wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 10:40:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,002 Commits 12 Branches 184 Tags
e47797f700de28425e7cb0f08e12c1e8e2f09a87
Commit Graph

3305 Commits

Author SHA1 Message Date
Sean Parkinson
e47797f700 Make SupportedVersions respect SSL_OP_NO_TLSv* 2019-02-15 08:26:03 +10:00
kaleb-himes
b6d322cd14 fix typo revcd vs recvd and spell out to avoid confusion: received 2019-02-08 14:27:19 -07:00
toddouska
e52f4494f0 Merge pull request #2069 from dgarske/fix_8192 
Fixes for handling 6144 and 8192 bit with TLS v1.3
 2019-02-07 15:02:40 -08:00
Jacob Barthelmeh
be4d6bc204 fix typo with getting cipher suite 2019-02-04 10:53:59 -07:00
Sean Parkinson
b7179c2a54 Disallow SupportedGroups in ServerHello for TLS 1.3 
But allowed when downgrading to TLS 1.2.
 2019-02-04 09:04:11 +10:00
toddouska
73fbf845f2 Merge pull request #2066 from SparkiDev/sec_reneg_scsv 
Fix empty renegotiation info ciphersuite handling
 2019-02-01 10:05:59 -08:00
toddouska
14a2343118 Merge pull request #2064 from SparkiDev/tls13_dhkeysz 
Set the DH key size for TLS 1.3 when secret calculated
 2019-02-01 10:04:15 -08:00
toddouska
4a5652f318 Merge pull request #2061 from SparkiDev/x86_asm_not_in_c 
Pull out x86_64 ASM into separate files
 2019-02-01 10:01:34 -08:00
toddouska
4a177a8a30 Merge pull request #1997 from tmael/portingDeos 
Initial Deos RTOS port
 2019-02-01 09:56:55 -08:00
David Garske
c080050c80 Fix to detect larger key size requirement based on FP_MAX_BITS. Fix for TLSv1.3 to allow server_hello for TLSX_SUPPORTED_GROUPS. ZD 4754. 2019-02-01 09:53:30 -08:00
Sean Parkinson
7822cef1ac Pull out x86_64 ASM into separate files 2019-01-29 13:08:24 +10:00
Sean Parkinson
e8b46caf75 Fix empty renegotiation info ciphersuite handling 2019-01-29 12:51:49 +10:00
Sean Parkinson
574238dea0 Set the DH key size for TLS 1.3 when secret calculated 2019-01-29 08:59:49 +10:00
Chris Conlon
0b2bbc33bd Merge pull request #2059 from miyazakh/openssl_bksize_digest 
Added EVP_MD_CTX_block_size and exposed EVP_Digest()
 2019-01-28 15:17:26 -07:00
John Safranek
1288036dbe Merge pull request #2047 from kojo1/freeCRL 
wolfSSL_CertManagerFreeCRL: exposing FreeCRL
 2019-01-25 16:08:31 -08:00
Hideki Miyazaki
53adb93ae4 Added EVP_MD_CTX_block_size and publicized EVP_Digest() 2019-01-25 09:05:36 +09:00
David Garske
fd429bb656 Show warning if secrets debugging options (SHOW_SECRETS or WOLFSSL_SSLKEYLOGFILE) are enabled. The #warning can be ignored as error using ./configure CFLAGS="-W#warnings". 2019-01-22 13:29:25 -08:00
toddouska
52e8e77390 Merge pull request #2046 from cconlon/addalert 
add alert number and string for "unknown_ca" (48)
 2019-01-21 15:39:47 -08:00
Takashi Kojo
5539b0eb38 wolfSSL_CertManagerFreeCRL: exporsing FreeCRL 2019-01-20 10:11:19 +09:00
Chris Conlon
8ecee6a7e9 add unknown_ca alert number (48) and string 2019-01-18 15:36:33 -08:00
Tesfa Mael
739b57c753 Initial Deos RTOS port 
- Added support for Deos with no file system
- Implemented a custom malloc since reusing and freeing memory is disallowed in avionics and mission critical applications.
- Added TLS client and server example with a TCP setup mailbox transport
- Timer starts at an offset of CURRENT_UNIX_TIMESTAMP specified by the user
- Uses rand_r() as a pseudo random number generator and uses the current time in seconds as a seed
- Uses strnicmp for XSTRNCASECMP instead of strncasecmp
- a readme doc included
 2019-01-18 14:46:39 -08:00
John Safranek
c282f5b726 DTLS Nonblocking Updates 
Modify the DtlsMsgPoolSend() function to keep track of the last message
retransmit. If a write would block, it allows the retransmit pick up
where it left off.
 2019-01-18 09:15:11 -08:00
John Safranek
aa4de6e170 DTLS Nonblocking Updates 
Do not allow the DTLS message flight be retransmit without being
finished. This can happen if a non-blocking transmit times out the
response and the application tries to retransmit.
 2019-01-18 09:15:11 -08:00
John Safranek
63f6c1d280 DTLS Nonblocking Updates 
1. Add error code for trying to retransmit a flight when transmitting
the flight hasn't finished.
2. Add function to retransmit the stored flight without updating the
timeout count.
 2019-01-18 09:15:11 -08:00
John Safranek
91d81ea691 Add some more debug logging for DTLS retransmission support. 2019-01-18 09:13:28 -08:00
John Safranek
d3e2488552 DTLS Resume Fix 
1. In DTLS, when transmitting the Change Cipher Spec message increment the
sequence number.
2. In DTLS, when client receives the CCS message, sanity check that the
server hello has been received in the case of resume.
 2019-01-18 09:13:28 -08:00
toddouska
b632c8dcc1 Merge pull request #2043 from SparkiDev/tls13_psk_down 
Fix PSK support when no PSK extension
 2019-01-18 09:00:56 -08:00
toddouska
33f876bb20 Merge pull request #2029 from SparkiDev/sni_tls13 
Fix SNI on client when downgrading from TLS 1.3
 2019-01-18 08:59:47 -08:00
toddouska
fe97264ff9 Merge pull request #2028 from dgarske/spcortex 
Added Cortex-M support for Single Precision (SP) math
 2019-01-18 08:59:10 -08:00
toddouska
d02f7a75b9 Merge pull request #2019 from dgarske/arduino 
Improvements to Arduino sketch
 2019-01-18 08:54:42 -08:00
toddouska
aba726fcd3 Merge pull request #2004 from embhorn/prf_move 
Moving PRF to wolfcrypt
 2019-01-18 08:53:13 -08:00
Sean Parkinson
e18891aed8 Fix PSK support when no PSK extension 2019-01-18 16:13:07 +10:00
David Garske
8fb7892013 Merge pull request #2040 from ejohnstown/fix-checks 
Fix Checks
 2019-01-17 12:54:25 -08:00
John Safranek
f6240e5558 Fix Checks 
1. In the client, check the return code on wolfSSL_CTX_SetMinDhKey_Sz() as it is checked in the server. (Resolves issue #2037.)
2. In HashOutput(), check that the hsHashes exists for the session before hashing. (Resolves issue #2038.)
 2019-01-17 09:52:00 -08:00
David Garske
91573735b1 Merge pull request #2036 from ejohnstown/fragsz 
TLS Record Fragment Size Check Change
 2019-01-17 08:56:45 -08:00
John Safranek
5e03ac13f6 TLS Record Fragment Size Check Change 
Fixed a potential bug with respect to processing fragmented handshake
messages. If a handshake message is fragmented across multiple TLS
records and the last fragment's record has the next handshake message in
it, we would throw a buffer error instead of processing the next
message. Changed this so it will finish the handshake message and return
out to process the next message. Also changed the handling of the
handshake message to follow the calling pattern.
 2019-01-16 15:53:57 -08:00
Eric Blankenhorn
02ff19a6c4 Moving PRF to wolfcrypt 2019-01-16 17:23:49 -06:00
John Safranek
d5b06f93fd Merge pull request #2031 from SparkiDev/sec_reneg_chrome 
Changes to secure renegotiation for TLS 1.3 and Chrome
 2019-01-16 12:00:08 -08:00
toddouska
5d262e9123 Merge pull request #2027 from dgarske/fix_buildopts 
Fixes for various build options and warnings
 2019-01-16 10:32:19 -08:00
toddouska
b683a5a6bb Merge pull request #1945 from victork1996/bugfix/openssl-evp-bytes-to-key-compatibility 
Fixed OpenSSL compatibility issues in wolfSSL_EVP_BytesToKey
 2019-01-16 10:18:08 -08:00
toddouska
b37c94a15c Merge pull request #2022 from JacobBarthelmeh/OCSP 
memory management with OCSP requests
 2019-01-16 08:52:50 -08:00
Sean Parkinson
b2e4c86028 Changes to secure renegotiation for TLS 1.3 and Chrome 2019-01-15 09:47:23 -08:00
Sean Parkinson
53ad7728bf Fix SNI on client when downgrading from TLS 1.3 2019-01-14 15:09:52 -08:00
Jacob Barthelmeh
6ac384793f memory management with OCSP requests 2019-01-14 09:49:50 -07:00
David Garske
cfc66dab47 Fix compiler complaints when using Curve25519. 2019-01-11 21:16:13 -08:00
David Garske
45cd80b4b7 Fix define check of NO_CERT to be NO_CERTS. 2019-01-11 21:10:07 -08:00
David Garske
406d2ceb6b Merge pull request #2023 from miyazakh/fix_no_hash_raw 
fix no_hash_raw for esp32 hw acceleration
 2019-01-11 21:04:04 -08:00
David Garske
ebd68e6afd Fix to return the internal cipher suite name instead of NULL if NO_ERROR_STRINGS is defined. Fix for stray "if" in wolfSSL_SESSION_CIPHER_get_name. 2019-01-11 17:20:35 -08:00
David Garske
f67b8fa6a3 Experimental SP Cortex M support for Single Precision math. 2019-01-11 14:38:34 -08:00
Hideki Miyazaki
bdc5dd41d1 fix no_hash_raw for esp32 hw acceleration 2019-01-09 16:56:47 +09:00