Commit Graph

8158 Commits

Author SHA1 Message Date
Sean Parkinson fff5cff273 Fix for no certificates and calling DoVerifyCallback. 2018-08-22 10:57:19 +10:00
toddouska 776fd51720 Merge pull request #1768 from SparkiDev/tls13_final
Use final TLS 1.3 version value by default.
2018-08-21 12:29:51 -07:00
toddouska e635e49635 Merge pull request #1772 from SparkiDev/tls13_point_ext
Send EC poiint format extension if downgradable from TLS 1.3
2018-08-21 12:27:10 -07:00
toddouska a505f2b063 Merge pull request #1662 from SparkiDev/mem_track
Add memory usage tracking and logging
2018-08-21 12:25:49 -07:00
Sean Parkinson 1ab17ac827 More changes to minimize dynamic memory usage.
Change define to WOLFSSL_MEMORY_LOG.
Fix for ED25519 server certificate - single cert to allow comparison
with ECC dynamic memory usage.
Free memory earlier to reduce maximum memory usage in a connection.
Make MAX_ENCODED_SIG_SZ only as big as necessary.
Change memory allocation type in sha256 from RNG to DIGEST.
If we know the key type use it in decoding private key
2018-08-21 14:41:01 +10:00
Sean Parkinson d29118ba58 Merge pull request #1771 from dgarske/tls13only
Fixes for building with TLS v1.3 only enabled.
2018-08-21 14:25:54 +10:00
Sean Parkinson 103a0d351b Send EC poiint format extension if downgradable from TLS 1.3 2018-08-21 10:11:12 +10:00
David Garske 389f56b5c7 Fix for building with TLS 1.3 only when AES CBC is enabled. Algorithm is allowed to be enabled, but the AES CBC cipher suites should not be. Fixed AEAD enable to check AES CBC based on HAVE_AES_CBC define. 2018-08-20 16:29:48 -07:00
Sean Parkinson 506c858ed6 Add memory usage tracking and logging
Add WOLFSSL_MEMORY_TRACKING to report allocations and frees with the
type.
Fix places where memory can be freed earlier.
2018-08-21 08:54:57 +10:00
David Garske b12386fbb1 Fixes for building with TLS v1.3 only (./configure --disable-tlsv12 --enable-tls13 --disable-aescbc --enable-ed25519 --enable-curve25519) 2018-08-20 15:49:03 -07:00
Sean Parkinson 20950ffde8 Remove TODOs around TLS 1.3 draft version. 2018-08-21 08:41:50 +10:00
David Garske 3d16ed9c02 Merge pull request #1770 from ejohnstown/prime-fix
Prime Test Bug Fix
2018-08-20 13:24:05 -07:00
John Safranek e4757f1283 Prime Test Bug Fix
Using the wrong size for the MR test check value. Converting from size
of FP_MAX_BITS to the DH prime size, dividing too much. Switched it to
its own constant.
2018-08-20 11:43:06 -07:00
toddouska f3c4d5442e Merge pull request #1757 from dgarske/pkcs8_pad
Fix to resolve padding issue with PKCS 8 encryption.
2018-08-20 09:32:34 -07:00
toddouska 0e1b8b7bd8 Merge pull request #1760 from dgarske/atmel_asf
Fixes for building with Atmel ASF (`WOLFSSL_ATMEL`)
2018-08-20 09:20:01 -07:00
toddouska 0f539616be Merge pull request #1766 from JacobBarthelmeh/UnitTests
cleanup with test cases and access to FP_MAX_BITS
2018-08-20 09:19:14 -07:00
toddouska 683182f494 Merge pull request #1765 from SparkiDev/sp_fixes_1
Fixes for SP
2018-08-20 09:18:31 -07:00
toddouska 555714afa3 Merge pull request #1764 from SparkiDev/tls13_psk_cb
Separate PSK callback for TLS 1.3
2018-08-20 09:17:01 -07:00
toddouska c8814a7ee1 Merge pull request #1769 from SparkiDev/tls13_dh
TLS 1.3: Always left-pad DH secret to length of prime
2018-08-20 09:13:50 -07:00
toddouska 3e08c27512 Merge pull request #1715 from SparkiDev/disable_aescbc
Config option to disable AES-CBC
2018-08-20 09:08:19 -07:00
Sean Parkinson d104ae39e3 TLS 1.3: Always left-pad DH secret to length of prime 2018-08-20 14:20:50 +10:00
Sean Parkinson 3cdeccc36e Use final TLS 1.3 version value by default. 2018-08-20 14:17:38 +10:00
David Garske a7b5ed1c27 Merge pull request #1767 from aaronjense/dsa-unreachable-statement
silence warning for unreachable statement from some compilers.
2018-08-18 17:50:45 -07:00
Aaron Jense 79590f3310 silence warning for unreachable statement from some compilers. 2018-08-17 15:13:06 -06:00
Jacob Barthelmeh ed9aaa93f4 include tfm in example client for veiwing FP_MAX_BITS 2018-08-17 11:06:40 -06:00
Jacob Barthelmeh cc10c971cd make sure that even if wolfSSL_Init has been called multiple times that wolfSSL_Cleanup gets called in tests 2018-08-17 11:04:21 -06:00
David Garske ff635d5b2b Merge pull request #1763 from aaronjense/ecc-check-key-type
Fix error with wolfCrypt-JNI having ECC_PRIVATEKEY_ONLY and d != NULL
2018-08-16 18:16:43 -07:00
Sean Parkinson f1222c3f9f Separate PSK callback for TLS 1.3
It is highly recommended that the PSK be different for each protocol.
Example callback already returns a different key for TLS 1.3.
New callback includes the ciphersuite, as a string, to use with the key.
2018-08-17 10:18:28 +10:00
Sean Parkinson 2ac2c24f22 Fixes for SP
More places to mask shifted n.
Fix conditional check on NO_3072 in sp_int.h
Disable prime checking when using SP maths.
Add support for mp_tohex to SP maths.
Fix wolfmath.c to support including SP maths.
2018-08-17 10:13:29 +10:00
Aaron Jense 93546694ca modify for readability 2018-08-16 17:04:32 -06:00
Aaron Jense aeb9ab8aea Combine if statements 2018-08-16 16:25:53 -06:00
Aaron Jense eb08c6f6fc Fix error with wolfCrypt-JNI having ECC_PRIVATEKEY_ONLY and d != NULL 2018-08-16 15:29:46 -06:00
Sean Parkinson f487b0d96a Config option to disable AES-CBC
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
2018-08-16 08:25:13 +10:00
David Garske 9db7ba2f0d Fix for cast mismatch and spelling of state. 2018-08-15 12:00:44 -07:00
David Garske c6e075f077 Fixes for building with Atmel ASF and no ECC508A. 2018-08-15 12:00:44 -07:00
David Garske 739bbd1355 Merge pull request #1750 from JacobBarthelmeh/SanityChecks
update condition for include of sys/time.h
2018-08-15 11:28:05 -06:00
toddouska baab6755b2 Merge pull request #1756 from dgarske/norng
Fixes for building with `WC_NO_RNG`
2018-08-15 10:18:44 -07:00
toddouska be0523b7cd Merge pull request #1749 from JacobBarthelmeh/UnitTests
check max key size with ocsp stapling test
2018-08-15 10:18:12 -07:00
Jacob Barthelmeh 373258a0c2 account for NO_RSA and SP math when printing max RSA key size 2018-08-15 09:52:43 -06:00
Jacob Barthelmeh c3ab52ed44 key size check on ocsp-stapling2 test 2018-08-15 09:52:43 -06:00
Jacob Barthelmeh f74406d2c9 check max key size with ocsp stapling test 2018-08-15 09:52:43 -06:00
David Garske 3d16f891d4 Fix to check for buffer overrrun with the additional padding in PKCS12 EncryptContent function. 2018-08-14 19:20:24 -06:00
David Garske cdff2869c2 Fixes for building with WC_NO_RNG (applies to wolfCrypt only builds). Tested with ./configure --enable-cryptonly CFLAGS="-DWC_NO_RNG" && make. 2018-08-14 18:53:25 -06:00
Eric Blankenhorn 2420af3cf2 Merge pull request #1758 from dgarske/certext
Fix for building certext without certgen
2018-08-14 17:00:51 -05:00
toddouska 9ad059542a Merge pull request #1745 from dgarske/ecc_export_hex
Added new ECC export API's to support export as hex string
2018-08-14 14:19:23 -07:00
toddouska e2de988f98 Merge pull request #1739 from dgarske/asio
Fixes to openssl compatibility for Boost.Asio with SSF
2018-08-14 14:18:08 -07:00
David Garske d1e13a973c Fix for building WOLFSSL_CERT_EXT without WOLFSSL_CERT_GEN due to missing CTC_MAX_EKU_OID_SZ. Change to allow --enable-certext without certgen. 2018-08-14 15:00:56 -06:00
David Garske 1c297b3ac4 Cleanup of some macro logic for enabling the mp_toradix. 2018-08-14 12:58:00 -06:00
David Garske f23915baa1 Fix for BIO ssl case, which is not supported (for the Boost.Asio project this isn't required either). 2018-08-14 12:44:31 -06:00
David Garske 6ca56ee98c Fix to handle carriage return case in PEM end of line character handling (for Windows). Cleanup to consolidate duplicate end of line character handling code. 2018-08-14 12:22:18 -06:00