wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 17:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,813 Commits 12 Branches 184 Tags
decdf7ae8beaaddb77225aec35c081f01fc3b737
Commit Graph

1067 Commits

Author SHA1 Message Date
Sean Parkinson
decdf7ae8b Cleanup 2017-06-21 16:56:51 +10:00
Sean Parkinson
350ce5fcef TLS v1.3 0-RTT 2017-06-21 08:35:28 +10:00
toddouska
8b637cbd1b Merge pull request #967 from dgarske/fix_qat 
Fixes and Improvements for Intel QuickAssist
 2017-06-20 14:49:56 -07:00
jrblixt
6a2824f199 Add Camellia unit test functions.. 2017-06-16 16:27:03 -06:00
David Garske
68439d4317 Completed refactor to cleanup dynamic types. Refined the tmp buffers to new types for more granularity. Fixed several places where malloc/free type was mis-matched. Cleanup of the PKCS12 code to improve cleanup handling. Fix wc_PKCS12_parse to return 0 on success else failure. 2017-06-14 15:11:43 -07:00
David Garske
88afc7a92f Progress on dynamic type cleanup for over-use of tmp_buffer. Increases performance on NUMA memory platform having ability to be more selective about the types that are NUMA allocated for use against QuickAssist hardware. 2017-06-14 15:11:43 -07:00
Sean Parkinson
89e6ac91bf Improve PSK timeout checks 
Post-handshake Authentication

Fix KeyUpdate to derive keys properly

Fix supported curves (not checking ctx extensions)
 2017-06-14 11:28:53 -07:00
David Garske
ce231e0cbc Fixes for asynchronous TLS 1.3. Fixes for PK_CALLBACKS with async. New helper API's for wolfSSL_CTX_GetDevId and wolfSSL_CTX_GetHeap. Fix for build to not include tls13.c if not enabled to suppress empty object file warning. Fix typo in fe_low_mem.c. General cleanup. Extra tls13.c debug messages. 2017-06-12 11:42:48 -07:00
toddouska
1d2b4226a4 Merge pull request #959 from SparkiDev/tls_pss_fix 
Fix check for PSS availability in peer
 2017-06-12 11:20:29 -07:00
Sean Parkinson
fdcf25b6d1 Fix check for PSS availability in peer 2017-06-12 09:05:32 +10:00
Sean Parkinson
613d30bcae ED25519 TLS support 2017-06-08 09:26:49 +10:00
toddouska
26f106c42b Merge pull request #948 from SparkiDev/tls13_down 
Implement TLS v1.3 specified downgrade protection mechanism
 2017-06-05 16:17:49 -07:00
Sean Parkinson
642795db1b Implement TLS v1.3 specified downgrade protection mechanism 
TLS v1.2 implementations whould implement the downgrade protection
mechanism too and so is included.
 2017-06-05 09:18:46 +10:00
David Garske
c55575665f Cleanup to use WANT_READ instead of async WC_PENDING_E for non-blocking OCSP and CRL. 2017-06-02 10:35:26 -07:00
David Garske
b3a85bc2c7 Fixes for OCSP and CRL with non-blocking sockets. Fix for OCSP and CRL file descriptor check to allow 0. 2017-06-02 09:36:35 -07:00
toddouska
6b09a7c6e1 Merge pull request #922 from SparkiDev/tls_pss 
TLS v1.2 and v1.3 RSA PSS
 2017-05-23 14:57:10 -07:00
toddouska
9f5f1dd00f Merge pull request #936 from SparkiDev/cplusplus 
Compiling with g++ when configured with --enable-distro
 2017-05-22 16:02:56 -07:00
toddouska
19edd47018 Merge pull request #917 from SparkiDev/tls_curve25519 
Enable X25519 for Key Exchange in TLS
 2017-05-22 16:00:00 -07:00
Sean Parkinson
15a2323c09 Compiling with g++ when configured with --enable-distro 2017-05-22 10:14:02 +10:00
Sean Parkinson
4390f4c711 TLS v1.2 and PSS 
Cleanup the TLS v1.3 PSS code as well.
Added RSA API wc_RsaPSS_CheckPadding() to check the padding - no longer
a simple memcmp with the digest.
 2017-05-19 11:49:43 +10:00
David Garske
d61e0243a3 Fixes for building AES key wrap and PKCS7 on Windows. Cleanup snprintf to use XSNPRINTF and changed so define is always setup. 2017-05-18 14:44:19 -07:00
Sean Parkinson
9fb6373cfb Get PSS going on server side 2017-05-18 15:36:01 +10:00
Sean Parkinson
63a6618feb Enable X25519 for Key Exchange in TLS 2017-05-17 08:58:12 +10:00
toddouska
3297280e62 Merge pull request #913 from JacobBarthelmeh/Compatibility-Layer 
allow re-using WOLFSSL structure after calling shutdown
 2017-05-12 16:50:14 -07:00
toddouska
dcd3a6a478 Merge pull request #907 from dgarske/fix_verifycb 
Fixes for verify callback override
 2017-05-12 16:45:55 -07:00
Jacob Barthelmeh
0374907acc allow re-using WOLFSSL structure after calling shutdown 2017-05-12 13:54:20 -06:00
David Garske
562db08c3d Implemented strict switch fall-through handling using new macro FALL_THROUGH. 2017-05-11 15:15:19 -07:00
toddouska
ce42738198 Merge pull request #900 from dgarske/coverity_part3 
Coverity fixes for TLS 1.3, async, small stack and normal math.
 2017-05-11 13:05:53 -07:00
toddouska
5c652e398f Merge pull request #896 from dgarske/async_cleanups 
Fixes for async and smallstack
 2017-05-11 13:05:25 -07:00
David Garske
2efa7d5b8b Fix for verify callback override, peerVerifyRet code on success and ensuring DOMAIN_NAME_MISMATCH error gets passed down in ECDSAk case. Added unit test case to verify callback override works. Fixes issue #905 and issue #904. Fix for async build goto label typo. 2017-05-11 12:23:17 -07:00
Sean Parkinson
22ce2f183d Interop testing fixes 
Fix TLS13 cipher suite name to CHACHA20
Include SignatureAlgorithm in older versions of TLS when compiling for
TLS v1.3.
BIT STRING unused bits doesn't necessarily indicate last unused bit.
Fix ecc_dsa_sa_algo value.
 2017-05-11 10:42:09 +10:00
Sean Parkinson
ec6d8f48b8 Add PSS for TLS v1.3 2017-05-10 17:22:53 +10:00
David Garske
e8cf4b5ff0 Coverity fixes for TLS 1.3, async, small stack and normal math. 2017-05-09 09:13:21 -07:00
David Garske
5726c23d81 Fix for scan-build warning with ret not being read in DoServerHello. 2017-05-06 14:00:24 -07:00
David Garske
011178994b Fix typos with goto exit labels and heap. 2017-05-06 00:32:02 -04:00
David Garske
af0103bc94 Fix for Valgrind memory leak with the “ssl->hsHashes”. The DTLS wolfSSL_connect for “IsDtlsNotSctpMode” at line 8134 calls InitHandshakeHashes, but doesn’t free existing. Best overall solution is to make sure and free an existing on InitHandshakeHashes, since WOLFSSL is memset to 0. 2017-05-04 14:51:31 -07:00
David Garske
570befb63f Fixes for using async. Combine duplicate DoCertificate and DoTls13Certificate code into ProcessPeerCerts. Cleanup of the XMALLOC/XFREE to use ssl->heap. 2017-05-04 14:51:31 -07:00
David Garske
253140f37e Fixes for TLS 1.3. Fix issue with wc_AesGcmDecrypt checking for authIn arg (allowed to be NULL). Fix for preMasterSz in TLSX_KeyShare_ProcessEcc. Fix for building with --disable-asn (NO_CERTS). Fix to remove client “-t” option from help, which no longer exists. Added new WOLFSSL_DEBUG_TLS option for new messages added. 2017-05-04 14:51:31 -07:00
David Garske
77f9126edf Rebase fixes for TLS 1.3. Getting a decrypt error with the TLS 1.3 test from the SendTls13CertificateVerify. 2017-05-04 14:51:31 -07:00
Sean Parkinson
2b1e9973ec Add TLS v1.3 as an option 2017-05-04 14:51:30 -07:00
Jacob Barthelmeh
7dd877554b build for windows visual studio with AES GCM 2017-05-04 14:14:12 -06:00
Jacob Barthelmeh
9b5340d3af sanity checks before copying copying peer certificate 2017-05-04 13:10:46 -06:00
Jacob Barthelmeh
55538b5de0 sanity check on input buffer index 2017-05-03 10:21:03 -06:00
toddouska
27aafd674a Merge pull request #886 from dgarske/fixes_coverity2 
Fixes for coverity scan (part 2)
 2017-05-02 08:53:03 -07:00
John Safranek
4135279f82 Merge pull request #843 from kaleb-himes/dtls-interop 
DTLS update per RFC 6347 Section 4.2.3
 2017-05-01 19:29:27 -07:00
toddouska
f61380da21 Merge pull request #870 from kaleb-himes/PSK-UPDATE 
Update PSK identity length per RFC 4279 - section 5.3
 2017-05-01 19:04:32 -07:00
David Garske
3647e50c17 Fixes for the GrowInputBuffer and GrowOutputBuffer changes to only use align when WOLFSSL_GENERAL_ALIGNMENT > 0. 2017-05-01 18:48:54 -07:00
David Garske
9491027c85 Fixes for coverity scan (part 2). 2017-05-01 16:34:24 -07:00
toddouska
1a0b408658 Merge pull request #883 from dgarske/fixes_coverity 
Fixes for coverity scan
 2017-05-01 16:30:04 -07:00
David Garske
f19cf4cb34 Fix the client PSK callback to always null terminate after callback. Remove the +1 on the test.h examples for PSK callbacks. 2017-05-01 12:10:05 -07:00