Commit Graph

1718 Commits

Author SHA1 Message Date
John Safranek fa1989b729 fix building the new session ticket message for DTLS, take into account the additional header sizes 2016-08-18 17:51:25 -07:00
toddouska d74fa8299a add resume session string script check, make GetDeepCopySession static local and check reutrn code 2016-08-15 09:32:36 -07:00
David Garske b0e4acaac1 Fix for openssl compatibility without ECC. Disable "wolf_OBJ_nid2sn", "wolf_OBJ_sn2nid" and "wolf_OBJ_obj2nid" when "OPENSSL_EXTRA" defined and "HAVE_ECC" is not defined. 2016-08-08 10:29:58 -07:00
David Garske d8c63b8e66 Various improvements to support openssl compatibility.
* Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it).
* Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist).
* Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same).
* Added "WOLFSSL*" to HandShakeInfo.
* Allowed "SetName" to be exposed.
* Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code).
2016-08-05 14:15:47 -07:00
David Garske 2c1309ffc7 Fixes for warnings when cross-compiling with GCC ARM. 2016-08-03 16:53:53 -07:00
Jacob Barthelmeh 37b84abe0b change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 2016-07-27 09:36:16 -06:00
John Safranek 0265b0f4bb only check server's cert key encipher on client for RSA key exchange 2016-07-26 13:32:54 -07:00
toddouska 242d26eba2 Merge pull request #488 from cconlon/sig_algo
leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined
2016-07-26 11:05:24 -07:00
Jacob Barthelmeh e8f7d78fc4 add helper functions for choosing static buffer size 2016-07-21 12:11:15 -06:00
toddouska b81e687bf3 Merge pull request #490 from JacobBarthelmeh/master
Static Memory Fixes
2016-07-20 20:27:03 -07:00
toddouska 8f2af608a7 Merge pull request #492 from JacobBarthelmeh/staticmemory
set heap hint for ctx
2016-07-20 20:25:38 -07:00
toddouska 1b980867d6 fix rsablind other builds 2016-07-20 11:35:57 -07:00
Jacob Barthelmeh 5d8a78be30 set heap hint for ctx 2016-07-20 11:47:36 -06:00
Jacob Barthelmeh 1f5b6d4e66 sanity check on buffer size 2016-07-20 11:44:22 -06:00
Jacob Barthelmeh 01ecc64052 avoid race condition with IO and handshake counter 2016-07-20 11:44:22 -06:00
Jacob Barthelmeh 17207ff61b account for when FreeHandshakeResources is not called 2016-07-20 11:44:22 -06:00
toddouska 7a419ba6d8 Merge pull request #472 from dgarske/ecc_brainpool_koblitz
ECC and TLS support for all SECP, Koblitz and Brainpool curves
2016-07-19 11:44:53 -07:00
dgarske 32a2bd3863 Merge pull request #489 from toddouska/rsablind
Adds WC_RSA_BLINDING for RSA Private Operations
2016-07-19 09:03:09 -07:00
toddouska d235a5f0cc add WC_RSA_BLINDING, wc_RsaSetRNG() for RSA Private Decrypt which doesn't have an RNG 2016-07-18 11:57:47 -07:00
Chris Conlon d3f7ddc486 leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined 2016-07-15 14:32:24 -06:00
Chris Conlon c47f5f404c Merge pull request #480 from toddouska/noecho
don't echo session id on blank ticket if we're going to create a new …
2016-07-15 13:12:27 -06:00
David Garske aa9b1e964c Fix for possible seg fault with anonymous cipher mode enabled. Do not perform signature/verify when using anon_cipher. 2016-07-14 15:58:35 -07:00
toddouska c7b969b5b4 don't echo session id on blank ticket if we're going to create a new ticket 2016-07-13 18:45:10 -07:00
toddouska 5f21f93c61 allow bogus sessionID when ticket callback rejects ticket 2016-07-13 12:47:59 -06:00
toddouska 7b76c3ab36 allow bogus client sessoinID of non 32 bytes with session ticket 2016-07-13 09:47:49 -06:00
John Safranek 3dc09ae0fb one last fix of the DTLS version numbers 2016-07-08 17:20:56 -07:00
David Garske 7a1acc7e56 Added TLS support for all SECP and Brainpool curves. Added ECC curve specs for all Brainpool, Koblitz and R2/R3. Adds new "HAVE_ECC_BRAINPOOL", "HAVE_ECC_KOBLITZ", "HAVE_ECC_SECPR2" and "HAVE_ECC_SECPR3" options. ECC refactor to use curve_id in _ex functions. NID and ECC Id's match now. Added ability to encode OID (HAVE_OID_ENCODING), but leave off by default and will use pre-encoded value for best performance. 2016-07-07 10:59:45 -07:00
toddouska 000f1a19e5 Merge pull request #470 from JacobBarthelmeh/Testing
sanity checks
2016-06-30 19:30:28 -07:00
Jacob Barthelmeh 8bba628f3f sanity check in function GetInputData and when shrinking buffer 2016-06-30 13:42:38 -06:00
toddouska f194c216c0 Merge pull request #466 from JacobBarthelmeh/mutex
free ctx in case of InitMutex fail
2016-06-30 12:05:06 -07:00
Jacob Barthelmeh cf522314ce sanity checks 2016-06-30 11:41:22 -06:00
Jacob Barthelmeh 3f36a914da remove cast from enum to int 2016-06-29 14:28:36 -06:00
David Garske 5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska eb072e0344 Merge pull request #463 from JacobBarthelmeh/master
update mysql port
2016-06-28 14:56:57 -07:00
toddouska 981cf9cbcb Merge pull request #462 from cconlon/bug-fixes
PemToDer Bug Fixes
2016-06-28 09:58:18 -07:00
Jacob Barthelmeh 0589fe0d39 free ctx in case of InitMutex fail 2016-06-28 09:29:28 -06:00
Jacob Barthelmeh f18ff8bfa4 update mysql patch 2016-06-27 15:44:52 -06:00
toddouska ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Chris Conlon 9c7bea46d2 fix out of bounds read in PemToDer with 0 size der buffer, CU #4 2016-06-27 10:53:19 -06:00
Chris Conlon 92e501c8e4 fix possible out of bound read in PemToDer header, CU #3 2016-06-27 10:53:19 -06:00
Chris Conlon 2951e167b5 check return code of PemToDer in wolfSSL_CertManagerVerifyBuffer, CU #2 2016-06-27 10:23:22 -06:00
Chris Conlon 8fac3fffea fix possible out of bounds read in PemToDer, CU #1 2016-06-27 10:23:22 -06:00
toddouska 3a18b057d7 Merge pull request #460 from dgarske/DerBufMemcpyCleanup
Cleanup of DerBuffer duplication
2016-06-24 14:51:30 -07:00
Jacob Barthelmeh 49934a5c91 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-24 14:22:14 -06:00
Ludovic FLAMENT 033f308a08 change file name from compat-wolfssl to compat-wolfcrypt 2016-06-24 19:00:39 +02:00
Kaleb Himes 19da114c0c Merge pull request #454 from ejohnstown/dtls-version
DTLS Hello Verify Request Version Number
2016-06-24 08:44:55 -07:00
Ludovic FLAMENT 4215182945 fix macro error 2016-06-24 13:27:49 +02:00
Ludovic FLAMENT 0c43123a01 Fix BIO based on review 2016-06-24 10:54:58 +02:00
David Garske b0f7d819bd Cleanup of DerBuffer duplication that was using memcpy still after refractor and should be direct pointer copy. 2016-06-23 18:14:22 -07:00
Jacob Barthelmeh 0b91e000bb fix secure renegotiation build 2016-06-23 13:10:39 -06:00