wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 10:49:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,889 Commits 12 Branches 184 Tags
ffc6cf4eb82d37e20e9f85dd0587ed33e1194ebc
Commit Graph

1393 Commits

Author SHA1 Message Date
Sean Parkinson
ffc6cf4eb8 Add support for maximum DH key size 2018-07-13 17:36:42 +10:00
David Garske
9c2a5d2906 Further simplification of the PK verify wrapping to avoid malloc/free. Thanks Todd! 2018-07-06 16:21:43 -07:00
David Garske
595beb3fec Fixup for the removal of const. 2018-07-06 09:35:00 -07:00
David Garske
3cbcc872c1 Improved PK callback support for ConfirmSignature so certificate verification uses the callbacks. Retained wolfSSL/wolfCrypt isolation (I.E. no wolfSSL references from wolfCrypt). 2018-07-05 14:04:06 -07:00
toddouska
ae54bae2fa Merge pull request #1654 from SparkiDev/tls13_stapling 
TLS 1.3 OCSP Stapling
 2018-07-03 12:56:28 -07:00
toddouska
77f11a6be9 Merge pull request #1649 from embhorn/zd4043 
Fix for memory leak in wolfSSL_BN_hex2bn
 2018-07-02 16:22:57 -07:00
toddouska
9f35d211e0 Merge pull request #1644 from JacobBarthelmeh/Compatibility-Layer 
add ca when getting chain from x509 store
 2018-07-02 16:22:11 -07:00
toddouska
e17a16a45a Merge pull request #1600 from dgarske/lighttpd 
Changes to support Lighttpd 1.4.49
 2018-07-02 16:18:41 -07:00
Jacob Barthelmeh
a9ff79e321 check return value 2018-07-02 10:10:30 -06:00
Sean Parkinson
0bf3a89992 TLS 1.3 OCSP Stapling 
Introduce support for OCSP stapling in TLS 1.3.
Note: OCSP Stapling v2 is not used in TLS 1.3.
Added tests.
Allow extensions to be sent with first certificate.
Fix writing out of certificate chains in TLS 1.3.
Tidy up the OCSP stapling code to remove duplication as much as
possible.
 2018-07-02 16:59:23 +10:00
Eric Blankenhorn
ebb3eb87d1 Update from review 2018-06-29 11:02:10 -05:00
Eric Blankenhorn
c6890d518e Fix resource leak in wolfSSL_BN_hex2bn 2018-06-29 09:44:01 -05:00
David Garske
cd2971fb93 Abstracted code for setting options mask to improve wolfSSL_CTX_set_options, so it doesn't require allocating a WOLFSSL object. 2018-06-27 21:30:25 -07:00
David Garske
6dbca2b718 Fix to resolve the increased stack by allocating the temp ssl from the heap. 2018-06-27 19:44:34 -07:00
David Garske
66c2c65444 Changes to support Lighttpd 1.4.49: 
* Fix for `wolfSSL_CTX_set_options` to work correctly when no certificate has been set for WOLFSSL_CTX, otherwise this operation fails with `Server missing certificate`.
* Fix for bad argument name `time`.
* Fix for `warning: type of bit-field`: Allowed types for bit-fields are int and unsigned int only.
* Exposed `ERR_remove_thread_state` and `SSL_CTX_set_tmp_ecdh` for lighttpd
* Renamed `WOLFSSL_ERR_remove_thread_state` to `wolfSSL_ERR_remove_thread_state` and setup old name macro.
* Add missing newline on asn1.h.
* Whitespace cleanup in ssl.c.
 2018-06-27 19:44:34 -07:00
Sean Parkinson
7fbe1d3049 Fix support for OCSP and Nginx 
Store DER copy of CA certificate with signer when
WOLFSSL_SIGNER_DER_CERT is defined.
Keep the bad issuer error for later when compiling for OpenSSL
compatability.
Authority Info string needs to be passed back with a nul terminator.
 2018-06-28 08:48:06 +10:00
Jacob Barthelmeh
af75145602 adjust macro guards 2018-06-27 16:13:46 -06:00
Jacob Barthelmeh
c2c209fb89 add ca when getting chain from x509 store 2018-06-27 14:09:32 -06:00
connerwolfssl
13b7dad0fa documentation clean up, added check for asn generalized time 2018-06-27 10:22:47 -07:00
John Safranek
586874b997 Rename INLINE 
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
 2018-06-26 15:17:46 -07:00
John Safranek
e6c7952f50 Merge master into fipsv2. Resolved a conflict in api.c. 2018-06-22 09:52:26 -07:00
Jacob Barthelmeh
c98aca32c4 static analysis report fixes 2018-06-15 17:00:45 -06:00
Jacob Barthelmeh
a1295b3148 memory management with test cases 2018-06-15 15:43:42 -06:00
toddouska
0d0aa74444 Merge pull request #1623 from dgarske/fix_atecc508a 
Fixes for build with `WOLFSSL_ATECC508A` defined
 2018-06-15 11:06:33 -07:00
Jacob Barthelmeh
c03c10e1d4 move location of wolfSSL_d2i_RSA_PublicKey to fix x509 small build 2018-06-14 14:38:15 -06:00
David Garske
5b2bb44bc8 Fixes for build with WOLFSSL_ATECC508A defined. 2018-06-13 20:10:01 -07:00
John Safranek
5e516cc2e0 Merge branch 'master' into fipsv2 2018-06-12 10:10:50 -07:00
David Garske
292e9535ae Fix for wolfSSL_ERR_clear_error to call wc_ClearErrorNodes when its available (mismatched macros), which was incorrectly causing test_wolfSSL_ERR_put_error to fail. Added test_wolfSSL_PEM_PrivateKey test for ECC based key. Refactored the RNG test to only run the reseed test if TEST_RESEED_INTERVAL is defined. This is the test that was causing the tests/api.c to take so long to complete. Will add this macro to the enable options test. 2018-06-12 09:38:18 -07:00
David Garske
e1890a4b0e Added some bad argument checks on compatibility functions BIO_new_mem_buf and PEM_read_bio_PrivateKey. 2018-06-12 09:38:18 -07:00
David Garske
ad0a10441d Fixes for building with openssl compatibility enabled and no TLS client/server. 
Resolves issues building with:
`./configure --enable-opensslextra --disable-rsa --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`
`./configure --enable-opensslextra --disable-ecc --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`

Ticket 3872
 2018-06-12 09:38:18 -07:00
Chris Conlon
a472325f89 return WOLFSSL_FAILURE on error from EVP_DigestUpdate() and EVP_DigestFinal() 2018-06-11 14:27:08 -06:00
John Safranek
7e9a32fffd FIPS Revalidation 
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
 2018-06-06 12:43:15 -07:00
Takashi Kojo
3ff8c45aa8 FILE to XFILE 2018-06-01 09:30:20 +09:00
Go Hosohara
b84f111d51 rebase with master branch and fix some code. 2018-05-30 17:15:07 +09:00
Go Hosohara
8cd357aa3a d2i_PKCS12_fp 2018-05-30 12:10:41 +09:00
Go Hosohara
c715bb5ade X509_check_ca 2018-05-30 12:08:27 +09:00
Go Hosohara
3f6b7c8833 Merge with openSSL-Compat-CRL-STORE on kojo1/wolfssl 2018-05-30 12:08:27 +09:00
Go Hosohara
0fb446ad36 i2c_ASN1_INTEGER 2018-05-30 12:03:58 +09:00
Go Hosohara
d7e4bbf1cf ASN1_STRING_print_ex 2018-05-30 11:56:43 +09:00
Go Hosohara
5c11e1440f ASN1_TIME_to_generalizedtime 2018-05-30 11:56:43 +09:00
Go Hosohara
b1ef0c808e Add all stubs. 2018-05-30 11:56:42 +09:00
Go Hosohara
5ff460bb7f OPENSSL_add_all_algorightms_noconf 2018-05-30 11:53:18 +09:00
Go Hosohara
005284a127 ASN1_GENERALIZEDTIME_free 2018-05-30 11:53:17 +09:00
Go Hosohara
24ff55b085 RAND_poll 2018-05-30 11:53:17 +09:00
toddouska
2cf853d1f1 Merge pull request #1582 from SparkiDev/tls13_only 
Allow TLS 1.2 to be compiled out.
 2018-05-29 13:26:54 -07:00
Chris Conlon
16738f1449 Merge pull request #1569 from kojo1/openSSL-Compat-CRL-STORE 
openSSL compatibility APIs: X509_CRL, STORE
 2018-05-29 09:47:22 -06:00
Takashi Kojo
c60b60c50c #if condition to refer wc_PKCS12_new, wc_d2i_PKCS12 2018-05-26 16:02:51 +09:00
Takashi Kojo
ba03f6e08b wolfSSL_d2i_PKCS12_fp 2018-05-26 13:04:06 +09:00
Takashi Kojo
3939eadf9c get derLen by RsaPublicKeyDerSize 2018-05-26 10:55:17 +09:00
Sean Parkinson
ba8e441e53 Allow TLS 1.2 to be compiled out. 2018-05-25 11:00:00 +10:00