Commit Graph

2969 Commits

Author SHA1 Message Date
toddouska ab3ffaa26a Merge pull request #1706 from SparkiDev/sha384_not_sha512
Allow SHA384 to be compiled in without SHA512
2018-07-23 09:47:49 -07:00
Sean Parkinson 9433fcb820 Allow SHA384 to be compiled in without SHA512 2018-07-20 09:42:01 +10:00
MJSPollard 19dd08e191 requested style changes 2018-07-19 11:05:56 -06:00
MJSPollard 0dbd35ae01 websocketpp compat. addition, add new define for asio 2018-07-18 12:09:12 -06:00
MJSPollard db8939c578 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-18 11:10:35 -06:00
toddouska 227e7cc8c7 Merge pull request #1690 from SparkiDev/tls_sha384_copy
Remove special case SHA-384 copy code
2018-07-18 09:37:50 -07:00
toddouska 436e774729 Merge pull request #1685 from SparkiDev/dh_max
Add support for maximum DH key size
2018-07-18 09:33:43 -07:00
David Garske 52aac6e641 Merge pull request #1697 from embhorn/zd4060
Dead code in wolfSSL_BIO_gets()
2018-07-18 09:22:35 -07:00
Sean Parkinson 0236a293e4 Fix define protection to be ED25519 not ECC 2018-07-18 10:12:57 +10:00
toddouska 1840ae7013 Merge pull request #1693 from SparkiDev/stack_rsa
Small stack fixes and ignore RSA fields in RSA_LOW_MEM
2018-07-17 12:24:00 -07:00
Eric Blankenhorn 6a6f5d01b4 Fix for zd4060 2018-07-17 14:20:14 -05:00
toddouska 96567112cd Merge pull request #1691 from SparkiDev/stack_dh_tls
Small stack fixes
2018-07-17 12:15:26 -07:00
Sean Parkinson c01c79349e Small stack fixes and ignore RSA fields in RSA_LOW_MEM
Fix asn.c and rsa.c small stack to not have large stack variables.
In RSA code don't load or store dP, dQ or u when using RSA_LOW_MEM as
they are not used.
Fix SP to recognize RSA_LOW_MEM means to use d, private exponent.
Fix wc_CheckRsaKey to work with SP.
Fix sp_int to support mp_set_int for wc_CheckRsaKey().
2018-07-17 11:05:38 +10:00
Sean Parkinson 514a949557 Small stack fixes
Changes to DH and SSL/TLS code to dynamically allocate large stack
variables when compiled with WOLFSSL_SMALL_STACK.
2018-07-17 09:04:00 +10:00
Sean Parkinson 87f378efb5 Remove special case SHA-384 copy code
SHA-384 implementation has a GetHash API and TLS code uses it.
2018-07-17 08:16:46 +10:00
John Safranek 49fefe176e DTLS and Atomic Encrypt Callback
When using the encrypt callback, the DTLS sequence number isn't incremented. Moved the increment to later in the BuildMessage() function.
2018-07-16 13:33:03 -07:00
toddouska f0422bec41 Merge pull request #1681 from dgarske/pk_keygen
Added ECC and Curve25519 Key Generation PK callback support
2018-07-13 14:03:13 -07:00
toddouska 1337f7ddec Merge pull request #1674 from dgarske/derchainsz
Fix for max cert chain size calculation
2018-07-13 13:53:35 -07:00
toddouska 6c1778d373 Merge pull request #1669 from cconlon/mqxfixes
fixes for MQX classic 4.0 with IAR-EWARM
2018-07-13 11:59:28 -07:00
Eric Blankenhorn 9bc0e0c4fc Static analysis fixes (#1658)
* Static analysis fixes
* Fixes for zd4071, zd4074, zd4093-zd4094, zd4096, zd4097-zd4104.
* Add test cases.
2018-07-13 09:02:09 -07:00
Sean Parkinson ffc6cf4eb8 Add support for maximum DH key size 2018-07-13 17:36:42 +10:00
John Safranek f7c5b27bfc Merge pull request #1675 from toddouska/zero-error
make SOCKET_PEER_CLOSED_E consistent between read and 2 write cases
2018-07-12 12:53:48 -07:00
Chris Conlon cadd556b3a cast result of bitwise not back to original type to prevent compiler warnings 2018-07-12 13:46:55 -06:00
David Garske 81d13e15d5 Added ECC and Curve25519 Key generation callback support for HAVE_PK_CALLBACKS. The TLS server side ECDHE could not correctly handle PK callback based shared secret calculation using a hardware based generated key. Refactor internal functions to use the callback ctx getter API. 2018-07-12 11:52:54 -07:00
MJSPollard 93d7891701 Added different tls version support for asio 2018-07-12 11:59:58 -06:00
MJSPollard d8dff3e4de Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-12 11:57:34 -06:00
toddouska 23687f44bc Merge pull request #1643 from ejohnstown/altnames
Subject Alt Name Matching
2018-07-11 13:20:58 -07:00
Todd Ouska d639939a07 make SOCKET_PEER_CLOSED_E consistent between read and 2 write cases 2018-07-11 13:00:29 -07:00
David Garske 05cfeae3ce Fix for handling max cert chain size. It was not accounting for the 3 byte header in max size calculation. 2018-07-11 12:32:49 -07:00
Chris Conlon 0f2b5ca181 fixes for MQX classic 4.0 with IAR-EWARM 2018-07-11 10:54:24 -06:00
MJSPollard 4cbae0bca3 changes to make jenkins tests work 2018-07-10 13:34:16 -06:00
MJSPollard 3fc7424e03 implemented requested changes 2018-07-10 11:52:41 -06:00
MJSPollard d361a1aebd Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-10 11:04:53 -06:00
toddouska 376a4d3ca8 Merge pull request #1666 from dgarske/fix_always_verify
Fix for building with `WOLFSSL_ALWAYS_VERIFY_CB`
2018-07-09 11:13:28 -07:00
David Garske 9c2a5d2906 Further simplification of the PK verify wrapping to avoid malloc/free. Thanks Todd! 2018-07-06 16:21:43 -07:00
David Garske 85d58cbf8c Fix for building with WOLFSSL_ALWAYS_VERIFY_CB. 2018-07-06 15:31:52 -07:00
David Garske 595beb3fec Fixup for the removal of const. 2018-07-06 09:35:00 -07:00
David Garske 32f1b0a9c2 Added separate context for each SignatureCtx verify callback. Added missing ssl info to callback context. 2018-07-06 09:28:46 -07:00
David Garske 3cbcc872c1 Improved PK callback support for ConfirmSignature so certificate verification uses the callbacks. Retained wolfSSL/wolfCrypt isolation (I.E. no wolfSSL references from wolfCrypt). 2018-07-05 14:04:06 -07:00
toddouska ae54bae2fa Merge pull request #1654 from SparkiDev/tls13_stapling
TLS 1.3 OCSP Stapling
2018-07-03 12:56:28 -07:00
MJSPollard ac0b31dee8 refactored and added defines for wolfSSL/Asio Compat 2018-07-03 11:07:15 -06:00
toddouska 77f11a6be9 Merge pull request #1649 from embhorn/zd4043
Fix for memory leak in wolfSSL_BN_hex2bn
2018-07-02 16:22:57 -07:00
toddouska 9f35d211e0 Merge pull request #1644 from JacobBarthelmeh/Compatibility-Layer
add ca when getting chain from x509 store
2018-07-02 16:22:11 -07:00
toddouska e17a16a45a Merge pull request #1600 from dgarske/lighttpd
Changes to support Lighttpd 1.4.49
2018-07-02 16:18:41 -07:00
John Safranek adb3cc5a5a Subject Alt Name Matching
1. Added certificates for localhost where the CN and SAN match and differ.
2. Change subject name matching so the CN is checked if the SAN list doesn't exit, and only check the SAN list if present.
3. Added a test case for the CN/SAN mismatch.
4. Old matching behavior restored with build option WOLFSSL_ALLOW_NO_CN_IN_SAN.
5. Add test case for a correct certificate.

Note: The test for the garbage certificate should fail. If you enable the old behavior, that test case will start succeeding, causing the test to fail.
2018-07-02 13:39:11 -07:00
Jacob Barthelmeh 201217bd97 casts for tls 1.3 windows warnings 2018-07-02 13:55:38 -06:00
MJSPollard e319987579 Added wolfSSl compatability for Asio C++ library 2018-07-02 10:48:02 -06:00
Jacob Barthelmeh a9ff79e321 check return value 2018-07-02 10:10:30 -06:00
Sean Parkinson 0bf3a89992 TLS 1.3 OCSP Stapling
Introduce support for OCSP stapling in TLS 1.3.
Note: OCSP Stapling v2 is not used in TLS 1.3.
Added tests.
Allow extensions to be sent with first certificate.
Fix writing out of certificate chains in TLS 1.3.
Tidy up the OCSP stapling code to remove duplication as much as
possible.
2018-07-02 16:59:23 +10:00
Eric Blankenhorn ebb3eb87d1 Update from review 2018-06-29 11:02:10 -05:00