wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 19:12:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,379 Commits 12 Branches 184 Tags
d8ef0d7df1229ced77adbecebdbfcb1227cefb42
Commit Graph

1355 Commits

Author SHA1 Message Date
David Garske
e8627f1f93 Fix issue with fp_s_rmap not being const. 2017-10-27 11:46:24 -07:00
David Garske
94e0b06b9f Fix build errors with configs for no ASN and no PKI with PSK. 2017-10-26 07:34:41 -07:00
JacobBarthelmeh
182028819d Merge pull request #1195 from dgarske/rel_fixes2 
Release updates for ec_point_formats and ASN1 SetSerialNumber bug
 2017-10-24 15:20:15 -06:00
toddouska
8a01d725da Merge pull request #1177 from dgarske/certreq_tests 
Testing improvements for cert gen and TLS cert validation
 2017-10-24 08:21:37 -07:00
toddouska
c0105b3008 Merge pull request #1175 from dgarske/cleanup_inlines 
Cleanup to consolidate the inline helpers
 2017-10-24 08:15:12 -07:00
David Garske
e0734d56df Fix to handle valid serial number with MSB set. Cleanup to consolidate max serial number length check. 2017-10-24 06:49:00 -07:00
David Garske
2dfad0918a Updated release notes for added ec_point_formats extension. Fix for setting serial number with random data where the MSB was cleared and resulted in a zero. Fix for build type mismatch error in wolfCrypt test with ed25519 and WOLFSSL_TEST_CERT defined. 2017-10-23 15:36:58 -07:00
David Garske
7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske
911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
toddouska
c5f80760a8 Merge pull request #1145 from JacobBarthelmeh/HardwareAcc 
init hardware acc. use of public RSA key with public key decode funct…
 2017-10-20 10:32:18 -07:00
David Garske
024c8725ad Testing improvements for cert gen and TLS cert validation: 
* Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled.
* Added new ECC CA for 384-bit tests.
* Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem)
* Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL.
* Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`.
* Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function.
* Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack).
* Cleanup to combine all certificate subject information into global `certDefaultName`.
* Updated cert request info to use wolfSSL instead of Yassl.
* Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`.
* Re-number error codes in rsa_test.
* Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.
 2017-10-19 16:17:51 -07:00
David Garske
5362d46da9 Fix issues building with inline disabled. 2017-10-18 14:26:34 -07:00
David Garske
7f2e6e1d8a Cleanup to consolidate the inline helpers like cto, ato and bto into misc.c. Relocate the word24 typedef into types.h. 2017-10-18 09:06:48 -07:00
toddouska
9bea6cca52 Merge pull request #1186 from SparkiDev/sha2_asm 
Fix SHA-256 Intel assembly code to work with 'fasthugemath'
 2017-10-18 08:51:05 -07:00
toddouska
9920bdf097 Merge pull request #1103 from SparkiDev/sp_rsa 
Single Precision maths for RSA, DH and ECC
 2017-10-18 08:44:47 -07:00
dgarske
1bf9d092af Merge pull request #1179 from ejohnstown/evp-aes 
EVP-AES
 2017-10-17 19:23:11 -07:00
Sean Parkinson
c0472a3a89 Fix SHA-256 Intel assembly code to work with 'fasthugemath' 2017-10-17 18:35:18 +10:00
Sean Parkinson
f724206e37 Add test for 3072-bit RSA and DH and fix modexp 2017-10-17 08:36:39 +10:00
Sean Parkinson
90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
David Garske
de34ec0f0c Fix scan-build report of possible use of unitialized output[i]. 2017-10-16 11:24:41 -07:00
David Garske
02ee22e73b Support for mapping to new names with old for FIPS build. Fix to revert HMAC SHA224 type check, since SHA224 type isn't in FIPS wolfCrypt. 2017-10-16 09:57:22 -07:00
toddouska
2c2217fcdc Merge pull request #1181 from dgarske/cert_serial 
Certificate serial number enhancements
 2017-10-13 09:22:11 -07:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
David Garske
6548f32ee0 Enhancement to allow a serial number to be customized via Cert.serial and Cert.serialSz for cert request or generation. Fix to make sure serial number is always postive and has no leading zeros. Increase the size of the certificate serial number to 20 bytes. 2017-10-11 17:21:26 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
John Safranek
09f8ddd0f0 EVP-AES 
1. Fixed using wolfSSL_EVP_CipherFinal() when a message's size is a round multiple of a block size. It wasn't adding the appropriate padding.
2. Update the EVP_Cipher test to call CipherUpdate and CipherFinal instead. It checks a message that is 24 bytes long and a second that is 16 bytes long.
 2017-10-10 13:44:06 -07:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
Sean Parkinson
898893fbcd Fix for MULX asm 2017-10-10 09:41:17 +10:00
Sean Parkinson
152c24f210 Fix aesni code for avx2 2017-10-05 13:02:33 +10:00
Takashi Kojo
918a5fd5a6 Merge pull request #1164 from SparkiDev/asm_mulx 
Get the multiplcation code using MULX to work consistently
 2017-09-30 09:51:03 +09:00
JacobBarthelmeh
3b12b7223a Merge pull request #1160 from dgarske/asn_extkeyusage 
ASN Extended Key Usage Support
 2017-09-28 11:31:04 -06:00
JacobBarthelmeh
c836724685 Merge pull request #1162 from cconlon/mysql_compat 
wolfSSL_ERR_peek_error() with WOLFSSL_MYSQL_COMPATIBLE
 2017-09-28 09:51:07 -06:00
JacobBarthelmeh
fd9b2d3b8d Merge pull request #1116 from dgarske/stm32_hash 
Fixes for STM32 hardware acceleration
 2017-09-28 09:35:36 -06:00
Sean Parkinson
0376a53f6b Get the multiplcation code using MULX to work consistently 2017-09-28 09:12:29 +10:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
Chris Conlon
4f15cde2eb Merge pull request #1155 from dgarske/fixes_pic32mz 
PIC32MZ minor build warning fixes
 2017-09-26 16:26:32 -06:00
David Garske
9eb7e2aafa ASN1 Extended Key Usage support. Adds new wc_SetExtKeyUsage() API. Available only with --enable-certext or WOLFSSL_CERT_EXT. 2017-09-26 12:05:46 -07:00
John Safranek
0ced1f4847 AESGCM Init 
1. Update the AES-GCM with AES-NI 128-bit constant initializers so they work on both GCC/Clang and MSC.
* MSC uses a union for the type where the first member is a 16-byte array.
* GCC/Clang uses a 16-byte vector masking as a long long array.
2. Disable AES-GCM loop unrolling for Windows, when using AES-NI in 32-bit mode.
 2017-09-22 15:28:47 -07:00
JacobBarthelmeh
763d5f26c7 Merge pull request #1031 from dgarske/math_update 
Math updates
 2017-09-22 15:26:34 -06:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
David Garske
4a510218c2 Tested PPC32 with TFM_PPC32. Fixed warning with possible uninitialized use of sc0, sc1 and sc2. 2017-09-22 11:37:00 -07:00
David Garske
a2ed22286f Adds TFM_MIPS (tested on PIC32MZ2048EFM144 with XC32 v1.44). Adds check for mp_read_radix to return failure for invalid character. Adds checking for s_mp_sub response code. Improved mp_init_copy error handling. Improved init to use size where applicable. Asm PPC 32 changes to add r to register. Asm formatting cleanups. 2017-09-22 09:48:35 -07:00
David Garske
3f493770d4 Fixes bug with creation of the KeyUsage BitString which was always adding the optional second byte reguardless of len, which created invalid ASN if value provided was less than 256. Bug was introduced with ASN refactor in commit fd9e41dd99. 2017-09-20 15:00:24 -07:00
dgarske
2f96f1ae9f Merge pull request #1150 from kaleb-himes/HASH_DRBG_UPDATE 
Update HASH_DRBG Reseed mechanism and add test case
 2017-09-20 13:15:17 -07:00
kaleb-himes
5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
dgarske
5e6213bfa1 Merge pull request #1140 from JacobBarthelmeh/RSA-fix 
account for 8k keys with MySQL compatibility
 2017-09-20 10:05:32 -07:00
dgarske
28c15bed1c Merge pull request #1141 from SparkiDev/chacha_avx1 
Fix ChaCha to check for AVX1
 2017-09-20 09:57:20 -07:00
kaleb-himes
60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
David Garske
4d8e1c9e5a Minor build fixes for unused function and variable. 2017-09-19 12:48:57 -07:00
David Garske
816767744f Fix for STM32 AES-CTR (tested on STM32F437). Improvement to the STM32 RNG code to detect improper RNG_CLK. Cleanup of the PIC32MZ Aes struct variables and the AES-CTR (tested on PIC32MZ2048). 2017-09-18 16:08:09 -07:00