfba	Added "wolfSSL_use_certificate_chain_buffer_format". Added "wolfSSL_SESSION_CIPHER_get_name" to get cipher suite name using WOLFSSL_SESSION*. Moved the "wolfSSL_get_cipher_name_from_suite" function to internal.c. Added new server-cert-chain.der, which is combination of ca-cert.der and server-cert.der. Enhanced load_buffer to detect format using file extension. Can test use of DER cert chain with NO_FILESYSTEM defined using "./examples/server/server -c ./certs/server-cert-chain.der -k ./certs/server-key.der".	2016-11-30 16:26:02 -08:00
Jacob Barthelmeh	b686deecbe	PKCS12 : Add PKCS12 parsing	2016-10-29 13:12:26 -06:00
John Safranek	74002ce66a	Add the new path length test certs to include.am.	2016-09-21 12:34:01 -07:00
John Safranek	ef9c4bf5c9	Add client-ca.pem to the automake include for dist.	2016-09-15 15:38:41 -07:00
toddouska	088467d312	fix autoconf with new certext files	2015-09-11 14:10:11 -07:00
toddouska	9f7209b484	add new certs to include.am	2015-07-23 16:37:37 -07:00
toddouska	47ba1368c2	add wolfssl website ca, go daddy class2 CA	2015-04-28 14:15:31 -07:00
toddouska	3072edb696	add compressed key support	2014-08-29 14:25:58 -07:00
Chris Conlon	d875931a3f	hook new DER files into include.am	2014-07-01 11:20:39 -06:00
Brian Aker	1be873533e	This adds support for "make rpm"	2012-10-20 04:42:34 -04:00
toddouska	08ff33894f	add ECDH static cipher suite tests including RSA signed ECDH, clean up code with haveECDSA -> haveECDSAsig	2012-08-08 15:09:26 -07:00
toddouska	0aea2607b5	don't install example certs and keys	2012-05-23 10:28:02 -07:00
toddouska	306a2013a9	ecc client cert dist	2012-05-08 11:38:31 -07:00
toddouska	e82516ad2a	fix ecc pkcs8 import	2011-12-01 13:10:01 -08:00
toddouska	948a901cfc	add DH param setting by file and buffer, by ctx too	2011-11-01 14:05:14 -07:00
toddouska	1cd6935dc9	change all test keys to 2048 bit, all sigs to SHA-1	2011-10-24 11:41:25 -07:00
Todd A Ouska	5d49bf7cb0	Brian Aker commits plus some minor changes like AM_CFLAGS getting AC_SUBST and --enable-xxx #ifdef to new header layout	2011-08-24 15:54:58 -07:00

49 Commits