3837173f93
Merge pull request #754 from wolfSSL/ecc_cdh
...
Added ECC Cofactor DH (ECC-CDH) support
2017-02-17 14:26:09 -08:00
19ee115392
Merge pull request #755 from toddouska/kat-errors
...
add ECC_CDH KAT error code
2017-02-17 14:25:51 -08:00
b4802cd73d
add ECC_CDH KAT error code
2017-02-17 12:26:35 -08:00
bdd3f2be41
Make sure ecc key is always memset to 0
2017-02-17 12:15:18 -08:00
3e6ef835b1
Free the ecc keys
2017-02-17 12:06:27 -08:00
09bae9da3e
Fixup from review
2017-02-17 11:18:05 -08:00
24cd46f1f1
Fixes from code review
2017-02-17 11:05:29 -08:00
d625645338
Refactor to combine ECC-CDH with existing “wc_ecc_shared_secret()” and use flag to perform cofactor computation on private key. Added new API “wc_ecc_set_flags()” and flag “WC_ECC_FLAG_COFACTOR” to indicate key should use cofactor. Added NIST CAVS test vector for ECC CDH Primitive with P-256.
2017-02-16 16:30:30 -08:00
39607984f7
Added ECC Cofactor DH (ECC-CDH) support with new “wc_ecc_cdh()” and “wc_ecc_cdh_ex()” API’s. Enable using “HAVE_ECC_CDH” define.
2017-02-16 13:17:08 -08:00
7da446c25a
Merge pull request #748 from JacobBarthelmeh/Release
...
Release
2017-02-12 21:55:31 -08:00
337c52b4cf
prepare for release 3.10.2
2017-02-10 10:19:34 -07:00
6c55701725
c89 build with ECC compresed key
2017-02-10 10:09:45 -07:00
e307f3e89d
free decoded cert with small stack build
2017-02-09 16:06:34 -07:00
0cbc640aad
memory managment in crl.c with crl monitor
2017-02-09 15:39:55 -07:00
c022614e07
Merge pull request #742 from dgarske/fix_asn_getlen
...
Improved ASN error checking
2017-02-09 13:05:26 -08:00
8763a71420
Merge pull request #745 from JacobBarthelmeh/Windows
...
wolfCrypt cleanup in test.c moved and add wolfSSL init to testsuite w…
2017-02-09 10:19:51 -08:00
3a6e8bf0d0
Merge pull request #744 from JacobBarthelmeh/Testing
...
static analysis fixes for memory management and possible null dereference
2017-02-09 10:18:26 -08:00
321392998d
Additional ASN checks for GetSequence and GetSet. Cleanup of the buffer space check error to use BUFFER_E.
2017-02-09 09:50:06 -08:00
6a6e61f1d8
wolfCrypt cleanup in test.c moved and add wolfSSL init to testsuite with single threaded
2017-02-08 18:52:16 -07:00
b6b3021def
gcc-6 uninitialized warning with srp build
2017-02-08 16:49:58 -07:00
b0728645c9
static analysis fixes for memory management and possible null derefrence
2017-02-08 16:29:54 -07:00
ef38ab8fc5
Merge pull request #701 from JacobBarthelmeh/mutex
...
better compatibility with printing errors to a file
2017-02-08 11:12:17 -08:00
868e704b82
Merge pull request #732 from kaleb-himes/openrtos-3.9.2-checkout
...
fips checkout for OpenRTOS v9.0.0 w/ wolfCrypt v3.9.2 on Atmels ATSAM…
2017-02-07 21:19:43 -08:00
c074ab273f
Merge pull request #740 from toddouska/ocsp
...
Fix OCSP signature leading zero, certdecode free on parse failure. Add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted. Add user clock skew defines for date skew before checks (WOLFSSL_AFTER_DATE_CLOCK_SKEW=# and WOLFSSL_BEFORE_DATE_CLOCK_SKEW=#).
2017-02-07 18:46:31 -08:00
993a604124
remove extern variables and use error queue instead
2017-02-07 17:16:22 -07:00
6fc81652b7
Merge pull request #738 from JacobBarthelmeh/Testing
...
align compatibility layer sha256 and sha224 structs
2017-02-07 13:59:34 -08:00
8f1c2965af
Fix build warning in asn.c with “potentially uninitialized local variable 'length' used”.
2017-02-07 13:34:27 -08:00
468df109b6
add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted
2017-02-07 13:31:59 -08:00
19204ab1ac
Fix comment.
2017-02-07 11:07:48 -08:00
a2984553d7
Fixes for build with user-crypto RSA (--enable-fast-rsa).
2017-02-07 11:03:17 -08:00
3a1921e107
Fixes to ASN GetLength changes. Additional GetLength checks in PKCS7 and PKCS12.
2017-02-07 10:59:34 -08:00
0286d157a7
First pass at cleanup of the GetLength function handling of 0 length value. Added some asn.c build option comments.
2017-02-06 20:05:04 -08:00
7ddeb1afd9
add user clock skew defines for date skew before checks
2017-02-06 16:30:48 -08:00
f938a75780
fix OCSP signature leading zero, certdecode free on parse failure
2017-02-06 14:10:38 -08:00
53bebb4785
add error code for wolfCrypt_Cleanup
2017-02-06 14:51:55 -07:00
1f7976a587
Merge pull request #739 from JacobBarthelmeh/Memory
...
reduction of mp_jacobi stack usage
2017-02-06 11:59:52 -08:00
0f91542cf4
add peek error node function to make use of debug mutex
2017-02-03 11:52:36 -07:00
e8110e773e
reduction of mp_jacobi stack usage
2017-02-02 17:13:26 -07:00
b1522e0c59
pack Sha256 struct
2017-02-02 14:55:51 -07:00
e722459df3
align compatibility layer sha256 and sha224 structs
2017-02-02 11:57:29 -07:00
895bf8dfbc
Merge pull request #728 from embray/patch-1
...
Fixes a serious bug in Random.byte
2017-02-01 21:07:20 -03:00
16698db48f
Merge pull request #733 from kaleb-himes/tirtos-updates
...
updates for TIRTOS build following release 3.10.0
2017-02-01 14:47:12 -08:00
fde6700d89
fix typo
2017-01-31 15:10:49 -07:00
af355f7472
updates for TIRTOS build following release 3.10.0
2017-01-31 13:15:45 -08:00
b2e4a50bf4
fips checkout for OpenRTOS v9.0.0 w/ wolfCrypt v3.9.2 on Atmels ATSAM4L CPU
2017-01-30 15:32:59 -07:00
29f52ec735
Merge pull request #730 from toddouska/ocsp
...
Better CheckOcspRequest error detection on retry
2017-01-30 12:59:58 -03:00
ea96fa95b3
add new OCSP response validated debug message and remove redundant ret set
2017-01-28 11:11:25 -08:00
a094a36fa8
Update random.py
...
Realized that `ffi.string()` could truncate the output on null bytes.
2017-01-28 15:55:42 +01:00
a10d464126
fix scan-build warning and simplify CheckOcspRequest validation
2017-01-27 17:07:31 -08:00
f44bbe9ba3
Better CheckOcspRequest error detection on retry
2017-01-27 15:42:00 -08:00
1108ea0303
Merge pull request #729 from JacobBarthelmeh/staticmemory
...
account for unaligned memory when computing optimum size and update s…
2017-01-27 15:00:18 -08:00
0b8730f0b6
check bounds of buffer and get file buffer size
2017-01-27 15:14:25 -07:00
fc899029fb
account for unaligned memory when computing optimum size and update static memory tests
2017-01-27 10:50:47 -07:00
e96a720f04
Fixes a serious bug in Random.byte
...
Python's bytecode compiler has a peephole optimizer which, among other things, can recognize constant expressions and replace them with a constant.
In `Random.byte` the expression `t2b('\0')` is recognized as a constant and is replaced with a single constant compiled into the function's bytecode.
This means that every time you run `Random.byte`, rather than creating a new `str` object (or `bytes` in Python 3) it's reusing the same one each time, and `wc_RNG_GenerateByte` is writing right into that constant object's buffer; hence the following behavior:
```
In [55]: rng = Random()
In [56]: a = rng.byte()
In [57]: a
Out[57]: "'"
In [58]: rng.byte()
Out[58]: '\x11'
In [59]: a
Out[59]: '\x11'
In [60]: rng.byte()
Out[60]: '\x16'
In [61]: a
Out[61]: '\x16'
In [62]: rng.byte.__func__.__code__.co_consts
Out[62]:
('\n Generate and return a random byte.\n ',
'\x16',
0,
'RNG generate byte error (%d)')
In [63]: rng.byte()
Out[63]: '\xad'
In [64]: rng.byte.__func__.__code__.co_consts
Out[64]:
('\n Generate and return a random byte.\n ',
'\xad',
0,
'RNG generate byte error (%d)')
```
`Random.bytes` does not necessarily have this problem since its result buffer is not a constant expression, though I feel like it could also in principle be affected if the string were interned (though I couldn't produce such a result). Nevertheless, it doesn't seem like a good idea to be updating `str` objects' buffers directly.
2017-01-26 20:48:15 +01:00
d22bc5d347
Merge pull request #727 from ejohnstown/minor-cleanups
...
Minor Cleanups
2017-01-26 08:50:28 -08:00
d93f856081
Minor Cleanups
...
1. Removed the execute bit from a few C source files.
2. Changed a couple letters in Moises's name in tfm.h to
the non-extended/accented versions of "e" and "a".
2017-01-25 14:17:17 -08:00
1e02d00f61
Merge pull request #725 from toddouska/psk
...
add PSK test support to openssl script interop
2017-01-24 13:52:23 -08:00
d60d0b4e3f
Merge pull request #726 from ejohnstown/static-memory-fix
...
Allow Static Memory...
2017-01-24 09:38:08 -07:00
13d0908b09
Allow static memory option when not using fast math or not using
...
slow math for anything.
2017-01-23 16:38:29 -08:00
a9a0cdfe71
add PSK test support to openssl script interop
2017-01-23 16:10:01 -08:00
52bc606ef9
Merge pull request #723 from dgarske/fix_ecc_noshamir_wstaticmem
...
Fix issue with wc_ecc_verify_hash_ex when not using SHAMIR and using static memory
2017-01-23 14:00:43 -08:00
a1b79abedb
Merge pull request #717 from wolfSSL/auto_ecc_sup_curves
...
Added code to automatically populate supported ECC curve information
2017-01-23 13:57:56 -08:00
b7c3a340c1
Fix issue with wc_ecc_verify_hash_ex when not using SHAMIR and using static memory. Fixes issue #722 .
2017-01-23 09:12:03 -08:00
008a69f185
Merge pull request #721 from ejohnstown/cleanups-for-multicast
...
Small Fixes for Multicast
2017-01-22 13:19:10 -08:00
8e0affb4a3
Merge pull request #692 from moisesguimaraes/fixes-ocsp-stapling-parser
...
Fixes certificate status parsing, adds behavior for unknown status type
2017-01-20 16:41:28 -07:00
ac0181d527
In benchmark, change the calls to InitRNG to the explicit
...
heap versions like all the other crypt calls so it works
with static memory. Plays nice with FIPS mode if available.
2017-01-20 15:36:08 -08:00
4d83ef1c23
Merge pull request #712 from moisesguimaraes/fixes-ocsp-lookup
...
fixes CA matching when using NO_SKID
2017-01-20 16:15:12 -07:00
497313978f
Multicast
...
1. Opt-out the wolfmath code if not using big integers.
2. Opt-in a few functions when using lean PSK and DTLS.
3. Add a couple (void)heap to hush the compiler for
usused variables in lean PSK.
4. Add include limits.h to internal.h if CHAR_BIT isn't
defined. This is mainly for DTLS with lean PSK.
2017-01-20 11:59:28 -08:00
784ce57f45
Fix for TLSX_PopulateExtensions to not use #else HAVE_QSH case for populating supported curves.
2017-01-19 09:23:07 -08:00
835e3b7953
Merge pull request #719 from dgarske/fix_aes_no_dec
...
Fixes for building with NO_AES_DECRYPT
2017-01-19 08:52:32 -08:00
e86d59b3f7
Merge pull request #718 from dgarske/fix_ecc_comp_err
...
Fix scan-build warning with err not being read with HAVE_COMP_KEY defined
2017-01-19 08:50:44 -08:00
18b78795fb
Merge pull request #716 from dgarske/fix_no_asn_time
...
Fix build with NO_ASN_TIME
2017-01-19 08:43:50 -08:00
fa2882322d
Merge pull request #713 from JacobBarthelmeh/master
...
chacha20_poly1305 function expects a key size of 32 bytes
2017-01-19 08:41:48 -08:00
1afe613512
Fixes for building with NO_AES_DECRYPT. Added new HAVE_AESGCM_DECRYPT to allow AES GCM Decrypt with NO_AES_DECRYPT defined, since GCM uses only encrypt routine. Only allow TLS AES if NO_AES_DECRYPT is not defined.
2017-01-18 15:56:18 -08:00
b3721c6808
Fix scan-build warning with err not being read with HAVE_COMP_KEY defined. Okay to always call wc_ecc_curve_free, since DECLARE_CURVE_SPECS does a memset.
2017-01-18 14:05:32 -08:00
01f4a7b5bd
Added code to automatically populate supported ECC curve information, unless already provided by user via wolfSSL_CTX_UseSupportedCurve or wolfSSL_UseSupportedCurve.
2017-01-18 11:54:43 -08:00
31981cc365
Merge pull request #711 from cconlon/ecc
...
add ECC export raw, sig to (R,S), helper functions
2017-01-18 09:27:42 -08:00
58f1fd2cc9
Merge pull request #704 from SparkiDev/memfail
...
Fixes from failure testing
2017-01-17 12:53:56 -08:00
a00bdb0de7
Merge pull request #714 from wolfSSL/fix_intelasm_debug
...
Fixed issue with intelasm and debug with SHA256
2017-01-17 12:50:17 -08:00
e84528205e
chacha20_poly1305 function expects a key size of 32 bytes
2017-01-17 13:39:26 -07:00
2281560f1a
Merge pull request #710 from JacobBarthelmeh/staticmemory
...
pass heap hint to temporary public ECC key
2017-01-17 12:15:45 -08:00
2e60330796
Merge pull request #703 from JacobBarthelmeh/SGX
...
wolfcrypt only build with Windows
2017-01-17 12:13:37 -08:00
c7ecf23c85
Merge pull request #696 from JacobBarthelmeh/Testing
...
fix possible memory leak on error case with ASN1 INTEGER to BN function
2017-01-17 12:10:21 -08:00
a0dc8dc8f9
Fix build with NO_ASN_TIME. Kaleb, add to future build options tests.
2017-01-17 10:35:48 -08:00
1aeab91828
Fixed issue with intelasm and debug with SHA256 due to stack variable W_K alignment. Removed obsolete DEBUG_XMM code.
2017-01-13 15:50:04 -08:00
00fed61d36
Merge pull request #709 from JacobBarthelmeh/PKCS12
...
heap hint with PKCS7
2017-01-12 09:34:20 -07:00
75e3b5a297
pass heap hint to temporary public ECC key
2017-01-12 09:10:25 -07:00
86a3039e0b
fixes CA matching when using NO_SKID
2017-01-12 13:56:38 -02:00
ba1315a499
Fixes from failure testing
2017-01-12 16:22:35 +10:00
f6647fbf84
add ECC export raw, sig to (R,S), helper functions
2017-01-11 17:08:35 -07:00
36d34ce069
free WOLFSSL_BN in SetIndividualExternal error case and simplify mpi_clear call
2017-01-11 14:53:32 -07:00
fc8ab42612
Merge pull request #671 from dgarske/ecc_curve_cache
...
New ECC curve cache feature to improve performance
2017-01-11 13:34:32 -08:00
575ac7b9d3
Merge pull request #707 from JacobBarthelmeh/master
...
fix location in tfm.c that could result in potential cache attack
2017-01-11 12:35:22 -08:00
bafddd1ba8
heap hint with PKCS7
2017-01-11 11:38:21 -07:00
e3277c19b7
fix location in tfm.c that could result in potential cache attack
2017-01-10 15:00:00 -07:00
8954de40ff
Merge pull request #706 from JacobBarthelmeh/Windows
...
open test file in binary mode
2017-01-10 11:54:47 -08:00
c191a19a77
Merge pull request #705 from cconlon/pkcs7rng
...
fix RNG to WC_RNG typo in pkcs7.c
2017-01-10 10:15:05 -07:00
6732961e0d
open test file in binary mode
2017-01-10 09:57:29 -07:00
993e6298ac
fix RNG to WC_RNG typo in pkcs7.c
2017-01-09 16:59:42 -07:00
3338ea9ef7
Added ecc.c documentation for WOLFSSL_VALIDATE_ECC_IMPORT. Note: Add this define to enable checks for Jenkins (after this is merged).
2017-01-09 15:01:17 -08:00
0722f4d20f
Fixes to reduce stack usage with ECC_CACHE_CURVE disabled (same as previous code). Added USE_ECC_B_PARAM macro (enabled with ECC_CACHE_CURVE or HAVE_COMP_KEY). Fixed bug with WOLFSSL_VALIDATE_ECC_KEYGEN defined and args to ecc_check_pubkey_order. Fixed counts for DECLARE_CURVE_SPECS(). Fixed wc_ecc_import_point_der to use curve cache. Enhance wc_ecc_check_key to support ECC_CACHE_CURVE for b or load using read_radix. Enhance to expose wc_ecc_is_point with all required mp_int* args directly.
2017-01-09 11:15:13 -08:00
6edb639d9d
wolfcrypt only build with Windows
2017-01-09 10:33:46 -07:00
af00ad7683
Merge pull request #700 from JacobBarthelmeh/master
...
run peek last error line test only when NO_OLD_TLS is not defined
2017-01-07 11:37:27 -08:00
4be5f624e8
include logging.h in test.c
2017-01-06 16:40:19 -07:00
dcb9ef6651
better compatibility with printing errors to a file
2017-01-06 14:29:16 -07:00
274ac21450
Merge pull request #699 from kaleb-himes/FREERTOS_TCP
...
Remove toolchain level define from OS_TCP section
2017-01-06 13:23:22 -08:00
d3604f1061
run peek last error line test only when NO_OLD_TLS is not defined
2017-01-06 13:22:49 -07:00
2b49f4205f
Remove toolchain level define from OS level define section
2017-01-06 11:44:04 -07:00
c20a35f1db
Merge pull request #697 from JacobBarthelmeh/master
...
adjust dynamic types with PKCS12 parse
2017-01-05 14:39:17 -08:00
1afb7e20db
fix for freeing copy of mpi in the case of not using fastmath
2017-01-05 13:49:07 -07:00
147a7d5096
adjust dynamic types with PKCS12 parse
2017-01-05 10:21:14 -07:00
1a55309207
fix possible memory leak on error case with ASN1 INTEGER to BN function
2017-01-05 10:00:17 -07:00
ea47d76bf7
Merge pull request #695 from dgarske/openssl_compat_enums
...
Additional openssl compatibility enums for X509_V_ERR and SSL_CB
2017-01-04 16:35:09 -07:00
fc6217e4f6
Added stubs for the set_msg_callback functions. Cleanup of the SSL_ST_* and SSL_CB_* enums.
2017-01-04 12:14:09 -08:00
7c7b1233f7
Additional enums needed for compatibility with openssl for paho c mqtt client SSLSocket.c layer.
2017-01-04 11:00:08 -08:00
f25416d424
Merge pull request #689 from dgarske/fix_iar_arm
...
Fixes for compiler warnings with IAR EWARM 8
2017-01-03 15:46:12 -08:00
916e58b93c
Merge pull request #694 from moisesguimaraes/fixes-ocsp-nonce-check
...
removes request->nonceSz check to fully validate response->nonce.
2017-01-03 13:04:24 -08:00
dd737ca103
Merge pull request #618 from kojo1/openssl-ex
...
Openssl Extra
2017-01-03 12:40:51 -08:00
11775acb86
Merge pull request #691 from JacobBarthelmeh/Windows
...
random port for MinGW with unit tests
2017-01-03 11:46:33 -08:00
c82372cf78
removes request->nonceSz check to fully validate response->nonce.
2017-01-02 14:59:00 -02:00
07ce995b12
Fix issue with imported key not having a reset key->r, key->s and key->state, which was causing wc_ecc_encrypt to fail.
2016-12-30 12:24:03 -08:00
762064c292
fixes certificate status parsing, adds behavior for unknown status type.
2016-12-29 22:29:46 -02:00
073aa95496
Merge pull request #678 from dgarske/cleanup_macros
...
Cleanup min(), TRUE, FALSE, ALIGN16 and ALIGN32
2016-12-29 11:19:05 -08:00
0decefed11
Merge pull request #679 from dgarske/wolfmath
...
Combine generic math functions into new wolfmath.c/.h
2016-12-29 11:17:44 -08:00
fab72ed163
Merge pull request #688 from JacobBarthelmeh/master
...
fix C++ compiler warnings for distro build
2016-12-29 11:06:47 -08:00
f550172fd4
Merge pull request #687 from JacobBarthelmeh/Testing
...
update Windows FIPS build
2016-12-29 11:06:11 -08:00
5abfe9d1cf
random port for MinGW with unit tests
2016-12-29 11:05:10 -07:00
19ee499c96
Fix to improve fp_copy performance without ALT_ECC_SIZE defined. This change is required for async because we can’t memcpy/memset the entire fp_int.
2016-12-28 16:47:14 -08:00
e75fddd49e
Moving macType below hash in WOLFSSL_EVP_MD_CTX (instead of ALIGN16) to resolve 16-bit alignment crash I was seeing on CentOS due to size change of “WOLFSSL_Hasher”.
2016-12-28 16:31:41 -08:00
a854320a96
Revert changes to aes.c roll_auth.
2016-12-28 16:28:02 -08:00
6c90f097ca
remove extra white space
2016-12-28 15:40:34 -07:00
c77a18f0ec
add EVP_CIPHER_CTX_mode
2016-12-28 14:45:29 -07:00
f60cb08c29
macro and tests for get_passwd_cb functions
2016-12-28 14:45:29 -07:00
4f317a9a1d
wolfSSL_EVP_CipherInit_ex handle ENGINE argument and add a sanity check
2016-12-28 14:45:29 -07:00
1326fe1b0d
return values of DES set key and return block size for EVP block_size getter function
2016-12-28 14:45:29 -07:00
ccc72d72c2
change argument to pointer. In most cases NULL is used for this argument, as was the case in previous ports
2016-12-28 14:45:29 -07:00
95ea74a91e
sanity checks and one function return type for better compatibility
2016-12-28 14:45:29 -07:00
091fc10147
adjust read ahead, some sanity checks and rebase
2016-12-28 14:45:29 -07:00
724e50c4fd
cast flag to byte type from int
2016-12-28 14:45:29 -07:00
aabe456592
sanity checks, remove some magic numbers, TLS read ahead
2016-12-28 14:45:29 -07:00
ed5ff77e4f
account for BIO with no filesystem and rebase commits
2016-12-28 14:45:29 -07:00
f7737fdc55
expand BIO compatibility
2016-12-28 14:45:29 -07:00
a2d1db4b73
Merge branch 'openssl-ex' of https://github.com/kojo1/wolfssl into openssl-ex
2016-12-28 14:45:29 -07:00
5a2794fe9c
add EVP_MD_CTX_md, EVP_MD_type
2016-12-28 14:45:29 -07:00
2b3438e11b
pem x509 read from bio and bio set fd
2016-12-28 14:45:29 -07:00
80efc366df
add wolfSSL_EVP_MD_CTX_new/free
2016-12-28 14:45:29 -07:00
b377125ad1
add alias to EVP_get_cipher/digestbyname
2016-12-28 14:45:29 -07:00
c57803a4a5
add test EVP_CIPHER_CTX_new/free
2016-12-28 14:45:29 -07:00
a774f26613
add EVP_get_cipherbyname
2016-12-28 14:45:29 -07:00
2ef85e3d4d
EVP_CIPHER_CTX_new/free, EVP_get_digestbyname
2016-12-28 14:45:29 -07:00
0c742654dc
EVP_add_digest
2016-12-28 14:45:29 -07:00
64a3333870
adjust wolfSSL_set_options and test case
2016-12-28 14:45:29 -07:00
2daeecdb90
BIO s_socket and BN mod exp
2016-12-28 14:45:29 -07:00
e741a24089
add get last error and line function, fix ASN1 object redeclaration
2016-12-28 14:45:29 -07:00
1d0fc83d40
function to add X509 to cert chain
2016-12-28 14:45:29 -07:00
280f5cb542
fix int long type mismatch
2016-12-28 14:45:29 -07:00
1704a8d683
expand compatibility layer with write bio function
2016-12-28 14:45:29 -07:00
778680116e
HMAC_cleanup, MD5xxx for bsd
2016-12-28 14:45:29 -07:00
570486b90c
add SL_CTX_need/set_tmp_RSA
2016-12-28 14:45:29 -07:00
4baf494ddd
add EVP_CipherUpdate/Final
2016-12-28 14:45:29 -07:00
869529642d
Add #define EVP_DigestInit_ex
2016-12-28 14:45:29 -07:00
781c7d0055
check for user RSA
2016-12-28 14:45:29 -07:00
7e91838d4a
memory management and add to compatibility layer
2016-12-28 14:45:29 -07:00
ff05c8a7a5
expanding compatibility layer
2016-12-28 14:45:29 -07:00
9d1cb18616
add function X509_get_ext_d2i
2016-12-28 14:45:29 -07:00
5f3fa171cd
templates wolfSSL_ctrl and wolfSSL_CTX_ctrl
2016-12-28 14:44:05 -07:00
79472e11a1
add bio.c to dist and implement wolfSSL_check_private_key , wolfSSL_get_server_random
2016-12-28 14:44:05 -07:00
fed4ed40a9
compatibility functions for X509
2016-12-28 14:44:05 -07:00
0d7c259282
compatibility functions for ssl cert and private key
2016-12-28 14:44:05 -07:00
d8d3cd5269
staub: SSL_get_server_random
2016-12-28 14:44:05 -07:00
3946931320
stubs: SSL_get_server_random/verify_result/session/set_accept_state
2016-12-28 14:44:05 -07:00
a09a761d07
stubs: PEM_read_bio_DSAparams/X509_AUX/PrivateKey,SSL_CTX_get_default_passwd_cb/userdata
2016-12-28 14:44:05 -07:00
ee86325ae4
template: ERR_peek_last_error_line/print_errors_fp, EVP_add_digest
2016-12-28 14:44:05 -07:00
63dcacb437
templates: ENGINE_cleanup, BN_mod_exp
2016-12-28 14:44:05 -07:00
f3435eefbd
templates: ASN1_INTEGER_to_BN, BN_mod_exp, CONF_modules_free/unload, DSA_dup_DH
2016-12-28 14:44:05 -07:00
f2f52c3ec9
add more compatiblity functions
2016-12-28 14:44:05 -07:00
6520a77fac
DES ECB prototypes
2016-12-28 14:44:05 -07:00
526b602ebd
AESNI support with EVP AES
2016-12-28 14:44:05 -07:00
8554912d68
COMPAT. LAYER : jenkins warnings and build configurations
2016-12-28 14:44:05 -07:00
464543df26
COMPAT. LAYER : jenkins warnings and spacing around if statements
2016-12-28 14:44:05 -07:00
8844554fca
Templates BIO/SSL/SSL_CTX_ctrl
2016-12-28 14:44:05 -07:00
86014fb0d0
add BIO_ctrl and other BIO templates
2016-12-28 14:44:05 -07:00
8ed0b83c21
Test on EVP_Cipher AES Counter
2016-12-28 14:44:05 -07:00
de91e7df03
add EVP_Cipher with AES Counter
2016-12-28 14:44:05 -07:00
aed9b2d3bb
add EVP_CIPHER_CTX_block_size/mode/set_flags/set_padding
2016-12-28 14:44:05 -07:00
bb400789b8
add EVP_Cipher with EVP_aes_256_ecb()
2016-12-28 14:44:05 -07:00
0fd50cd57a
Added AES_set_encrypt/decrypt_key, AES_ecnrypt/decrypt
2016-12-28 14:44:05 -07:00
b57e576abd
Fixes for compiler warnings with IAR EWARM 8.
...
* Fix “wc_PKCS7_DecodeUnprotectedAttributes” return prior to free in GetSet error case.
* Fix “wc_PKCS7_KariGenerateKEK” type mismatch for kdfType.
* Fix aes.c roll_auth use of inSz over 24-bit.
* Fix ecc “build_lut”, “accel_fp_mul” and “accel_fp_mul2add” use of err as unsigned.
* Fix “wc_HKDF” use of un-initialized “myHmac” for heap.
* Fix undefined reference to __REV for IAR due to missing intrinsics.h.
* Fix build error for “wolfSSL_CTX_set_tmp_dh” if OPENSSL_EXTRA not defined and “HAVE_LIGHTY || HAVE_STUNNEL || WOLFSSL_MYSQL_COMPATIBLE”.
* Cleanup of “wolfSSL_get_chain_X509” brace..
* Cleanup SSL_CtxResourceFree use of `i` and define comments.
* Added “SIZEOF_LONG_LONG” to IAR-EWARM user_settings.h to support word64 (required for SHA512, etc).
2016-12-28 11:18:41 -08:00
a40a3cb142
Merge pull request #686 from jay/fix_poly1305_ADD_macros
...
poly1305: fix ADD macros for multi-line
2016-12-27 17:52:53 -07:00
511f41b0e4
fix C++ compiler warnings for distro build
2016-12-27 14:38:14 -07:00
fb49dbd083
update Windows FIPS build
2016-12-27 10:34:13 -07:00
3b6dac9751
poly1305: fix ADD macros for multi-line
2016-12-24 02:46:35 -05:00
2cf7785068
Merge pull request #682 from JacobBarthelmeh/Release
...
prepare for release 3.10.0
2016-12-23 09:10:35 -07:00
c4af58b973
Refined the FIPS “min” logic.
2016-12-22 18:11:25 -08:00
fc16890641
Fix “min” with ctaocrypt FIPS.
2016-12-22 14:01:05 -08:00
7752f9ad05
prepare for release 3.10.0
2016-12-22 14:23:41 -07:00
784b24eebc
Merge pull request #680 from ejohnstown/dtls-sctp-fix
...
DTLS-SCTP fix
2016-12-22 13:10:29 -07:00
d6a6226c8e
Merge pull request #681 from JacobBarthelmeh/Testing
...
static analysis check of null dereference and memory management
2016-12-22 08:43:55 -08:00
93c87eb777
Merge pull request #677 from ejohnstown/dtls-prevseq
...
DTLS Previous Epoch Sequence Number Update
2016-12-22 08:42:56 -08:00
1c17b8eed6
static analysis check of null dereference and memory management
2016-12-21 16:20:18 -07:00
40800d8065
DTLS-SCTP fix
...
1. Add the SCTP suite test file to the include.am.
2. Skip the sequence number increment for client_hello messages in
DTLS, but do the increment for SCTP.
2016-12-21 14:24:20 -08:00
338cc9e873
Added wolfevent.c and wolfmath.c to ltc project.
2016-12-21 14:09:19 -08:00
3bec816f97
Cleanup min(), TRUE, FALSE, ALIGN16 and ALIGN32. Replace only use of BYTE3_LEN with OPAQUE24_LEN. Replace “ “ with “\t” (saves bytes and is consistent). Fix align issue with “WOLFSSL_EVP_MD_CTX” hash.
2016-12-21 14:05:00 -08:00
d73338851d
Combine generic math functions into new wolfmath.c/.h. Cleanup of the !ALT_ECC_SIZE code so fp_int always has size. This is in prep for async changes for new WC_BIGINT type for hardware crypto.
2016-12-21 13:39:33 -08:00
6cc1fd293e
Fixed issue with stack increase with curve cache disabled. Fixed issue with missing wc_ecc_curve_free() in wc_ecc_verify_hash_ex() causing mem leak. Changed ecc_curve_spec_cache to be allocated per curve. Added new wc_ecc_curve_cache_free() API to release all curve cache memory. Moved ecc_curve_spec struct and ecc_curve_load_mask enum to ecc.c. Add missing wc_ecc_fp_free() to wolfCrypt test. Added ecc.c comment for FP_ECC.
2016-12-21 12:31:02 -08:00
ac27d6d7ca
DTLS Sequence Number update
...
1. Set the prevSeq to nextSeq on CCS.
2. Fully clear nextSeq on CCS.
2016-12-20 09:30:46 -08:00
1a5c5d0011
Merge pull request #676 from cconlon/fortify
...
address fortify high issues
2016-12-19 20:03:24 -08:00
07e7521f34
Merge pull request #674 from JacobBarthelmeh/Testing
...
Bug fix for cache attack
2016-12-19 18:31:04 -08:00
125cfcacc3
Merge pull request #675 from JacobBarthelmeh/SGX
...
fix make dist with SGX project
2016-12-19 17:06:14 -07:00
46f3b2a367
address fortify high issues
2016-12-19 15:50:11 -07:00
345df93978
Bug fix for cache attack
2016-12-19 14:51:42 -07:00
6cefca6a49
Merge pull request #672 from cconlon/pkcs7fix
...
PKCS#7: fixes for building with AES disabled, smallstack
2016-12-19 13:46:35 -08:00
dca57bf2f0
Merge pull request #673 from cconlon/fortify
...
address fortify critical issues
2016-12-19 13:42:11 -08:00
4d637146d7
fix make dist with SGX project
2016-12-19 14:03:07 -07:00
060ff5e5ef
address fortify critical issues
2016-12-19 11:53:14 -07:00
168203ff9d
Merge pull request #649 from dgarske/distro
...
Linux Distro Patches
2016-12-16 16:03:16 -08:00
c313d97579
Merge pull request #622 from SparkiDev/sha384
...
SHA384
2016-12-16 15:57:40 -08:00
50cf1df8da
Merge pull request #669 from SparkiDev/scrypt
...
Implementation of scrypt
2016-12-16 15:53:48 -08:00
c73ddf3f8a
Merge pull request #670 from dgarske/executebit
...
Removed the execute bit on the new port files.
2016-12-16 15:52:26 -08:00
c5fbf96557
PKCS#7: fixes for building with AES disabled, smallstack
2016-12-16 15:58:18 -07:00
57571cb45e
Fix merge issues with ECC HAVE_COMP_KEY after rebase.
2016-12-16 14:20:00 -08:00
f990775451
Fix issue with ECC_SHAMIR disabled due to curve->b remnant from async branch.
2016-12-16 11:53:33 -08:00
cbc3cc6e91
Removed the execute bit on the new port files.
2016-12-16 11:35:40 -08:00
f1ead30987
New ECC curve cache feature to improve performance. Disabled by default and enabled using ./configure CFALGS="-DECC_CACHE_CURVE" or #define ECC_CACHE_CURVE. Added internal ECC states. Combined wc_ecc_mulmod_ex versions for timing rest / not. Tested with all math, timing, FP variants and NXP LTC and ECC508A hardware. Pulled in from latest async branch. Added new ECC_MAX_SIG_SIZE enum to help with sizing the sign buffer.
...
Performance Increases with ECC_CACHE_CURVE enabled:
* Key Gen 4.2%
* Key Agree, 4.0%
* Sign 6.8%
* Verify 5.8%
2016-12-16 11:32:59 -08:00
a9e7c4081f
Merge pull request #660 from ejohnstown/win-renegotiation
...
Enable secure renegotiation by default for Windows library build.
2016-12-15 16:17:15 -08:00
7b948fe04d
Merge pull request #667 from JacobBarthelmeh/SGX
...
add Windows build for SGX
2016-12-15 16:23:29 -07:00
ec90d72412
Merge pull request #666 from cconlon/chachafix
...
fix CertificateRequest cert type for ECDSA ChaCha suites
2016-12-15 12:08:08 -08:00
01d8201284
Merge pull request #665 from cconlon/certs
...
add missing certs and keys to certs/include.am
2016-12-15 12:03:12 -08:00
d0533c6dad
Merge pull request #664 from cconlon/pkcs7
...
PKCS#7/CMS expansion
2016-12-15 12:01:00 -08:00
9d94474133
Merge pull request #668 from ejohnstown/handshake-size
...
Fail on redundant handshake message data
2016-12-15 11:41:53 -08:00
6959c21fdd
Merge pull request #663 from dgarske/stm32_iar
...
Fixes to build STM32 with IAR
2016-12-15 11:26:43 -08:00
be65f26dd2
If there is a badly formed handshake message with extra data at the
...
end, but the correct size with the extra data, send a decode_error
alert and fail the handshake.
2016-12-14 16:02:29 -08:00
33f21e8b8d
set correct cert type in CertificateRequest when using ChaCha suite with ECDSA
2016-12-14 11:34:10 -07:00
e16f2c0722
add Windows build for SGX
2016-12-14 10:41:52 -07:00
41f6863970
add missing certs and keys to certs/include.am
2016-12-14 09:46:41 -07:00
55554b79a9
PKCS#7: fix use after free in wc_DecodeKtri
2016-12-14 09:15:45 -07:00
20887a8c35
Implementation of scrypt
...
Tests and benchmarking added.
Configure with --enable-scrypt and requires --enable-pwdbased
2016-12-14 16:57:41 +10:00
e5d1e3ae10
PKCS#7: only output test bundles when PKCS7_OUTPUT_TEST_BUNDLES is defined
2016-12-13 15:27:46 -07:00
22ecd55964
Don't ForceZero in assembly optimized versions.
2016-12-14 08:22:05 +10:00
a1b92dc809
Tidy up CPU Id check not not reference SHA384
2016-12-14 08:22:05 +10:00
24cfba4276
Fix ForceZero calls
2016-12-14 08:22:05 +10:00
0e4aa233ba
Use ForceZero in all implementations of Transform
2016-12-14 08:22:05 +10:00
fd21023823
Share code between SHA512 and SHA384
2016-12-14 08:22:05 +10:00
811be0eb9e
Faster zeroize on x86_64
2016-12-14 08:22:05 +10:00
f70860a9af
Make sure NO_64BIT is defined.
2016-12-13 12:18:21 -08:00
fd9a94b2bd
Fixes to build STM32 with IAR.
2016-12-13 10:24:55 -08:00
dad0cfda92
add EnvelopedData ECC support, refactor pkcs7
2016-12-13 09:40:54 -07:00
483e461c49
Merge pull request #647 from kaleb-himes/RIOT_OS
...
RIOT OS support, test scripts will be submitted to RIOT-OS repository
2016-12-10 19:13:19 -08:00
6c7e1785aa
EXIT_TEST macro added for cleaner implementation and maintenance
2016-12-09 19:39:36 -07:00
1748045d52
use NO_WRITEV for portability
2016-12-09 19:12:25 -07:00
5006306bb8
PKCS#7: add support for optional unprotectedAttributes with EncryptedData
2016-12-09 17:02:57 -07:00
abf18858a8
refactor PKCS#7 functionality into separate functions for Enveloped and EncryptedData
2016-12-09 17:02:57 -07:00
b5eb8dce2f
add PKCS#7/CMS EncryptedContent support
2016-12-09 16:57:31 -07:00
e80331e03a
fix Windows debug build warning with secure renegotiation
2016-12-09 14:31:21 -08:00
7fa825fde0
Enable secure renegotiation by default for Windows library build.
2016-12-09 13:39:00 -08:00
e3b57211d5
undo whitespace modification
2016-12-09 14:36:06 -07:00
fc9d689bc6
fastmath works with RIOT_OS if defined TFM_NO_ASM
2016-12-09 14:34:14 -07:00
b0b80bed78
Merge pull request #657 from cconlon/x963kdf
...
add ANSI-X9.63-KDF support [SEC1]
2016-12-09 13:29:41 -08:00
ad2b0810c6
Merge pull request #648 from cconlon/keywrap
...
add AES key wrap support, RFC 3394
2016-12-09 13:23:39 -08:00
7a76baa83e
restore .am and gitignore
2016-12-09 13:13:43 -07:00
c957107d76
merge with master and remove RIOT_Make directory, keep changes for working on Mac OS X
2016-12-09 13:11:45 -07:00
9e17b2b0aa
Merge branch 'master' of https://github.com/wolfssl/wolfssl into RIOT_OS
2016-12-09 13:09:25 -07:00
8b1a6d4c70
Merge pull request #658 from kaleb-himes/sniffer
...
Prevent forcezero from running on freed memory
2016-12-09 09:04:01 -08:00
33e840b01b
add AES key wrap support, RFC 3394
2016-12-09 09:30:56 -07:00
fdbb142699
Merge pull request #659 from toddouska/distcheck
...
fix nxp distcheck filename typo
2016-12-09 08:04:02 -08:00
d2ed611757
fix nxp distcheck filename typo
2016-12-08 16:52:12 -08:00
6cfb8e30b2
Merge pull request #591 from dgarske/STM32_CUBEMX
...
STM32 F2/F4 CubeMX and Std Peripheral Library hardware crypto support
2016-12-08 16:36:43 -08:00
ab7849be0d
Merge pull request #655 from JacobBarthelmeh/ARMv8
...
ARMv8
2016-12-08 16:34:19 -08:00
2db7bf0dc0
use static digest for X9.63 KDF, add smallstack support
2016-12-08 17:28:53 -07:00
5da564d03c
Merge pull request #656 from SparkiDev/hashes
...
Get the hash of the handshake messages rather than finalize.
2016-12-08 16:23:28 -08:00
d2b5a9538d
Prevent forcezero from running on freed memory
2016-12-08 15:11:41 -07:00
289acd088a
Remove state save and restore
2016-12-08 15:21:04 +10:00
ea1a03d538
Get the hash of the handshake messages rather than finalize.
...
Inconsistency between SHA256 and SHA384/SHA512 when getting hash.
More handshake messages can be added after this operation.
2016-12-08 15:21:04 +10:00
a5b267087f
add ANSI-X9.63-KDF support [SEC1]
2016-12-07 20:26:09 -07:00
2a3f3433e7
Merge pull request #652 from ejohnstown/autoconf-size-check
...
Move autoconf size checks
2016-12-07 15:23:25 -08:00
3dec222969
Merge pull request #523 from dgarske/atmel_pr
...
Support for Atmel ATECC508A
2016-12-07 15:01:08 -08:00
074741aabf
Merge pull request #651 from dgarske/ksdk_dup_dec
...
Remove obsolete duplicate declaration for wc_RsaFunction in the KSDK header
2016-12-07 13:48:53 -08:00
a1bd2c8b35
Merge pull request #654 from dgarske/smallstackfixes
...
Fixes for build with WOLFSSL_SMALL_STACK defined
2016-12-07 13:41:45 -08:00
da4a46ddf6
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into RIOT_OS
2016-12-07 14:16:34 -07:00
477ec3c3d1
Merge pull request #2 from NickolasLapp/STM32_CUBEmX
...
Fix DES3 on STM32 CUBEMX
2016-12-07 11:27:24 -08:00
82c12fb7be
Fix DES3 on STM32 CUBEMX
2016-12-07 10:20:46 -07:00
5c59ccdeb9
Fix scan-build warning. Updated "side" variable failure case to return proper error code.
2016-12-07 07:57:55 -08:00
4dd393077f
Updated EccSharedSecret callback to use ecc_key* peer directly. Passes examples with "-P" tests and new pkcallback test script.
2016-12-07 07:57:55 -08:00
45d26876c8
Moved wolfSSL_GetEccKey logic to internal.c and use only for PK_CALLBACK. Added other ECC key info to the EccSharedSecretCb. Cleanup of the "if (ssl->ctx->EccSharedSecretCb == NULL)" logic to revert indent so changes are minimized. Removed new wolfSSL_GetEccKey API.
2016-12-07 07:57:55 -08:00
eaca90db28
New Atmel support (WOLFSSL_ATMEL) and port for ATECC508A (WOLFSSL_ATECC508A). Adds wolfCrypt support for ECC Hardware acceleration using the ATECC508A. Adds new PK callback for ECC shared secret. Fixed missing "wc_InitRng_ex" when using "CUSTOM_RAND_GENERATE_BLOCK". Added ATECC508A RNG block function for P-RNG bypass ability. Added internal "wolfSSL_GetEccPrivateKey" function for getting reference to private key for ECC shared secret (used in test.h for testing PK_CALLBACK mode). Added README.md for using the Atmel ATECC508A port.
2016-12-07 07:57:55 -08:00
9399cc05cb
Fixes for building with CRL monitor when not linux, OS X or FreeBSD and --enable-distro set. Cleanup of the crl.c HAVE_CRL_MONITOR checks for OS and make sure if StopMonitor preprocessor is defined the function will also be defined.
2016-12-07 07:07:27 -08:00
fdc297f6bd
Moved the check for the size of long, long long, and __m128 to before
...
the checks for libraries. In some combination of autotools, making a
32-bit build, the autoconf test code can't link libnetwork and crashes,
leaving those sizes all set to 0.
2016-12-06 16:15:45 -08:00
55b1ced783
Merge pull request #653 from toddouska/pkcallbacks
...
add pkcallbacks script test
2016-12-06 15:15:50 -08:00
944e5fba03
ARMv8 : load pointer to AES key and counter into a register along with pointer to SHA256 K table to handle tight optimized loops on function call with -flto
2016-12-06 21:42:15 +00:00
ed8e0132a7
do_cleanup on pkcallbacks.test
2016-12-06 13:04:12 -08:00
c0e006d42c
Fixes for build with small stack enabled.
2016-12-06 12:38:05 -08:00
80cc737ffa
add pkcallbacks script test
2016-12-06 11:27:05 -08:00
9fcb6e4e3c
Remove obsolete duplicate declaration for wc_RsaFunction in the KSDK port header.
2016-12-06 10:25:56 -08:00
932199c5e9
Fix build warning about unused static functions wc_AesEncrypt and wc_AesDecrypt with STM32.
2016-12-05 14:22:59 -08:00
4a7651a09a
STM32 F2/F4 CubeMX and Std Peripheral Library hardware crypto support for RNG, AES, SHA1, DES3 and MD5. Adds new WOLFSSL_STM32_CUBEMX and WOLFSSL_STM32F4 defines. Tested on STM32F437II.
2016-12-05 14:22:59 -08:00
f3816a4dc5
Merge pull request #597 from dgarske/NXPLTC
...
NXP (K82) LTC math hardware acceleration support
2016-12-05 13:50:31 -08:00
1d14ac5ff3
Fixes to include.am and sha256.c after master rebase. Retested on NXP K82 with and without HW accel (all tests/benchmarks pass).
2016-12-05 09:15:58 -08:00
877ea7011c
Fix for LTC RSA-4096. Use original wolfSSL code for RSA operation, reduce in LTC port layer.
2016-12-05 09:01:59 -08:00
0611c45869
Attempt to fix sha.c error with older visual studio compiler.
2016-12-05 09:01:59 -08:00
08b8af5f83
Fix for forced software crypto build.
2016-12-05 09:01:59 -08:00
c35daa877e
Fix to allow disabling MMCAU/LTC for software only test (moved preprocessor defines to Kinetis). Updated K82 software benchmark with actual values.
2016-12-05 09:01:59 -08:00
ae75842021
Fix build issues with rebase for ECC and RSA. Changed user_settings.h example when LTC is enabled to disable Shamir and ECC-521. Cleanup to add USE_NXP_MMCAU and USE_NXP_LTC for the example user_settings.h, so the project file can automatically configure.
2016-12-05 09:01:59 -08:00
a6b96b17ff
Fixes to include path for NXP ksdk_port. Fixes for time USER/OVERRIDES so their #ifdef's are checked first. Fix to initialize LTC via new "ksdk_port_init" function. Cleanup of the ksdk_port.c for formatting, macros, statics and line length. Cleanup of the AES code for key size. Cleanup of the wolfCrypt sha.c for readability. Added support for the KSDK bare metal drivers to the IDE Rowley CrossWorks example. Updated the settings.h to allow for overrides in Freescale section. Updated README with info for using LTC.
2016-12-05 09:01:59 -08:00
8e64d564dc
NXP/Freescale K8X MMCAU / LTC core support for RSA, ECC, Ed/Curve25519, AES, DSA, DES3, MD5, RNG, SHA and SHA2.
2016-12-05 09:01:59 -08:00
ddeb9da502
warning on empty translation units ignored, move cflags to Makefile
2016-12-03 11:55:24 -07:00
d2aef9a82a
README update
2016-12-03 11:03:17 -07:00
43525343fc
add RIOT tests to dist and make sure Makefiles are not excluded by .gitignore
2016-12-02 17:30:57 -07:00
162294e3e5
added benchmark app for RIOT and updated test error handling
2016-12-02 14:39:37 -07:00
684f9bad22
RIOT OS build and test scripts, build instructions
2016-12-02 13:53:05 -07:00
4317141260
Merge pull request #646 from JacobBarthelmeh/master
...
remove fPIE flag
2016-12-01 12:56:56 -08:00
d32af7e44b
remove fPIE flag : fPIE is suitable for use with executables and not when creating libraries
2016-12-01 12:01:38 -07:00
92377140b7
Merge pull request #520 from dgarske/compat_fixes
...
Add user cert chain DER support and OpenSSL compatibility fixes/improvements
2016-12-01 09:23:49 -08:00
650ddb8d23
Fixes so make check works with NO_FILESYSTEM and FORCE_BUFFER_TEST. Example: ./configure CFLAGS="-DNO_FILESYSTEM -DFORCE_BUFFER_TEST"
2016-11-30 16:27:24 -08:00
039aedcfba
Added "wolfSSL_use_certificate_chain_buffer_format". Added "wolfSSL_SESSION_CIPHER_get_name" to get cipher suite name using WOLFSSL_SESSION*. Moved the "wolfSSL_get_cipher_name_from_suite" function to internal.c. Added new server-cert-chain.der, which is combination of ca-cert.der and server-cert.der. Enhanced load_buffer to detect format using file extension. Can test use of DER cert chain with NO_FILESYSTEM defined using "./examples/server/server -c ./certs/server-cert-chain.der -k ./certs/server-key.der".
2016-11-30 16:26:02 -08:00
3d920b23a0
Fix for building with NO_ERROR_STRINGS.
2016-11-30 16:26:02 -08:00
7a35d904c2
Added new API "wolfSSL_CIPHER_get_name_from_suite" to allow use of the cipherSuite and cipherSuite0 args directly to get cipher suite name. Changed "wolfSSL_CIPHER_get_name" to call new API (based on original). ASN change to allow ToTraditional and SetName for OPENSSL_EXTRA.
2016-11-30 16:26:02 -08:00
c3c3419138
Added processing of user cert chain in DER format. Added arg check on "wolfSSL_get_certificate" to fix NULL dereference if certificate not yet set via "wolfSSL_use_certificate_buffer" or "wolfSSL_use_certificate_file". Added "wolfSSL_CTX_use_certificate_chain_buffer_format" to expose way to import certificate chain buffer as ASN1 (since "wolfSSL_CTX_use_certificate_chain_buffer" assumes PEM) . Changed ProcessFile from static and added as local in internal.h.
2016-11-30 16:26:01 -08:00
cfc5de8c5a
Merge pull request #645 from toddouska/fds
...
allow separate set fds for read/write, helpful for DTLS multicast
2016-11-30 13:17:58 -08:00
8f89d4922f
allow separate set fds for read/write, helpful for DTLS multicast
2016-11-30 11:15:57 -08:00
a2dc01413c
For distro build don't install options.h (conflicts with multi-arch). Fix for BUILD_DISTRO excludes with indent.
2016-11-29 13:29:19 -08:00
235060eff2
Merge pull request #644 from cconlon/return_fix
...
correct MEMORY_E returns in asn.c
2016-11-28 10:58:06 -08:00
a9936cf3ee
correct MEMORY_E returns in asn.c
2016-11-28 10:39:07 -07:00
2cbc6ed673
ARMv8 : handle aggressive optimizers
2016-11-23 15:44:53 -07:00
7dab97fb01
Merge pull request #641 from dgarske/verifycb_peer_cert_chain
...
Add the peer cert buffer and count to X509_STORE_CTX for verify callback
2016-11-23 12:59:00 -08:00
1240014fab
Fix OCSP to use public buffer type (now WOLFSSL_BUFFER_INFO).
2016-11-22 19:33:40 -08:00
8a8274d403
Merge pull request #643 from dgarske/fix_hmac_224
...
Fix wc_HmacSizeByType for SHA224.
2016-11-23 13:28:37 +10:00
50131b410d
Added new "WOLFSSL_BUFFER_INFO" type to represent internal "buffer" type and the "WOLFSSL_X509_STORE_CTX" certs. Added "VERIFY_CALLBACK_SHOW_PEER_CERTS" to print peer certs pointer and length.
2016-11-22 19:24:54 -08:00
ff16ecda5e
Merge pull request #642 from dgarske/ecc_custcurve_speedup
...
ECC performance increase with custom curves enabled
2016-11-22 16:05:57 -08:00
a540169b72
Merge pull request #638 from ejohnstown/dtls-window-update
...
DTLS Sequence Window Tracking Update
2016-11-22 16:53:04 -07:00
16907de633
Fix wc_HmacSizeByType for SHA224.
2016-11-22 14:45:10 -08:00
13cf313001
ECC performance increase with custom curves enabled (WOLFSSL_CUSTOM_CURVES) when A param is 3.
2016-11-22 13:43:18 -08:00
5b76a37234
Add the peer cert buffer and count to the X509_STORE_CTX used for the verify callback. Fixes #627 .
2016-11-22 11:45:00 -08:00
13bdcc518d
Pulled in patches from Debian package.
2016-11-22 11:25:40 -08:00
2d9d3aeb91
DTLS Window Update: fixes and changes
2016-11-22 10:12:18 -08:00
b61e6e1219
Merge pull request #639 from moisesguimaraes/fixes-srp-priv-key-size
...
fixes random keys size ('a' and 'b')
2016-11-21 15:59:32 -07:00
64fc68920d
fixes random keys size ('a' and 'b')
2016-11-21 18:08:19 -03:00
ec6fec452d
Update session export with the new sequence number windows.
2016-11-21 09:16:53 -08:00
2507c4da8a
DTLS Sequence Window Tracking Update
...
1. Modify the DTLS sequence window to use an array of word32 instead
of a word32 or word64 depending on the availability of word64.
2. One can change the array size to have a bigger window.
2016-11-18 11:52:43 -08:00
b380eef3e2
Merge pull request #637 from JacobBarthelmeh/master
...
PKCS12 : return on memory error
2016-11-18 11:03:57 -08:00
ac5436b462
PKCS12 : return on memory error
2016-11-18 09:40:26 -07:00
1289e66641
Merge pull request #636 from dgarske/fix-ti-hash-mem-leak
...
Fix memory leak issue in ti-hash.c with small stack
2016-11-17 16:19:37 -08:00
f167fe3d4a
Merge pull request #625 from dgarske/tls_nosha256
...
Fix to allow TLS with NO_SHA256
2016-11-17 16:14:28 -08:00
bfd0a1b405
Fix to allow SHA384 cipher suite with NO_SHA256 defined. Without this fix the BUILD_AESGCM wasn't getting defined.
2016-11-17 10:29:48 -08:00
b01952ea40
Cleanup the hash free in FreeHandshakeResources.
2016-11-17 09:34:31 -08:00
de1ee91863
Fix memory leak issue with WOLFSSL_SMALL_STACK defined and using TI hardware accelerated hashing.
2016-11-17 09:24:56 -08:00
f275331e44
Merge pull request #634 from toddouska/sha512-length
...
Sha512 length
2016-11-16 15:06:20 -08:00
5c3bd7e1a0
Merge pull request #635 from cconlon/pkcs7signed
...
fix wc_PKCS7_EncodeSignedData with no signed attributes
2016-11-16 14:07:58 -08:00
8cea6ad148
fix wc_PKCS7_EncodeSignedData when used with empty or no signed attributes
2016-11-16 13:35:57 -07:00
44a23b072f
fix mcapi with size change
2016-11-16 09:39:21 -08:00
afc54c3dff
change sha512 hi/loLen to 64bits
2016-11-16 09:30:35 -08:00
f922d3f2d6
Merge pull request #624 from SparkiDev/sha224
...
SHA224 implementation added
2016-11-15 13:53:34 -08:00
98b57e045a
Merge pull request #629 from SparkiDev/rsa-crt
...
Make RSA CRT constant time
2016-11-15 13:36:32 -08:00
f27159f2db
Merge pull request #633 from cconlon/renegotiation_info
...
add server side empty renegotiation_info support
2016-11-15 11:11:17 -08:00
a10ec0ff91
adjust suiteSz and use SUITE_LEN in FindSuite()
2016-11-15 10:49:37 -07:00
ee53853d2f
Merge pull request #632 from toddouska/init_multi
...
fix non ecc_make_key init_mulit potential problems
2016-11-14 19:34:14 -08:00
cbb2ce6baf
Merge pull request #626 from dgarske/fix_ecc_make_rngfail
...
Fix for "wc_ecc_make_key_ex" if call to rng fails
2016-11-14 17:35:15 -08:00
49978d1417
server side empty renegotiation_info support
2016-11-14 15:33:36 -07:00
1a7fe0d4c5
fix non ecc_make_key init_mulit potential problems
2016-11-14 12:49:42 -08:00
82e8210208
Support for building without SHA256 with NO_OLD_TLS and SHA384/512. Although TLS 1.2 default digest for certs is SHA256 and our test cert signatures use SHA256, so make check will fail. Also requires disabling the P-RNG which uses SHA256. Added missing "wc_InitRng_ex" when using "CUSTOM_RAND_GENERATE_BLOCK". Cleanup of the BuildCertHashes, DoRounds, HashInput, HashOutput and HashOutputRaw return codes.
2016-11-14 12:47:24 -08:00
cee321323a
Better handle "mp_init_multi" failure in "wc_ecc_make_key_ex".
2016-11-14 12:38:01 -08:00
fa816f0460
Merge pull request #631 from dgarske/ecc_privkey_import_oid
...
Fix for "wc_EccPrivateKeyDecode" to handle custom curve OID.
2016-11-14 11:52:48 -08:00
047b6df1a2
Merge pull request #630 from JacobBarthelmeh/master
...
remove include of ec.h in ecc.c
2016-11-14 11:51:15 -08:00
ecc5fccf07
Merge pull request #628 from JacobBarthelmeh/Testing
...
revert AESNI padding and handle the case in aes.c
2016-11-14 11:50:35 -08:00
a2d29e4c71
Further improve the "wc_EccPrivateKeyDecode" to use the CheckCurve return code, which is the curve_id in the success case. Fixes scan-build warning.
2016-11-14 10:06:20 -08:00
07efd88e4d
Fix for "wc_EccPrivateKeyDecode" to handle custom curve OID.
2016-11-14 09:53:31 -08:00
dad628cb0d
remove include of ec.h in ecc.c
2016-11-14 10:03:19 -07:00
2023b65f4c
Make RSA CRT constant time
...
Identifying which part of the CRT failed, through timing, reveals
information useful to an attacker.
2016-11-14 08:57:28 +10:00
6d5485b88f
Fix to "mp_init_multi" so failure ensures a later "mp_clear" won't free on un-initialized pointer. Applies to !USE_FAST_MATH only. No measurable benchmark difference.
2016-11-11 20:03:58 -08:00
9b0d53ba50
Fixes from review
...
Remove ForceZero changes (better version in another pull request)
Remove SHA-224 APIs for FIPS (algorithm not avaialable in FIPS.
2016-11-12 09:52:07 +10:00
0b3d9cbccd
revert AESNI padding and handle the case in aes.c
2016-11-11 16:26:29 -07:00
cc303a3035
Merge pull request #623 from SparkiDev/ecc
...
ECC improvements/fixes
2016-11-11 12:53:12 -08:00
478f279b3c
Fix logic
2016-11-11 16:38:28 +10:00
abcd6af512
Disable SHA-224 in FIPS
2016-11-11 16:29:34 +10:00
9e81261f1e
Fixes
2016-11-11 16:11:16 +10:00
8a7bb3fad4
Z will be 0 not 1
2016-11-11 12:53:48 +10:00
71259113b2
ECC improvements/fixes
...
When checking for 1 actually check for 1 and not the digit count.
When checking for negative use a macro - for speed.
2016-11-11 12:41:25 +10:00
45983c3b32
Fix SHA224 enum in HMAC code
2016-11-11 12:17:32 +10:00
a0ee159fa5
Merge pull request #617 from JacobBarthelmeh/Compatibility-Layer
...
Compatibility layer
2016-11-10 11:47:42 -08:00
1aca9a6079
Fix for "wc_ecc_make_key_ex" if call to rng fails. Issue only applies to !USE_FAST_MATH case on failure response from call to "wc_RNG_GenerateBlock".
2016-11-10 11:39:29 -08:00
eb0de32aa2
Merge pull request #621 from JacobBarthelmeh/Testing
...
adjust alignment of arrays used for case with AESNI
2016-11-10 10:00:54 -08:00
fdfc177254
SHA224 implementation added
...
Added SHA24 implementation and tetss.
Added HMAC-SHA224 implementation and tests.
Added RSA-SHA224 and ECDSA-SHA224.
Added MGF1-SHA224
Added OpenSSL APIs for SHA224
Configuration option to enable SHA224 and it is on by default for x86_64
2016-11-10 15:52:26 +10:00
55401fceb8
adjust alignment of arrays used for case with AESNI
2016-11-09 15:03:26 -07:00
af44b2527a
Merge pull request #620 from JacobBarthelmeh/PKCS12
...
PKCS12 : visibility of structs and guards
2016-11-09 08:59:31 -07:00
e9cda7b93f
Merge pull request #619 from JacobBarthelmeh/ARMv8
...
ARMv8
2016-11-08 16:21:01 -08:00
fa48bca262
PKCS12 : visibility of structs and guards
2016-11-08 16:49:09 -07:00
c122558810
COMPAT. LAYER : fix missing return value and alignment
2016-11-08 14:16:02 -07:00
208f747a47
ARMv8 : add armv8-aes.c to EXTRA_DIST
2016-11-08 10:28:01 -07:00
d4b45c4299
Merge pull request #616 from moisesguimaraes/fixes-wolfcrypt-py
...
Fixes wolfcrypt py
2016-11-08 09:07:21 -08:00
5f6cf282b1
fixes include.am comments
2016-11-07 21:15:23 -03:00
88df983251
moves include.am into wolfcrypt-py folder
2016-11-07 21:09:08 -03:00
46dee9e792
ARMv8 : clang 32 bit build
2016-11-07 15:48:06 -08:00
668af9b32f
POLY1305 : clang 32 bit warning about macros
2016-11-07 15:28:30 -08:00
f7a951709f
COMPAT. LAYER : get SSL client random bytes
2016-11-07 13:21:35 -07:00
f06a392764
COMPAT. LAYER : DES set key and malloc/free
2016-11-07 13:21:05 -07:00
b50914f2c7
Drops 3DES and adds int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); for RSA blinding
2016-11-07 16:06:35 -03:00
08f6d23e84
moves wolfcrypt-py implementation to wrapper/python/wolfcrypt
2016-11-07 16:02:41 -03:00
68c43e4344
Merge pull request #615 from ejohnstown/dtls-verify-retry-fix
...
Fix dropped DTLS Hello Verify retransmit
2016-11-04 15:52:13 -07:00
70b227011d
Merge pull request #604 from JacobBarthelmeh/PKCS12
...
Pkcs12
2016-11-04 15:50:50 -07:00
c271806936
Merge pull request #614 from toddouska/scr-verify
...
add SCR client and server verify data check
2016-11-04 10:11:05 -07:00
ada2573009
Increment the expected handshake number if the call to the handhsake
...
message processing function is successful, but not if the handshake
message is the client_hello. Process client hello clears that counter
and incrementing it breaks the handshake. Fixes issue #612 .
2016-11-03 14:49:21 -07:00
87e3f45f52
add SCR client and server verify data check
2016-11-03 14:45:24 -07:00
356c3a37aa
Merge pull request #613 from JacobBarthelmeh/Testing
...
MODE : change source file mode back to 644
2016-11-03 13:16:59 -07:00
0839925797
PKCS12 : visibility, check on key match, sanity check on malloc
2016-11-03 11:14:29 -06:00
668e9a8e08
MODE : change source file mode back to 644
2016-11-03 10:08:13 -06:00
3780f452e8
Merge pull request #609 from JacobBarthelmeh/ARMv8
...
ARMv8 : clang build with ARMv8
2016-11-03 09:02:20 -07:00
8e0ab18924
Merge pull request #611 from cconlon/pkcs7
...
allow PKCS#7 to be compiled with AES disabled
2016-11-03 09:00:46 -07:00
9a735fc873
allow PKCS#7 to be compiled with AES disabled
2016-11-02 12:18:45 -06:00
d4b8320226
Merge pull request #606 from ejohnstown/dtls-pool
...
DTLS Pool Change
2016-11-02 10:54:53 -07:00
a3ea8378ec
Cap the size of the transmit and receive DTLS message lists at 255.
2016-11-02 09:15:05 -07:00
6f06b60bc0
ARMv8 : clang build with ARMv8
2016-11-01 13:38:01 -07:00
624ec3d492
Merge pull request #607 from cconlon/pkcs7
...
add AES content encryption support to PKCS#7 EnvelopedData
2016-11-01 12:03:24 -07:00
22c5e22698
Merge pull request #608 from JacobBarthelmeh/master
...
Option to disable RNG (WC_NO_RNG or --disable-rng). If RNG is disabled and building in crypto that makes calls to RNG functions the build will fail with linker undefined symbol errors.
2016-11-01 11:53:53 -07:00
ffe905afbf
Moved the checks for the new session ticket and certificate verify
...
messages from the change cipher spec handler to the sanity check
handshake message function. It provides support for DTLS missing
and duplicate messages.
2016-11-01 09:53:53 -07:00
3075269326
Replace the DTLS MsgPool for saving transmit handshake messages with
...
the DTLS MsgList.
2016-11-01 09:53:53 -07:00
3065bb2178
Merge pull request #588 from steweg/fix_dtls_retranmission
...
Adjust DTLS retranmission logic
2016-11-01 09:29:30 -07:00
70e7e34c87
RNG : change to --disable-rng, non-autoconf scenario, help msg
2016-11-01 10:21:29 -06:00
09c32de412
RNG : option to not use RNG
2016-10-31 16:51:02 -06:00
50464d4aef
gitignore PKCS#7 test files, delete on make clean
2016-10-31 14:46:03 -06:00
fa9a9175d0
add AES-256-CBC to PKCS#7 Encode/DecodeEnvelopedData
2016-10-31 14:45:57 -06:00
8c23c3cdd0
add AES-192-CBC to PKCS#7 Encode/DecodeEnvelopedData
2016-10-31 14:27:21 -06:00
17c184e720
add AES-128-CBC to PKCS#7 Encode/DecodeEnvelopedData
2016-10-31 14:27:14 -06:00
b686deecbe
PKCS12 : Add PKCS12 parsing
2016-10-29 13:12:26 -06:00
79cba75925
Merge pull request #603 from ejohnstown/aes-ctr
...
expand the AES-CTR test to 4 blocks for 192 and 256 bit cases
2016-10-28 13:52:50 -06:00
849ae72d3a
expand the AES-CTR test to 4 blocks for 192 and 256 bit cases
2016-10-27 15:54:22 -07:00
7ef037af0f
Merge pull request #602 from kaleb-himes/forums-support-case-user-sp
...
IAR compiler for ARM 7.70.2.11706 - unitialized warning
2016-10-26 20:04:02 -07:00
2122ee2eb5
IAR compiler for ARM 7.70.2.11706 - unitialized warning
2016-10-26 09:33:15 -06:00
59fdd98f1d
Adjust DTLS retranmission logic
...
This patch adjust DTLS retranmission logic
in order to avoid message floods between client
and server
2016-10-26 10:37:23 +02:00
703d504b58
Merge pull request #600 from kaleb-himes/scan-build-async
...
Check for sigLen size to resolve scan-build warning.
2016-10-25 11:08:14 -07:00
bc1fca5620
modified handler to return error on invalid condition post review
...
update
2016-10-25 11:07:35 -06:00
33ab901b3f
prevent allocation of size 0
2016-10-24 16:44:43 -06:00
b8aa335dd6
Merge pull request #598 from dgarske/ecc_cacheres_w_altsize
...
Fix for ECC with ALT_ECC_SIZE and cache resistance enabled
2016-10-17 15:01:43 -07:00
d2a6c6838e
Fix for ECC with !WC_NO_CACHE_RESISTANT and ALT_ECC_SIZE causing invalid mp_int*. An ecc_point with ALT_ECC_SIZE is "mp_int* x" vs. "mp_int x[1]". The resulting pointer for &M[0]->x is not valid in the ALT_ECC_SIZE case. This was found while testing ECC on a Cortex M4 (32-bit) and caused a hard fault.
2016-10-14 16:44:57 -07:00
2ecf7090ca
Merge pull request #595 from JacobBarthelmeh/Testing
...
static analysis : Fix warnings with wc_AesCcmSetKey
2016-10-12 11:27:29 -07:00
88a82f519e
Merge pull request #594 from JacobBarthelmeh/DTLS-MultiCore
...
session export : Increment DTLS export version with serialization cha…
2016-10-12 11:25:23 -07:00
ffb2a8ff12
Merge pull request #593 from JacobBarthelmeh/ARMv8
...
ARMv8 : sanity checks
2016-10-12 11:23:27 -07:00
11102b6726
Merge pull request #585 from NickolasLapp/master
...
Rename *Mutex Functions with wc_ prefix. Expose these functions for Stunnel.
2016-10-12 11:19:32 -07:00
9cf4d7ca8e
Merge pull request #584 from kaleb-himes/aes-gcm-bo
...
sanity check on memcpy and xorbuf
2016-10-12 11:18:03 -07:00
54c51ec4a0
static analysis : Fix warnings with wc_AesCcmSetKey
2016-10-12 10:02:53 -06:00
3c03aa453b
session export : Increment DTLS export version with serialization changes
2016-10-11 14:01:38 -06:00
86bf50ea70
Ensure dh->q is nulled on init and free
2016-10-10 16:21:30 -06:00
eb9161d8a7
ARMv8 : sanity checks
2016-10-10 15:08:59 -06:00
395972e6a8
Merge pull request #592 from cconlon/eccfix
...
fix ecc_check_privkey_gen() parameters with WOLFSSL_VALIDATE_ECC_IMPORT
2016-10-07 14:30:06 -07:00
ab966a72da
fix ecc_check_privkey_gen() parameters with WOLFSSL_VALIDATE_ECC_IMPORT
2016-10-07 14:14:50 -06:00
05fcbb001a
move sanity check and remove silent truncation
2016-10-06 15:01:16 -06:00
ef5f55f6e4
Optimize memory usage for ARM Cortex M and similar embedded systems ( #578 )
...
* Changed ge_precomp data to const to reduce RAM usage on embedded systems.
* Add configuration option "WOLFSSL_NRF5x" for Nordic nRF5x platform in settings.h
2016-10-06 12:49:14 -07:00
f4c654dd6e
Merge pull request #590 from JacobBarthelmeh/ARMv8
...
ARMv8 additions
2016-10-06 10:04:07 -07:00
4181b744ab
stunnel 5.36 requires des3. Enable by default
2016-10-05 13:17:26 -06:00
d07746de09
ARMv8 : Remove dependency on load
2016-10-05 11:02:51 -06:00
69483366fb
Fixes for fips compatibility
2016-10-05 10:20:13 -06:00
89aec2c565
Add cast for g++ compiler
2016-10-05 09:37:44 -06:00
21dd236ef2
ARMv8 : increase performance
2016-10-05 09:04:18 -06:00
1e028c3566
Merge pull request #589 from cconlon/ipproto
...
Wrap IPPROTO_SCTP use with WOLFSSL_SCTP in test.h
2016-10-04 19:48:32 -07:00
29cf90a425
protect IPPROTO_SCTP with WOLFSSL_SCTP in test.h
2016-10-04 16:42:53 -06:00
81a8ad0a48
Merge pull request #587 from ejohnstown/seq64
...
64-bit Sequence Number
2016-10-04 06:01:26 -07:00
1792eba1a2
Rename *Mutex Functions with wc_ prefix. Expose these functions for
...
Stunnel. Various other changes to enable stunnel compling
2016-10-03 16:36:05 -06:00
12ac0346f5
change magic numbers to constants, rename verify parameter of WriteSEQ() and subfunctions
2016-10-03 13:51:10 -07:00
a839b61e81
initialize temp sequence number
2016-10-02 13:02:20 -07:00
575785db3e
Fixes for DTLS sequence number checking.
2016-10-02 12:03:44 -07:00
ab371365b9
updated sequence number window
2016-09-30 17:02:05 -07:00
62d58a7084
updated session import/export for seq number
2016-09-29 23:09:42 -07:00
4522fa335e
Fixing DTLS for 64-bit sequence numbering
...
1. Simplify away the DtlsState record.
2. Adding in high order bits for the DTLS sequence number.
3. For DTLS, separated copying the sequence number from incrementing it.
2016-09-29 15:51:33 -07:00
a630fda509
Sanity check on memcpy and xorbuf
...
Sanity check on memcpy and xorbuf
2016-09-29 13:26:50 -06:00
1a7f1d3b26
Merge pull request #583 from JacobBarthelmeh/CSharp
...
C# Wrapper : TCP check connection termination
2016-09-28 16:31:29 -06:00
1ed06b53df
C# Wrapper : TCP check connection termination
2016-09-28 15:00:30 -06:00
6f4b704552
ARMv8 : Aarch32 support, SHA256 speedup
2016-09-28 10:22:27 -06:00
be86308a33
Merge pull request #556 from danielinux/frosted-fix
...
Fix compilation on Frosted
2016-09-26 12:53:39 -06:00
124a8c0c1f
Merge pull request #582 from ejohnstown/lean-psk
...
Fixes for building the library for Lean PSK
2016-09-24 10:59:54 -06:00
af5d790aea
Merge pull request #581 from ejohnstown/tlsx
...
Fixes for building the library with a C++ compiler with TLSX enabled
2016-09-24 10:45:33 -06:00
8d1aa2238b
Fixes for building the library for Lean PSK
...
1. Needed to enable static PSK when using Lean PSK
2. Fixed complaints about unused variables.
2016-09-24 00:18:36 -07:00
5e852dc1a1
Fixes for building the library with a C++ compiler with TLSX enabled
...
1. Add many typecasts for malloc() data to proper pointer type.
2. Add many typecasts for constants in tertiary operators.
3. ECC to use local copy of wc_off_on_addr instead of extern copy.
2016-09-23 23:22:58 -07:00
5ec5b9b07d
Merge pull request #580 from JacobBarthelmeh/Testing
...
NTRU : warning of variable size as argument
2016-09-23 15:52:48 -07:00
02b3aa51bd
NTRU : warning of variable size as argument
2016-09-23 15:30:33 -06:00
fb01cf7e1b
Merge pull request #579 from ejohnstown/release-v3.9.10
...
Prepare release v3.9.10
2016-09-23 15:05:21 -06:00
6895803f2b
Prepare release v3.9.10
2016-09-23 12:19:24 -07:00
049956d852
Merge pull request #577 from kaleb-himes/fix-typos
...
Fixing typos
2016-09-23 12:18:23 -07:00
4fc0c6c646
fix unused parameter build time error
...
fix unused parameter build time error
2016-09-23 12:23:26 -06:00
3bd86d3f87
Fixing typos
2016-09-23 10:45:29 -06:00
91580552bc
ARMv8 : AES-GCM encryption speed ups
2016-09-23 10:20:52 -06:00
78246e0fc2
Merge pull request #575 from ejohnstown/fix-option
...
move an ifndef NO_AES for one more configure disable/enable combination
2016-09-22 16:15:49 -06:00
98841e8b47
Merge pull request #576 from toddouska/dsa_zero
...
add dsa sign sanity check on r/s
2016-09-22 15:14:43 -06:00
e4b8e6a447
Merge pull request #574 from JacobBarthelmeh/Testing
...
Static Analysis : fix a warning of unused variable
2016-09-22 14:09:46 -07:00
d9163e4554
add dsa sign sanity check on r/s
2016-09-22 12:04:48 -07:00
ba6e2b1037
move an ifndef NO_AES for one more configure disable/enable combination
2016-09-22 11:41:16 -07:00
c43fd150e9
Static Analysis : fix a warning of unused variable
2016-09-22 09:31:26 -07:00
18944dacbf
Merge pull request #573 from toddouska/dsa_pad
...
fix dsa pre padding
2016-09-22 09:42:23 -06:00
9e4e08d7a7
fix dsa pre padding
2016-09-21 18:51:11 -07:00
2368d49678
Merge pull request #572 from ejohnstown/pathlen
...
CA Certificate Path Length Checking
2016-09-21 14:36:24 -07:00
b8704d2dfe
Merge pull request #571 from toddouska/new_rng
...
Fix Jenkins build 389 single-threaded issue
2016-09-21 12:59:06 -07:00
74002ce66a
Add the new path length test certs to include.am.
2016-09-21 12:34:01 -07:00
ab887b88dc
Merge pull request #570 from ejohnstown/des3-disable-fix
...
Disable DES3 compiler warning fix
2016-09-21 13:25:00 -06:00
de81c81eae
Fixed unused variable complaints when OPENSSL_EXTRA and MD5 are enabled
...
and when AES is disabled.
2016-09-21 10:21:03 -07:00
489345f0d4
move CTX new_rng out of with certs block
2016-09-21 09:02:38 -07:00
95acd9c907
Fixed unused variable complaints when KEYGEN and OPENSSL_EXTRA are enabled
...
and when AES and MD5 are disabled. It was in the same encrypt function as
before and in the paired decrypt function.
2016-09-21 07:32:17 -07:00
a42bd30278
CA Certificate Path Length Checking
...
1. Check the path length between an intermediate CA cert and its
signer's path length.
2. Always decode the path length if present and store it in the decoded
certificate.
3. Save the path length into the signer list.
4. Path length capped at 127.
5. Added some test certs for checking CA path lengths.
2016-09-20 21:36:37 -07:00
ef7183dcf7
delete redundant #else
2016-09-20 15:59:08 -07:00
d9862c1c1a
Merge pull request #569 from kaleb-himes/CUSTOMER_REQUEST
...
addition to previous customer request
2016-09-20 12:09:15 -07:00
65a7978dec
Merge pull request #567 from toddouska/rng
...
RDSEED enhancements
2016-09-20 12:09:01 -07:00
df1d8200ef
Fixed unused variable complaint when KEYGEN and OPENSSL_EXTRA are enabled
...
and when AES and DES3 are disabled.
2016-09-20 12:07:58 -07:00
67a112773e
fix secure renegotiation
2016-09-19 17:31:20 -07:00
21726d5ae4
64bit sequence tls proof of concept, dlts needs some work
2016-09-19 16:02:27 -07:00
4214f52d77
addition to previous customer request
2016-09-19 16:01:24 -06:00
0718aba655
fix comment typo
2016-09-19 13:28:14 -07:00
485d814aed
Merge pull request #563 from JacobBarthelmeh/ARMv8
...
ARMv8 : AES-GCM constraint fix
2016-09-19 09:30:08 -07:00
e0b8e55198
Merge pull request #553 from ejohnstown/disable-des3
...
Disable DES3 by default
2016-09-19 09:27:32 -07:00
b4b0b2433e
Merge pull request #555 from ejohnstown/autogen-tweak
...
Autogen tweak for git worktrees
2016-09-19 09:26:06 -07:00
4c295cd13d
Merge pull request #564 from kaleb-himes/CUSTOMER_REQUEST
...
Implement requested change from customer
2016-09-19 09:24:43 -07:00
1bab8822a9
Merge pull request #565 from ejohnstown/enable-ecccurveext
...
Enable the ECC Supported Curves extension by default
2016-09-19 09:24:05 -07:00
afd039d2e1
Merge pull request #566 from JacobBarthelmeh/master
...
Benchmark App : fixed some invalid set key sizes
2016-09-19 09:23:12 -07:00
6d73175b22
Benchmark App : fixed some invalid set key sizes
2016-09-17 15:07:38 -06:00
c51444bec5
update rdseed to 64bit get, more retries, fallback to /dev/urandom on failure
2016-09-16 18:54:47 -07:00
3f95bac55f
Merge pull request #562 from ejohnstown/pre-release3.9.9
...
Bump version for pre-release REDUX
2016-09-16 15:07:00 -06:00
67c7e7c8de
Implement requested change from customer
...
Implement requested change from customer
2016-09-16 14:38:33 -06:00
f191cf206e
allow single threaded mode to share an RNG at WOLFSSL_CTX level
2016-09-16 13:35:29 -07:00
781e800486
1. Enable the extension ECC Supported Curves by default.
...
2. Force the extention disabled if ECC is disabled.
2016-09-16 13:26:56 -07:00
f755591316
ARMv8 : AES-GCM constraint fix
2016-09-16 19:43:47 +00:00
7a7f2fbe78
Bump version for pre-release.
2016-09-16 10:58:31 -07:00
ef0cd908ea
Merge pull request #557 from kaleb-himes/arduino-updates
...
fix distribution issue
2016-09-16 10:55:48 -07:00
c85b3b84d9
Merge pull request #554 from JacobBarthelmeh/ARMv8
...
ARMv8 : AES-CTR/CBC/GCM speed ups and refactor AES
2016-09-16 09:34:24 -07:00
03ebb4825e
Merge pull request #552 from toddouska/aesca
...
prevent compiler from optimzing out PreFetch Td4
2016-09-16 09:16:07 -07:00
14a7065f6e
fix distribution issue
2016-09-16 10:04:50 -06:00
b869641de6
Merge branch 'master' into frosted-fix
2016-09-16 11:46:01 +02:00
890bcde1cd
Don't include <sys/uio.h> when running on Frosted
2016-09-16 11:43:34 +02:00
4087f6904c
Treat project directory as in version control if .git is
...
either directory or file.
2016-09-15 16:09:27 -07:00
6d82cba29c
ARMv8 : AES-CTR/CBC/GCM speed ups and refactor AES
2016-09-15 22:50:00 +00:00
ef9c4bf5c9
Add client-ca.pem to the automake include for dist.
2016-09-15 15:38:41 -07:00
bad6be5c76
1. Updated sniffer to allow DES3 to be disabled.
...
2. Fixed an unused variable in OpenSSL Extras when DES3 is disabled.
3. Force DES3 enabled when enabling MCAPI.
2016-09-15 14:53:28 -07:00
e92f0e32b0
Undo making the ECC supported curves extension default to enabled.
2016-09-15 13:15:49 -07:00
78c0f98ea9
Merge pull request #551 from kaleb-himes/arduino-updates
...
Updates to make building for ARDUINO more intuitive
2016-09-15 13:01:42 -07:00
0ee7d7cc17
1. Add DES3 enable to full commit test.
...
2. Added DES3 to the list of FIPS prereqs.
2016-09-15 12:19:32 -07:00
e3bb4c29e2
Fix openssl.test with the lean-TLS option
...
1. Make new CA cert for test that is both client-cert.pem andr
client-ecc-cert.pem.
2. Use the new client-ca.pem cert in the test script.
3. Update renewcerts script to generate client-ca.pem.
2016-09-15 11:39:30 -07:00
c1ac0c0f8c
Merge pull request #545 from ejohnstown/ems
...
Extended Master Secret
2016-09-15 11:25:41 -07:00
2d4757b446
Disable DES3 by default. Force it enabled when it is a prereq for
...
another option. (SCEP and PKCS7)
2016-09-15 11:23:36 -07:00
19434e285a
Update the resume test to rerun itself with the "-n" option to disable
...
extended master secret if the option is enabled.
2016-09-15 10:13:31 -07:00
8cdaa06127
prevent compiler from optimzing out PreFetch Td4
2016-09-15 10:02:30 -07:00
9d49fae600
Updates to make building for ARDUINO more intuitive
...
NO_INLINE not necessary, update README
2016-09-14 17:01:35 -06:00
01be5cdc07
Merge pull request #550 from toddouska/rsainit
...
make sure rsa rng is null on init
2016-09-14 16:31:07 -06:00
dc337946d5
make sure rsa rng is null on init
2016-09-14 14:33:08 -07:00
8b713adcfd
Extended Master Secret Peer Review Changes
...
1. Checked the returns on the hash functions in the sniffer,
return new error if any fail.
2. Removed the SHA-512 hash from the sniffer's collection of
hashes. Never used in a cipher suite.
3. Added some logging messages in the EMS support in wolfSSL.
2016-09-14 13:43:02 -07:00
7410b5784f
Merge pull request #548 from toddouska/nocache
...
add WC_NO_CACHE_RESISTANT option for old code paths
2016-09-14 10:24:29 -07:00
e039fcefc0
Merge pull request #549 from JacobBarthelmeh/master
...
aes.c : check ILP32 macro defined
2016-09-14 09:58:19 -07:00
109642fef4
aes.c : check ILP32 macro defined
2016-09-14 09:33:48 -06:00
b6937626b4
don't require uneeded temp with WC_NO_CACHE_RESISTANT
2016-09-13 17:01:50 -07:00
7b3fc558ec
add WC_NO_CACHE_RESISTANT option for old code path
2016-09-13 16:45:15 -07:00
b77c350153
Merge pull request #547 from toddouska/mathca
...
Remove timing resistant cache key bit monitor leaks
2016-09-13 14:34:23 -07:00
05d78dc2ce
Merge pull request #544 from cconlon/rsafix
...
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
2016-09-13 11:24:03 -07:00
46a0ee8e69
switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor
2016-09-13 11:10:10 -07:00
0477d5379e
Merge pull request #546 from toddouska/aesca
...
AES T table cache preload.
2016-09-13 11:05:28 -07:00
6ef9e79ff5
switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor
2016-09-13 09:13:39 -07:00
6ae1a14c9f
do aes cache line stride by bytes, not word32s
2016-09-12 21:09:08 -07:00
77cf700657
Update to allow resumption with session tickets and extended master secret.
2016-09-12 16:06:51 -07:00
c6256211d6
compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round
2016-09-12 13:04:30 -07:00
97a64bcc7c
remove unique aes last round Te table, pre fetch Te tables during software aes encrypt
2016-09-12 12:03:37 -07:00
c1136a30e9
1. Enabled the extended master secret in the Windows IDE user_settings.h
...
file by default.
2. Fixed scan-build warning about an assignment to a variable that isn't
used again in the function. Commented out the line.
2016-09-12 09:42:42 -07:00
b994244011
Revising the Extended Master Secret support. Removing the dynamic
...
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
2016-09-11 18:05:44 -07:00
a149d83bff
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
2016-09-09 16:11:56 -06:00
68e48e84fd
Merge pull request #541 from toddouska/comp
...
detect server forcing compression on client w/o support
2016-09-09 13:00:22 -07:00
fc54c53f38
Merge pull request #543 from JacobBarthelmeh/ARMv8
...
ARMv8 : increase performance with SHA256
2016-09-09 10:23:44 -07:00
3ec66dd662
ARMv8 : sanity checks and change constraint type
2016-09-09 00:27:40 +00:00
bd3e40d2fc
Merge pull request #542 from JacobBarthelmeh/master
...
verify case with unexpected input
2016-09-08 16:07:28 -07:00
f4e604dec3
verify case with unexpected input
2016-09-08 15:32:09 -06:00
0c21d76ce3
detect client not sending any compression types
2016-09-08 12:06:22 -07:00
4fb1431727
Added support for the extended master secret extension to the sniffer.
2016-09-08 11:25:02 -07:00
79af4d30e0
ARMv8 : increase performance with SHA256
2016-09-08 18:00:24 +00:00
3e80d966d2
Merge pull request #540 from dgarske/fix_noprng_nosha2
...
Fix to allow disabling P-RNG and SHA256 with CUSTOM_RAND_GENERATE_BLOCK
2016-09-07 16:33:32 -07:00
3aefc42f04
have TLS server side verify no compression is in list if not using compression
2016-09-07 15:28:30 -07:00
f6b786cfb5
Updated the random.h source inline comments to clarify SHA256 and RC4.
2016-09-07 09:23:43 -07:00
baebec4ca4
Merge pull request #538 from JacobBarthelmeh/ARMv8
...
initial ARMv8 instructions
2016-09-07 09:20:14 -07:00
a5db13cd01
detect server forcing compression on client w/o support
2016-09-07 09:17:14 -07:00
8d6ea61a4f
Fix to allow disabling P-RNG and SHA256 when CUSTOM_RAND_GENERATE_BLOCK is used. Added inline documentation to describe RNG source options. Example: ./configure --enable-cryptonly --disable-hashdrbg CFLAGS="-DNO_SHA256 -DCUSTOM_RAND_GENERATE_BLOCK"
2016-09-06 16:42:53 -07:00
09b29cb1d4
ARMv8 AES: remove extra memcpy during encrypt/decrypt
2016-09-02 22:55:17 +00:00
33f24ebaa8
Merge pull request #537 from ejohnstown/ocsp-issuerKeyHash
...
OCSP Fixes
2016-09-02 14:57:07 -06:00
8e4ccd355c
refactor ALIGN16 macro to types.h
2016-09-01 21:24:03 +00:00
0f0e0ca9a5
add extended master to example client
2016-09-01 15:17:46 -06:00
88fab67804
add extended master unit tests
2016-09-01 15:15:17 -06:00
e4f527a332
initial extended master secret support
2016-09-01 15:12:54 -06:00
5bf8806655
add wc_Sha384/512GetHash() functions
2016-09-01 15:05:27 -06:00
41912b92c6
initial ARMv8 instructions
2016-09-01 18:10:06 +00:00
963b9d4c4d
OCSP Fixes
...
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
2016-09-01 09:58:34 -07:00
a0b02236b8
Merge pull request #527 from danielinux/master
...
Support for Frosted OS
2016-08-31 10:07:25 -06:00
092916c253
Merge pull request #536 from ejohnstown/dtls-sctp
...
DTLS over SCTP
2016-08-30 13:09:40 -07:00
e0a035a063
DTLS-SCTP Tests
...
1. Added a check to configure for SCTP availablility.
2. Added DTLS-SCTP to the cipher suite test.
2016-08-29 15:24:51 -07:00
de3f66b946
Merge pull request #515 from dgarske/cryptonly_static_mem
...
Added support for static memory with wolfCrypt
2016-08-29 15:23:28 -06:00
ddff90ea26
Fix duplicate declaration of "wolfSSL_init_memory_heap" (errors after rebase).
2016-08-29 11:50:43 -07:00
6a70403547
Fix for "not used" devId in benchmark.
2016-08-29 11:01:16 -07:00
2ecd80ce23
Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined.
2016-08-29 10:38:06 -07:00
05a35a8332
fix scan-build warning on the simple SCTP example server
2016-08-26 20:33:05 -07:00
aed68e1c69
1. Needed to tell the client to use sctp.
...
2. Creating the example sockets needed the IPPROTO type.
2016-08-26 19:58:36 -07:00
46e92e0211
DTLS-SCTP example client and server
...
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
2016-08-26 19:58:36 -07:00
6d5df3928f
SCTP-DTLS examples
...
1. Added the set SCTP mode command to client and server.
2. Added a 4K buffer test case.
2016-08-26 19:58:36 -07:00
bab071f961
1. Implemented the SCTP MTU size changes for transmit.
...
2. Simplified the MAX_FRAGMENT size when calling SendData().
2016-08-26 19:58:36 -07:00
a6c0d4fed7
1. Added missing -DWOLFSSL_SCTP to configure.ac.
...
2. Don't do hello verify requests in SCTP mode.
3. Implemented the SCTP MTU size changes.
4. Simplified the MAX_FRAGMENT size when calling ReceiveData().
2016-08-26 19:58:36 -07:00
52e2f1a7ab
typecasts to clear static analysis warnings on SCTP examples
2016-08-26 19:58:36 -07:00
f3dca48e99
Fix polarity on the DTLS-SCTP check.
2016-08-26 19:58:36 -07:00
7b3255b5bb
1. Simplified the IsDtlsSctpMode() check.
...
2. Checked IsDtlsSctpMode() to skip saving messages to retransmit and
skip retransmissions.
2016-08-26 19:57:09 -07:00
c1970434d1
simplify the SCTP options
2016-08-26 19:43:52 -07:00
b7a35eabd2
Add simple SCTP example tools
2016-08-26 19:40:50 -07:00
ebbf5ec72b
add new options and accessors for SCTP
2016-08-26 19:40:50 -07:00
2d9b6cf27a
added SCTP to configure.ac
2016-08-26 19:40:50 -07:00
d7ac7af4b0
Merge pull request #532 from toddouska/sb-aiaddr
...
make sure static analysis realizes err_sys does exit()
2016-08-26 16:29:20 -07:00
930c692598
Merge pull request #535 from toddouska/ecc521-no64
...
fix normal math 16bit digit_bit for all ecc sizes
2016-08-26 14:59:01 -07:00
bd312cb766
Merge pull request #533 from dgarske/dg_fixes
...
Fixes for HMAC/small stack heap and disable RSA warnings
2016-08-26 14:30:55 -07:00
401463a983
Merge pull request #534 from dgarske/ecc_cust_fix
...
Fixed issue with "wc_ecc_set_custom_curve" function and ECC test improvements
2016-08-26 14:25:15 -07:00
efabbcf305
fix normal math 16bit digit_bit for all ecc sizes
2016-08-26 13:47:53 -07:00
bf23b2f9d1
Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup.
2016-08-26 12:35:47 -07:00
925e5e3484
Fixes typo issue with heap in hmac and small stack enabled. Fixed "never read" scan-build warnings with typeH and verify when RSA is disabled.
2016-08-26 10:33:01 -07:00
86e889a7fa
only force exit() in all cases with gcc since we know noreturn attribute there
2016-08-26 10:20:58 -07:00
dd7f9b618d
make sure static analysis realizes err_sys does exit()
2016-08-25 12:23:57 -07:00
78ca9e7716
Merge pull request #482 from dgarske/async
...
Asynchronous wolfCrypt RSA and TLS client support
2016-08-25 10:06:18 -07:00
07345579ec
Merge pull request #531 from cconlon/distro
...
Add "--enable-distro" build option
2016-08-23 14:31:23 -07:00
a9278fe492
Added check for GetLength result in asn GetIntRsa function. Fixed return code in random.c for "wolfAsync_DevCtxInit" due to copy/paste error. Added RSA wc_RsaCleanup to make sure allocated tmp buffer is always free'd. Eliminated invalid RSA key type checks and "RSA_CHECK_KEYTYPE".
2016-08-23 11:31:15 -07:00
91ccf1bd86
do not enable ARC4 or sniffer in distro build
2016-08-22 15:33:45 -06:00
45c8ed1436
remove -X from ocsp stapling tests that are not external
2016-08-22 14:18:35 -06:00
ebba0efaa4
Merge pull request #528 from jrblixt/tests_api_develop
...
Added Functions to wolfSSL/test/api.c
2016-08-22 09:38:23 -07:00
1a94c0bbdd
add distro build option
2016-08-22 10:00:37 -06:00
6f0239441b
Merge pull request #530 from ejohnstown/dtls-ticket
...
DTLS and Session Ticket fix
2016-08-22 09:37:28 -06:00
a9935cbc28
Made changes found by Jenkins.
2016-08-19 10:23:55 -06:00
fa1989b729
fix building the new session ticket message for DTLS, take into account the additional header sizes
2016-08-18 17:51:25 -07:00
813a9b05b5
Clean up and Chris check added the changes.
2016-08-18 15:07:07 -06:00
f61c045e65
Changes to the Assert Macros used and added wolfSSL_CTX_use_certificate_buffer()
2016-08-18 10:03:33 -06:00
3d3f8c9dd3
Support for Frosted OS
2016-08-18 14:56:14 +02:00
b068eec96d
added wolfSSL_CTX_SetMinVersion
2016-08-17 14:41:37 -06:00
73089200bf
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into tests_api_develop
2016-08-17 14:12:43 -06:00
cddc771829
Added wolfSSL_SetMinVersion
2016-08-17 14:05:37 -06:00
584733b138
Chris looked at functions added for correctness.
2016-08-17 11:27:14 -06:00
65b2b14a0f
added test functions for wolfCrypt_Init and OCSP stapling v1 and v2
2016-08-17 10:32:03 -06:00
3e6be9bf2c
Fix in "wc_InitRsaKey_ex" for normal math so mp_init isn't called to defer allocation.
2016-08-15 14:07:16 -06:00
17a34c5899
Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com.
2016-08-15 13:59:41 -06:00
5347e32d63
Merge pull request #526 from toddouska/fm64-types
...
don't setup 64bit typedef with fastmath if not needed
2016-08-15 13:14:59 -06:00
d1d6571575
Merge pull request #525 from toddouska/session
...
add resume session string script check, make GetDeepCopySession stati…
2016-08-15 13:11:53 -06:00
527c375884
don't setup 64bit typedef with fastmath if not needed
2016-08-15 11:02:06 -07:00
d74fa8299a
add resume session string script check, make GetDeepCopySession static local and check reutrn code
2016-08-15 09:32:36 -07:00
b38218a0b9
Merge pull request #524 from kaleb-himes/certs-buffs-and-tests
...
cert updates, new buffers, new test with buffers
2016-08-14 08:39:37 -07:00
da18e463ed
remove constraints on inclusion of certs_test.h
2016-08-12 17:00:22 -06:00
03295ec6d7
update certs, extend ntru to 1000 days, add der formatted ecc, new ecc buffer test
...
changes from first review
move to 256 bit defines
2016-08-12 13:00:52 -06:00
7cf13f84b7
Merge pull request #522 from JacobBarthelmeh/master
...
help static analysis tools
2016-08-10 16:37:16 -07:00
b502d9dcf7
help static analysis tools
2016-08-10 14:23:27 -06:00
fd9f8125e3
Merge pull request #521 from dgarske/improve_inline_misc
...
Change misc.c error to warning when trying to be compiled and inline enabled
2016-08-09 13:09:20 -06:00
a8b2ced588
Merge pull request #519 from dgarske/fix_compat_wo_ecc
...
Fix for openssl compatibility without ECC
2016-08-08 13:46:58 -07:00
317a7f2662
Change misc.c error to warning and exclude the misc.c code from being compiled. Most people include all .c files and by default inlining is allowed, which in turn causes an #error in misc.c and it must be excluded. Since we know its already been properly included there is no reason to throw error here. Instead, show warning and exclude code in .c file.
2016-08-08 13:13:59 -07:00
b0e4acaac1
Fix for openssl compatibility without ECC. Disable "wolf_OBJ_nid2sn", "wolf_OBJ_sn2nid" and "wolf_OBJ_obj2nid" when "OPENSSL_EXTRA" defined and "HAVE_ECC" is not defined.
2016-08-08 10:29:58 -07:00
76e8438059
Merge pull request #518 from dgarske/fix_build_w_callbacks
...
Fix build with "WOLFSSL_CALLBACKS" defined.
2016-08-06 10:11:53 -07:00
49fb0d56b0
Merge pull request #516 from dgarske/fix_asn_wo_hmac
...
Fix build issue with ASN enabled and no HMAC
2016-08-06 10:07:00 -07:00
c8cfe1ffa1
Merge pull request #511 from dgarske/openssl_compat_fixes
...
Various improvements to support openssl compatibility
2016-08-06 09:59:31 -07:00
dd03af2cf4
Merge pull request #512 from dgarske/fix_crl_pad
...
Fixed issue with CRL check and zero pad
2016-08-06 09:56:59 -07:00
cc462e2c50
Merge pull request #513 from kojo1/Der2Pem
...
Adds "wc_DerToPem" CRL_TYPE support
2016-08-05 14:35:15 -07:00
d8c63b8e66
Various improvements to support openssl compatibility.
...
* Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it).
* Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist).
* Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same).
* Added "WOLFSSL*" to HandShakeInfo.
* Allowed "SetName" to be exposed.
* Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code).
2016-08-05 14:15:47 -07:00
32b0303beb
Fix build with "WOLFSSL_CALLBACKS" defined.
2016-08-05 14:06:58 -07:00
6b1ff8e9d7
Only try and return serial number or check padding if the serial number size is greater than 1.
2016-08-05 12:53:26 -07:00
a17bc2a42e
Fix build issue with ASN enabled and no HMAC (missing MAX_DIGEST_SIZE). Switch to using WC_MAX_DIGEST_SIZE from hash.h, which is always available. Added small stack option for digest in MakeSignature. Fixed build error with unused "testVerifyCount" if "NO_ECC_SIGN" or "NO_ECC_VERIFY".
2016-08-05 12:19:30 -07:00
eeb506b8c0
Merge pull request #514 from dgarske/fix_arm_cc_warn
...
Fixes for warnings when cross-compiling with GCC ARM.
2016-08-05 10:07:32 -07:00
96da2df7ec
Additional max index and serial number size checks in "GetSerialNumber".
2016-08-03 17:04:44 -07:00
2c1309ffc7
Fixes for warnings when cross-compiling with GCC ARM.
2016-08-03 16:53:53 -07:00
e01dcb671d
eliminate tail nl
2016-08-03 11:12:10 +09:00
ed4cd2438f
CRL_Type to wc_DerToPem
2016-08-03 10:53:54 +09:00
9ddfe93c43
Fixed issue with CRL check and zero pad (the GetRevoked function was not trimming pad). Added new ASN "GetSerialNumber" function and implemented it in three places in asn.c.
2016-08-02 16:47:21 -07:00
67d607324a
Merge pull request #509 from JacobBarthelmeh/Release
...
prepare for release 3.9.8
2016-07-28 18:47:39 -07:00
32c0b6d97a
prepare for release 3.9.8
2016-07-28 15:46:45 -06:00
dcc0f87ce6
Merge pull request #506 from toddouska/del_point
...
fix remaining non fpecc ecc_del_point w/o heap
2016-07-27 18:54:46 -06:00
303561c1a1
Merge pull request #505 from toddouska/timing
...
fix scan-build warning on ecc memory alloc failure
2016-07-27 15:52:01 -07:00
a94f34c8e2
fix remaining non fpecc ecc_del_point w/o heap
2016-07-27 14:24:34 -07:00
6cd4acbdba
Merge pull request #504 from dgarske/oid_unknown_fix
...
Fix for "OID Check Failed"
2016-07-27 14:16:04 -07:00
20c991717f
Merge pull request #503 from JacobBarthelmeh/mysql
...
change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2016-07-27 12:13:47 -07:00
7cf0b8fe85
fix scan-build warning on ecc memory alloc failure
2016-07-27 11:20:08 -07:00
b0e72dd692
Fix for "OID Check Failed". This restores behavior to what it was prior to commit "7a1acc7". If an OID is not known internally skip the verify and return success and the OID sum.
2016-07-27 10:39:42 -07:00
37b84abe0b
change priority of cipher suite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
2016-07-27 09:36:16 -06:00
c834216cca
Merge pull request #501 from ejohnstown/key-usage
...
only check server's cert key encipher on client for RSA key exchange
2016-07-26 15:45:38 -07:00
0265b0f4bb
only check server's cert key encipher on client for RSA key exchange
2016-07-26 13:32:54 -07:00
993838153e
Merge pull request #487 from moisesguimaraes/fix-ocspstapling-getca
...
fixes ocsp signer lookup in the cert manager.
2016-07-26 12:42:47 -07:00
edbec4db20
Merge pull request #500 from dgarske/ocsp2_asn_fix
...
Fix for failing OID check with "ocspstapling2" enabled
2016-07-26 12:41:50 -07:00
242d26eba2
Merge pull request #488 from cconlon/sig_algo
...
leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined
2016-07-26 11:05:24 -07:00
c80f1805f0
Fix for failing OID check with "ocspstapling2" enabled. Found OID type in "ToTraditional" that should be keyType, not sigType. Added optional OID decode function and optional OID info dump in "GetObjectId" (both off by default).
2016-07-26 10:35:40 -07:00
5bb250583e
Merge pull request #499 from toddouska/timing
...
add --enable-harden swtich for timing resistance and blinding, on by …
2016-07-26 10:14:20 -07:00
fc6a5c0702
fix mcapi w/o harden
2016-07-26 09:06:46 -07:00
a274386693
fix user rsa no error codes?
2016-07-25 19:19:46 -07:00
51042e166f
fix mcapi with blinding API addition
2016-07-25 15:57:38 -07:00
cd5486a4e6
fix user_rsa with blinding API addition
2016-07-25 15:33:28 -07:00
ea683f493a
Merge pull request #498 from kaleb-himes/cert-updates
...
update certs pre-release: NTRU certs expired in mid june
2016-07-25 15:19:34 -07:00
16336e37ec
fix blinding with fips
2016-07-25 13:47:53 -07:00
88f847de90
add --enable-harden swtich for timing resistance and blinding, on by default
2016-07-25 13:24:36 -07:00
4121667586
update certs pre-release: NTRU certs expired in mid june
2016-07-25 13:05:52 -06:00
096e3f9b8b
Merge pull request #496 from JacobBarthelmeh/staticmemory
...
add helper functions for choosing static buffer size
2016-07-21 16:17:34 -07:00
e8f7d78fc4
add helper functions for choosing static buffer size
2016-07-21 12:11:15 -06:00
b81e687bf3
Merge pull request #490 from JacobBarthelmeh/master
...
Static Memory Fixes
2016-07-20 20:27:03 -07:00
8f2af608a7
Merge pull request #492 from JacobBarthelmeh/staticmemory
...
set heap hint for ctx
2016-07-20 20:25:38 -07:00
e920e6cee0
Merge pull request #495 from toddouska/rng-redef
...
fix WC_RNG redeclare
2016-07-20 19:22:08 -07:00
2c92fee59f
fix WC_RNG redeclare
2016-07-20 17:18:58 -07:00
b265666174
Merge pull request #491 from toddouska/rsab-fixes
...
fix rsablind other builds
2016-07-20 15:22:19 -07:00
81526f8384
move wolfSSL Get RNG out of ifdef in header
2016-07-20 11:35:57 -07:00
1b980867d6
fix rsablind other builds
2016-07-20 11:35:57 -07:00
5d8a78be30
set heap hint for ctx
2016-07-20 11:47:36 -06:00
1f5b6d4e66
sanity check on buffer size
2016-07-20 11:44:22 -06:00
01ecc64052
avoid race condition with IO and handshake counter
2016-07-20 11:44:22 -06:00
17207ff61b
account for when FreeHandshakeResources is not called
2016-07-20 11:44:22 -06:00
8423ad0e96
Merge pull request #493 from dgarske/ecc_fixes
...
ECC fixes with Shamir disabled
2016-07-20 10:40:14 -07:00
e0f2bbd1b4
Added comment about why 0's test is disabled. ECC without Shamir fails with fast or normal math.
2016-07-19 19:12:45 -07:00
5e2502fa95
ECC without Shamir has issues testing all zero's digest, so disable this test if not using Shamir method. Fixed comment about "NO_ECC_SECP".
2016-07-19 14:34:32 -07:00
7a419ba6d8
Merge pull request #472 from dgarske/ecc_brainpool_koblitz
...
ECC and TLS support for all SECP, Koblitz and Brainpool curves
2016-07-19 11:44:53 -07:00
bdbf972d42
Merge pull request #486 from cconlon/openssl-script
...
openssl.test, switch -Verify to -verify to accomodate ADH cipher suites
2016-07-19 11:38:52 -07:00
32a2bd3863
Merge pull request #489 from toddouska/rsablind
...
Adds WC_RSA_BLINDING for RSA Private Operations
2016-07-19 09:03:09 -07:00
f88f501923
add unique RNG missing error
2016-07-18 18:10:38 -07:00
e866b55bb7
removes fallback.
2016-07-18 22:02:41 -03:00
1c71fb4ad1
scope tmpa/b with blinding, document RSA options
2016-07-18 17:37:03 -07:00
c2b55f69fa
fix 32bit mp_add_d need
2016-07-18 12:49:31 -07:00
d235a5f0cc
add WC_RSA_BLINDING, wc_RsaSetRNG() for RSA Private Decrypt which doesn't have an RNG
2016-07-18 11:57:47 -07:00
d3f7ddc486
leave off SHA1-RSA/ECDSA signature algorithms when NO_OLD_TLS is defined
2016-07-15 14:32:24 -06:00
dd329ac97b
fixes ocsp signer lookup in the cert manager.
2016-07-15 17:12:04 -03:00
e75642f011
openssl.test, switch -Verify to -verify to accomodate ADH cipher suites
2016-07-15 13:39:32 -06:00
c47f5f404c
Merge pull request #480 from toddouska/noecho
...
don't echo session id on blank ticket if we're going to create a new …
2016-07-15 13:12:27 -06:00
b1de4dcbbb
Merge pull request #481 from wolfSSL/fix_anon_cipher
...
Anonymous cipher fix
2016-07-15 13:05:32 -06:00
9a6f66a093
Merge pull request #484 from JacobBarthelmeh/master
...
add ARM 64bit type macro
2016-07-15 09:50:39 -07:00
aa9b1e964c
Fix for possible seg fault with anonymous cipher mode enabled. Do not perform signature/verify when using anon_cipher.
2016-07-14 15:58:35 -07:00
515bf5e135
add ARM 64bit type macro
2016-07-14 15:29:32 -06:00
c7b969b5b4
don't echo session id on blank ticket if we're going to create a new ticket
2016-07-13 18:45:10 -07:00
9a9a98ac82
Merge pull request #479 from toddouska/idlen
...
allow bogus client sessoinID of non 32 bytes with session ticket
2016-07-13 14:57:33 -06:00
5f21f93c61
allow bogus sessionID when ticket callback rejects ticket
2016-07-13 12:47:59 -06:00
c20551cc56
Merge pull request #478 from toddouska/flatten-fix
...
fix rsa flatten eSz check
2016-07-13 08:50:39 -07:00
7b76c3ab36
allow bogus client sessoinID of non 32 bytes with session ticket
2016-07-13 09:47:49 -06:00
b6aefad568
Merge pull request #477 from JacobBarthelmeh/master
...
remove hard tabs and replace with spaces
2016-07-12 16:31:13 -06:00
7a906e47ed
fix rsa flatten eSz check
2016-07-12 16:28:59 -06:00
97f60bc831
Merge pull request #476 from dgarske/fix_lpcxpresso
...
Fixes for LPCXpresso eclipse project
2016-07-12 15:23:09 -06:00
92341292c7
remove hard tabs and replace with spaces
2016-07-12 14:12:44 -06:00
8a20f7a909
Fix to exclude misc.c by default to eliminate #error about inline.
2016-07-12 13:07:08 -07:00
1c9f013c09
Include the .project and .cproject files in distribution. Fix issue with adding wolfssl to existing project, so the <name> is "wolfssl", not "lib_wolfssl".
2016-07-12 13:03:47 -07:00
1b149d3941
Merge pull request #474 from ejohnstown/dtls-ver
...
One last fix of the DTLS version numbers
2016-07-11 12:35:27 -07:00
3dc09ae0fb
one last fix of the DTLS version numbers
2016-07-08 17:20:56 -07:00
24ad3f7f3e
Merge pull request #473 from toddouska/ecc-timing-fix
...
Fix ecc timming missing variable. Fix fpecc thread local storage size with clang. Don't include comba includes if FP_SIZE is too small for index.
2016-07-08 15:08:58 -07:00
acc5389f9a
Fixed possible issue with OID pointer returned from "wc_ecc_get_oid" if "HAVE_OID_ENCODING" enabled. Was previously returning static pointer, which was shared for all OID's. Now uses cache for each OID, which also improves performance on subsequent calls to the same OID.
2016-07-08 14:22:21 -07:00
19db78fc76
Moved the ECC OID's into separate static const array to reduce ecc_sets size. Added "ecc_oid_t" typedef to determine "oid" size based on HAVE_OID_ENCODING option. Reduced the encoded variable size to word16.
2016-07-08 14:15:54 -07:00
8da8c87fa4
don't include comba includes if FP_SIZE is too small for index
2016-07-08 12:29:38 -07:00
c7318c8576
fix fpecc thread local storage size with clang
2016-07-08 12:01:52 -07:00
68d66d12d6
fix ecc timming missing variable
2016-07-08 11:57:24 -07:00
7a1acc7e56
Added TLS support for all SECP and Brainpool curves. Added ECC curve specs for all Brainpool, Koblitz and R2/R3. Adds new "HAVE_ECC_BRAINPOOL", "HAVE_ECC_KOBLITZ", "HAVE_ECC_SECPR2" and "HAVE_ECC_SECPR3" options. ECC refactor to use curve_id in _ex functions. NID and ECC Id's match now. Added ability to encode OID (HAVE_OID_ENCODING), but leave off by default and will use pre-encoded value for best performance.
2016-07-07 10:59:45 -07:00
0f25ee703d
Merge pull request #468 from JacobBarthelmeh/master
...
option to use test.h without gettimeofday
2016-07-06 18:48:18 -07:00
5fbab0e6a7
option to use test.h without gettimeofday
...
revert parameter passed to current_time with TIRTOS
2016-07-01 16:57:49 -06:00
00cd0a3146
Merge pull request #471 from dgarske/fixdoubleinit
...
Remove double call to "wolfCrypt_Init()" in test.c
2016-06-30 19:32:52 -07:00
df87ee810f
Merge pull request #469 from cconlon/bug-fixes
...
update README with CU bug fix note
2016-06-30 19:31:58 -07:00
000f1a19e5
Merge pull request #470 from JacobBarthelmeh/Testing
...
sanity checks
2016-06-30 19:30:28 -07:00
dcdc28e014
Remove double call to "wolfCrypt_Init()" in test.c. Appears to have been added in static memory merge on 6/10.
2016-06-30 16:51:13 -07:00
8bba628f3f
sanity check in function GetInputData and when shrinking buffer
2016-06-30 13:42:38 -06:00
f194c216c0
Merge pull request #466 from JacobBarthelmeh/mutex
...
free ctx in case of InitMutex fail
2016-06-30 12:05:06 -07:00
cf522314ce
sanity checks
2016-06-30 11:41:22 -06:00
a2bd4719ee
update README with CU bug fix note
2016-06-29 16:54:25 -06:00
3f36a914da
remove cast from enum to int
2016-06-29 14:28:36 -06:00
c17830e5c7
Merge pull request #467 from dgarske/stdlib_macro_cleanup
...
Cleanup of stdlib function calls
2016-06-29 12:14:09 -07:00
5b3a72d482
Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h.
2016-06-29 11:11:25 -07:00
eb072e0344
Merge pull request #463 from JacobBarthelmeh/master
...
update mysql port
2016-06-28 14:56:57 -07:00
981cf9cbcb
Merge pull request #462 from cconlon/bug-fixes
...
PemToDer Bug Fixes
2016-06-28 09:58:18 -07:00
0589fe0d39
free ctx in case of InitMutex fail
2016-06-28 09:29:28 -06:00
7da797dd4c
Merge pull request #464 from wolfSSL/revert-461-bio
...
Revert "Bio"
2016-06-27 14:50:50 -07:00
f18ff8bfa4
update mysql patch
2016-06-27 15:44:52 -06:00
ac6635593b
Revert "Bio"
2016-06-27 10:53:34 -07:00
9c7bea46d2
fix out of bounds read in PemToDer with 0 size der buffer, CU #4
2016-06-27 10:53:19 -06:00
92e501c8e4
fix possible out of bound read in PemToDer header, CU #3
2016-06-27 10:53:19 -06:00
2951e167b5
check return code of PemToDer in wolfSSL_CertManagerVerifyBuffer, CU #2
2016-06-27 10:23:22 -06:00
8fac3fffea
fix possible out of bounds read in PemToDer, CU #1
2016-06-27 10:23:22 -06:00
3a18b057d7
Merge pull request #460 from dgarske/DerBufMemcpyCleanup
...
Cleanup of DerBuffer duplication
2016-06-24 14:51:30 -07:00
fbef3c2523
Merge pull request #461 from JacobBarthelmeh/bio
...
Bio
2016-06-24 14:50:52 -07:00
49934a5c91
Merge https://github.com/wolfSSL/wolfssl into bio
2016-06-24 14:22:14 -06:00
d0e832bda9
change file name from compat-wolfssl to compat-wolfcrypt
2016-06-24 19:10:39 +02:00
033f308a08
change file name from compat-wolfssl to compat-wolfcrypt
2016-06-24 19:00:39 +02:00
19da114c0c
Merge pull request #454 from ejohnstown/dtls-version
...
DTLS Hello Verify Request Version Number
2016-06-24 08:44:55 -07:00
4215182945
fix macro error
2016-06-24 13:27:49 +02:00
0c43123a01
Fix BIO based on review
2016-06-24 10:54:58 +02:00
379af941a8
Merge pull request #459 from ejohnstown/aes-cmac-fixes
...
AES-CMAC Fixes
2016-06-23 22:10:26 -06:00
b0f7d819bd
Cleanup of DerBuffer duplication that was using memcpy still after refractor and should be direct pointer copy.
2016-06-23 18:14:22 -07:00
ffb537c33f
removed dependency on AES-NI for the AES-direct test
2016-06-23 15:34:09 -06:00
0d031fcbd7
added parameter checking to Generate and Verify
2016-06-23 15:34:09 -06:00
746ae2f4e5
Merge pull request #458 from JacobBarthelmeh/master
...
fix secure renegotiation build
2016-06-23 13:34:39 -07:00
0b91e000bb
fix secure renegotiation build
2016-06-23 13:10:39 -06:00
02ef518a75
Merge pull request #456 from dgarske/FixEccCompKey
...
Fixes for ECC compressed keys
2016-06-22 14:47:42 -07:00
f6bbe845f5
Merge https://github.com/wolfSSL/wolfssl into bio
2016-06-22 09:14:53 -06:00
47c1f4e68f
Fix possible use of ForceZero with NULL pointer. Improve init of "kb" when small stack disabled, so memset isn't performed twice.
2016-06-22 07:22:30 -07:00
69db94d668
Fix build error for un-initialized "kb" variable when built with fixed point cache and small stack enabled.
2016-06-22 07:06:07 -07:00
d294dc363e
Fix scan-build warning with "redundant redeclaration of 'fp_isprime'". Changed "fp_isprime" and "fp_isprime_ex" to local static only. Also made "fp_gcd", "fp_lcm", and "fp_randprime" static functions.
2016-06-21 19:35:25 -07:00
1db880b6bf
Fixed issue with compressed keys and custom curves. The inLen adjustment for compressed curves was only be done for built-in curves.
2016-06-21 15:55:17 -07:00
dd52af0872
ECC cleanup / fixes. Improvements to ECC with fast math enabled to avoid mp_clear on stack variables. Refactor of ECC failure cleanup (fixes possible mem leaks with small stack enabled). Refactor of "fp_is*" response checks to use FP_YES or FP_NO. Pulled libtom enhancement/cleanup of fp_isprime. Fix for compressed keys import with custom curves (still having some issues though).
2016-06-21 15:27:51 -07:00
aa1a405dd1
Fixes for compressed keys. Fix to fast math "mp_cnt_lsb" to return proper value, which fixes "mp_jacobi", which fixes "mp_sqrtmod_prime", which fixes compressed keys for 224-bit key. Removed workarounds for compressed keys. Added new configure option "--enable-compkey". Fixed issue with normal math and custom curves where "t2" could be free'd and used. Fixed issue with mp_dump in integer.c, with not allocating correctly sized buffer for toradix.
2016-06-21 14:06:02 -07:00
5fa80a2667
Merge pull request #455 from toddouska/version
...
bump dev version
2016-06-20 22:07:18 -07:00
f4473edfb1
bump dev version
2016-06-20 16:20:18 -07:00
335865a5b2
Merge pull request #447 from ejohnstown/dtls-retx
...
DTLS Retransmit Fix
2016-06-20 15:46:55 -07:00
79e2af8c15
Merge pull request #445 from ejohnstown/dtls-alert
...
DTLS bad MAC alert
2016-06-20 15:36:18 -07:00
a859cf189d
Merge pull request #443 from ejohnstown/new-ccm-suite
...
Add cipher suite ECDHE-ECDSA-AES128-CCM
2016-06-20 15:34:55 -07:00
6d520e0da9
hello verify request handshake version number to match server hello version number
2016-06-20 11:08:45 -06:00
de4448c59b
Merge pull request #452 from dgarske/fixeccscanbuildwarning
...
Fixes scan-build warning in ecc.c line 2208
2016-06-20 09:09:21 -07:00
3789d9913c
Fixes scan-build warning "wolfcrypt/src/ecc.c:2208:6: warning: Use of memory after it is freed". This is due to a rebase issue with static memory changes after the new ECC custom curves changes. The precomp[] is init to NULL at top so cleanup can always be done at end (shouldn't be done in middle).
2016-06-18 22:35:52 -07:00
9173ecdc04
Merge pull request #450 from dgarske/NidFix
...
Fix for NID names on NIST prime 192 and 256 curves
2016-06-18 16:14:04 -07:00
eb1d8d5df6
Fix for NID names on NIST prime 192 and 256 curves. Cleanup of the memcpy/memset in .i files to use portable names.
2016-06-17 15:59:25 -07:00
ffee1eafd9
add test_bio.txt to .getignore
2016-06-17 16:20:54 -06:00
b8e00a3448
Merge pull request #449 from moisesguimaraes/fix-ocsp-stapling-tests
...
fixes ocsp stapling tests ignoring CRL
2016-06-17 15:16:39 -06:00
ea71814518
Merge https://github.com/wolfSSL/wolfssl
2016-06-17 13:58:53 -06:00
e8c4950a83
Merge pull request #446 from cconlon/cleanup
...
Remove unimplemented function prototypes
2016-06-17 12:57:55 -07:00
4fc07a2e9e
Merge pull request #415 from dgarske/customcurve-mathupdate
...
Support for custom ECC curves and math lib updates
2016-06-17 12:56:52 -07:00
db7aab5e37
fixes ocsp stapling tests ignoring CRL
2016-06-17 08:19:57 -03:00
16b85cee8f
Merge pull request #448 from cconlon/winfix
...
Fix windows example echoserver
2016-06-16 18:18:32 -06:00
a7c7407406
fix windows example echoserver
2016-06-16 16:39:18 -06:00
6da166d83b
Enhancement / cleanup of the "wc_ecc_make_key_ex" API so it can be used with "keysize" or "dp" and allows compatibility with existing "wc_ecc_make_key". Note: "wc_ecc_make_key_ex" was not previously public, so changing it at this point is okay.
2016-06-16 10:38:15 -07:00
d55663eaee
Added ECC API's for using custom curves that are not in the "ecc_sets" list. Added wolfCrypt test to validate/demonstrate custom curve using BRAINPOOL256R1. Exposed "wc_ecc_make_key_ex" and added "wc_ecc_import_x963_ex" / "wc_ecc_import_raw_ex" API's that accept "const ecc_set_type*" for custom curve. Internally use "ECC_CUSTOM_IDX" (-1) to define custom curve is used. Added "--enable-ecccustcurves" option to configure.ac.
2016-06-16 10:09:41 -07:00
69b6ac504f
Fixes for ecc heap errors after rebase.
2016-06-16 06:46:22 -07:00
8f3c56c03f
Fix where the last flight was getting retransmit on timeout notification.
2016-06-15 18:44:25 -07:00
31908b7263
remove unused protos for wc_Sha384Free and wc_Sha512Free, not impmlemented by ti-hash.c
2016-06-15 11:34:29 -06:00
3fec69d3f8
remove unused proto for wc_SetCertificatePolicies
2016-06-15 10:50:41 -06:00
237193fdee
Fixed scan-build warning about "len" being used un-initialized in ecc_mul2add. Cleanup of the "mu" variable handling.
2016-06-15 08:41:51 -07:00
7c5483ba0b
Performance improvements in fp_mulmod, fp_submod and fp_submod to handle ALT_ECC_SIZE better. Revert fp_clear to fp_add_d, since it isn't required and slows it down.
2016-06-15 08:41:51 -07:00
5703e5eadb
ECC changes to support custom curves. Added new "WOLFSSL_CUSTOM_CURVES" option to support non-standard ECC curves in ecc_is_point and ecc_projective_dbl_point. Refactor to load and pass curve "a" parameter down through ECC functions. Relocated mp_submod and added mp_addmod. Refactor to pass mp variable directly (not pointer) for montgomery variable. Fix in mp_jacobi to also handle case of a == 0. Cleanup of *_ecc_mulmod and wc_ecc_make_key_ex error handling. Cleanup of ecc_map for handling normal, fast and alt_ecc math for optimization of performance and allowing reduced ecc_size.
2016-06-15 08:41:51 -07:00
bb17bac018
Updated the naming for the ECC curve sets. Additional comments for each curve parameter.
2016-06-14 16:56:22 -07:00
87c00eb3f3
Math updates from libtom. Fixes in mp_read_radix for to include char 36 and clear the destination before checks. Fix to clear tmp value on fp_sub_d and fp_add_d. Fixes in assembly for x86-32 INNERMUL, PPC32 INNERMUL and PROPCARRY and x86-64 SQRADD. Added mp_isneg. Refactor of mp_iszero, mp_iseven, mp_isodd and mp_isneg to check using MP_YES or MP_NO. Changed fp_read_unsigned_bin "b" arg to const. Removal of the "register" on stack variables to let compiler determine best optimization.
2016-06-14 16:56:22 -07:00
7a3cb23af9
Merge pull request #444 from JacobBarthelmeh/master
...
prepare for version 3.9.6
2016-06-14 15:51:01 -07:00
35f43f9216
In DTLS, if a mac or decrypt error is detected, just drop the datagram and don't send an alert
2016-06-14 14:36:08 -07:00
03de8e3464
prepare for version 3.9.6
2016-06-14 14:35:12 -06:00
2f9c9b9a22
Add cipher suite ECDHE-ECDSA-AES128-CCM
...
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.
Tested against GnuTLS's client and server using the options:
$ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
$ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"
To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
2016-06-13 14:39:41 -07:00
2752f3f9c9
Merge pull request #442 from toddouska/mcapi-aes
...
fix mcapi aes size with heap
2016-06-11 12:52:59 -07:00
02985b16ac
fix mcapi aes size with heap
2016-06-11 09:29:20 -07:00
a156cedabc
Merge pull request #435 from JacobBarthelmeh/staticmemory
...
Staticmemory
2016-06-10 17:03:49 -07:00
707714dd38
threaded fixes with static memory
2016-06-10 15:35:02 -06:00
3d3591a227
typdef gaurd / error out on bad mutex init / handle no maxHa or maxIO set
2016-06-10 14:13:27 -06:00
cbefaef6bc
Merge pull request #440 from toddouska/output-size
...
Output size
2016-06-10 11:33:31 -06:00
2bda6c6449
16 byte aligned static memory
2016-06-10 11:15:54 -06:00
620ea41191
Merge pull request #439 from kaleb-himes/update-cert-buffers
...
update certificate buffers per github issue #422
2016-06-10 10:08:25 -06:00
dede05db9e
Merge pull request #441 from dgarske/time_base64enc
...
Public "wc_GetTime" API and "configure --enable-base64encode"
2016-06-10 08:47:08 -07:00
ea3d1f8e17
extended method function
2016-06-09 23:41:51 -06:00
b3068ffef5
Added new public "wc_GetTime" API for getting seconds from the asn.c XTIME. Added new "./configure --enable-base64encode" to enable Base64 encoding (now enabled by default for "x86_64").
2016-06-09 16:26:39 -07:00
6551c9fcab
add getter for max output size
2016-06-09 14:51:07 -07:00
76d960c4c0
update certificate buffers per github issue #422
2016-06-09 13:47:33 -06:00
7943f68f2a
run allocation tool on ocsp and check for mallocs
2016-06-09 12:03:28 -06:00
367b519407
Merge pull request #424 from kojo1/MDK5
...
updated MDK5 projects
2016-06-09 10:47:04 -07:00
8be5409bc5
static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint
2016-06-09 11:36:31 -06:00
664d2190ba
session ticket extension fix with static memory heap hint
2016-06-08 10:50:20 -06:00
a2d7ba0dd9
add output size getter
2016-06-08 09:32:34 -07:00
e214086dce
tlsx with static memory / account for session certs size
2016-06-08 09:18:43 -06:00
c48db891d1
Merge pull request #433 from ejohnstown/aes-cmac
...
Aes cmac
2016-06-07 16:48:46 -07:00
c1c1990247
Merge pull request #437 from tisb-vikram/master
...
Enable ECC features for TI devices
2016-06-07 16:00:20 -07:00
57675dc51d
add ALT_ECC_SIZE for TI build to reduce memory usage
2016-06-07 14:05:35 -07:00
738373038b
clean up staticmemory with crl
2016-06-06 17:50:54 -06:00
e1edadafe1
ocsp with static memory, remove unused function
2016-06-06 16:19:33 -06:00
9f7e8a6f4b
Merge pull request #436 from JacobBarthelmeh/master
...
fix index to check for sperator value
2016-06-06 14:52:20 -07:00
4ba77a7059
add HAVE_SUPPORTED_CURVES to TI-RTOS wolfSSL configuration
2016-06-06 13:50:14 -07:00
db90594909
adjust pointer cast, ssl rng with fips and unused param
2016-06-06 14:32:49 -06:00
e085be9485
fix index to check for sperator value
2016-06-06 10:34:35 -06:00
a25df5b78e
Merge pull request #434 from toddouska/crlbuffer
...
add wolfSSL and wolfSSL_CTX LoadCRLBuffer()
2016-06-06 09:01:25 -07:00
38d5480256
Merge pull request #432 from JacobBarthelmeh/DTLS-MultiCore
...
import / export of peer connection information
2016-06-06 08:51:24 -07:00
2feee8856e
revise static memory and update heap hint
2016-06-04 19:03:48 -06:00
104ff12e76
add staticmemory feature
2016-06-04 19:01:23 -06:00
3f205d19f4
add wolfSSL and wolfSSL_CTX LoadCRLBuffer()
2016-06-03 15:13:16 -07:00
d05754f9db
Merge pull request #404 from moisesguimaraes/wolfcrypt-py
...
wolfcrypt Python wrapper
2016-06-03 08:24:12 -07:00
7f71c526f6
adds python3 support
2016-06-03 10:37:41 -03:00
6736ffe10e
adds links to wolfssl.com
2016-06-02 22:08:57 -03:00
a76291c2e2
adds tox instructions
2016-06-02 21:38:34 -03:00
046b987324
callbacks for setting and getting peer ip/port/family
2016-06-02 09:23:12 -06:00
5be916e336
Merge pull request #403 from ejohnstown/dtls-fix
...
when dropping a DTLS message, drop the whole datagram
2016-05-30 17:26:25 -06:00
73328ac4bc
import / export of peer connection information
2016-05-26 16:26:08 -06:00
a4fa4d5253
Merge pull request #431 from JacobBarthelmeh/master
...
sanity checks on wolfSSL_dtls_get_peer arguments
2016-05-26 14:46:58 -07:00
806a0bbaa7
Merge pull request #430 from toddouska/sesstick_type_typo
...
fix dynamic type session ticket typos
2016-05-26 11:35:46 -07:00
61801e06df
add benchmark for AES-CMAC
2016-05-25 16:12:19 -07:00
1b9b7f52c9
1. Reformat a couple of #ifdefs around if(dtls) checks.
...
2. Move fuzz update for DTLS GetRecordHeader to be like the TLS case.
3. DtlsCheckWindow only allows current epoch and last epoch.
4. ProcessReply only retransmits flight on a CCS out of sequence when
still retaining the handshake data.
2016-05-25 15:44:06 -07:00
5e1f06ce52
sanity checks on wolfSSL_dtls_get_peer arguments
2016-05-25 10:57:00 -06:00
669cdfc357
fix dynamic type session ticket typos
2016-05-25 09:47:54 -07:00
ae093ded8f
add standalone AES-CMAC generate and verify functions
2016-05-25 09:22:39 -07:00
5d67bb881e
fix memory leaks
2016-05-25 17:44:31 +02:00
bb754bb46a
Fix Win32 warnings
2016-05-25 13:49:06 +02:00
9bf4598772
use constant for Cmac type
2016-05-24 16:46:04 -07:00
dbfd5dffaf
added parameter checks
2016-05-24 11:21:06 -07:00
b3d068dc40
Merge pull request #418 from toddouska/dyntickets
...
Dyntickets
2016-05-24 11:00:14 -07:00
1d675ed1e6
Fix va_copy error for Win32 build and AES-NI segfault
2016-05-24 18:17:26 +02:00
c0cbc97b06
add AES-CMAC
2016-05-23 17:50:36 -07:00
07ce928bf3
adds installation testing with vagrant
2016-05-23 21:10:44 -03:00
04d5ca41df
adds --enable-Sha512 to make sure it is always present
2016-05-23 20:33:11 -03:00
9ab5ec4a36
Merge pull request #428 from dgarske/eccmathfixes
...
Fixed bug with "ecc_projective_add_point"
2016-05-23 11:46:54 -07:00
61f0af5cf3
Merge pull request #429 from dgarske/wolfcryptinit
...
Added missing wolfCrypt_Init() to wolfCrypt test application
2016-05-23 09:23:42 -07:00
ab1d6c91bf
fix errors (win32, met leak)
2016-05-23 13:46:26 +02:00
99b5aa587f
Fix errors (jenkins)
2016-05-23 11:11:57 +02:00
5eb7768d00
Added missing wolfCrypt_Init() to wolfCrypt tests.
2016-05-22 18:18:06 -07:00
15cd06b7ca
Fixed bug with "ecc_projective_add_point" that was not protecting the case where Q == R and using the R variable directly for the result. Now if Q == R then swap P and Q and using a local x,y,z, is only required when used with ALT_ECC_SIZE.
2016-05-22 17:31:36 -07:00
7c93912f1d
reject messages that are too far from the future
2016-05-22 16:10:47 -07:00
eb6153f028
Merge pull request #425 from shihrer/master
...
Fixed scripts/benchmark.test, replaced == with -eq
2016-05-20 14:49:43 -06:00
f369f8a434
Merge pull request #426 from jrblixt/master
...
Changes to date
2016-05-20 14:48:04 -06:00
ed4f67058a
Merge branch 'master' of https://github.com/wolfssl/wolfssl
2016-05-20 21:51:13 +02:00
f1860d6263
Changes to date
2016-05-20 09:48:03 -06:00
fa94f5ffe9
Replaced == with -eq to fix benchmark.test scripting error
2016-05-20 09:43:30 -06:00
fcc0eb7a6a
fixes install instructions
2016-05-20 03:55:57 -03:00
217ccd8b6a
updated MDK5 projects for 3.9.0. Eliminated files for older versions
2016-05-20 13:32:23 +09:00
504081e602
Merge pull request #421 from ejohnstown/limit-country-code
...
Limit Country Name size
2016-05-19 16:05:15 -07:00
1bb5c48080
Merge pull request #423 from dgarske/bench-ecc-encrypt-decrypt
...
Added a benchmark for ECC encrypt/decrypt
2016-05-19 14:47:03 -07:00
c1507957c4
Added a benchmark for ECC encrypt/decrypt when enabled via "HAVE_ECC_ENCRYPT" or "--enable-eccencrypt --enable-hkdf".
2016-05-19 11:42:00 -07:00
bae0fe9b63
MakeCertReq() was not checking return codes correctly for the SetFoo()
...
functions.
2016-05-18 15:14:23 -07:00
5c8daa0ac6
1. SetName() should return error if country code isn't 2 bytes.
...
2. MakeCert() was not checking return codes correctly for the SetFoo()
functions.
3. Added error code for invalid country code length.
2016-05-18 15:04:40 -07:00
03e6f7cca3
RFC 5280 Appendix A.1 states that the Country Name in a certificate
...
shall have a size of 2 octets. Restrict country name length to 2 or 0.
2016-05-18 10:39:18 -07:00
b8c0802e3c
Merge pull request #414 from JacobBarthelmeh/DTLS-MultiCore
...
Dtls multi core
2016-05-17 17:39:18 -07:00
47a1dd8cc4
fixes install steps
2016-05-17 14:15:17 -03:00
9fe6ca3130
remove XSNPRINTF
...
add a full BIO client/server test
2016-05-17 17:49:30 +02:00
1b278edfd0
fix unused functions, make WOLFSSL first parameter, add comments
2016-05-16 23:48:26 -06:00
a000ee4db3
remove empty dirs
2016-05-16 22:17:09 -03:00
dc080694b4
reorder installation steps
2016-05-16 21:55:31 -03:00
2851f7d6a1
remove unnecessary dependency
2016-05-16 20:37:42 -03:00
2a0adc74a0
fixes wrapper path
2016-05-16 20:13:26 -03:00
347d80e879
removes folders from include.am
2016-05-16 15:49:32 -03:00
40cf30a13d
adds .gitignore to include.am
2016-05-16 15:31:51 -03:00
4017e0f8dd
fix BIO issues :
...
- remove unrequited tests
- fix compilations for lighty, stunned, openssh
- wc_BioGetAcceptSocket IPv4 / IPv6 support
- remove <stdio.h> from bio.h
- add NO_STDIO_FILESYSTEM for BIO_printf
- memset -> XMEMSET
- strlen -> XSTRLEN
2016-05-15 20:22:19 +02:00
d76d74d6c5
updates Linux deps on README
2016-05-15 15:08:16 -03:00
c8576566cc
add public wolfSSL_dtls_export and api tests
2016-05-14 12:49:09 -06:00
185e60ad19
based on pr#316; turns isDynamic ticket off on some failure cases, move an XFREE out of a Lock that isn't required
2016-05-13 14:11:46 -07:00
1ea01a7ad8
Merge branch 'master' of https://github.com/NickolasLapp/wolfssl into dyntickets
2016-05-13 09:07:55 -07:00
3897f78073
truncated hmac export and sanity checks
2016-05-13 09:11:38 -06:00
67ab30088b
Merge pull request #416 from dgarske/mathmemleakfix
...
Fix mem leak with fast math disabled due to recent ecc_projective_add_point changes
2016-05-12 15:23:19 -07:00
2ad9d41641
Performance improvement for fast math mp_clear to use fp_zero (memset) instead of fp_clear(ForceZero). Added new mp_forcezero function for clearing/free'ing sensitive private key data. Changed ECC and RSA to use mp_forcezero to explicitly handle private key clearing.
2016-05-12 11:50:34 -07:00
8d66ba2923
refactor export/import of cipher specs struct
2016-05-12 10:06:15 -06:00
fbf39a761a
refactor export/import of key struct
2016-05-12 09:23:38 -06:00
f9ce2f2677
verify cipher suite is valid on import
2016-05-12 09:09:07 -06:00
39833768cf
Merge pull request #417 from toddouska/stdio
...
make sure stdio.h can be swtiched off if not available
2016-05-11 14:55:05 -07:00
cc16a543dd
make sure stdio.h can be swtiched off if not available
2016-05-11 10:11:25 -07:00
440956f8d4
Fixed new issue with ecc_projective_add_point not free'ing the local x, y, z if fast math was disabled. Formatting cleanup in integer.c.
2016-05-11 08:47:30 -07:00
3bff6f10e3
Merge pull request #411 from dgarske/mathfixes
...
Math fixes
2016-05-10 14:45:20 -07:00
8c45cb1938
add DTLS session export option
2016-05-10 13:27:45 -06:00
2fb4506922
iFixes to FP_MAX_BITS_ECC calculation. Alignment check against digit_bits is based on max ecc bits times two. If alignment check fails we add a digit_bit to make sure we have enough room.
2016-05-10 12:20:39 -07:00
9659505260
updates python docs
2016-05-09 18:46:01 -03:00
d71d0f2cb4
Fix with fast math disabled so ecc_projective_add_point uses temp local variable for x,y,z result.
2016-05-09 13:29:25 -07:00
412141198e
drops 'import about' requirement
2016-05-09 15:25:18 -03:00
8f6352725a
Fixed math for FP_MAX_BITS_ECC calculations. Error in alignment check. Altered non-aligned formula to be (max bits * 2) + digit, then 8-bit aligned. Cleanup of the example user_settings.h.
2016-05-09 10:34:37 -07:00
8c9b8a596a
Fixed calculation of max ECC bits with ALT_ECC_SIZE defined so it only allocates what is required. For 8-bit aligned curve sizes its double the max bits. For un-aligned curves sized, like ECC521, its 521 8-bit aligned, doubled, plus digit bit.
2016-05-09 09:51:11 -07:00
44b1f98b39
Fixed issue with ALT_ECC_SIZE and default value for FP_MAX_BITS_ECC so its based on max enabled ECC curve bits.
2016-05-09 09:51:11 -07:00
880b2e454b
Refactor of the ecc_projective_add_point and ecc_projective_dbl_point functions to eliminate duplicate versions. Modified new single functions to work with normal, fast and alt_ecc_size math options. Careful use of mp_clear to retain original performance.
2016-05-09 09:51:11 -07:00
fe58db2a07
Fixed typo with new "eccshamir" configure option.
2016-05-09 09:51:11 -07:00
1b602d783c
Fast math correction of "sizeof" to use (). Updates to tfm and ecc comments.
2016-05-09 09:51:11 -07:00
5cbc4bdf29
Added new "WOLFSSL_DEBUG_MATH", which enables use of "mp_dump" to display information about an mp_int.
2016-05-09 09:51:11 -07:00
a4782fcf01
Fix in fast math version of ecc_projective_dbl_point to use a local for x,y,z since ecc_point fp_int's are reduced size and cause math issues with ALT_ECC_SIZE enabled. Added local stack variable cleanups for ecc_projective_add_point.
2016-05-09 09:51:11 -07:00
0ddbe0e60e
Enhancement to RSA math function "_fp_exptmod" (non timing resistant version) to support WOLFSSL_SMALL_STACK, which moves the allocation of the 64 fp_int's from the stack to the heap.
2016-05-09 09:51:11 -07:00
fa5dd01001
Fixes/improvements to the wolfCrypt ECC tests. Fixed bug with sharedA/sharedB being too small when BENCH_EMBEDDED is used and curve size over 256 bit. Added error message for ECC test failures, to show the curve size used. Fix to wc_ecc_verify_hash test to use digest that is not all zeros as that doesn't work correctly for non-Shamir ECC math. Changed return code for wc_ecc_check_check so its unique.
2016-05-09 09:51:11 -07:00
a5d27853fa
Fixes to fp_mul and fp_div to clear any excess digits on the destination. Added compile-time check to confirm FP_SIZE is compatible with TFM_ acceleration defines enabled. Updated comments in other places where excess digits are cleared.
2016-05-09 09:51:11 -07:00
7c3fbd7644
Fix for fp_copy() when used with ALT_ECC_SIZE so any excess digits on the destination that we didn't write to are set to zero.
2016-05-09 09:51:11 -07:00
9001036e09
Fixes memory leak in the wc_RsaFunction if failure happens when using normal math (not fast math) and RSA_LOW_MEM is not defined.
2016-05-09 09:51:11 -07:00
9f0fa7500f
Added configure "--disable-eccshamir" option.
2016-05-09 09:51:11 -07:00
f438e7ac65
Fix for Fedora 32/64
2016-05-09 08:13:17 +02:00
03b571cde4
fix some bugs, add Windows support
2016-05-07 21:12:08 +02:00
ecba5161ac
default copyInto static instead of dynamic
2016-05-06 13:15:21 -06:00
1c664ae710
Merge pull request #412 from cconlon/netRandom
...
add support for Whitewood netRandom
2016-05-06 07:31:18 -07:00
3449990374
add example netRandom config file
2016-05-05 15:34:52 -06:00
8f3e1165a1
add Whitewood netRandom client library support
2016-05-05 15:31:25 -06:00
ee21d33794
Merge pull request #407 from wolfSSL/embOS-port
...
embOS port
2016-05-05 13:27:27 -07:00
4df12e1bd5
Add note for users about embOS directory
2016-05-05 12:29:20 -06:00
e5f1ad5702
Merge pull request #410 from kaleb-himes/master
...
update version to 3.9.1
2016-05-05 10:59:05 -07:00
6b8c6cebc7
Merge pull request #409 from dgarske/rowleyfixes
...
Rowley Crossworks updates/fixes
2016-05-05 11:49:46 -06:00
726703e903
Added details on RTC oscillator startup delay and implemented a delay_us function. Added information about NO_INLINE and USE_SLOW_SHOW to example user_settings.h. Moved the USE_SLOW_SHA2 into the SHA512 area.
2016-05-05 09:43:11 -07:00
b0c23ceafa
fixes about
2016-05-05 12:48:47 -03:00
5d1de3bb33
One file for all BIO functions in wolfcrypt
...
move required functions from wolfssl to wolfcrypt
add client/server tests for BIO
2016-05-05 12:58:21 +02:00
5ee0659e1b
Rowley Crossworks updates/fixes. Fixed issue with the RTC init for scenario where TIF is set. Added support for HW RNG only by providing reference custom_rand_generate_block. Updated kinetis_hw.c comments about serial ports on boards. Updated the stack/heap settings. Updated the user_settings.h with a well documented and configurable reference.
2016-05-04 23:11:08 -07:00
9e9fd24d68
updates metadata; drops py26 tests
2016-05-04 21:38:27 -03:00
ca2f0af2e4
Make suggested changes from first review
...
Add changes to the example user settings noted by david
missed .dep files, exclude these as well
.dep files are necessary
rebase
2016-05-04 17:28:19 -06:00
3e19316f8a
update version to 3.9.1
2016-05-04 16:45:51 -06:00
f9f9546d0e
Merge pull request #408 from cconlon/header-fix
...
fix aes_asm.asm header format
2016-05-04 14:38:23 -07:00
84651e97d3
Merge pull request #405 from dgarske/memtrackdebug
...
Memory tracking cleanup and new debug memory option
2016-05-04 14:01:37 -07:00
41d19b49ae
Remove WOLFSSL_TRACK_MEMORY
2016-05-04 14:09:45 -06:00
6e26cac686
Reworking directories and simplify README
2016-05-04 13:03:05 -07:00
822d71431e
Moved mem_track.h into wolfssl/wolfcrypt. Added new WOLFSSL_DEBUG_MEMORY option. Added documentation for using mem_track and new debug memory option.
2016-05-04 10:04:38 -07:00
ab53d732ce
Merge pull request #398 from JacobBarthelmeh/master
...
update to MYSQL compatibility
2016-05-04 09:10:39 -07:00
1b5ed7fb09
Merge pull request #406 from cconlon/starttls
...
fix type comparison on 32bit for starttls
2016-05-04 09:06:46 -07:00
8176c74b3e
Merge branch 'embOS-port' of https://github.com/wolfssl/wolfssl into embOS-port
2016-05-04 08:57:06 -07:00
197672d4fc
define KEEP_OUR_CERT to set keeping ssl certificate
2016-05-04 09:05:11 -06:00
d91ec3ce77
fix aes_asm.asm header format
2016-05-04 09:02:50 -06:00
d184f8b1aa
wolfSSL embOS port Initialize
...
self-review complete
Removed autogenerated files
2016-05-03 17:09:55 -06:00
4b16600011
fix type comparison on 32bit for starttls, zero tmp buffer
2016-05-03 13:52:04 -06:00
b2325aad6d
option to keepCert for ssl lifetime, refactor of ourCert process
2016-05-03 09:22:16 -06:00
d1ab51e10f
maintain lighttpd port
2016-05-03 09:22:16 -06:00
05e56b75f6
scan-build, valgrind issues and fix issue with ExtractDate, struct tm
2016-05-03 09:22:16 -06:00
38bbd41f99
add EDH-RSA-AES256-SHA, used in one mysql test
2016-05-03 09:22:16 -06:00
bd4e8ac714
cipher name string format
2016-05-03 09:22:15 -06:00
6613ebb642
persistant X509 struct with ssl session
2016-05-03 09:22:15 -06:00
f88d82375e
add function wolfSSL_ASN1_TIME_to_string
2016-05-03 09:22:15 -06:00
f19541ffe5
update to MYSQL compatibility
2016-05-03 09:22:15 -06:00
3181731404
adds docs
2016-05-03 00:49:56 -03:00
f9ab61db5d
Merge pull request #402 from cconlon/starttls
...
use send/recv instead of write/read with STARTTLS
2016-05-02 17:19:50 -07:00
ddcf47eadd
when dropping a DTLS message, drop the whole datagram
2016-05-02 15:18:08 -07:00
a94383037c
use send/recv instead of write/read with STARTTLS for winsock compatibility
2016-05-02 14:36:59 -06:00
52d6fb575b
Merge pull request #395 from cconlon/starttls
...
add STARTTLS support to example client
2016-04-29 14:24:08 -07:00
69ac477976
updates docs template
2016-04-29 16:25:53 -03:00
1efd1343ee
initial docs
2016-04-29 16:13:38 -03:00
89f15f9393
Merge pull request #400 from ejohnstown/dtls-sanity-check
...
Fixes DTLS sanity check and bug with DTLS timeout notification deleting the peer's received msg list.
2016-04-29 11:55:40 -07:00
00737d1e82
Ensure that tmpBuff gets assigned null after free.
2016-04-29 09:45:44 -06:00
1bd65cc8a9
First version for OpenSSL BIO compatibility
2016-04-29 16:34:11 +02:00
0a1212924e
Merge pull request #401 from cconlon/warning-fixes
...
fix visual studio code analysis warnings
2016-04-28 16:45:08 -07:00
46addfb130
move example client STARTTLS into separate funcs
2016-04-28 14:21:33 -06:00
78e62eddd7
fix visual studio code analysis warnings
2016-04-28 13:08:50 -06:00
2f05c96004
added braces to else clause for compiler warning differences
2016-04-28 11:33:29 -07:00
e0c7739fd6
fix bug with non-blocking DTLS where the stored peer messages were deleted after a timeout
2016-04-28 10:50:51 -07:00
0511c8cac8
delay check of DTLS handshake message's RH version until the handshake header check
2016-04-28 10:50:51 -07:00
7123b080ed
fix issue with missing client key exchange and duplicate change cipher spec messages.
2016-04-28 10:50:51 -07:00
66d41eee36
updates python README
2016-04-28 13:36:41 -03:00
d8309ab624
adds python ignored files
2016-04-28 13:26:59 -03:00
7e661ab866
importing wolfcrypt-py repo
2016-04-28 13:20:10 -03:00
a54b0f9d0c
Merge pull request #397 from lchristina26/master
...
VxWorks updates: add pthreads define
2016-04-26 18:17:56 -07:00
b2af02a783
Merge pull request #383 from kojo1/MDK5
...
fixes for MDK5 compiler
2016-04-26 16:11:59 -06:00
8f8f4129fd
VxWorks updates: add pthreads define
2016-04-26 09:36:01 -06:00
ccee49978b
Fix scan-build warning
2016-04-25 11:00:56 -06:00
1c9bf483ec
Reorder check for thread modified in addSession. Make sure tick assigned
...
correctly in non dynamic case
2016-04-25 11:00:56 -06:00
5f12b4c2ae
Add check to see if thread modified session in AddSession
2016-04-25 11:00:56 -06:00
5f9c1ffca6
Initial support for deep copying of session
2016-04-25 11:00:42 -06:00
f27aca0956
Remove redundant dynTicket pointer. Reorder struct for packing/alignment
2016-04-25 11:00:31 -06:00
cc56e1da48
Merge pull request #393 from JacobBarthelmeh/RSA-min
...
use short for RSA min key size and check casts
2016-04-22 13:56:59 -07:00
5abeeff919
add STARTTLS support to example client
2016-04-22 13:46:54 -06:00
77a9343973
use short for RSA min key size and check casts
2016-04-22 12:56:51 -06:00
1e821dbd59
Merge pull request #394 from cconlon/sigalgo
...
Omit NULL parameter in AlgorithmIdentifier encoding for ECDSA OIDs
2016-04-22 11:37:17 -07:00
70aa4a99a0
Merge pull request #390 from JacobBarthelmeh/ECC-min
...
minimum ECC key size check at TLS/SSL level
2016-04-22 11:33:43 -07:00
0eb59d5c35
Fix rand num generation on MacOS, Improve organization with tic storage
2016-04-22 10:35:44 -06:00
c8b20d9090
Add support for dynamic session tickets, add openssl.test to testuiste
2016-04-22 10:35:44 -06:00
27814ca1df
omit NULL AlgorithmIdentifier parameter for ECDSA algoOID types in SetAlgoID
2016-04-21 14:32:28 -06:00
1dac3841ca
change type to short for comparision and up default min size
2016-04-20 15:44:45 -06:00
86cbabf035
Merge pull request #392 from wolfSSL/aesni-update
...
AES-NI Update
2016-04-20 14:27:52 -07:00
ee8ec1fb1d
Merge pull request #391 from JacobBarthelmeh/master
...
update oid value for secp160r1
2016-04-20 09:02:50 -07:00
659d6c0689
update oid value for secp160r1
2016-04-19 17:01:39 -06:00
3129bb22cd
minimum ECC key size check at TLS/SSL level
2016-04-19 15:50:25 -06:00
73c830a576
Merge pull request #388 from JacobBarthelmeh/master
...
fix NID name in openssl compatibility
2016-04-19 13:57:33 -07:00
117231c0e3
Merge pull request #387 from JacobBarthelmeh/RSA-min
...
add check for min RSA key size at TLS/SSL level
2016-04-19 13:57:26 -07:00
e0a9b365cc
fix NID name in openssl compatibility
2016-04-19 13:17:32 -06:00
789f346c5f
follow verifyNone variable when checking key size
2016-04-19 10:23:01 -06:00
0eb57ccab0
set return error before jumping to end of function
2016-04-18 14:27:34 -06:00
0dbdc8eab0
Merge pull request #372 from dgarske/mingwfixes
...
MinGW fixes
2016-04-18 12:50:13 -07:00
09e4e13958
update comment about MinGW
2016-04-18 12:14:47 -06:00
e15aca4189
static and shared library with MinGW
2016-04-15 16:04:15 -06:00
3ce01192ac
Merge pull request #384 from tisb-vikram/master
...
enable aesgcm and alpn support in TI-RTOS/WolfSSL configuration
2016-04-15 14:56:56 -06:00
72bfc2aa09
Merge pull request #382 from JacobBarthelmeh/master
...
build with asn disabled and opensslextra enabled
2016-04-15 10:12:52 -07:00
8cf57845ff
Merge pull request #386 from JacobBarthelmeh/RSA-fix
...
fix check on RSA key size
2016-04-14 17:53:26 -07:00
1e766b23cf
check return value of ping.test
2016-04-14 14:42:01 -06:00
c9891567e8
add check for min RSA key size at TLS/SSL level
2016-04-14 13:35:49 -06:00
4506839c6d
back out last commit. it was a pain to use.
2016-04-14 11:57:42 -07:00
526606e42f
added conditional assembly for the intel-format AES_NI decrypt procedures
2016-04-14 11:30:10 -07:00
5340ea0d79
fixed a missing operand swap in the AES-CBC decrypt by 6
2016-04-14 10:47:14 -07:00
f998851642
fix check on RSA key size
2016-04-14 09:33:25 -06:00
cab1ebf2d6
move MDK5 current_time to test.h
2016-04-14 18:47:16 +09:00
98dffc070a
current_time in test.h
2016-04-14 18:32:33 +09:00
35c5353698
fixed current_time argument
2016-04-14 16:26:51 +09:00
6f51c2a8f8
1. Fix bad opcode mnemonics in the intel-format source listing.
...
2. Update the aes.c file to call both format assembly routines the same
way.
2016-04-13 16:42:58 -07:00
c34944e389
added intel-format translations of new att-format AES-NI decrypt routines
2016-04-13 16:02:18 -07:00
9781fa3dc9
relabel jump points in new code with D (decrypt) mnemonics rather than E (encrypt)
2016-04-13 15:51:19 -07:00
d0717c7b76
Merge pull request #385 from cconlon/freertos-fix
...
Fix typo in FREERTOS_TCP settings.h
2016-04-13 13:28:04 -07:00
57fce85531
modify AES-CBC with AESNI test to check all key sizes for each message size checked
2016-04-13 12:18:59 -07:00
13f002f186
only compile in the AES-CBC decrypt-by-size variant selected by define, default by 8 blocks at a time
2016-04-13 12:00:53 -07:00
451fd878f9
touching whitespace in assembly routines being touched right now
2016-04-13 11:48:25 -07:00
d5df119c65
fix typo in FREERTOS_TCP settings.h
2016-04-12 15:03:34 -06:00
c7ad33e5d4
enable aesgcm and alpn support in TI-RTOS/WolfSSL configuration
...
These macros enable the AES GCM cipher suites and application layer
protocol negotiation in the TLS layer. Adding these macros would
allow connecting to websites with higher security requirements and
also support newer web technologies like HTTP/2 but the drawback is
that they add ~2K increase in memory footprint. Applications not
requiring these features can comment the macros and rebuild the
library to get smaller footprint.
Signed-off-by: Vikram Adiga <vikram.adiga@ti.com >
2016-04-12 12:25:32 -07:00
8524afc56a
1. Rename routine AES_CBC_decrypt_ex as AES_CBC_decrypt_by8
...
2. Added routine AES_CBC_decrypt_by6 that does six at a time.
3. Setting HAVE_AES_DECRYPT_BY6 or _BY8 (or not setting it) selects
the 6, 8, or 4 way version of the assembly routine.
4. Modified AES-NI decrypt test to loop checking against the test
bolus from 1 AES block to the whole 24 blocks.
2016-04-12 10:10:55 -07:00
cfd5af341b
fixed test.c compile error and server.c/client.c/ssl.c warnings with MDK5 compiler.
2016-04-12 11:05:30 +09:00
4d38813b0c
Merge pull request #381 from kaleb-himes/scan-build-psk
...
scan-build warnings related to enable-psk, disable-asn,rsa,ecc
2016-04-11 14:52:38 -06:00
1b7cd5cb06
consolidate handling of dead assignment warnings
2016-04-11 13:39:44 -06:00
23ab4247ea
build with asn disabled and opensslextra enabled
2016-04-11 11:56:30 -06:00
c6e9021732
scan-build warnings related to enable-psk, disable-asn,rsa,ecc
2016-04-11 11:13:26 -06:00
85505b99b9
Merge pull request #380 from cconlon/utasker
...
uTasker Port
2016-04-08 15:08:39 -07:00
7a0f8672e7
Merge pull request #375 from dgarske/stm32hashfixes
...
Fixes when using the STM32 with STM32F2_HASH defined.
2016-04-08 15:04:46 -06:00
698b1cc7dc
update benchmark to show AES-CBC decrypt speed
2016-04-08 13:33:41 -07:00
b75dc127f3
1. Attempting to perform 8 AES-CBC decrypt operations simultaneously.
...
2. Added code to test large AES-CBC decrypts.
2016-04-08 11:53:40 -07:00
c6e4fb8cf8
Merge pull request #378 from JacobBarthelmeh/Testing
...
autoconf checks on some builds that break, macro for no server, and u…
2016-04-08 11:01:46 -07:00
993972162e
MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used.
2016-04-08 11:48:14 -06:00
2aab090c8b
Fixes when using the STM32 with STM32F2_HASH defined.
2016-04-08 11:39:15 -06:00
46f4be357b
uTasker: add note about XTIME to settings.h
2016-04-08 11:20:58 -06:00
8d040ad41f
uTasker: add initial port, WOLFSSL_UTASKER
2016-04-08 11:12:17 -06:00
255d9ecfb3
Merge pull request #377 from JacobBarthelmeh/master
...
add wc_EccPublicKeyToDer function
2016-04-07 12:20:05 -07:00
5b4f17545b
autoconf checks on some builds that break, macro for no server, and user rsa
2016-04-06 15:36:50 -06:00
665fb3076c
add trailing zero enum and correct call for export key size
2016-04-06 15:15:56 -06:00
4f8fffbc37
add wc_EccPublicKeyToDer function
2016-04-06 15:15:56 -06:00
a0cd888fbf
Merge pull request #379 from JacobBarthelmeh/PSK
...
fix c89 build on windows
2016-04-06 14:02:55 -07:00
85a9c55048
fix c89 build on windows
2016-04-06 11:16:40 -06:00
9f86a91dbd
Merge pull request #374 from dgarske/asyncfixes
...
Fix build issues with new async changes
2016-04-01 16:04:08 -07:00
29194bd977
Merge pull request #371 from cconlon/sniffer-fix
...
Extra cleanup in sniffer.c with ForceZero
2016-04-01 13:39:29 -07:00
2d4aa1bbb5
Better fix for scan-build warning regarding possible use of NULL in AddRecordHeader. Scan-build considers paths where output is set to NULL, but ssl->spec.kea is corrupted/changed, which could result in output == NULL (even though it should never happen). So added proper NULL check in SendServerKeyExchange on AddHeader to make sure output isn't NULL.
2016-04-01 12:57:33 -07:00
19f0769ec4
Fix for scan-build warning where async changes make it appear like the output buffer could be NULL (even though its not). Added NULL check on the AddRecordHeader function.
2016-04-01 10:55:01 -07:00
dd28d53cfb
Fix build issues with new async changes. Fixed issue with unused args preSigSz and preSigIdx with PSK enabled and ECC + RSA disabled. Fixed issue with missing qsSz variable in DoClientKeyExchange. Fixed missing DhAgree and DhKeyGen with NO_CERTS and PSK enabled. Fixed a couple scan-build warnings with "Value stored to '' is never read".
2016-04-01 09:23:46 -07:00
2939c3ace1
add ssl_FreeZeroDecode() to sniffer.c
2016-03-31 13:25:39 -06:00
63b1282e67
Merge pull request #335 from dgarske/asynccrypt
...
Asynchronous crypto and wolf event support
2016-03-30 20:12:41 -07:00
4472152b18
Added new "wolfSSL_poll" which filters event queue by ssl object pointer. Changed wolfSSL_CTX_poll to support using WOLF_POLL_FLAG_PEEK flag to peek at events and return count. Removed "wolfssl_CTX_poll_peek". Switched the examples (test.h AsyncCryptPoll) to use just the WOLFSSL object and call new wolfSSL_poll. Added warning when using the "--enable-asynccrypt" option to make sure users know they need real async.c/.h files.
2016-03-30 15:15:38 -07:00
6e5b23e102
Merge pull request #370 from dgarske/stm_aes_gcm_ccm
...
Enhancement to the STM32F2_CRYPTO port to support AES GCM, AES CCM an…
2016-03-30 13:39:35 -07:00
ec9f10d74f
extra cleanup in sniffer.c with ForceZero
2016-03-30 10:52:27 -06:00
d30f410768
Merge pull request #368 from JacobBarthelmeh/master
...
Check for compile of misc.c and fix disable inline
2016-03-29 17:26:55 -07:00
49e117ebb5
Merge pull request #369 from JacobBarthelmeh/Testing
...
if using inline do not compile misc.c in iOS XCode builds
2016-03-29 14:41:20 -07:00
e60adfc9da
better naming of macro and alter misc.c check
2016-03-29 13:42:40 -06:00
2437e97d70
if using inline do not compile misc.c in iOS XCode builds
2016-03-28 17:33:38 -06:00
2733f0a7ca
Merge pull request #309 from coletiv/add-tvos-target
...
Add tvos target to the xcode project
2016-03-28 17:29:32 -06:00
7e90e2e540
misc.c compile warning accounts for FIPS
2016-03-28 17:22:39 -06:00
2665db73a4
check for compiling misc.c when not needed
2016-03-28 16:03:15 -06:00
79a212da8d
fix disable inline build
2016-03-28 14:24:12 -06:00
59a84b40c7
Merge pull request #364 from toddouska/ecc-test-free
...
Fixes to cleanup unnecessary ECC make key, check key and free in ECC vector item test.
2016-03-28 13:15:20 -07:00
137f477277
Merge pull request #363 from JacobBarthelmeh/master
...
sanity check on ssl pased to wolfSSL_set_fd
2016-03-28 11:47:22 -07:00
03765ecca7
Fixes to cleanup unnecessary ECC make key, check key and free in ECC vector item test.
2016-03-25 13:22:31 -07:00
67b4d2e2f4
case where memory is exhausted before ctx copied to ssl
2016-03-25 14:19:51 -06:00
696169634e
check return value of wolfSSL_set_fd
2016-03-25 13:59:04 -06:00
190d30f336
Merge pull request #362 from dgarske/bench_rng
...
Added benchmark for the RNG.
2016-03-25 12:12:20 -07:00
1649af37be
fix ecc curve test in normal math mode, free is needed
2016-03-25 11:33:35 -07:00
57ea1cdcd7
sanity check on ssl pased to wolfSSL_set_fd
2016-03-25 11:32:53 -06:00
5569dfe838
Fix with FIPS build and RNG_MAX_BLOCK_LEN define location.
2016-03-25 08:56:11 -07:00
f539a60a40
Adjusted the RNG benchmark to split into smaller requests of max allowed RNG size.
2016-03-25 06:59:35 -07:00
27e041246f
Added benchmark for the RNG.
2016-03-24 08:42:19 -07:00
855e42b66a
Merge pull request #359 from cconlon/ecc-comment
...
Fix wc_ecc_import_raw() comment
2016-03-24 08:21:42 -07:00
3796fc1322
Enhancement to the STM32F2_CRYPTO port to support AES GCM, AES CCM and AES-Direct (for encrypt only) using combination of software and AES HW acceleration.
2016-03-24 07:08:42 -07:00
3509ff0c73
Merge pull request #358 from JacobBarthelmeh/master
...
fix free of WOLFSSL_METHOD pointer on create ctx fail
2016-03-23 15:35:16 -07:00
20285bec01
fix wc_ecc_import_raw comment, public key instead of base point
2016-03-23 15:33:53 -06:00
8f8f7ac152
remove unecessary XFREE
2016-03-23 13:40:45 -06:00
2dfc7faa73
Merge pull request #355 from dgarske/EccTestCleanup
...
wolfCrypt ECC test improvements and code cleanup
2016-03-23 12:18:42 -07:00
18961e5620
Merge pull request #351 from dgarske/ChaChaRefactor
...
Refactor of the ChaCha hard coded variables
2016-03-23 12:17:23 -07:00
620e4fa5ca
fix free of WOLFSSL_METHOD pointer on create ctx fail
2016-03-23 09:27:27 -06:00
d8fb4b6ee7
Merge pull request #352 from dgarske/DRBGSmallStack
...
Fix to reduce stack usage in the hash-based random number generator h…
2016-03-21 12:20:48 -07:00
0fc5575b8b
Fixed typo with WOLFSSL_VALIDATE_ECC_IMPORT defined. Disable ECC-224 bit compressed key test since it isn't working. Cleanup in accel_fp_mul for KB_SIZE.
2016-03-18 15:41:03 -07:00
71683e23e9
Resolve 2nd unused "typeH" warning.
2016-03-18 06:27:42 -07:00
51a911c727
Merge pull request #354 from JacobBarthelmeh/master
...
prepare for release v3.9.0
2016-03-17 16:10:18 -07:00
0e43fca1f3
Resolve unused "typeH" warning.
2016-03-17 15:56:51 -07:00
369930238a
Cleanup of the ecc_test functions to break areas into separate functions providing WC_RNG and key size. Added ECC tests by key size for all enabled curves. Added actual key size on wc_ecc_make_key for the NIST test vectors. Added ECC testing of wc_ecc_verify_hash with digests having 0's and sequence (1,2,3,...) and made sure it runs verify twice.
2016-03-17 15:31:45 -07:00
e99a5b0483
prepare for release v3.9.0
2016-03-17 16:02:13 -06:00
e1787fe160
Added "--enable-asynccrypt" option for enabling asynchronous crypto. This includes a refactor of SendServerKeyExchange and DoClientKeyExchange to support WC_PENDING_E on key generation, signing and verification. Currently uses async simulator (WOLFSSL_ASYNC_CRYPT_TEST) if cavium not enabled. All of the examples have been updated to support WC_PENDING_E on accept and connect. A generic WOLF_EVENT infrastructure has been added to support other types of future events and is enabled using "HAVE_WOLF_EVENT". Refactor the ASN OID type (ex: hashType/sigType) to use a more unique name. The real "async.c" and "async.h" files are in a private repo.
2016-03-17 13:31:03 -07:00
10e74f7200
Merge pull request #353 from dgarske/EccUnsignedSizeCheckFix
...
Fixed bug where mp_unsigned_bin_size returning 0 could produce a UINT…
2016-03-17 10:50:01 -07:00
19967dd264
Fixed bug where mp_unsigned_bin_size returning 0 could produce a UINT_MAX (based on -1) resulting in invalid index to an array. Added test case for this if FP_ECC is defined.
2016-03-17 09:39:10 -07:00
bda69decc1
Fix to reduce stack usage in the hash-based random number generator health tests when WOLFSSL_SMALL_STACK is defined.
2016-03-16 17:04:07 -07:00
46a01c29d8
Merge pull request #350 from JacobBarthelmeh/master
...
check for invalid RSA OAEP with SHA512 test case
2016-03-16 16:25:13 -07:00
2dd5efd969
sanity check for RSA key size and hash digest size
2016-03-16 15:25:52 -06:00
4c3ddac23c
catch invalid test case of RSA-OAEP and fix cast
2016-03-16 14:51:25 -06:00
473ea567bd
Refactor of the ChaCha hard coded variables.
2016-03-16 13:36:44 -07:00
7722c4484a
Merge pull request #349 from dgarske/CobiPort
...
Port for Nordic nRF51 RNG, RTC and AES. Added RNG test for wc_RNG_Gen…
2016-03-16 13:36:27 -07:00
0683ecb727
Fixed FreeCRL issue with strdup memory. Added additional checks for WOLF_AES_CBC and WOLF_AES_COUNTER. Disabled memory tracker by default for wolfCrypt test and benchmark. Updated README to better document Linux Binutils LD bug workaround.
2016-03-16 09:41:19 -07:00
f0ea9d747f
Fix possible positive return value for random_rng_test. Removed reference to nrf51_aes_decrypt, which is not supported, and added compile error for it. Corrected ecc_test_raw_vector return code checking. Cleanup in InitMemoryTracker.
2016-03-15 18:33:24 -07:00
bf058ef1b9
Fixed Jenkins error reports for mem_track msg, incorrect #ifdef in aes_test and ecc_test_raw_vector response code checking. Fixed C89 compliance with wc_AesSetKey. Fixed nrf_drv_rng_init response checks in RNG code. Reverted comment change in AES. Fixed nRF51 AES CBC Encrypt support. Added response code checking for nrf51_aes_set_key.
2016-03-15 17:18:03 -07:00
a38183b816
Port for Nordic nRF51 RNG, RTC and AES. Added RNG test for wc_RNG_GenerateBlock 0's check even if HAVE_HASHDRBG is enabled. Added NIST test vectors for ECC P-256, P-384 and P-521. Added helpful debug message in ECC import if issue finding ecc_sets[] for curve. Moved memory tracker into separate file and added support for it to wolfcrypt test and benchmark. Added Ed255519/Curve25519 options for granular control of sign, verify, shared secret, import and export. Added AES options for max key size (AES_MAX_KEY_SIZE), no decrypt (NO_AES_DECRYPT) and no CBC (NO_AES_CBC).
2016-03-15 13:58:51 -07:00
47491e6c22
Merge pull request #332 from JacobBarthelmeh/Certs
...
Certs
2016-03-14 13:24:03 -07:00
db758dc98b
update test script, fall back to cert name search, fix der free
2016-03-12 09:37:32 -07:00
060e278559
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs
2016-03-11 23:48:39 -07:00
154f027c54
Merge pull request #347 from dgarske/ScanBuildFix214
...
Address scan-build issue on build #214 after DerBuffer refactor part 2
2016-03-11 16:53:41 -07:00
81b0ccdb1a
Address scan-build issue on build #214 after DerBuffer refactor part 2 ( ceafb25).
2016-03-11 09:39:13 -08:00
98f40fa132
Merge pull request #345 from moisesguimaraes/remove_unnecessary_condition
...
remove unnecessary condition
2016-03-11 09:27:22 -08:00
2e1c1ca7f8
remove unnecessary condition
2016-03-10 23:07:36 -03:00
0171aefc65
Merge pull request #344 from JacobBarthelmeh/master
...
K64F RNGA register
2016-03-10 16:05:19 -08:00
1bd7de46bb
Merge pull request #342 from dgarske/JenkinsFixes20160310
...
Fixes multiple Jenkins warnings/failures
2016-03-10 14:19:47 -08:00
3976a3e2f2
K64F RNGA register
2016-03-10 14:35:55 -07:00
80aa431689
Fixes multiple Jenkins warnings/failures. First is PickHashSigAlgo is required for client builds or if certs are enabled. Fixed scan-build warning with OCSP not recognized ForceZero as cleaning memory and using possible garbage value. Also cleaned up the OCSP functions to use struct buffer* instead of void* for clarity with a little forward declaration.
2016-03-10 09:38:11 -08:00
1435a6ce92
Merge pull request #341 from JacobBarthelmeh/master
...
SEP and CERTEXT, QSH debug
2016-03-10 09:36:25 -08:00
0a1871e77c
Merge pull request #337 from dgarske/WarnDoubleFree
...
Fixes scan-build warning with "--enable-opensslextra --disable-memory"
2016-03-09 16:28:18 -08:00
6e1c5b3801
disable CERT_EXT policies check when SEP is used instead
2016-03-09 17:22:38 -07:00
49b547db08
make QSH debug compile for C89
2016-03-09 17:15:28 -07:00
ceafb25f49
Merge pull request #338 from dgarske/DerBufferRefactor2
...
Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a re…
2016-03-09 12:36:22 -08:00
2f060dd860
Merge pull request #312 from dgarske/LeanTls
...
New LeanTLS configure option
2016-03-09 10:13:00 -08:00
f17dfa5b03
Moved the x509 XFREE to outside the FreeX509 function. Internally FreeX509 is only used in two places. One is for the ssl->peerCert, which is not dynamic anyways. The second is in the ExternalFreeX509 where it calls FreeX509 if its dynamic and will XFREE there.
2016-03-09 09:15:00 -08:00
c863300805
Fixed scan-build error with possibly using a NULL pointer.
2016-03-08 09:34:56 -08:00
0f93b86b61
Fixes for PK_CALLBACKS and sniffer after DerBuffer refactor #2 .
2016-03-08 08:56:14 -08:00
ce9f14f713
Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a result of additional functionality. Removed InitDer. Changed all DerBuffers to use pointer and pass pointer to DerBuffer* to AllocDer and FreeDer. Result is more efficient code and reduced WOLFSSL object size. AllocDer uses first part of the allocated buffer for the actual DerBuffer.
2016-03-08 08:56:14 -08:00
daa1cd634e
Fixes scan-build warning with "--enable-opensslextra --disable-memory". Problem was different #if defines on the InitX509 and FreeX509, which caused the static analyzer to think the "x509->dynamicMemory" was always true.
2016-03-08 08:38:02 -08:00
0ed26ad262
Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option.
2016-03-08 08:35:28 -08:00
2891939098
Remove NO_CERT and NO_CODING. Enable building of the client with leantls.
2016-03-08 08:35:28 -08:00
8e8ee45828
LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System).
2016-03-08 08:35:28 -08:00
375d85fe9a
Merge pull request #336 from dgarske/ASNCertPolicyExtFix
...
Fixed bug with ASN.1 X509V3 Certificate Policy extension parsing
2016-03-08 08:59:24 -07:00
b549c81337
Fix the WOLFSSL_SEP (--enable-sep) build scenario where extCertPoliciesNb is not available.
2016-03-07 14:49:24 -08:00
05fb648747
Remove white-space.
2016-03-07 14:33:22 -08:00
9b79d8643e
Added checks for total length and the cert policy OID len to make sure they don't exceed buffer.
2016-03-07 14:20:37 -08:00
dee3645c4e
Fixed bug with ASN.1 X509V3 Certificate Policy extension parsing. Bug had to do with parsing when OID contains multiple items such as example 2 below. The wolfssl.com server key now contains a URL in the certificate policy " https://secure.comodo.com/CPS0 ", which wasn't being parsed over correctly. Also cleanup to use loop instead of duplicate code.
...
Example 1:
30 12
30 06 06 04 55 1D 20 00
30 08 06 06 67 81 0C 01 02 01
Result:
2.5.29.32.0
2.23.140.1.2.1
Example 2:
30 46
30 3A 06 0B 2B 06 01 04 01 B2 31 01 02 02 07
30 2B 30 29 06 08 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 2E 63 6F 6D 6F 64 6F 2E 63 6F 6D 2F 43 50 53
30 08 06 06 67 81 0C 01 02 01
Result:
1.3.6.1.4.1.6449.1.2.2.7
2.23.140.1.2.1
2016-03-07 13:40:25 -08:00
98a72a3f9d
Merge pull request #334 from JacobBarthelmeh/master
...
update wolfssl-ntru vs project and fix warnings
2016-03-03 15:53:52 -08:00
8ca1c3935d
Merge pull request #322 from ejohnstown/dtls-handshake
...
DTLS Handshake Update
2016-03-03 14:33:31 -08:00
c98c457b9b
update wolfssl-ntru vs project and fix warnings
2016-03-03 14:35:39 -07:00
b9ecd9474c
Merge pull request #330 from kaleb-himes/CID-66007-coverity
...
avoid dereference of null pointer if args is null
2016-03-02 18:22:07 -08:00
112cf1f0c9
fix example client help print out
2016-03-02 16:51:57 -07:00
7a599c1309
Account for not used case
2016-03-02 16:31:58 -07:00
a0f1e1e3ea
Merge pull request #331 from kaleb-himes/CID-66006-coverity
...
Move assignment to after the null check
2016-03-02 15:23:58 -08:00
aab44eb26b
adjest example server PSK plus flag
2016-03-02 15:43:17 -07:00
267dc48d95
fixs after testing : hash table, using NO_SKID, sanity check, and freeing dCert
2016-03-02 15:23:50 -07:00
d969e2ba11
automated test for trusted peer certs
2016-03-02 11:42:00 -07:00
85215cc174
clean up braces left over from local declaration of ready
2016-03-02 11:39:34 -07:00
05d2cec7c1
addition to api tests and refactor location of trusted peer cert check
2016-03-02 11:35:03 -07:00
01cd43c319
Seperate declaration and assignment per c99 standards
2016-03-02 11:31:08 -07:00
7df22ee210
Trusted peer certificate use
2016-03-02 11:22:34 -07:00
1f4ddb20df
Move assignment to after the null check
2016-03-01 17:00:27 -07:00
d15dac04b8
remove unnecessary NULL assignment
2016-03-01 16:33:47 -07:00
d473452769
avoid dereference of null pointer if args is null
2016-03-01 16:21:03 -07:00
7c63ac4f6a
Merge pull request #329 from dgarske/BuildErrDerBuf
...
Fixes build error with new DerBuffer with ASN, ECC and RSA disabled.
2016-02-26 08:44:30 -08:00
79ef8e232b
Fixes build error with new DerBuffer with ASN, ECC and RSA disabled.
2016-02-26 15:39:30 +01:00
0c45a7a028
Merge pull request #317 from dgarske/DerBufferRefactor
...
Refactor of the DER buffer handling
2016-02-25 09:35:50 -08:00
a46fd6612b
Changed CopyDecodedToX509 AllocDer error code handing to return MEMORY_E, since that is an explicitly handled case. Also resolves the issue with "warning: Value stored to 'ret' is never read".
2016-02-25 14:35:54 +01:00
f549f71912
Merge pull request #325 from kaleb-himes/CID-66016-coverity
...
Always execute wc_InitRsaKey if we are always going to execute wc_Fre…
2016-02-25 08:45:06 +01:00
f0b1d2fd9d
Merge pull request #324 from JacobBarthelmeh/master
...
argument peer can be NULL when macro INADDR_ANY is NULL
2016-02-25 08:40:37 +01:00
aa7eae3294
Merge pull request #320 from moisesguimaraes/fix-ocsp-dependency-check
...
fixes ocsp dependency check on asn during configure.
2016-02-24 16:21:51 -08:00
16dac5597f
prevent buffer overflows if sigSz > MAX_ENCODED_SIG_SZ
2016-02-24 16:08:54 -07:00
fb9697bda6
adds check for missing rsa and ecc at the same time
2016-02-24 18:57:16 -03:00
4858a65984
Always execute wc_InitRsaKey if we are always going to execute wc_FreeRsaKey
2016-02-24 14:42:07 -07:00
6ee3c0ae59
argument peer can be NULL when macro INADDR_ANY is NULL
2016-02-24 13:55:44 -07:00
1824a494d1
adds missing ENABLED_OCSP test
2016-02-24 16:45:07 -03:00
35b48250ad
Merge pull request #321 from dgarske/FixCryptBenchEdCurve25519
...
Fixes issue with building crypt benchmark with only ED/Curve25519 ena…
2016-02-24 11:19:30 -08:00
12bb050ec9
Merge pull request #323 from JacobBarthelmeh/master
...
check for RSA and ECC before testing RSA signed ECC cert
2016-02-24 09:34:37 -08:00
1227db4e44
Fixed issue with not properly returning memory error in CopyDecodedToX509 after DER refactor.
2016-02-24 07:04:03 +01:00
dcfec3d2fa
check for RSA and ECC before testing RSA signed ECC cert
2016-02-23 17:03:52 -07:00
143b9fda1b
adds build dependency check for OCSP
2016-02-23 15:19:04 -03:00
a92d2d582f
Revert "fixes ocsp dependency check on asn during configure."
...
This reverts commit 46ade8f03f
2016-02-23 14:13:52 -03:00
69e00a3f97
allow dtls timeout to be 0 in the recvfrom callback, set to 0 if the handshake is done
2016-02-22 21:13:05 -08:00
f621f81fa2
1. Some DTLS code was missing an ifdef.
...
2. If receiving a handshake message that's already been processed,
retransmit the previous message flight.
2016-02-22 14:08:35 -08:00
8dbef9b14b
Merge pull request #318 from dgarske/BuildErrorNoFileSysWCerts
...
Fixes build error with NO_FILESYSTEM and !NO_CERTS
2016-02-22 12:12:24 -08:00
731e13ecf2
Fixes issue with building crypt benchmark with only ED/Curve25519 enabled with static rng missing.
2016-02-22 16:46:13 +01:00
f6fafe6738
for DTLS, retain the handshake resources until peer sends application data record
2016-02-21 21:52:38 -08:00
46ade8f03f
fixes ocsp dependency check on asn during configure.
2016-02-21 20:54:45 -03:00
953a3bd01d
Fixes build error with NO_FILESYSTEM and !NO_CERTS where the wolfssl/test.h load_buffer() function is passing non-existent enum value. Was renamed from CYASSL_ to WOLFSSL_.
2016-02-19 13:52:06 -08:00
3fe5ee1a7c
Refactor of the DER buffer handling. Added new DerBuffer struct that includes the type and heap ptr. Added new InitDer, AllocDer and FreeDer functions. Cleanup of some missing "heap" args on XMALLOC/XFREE. In FreeDer uses ForceZero if type is private key.
2016-02-18 22:42:15 -08:00
b72c83e191
Merge pull request #315 from kaleb-himes/fix-no-sha
...
update for configure option --disable-sha
2016-02-16 13:08:59 -08:00
c1ef4d4521
Merge pull request #313 from kaleb-himes/master
...
wolfssl.com and google.com now differ in pre-reqs for external test
2016-02-16 11:05:55 -08:00
24d93c90cd
update for configure option --disable-sha
2016-02-16 12:03:37 -07:00
46b34c19d0
wolfssl.com and google.com now differ in pre-reqs for external test
2016-02-15 13:30:11 -07:00
3d8f91d418
Merge pull request #302 from dgarske/EccOnlyNoSignVerify
...
New ECC and ASN build options for reduce build size options
2016-02-15 12:13:43 -08:00
d7d2a6f565
Merge pull request #307 from JacobBarthelmeh/PSK
...
New fail with no peer cert behavior and allow RSA signed ECC key certs
2016-02-12 15:27:18 -08:00
7de352a0e9
Merge pull request #311 from dgarske/FixSkipObjectIdWarn
...
Fixes warning with SkipObjectId defined but not used.
2016-02-12 15:04:04 -07:00
951fe0a927
Merge pull request #310 from dgarske/CustRngGenBlock
...
Added new CUSTOM_RAND_GENERATE_BLOCK option that allows override and …
2016-02-12 13:51:06 -08:00
a969dd8efd
Fixed "error: unused function 'StoreRsaKey'" with NO_ASN_TIME and RSA enabled.
2016-02-12 13:19:58 -08:00
aeaac15682
Fixed compile errors in signature.c if ECC on but ECC sign/verify disabled. Added new NO_ASN_TIME option to reduce ASN size for space constrained or missing RTC. Added check to make sure ASN is enabled if ECC sign/verify is enabled.
2016-02-12 13:16:39 -08:00
8073024ee7
fix formatting of .conf file so ephemeral port is used
2016-02-12 13:41:30 -07:00
f328c6bdf7
Fixes warning with SkipObjectId defined but not used.
2016-02-12 12:34:22 -08:00
08c663a4ac
Added new CUSTOM_RAND_GENERATE_BLOCK option that allows override and disabling of the HASHDRBG for customers who have a HW RNG they would like to use instead.
...
Examples:
"./configure --disable-hashdrbg CFLAGS="-DCUSTOM_RAND_GENERATE_BLOCK= custom_rand_generate_block".
OR
/* RNG */
//#define HAVE_HASHDRBG
extern int custom_rand_generate_block(unsigned char* output, unsigned int sz);
2016-02-12 11:59:51 -08:00
4872f2bc33
Added the following ECC optional config defines: HAVE_ECC_SIGN, HAVE_ECC_VERIFY, HAVE_ECC_DHE, HAVE_ECC_KEY_IMPORT and HAVE_ECC_KEY_EXPORT. Still working through issues with using ECC sign/verify with ASN disabled. Added documentation to top of ecc.c for all the ECC define options.
2016-02-12 11:07:50 -08:00
8f5cd98857
Added tvos target to the xcode project
2016-02-12 10:23:23 +01:00
3e860107f3
remove extra cert and key, plus add new test
2016-02-11 13:49:07 -07:00
1197f88c4f
add psk.test script for testing
2016-02-11 09:15:04 -07:00
09f631238e
Merge pull request #306 from kaleb-himes/master
...
correct logic to allow for static RSA if ECC and no Curves
2016-02-10 16:47:17 -08:00
49a5ea18e8
Merge pull request #303 from ejohnstown/sniffer-check
...
When loading a named key, check that the save buffer mallocs.
2016-02-10 13:19:59 -08:00
b0a51a22a1
Merge pull request #304 from cconlon/testh-fix
...
Check build_addr() arguments for NULL
2016-02-10 13:19:28 -08:00
a83ff6aada
Updated the configure.ac comments about big int being used for ECC and DH. Moved the checks for ecc/asn and psk/asn until after cryptonly value is set and fixed so those checks work for normal build and are excluded for crypt only builds.
2016-02-10 13:03:53 -08:00
9defe9b42b
fix warning of unused variable and adjust debug statements
2016-02-10 13:57:10 -07:00
ffe7b38409
correct logic to allow for static RSA if ECC and no Curves
...
use same coding standards as the rest of the libraries
2016-02-10 13:39:59 -07:00
69fc400d28
add new certs to EXTRA_DIST
2016-02-10 13:26:03 -07:00
2f74706367
allow use of RSA signed ECC key certs
2016-02-10 13:26:03 -07:00
ff7a9d9f78
option for fail on no peer cert except PSK suites
2016-02-10 13:26:03 -07:00
3293857834
check build_addr() arguments for NULL before memset
2016-02-10 10:35:48 -07:00
8d0d5a3f90
Fixes so ECC only build works. Fixes so ECC enabled with ASN disabled works and will prevent ECC sign/verify.
2016-02-10 08:53:09 -08:00
9a5938432b
Merge pull request #301 from kaleb-himes/master
...
if connecting to google.com and using ECC need supported curves
2016-02-10 08:42:28 -08:00
bf4d6454b1
if connection to google.com and using ECC need supported curves
2016-02-09 17:06:06 -07:00
ccffee1617
When loading a named key, check that the save buffer mallocs. It calls a library function that checks the pointer, but an application of the library shouldn't depend on side effects. This fixes #300 .
2016-02-09 15:17:05 -08:00
62a2efdacc
Merge pull request #298 from kaleb-himes/master
...
Avoid unnecessary assignments in client example
2016-02-09 09:54:55 -08:00
f30ef33d8b
Merge pull request #295 from JacobBarthelmeh/master
...
ECDHE-PSK and added cipher suites
2016-02-09 09:40:13 -08:00
66aa1da829
Merge pull request #299 from dgarske/MinGWFixes
...
Fixes for warnings found using MinGW
2016-02-09 09:32:18 -08:00
2e88785358
Merge pull request #282 from dgarske/WinUserSettings
...
Refactor of Visual Studio projects to centralize preprocessors into IDE/WIN/user_settings.h
2016-02-09 09:27:32 -08:00
014740eda0
Merge pull request #289 from dgarske/SigHashFixes
...
Fixes/improvements to the signature and hash wrappers:
2016-02-09 09:23:18 -08:00
2af9fb91b3
Use += approach to detect "done" in example client for external tests. Cleaner and code is smaller to accomplish same thing.
2016-02-08 19:54:22 -08:00
4ea76b8ac8
Fixes for warnings found using MinGW. Fixes for WOLFSSL_SOCKET_IS_INVALID and WOLFSSL_SOCKET_INVALID to use the SOCKET_T.
2016-02-08 15:44:22 -08:00
53162d5fc4
addjust size according to offset length and add PMS size comment
2016-02-08 15:22:49 -07:00
f6bebc1cf4
Merge pull request #297 from dgarske/RemoveExeBitOnCFiles
...
Removed the execute bit on all .c files
2016-02-08 14:22:05 -07:00
2e0d05f727
Fixes issues with new IDE/WIN/user_settings.h and FIPS. Fixed issue with using CYASSL_USER_SETTINGS in ctaocrypt/settings.h with FIPS by moving settings_comp.h to after user_settings.h. Fixed issue with non-existent ctaocrypt/signature.c file being included. Added the user_settings.h file to the FIPS project.
2016-02-08 12:22:20 -08:00
09615c01cc
Updated the naming for the new encoding DER signature enum and function.
2016-02-08 12:04:38 -08:00
97edaf88d4
Added the new IDE/WIN/user_settings.h to the include.am file. Changed the WOLFSSL library to use macro WOLFSSL_LIB for clarity.
2016-02-08 11:28:46 -08:00
cb3a9cc348
Removed the execute bit on all .c, .h, and .cs files.
2016-02-08 09:45:31 -08:00
a607c5dcc4
Merge pull request #296 from cconlon/freescale-fix
...
Freescale: USER_TIME fixes, enable ECC and AES-GCM by default
2016-02-08 09:36:53 -08:00
c920e6dd30
Avoid unnecessary assignments in client example
2016-02-07 08:27:01 -07:00
d5f410523a
Fixed possible memory leak on signature wrapper ASN encode and corrected the maximum header size. Added new MAX_ENCODED_HEADER_SZ which is the maximum encoded ASN header size and update asn.c to use it. Added comment about key size sanity check. Renamed wc_SignatureRsaEncode to wc_SignatureAsnEncode.
2016-02-05 16:01:42 -08:00
e031d2fa06
Removed the execute bit on all .c files. These were inadvertently set in PR #293 due to editing files through Windows VMWare shared folder.
2016-02-05 14:25:43 -08:00
fa4da43655
Freescale: remove USER_TIME after recent time fixes, enable ECC and AES-GCM by default
2016-02-05 14:09:43 -07:00
a4f1138e5b
Merge pull request #293 from dgarske/WinWarnFixes
...
Fixes several warnings that were seeing building with Visual Studio 2…
2016-02-05 13:20:22 -07:00
244bea18b9
Merge pull request #292 from dgarske/WolfRootFindFix
...
Fixed bug with "ChangeToWolfRoot" that was incorrectly seeking previo…
2016-02-05 11:28:39 -08:00
25959bfb62
Merge pull request #279 from dgarske/CustRandGenSeed_OSArg
...
Added new CUSTOM_RAND_GENERATE_SEED_OS macro
2016-02-05 11:18:18 -07:00
3dc2e01180
warning from windows build with ECDHE-PSK and fix potential memory leak
2016-02-05 09:54:39 -07:00
be99fcff43
Fixed typo in wc_SignatureGetSize causing error.
2016-02-05 07:32:47 -08:00
ee4b8b2f10
Merge pull request #291 from kaleb-himes/master
...
Fixes for disabling the crypt test and benchmark. Added new "./configure --disable-crypttests" option. Added new NO_CRYPT_BENCHMARK define.
2016-02-04 17:06:59 -08:00
ae19b7a272
Merge pull request #290 from dgarske/PemPubKey_CertExt_Fixes
...
Public key PEM to DER fixes
2016-02-04 15:19:15 -08:00
60668be1c0
Merge pull request #285 from ejohnstown/dtls-hello
...
DTLS server should be able to receive multiple client hellos without …
2016-02-04 14:27:03 -07:00
faf590eb22
Fix for "warning: Value stored to 'ret' is never read". Now explicitly set SIG_TYPE_E in each case. Fixed wc_SignatureGetSize so it will return SIG_TYPE_E for unsupported type scenario.
2016-02-04 12:49:39 -08:00
bc059e12c2
Cleanup to remove trailing whitespace and convert tabs to spaces.
2016-02-04 12:31:08 -08:00
be4c400d16
Fixes for disabling the crypt test and benchmark. Added new "./configure --disable-crypttests" option. Also made sure use of both NO_CRYPT_BENCHMARK and NO_CRYPT_TEST in "./configure CFLAGS=-D" scenario work correctly.
2016-02-04 12:06:24 -08:00
2257c1dcef
Fixes several warnings that were seeing building with Visual Studio 2015. Also noticed issue with "struct Options" in internal.h for the bit flags that was causing split due to type difference (byte vs. word16).
2016-02-04 11:30:48 -08:00
e63989dcfd
Fixed bug with "ChangeToWolfRoot" that was incorrectly seeking previous directories where depth 2 was using ..\..\ and skipping one. This bug applied to both Win and Lin*. For example running ./server from inside examples/server would not find the wolf root.
2016-02-04 11:26:33 -08:00
2db6246abc
Fixed typo with testsuite preprocessor. Added missing chacha.c, chacha20_poly1305.c, pkcs7.c and poly1305.c. Also added the IDE/WIN/user_settings.h to the project so its easy to find.
2016-02-04 11:19:51 -08:00
bf1af39027
benchmark needs a main if NO_CRYPT_BENCHMARK defined
2016-02-04 12:07:39 -07:00
7936c7a72e
Merge pull request #286 from dgarske/DisableBench
...
Added optional define "NO_CRYPT_BENCHMARK" to allow disabling benchmark
2016-02-04 10:59:55 -08:00
d39c6a6e13
Merge pull request #287 from JacobBarthelmeh/fast-rsa
...
Force Zero of data when done
2016-02-04 10:59:21 -08:00
42219a327a
refactor ForceZero of memory to gain performance
2016-02-04 10:31:05 -07:00
3ce64da44c
ChaCha20-Poly1305 PSK cipher suites
2016-02-04 09:50:29 -07:00
5a9175a758
add cipher suite ECDHE-PSK-AES128-SHA256 and adjustments to ECDHE-PSK
2016-02-04 09:39:34 -07:00
f3399b6578
Fixes/improvements to the signature and hash wrappers:
...
Fixed output buffer to wc_RsaSSL_Verify so its min size is the key size (needed for inline operations).
Fixed the signature wrapper return codes when using RSA so 0 indicates success.
Fixed signature wrappers use of wc_HashGetDigestSize to return the error code result.
Changed enum wc_HashType and enum wc_SignatureType so all values always exist.
Added new "wc_HashGetOID" which returns the OID for an enum wc_HashType.
Added new "WC_SIGNATURE_TYPE_RSA_W_ENC", that adds the encoded ASN header to the digest using wc_EncodeSignature for RSA signatures.
Added new SIG_TYPE_E and HASH_TYPE_E error types for explicit reporting of sig/hash type not available.
2016-02-03 15:07:56 -08:00
a6b7c00c9c
Fix so WOLFSSL_CERT_EXT can be defined without WOLFSSL_CERT_GEN. Added new WOLFSSL_PUB_PEM_TO_DER to allow the public key PEM to DER functions to be available without CERT_GEN or CERT_EXT. Fix to add NO_FILESYSTEM check around wolfSSL_PemPubKeyToDer in ssl.h. Cleanup in coding.h for the #if check.
2016-02-03 14:58:46 -08:00
d04a7e802a
add ECDHE-PSK and cipher suite ECDHE-PSK-NULL-SHA256
2016-02-03 13:44:13 -07:00
d26ca17efd
Merge pull request #288 from moisesguimaraes/add_python_pbkdf2_tests
...
adds pbkdf_pcscs12 tests
2016-02-03 11:09:28 -08:00
1ad497177a
adds pbkdf_pcscs12 tests
2016-02-02 15:43:48 -03:00
dc316d13bf
Merge pull request #250 from ikudriavtsev/master
...
Wrapping PBKDF PKCS#12 algorithm.
2016-02-02 15:40:50 -03:00
8edf38632b
Merge pull request #284 from JacobBarthelmeh/DH
...
fixed point DH operations
2016-02-02 08:31:30 -08:00
cad6a08f10
comment for clarifying table of DH sizes
2016-02-01 17:11:01 -07:00
f84c0742ad
fix clang warning about potentially unset value
2016-02-01 15:23:24 -07:00
93c54c07ea
cipher suite ECDHE-ECDSA-NULL-SHA
2016-02-01 14:43:17 -07:00
dda0de4baa
Added optional define "NO_CRYPT_BENCHMARK" to allow disabling benchmark code.
2016-02-01 13:04:30 -08:00
7fe73c7cbd
DTLS server should be able to receive multiple client hellos without advancing state
2016-02-01 11:06:24 -08:00
d0f8132cdc
forcing sensitive memory to be all zeros when done with it
2016-02-01 10:45:09 -07:00
b6017c59ba
Merge pull request #275 from dgarske/WolfErrorTypo
...
Fixed spelling errors
2016-02-01 09:00:10 -08:00
6fd5579130
Merge pull request #281 from toddouska/math-rsa-fix
...
fix normal math off by one loop error in fast_s_mp_mul_high_digs
2016-01-29 16:59:36 -08:00
f8876854f4
Spelling fixes in comments and error strings (ALGO_ID_E, ASN_TIME_E and WOLFSSL_ERROR function).
2016-01-29 16:13:09 -08:00
41f7cb0482
Forgot to change the testsuite and sslSniffer projects. Now these also use the IDE/WIN/user_settings.h.
2016-01-29 15:07:03 -08:00
ebd14a657d
Added signature.c to Visual Studio project files. Added new "IDE/WIN/user_settings.h" which contains all the defines for the various Windows Visual Studio projects. Moved the settings into this new file and added the WOLFSSL_USER_SETTINGS and CYASSL_USER_SETTINGS macros and include path to IDE/WIN to all project files. This allows the settings (defines) to be adjusted in a single place for Win VS.
2016-01-29 14:29:31 -08:00
3f87d28190
Merge pull request #280 from JacobBarthelmeh/master
...
Update ChaCha20-Poly1305 cipher suites
2016-01-29 14:12:53 -08:00
fa25e5d09d
fix normal math off by one loop error in fast_s_mp_mul_high_digs
2016-01-29 13:54:41 -08:00
9a5ad356a6
fixed point DH operations
2016-01-29 10:31:49 -07:00
611e37b3e8
naming for AEAD macros and TLSX with chacha-poly
2016-01-29 09:38:13 -07:00
6856e5bbe6
Merge pull request #261 from dgarske/AsnIoCleanup
...
asm.c time cleanup and io.c include cleanup
2016-01-28 13:25:21 -08:00
2bc0ae05b5
Added new CUSTOM_RAND_GENERATE_SEED_OS macro to allow custom random generation, which includes the OS_Seed. Opted to create new macro instead of modifying existing CUSTOM_RAND_GENERATE_SEED.
2016-01-28 09:31:36 -08:00
fa64abd83e
Fix for deleted USER_TIME gmtime forward declaration. Fix to make sure XGMTIME maps to gmtime just as previous code did.
2016-01-27 13:20:06 -08:00
7d71d756f3
update ChaCha20-Poly1305 to most recent RFCs
2016-01-27 14:03:05 -07:00
fadd97de3a
Moved the forward declarations until after the struct tm and time_t have been defined.
2016-01-27 11:17:54 -08:00
3b6f2b0330
Merge pull request #274 from JacobBarthelmeh/master
...
Updated comments for adding new error id strings and added missing UNKNOWN_MAX_FRAG_LEN_E.
2016-01-27 09:28:56 -08:00
18f1faa13d
check error strings and update comment
2016-01-27 09:50:20 -07:00
71fcc1e478
comment for adding new wolfCrypt error id strings
2016-01-26 17:12:31 -07:00
5c4a3462ee
Cleanup of the time macros in asn.c to allow expanded use of wolf "struct tm", "time_t" and "gmtime". Cleanup of the io.c socket includes for clarity. Cleanup trailing spaces in io.c and asn.c.
2016-01-26 13:47:01 -08:00
02397623be
Merge pull request #273 from toddouska/bump-version
...
bump dev version
2016-01-26 13:18:11 -08:00
ee512cac4a
bump dev version
2016-01-25 13:12:45 -08:00
18c25b5d04
Merge pull request #272 from cconlon/ksdk-fixes
...
Update support for Freescale KSDK 1.3.0, fix Freescale+FreeRTOS build
2016-01-25 12:24:01 -08:00
0801eeac8d
update support for Freescale KSDK 1.3.0
2016-01-25 10:41:26 -07:00
993ae48502
Merge pull request #271 from JacobBarthelmeh/mysql
...
function needed for MYSQL compatibility
2016-01-25 09:39:18 -07:00
5df55e053d
function needed for MYSQL compatibility
2016-01-22 16:33:54 -07:00
e1abf5f623
Merge pull request #270 from JacobBarthelmeh/OAEP
...
Use type enum wc_HashType rather than int for OAEP functions.
2016-01-21 08:50:00 -08:00
63d1f81fb1
cast XMALLOC to byte pointer
2016-01-21 09:05:19 -07:00
197f25f135
use type enum wc_HashType rather than int
2016-01-20 15:31:08 -07:00
3098e09f42
Merge pull request #269 from cconlon/coverity-fix
...
fix recursive include in wc_port.h
2016-01-20 09:01:09 -07:00
122a67139d
fix recursive include in wc_port.h
2016-01-19 14:23:47 -07:00
f84722bbac
Merge pull request #267 from moisesguimaraes/fix_ocspstapling_dtls_typo
...
Fix ocspstapling dtls typo
2016-01-19 10:34:15 -07:00
04a1bf0086
Merge pull request #265 from toddouska/cov-tfm
...
fix coverity report for fp_mont reduce where m is half max size, not …
2016-01-19 10:30:09 -07:00
a7bac3ae9b
Merge pull request #266 from JacobBarthelmeh/master
...
check not CHACHA_BYTE before considering normal suite
2016-01-18 17:55:02 -08:00
a6a2214306
removes 'end of line' spaces;
2016-01-18 20:51:27 -03:00
08c67e5cdc
fixes typo;
2016-01-18 20:51:27 -03:00
33a71fb456
Merge pull request #264 from JacobBarthelmeh/OAEP
...
help out clang static analyzer
2016-01-18 15:31:18 -08:00
3a65f55bd3
check not CHACHA_BYTE before considering normal suite
2016-01-18 15:33:32 -07:00
04b8df09e3
Merge pull request #260 from kaleb-himes/master
...
system read returns ssize_t, cast to int
2016-01-18 13:55:35 -08:00
8e97145682
fix coverity report for fp_mont reduce where m is half max size, not currently called that big but let's allow
2016-01-18 13:53:01 -08:00
93e454f09a
Merge pull request #259 from dgarske/UnusedParamError
...
Fixes unused argument build error seen on CrossWorks (Issue #255 ).
2016-01-18 09:40:30 -08:00
268515018d
help out clang static analyzer
2016-01-18 10:22:12 -07:00
1ab9f19541
Merge pull request #256 from JacobBarthelmeh/fast-rsa
...
fix for size of buffer when reading fast-rsa BN data
2016-01-15 15:47:57 -08:00
71741847d3
system read return size_t, cast to int
...
remove whitespace
2016-01-15 16:03:45 -07:00
014b849af4
Merge pull request #258 from toddouska/no-sha384
...
resolve issue #257 , no sha384 with wolfssl cert chain and external test
2016-01-15 13:29:06 -08:00
81d26b83c3
Merge pull request #246 from JacobBarthelmeh/OAEP
...
RSA OAEP padding
2016-01-15 11:34:37 -08:00
476355b5bf
fix potential memory leak on fail
2016-01-14 23:58:30 -07:00
07c79f9dc3
Fixes unused argument build error seen on CrossWorks (Issue #255 ).
2016-01-14 21:09:01 -08:00
1d473ab7b5
resolve issue #255 , no sha284 with wolfssl cert chain and external test
2016-01-14 20:25:50 -08:00
d20b8880f0
Merge pull request #254 from lchristina26/master
...
Fix formatting to VxWorks README
2016-01-14 16:49:13 -08:00
dec13db1e7
Merge pull request #252 from moisesguimaraes/fix_srp_build
...
fixes srp build without sha512
2016-01-14 15:48:39 -08:00
3347bea0d5
fix for size of buffer when reading fast-rsa BN data
2016-01-14 15:00:59 -07:00
008612ec70
OAEP w/ smallstack and fixs
2016-01-14 14:26:17 -07:00
df0d2e8c3a
Merge pull request #248 from JacobBarthelmeh/CSharp
...
C# wrapper fixes account for null terminator. Added additional read/write overrides for byte[] data.
2016-01-14 08:46:18 -08:00
c41b5ac3d2
Fix formatting to VxWorks README
2016-01-13 10:42:30 -07:00
10df002ec5
fixes srp build without sha512
2016-01-12 15:42:58 -03:00
037f4c60ab
Merge pull request #251 from ejohnstown/dtls-handshake
...
fix a sequence number issue with DTLS epoch 0 messages earlier in the…
2016-01-11 11:29:25 -08:00
03fd89bc45
Wrapping PBKDF PKCS#12 algorithm.
2016-01-10 10:50:02 +01:00
db1f321ae3
Merge pull request #249 from lchristina26/master
...
Updates for VxWorks entropy and README, Arduino functionality
2016-01-08 16:08:13 -08:00
5e0fa1de90
utf8 switched to default and added comments
2016-01-08 16:50:49 -07:00
86ddeeb110
Add steps for including wolfSSL as an Arduino library
2016-01-08 12:07:35 -07:00
ae92a41512
Update fork to upstream: Merge https://github.com/wolfSSL/wolfssl
2016-01-08 11:59:35 -07:00
f7baf9e392
settings for Arduino functionality
2016-01-08 11:54:46 -07:00
efae688120
add entropy steps for VxWorks
2016-01-08 11:43:05 -07:00
ee1a767332
account for null terminator
2016-01-07 17:39:00 -07:00
5360e22ba5
fix a sequence number issue with DTLS epoch 0 messages earlier in the handshake
2016-01-07 13:18:01 -08:00
431951a692
Merge pull request #247 from kaleb-himes/null-pointer-excptn
...
safeguards to avoid de-referencing a null pointer
2016-01-06 10:25:14 -08:00
38392ce56a
safeguards to avoid de-referencing a null pointer
2016-01-06 10:12:52 -07:00
251550ea62
Merge pull request #242 from kaleb-himes/scan-build-fixes
...
avoid unused variable warnings
2016-01-05 15:31:52 -08:00
a6ca2c3bdd
Avoid un-necessary cast
2016-01-05 14:32:45 -07:00
29e6f283cf
Implement peer suggestion
2016-01-05 14:19:46 -07:00
ef95000236
Merge pull request #243 from kaleb-himes/scan-build-fixes2
...
Avoid unused variable warnings with dead store in AES_GCM_decrypt
2016-01-05 12:30:32 -08:00
db55f0f8dd
Merge pull request #235 from moisesguimaraes/fix_localhost_ocsp_stapling_tests
...
Fixes --enable-ocspstapling and --enable-ocspstapling2 Jenkins failures
2016-01-05 12:07:43 -08:00
1a16001dac
Merge pull request #245 from kaleb-himes/scan-build-fixes4
...
check err after set
2016-01-05 10:52:53 -08:00
1fd496a5a7
Merge pull request #244 from kaleb-himes/scan-build-fixes3
...
Remove unnecessary assignment prior to return
2016-01-05 15:27:26 -03:00
d815affe83
RSA OAEP padding
2016-01-05 10:56:15 -07:00
e4c4c5a73a
white space change removed
2016-01-05 07:37:31 -07:00
699597bb21
execute undef before checking and return
2016-01-05 07:35:28 -07:00
3725133592
Merge pull request #240 from kaleb-himes/myStack-init-check
...
compiler warning about myStack use in unique environment
2016-01-04 16:45:12 -08:00
fcfef59c43
check err after set
2016-01-04 17:04:10 -07:00
21c972f805
Remove unnecessary assignment prior to return
2016-01-04 16:08:04 -07:00
023052eaf1
Avoid unused variable warnings with dead store in AES_GCM_decrypt
2016-01-04 15:40:10 -07:00
dd469bb67d
avoid unused variable warnings
2016-01-04 15:03:39 -07:00
0718f4b9a3
formatting fixes for VxWorks README
2016-01-04 14:44:08 -07:00
9351f0d2e7
updates to VxWorks README
2016-01-04 14:41:31 -07:00
4834e2d5cf
updates for VxWorks simulator entropy
2016-01-04 14:33:30 -07:00
15918ebd99
initialize myStack to NULL for the later check against NULL
2016-01-04 13:18:43 -07:00
858da86c05
restore original certs, without OCSP Authority Information Access;
2016-01-04 17:15:29 -03:00
e6398998b1
check for NULL after malloc in posix_memalign
2016-01-04 12:55:35 -07:00
723a7fcf90
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into myStack-init-check
2016-01-04 09:17:04 -07:00
8a47c1d01e
Merge pull request #237 from kaleb-himes/32-bit-ocsp
...
Also account for 32-bit users with ocsp test
2016-01-04 09:33:12 -03:00
d817f0fbc8
fixes test scripts to avoid bash-isms
2016-01-04 09:27:58 -03:00
7bbd93b609
Merge pull request #239 from kaleb-himes/openx-curve-unused
...
Fix cases that were not detected in Jenkins
2015-12-31 18:35:03 -08:00
fa3f0660b6
compiler warning about myStack use
2015-12-31 13:59:11 -07:00
51e365541f
Merge pull request #238 from toddouska/aesni-192key
...
fix aesni 192bit key expansion over read of 64bits
2015-12-31 12:55:28 -08:00
b78fb311bb
Fix cases that were not detected in Jenkins
2015-12-31 13:18:37 -07:00
99539b8875
fix aesni 192bit key expansion over read of 64bits
2015-12-31 11:19:47 -08:00
84ae9a9ae5
Also account for 32-bit users
2015-12-31 12:05:45 -07:00
71a3555f6f
Merge pull request #236 from kaleb-himes/ed-openx-unused
...
catching up on old jenkins issues that need fixed
2015-12-31 10:29:32 -08:00
6a56a53545
catching up on old jenkins issues
2015-12-31 09:33:01 -07:00
1bef0ba455
cosmetic changes to OCSP Stapling options.
2015-12-30 17:10:25 -03:00
5fb8ea691a
updates ocsp certs with better OCSP Responder URI.
2015-12-30 16:50:22 -03:00
5040820f98
prepare for 3.8.0 release
2015-12-30 12:09:31 -07:00
2145eebd1a
Merge pull request #234 from JacobBarthelmeh/master
...
add ocsp needed certs to dist
2015-12-30 10:51:17 -08:00
0c21b67bb6
add ocsp needed certs to dist
2015-12-30 10:19:20 -07:00
87e828bf17
Merge pull request #233 from toddouska/hint-types
...
fix hint types for misuse of in_buffer and out_buffer
2015-12-30 09:34:25 -07:00
71218169c1
Merge pull request #232 from kaleb-himes/master
...
accounts for assumptions with external ocsp stapling test
2015-12-29 18:22:11 -08:00
157486ce0d
fix hint types for misuse of in_buffer and out_buffer
2015-12-29 16:13:09 -08:00
a973eca4b8
accounts for assumptions with external ocsp stapling test
2015-12-29 17:05:51 -07:00
6ba14fa241
fixes some errors from Jenkins Expected Configurations Build # 111
2015-12-29 10:19:27 -03:00
0a14e6f3c6
Merge pull request #230 from cconlon/mcp_time_fix
...
fix LowResTimer on Microchip ports
2015-12-28 21:56:07 -08:00
774d335387
Merge branch 'csr'
2015-12-28 19:53:27 -03:00
ec9d23a9c3
Merge branch 'csr'
2015-12-28 19:38:04 -03:00
487bb4eb5e
fixes before merge
2015-12-28 19:33:06 -03:00
a9894e9033
Merge pull request #229 from ejohnstown/dtls-warnings
...
fix DTLS warnings for Windows
2015-12-28 14:20:03 -07:00
47426b1f8d
fix LowResTimer on Microchip ports
2015-12-28 13:58:01 -07:00
2e00b12b69
updates configure.ac with better option naming.
2015-12-28 17:55:41 -03:00
91c06736cb
Merge pull request #228 from kaleb-himes/typo-corrections
...
minor typo corrections
2015-12-28 11:56:48 -08:00
2d33380abc
Merge pull request #225 from JacobBarthelmeh/master
...
help message to use NTRU key in example server
2015-12-28 11:56:13 -08:00
c3df8af997
Merge pull request #223 from cconlon/vswarnings
...
fix Visual Studio warnings
2015-12-28 11:55:13 -08:00
3a1909dab9
Merge pull request #209 from kaleb-himes/master
...
OpenSSH added support for additional NID types. Update our compatibil…
2015-12-28 11:52:38 -08:00
92cb8eee61
revise the comments about port 0 use in the example client and server
2015-12-24 15:42:52 -08:00
99797eb4f6
Merge pull request #227 from ejohnstown/example-comments
...
Example comments
2015-12-23 15:09:54 -07:00
cc8633fe7f
minor typo corrections
2015-12-23 13:28:45 -07:00
4b836f8476
added note to client and server regarding port 0
2015-12-23 12:20:53 -08:00
d17549f848
update example client ShowVersions() to not show disabled old-tls versions
2015-12-23 12:12:41 -08:00
558d2566cc
Merge pull request #226 from toddouska/ranports-scripts
...
add random ports for all make check scripts, unique ready file
2015-12-23 12:49:16 -07:00
5cbaa9de20
Merge pull request #224 from ejohnstown/windows-fips-segments
...
add the Windows object ordering tags to wolfCrypt first and last sources
2015-12-22 17:08:57 -07:00
22385f2b39
add random ports for all make check scripts, unique ready file
2015-12-22 14:35:34 -08:00
41f50b7a73
NTRU suites considered part of static RSA suites group
2015-12-22 15:19:11 -07:00
0721b79282
help message to use NTRU key in example server
2015-12-22 11:51:26 -07:00
44c4f18d3e
fix DTLS warnings for Windows
2015-12-22 09:45:54 -08:00
cbf3213c4f
correct logic on pre-processor macro
2015-12-21 23:33:33 -07:00
0cb2374c69
Ensure configured before assuming message digest is supported
2015-12-21 23:03:45 -07:00
b153ac002c
fix Visual Studio warnings
2015-12-21 16:11:02 -07:00
d5295edbd1
add the Windows object ordering tags to wolfCrypt first and last sources
2015-12-21 11:01:09 -08:00
37b8e60537
Merge branch 'toddouska-hello-size'
2015-12-18 10:00:00 -07:00
4da1ae3947
Merge branch 'hello-size' of https://github.com/toddouska/wolfssl into toddouska-hello-size
2015-12-18 09:33:13 -07:00
917edc5f18
Merge pull request #218 from toddouska/ssl3-aes256
...
add aes256 key derivation to ssl3
2015-12-17 18:30:23 -08:00
b89354880f
switch pragma once uses, causes warnings on some compilers
2015-12-17 13:19:17 -07:00
e503b89ca1
allow sniffer build with -v 0 examples to work
2015-12-17 12:10:22 -08:00
6c69b7f109
make hello suite size user settable, increase default
2015-12-17 09:57:44 -08:00
d395c5aba3
condense to one switch statement for testing of message digests
2015-12-16 11:40:58 -07:00
46c4653f60
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-12-16 11:37:07 -07:00
ed8a50ce69
Merge pull request #211 from lchristina26/master
...
GenerateSeed() Function for VxWorks compatibility
2015-12-15 15:59:20 -08:00
94b1df49ae
Merge pull request #219 from JacobBarthelmeh/master
...
install user_rsa.h and fix leading bit function
2015-12-15 15:57:48 -08:00
3113c8db9b
update VXWORKS GenerateSeed() - no printf, error return
2015-12-15 16:52:21 -07:00
1cdc6d5edb
refactoring dist and install of user/fast-rsa
2015-12-15 16:09:49 -07:00
b87c7fb460
install user_rsa.h and fix leading bit function
2015-12-15 13:50:01 -07:00
eed40eb690
add aes256 key derivation to ssl3
2015-12-15 11:54:03 -08:00
b9e2ff3055
Merge pull request #217 from NickolasLapp/openssl_version_increase
...
Add in stub functions for opensslv1.0.1 w/ stunnel and lighttpd
2015-12-15 11:17:52 -08:00
9688a0f0db
fixes API names (marketing wise);
2015-12-14 23:12:08 -03:00
a15c003211
adds extra certs for ocspstapling tests;
2015-12-14 23:02:49 -03:00
0ca6a5601e
fixes OCSP_MULTI check;
...
adds root-ca-cert to index0.txt;
adds keyUsage to CA certs;
sets fixed serial to root-ca-cert;
2015-12-14 20:22:48 -03:00
bf621f1832
Add in stub functions for opensslv1.0.1 w/ stunnel and lighttpd
2015-12-14 15:36:04 -07:00
196b983b7b
adds ocsp test scripts;
2015-12-13 18:06:08 -03:00
a834c2acf6
improved DTLS handshake sequence numbering when retransmitting finished message
2015-12-11 18:41:09 -08:00
6ab9c87f13
add comment to VXWORKS GenerateSeed()
2015-12-11 13:41:05 -07:00
e2456214f4
update random.c for better entropy with VXWORKS
2015-12-11 13:22:33 -07:00
8b99cea5c8
update README with entropy instructions
2015-12-11 13:19:44 -07:00
af4eb590a6
Merge pull request #214 from aburks/IS-213-AESFailsWithFreescaleCAU
...
Issue #213 : AES fails with Freescale (mm)CAU
2015-12-10 17:08:52 -08:00
838c5297c3
Merge pull request #216 from aburks/IS-215-SignatureUsesOldRNG
...
Issue #215 : Signature module uses old RNG
2015-12-10 17:08:36 -08:00
03a643cc35
Issue #215 : Signature module uses old RNG. Use the new WC_RNG construct instead in order to prevent conflicts with board support packages.
2015-12-10 17:04:48 -08:00
bc54b18cad
Issue #213 : AES fails with Freescale (mm)CAU.
2015-12-10 16:55:49 -08:00
4f0c2177b2
Merge pull request #212 from dgarske/CleanupAsnLeadingZero
...
Cleanup of the leading zero detection in wc_RsaKeyToDer and wc_DsaKey…
2015-12-10 11:11:58 -08:00
89518ad445
Cleanup of the leading zero detection in wc_RsaKeyToDer and wc_DsaKeyToDer to use existing mp_leading_bit function.
2015-12-10 10:48:50 -08:00
1c4b3016e6
set required tls1_2 for when using ChaCha20-Poly1305 suite
2015-12-10 11:45:27 -07:00
5c5c7ffaec
Merge pull request #210 from dgarske/CheckEccAltwFastMath
...
Added compile time check for ALT_ECC_SIZE requiring USE_FAST_MATH.
2015-12-10 10:24:20 -08:00
cb73064c10
format changes to VXWORKS GenerateSeed()
2015-12-09 13:22:13 -07:00
38ac17864e
added entropy, wc_GenerateSeed() for VxWorks
2015-12-09 13:18:42 -07:00
1153c31bbb
Added compile time check for ALT_ECC_SIZE requiring USE_FAST_MATH.
2015-12-09 09:53:59 -08:00
97dcb5e567
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-12-08 13:45:25 -08:00
5fd4903fde
bump version to 3.7.3
2015-12-08 09:32:00 -08:00
1d1af6410d
OpenSSH added support for additional NID types. Update our compatibility layer
2015-12-08 07:27:43 -08:00
d30a1be572
adds new certificates for OCSP tests
2015-12-07 19:55:33 -03:00
8756c31a01
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-12-07 12:43:01 -08:00
c7fdc9ba9e
DTLS Hello Verify and Server Hello should use the sequence number of the Client Hello
2015-12-07 11:24:14 -08:00
4a0c4fbf3f
remove fprintf from ecdsa verify fail wrapper
2015-12-07 09:25:19 -08:00
beebc87bc8
Merge pull request #208 from JacobBarthelmeh/master
...
example IO callback and keep memory alive when needed
2015-12-07 09:12:07 -08:00
1600ba7f3d
example IO callback and keep memory alive when needed
2015-12-06 14:30:00 -07:00
6c70e3233d
fix bug where unknown OIDs were treated as parsing errors rather than ignored
2015-12-05 13:14:29 -08:00
89a65b0aa0
Fixed compile error in signature.c with g++. Corrected comment.
2015-12-04 15:22:06 -08:00
179f1cab9b
Merge branch 'keyex'
2015-12-03 12:38:02 -08:00
37bc497f21
fix merge conflict
2015-12-03 12:37:49 -08:00
532d1da9c0
Merge pull request #206 from dgarske/FixExtraMalloc_wNotTLS12
...
Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServer…
2015-12-03 11:26:43 -08:00
0c9dca3a5f
Merge pull request #201 from JacobBarthelmeh/fast-rsa
...
modification to fast-rsa sign operation and make key
2015-12-03 11:19:02 -08:00
1c2a920b8f
Merge pull request #203 from dgarske/SendServerHelloRNGCombine
...
Combined "wc_RNG_GenerateBlock" calls in "SendServerHello".
2015-12-03 11:16:00 -08:00
b1d18d8455
Fixed issue with "WOLFSSL_SMALL_STACK" and pre TLS 1.2 in "SendServerKeyExchange" where "encodedSig" is allocated and not used.
2015-12-02 19:43:05 -08:00
fea769816c
ed25519 verify function return descriptive error value
2015-12-02 15:55:40 -07:00
e08fa67a32
fix clang --disable-memory issues
2015-12-02 14:40:32 -08:00
5cf94166b2
silently drop epoch 0 messages when handshake completed
2015-12-01 14:59:32 -08:00
d673a56c83
change line ending of license to match Windows CR LF
2015-12-01 14:49:16 -07:00
5687562e7b
back out change to decryptedCur flag
2015-12-01 13:32:00 -08:00
a5f689168e
fix call to IsEncryptionOn for session tickets
2015-12-01 09:18:21 -08:00
bb5de34e5c
cast type on XMALLOC with ntru
2015-12-01 09:24:44 -07:00
654e17379e
Combined "wc_RNG_GenerateBlock" calls in "SendServerHello".
2015-11-30 19:29:20 -08:00
251d0364f8
check DTLS sequence number against window a little earlier
2015-11-30 17:16:47 -08:00
346dcb0fd9
adds WOLFSSL_CSR2_OCSP_MULTI support;
2015-11-30 21:26:00 -03:00
514aa331f8
wrapped checks for encryptionOn with a function to allow more complicated checks like for epoch 0 being unencrypted
2015-11-30 14:43:03 -08:00
07356af78e
prepares BuildCertificateStatus() to send more than one certificate status;
2015-11-30 18:34:00 -03:00
767da41b16
allow 1024 and 2048 example cert buffers to be enabled at same time, gencertbuf.pl
2015-11-30 14:18:17 -07:00
d2a80ba1bc
remove extra NULL check in SetTmpDH_buffer/file_wrapper, fix API tests
2015-11-30 10:25:55 -07:00
6030970026
perfer local IPP libraries, memory usage and casting
2015-11-29 23:34:58 -07:00
db599bb361
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into fast-rsa
2015-11-29 13:39:45 -07:00
4217ef5475
fixed mdk4 macro control in example server/client, echoserver/client
2015-11-27 11:31:12 +09:00
7f1b9a1e13
storing DTLS handshake messages takes into account overlapping data
2015-11-25 20:25:57 -08:00
83f26abdde
Merge pull request #198 from JacobBarthelmeh/master
...
C Sharp wrapper
2015-11-25 14:11:52 -08:00
e4894bfd0b
add comments to clarify accept and connect state advancement due to sending fragments
2015-11-25 11:10:42 -08:00
02411ccced
add F back into the client command line options scanning
2015-11-25 10:36:51 -08:00
1b3254cc47
Merge pull request #202 from NickolasLapp/openssl_test_update
...
Clarify Openssl.test results messaging
2015-11-25 09:12:52 -08:00
f7fac88e8b
Don't error out when calling ippInit to find optimized IPP library, just fall back to use standard
2015-11-24 17:28:43 -07:00
33eb4b98d3
Clarify Openssl.test results messaging
2015-11-24 15:16:26 -07:00
1626ae6287
Merge pull request #200 from lchristina26/master
...
Update VxWorks README to assume a filesystem, fix typos
2015-11-24 13:31:16 -08:00
c5c9991d11
modification to fast-rsa sign operation and make key
2015-11-24 13:41:04 -07:00
da127dfb17
warrning for unused function in user-crypto / fast-rsa mode
2015-11-24 13:18:39 -07:00
76952d9ea9
updated README to leave out NO_FILESYSTEM
2015-11-24 12:21:01 -07:00
1fbaf089ae
adds support to WOLFSSL_CSR2_OCSP in both DoCertificateStatus() and SendCertificateStatus();
...
adds contingence plan for status_request_v2;
2015-11-24 00:47:27 -03:00
f9d6464793
adds basic extension code for CERTIFICATE_STATUS_REQUEST_V2;
...
fixes EncodeOcspRequestExtensions() length check;
2015-11-23 23:42:05 -03:00
e4bed957b3
#1591 : fixed macro control for MDK4
2015-11-24 11:26:08 +09:00
91b7cddb7c
better error checking on condition variable operations, cleanup
2015-11-23 15:13:36 -08:00
b9f0243528
Merge pull request #195 from dgarske/LPCXpresso
...
Adds LPCXpresso IDE support
2015-11-23 14:47:20 -08:00
6c1fd13184
Merge pull request #199 from dgarske/ChangeToWolfRootWarnFix
...
Fixes "warning: Size argument is greater than the free space in the d…
2015-11-23 14:43:45 -08:00
c3b3ba4a2a
Fixes "warning: Size argument is greater than the free space in the destination buffer" with XSTRNCAT().
2015-11-23 14:41:24 -08:00
feef035c06
Merge branch 'crl-monitor'
2015-11-23 14:17:27 -08:00
32b2d7f9e4
have calling thread wait for crl monitor thread to setup for simpler cleanup
2015-11-23 14:15:12 -08:00
96e18a8c68
adds next update verification when decoding the OcspResponse;
...
fixes memleak in GetOcspStatus(); If the status was outdated, the responseBuffer was allocated twice;
consider error in OcspResponseDecode() also a BAD_CERTIFICATE_STATUS_ERROR;
2015-11-23 15:11:51 -03:00
f3131fb5d6
adds next update time to ocspd.sh
2015-11-23 13:34:27 -03:00
b820619e6c
updates certs;
...
adds ocsp certs;
2015-11-23 09:56:45 -03:00
51f5ded392
adds config to generate ocsp certs
2015-11-23 09:44:39 -03:00
aaad9787db
updates box version to trusty64;
...
fixes provisioning errors;
2015-11-23 09:19:33 -03:00
d248a7660c
ASN: when getting OID from stream, check the summed value; added utility to skip OID; setting OID uses same strings as getting, separated NULL tag from the OID
2015-11-21 12:00:34 -08:00
9c6b52876a
add SetTmpDH file/buffer functions to API tests
2015-11-20 13:32:44 -07:00
85373f7b6e
move SetTmpDH buffer functions out of NO_FILESYSTEM
2015-11-20 13:30:22 -07:00
7d13fe9017
license heading
2015-11-20 10:19:55 -07:00
39d6992759
logging levels added
2015-11-20 09:59:08 -07:00
b9dae51658
C Sharp wrapper
2015-11-19 20:51:32 -07:00
6abfaf6df4
Implemented Wolf version of LPC18XX startup code to eliminate NXP code from our repo. Cleanup of trailing spaces and convert tabs to spaces.
2015-11-19 19:06:40 -08:00
14cb082a37
Merge pull request #197 from dgarske/RowleyIDECleanup
...
Rowley IDE fix to exclude .asm and .s files. Cleanup to remove Rowley…
2015-11-19 18:16:57 -08:00
c898c582f9
Corrected filename in include.am and top of file.
2015-11-19 17:56:49 -08:00
1894358bec
Rowley IDE fix to exclude .asm and .s files. Cleanup to remove Rowley example code, leaving just stubs and Wolf code.
2015-11-19 14:32:45 -08:00
6d67ee11b6
Merge pull request #196 from NickolasLapp/SNI_ConditionalCompile
...
Define SNI func condtionally. Declare var at top of func
2015-11-19 13:18:23 -08:00
c3cdbf31bb
Define SNI func condtionally. Declare var at top of func
2015-11-19 13:49:57 -07:00
2698736aaf
fix missing XMALLOC/FREE types
2015-11-19 10:20:28 -08:00
e51f99a5c3
Adds LPCXpresso IDE support. Tested with the OM13076 (LPCXpresso18S37) board.
2015-11-18 17:16:33 -08:00
4da70f9fe9
Merge pull request #193 from dgarske/SigHashFixes
...
Fixes for build errors with new signature and hash wrapping functions…
2015-11-17 12:19:21 -08:00
a2915fbc57
Merge pull request #194 from dgarske/BenchmarkAddHeader
...
Added benchmark.h to expose the benchmark_test function. Updated a co…
2015-11-17 12:13:08 -08:00
cdc830c1cc
Fixes for build errors with new signature and hash wrapping functions. Disabled MD2/4 hash wrapping.
2015-11-17 10:15:36 -08:00
09793e3206
Added benchmark.h to expose the benchmark_test function. Updated a couple of projects to use the new benchmark header.
2015-11-17 08:52:12 -08:00
5e80bf46bf
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-11-16 13:20:26 -08:00
ca7956b50d
update cavium nitrox port to wolfssl
2015-11-16 13:20:19 -08:00
4e7935f5f5
Merge pull request #188 from dgarske/HashSignVerifyWrappers
...
New hash and signature wrapper functions:
2015-11-16 12:16:55 -08:00
103f984421
Cleanup of the signature wrapper error cases to be more explicit.
2015-11-16 11:54:23 -08:00
60b1a0c8be
fixes scan-build warnings
2015-11-16 16:16:48 -03:00
5e4955f689
reuse OcspRequest data in ocsp stapling;
2015-11-16 16:03:48 -03:00
6d6ca56e4e
fixes SendCertificateStatus() loading the CA in the server side to build the OCSP request properly.
2015-11-16 15:31:50 -03:00
24907fc818
adds buffer logging;
2015-11-15 18:43:29 -03:00
12802f40c5
finishes SendCertificateStatus(); sending the stored status;
2015-11-15 16:40:47 -03:00
8ae6bf1641
adds server side Certificate Status Request extension;
...
missing: Finish SendCertificateStatus();
2015-11-15 00:26:11 -03:00
cc684f8593
fixes OCSP nonce extension size estimation at client hello message;
2015-11-14 22:28:52 -03:00
a38f7bb937
fix jni build enabling ecc on non 64 bit platforms
2015-11-13 16:58:05 -07:00
b870bad63e
Added new "SIG_VERIFY_E" type for "wc_SignatureVerify" failure. Added argument checking on new signature wrapper functions. Added new "NO_SIG_WRAPPER" to optionally disable wrappers to reduce code size.
2015-11-13 12:22:32 -08:00
4a853b7318
Update README.md
2015-11-13 10:45:11 -07:00
bcff81fd64
Update README.md
2015-11-13 10:38:58 -07:00
9007d4b655
Update README.md
2015-11-13 10:37:46 -07:00
0994491916
Update README.md
2015-11-13 10:36:36 -07:00
e5707f0d49
Update README.md
2015-11-13 10:35:13 -07:00
0c1a4dfd12
Merge pull request #190 from NickolasLapp/stunnel_session_changes
...
Implement missing openssl API
2015-11-12 16:11:01 -08:00
66965759d5
Implement missing openssl API
2015-11-12 16:52:56 -07:00
5c96be4d19
fix idea conversion warnings
2015-11-12 15:14:00 -08:00
806a2748bf
Merge pull request #189 from lchristina26/master
...
Updates for Wind River WORKBENCH/ VxWorks Compatibility
2015-11-12 13:33:27 -08:00
307413f11b
Update README.md
2015-11-12 13:34:36 -07:00
db6920d372
updates for vxworks compatibility
2015-11-12 13:33:47 -07:00
261fedd906
idea_mult() now works on 16,32, AND 64bit systems
2015-11-12 10:32:35 -08:00
d9cb1cfbe1
fix idea_mult() for 16 and 32bit systems
2015-11-12 10:22:31 -08:00
ba92b2db7b
Update README.md
2015-11-12 10:47:38 -07:00
f692c8cefb
New hash and signature wrapper functions:
...
1. Added new hash wrapper function "wc_Hash". Hash functions support Md# and SHA# using "enum wc_HashType". Added new "wc_HashGetDigestSize" function to get hash size (returns 0 if not supported).
2. Added new signature wrapper functions "wc_SignatureGenerate" and "wc_SignatureVerify" to perform hash then sign/verify of bytes. Signature functions support ECC and RSA using "enum wc_SignatureType". Added new "wc_SignatureGetSize" function to get the signature size using the key (returns 0 if not supported).
2015-11-12 09:36:14 -08:00
302fd05edd
Change "//" to "/* */" comment. Removed unreferred functions.
2015-11-12 15:31:58 +09:00
866b1517d3
Merge pull request #187 from NickolasLapp/fix_getShutdown
...
Make get_shutdown return correct results with stunnel
2015-11-11 11:15:22 -08:00
e49b12c7cc
Make get_shutdown return correct results with stunnel
2015-11-11 11:43:38 -07:00
01e649210d
Update README.md
2015-11-11 10:16:48 -07:00
6cdeebc4da
Update README.md
2015-11-11 10:03:49 -07:00
27e523a85a
Update README.md
2015-11-11 10:00:53 -07:00
d34f2ebc35
Update README.md
2015-11-11 09:30:03 -07:00
cdea03fdf3
Update README.md
2015-11-11 09:28:59 -07:00
f9cd90872d
Update README.md
2015-11-11 09:21:27 -07:00
4063fbc2b5
Update README.md
2015-11-11 09:18:00 -07:00
7d9356ae04
Update README.md
2015-11-11 09:13:04 -07:00
19ebc5b600
Update README.md
2015-11-11 09:12:10 -07:00
c3540b2f6e
Update README.md
2015-11-11 09:11:14 -07:00
28cbe7e7a5
Merge pull request #186 from tisb-vikram/master
...
add HAVE_ECC to WolfSSL/TI-RTOS settings
2015-11-10 19:58:46 -08:00
196b965be5
add HAVE_ECC to WolfSSL/TI-RTOS settings
2015-11-10 18:06:55 -08:00
d076fdf0cd
Merge pull request #185 from tisb-vikram/master
...
fix TI-RTOS makefiles to build wolfSSL from local dir
2015-11-10 17:41:57 -08:00
3211817f59
fix TI-RTOS makefiles to build wolfSSL from local dir
...
Signed-off-by: Vikram Adiga <vikram.adiga@ti.com >
2015-11-10 17:21:10 -08:00
a69d99981f
Merge pull request #184 from kaleb-himes/master
...
allow openssl extra tests if configuration supports
2015-11-10 15:15:30 -08:00
c3a249009f
allow openssl extra tests if configuration supports
2015-11-10 15:29:05 -07:00
9b8f26329d
improves srp unit test to use random salt;
2015-11-10 17:43:02 -03:00
5823485f61
Merge pull request #182 from lchristina26/master
...
Update the README for VxWORKS
2015-11-10 12:36:59 -08:00
56e94cb3a9
Update README.md
2015-11-09 22:37:21 -07:00
9c43e94746
Update README.md
2015-11-09 22:36:00 -07:00
ebd1e2b35d
Update README.md
2015-11-09 22:35:16 -07:00
a0f3fa1f1a
Update README.md
2015-11-09 22:34:53 -07:00
54c5a3a10c
update VxWorks readme
2015-11-09 17:23:25 -07:00
6efd8e2db0
fix unused PemToDer() vars depending on build options
2015-11-09 14:58:20 -08:00
906be9fb20
add printf to logger w/o callbacks w/ WOLFSSL_LOG_PRINTF
2015-11-09 14:55:09 -08:00
417f85da86
use gmtime_r if there
2015-11-09 14:48:39 -08:00
756feb37f5
Merge pull request #179 from kaleb-himes/master
...
SAFESEH:NO in DLL Debug|Win32
2015-11-09 14:25:23 -08:00
e9348635a0
SAFESEH:NO in DLL Debug|Win32
2015-11-09 15:11:58 -07:00
d869279ad5
Merge branch 'custom-seed'
2015-11-06 15:37:26 -08:00
099b6bc3df
Updated the Rowley Crossworks example so it builds due to new user-crypto. Tested and verified new "CUSTOM_RAND_TYPE" using 8, 16 and 32 bit values.
2015-11-06 09:41:16 -08:00
05f4c83b98
Optimizations to improve random number generation performance and provide additional ways to implement custom versions of custom random handlers. Added new "CUSTOM_RAND_TYPE" to define the datatype for the "CUSTOM_RAND_GENERATE" function. Added new "CUSTOM_RAND_GENERATE_SEED" option for anyone who wants to implement their own equivalent "wc_GenerateSeed()" function. Added generic FREESCALE_RNGA and FREESCALE_RNGB options.
2015-11-05 22:20:11 -08:00
dccbc1cdd4
fixes ocsp nonce extension decoding;
...
enables use of ocsp nonce extension in the client example.
2015-11-05 11:45:42 -03:00
62210186c7
fix code logic to single if
2015-11-05 11:45:41 -03:00
17c9494a2d
fix gfmul intel calling convention
2015-11-04 13:26:38 -08:00
124f1f8ce7
switch gfmul to intel syntax in aes_asm.asm
2015-11-04 11:55:04 -08:00
3b102862b1
exclude new AES-GCM test when in FIPS mode
2015-11-03 16:57:38 -08:00
23ba31cbdd
1. Fixed bug where AES-GCM IVs had to only be 12 bytes. Now
...
accepts any length.
2. Added test case for AES-GCM using an 60 byte IV.
3. AesGcmSetKey doesn't calculate H value in AES-NI mode.
2015-11-03 16:47:42 -08:00
427405fff9
Merge branch 'timediff'
2015-11-03 14:21:55 -08:00
44165371bc
timediff fixup
2015-11-03 14:15:15 -08:00
69d5f2e43c
Merge branch 'DateFormat' of https://github.com/kojo1/wolfssl into timediff
2015-11-03 14:04:14 -08:00
5c9089651a
fix github issue #174 , disable des3 with (else if) logic broken
2015-11-03 12:03:35 -08:00
8d4d9ebe12
fix jenkins ec 56
2015-11-03 11:30:56 -08:00
37f4fbc000
Merge branch 'openssl-script'
2015-11-02 13:27:20 -08:00
fbd4f8a6ed
fix merge conflict
2015-11-02 13:26:46 -08:00
54a0a3370a
fix wolfSSL_Init to only call new wolfCrypt_Init() once
2015-11-02 12:35:43 -08:00
a1d1155b0c
add missing error strings
2015-11-02 12:18:12 -08:00
b13ae543ec
bump dev version
2015-11-02 11:15:21 -08:00
3db5a5f2c2
Merge branch csr into 'master'
2015-11-02 15:54:41 -03:00
21d70636dc
Merge branch csr into 'master'
2015-11-02 15:51:01 -03:00
1d32ff2c59
Merge branch 'aes-ni-gcm'
2015-11-02 09:42:10 -08:00
28dcef2d71
gcm benchmark results format alignment
2015-11-02 09:39:34 -08:00
f8aeac608c
1. Add C NI-intrinsic AES-GCM encrypt and decrypt.
...
2. Fix error string for wolfcrypt test of GMAC.
3. Add AES-GCM Decrypt to benchmark.
2015-10-30 16:03:26 -07:00
5d2d249673
turn on OpenSSL public key type decodes unless explicitly turned off
2015-10-30 13:40:05 -07:00
d741d4cddc
Adding UTC Time Differential in ValidateDate
2015-10-30 11:26:54 +09:00
e76f95465d
Merge pull request #170 from dgarske/master
...
Fixes initialization of the Crypto HW protection, which could leak a …
2015-10-29 13:56:18 -07:00
8dfa1af9e9
Merge pull request #169 from lchristina26/master
...
updates for VxWorks
Update example client/server to be compatible with VxWorks builds
2015-10-29 13:50:13 -06:00
5bcb7e98cb
readme updates
2015-10-29 13:47:40 -06:00
1a96ff6766
readme updates
2015-10-29 13:45:58 -06:00
4061346f77
more readme updates
2015-10-29 13:44:22 -06:00
dd99948bcd
Workbench readme update
2015-10-29 13:41:17 -06:00
723fc3761b
Example client/server compatible with VxWorks
2015-10-29 13:39:02 -06:00
dacfd84bea
Enhanced "ChangeToWolfRoot" to report error if the root was not found. Also fixed the depth limit.
2015-10-29 10:45:37 -07:00
f977caa492
Cleanup of the test code that looks for the WolfSSL root directory. Now it tries to open the certs/ntru-cert.pem file in each directory up (limited to 5) until it opens it.
2015-10-28 23:54:08 -07:00
d31cec0df0
Fixes initialization of the Crypto HW protection, which could leak a mutex if two calls to "wolfSSL_CryptHwMutexLock()" occurred at the same time prior to calling "wolfSSL_CryptHwMutexInit()". Fixes #164 .
2015-10-28 23:07:52 -07:00
2c41a5b961
adjust wolfssl lib value in rpm spec.in
2015-10-28 17:33:31 -06:00
55a56cac05
Release 3.7.0
2015-10-28 15:07:22 -06:00
3e9fd1c542
Merge branch 'master' into csr
...
Conflicts:
configure.ac
wolfssl/wolfcrypt/types.h
2015-10-28 14:34:15 -03:00
071a452bec
fix indentation and enum conflict
2015-10-28 12:20:20 -03:00
a914ca74f2
updates for VxWorks
2015-10-27 21:24:21 -06:00
542b59d90a
Merge pull request #150 from JacobBarthelmeh/master
...
Intel RSA IPP plug in
2015-10-27 16:57:32 -07:00
8bd228a391
remove libusercrypto.dylib and adjust gitignore
2015-10-27 17:11:31 -06:00
5b2fbd9747
Merge pull request #168 from NickolasLapp/uninitWarn
...
Fixed gcc variable-mayble-uninitialized warning
2015-10-27 16:07:12 -07:00
b7848481a3
Fixed gcc variable-mayble-uninitialized warning
2015-10-27 16:42:19 -06:00
cddebfa941
changes --enable-statusrequest to --enable-ocspstapling
2015-10-27 19:27:56 -03:00
f477168cf7
make it easier for user to define custom bigint types
2015-10-27 14:52:07 -07:00
fa1a356888
add DYNAMIC_TYPE_USER_CRYPTO tag for malloced memory
2015-10-27 13:26:32 -06:00
8dc154ff71
adds support for TLS downgrading against buggy TLS servers.
...
reference: RFC 5246 - TLS 1.2 - Appendix E.1:
Note: some server implementations are known to implement version
negotiation incorrectly. For example, there are buggy TLS 1.0
servers that simply close the connection when the client offers a
version newer than TLS 1.0. Also, it is known that some servers will
refuse the connection if any TLS extensions are included in
ClientHello. Interoperability with such buggy servers is a complex
topic beyond the scope of this document, and may require multiple
connection attempts by the client.
Earlier versions of the TLS specification were not fully clear on
what the record layer version number (TLSPlaintext.version) should
contain when sending ClientHello (i.e., before it is known which
version of the protocol will be employed). Thus, TLS servers
compliant with this specification MUST accept any value {03,XX} as
the record layer version number for ClientHello.
TLS clients that wish to negotiate with older servers MAY send any
value {03,XX} as the record layer version number. Typical values
would be {03,00}, the lowest version number supported by the client,
and the value of ClientHello.client_version. No single value will
guarantee interoperability with all old servers, but this is a
complex topic beyond the scope of this document.
2015-10-27 16:10:23 -03:00
f37ea955ec
improves OCSP response signature verification;
...
reference: RFC 2560 - Section 4.2.2.2 Authorized Responders:
The key that signs a certificate’s status information need not be the
same key that signed the certificate. It is necessary however to
ensure that the entity signing this information is authorized to do
so. Therefore, a certificate’s issuer MUST either sign the OCSP
responses itself or it MUST explicitly designate this authority to
another entity.
2015-10-26 19:33:35 -03:00
a47f98ee19
adds support to nonce extension in OCSP stapling (status request tls extension);
...
fix nonce encoding, there was a missing ASN.1 OctetString header;
2015-10-26 18:11:38 -03:00
14fa980dad
adds contingence plan (force OCSP check when the server answer the status_request extension but doesn't sends a CertificateStatus message);
...
adds back status_request to context level;
2015-10-26 18:11:38 -03:00
42380793c9
adds comparison of OcspRequest and OcspResponse;
...
removes TLS Extension Status Request at context level as specific data is always needed for each session;
2015-10-26 18:11:38 -03:00
daf3155d3c
adds partial client support to TLS Extension Status Request, a.k.a. OCSP stapling;
...
missing:
- compare OcspRequest and OcspResponse;
- execute contingence plan;
- add nonce extension;
2015-10-26 18:11:38 -03:00
82f86adb8e
renames TLS Extension types to follow the TLSX_ + "extension name" pattern; using names listed by IANA:
...
http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
fixes ocsp response extensions parsing in asn.c;
fixes dir slashes in .gitignore: replaces '\' with '/';
removes trailing white spaces;
2015-10-26 18:11:38 -03:00
975452f585
configure error out when not finding libraries with fast-rsa
2015-10-26 13:11:11 -06:00
a42308e28a
Add function ssl_FreeDecodeBuffer() to release the sniffer allocated data buffer and reset the pointer.
2015-10-26 12:01:21 -07:00
b05332c417
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-10-26 10:17:46 -07:00
f99d3067c9
sniffer dynamic buffer release
2015-10-23 16:56:17 -07:00
ab68f38236
have allocate extra byte in case user wants to null terminate returned plaintext
2015-10-23 16:38:59 -07:00
d53b6a9132
handle sniffer realloc failure w/o leak
2015-10-23 16:19:26 -07:00
880ec8cb09
sniffer owns data buffer now, user free(s) after use
2015-10-23 14:12:45 -07:00
c90d0d9607
Merge branch 'sniffer'
2015-10-23 14:10:51 -07:00
73f6666fc2
pre 3.7
2015-10-23 11:18:44 -07:00
dc31b9238f
wolfcrypt init
2015-10-23 11:55:17 -06:00
2569cd2ca4
simplify the size check for storing a DTLS handshake message fragment
2015-10-21 15:04:55 -07:00
54e06cd04e
added deallocator for DtlsPools
2015-10-21 15:04:55 -07:00
6b3c8e8b79
Merge https://github.com/wolfssl/wolfssl
2015-10-21 10:57:39 -06:00
f64f326ab3
work on cyassl -> wolfssl compatibility
2015-10-20 15:25:00 -06:00
87668e7acd
make external script test optional with env variable as CA changes more frequent than release
2015-10-20 11:56:46 -07:00
d2bdea9d96
add new ca to wolfssl website
2015-10-20 11:28:25 -07:00
66d8dc0c71
fix README candidiate typo
2015-10-20 11:22:10 -07:00
1b311eb8e6
Merge pull request #166 from dgarske/master
...
Updated the INSTALL file with section for building with Rowley CrossW…
2015-10-20 11:18:45 -07:00
f26a9f8a70
Updated the INSTALL file with section for building with Rowley CrossWorks and updated the prerequisites for building with *nix.
2015-10-20 09:44:04 -07:00
374e31b211
user crypto memory management
2015-10-20 09:22:43 -06:00
7499175bdb
fix jenkins sniffer changes
2015-10-19 15:09:36 -07:00
c132f9887e
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-10-19 13:56:39 -06:00
ee5a11b8d9
Add Intel IPP crypto for RSA
...
add user-crypto makefile
update README for IPP crypto
place user crypto in wolfcrypt and use autotools
adjust distributed files
move openssl compatibility consumption
auto use IPP RSA -- IPP directory containing shared libraries local
return value of wolfSSL_BN and formating of debug
openssh testing
make sure IPP not built when fips is
ipp init to select correct optimizations -- static libraries on linux -- fast-rsa disabled by default
try to only set library once
only use static IPP if fast rsa is enabled
make print out for user crypto more pretty
2015-10-19 13:51:49 -06:00
14d893aeb0
Add decrypt of AES-GCM to the sniffer.
2015-10-19 11:28:25 -07:00
e1b0c0ac3d
fix jenkins build#69
2015-10-16 15:12:37 -07:00
c93c6c9bf4
add wolfSSL_new() pointer return check on all calls in example client
2015-10-16 14:12:38 -07:00
1253c86c95
Merge branch 'alpn'
2015-10-16 14:06:33 -07:00
4141ea8f83
example server to use cstd free for all build options
2015-10-16 14:05:37 -07:00
1bfc7c7921
Merge branch 'master' of https://github.com/wolfssl/wolfssl
...
Conflicts:
examples/server/server.c
src/ssl.c
src/tls.c
tests/api.c
wolfssl/internal.h
wolfssl/ssl.h
2015-10-16 08:01:29 +02:00
9ef43910ed
Merge branch 'master' of https://github.com/wolfssl/wolfssl
2015-10-16 07:46:51 +02:00
10eab5047a
Fixed compile issues with example server/client. Fixed issue with using XMALLOC/XFREE being used in examples. Fixed issue with "int select_ret" declaration scope. Fixed issue with test.h HAVE_SESSION_TICKET "static rng" name.
2015-10-15 13:42:41 -07:00
d3584979a0
add JNI object storage in WOLFSSL struct
2015-10-15 13:30:03 -06:00
bfc8240dc5
Update --enable-jni to enable PSK, define WOLFSSL_JNI
2015-10-15 13:27:43 -06:00
78bdaedad2
Fixed issues in example server with uninitialized variable and resume test.
2015-10-15 10:18:26 -07:00
74e981093d
fix merge conflict misses on alpn example letter change
2015-10-15 09:48:07 -07:00
d4f3419758
ALPN : add function to get in a server the list of supported protocols sent by the client.
2015-10-15 14:59:35 +02:00
32171997e7
Updated Rowley CrossWorks README.md for enabling FREESCALE_MMCAU. Added sample benchmark output with MMCAU enabled.
2015-10-14 19:19:13 -07:00
fdab3943be
Added throughput benchmarking for client/server examples and added helper script "scripts/benchmark.test". Added example client option: "-B <num>" Benchmarking throughput. Added example server options: "-B <num>" Benchmark throughput, "-e" Echo data, "-i" Loop / Accept multiple connections. Cleanup of the include.am for examples. Cleanup of tcp_connect with DTLS enabled. Cleanup of the valid socket checking. Cleanup trailing whitespace.
2015-10-14 19:13:45 -07:00
ee8537fb6d
Merge branch 'master' of https://github.com/wolfssl/wolfssl
2015-10-14 20:53:30 +02:00
d6cb203210
fix tlsx library proper build with NO_SERVER or NO_CLIENT
2015-10-14 11:16:22 -07:00
f2959168c9
Merge branch 'read-key'
2015-10-14 10:50:37 -07:00
56af895c68
make sure pubkey in ecc private key has size
2015-10-14 10:48:37 -07:00
d2cc582939
fips related macros for configurations using AES direct and DES ECB
2015-10-14 10:51:39 -06:00
52cdf85e26
move touch fips files for non fips distribution to autogen.sh for cleaner autoconf handling
2015-10-14 09:18:05 -07:00
d7772dd254
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-10-13 15:00:59 -07:00
a0a4386504
fix alpn example client merge command options
2015-10-13 15:00:53 -07:00
1359674fa7
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-10-13 14:52:20 -07:00
c0210491d9
don't try to defragment handshake messages outside the handshake
2015-10-13 14:21:39 -07:00
dfc733a304
switch example client max fragment arg to -F to make -L open on both client and server
2015-10-13 14:13:12 -07:00
67861bb222
Added crypto hardware mutex capabilities to wolfcrypt/wc_port. Added optional define "WOLFSSL_CRYPT_HW_MUTEX" to override use of hardware mutex. Enabled hardware mutex protection for Freescale MMCAU. Cleanup of the AES FREESCALE_MMCAU implementation to use wc_AesEncrypt/wc_AesDecrypt wrappers. Fixes #154 .
2015-10-13 12:36:24 -07:00
10f5154389
ALPN : add option to continue in case of client/server protocol mismatch (like OpenSSL)
2015-10-13 09:38:40 +02:00
8595890c51
change sniffer decode data to pointer to pointer
2015-10-12 18:10:24 -07:00
3a0e25637e
Merge branch 'mdk5-update'
2015-10-12 09:33:10 -07:00
c7264ff6d7
enable ecc with stunnel
2015-10-12 09:25:54 -06:00
2840fb47ef
fix bounds check of handshake messages in TLS
2015-10-11 21:32:13 -07:00
d18339f5f7
Merge pull request #162 from kaleb-himes/master
...
Modified scope for ChangeDirToRoot
2015-10-10 09:32:56 -07:00
7364884a69
Modified scope for ChangeDirToRoot
2015-10-09 22:04:41 -06:00
ea1040cfe4
Merge branch 'fix-asn'
2015-10-09 17:00:48 -07:00
92c222798e
Merge branch 'master' of https://github.com/kaleb-himes/wolfssl into fix-asn
2015-10-09 16:56:53 -07:00
91e7d433f8
expected_configure test fixes. Squash for review.
...
fix for --enable-certservice --disable-md5
fix for --disable-md5 --enable-fortress
update macros to reflect referencing code logic for --disable-asn fix
2015-10-09 16:05:36 -06:00
cf605f32dd
Merge branch 'MDK5-3.6.9' of https://github.com/kojo1/wolfssl into mdk5-update
2015-10-09 10:39:15 -07:00
6e61a095c7
Added new Xcode project for test suite. Added Xcode workspace file. Added library support for iOS and OS X targets. Updated project files to Xcode 7. Updated README. Added shared user_settings.h. Cleanup of the test.h "ChangeDirBack" function. Cleanup of duplicate ChangeDirBack() code in testsuite.c and adjusted for new Xcode build location.
2015-10-09 10:25:40 -07:00
7e5be2f313
fix resource cleanup in testsuite and wolfcrypt test
2015-10-09 10:57:55 -06:00
266936db93
fix warning on Windows
2015-10-09 16:00:53 +02:00
826034315e
Merge branch 'master' of https://github.com/wolfssl/wolfssl
2015-10-09 15:23:41 +02:00
bf3b0a228d
add support for Application-Layer Protocol Name (RFC 7301) in the TLS extensions
2015-10-09 15:18:41 +02:00
26ca093c76
fixed errno with errno.h
2015-10-09 09:49:38 +09:00
7e1d0ccb11
removed CyaSSL-Full project, replaced with wolfSSL-Full
2015-10-08 16:10:42 +09:00
78ed5d96df
echoclient for MDK fgets
2015-10-08 15:39:14 +09:00
e242d3eea3
Change project name cyassl to wolfssl
2015-10-07 14:55:34 +09:00
a80653f464
Eliminate local copies of examples/test/benchmark fro example projects
2015-10-07 14:52:18 +09:00
504d3337de
Catching up updated mMDK middleware packs
2015-10-07 14:46:11 +09:00
cc2460b4a0
refactor options in test.h, eliminate cyassl_MDK_ARM.[ch] coupler functions, cert_data.[ch]
2015-10-07 14:39:23 +09:00
cdc3d61b97
Refactoring WOLFSSL_MDK, MDK5 to KEIL_TCP_NET, KEIL_FS
2015-10-07 14:06:19 +09:00
9f6b07aec2
Merge branch 'defrag'
2015-10-06 20:21:06 -07:00
a7ae5155ce
fix defragment of handshake messages in TLS
2015-10-06 20:18:55 -07:00
6d49c308b7
require WOLFSSL_OPENSSL_TEST set for scripts/openssl.test to run, also disable in ipv6 test case because openssl s_server doesn't accept ipv6
2015-10-06 17:02:31 -07:00
adb9d27e9e
Fixed release distribution of the Rowley IDE example. Added section in README for required library functions.
2015-10-06 16:11:28 -07:00
16ba3138a1
Added support for the Rowley CrossWorks for ARM IDE. Added new "WOLFSSL_ROWLEY_ARM" setting define. Added a sample solution (wolfssl.hzp) for building the WolfSSL library and sample test/benchmark applications. The sample applications are written for the Freescale Kinetis K64, but easily be customized for any Kinetis or further extended to support other ARM micro-controllers.
2015-10-06 10:45:46 -07:00
3dda2965bd
fix bash bracket string contains
2015-10-05 15:43:38 -07:00
750302dd2e
Merge branch 'script-openssl-test'
2015-10-05 15:34:38 -07:00
236df9257b
add openssl script suite test
...
switch to bash for 'read -ra <<<' for now
2015-10-05 15:33:37 -07:00
d6a5bfb53d
Revert "revert defragment of handshake messages in TLS"
...
This reverts commit 6d21d328fb
2015-10-05 15:31:39 -07:00
f06c08718c
bump version for sniffer release
2015-10-05 10:14:07 -07:00
b1c5f3b299
add show every cipher suite to examples/client
2015-10-02 16:26:20 -07:00
8c24fa1e66
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-10-02 15:59:15 -07:00
50d340c261
Merge branch 'sniffer-recovery'
2015-10-02 15:58:57 -07:00
0f6f404938
delete debugging breadcrumb
2015-10-02 15:55:40 -07:00
ad51d4ba09
make sure fast invmod lowers result in too big case
2015-10-02 15:38:22 -07:00
9fe5401630
sniffer skips partially received record when fixing an ACK fault
2015-10-02 15:13:02 -07:00
1237b35bb8
add option to sniffer to try to restart decoding after an ACK fault
2015-10-02 11:26:45 -07:00
27450aca7d
increment explicit iv and zero nonce even on GCM/CCM failure
2015-10-02 11:24:32 -07:00
10276944d3
return value on AES CCM encrypt
2015-10-02 11:40:47 -06:00
08771518a7
Merge branch 'freertos'
2015-10-02 10:28:10 -07:00
67e08e48c5
Github Issue #130 (XMALLOC_USER, NO_WOLFSSL_MEMORY) with FREERTOS
2015-10-02 10:56:19 -06:00
dd262fe939
fix on AES CCM nonce size
2015-10-01 17:42:03 -06:00
8f32604542
Merge branch 'vxworks'
2015-09-29 11:59:29 -07:00
3d110516f4
fixup WORKBENCH autoconf
2015-09-29 11:57:52 -07:00
628a4e5ac2
Merge branch 'master' of https://github.com/lchristina26/wolfssl into vxworks
2015-09-29 11:55:06 -07:00
350fe922b9
Update README.md
2015-09-29 12:53:43 -06:00
914ed31ff2
Update README.md
2015-09-29 12:53:10 -06:00
389bbc94eb
Update README.md
2015-09-29 12:51:03 -06:00
f4250006b3
Merge branch 'vxworks'
2015-09-29 11:49:32 -07:00
46cd3a915b
VxWorks README
2015-09-29 12:49:24 -06:00
208f0eeb8e
fix trailing whitespace
2015-09-29 11:48:46 -07:00
799dfadf44
Merge branch 'master' of https://github.com/lchristina26/wolfssl into vxworks
2015-09-29 11:46:18 -07:00
7c9490844a
fix formatting for vxworks commits
2015-09-29 12:22:03 -06:00
3c2712da31
vxworks compatibility additions
2015-09-29 12:12:35 -06:00
d94321ecfb
Merge branch 'freertos-tcp'
2015-09-28 16:16:14 -07:00
b403036c77
Merge branch 'FreeRTOS_TCP' of https://github.com/kojo1/wolfssl into freertos-tcp
2015-09-28 16:13:21 -07:00
77b1649638
Merge branch 'idea'
2015-09-28 15:25:43 -07:00
28912621ec
switch idea invmod too big to subtraction
2015-09-28 15:24:32 -07:00
292e05dc75
switch memset / memcpy to XMEM in src and wolfcrypt/src proper
2015-09-28 11:37:00 -07:00
a8b5c57dd2
make sure external tests have a valid cipher
2015-09-28 09:47:59 -07:00
cab37ef24e
Merge https://github.com/lfcrypto/wolfssl into idea
2015-09-28 09:32:55 -07:00
c7193672a5
fix IDEA modular inverse, add CBC tests with random values
2015-09-27 15:05:01 +02:00
0a530c1b70
#pragma worning for Visual Studio
2015-09-26 08:49:03 +09:00
f450ac0684
settings.h: GenSeed for test only option
2015-09-26 08:03:49 +09:00
ab269b277e
Merge branch 'master' into idea
2015-09-25 15:48:00 -07:00
8c01c8d8e1
Merge branch 'master' of https://github.com/lfcrypto/wolfssl into idea
2015-09-25 15:42:31 -07:00
ac79effa42
Merge branch 'ca-continue'
2015-09-25 15:40:04 -07:00
71576aef14
fix bad computed values
2015-09-25 23:52:08 +02:00
3451ab2f5d
Merge branch 'CA_continue' of https://github.com/NickolasLapp/wolfssl into ca-continue
2015-09-25 14:18:16 -07:00
0c95a5e940
Adding FreeRTOS TCP support, FREERTOS_TCP option
2015-09-25 10:51:35 +09:00
ae6b4be135
fix idea_mult
...
move reg and tmp buffer to word32
2015-09-24 22:55:11 +02:00
42d94a0f7f
wolfssl.com now requires ECDHE or static RSA
2015-09-24 12:19:38 -07:00
465622d4e0
wolfssl.com now uses old chacha-poly, detect for external test
2015-09-24 12:13:01 -07:00
755e844f05
CA parsing to continue after failure when possible
2015-09-24 11:14:07 -06:00
edc9a24681
fix hard tabs in icerts/1024/include.am
2015-09-24 10:03:27 -06:00
86bdeaf490
add new 1024 certs/keys to include.am
2015-09-24 10:00:32 -06:00
86d74efc37
return IdeaCbc{Encrypt/Decrypt} error code
2015-09-24 08:13:43 +02:00
9848701dab
make sure options.h captures user CFLAGS now too
2015-09-23 16:27:48 -07:00
dc1baabd27
update wolfssl website ca
2015-09-23 16:19:55 -07:00
d669fc28c2
add idea benchmark, cleanup
2015-09-23 14:42:48 -07:00
aa3780f6b0
add example 1024-bit server/CA certs and keys for testing
2015-09-23 13:37:34 -06:00
c4e1bdcb29
Merge branch 'master' of https://github.com/lfcrypto/wolfssl into idea
2015-09-23 12:03:58 -07:00
2ded079e95
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-09-23 11:21:38 -07:00
7393b0eea0
allow user to free x509 object in static case (no op)
2015-09-23 11:20:40 -07:00
31439e2baa
remove unneeded tmp from plain DES cbc decrypt
2015-09-23 11:01:22 -07:00
f68400da40
add IDEA cipher (ECB and CBC mode)
...
add support of SSL_RSA_WITH_IDEA_CBC_SHA cipher suite (SSLv3, TLS v1.0 and TLSv1.1)
2015-09-23 16:16:39 +02:00
207859cde8
fix typos in README, ssl.c
2015-09-22 15:40:46 -06:00
2c87cfa983
initialize CFLAGS in configure as empty, remove erasing it when hardening CFLAGS
2015-09-17 16:36:53 -07:00
8ba207e477
Release 3.6.8 prep
2015-09-16 14:57:43 -07:00
6d21d328fb
revert defragment of handshake messages in TLS
2015-09-16 11:57:58 -06:00
329e6a6207
update the example server and echoserver to correctly generate the DTLS cookie
2015-09-15 17:23:52 -07:00
578ea44e1e
check on return values of QSH
2015-09-15 17:46:45 -06:00
764fadeb3b
add sanity checks to internal RsaVerifySign inputs
2015-09-15 16:16:04 -07:00
e0bdaf8146
Merge pull request #138 from kaleb-himes/VS_fix
...
fix for sniffer link error in vcproj
2015-09-15 14:40:25 -07:00
7858d412b9
fix for sniffer link error in vcproj
2015-09-15 15:34:47 -06:00
906cc84f94
Merge pull request #137 from kaleb-himes/VS_fix
...
fix link error in sniffer
2015-09-15 14:07:10 -07:00
2a3863058f
fix link error in sniffer
2015-09-15 14:37:27 -06:00
797bcb6340
Fix Visual Studio warning/errors
2015-09-15 12:13:11 -07:00
cdacb50336
Merge pull request #136 from NickolasLapp/master
...
Fix GCC Compiler warning, fix stunnel naming conflict
2015-09-14 18:56:06 -07:00
9bdcd59338
fix dtls cookie leak
2015-09-14 17:13:16 -07:00
d70e0422a7
Fix naming conflict in stunnel psk_XXX_callback
2015-09-14 18:00:38 -06:00
274be55679
Fix GCC compiler warning
2015-09-14 17:57:24 -06:00
9ceb89b114
Merge branch 'dtls-cookie'
2015-09-14 16:13:49 -07:00
b62e5d57fe
1. improved DTLS cookie generation, uses HMAC and parts of Client Hello
...
message
2. add function to set the cookie Hmac key
3. removed server state for hello verify message
2015-09-14 16:05:30 -07:00
98603b1547
fix +keygen +dsa +opensslextra -filesystem build
2015-09-14 14:18:25 -07:00
097250755a
Merge branch 'ludovic'
2015-09-14 13:30:10 -07:00
91fdc67571
fix cert_ext statics not used with sep
2015-09-14 13:25:15 -07:00
de04565c1e
fix cert_ext test memory leak
2015-09-14 13:15:53 -07:00
7391fc7e89
Merge https://github.com/lfcrypto/wolfssl into ludovic
2015-09-14 13:01:53 -07:00
d8905a0110
move XSTRTOK to STRING_USER where it belongs
2015-09-14 13:00:26 -07:00
10165e966c
remove OPENSSL_EXTRA requirement
2015-09-14 21:14:01 +02:00
0ecd6435e9
remove CERT_EXT from enable-bump
...
cortex test are only done if openssl extra is set
2015-09-14 18:45:14 +02:00
08d1f33d30
remove snprintf
...
use strtok thread safe version
add output size for sanity checks in some functions
2015-09-12 23:17:53 +02:00
de64092a70
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-09-11 15:53:26 -07:00
dbe08087e9
Merge branch 'ludovic'
2015-09-11 15:52:44 -07:00
989f5ffb24
handle gmtime failures
2015-09-11 15:49:55 -07:00
29270d88a4
remove another stdio.h assumption, breaks NO_FILESYSTEM
2015-09-11 15:13:47 -07:00
c0f15b9326
DEBUG_WOLFSSL can't assume C standard headers, fix
2015-09-11 14:12:27 -07:00
088467d312
fix autoconf with new certext files
2015-09-11 14:10:11 -07:00
5654d4beee
fix no_filesystem with certext
2015-09-11 14:04:40 -07:00
21cf0e437e
add --enable-cryptonly build option
2015-09-10 16:24:25 -07:00
a53d05c8bd
updated sniffer statistics for missed sessions and reassembly buffer usage
2015-09-10 11:06:48 -07:00
4785cbf616
fix opensslextra with debug without filesystem
2015-09-09 12:47:45 -07:00
b6b385fe11
fix opensslextra with no filesystem
2015-09-09 12:38:28 -07:00
80c5fecdb2
user CA adds use same policy as Context Verify for verification
2015-09-09 12:19:53 -07:00
5bbcda3c79
add TLS signature fault checks indpendent of build options, plugins, callbacks, etc
2015-09-09 09:59:10 -07:00
108679970a
allow cert_ext to work w/o openssl extra
2015-09-08 16:44:13 -07:00
2f70f27adc
Merge branch 'master' of https://github.com/lfcrypto/wolfssl into ludovic
2015-09-08 14:46:53 -07:00
7e2906de52
add new sniffer APIs, framework
2015-09-08 14:31:32 -07:00
10ad789c6f
set inital value in NTRU rsa_test
2015-09-08 10:27:44 -06:00
25f24ed34f
fix to build on Fedora 32bits and Windows
2015-09-08 08:49:29 +02:00
b685dfb2e7
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-09-07 10:23:46 +02:00
d2ea6f7ef0
Add support for :
...
- PEM public key loading
- set/get KeyUsage in CSR and X.509
- set/get SKID in CSR and X.509
- set/get AKID in X.509
- set/get two Certificate Policies OID in X.509
2015-09-07 09:51:21 +02:00
6041b117d6
fix fips-check freertos help string
2015-09-04 11:05:53 -07:00
58a36566cb
allow for DTLS1.0 version record headers for client hello and hello verify
2015-09-03 15:35:01 -07:00
6dd85815bf
added freertos build to fips-check script
2015-09-03 14:05:09 -07:00
316302cec3
fixes SRP documentation.
2015-09-03 12:21:22 -03:00
12bf9b4430
fixes conflict with reserver names used as variable names;
...
adds NOT_COMPILED_IN error when trying to use SRP with a hash not compiled in.
2015-09-03 12:06:56 -03:00
c34082b7ba
updated fips-check script with proper win versions
2015-09-01 17:57:37 -07:00
aaaebf6213
pkcs7 rolling back static values to auto
2015-09-02 08:59:04 +09:00
be5ac590b7
Freescale: Add KSDK FreeRTOS build, using fastmath
2015-09-01 15:37:11 -06:00
e604ca1d3c
Merge branch 'kojo-mdk5'
2015-09-01 13:35:47 -07:00
ebea6145f6
change generice define to more specific for pkcs7 digest size
2015-09-01 13:33:26 -07:00
31500d0d12
Merge branch 'MDK5' of https://github.com/kojo1/wolfssl into kojo-mdk5
2015-09-01 11:35:58 -07:00
05bef43c1e
bump dev version
2015-09-01 11:31:46 -07:00
3b468bc1ef
internal.c: declaration after exection statements
2015-09-01 09:40:08 +09:00
efb06e2559
rolling back internal.c for master conflict
2015-09-01 09:29:44 +09:00
928d2b7caa
add build optional skip crl next date if missing
2015-08-31 17:02:15 -07:00
a56a8a22e5
add idrect dev time
2015-08-31 15:02:41 -07:00
6969453d06
allow CRL with NO_FILESYSTEM
2015-08-31 14:57:23 -07:00
553fc283c9
add Buffer Load CRL
2015-08-31 14:23:50 -07:00
f8445193a4
add idirect generate seed
2015-08-31 13:55:56 -07:00
1368ae1fb1
add SHA512 signature creation
2015-08-31 13:51:52 -07:00
756cff4cb4
add Rsa Public Key To Der, non FIPS mode
2015-08-31 13:29:22 -07:00
cf38d1c022
detect SetSSL_CTX requirements and error out early
2015-08-31 11:57:30 -07:00
2f3b7d3567
mdk portability, fixed declaration after executing statements
2015-08-30 13:38:52 +09:00
18383d286a
fixed uITRON, uTKernel option
2015-08-30 10:25:09 +09:00
dc68832dba
TIRTOS Semaphore_create error check
2015-08-30 08:36:33 +09:00
122b2e9753
pkcs7: rolling back to static values
2015-08-29 22:02:23 +09:00
f5ee6d616c
Merge remote-tracking branch 'origin/MDK5' into MDK5
2015-08-29 21:24:44 +09:00
cf80a6f639
pkcs7: avoid initial value of pointer to auto value for embedded compilers
2015-08-29 21:22:30 +09:00
572a8cfc11
hmac.c: fixed warning, statement is unreachable
2015-08-29 18:04:57 +09:00
6ff9f96809
inline to INLINE
2015-08-29 14:07:55 +09:00
539bc81682
blake2b: declaration after execution statements, for embedded compiler
2015-08-29 12:30:40 +09:00
2a141f6a82
ed25519: fixed initial data to auto values for embedded compilers
2015-08-29 12:08:52 +09:00
df2216d092
Fixed file access mode
2015-08-29 11:32:30 +09:00
e459bb2e23
Fixed file access mode
2015-08-29 11:08:07 +09:00
1ba1acb8f7
Merge branch 'nlapp'
2015-08-28 16:08:16 -07:00
10b2cf4f2f
turn on ecc with Stunnel
2015-08-27 17:44:55 -06:00
42428f10ad
Remove uneccessary defines from compat. layer
2015-08-27 13:27:33 -06:00
d336268caa
Turns on PSK when compiling for stunnel
2015-08-27 12:57:43 -06:00
565f2ce1d7
Stunnel with psk compiles against
2015-08-27 12:57:43 -06:00
0b72b28b13
reorganize InitSSL. Rename forcekeep->cacheOnly. Free instead of decrement
2015-08-27 12:57:43 -06:00
122b94ea6e
Stunnel needs sni and tlsext
2015-08-27 12:57:43 -06:00
1787e04b23
Enum should be int, not byte
2015-08-27 12:57:43 -06:00
90ad5336fc
Fix uninitialized warning
2015-08-27 12:57:43 -06:00
900edc04e5
Adding sni to mimic openssl functionality
2015-08-27 12:57:43 -06:00
30067d4f59
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-08-27 11:36:43 -07:00
5e26a5c8fc
fix alt_ecc_size exptmod with negative numbers
2015-08-27 11:18:06 -07:00
5e95740d93
Freescale: Add KSDK Bare Metal build, TRNG support
2015-08-27 11:45:40 -06:00
1ee27f7a04
Merge branch 'ecc-keygen'
2015-08-27 10:32:21 -07:00
3814871f71
merge pull request #82 , suite b ecc key-gen
2015-08-27 10:31:22 -07:00
3c614b5ba7
manual merge pull request #83 , ALT_ECC_SIZE fix
2015-08-27 10:18:00 -07:00
e8c17ed2bb
fix defrag member layout, add comments
2015-08-26 12:13:07 -07:00
f2db01bef2
fix defrag memory errors
2015-08-26 12:10:10 -07:00
cc216d5079
InitSuites to disallow stream ciphers for DTLS sessions
2015-08-26 14:16:13 -04:00
5a1a076131
update README(.md) typo
2015-08-26 12:27:28 -04:00
7d067dfec6
defragment the handshake messages in TLS
2015-08-25 21:09:19 -04:00
cb51432dc8
update README.md ia32 register note
2015-08-25 16:11:26 -07:00
e02f177c10
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-08-25 14:58:23 -07:00
9ee88b54f8
add ia32 fastmath register note about --without-pic and fPIE
2015-08-25 14:58:05 -07:00
bd65b06459
remove name decorator from wolfcrypt error reporting function prototypes
2015-08-21 21:49:43 -07:00
5ce39e147d
clean up sniffer packet overlap issue
2015-08-20 18:54:16 -07:00
a93aa8972e
fix sniffer crash with reassembly processing
2015-08-20 18:54:16 -07:00
a47af476d1
add REAMDE note about static cipher suites disabled and compiler error detection
2015-08-20 17:11:00 -07:00
d49499df4c
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-08-20 13:40:12 +02:00
66e91beb2d
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-08-20 13:22:30 +02:00
2f1836d985
fix snifftest bsd build
2015-08-19 16:52:16 -07:00
dfb8d34d0b
3.6.6 release notes
2015-08-19 14:18:48 -07:00
b3aa98147a
fix description text for enable-sslv3 configure option
2015-08-19 12:29:20 -07:00
c6ef29ac4c
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-08-19 08:18:05 +02:00
33595a0b3c
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-08-19 08:08:49 +02:00
b0d90918f9
fix issue between certificate fragmentation and secure renegotiation
2015-08-18 21:00:17 -07:00
c1d663f22d
Merge branch 'kojo-ti'
2015-08-18 12:32:25 -07:00
3b9ec2c119
add extern C to hash.h
2015-08-18 12:31:34 -07:00
15995d1b2c
Merge branch 'TI_hash' of https://github.com/kojo1/wolfssl into kojo-ti
2015-08-18 12:27:57 -07:00
82aaff9e43
Eliminate hash free in DoRound with non-TI case
2015-08-18 11:22:51 +09:00
5cffea7aac
clean static analysis report in cert fragmentation
2015-08-17 17:27:29 -07:00
049a4c6460
fix C++ mode warnings
2015-08-17 16:47:39 -07:00
c812379924
fix shadow decl in DsaKeyToDer()
2015-08-17 14:39:40 -07:00
6376736129
HashFree for TI hash memory leak
2015-08-15 16:51:23 +09:00
4fb0519b37
clean up GCC and VS build warnings
2015-08-14 15:06:12 -07:00
09b2da799f
Merge pull request #125 from kojo1/MDK4
...
MDK4 name change
2015-08-14 14:59:25 -07:00
34ac1a33f3
Freescale: Add support for KSDK (FREESCALE_KSDK_MQX)
2015-08-14 15:21:23 -06:00
a4cbc3b943
fix google external test w/o ecdhe
2015-08-14 12:58:00 -07:00
8374a461d0
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-08-14 12:50:14 -07:00
7fa4302a80
disable static PSK cipher suites by default
2015-08-14 12:49:30 -07:00
d12308a053
SendCertificate fragments the message based on max_fragment setting for TLS and DTLS.
2015-08-14 11:06:42 -07:00
0f9f4ea7e0
add macro blocks to make it easier on embedded devices and fix declaration after executable code
2015-08-14 09:58:44 -06:00
e6ab7de923
TI hardware hash driver memory leak in dummy rounds
2015-08-14 07:44:13 +09:00
8cc9c62911
skip past the pad and mac when skipping a finished message in DTLS
2015-08-13 14:29:56 -07:00
b5ac17539e
Merge pull request #127 from kaleb-himes/master
...
Dynamic Libraries for windows-fips project
2015-08-13 12:46:50 -07:00
fb35dc61db
disable static rsa cipher suites in non max strength build by default
2015-08-13 11:05:07 -07:00
6e2dcdbb73
reset to vs 2010 toolset in .sln file
2015-08-13 12:04:06 -06:00
e9f63f0e17
Release-32 working
2015-08-13 12:03:42 -06:00
838a873cf1
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-08-13 10:20:47 +02:00
4eafff0c21
Merge pull request #126 from NickolasLapp/scan_build_errs
...
Changes to remove scan-build warnings when compiling with full build
2015-08-12 16:42:47 -07:00
deb5d8ab08
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-08-12 16:41:41 -07:00
46e7e9acf9
disable SSLv3 by default
2015-08-12 16:39:13 -07:00
f6c5231e68
fix shadowed declaration on power pc (shadowed asn.h Oid_Types enum)
2015-08-12 14:30:12 -06:00
910fd79a1d
Changes to remove scan-build warnings when compiling with full build
2015-08-12 13:58:23 -06:00
2b35a8242e
MKD file reference path
2015-08-12 19:49:30 +09:00
3af082de39
Remove unused file
2015-08-12 17:58:49 +09:00
9af596dfff
add config files
2015-08-12 17:55:18 +09:00
6b1e351d4d
Merge branch 'master' into MDK4
2015-08-12 17:30:47 +09:00
30f6bc1e27
MDK4, wolfSSL name change
2015-08-12 16:45:40 +09:00
b0bc9e0f0d
Remove hard tabs, update DLL-x64-Release
2015-08-11 15:14:19 -06:00
ffa75d40e0
disable static dh cipher suites in non max strength build by default
2015-08-11 12:25:40 -07:00
4cf78a2dab
Merge pull request #124 from jay/fix-mixed-declarations
...
fix mixed declarations by moving them to their block start
2015-08-10 14:31:05 -07:00
241e375b34
add wc_encrypt and hash to the MYSQL cmake
2015-08-10 13:30:57 -06:00
d367f7ac93
Add wc_encrypt.c to the iOS Xcode project files.
2015-08-10 11:59:19 -07:00
c4cbcff6e0
remove hard tabs
2015-08-10 10:27:24 -06:00
51b9d2bf9d
DLL-Debug-x64 working
2015-08-10 10:25:00 -06:00
4b74e96542
remove stdio.h from dsa.c
2015-08-10 09:34:16 -06:00
e179da07d0
fix mixed declarations by moving them to their block start
...
In Visual Studio <= 2012 C99 mixed declarations aren't supported.
2015-08-10 01:54:25 -04:00
106abb873f
skip the sanity check on a duplicate change cipher spec message in DTLS mode, they are allowed
2015-08-08 23:57:02 -07:00
e16ff73273
Added wc_encrypt.c and other *.c files.
2015-08-08 10:12:05 +09:00
8b0d7cc8da
don't let sniffer try to parse handshake messages after the handshake has completed, new error for secure renegotiation not supported
2015-08-07 15:48:04 -07:00
0cd893a51b
Freescale: Use new I/O where applicable
2015-08-07 16:22:31 -06:00
a80777179b
update MPLABX README
2015-08-07 14:36:47 -06:00
5d40c5f566
Rename RNG to WC_RNG for Freescale, add NO_OLD_RNGNAME define to completely remove RNG type usage
2015-08-07 11:53:19 -06:00
ca41d52f68
Merge pull request #123 from lchristina26/master
...
move MBED GenerateSeed() due to duplicated code
2015-08-07 09:52:19 -07:00
490caf87c3
Merge pull request #122 from kaleb-himes/no-md5-with-hc128
...
fix for test failure with --enable-hc128 --disable-md5
2015-08-07 09:52:07 -07:00
d3c8ff3488
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-08-07 09:42:07 -07:00
50fd2538ff
Merge branch 'srp'
2015-08-07 09:41:44 -07:00
0a037d39ff
fix srp request; forcezero, check mp_init(), no leaks
2015-08-07 09:37:22 -07:00
9397b9e10f
move MBED GenerateSeed() due to duplicated code
2015-08-06 16:40:36 -06:00
08111ab59f
fix for test failure with --enable-hc128 --disable-md5
2015-08-06 10:43:55 -06:00
716ab20afa
Update MPLABX project files, define WOLFSSL_HAVE_MIN in MICROCHIP_PIC32
2015-08-06 10:25:47 -06:00
590f3e1ca0
Merge pull request #113 from lfcrypto/wolfssl
...
add check of ret value
2015-08-06 09:01:12 -07:00
aa0852bf71
Fix Curve25519 test
2015-08-06 08:51:41 -07:00
d050c10581
add support for curve 25519 and Ed25519 in OpenSSH
...
refactor curve25519 and Ed25519 code
fix warning in PEM_xxx_mem_xxx functions
2015-08-06 08:51:41 -07:00
865d88ce3e
rewind tool version
2015-08-05 15:55:05 -06:00
42a50d2caf
Release x64 tested and working
2015-08-05 15:41:46 -06:00
f45ef26977
DLL-x64 and Debug-x64 removed x86 constraint
2015-08-05 11:28:07 -06:00
92b725dfd7
DLL-Debug-32 tested and linking properly
2015-08-05 11:16:21 -06:00
ba83b54616
Merge branch 'master' into srp
2015-08-04 15:49:04 -07:00
f30a11f5ce
Merge branch 'kaleb'
2015-08-04 15:33:05 -07:00
ae397a0b7c
Merge branch 'fix_logic' of https://github.com/kaleb-himes/wolfssl into kaleb
2015-08-04 15:30:27 -07:00
ca66b59815
Merge pull request #120 from kaleb-himes/update_window_projects
...
updated existing projects to include wc_encrypt.c
2015-08-04 15:28:18 -07:00
b15e5b1747
updated existing projects to include wc_encrypt.c
2015-08-04 15:31:40 -06:00
121a24ba15
update logic for ECC FASTMATH KEY-GEN and COMP-KEY
2015-08-04 15:11:01 -06:00
114e3edc27
add srp example to test.c
2015-08-04 16:02:44 -03:00
690cb14746
makes sure random values are safe.
2015-08-04 15:31:18 -03:00
12b8445153
adds key generation function callback option.
2015-08-04 13:36:58 -03:00
f31c32bea2
adds docs using doxygen style.
2015-08-04 01:07:24 -03:00
1d99bd3339
removes u from srp struct.
2015-08-04 01:07:24 -03:00
53224281d2
adds proof getter and verifier for both sides.
2015-08-04 01:07:24 -03:00
490d063dec
adds key computation.
...
removes unnecessary fields from the srp struct.
2015-08-04 01:07:24 -03:00
ba0c75011b
adds secret computation.
2015-08-04 01:07:24 -03:00
6ee788277f
adds tests to SrpSetPassword(), SrpSetVerifier(), SrpGetVerifier();
...
adds SrpGenPublic() and SrpSetPrivate() with unit tests;
fixes k with left pad at g;
adds new error SRP_CALL_ORDER_E to force the functions to be called in the right order.
2015-08-04 01:07:24 -03:00
6d5efccc55
finishes SrpSetPassword(), SrpSetVerifier(), SrpGetVerifier();
...
updates client_proof during SrpSetParams();
2015-08-04 01:07:24 -03:00
8b23b86659
Adds hash type directly inside SrpHash and removes temp hash from Srp struct.
2015-08-04 01:07:24 -03:00
119dd0250e
fixes field types in SRP structure;
...
adds new memory allocation type (DYNAMIC_TYPE_SRP);
improves wc_SrpInit;
adds wc_SrpTerm(), wc_SrpSetUsername(), wc_SrpSetParams(), wc_SrpSetPassword();
2015-08-04 01:07:24 -03:00
dfa956d227
adds wc_SrpInit() with unit tests.
2015-08-04 01:07:24 -03:00
6d7b5bd2f8
adds srp files to build process.
2015-08-04 01:07:24 -03:00
daf01977a1
adds SRP client and server structures.
2015-08-04 01:07:24 -03:00
08959624f2
fix ed25519 with external hash functions
2015-08-03 15:30:07 -07:00
b330bca4b7
Merge pull request #114 from lchristina26/master
...
updates to FREERTOS settings
2015-08-03 10:59:36 -07:00
6c02a9acb7
Merge pull request #115 from kaleb-himes/master
...
re-format test-psk-no-id.conf add README
2015-08-03 10:56:42 -07:00
273a0dd4d5
re-format test-psk-no-id.conf add README
2015-08-03 11:04:18 -06:00
ad39c6137c
Merge branch 'kaleb'
2015-08-03 09:33:40 -07:00
37ba6aeee7
fix psk no identify hint example logic
2015-08-03 09:32:51 -07:00
5adda01e98
Merge https://github.com/kaleb-himes/wolfssl into kaleb
2015-08-03 09:19:45 -07:00
f8feb339fc
updates to FREERTOS settings
2015-08-03 10:13:42 -06:00
281ba1c4c5
Fix Curve25519 test
2015-08-03 09:05:02 +02:00
409126a97c
add support for curve 25519 and Ed25519 in OpenSSH
...
refactor curve25519 and Ed25519 code
fix warning in PEM_xxx_mem_xxx functions
2015-08-01 18:28:18 +02:00
303fb2bb62
Option for no PSK Id Hint and test cases
...
update comment file reference
2015-07-31 22:00:28 -06:00
2ade35c65a
expose have 128bit type to options flags
2015-07-31 16:43:59 -07:00
3fb10301f6
fix build 267, case 743 blak2b w/o md5
2015-07-31 16:29:35 -07:00
16b0120028
fix build 267, base 1361 fp ecc w/ no memory
2015-07-31 11:57:35 -07:00
409b044ec7
fix build 267, case 1299 ocsp + iopool (no stdlib)
2015-07-31 11:44:09 -07:00
c14398cb7a
fix build 267 case 1197, pwdbases -des3 warning
2015-07-31 11:40:14 -07:00
59e894d6a4
fix build 267 case 1044, dhe + psk w/o aes
2015-07-31 11:35:16 -07:00
75b9d809b3
fix build 267 case 932, certgen w/o sha
2015-07-31 11:24:34 -07:00
1470789ac6
fix build 483 with wc_encrypt
2015-07-31 11:13:05 -07:00
342b19496d
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-07-30 16:46:27 -07:00
cc604d23be
fix psk no server hint sanity check
2015-07-30 16:45:31 -07:00
5d7388f879
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-07-30 16:38:06 -07:00
95db44def3
remove autogen clone of fips repo; pre-push runs fips-check if fips directory exists
2015-07-30 16:33:14 -07:00
97853dc3c2
keep resume script from endless loop on bad startup
2015-07-30 16:31:14 -07:00
27371263b7
move variable declaration to beginning of block
2015-07-30 14:47:52 -07:00
bcaa8cde06
fix pre-push calling fips-check with unimplemented option
2015-07-30 14:32:16 -07:00
e1513c30d2
added a pre-push hook. move fips test to pre-push check
2015-07-30 14:24:45 -07:00
2cbb30745e
bump dev version
2015-07-30 12:59:17 -07:00
78cc76b3cd
move DES oneshot APIs out of des.[hc]
2015-07-30 12:51:33 -07:00
011fdc1103
move AES oneshot calls out of aes.[hc]
2015-07-30 12:42:25 -07:00
6d172fce32
hash.h should pull in types before checking defines
2015-07-29 14:40:57 -07:00
12ffa1b778
fix small stack with hash changes
2015-07-29 10:43:54 -07:00
b8fac462cd
No oneshot Hash() in FIPS c files anymore
2015-07-28 16:55:58 -07:00
e97a60c647
move wc_Sha512/384 Hash() outside of sha512.[hc]
2015-07-28 16:41:32 -07:00
9d2b711796
add wc_Sha256Hash() outside of sha256.[hc]
2015-07-28 16:34:23 -07:00
2f3b7b05ba
move wc_ShaHash() outside of sha.[hc]
2015-07-28 16:30:10 -07:00
480bab467d
fix warning
2015-07-28 09:35:28 -07:00
388d023df6
put rsa non public enums back into c file for FIPS
2015-07-28 09:29:47 -07:00
8ff692b772
Merge pull request #109 from NickolasLapp/master
...
Fixed bug when getting PEM encoded sz of cert chain. Add idx check
2015-07-27 15:05:39 -07:00
38fb8caec8
restore FIPS des3 build w/o opensslextra
2015-07-27 14:56:26 -07:00
b85637e06b
Fixed bug when getting PEM encoded sz. Add idx check
2015-07-27 10:43:49 -06:00
e363848ecc
fix jenkins build #465 with kegen changes
2015-07-24 19:19:53 -07:00
4ba57a609c
Merge branch 'ludovic'
2015-07-24 15:39:54 -07:00
0a975eaff9
fix valgrind warning mp_add_d
2015-07-24 15:34:56 -07:00
5780f4d5f7
stub notices. edited b64 encode size. err cert depth/sn
2015-07-24 16:30:16 -06:00
9038ea018a
Freescale/RTCS fixes for io.c
2015-07-24 15:06:58 -06:00
45ef61e46f
fix warnings
2015-07-24 12:43:26 -07:00
aaf7f63eef
Merge https://github.com/lfcrypto/wolfssl into ludovic
2015-07-24 12:14:28 -07:00
9c2a85d9f6
fix compilation for 32 bits OS
2015-07-24 11:17:06 +02:00
78a936a4fd
remove debug info
...
fix potential memory leaks
comments the size used
2015-07-24 10:58:17 +02:00
8d7d803e58
add wc_DerToPemEx to restore compatibility API with wc_DerToPem
2015-07-24 07:50:29 +02:00
bf4be3f02b
comment updates only for crl-revoked.test
2015-07-23 21:54:52 -06:00
ddb638d020
Merge branch 'crl-revoked'
2015-07-23 16:40:30 -07:00
9f7209b484
add new certs to include.am
2015-07-23 16:37:37 -07:00
1a0a9de9c6
changes post review
...
crl-revoked dash compliant. revoked-cert has unique fields
new print statements
2015-07-23 17:05:25 -06:00
03a50c128a
update WIN IDE readme
2015-07-23 15:27:46 -07:00
0054fe4a25
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-07-23 14:37:58 +02:00
8951d72f03
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
...
Fix DSA key generation
2015-07-23 13:24:20 +02:00
1bb76a54c9
Merge branch 'master' of https://github.com/kaleb-himes/wolfssl
2015-07-22 15:14:00 -06:00
f9def1431f
Adding support for crl testing via make check.
...
includes modifying crl.pem/revoked
Adding a revoked server cert/key pair.
Adding a script to test with a revoked cert (scripts/crl.test)
2015-07-22 15:08:29 -06:00
5fe7a1b89a
have fastmath use negative error codes for consistent <0 error detection
2015-07-22 13:32:56 -07:00
4cdece20fb
change SetCurve return type to int, as used
2015-07-22 11:52:42 -07:00
e1a2458bb4
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-07-22 11:25:47 -07:00
c169a113ae
for Windows build, clean up warnings and a couple variable declarations
2015-07-22 11:20:45 -07:00
3732d31955
Fixed file cleanup in gencrls, finished support for crl.test update crls sign revoked cert
2015-07-22 10:37:24 -06:00
f73c6a5ea9
new crl test using server and client instead
2015-07-22 10:05:39 -06:00
d2de4719eb
added way to gen revoked without running renewcerts
2015-07-22 09:31:23 -06:00
349edd40c2
Add support for OpenSSH ssh-keygen tools
...
refactor existing code
2015-07-22 14:18:07 +02:00
27202912e8
Adjusted gencrls and renewcerts to add a revoked server cert
2015-07-21 17:17:41 -06:00
e7dd5c4b8f
add setting client cipher list
2015-07-21 16:55:42 -06:00
4743dfe813
add a uniquely, always revoked server-cert for testing
2015-07-21 15:35:24 -06:00
37211d4636
crl script initialize
2015-07-21 13:56:47 -06:00
8499f816c6
fix potential resource leaks
2015-07-21 11:10:28 -07:00
4916ae72bc
custom release notes
2015-07-20 16:47:03 -07:00
922df2cfb3
allow bigger rsa key gen w/o sanity check error on invmod()
2015-07-20 16:08:55 -07:00
c50f6ba693
Merge pull request #105 from NickolasLapp/master
...
Changes to remove last warnings from Stunnel
2015-07-20 14:04:59 -07:00
03172818a1
Changes to remove last warnings from Stunnel
2015-07-20 14:37:57 -06:00
a0b907f0b3
Merge pull request #104 from NickolasLapp/master
...
Fix stunnel warning
2015-07-20 08:13:08 -07:00
a4c7b8eb07
version number to use with Lighttpd compatibility
2015-07-17 18:19:36 -06:00
6d619ade13
Fix stunnel warning
2015-07-17 17:28:17 -06:00
51f177fdb7
bump dev version
2015-07-17 15:41:51 -07:00
2d021489b3
fix SetMinDhKey_Sz() implementation defines
2015-07-17 15:37:15 -07:00
262f5f87cb
remove auto timing resistant with stunnel
2015-07-17 14:52:03 -07:00
be54b40d94
Merge pull request #102 from NickolasLapp/master
...
Configure options to allow stunnel to use fastmath
2015-07-17 14:50:19 -07:00
cb3873ea03
Configure options to allow stunnel to use fastmath
2015-07-17 15:05:04 -06:00
7d44ed3989
Merge pull request #97 from jschanck-si/libntruencrypt
...
Use updated drbg ntru functions from stable libntruencrypt api
2015-07-17 14:18:27 -06:00
bae8c6fd50
add openssh ./configure build
2015-07-17 09:14:58 -07:00
d443c03dcc
Merge pull request #101 from kaleb-himes/fortress_requires_aes
...
fortress relies on aes disallowed pair
2015-07-17 08:48:37 -07:00
11f1159e30
fortress relies on aes disallowed pair
2015-07-17 09:30:25 -06:00
101aac5720
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-07-16 16:47:17 -07:00
9b81e41856
merge pull request 96
2015-07-16 16:46:37 -07:00
5409c171e4
In wolfSSL_BN_mod_word, typecast error code to a unsigned output like in emulated function.
2015-07-16 16:38:48 -07:00
a0a8a52f6c
Merge branch '98'
2015-07-16 14:55:55 -07:00
e61022b498
Merge https://github.com/lchristina26/wolfssl into 98
2015-07-16 14:52:57 -07:00
9c7fd0b15e
Merge pull request #99 from kaleb-himes/eccencrypt_without_aes
...
Ecc_encrypt + hkdf requires aes
2015-07-16 14:51:44 -07:00
e698c12530
ecc_encrypt + hkdf requires aes
2015-07-16 15:31:36 -06:00
85907397d3
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-07-16 15:15:55 -06:00
c6003c33bb
fix disable filesystem errors
2015-07-16 14:19:11 -06:00
53fb9188e7
Use ntru functions from stable libntruencrypt api
...
ntru_crypto_external_drbg_instantiate has been renamed
to ntru_crypto_drbg_external_instantiate in the 1.0.0
release of libntruencrypt. Made various other small changes
to build against libntruencrypt.
2015-07-16 15:43:50 -04:00
5a00e4b72b
use full ivSz with ecc encrypt
2015-07-16 10:18:08 -07:00
7f155d64d5
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-07-15 16:36:58 -07:00
84a5087bd7
resume script cleans up /tmp ready file
2015-07-15 16:35:23 -07:00
8cb1949203
fix some build warnings from VS
2015-07-15 16:27:50 -07:00
ffb73bc3d5
fix no newline in openssl/ecdsa.h
2015-07-15 16:25:49 -07:00
8eaac3de47
fix clang redef
2015-07-15 15:01:48 -07:00
c1dfa16f91
Merge pull request #95 from lchristina26/enable_mcapi_with_libz
...
New AES structure size increased, update mcapi context to encompass
2015-07-15 14:56:32 -07:00
bffecfbc2d
New AES structure size increased, update mcapi context to encompass
2015-07-15 15:33:49 -06:00
3ad3334bce
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-07-15 13:57:10 -07:00
1c5eb291e8
Merge branch 'nick'
2015-07-15 13:56:56 -07:00
0b3bc289ae
fix enable stunnel help alignment
2015-07-15 13:44:09 -07:00
763e9370bf
WOLFSSL_STUB log for debug message
2015-07-15 13:48:31 -06:00
db932acca5
Merge https://github.com/NickolasLapp/wolfssl into nick
2015-07-15 11:05:06 -07:00
55677aa5ae
fix BLAKE2b cyassl compat header includes
2015-07-15 11:56:14 -06:00
4b1e87f9d0
update the wolfSSL FIPS VS IDE project files and README
2015-07-14 21:17:20 -07:00
96cf16848c
Stunnel Base Commit
2015-07-14 14:56:26 -06:00
7fba0d25f9
variable declaration location for VS and avoid empty struct
2015-07-14 14:33:00 -06:00
67fd0ebbd4
wolfssl enter msgs on lighty stubs and create a new BN when given a null argument
2015-07-13 17:26:04 -06:00
bd81a3336f
Merge branch 'master' of ssh://github.com/wolfSSL/wolfssl
2015-07-13 11:34:04 -06:00
1750fe698e
Name change to LICENSING
2015-07-13 11:32:59 -06:00
df8b48cd0f
NTRU suites from earlier code
2015-07-11 12:52:22 -06:00
e6d8ab0d45
add enable lighty
2015-07-09 09:14:33 -06:00
ea7f955bd4
Merge branch 'lighty'
2015-07-08 17:35:41 -06:00
e41ebcf5d4
remove c++ comments, switch ASN1 string back to first spot
2015-07-08 17:33:15 -06:00
1383a0f1b5
Uptodate wolfssl works with lighttpd-1.4.x (one warning), working on making lighttpd-1.4.35 work.
2015-07-08 16:39:52 -06:00
d68eb12ee6
use macros in TLSX Write with QSH
2015-07-07 22:10:26 -06:00
dafb5a80e7
recommit invalid free w/o smallstack
2015-07-07 09:23:02 -07:00
14723b7e65
QSH (quantum-safe handshake) extension
2015-07-07 09:55:58 -06:00
01da9aacb0
Merge branch 'ludovic'
2015-07-06 17:13:01 -07:00
acdeb3d536
Merge https://github.com/lfcrypto/wolfssl into ludovic
2015-07-06 17:09:41 -07:00
304982a597
Big Endian System ChaCha20 counter, auto tests added for ChaCha20 counter
2015-07-06 15:29:53 -06:00
702dbcf570
align return code, coding style (tab-> space, line with 80 char), curve_idx validity
2015-07-05 20:10:43 +02:00
88fa36e3c0
fix enable dsa w/o opensslextra or keygen
2015-07-03 20:53:55 -07:00
1a853d277d
fix opensslextra w/o ecc ssh
2015-07-03 09:58:42 -07:00
9b0c1499c3
fix opensslextra w/ dsa additions
2015-07-03 09:53:48 -07:00
e2689a0656
fix opensslextra small stack invalid free
2015-07-03 09:50:16 -07:00
6355bb4daf
remove C++ comments
2015-07-02 13:52:37 -07:00
b183bdc009
fix ALT_ECC_SIZE in ssh mode
2015-07-02 13:48:58 -07:00
d2f34c11d3
Merge branch 'master' into ssh
2015-07-01 16:37:33 -07:00
ca01cebd28
adds SNI abort option to turn SNI mandatory for WebSocket (RFC6455 page 17).
...
@see WOLFSSL_SNI_ABORT_ON_ABSENCE and the xxxSNI_SetOptions() functions for further details.
2015-07-01 19:21:18 -03:00
e121d01206
TLSX and SNI code maintenance:
...
* improves docs;
* fixes indentation;
* Extracts TLSX_New() from TLSX_Push();
* Replaces TLSX_SNI_Append() with TLSX_SNI_New();
* Adds missing STK_VALIDATE_REQUEST() in TLSX_WriteRequest();
* Moves TLSX_SetResponse() to the right position inside TLSX_SNI_Parse().
2015-07-01 19:11:13 -03:00
74245dcc1c
bump dev version
2015-07-01 14:43:58 -07:00
9452d6cfb4
don't leak on bad verify decoding with extended API
2015-07-01 13:28:10 -07:00
e164173562
fix null deference potential on new API
2015-07-01 12:51:19 -07:00
1d663d3bff
merge conflict
2015-07-01 12:24:11 -07:00
afde172f28
added buffer version of CertManagerLoadCABuffer
2015-07-01 11:42:54 -07:00
d6047736e9
added GPL headers to the unit test driver files
2015-07-01 11:12:54 -07:00
91b3959063
fix uninitialized decoded cert in CertManagerVerify()
2015-06-26 11:56:21 -06:00
8b324b94e9
removed some unused code due to an always true comparison
2015-06-25 11:21:33 -06:00
61c50b26d0
makes wolfSSL_SNI_GetFromBuffer() return SNI_UNSUPPORTED instead of BUFFER_ERROR for SSL v2.0 client hello buffers.
2015-06-25 12:48:11 -03:00
7fcbee54e4
Merge pull request #81 from tisb-vikram/master
...
add IAR compiler option to ignore EWOULDBLOCK/EAGAIN warning for TI-RTOS
2015-06-24 21:51:46 -07:00
0525575fbf
add IAR compiler option to ignore EWOULDBLOCK/EAGAIN warning for TI-RTOS
2015-06-24 17:41:02 -07:00
36748fb62b
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-06-24 11:21:38 -06:00
5ba35b1f64
force HAVE_HASHDRBG enabled in settings.h unless WOLFSSL_FORCE_RC4_DRBG flag set
2015-06-24 11:16:18 -06:00
39015f51ab
Merge pull request #80 from kojo1/TI_temp
...
Resolving type mismatches in TI-hash/crypt
2015-06-24 07:34:18 -07:00
309aadd3f3
TI-des3.c, type mismatch
2015-06-24 14:12:40 +09:00
1feac72b62
check InitMutex
2015-06-24 11:47:58 +09:00
a910daa886
fixed arm-none-eabi-gcc type check on AESIVSet, AESKey1Set
2015-06-24 11:06:38 +09:00
c6e2591711
Remove wornings
2015-06-23 17:39:15 +09:00
d334b05596
Merge pull request #79 from kojo1/TI_crypt
...
missed CCM Init in wc_xxxHash
2015-06-22 17:29:22 -07:00
57128a82ab
update README.md for v3.6.0
2015-06-22 15:35:21 -06:00
4b5cc6ebb3
add hash.c to the iOS project files
2015-06-22 13:21:35 -06:00
9889dfb2fb
README edits
2015-06-22 11:31:02 -06:00
075370a39c
update automake includes to limit which files are added from the IDE sub-directories
2015-06-20 14:57:31 -07:00
b54dc09971
updated fips-check to cover all builds
2015-06-19 22:21:27 -07:00
45a3838433
missed wolfSSL_TI_CCMInit in wc_xxxHash
2015-06-20 10:59:08 +09:00
48a42e1a75
prepare release
2015-06-18 16:58:59 -07:00
eee50cf42e
update rpm version
2015-06-18 11:21:13 -07:00
fe39cd34b9
bump version
2015-06-18 11:18:51 -07:00
86403a270a
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-06-18 11:13:29 -07:00
6cad1949b4
if NO_SHA don't run external script tests
2015-06-18 11:12:35 -07:00
34ed64c5ce
Merge branch 'leah'
2015-06-18 11:04:44 -07:00
52072ab5e4
Merge https://github.com/lchristina26/wolfssl into leah
2015-06-18 11:00:34 -07:00
f47398fff9
Merge branch 'tisb'
2015-06-18 10:50:13 -07:00
63e2b29a08
update ti-rtos package for pull request file renames
2015-06-18 10:49:08 -07:00
183b54a10d
Merge https://github.com/tisb-vikram/wolfssl into tisb
2015-06-18 10:39:02 -07:00
d49a35597f
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-06-18 10:16:06 -07:00
ba63bc0d3e
Merge branch 'kojo-ti'
2015-06-18 10:15:53 -07:00
fa9d6428fc
add hash.c to vcprojs
2015-06-18 10:14:55 -07:00
9e7cb81d5a
Merge branch 'TI_hash' of https://github.com/kojo1/wolfssl into kojo-ti
2015-06-18 09:05:13 -07:00
ae749f727d
IAR_ARM block in settings.h
2015-06-18 14:27:52 +09:00
7ef85d1894
Add RestorePos
2015-06-18 14:27:15 +09:00
4e546d92d9
BuildMD5/SHA for GetHash, RestorePos
2015-06-18 14:25:48 +09:00
e61592b9d8
Added ECC test certificate for having keyUsage without digitalSignature.
2015-06-17 13:46:09 -07:00
7d9a1ccf42
allow storage of out of order zero length DTLS handshake messages
2015-06-17 12:37:10 -07:00
11f0ae47af
fix redeclaration of RsaKeyToDer() with FIPS
2015-06-17 09:51:38 -06:00
19cad21a46
fix bug when defragmenting out of order DTLS handshake messages
2015-06-16 21:49:01 -07:00
55de33f493
Merge branch 'TI_hash' of https://github.com/kojo1/wolfssl into kojo-ti
2015-06-16 11:38:04 -07:00
67dc53f84e
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-06-16 11:30:14 -07:00
a62589f3fc
add wc_ecc_check_key(), import validate option too
2015-06-16 11:29:27 -07:00
8fa258c657
fix scan-build warning
2015-06-15 17:52:30 -07:00
86a9b1734a
TI hash option control in hash.c
2015-06-16 09:30:56 +09:00
f2d9eb2994
1. Disable randomized base address on FIPS test project.
...
2. Fixed setting for disabling whole program optimization on file fips.c
in the windows project file.
2015-06-15 15:47:40 -07:00
f358aab845
update TI-RTOS build scripts to add hardware accelerator lib build
2015-06-15 14:58:53 -07:00
c40dc11ce3
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-06-15 09:46:13 -07:00
c98fde3d43
updated wolfssl fips project files so test harness will run. added a readme
2015-06-15 09:46:07 -07:00
5976296a77
removed a comment from random.c
2015-06-15 07:37:05 -07:00
a634d0e345
including hash.h in hash.c
2015-06-15 12:28:05 +09:00
d976256816
TI-RTOS adjustment in test.h
2015-06-15 10:13:14 +09:00
c2818ed87c
DIGEST_SIZE fixed in Sha256GetHash
2015-06-15 09:59:34 +09:00
89d39a6073
GetHash in SendBuffered, BuildTlsFinished. HashFinal in FreeHandshakeResources.
2015-06-15 09:46:16 +09:00
203786dc25
add ecc keygen validate option
2015-06-12 13:11:07 -07:00
6d9fece9f4
bump dev version
2015-06-12 09:39:03 -07:00
89d9accc4d
switch user ticket encrypt ctx to WOLFSSL_CTX
2015-06-10 18:13:13 -07:00
47af6459d8
add user context to session ticket encrypt callback
2015-06-10 16:32:43 -07:00
53bf8ed7cb
fix scan-build warnings
2015-06-10 15:24:24 -07:00
ce583552ce
fix resumte.test script warning
2015-06-10 14:22:35 -07:00
f76af05abf
change autoconf scripts to /bin/sh, no -i on ping for portability
2015-06-10 14:11:36 -07:00
44db140076
move client-test.sh to scripts/google.test
2015-06-09 08:51:55 -07:00
8afa6fe08f
Merge pull request #74 from NickolasLapp/master
...
Fixing bug in wc_ecc_sig_size not handling error code
2015-06-09 08:42:22 -07:00
0426adaa1b
document current scripts
2015-06-09 08:37:55 -07:00
d9ccc51f58
Fix TI driver API to ROM_xxx
2015-06-09 07:02:21 +09:00
13b0d632b2
add WOLFSSL_VXWORKS setting
2015-06-08 14:44:02 -07:00
9f8862888e
Fixing bug in wc_ecc_sig_size not handling error code
2015-06-08 14:40:15 -06:00
067f11ff34
Added a known answer test inside the HashDRBG that is called when
...
creating a new instance of a DRBG, at reseed time.
Added a check that the freed DRBG's state actually gets cleared.
2015-06-05 14:46:48 -07:00
e461bc72b8
curve25519 and ed25519 low memory
2015-06-05 15:39:37 -06:00
96a298018d
simplify padcheck compare
2015-06-05 09:42:10 -07:00
7433dcb95c
Adding hash.c
2015-06-05 13:26:32 +09:00
7584af3d36
Adding hash.c
2015-06-05 13:23:54 +09:00
670c325f29
Merge pull request #72 from wolfSSL/smallstack
...
dummy buffer replacement in timing resistant functions.
2015-06-04 11:38:50 -07:00
defd1f9f94
add configure option for wolfSSL JNI, --enable-jni
2015-06-02 21:58:23 -06:00
13185574d2
Merge branch 'EWARM' into TI_hash
2015-06-01 20:07:16 +09:00
fe3253e618
IAR/EWARM wolfSSL name change
2015-06-01 20:02:20 +09:00
644f7a4cdb
ti-hash.c included in wc_port.c
2015-06-01 14:32:36 +09:00
3d41595ed4
internal.c: refactoring TimingPadVerify to reduce stack usage:
...
--- variable dummy replaced with ssl object (~250 bytes saved)
internal.c: refactoring VerifyMac to reduce stack usage:
--- variable dummy replaced with ssl object (~250 bytes saved)
2015-05-30 10:44:14 -03:00
ed65565390
integer.c: refactoring mp_exptmod_fast to reduce stack usage:
...
--- variable M moved to the heap (512 bytes saved)
2015-05-28 18:29:17 -03:00
a7a00a4bd5
remove trailing spaces.
2015-05-28 18:29:17 -03:00
77fe4f3a2e
Fixes #71 . Disable SHA works with TLS, PWDBASED, testing.
2015-05-28 10:25:41 -07:00
e4580c3461
adding hash.h to include.am
2015-05-28 20:50:22 +09:00
d67168d539
aes.c cleaned. ti-has.c, ti-aes.c, ti-des3.c are included in each respective algorithm source file.
2015-05-28 20:40:53 +09:00
902799ef75
adding ti hash/crypt to include.am
2015-05-27 19:34:11 +09:00
559404137e
moving xxxGetHash to hash.c
2015-05-27 18:37:19 +09:00
b4a6ed1d7f
Merge pull request #68 from tass-belgium/master
...
Improved support for PicoTCP on embedded devices
2015-05-26 13:47:45 -06:00
67a93a5999
fixes trailing white spaces.
...
adds port mapping in Vagrantfile.
2015-05-22 20:09:01 -03:00
aaa1fe813a
Added aes.c/des3.c
2015-05-22 09:55:49 +09:00
8fbcd7d74b
added upper bound check on DH min bit size for configure forced default
2015-05-21 10:30:54 -07:00
64602d1969
added check for allowed minimum DH key size
2015-05-21 10:11:21 -07:00
5bcce85de4
md5.h cleaned
2015-05-21 18:34:51 +09:00
ce8b4e0cdc
Added ti-hash.c
2015-05-21 18:26:35 +09:00
d24c7f070c
files cleaned
2015-05-21 18:12:43 +09:00
527013ec1e
corrected NL code
2015-05-21 14:16:09 +09:00
b5654092ec
Added Md5GetHash for BuildCertHashes
2015-05-21 13:42:02 +09:00
1a315fd89e
Initial TI crypt/hash
2015-05-21 13:31:02 +09:00
50a80bbcd2
update Windows FIPS preprocessor flags in project file
2015-05-19 14:37:03 -07:00
9a10210a2a
replaced always-true comparison in PrintSessionStats with preprocessor checks
2015-05-19 09:52:30 -07:00
bbec7011d4
add session ticket hint interval setter
2015-05-18 13:15:13 -07:00
8b52330877
add key name compare for session ticket callback example
2015-05-18 09:48:15 -07:00
e730aa571c
add sanity checks to user session ticket encrypt callback
2015-05-18 09:29:25 -07:00
8ff17b66f3
add session tickets to echoserver example too
2015-05-18 09:13:34 -07:00
ebf73fab5d
Merge branch 'tickets'
2015-05-15 16:13:09 -07:00
cedd41432c
fix windows session ticket warnings
2015-05-15 16:10:38 -07:00
74cc2274fa
add tiket key cleanup to help valgrind
2015-05-15 15:30:29 -07:00
2212381925
add session ticket key returns for reject and use but create
2015-05-15 14:58:16 -07:00
f6d12bfc37
initial server side session ticket support
2015-05-15 12:51:44 -07:00
660e0b868b
added check for window's api's min macro
2015-05-14 11:40:23 -07:00
dcd6602293
misc.c can now only be included once
2015-05-13 15:10:05 -07:00
5e083eafb4
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-05-13 14:55:16 -07:00
4e482a348e
wrapped the min() inline functions with better preprocessor checks
2015-05-13 14:53:11 -07:00
48034b56c5
update the VS solution and project files for FIPS build
2015-05-13 13:10:03 -07:00
b6e540b005
new VS solution and project files for FIPS build
2015-05-12 16:36:38 -07:00
69b4b37e86
modify ossl-extra HMAC testcase to use longer password
2015-05-12 16:16:44 -07:00
0b1ea204b7
cleaned up Windows build warnings
2015-05-12 11:59:07 -07:00
513b43baae
update CUSTOM_RAND_GENERATE to not include dev random files
2015-05-11 12:03:53 -07:00
dde4b29462
add handshake done callback with ability to end connection
2015-05-09 11:04:47 -07:00
d2c53c3229
reduce wolfcrypt test stack use, curve25519
2015-05-07 15:25:20 -07:00
d4982bb988
add dsa verify input check, not used at TLS or default
2015-05-07 15:10:33 -07:00
8f8fb3834a
reduce benchmark stack use, reduce max variable sizes
2015-05-07 14:24:58 -07:00
4fe04c6bed
detect build cases where external script test case doesn't make sense
2015-05-07 12:50:27 -07:00
914a27ad9f
Merge branch 'kaleb'
2015-05-07 12:33:44 -07:00
357ab1df14
Merge https://github.com/kaleb-himes/wolfssl into kaleb
2015-05-07 12:19:34 -07:00
c52b7160e9
fix ipv6 external test case
2015-05-07 12:15:58 -07:00
173b1147b5
updated certs
2015-05-07 12:21:50 -06:00
7a90f60a9c
add rsafunction mp_exptmod_e debug message
2015-05-07 10:33:23 -07:00
08b6e66ea8
add external site script test to make check
2015-05-07 10:02:43 -07:00
fc24885f17
updated subject matter for server-ecc.pem
2015-05-06 11:57:32 -06:00
20851c62f9
modify Encrypt and Decrypt switch statements for single return
2015-05-05 14:45:43 -07:00
1571ced095
update python example to TLSv1.2 against example server
2015-05-03 10:19:02 -07:00
6db33051d3
better detection of invalid ecc keys
2015-05-01 14:44:43 -07:00
46eca67336
make certs_test buffers static in case multiple files need
2015-04-30 17:14:04 -07:00
114fc18c33
add alignment to benchmark key/iv
2015-04-30 17:10:33 -07:00
1771fea17d
fix ecc_make_key cleanup on rng failure
2015-04-30 16:50:02 -07:00
162214924f
simplify build verify hashes to one spot
2015-04-30 09:22:25 -07:00
ada5ff876a
allow example client to do resume with scr
2015-04-29 17:06:57 -07:00
c04de5ba82
add resume to example client benchmarking
2015-04-28 18:04:11 -07:00
47ba1368c2
add wolfssl website ca, go daddy class2 CA
2015-04-28 14:15:31 -07:00
d927aa4334
add resume test to example server and script test
2015-04-28 12:21:54 -07:00
96bb6e8cd7
Improved support for PicoTCP on embedded devices
2015-04-23 12:35:05 +02:00
1e9647023c
add snifftest script check to make check
2015-04-18 08:35:47 -07:00
99a9d221bc
in sniffer, free handshake resources in the right order
2015-04-17 13:42:08 -07:00
7536cec0d6
fix github issue #65 , ignore sys options
2015-04-17 09:23:43 -07:00
281decae46
fix github issue #65 , don't undef with arg to options.h
2015-04-16 10:36:51 -07:00
05b8e1274d
add WOLFSSL_SESSION_STATS and optionally WOLFSSL_PEAK_SESSIONS which will slow down servers under load
2015-04-15 13:17:33 -07:00
3a6f08b04a
update old CYASSL comment
2015-04-14 13:48:57 -06:00
1f8701540d
change SESSION_STATS to PRINT_SESSION_STATS, will add WOLFSSL_SESSION_STATS
2015-04-14 12:35:24 -07:00
ceeb3d007e
fix github issue #65 , don't output (N)DEBUG to options.h
2015-04-13 12:01:21 -07:00
7e9a5fb8ee
remove poly/chacha from fips build
2015-04-12 11:01:16 -07:00
7d213011c1
fix fips make dist for misc.c
2015-04-11 08:47:13 -07:00
ecfcc533c8
add library version getters
2015-04-10 10:38:31 -07:00
d40fbd58f4
fix pkcs7 warning
2015-04-10 10:37:25 -07:00
c1adae2fe4
moved FOURK_BUF constant to top of file
2015-04-10 08:06:59 -07:00
edd6b91b56
on send dhe server_key_exchange only do hash(es) required
2015-04-09 09:58:16 -07:00
86f2b9a98f
turn off DTLSv1 functions for disable old tls
2015-04-08 13:29:25 -07:00
0722e79627
Merge branch 'kojo-intel'
2015-04-08 11:38:27 -07:00
b9767fdac6
Merge branch 'IntelAsm' of https://github.com/kojo1/wolfssl into kojo-intel
2015-04-08 11:23:48 -07:00
b59d922d51
on send echde server_key_exchange only do hash(es) required
2015-04-08 11:22:22 -07:00
9ae434a87b
Merge branch 'Staging' of https://github.com/kojo1/wolfssl into Staging
2015-04-08 14:00:07 +09:00
97f3336fae
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Staging
2015-04-08 13:56:23 +09:00
3ff5e54025
rollback files
2015-04-08 13:46:27 +09:00
079c9908a3
Merged with 3.4.8
2015-04-08 11:09:57 +09:00
6728a18d7c
cpuflag ADX for Intel MULX in asm.c, BMI2 in sha256/512.c
2015-04-08 10:14:45 +09:00
af0204a069
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-04-07 16:02:25 -07:00
ea585e9b19
Updated iOS readme. Turned off unused wolfCrypt options in iOS FIPS build.
2015-04-07 16:00:12 -07:00
2c73fa20a5
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-04-07 14:58:25 -07:00
cf95bc23bb
on process server_key_exchange only do hash(es) required
2015-04-07 14:57:40 -07:00
875ad2dc8e
forced iphone os deployment version to 8.1 in FIPS project
2015-04-07 13:41:29 -07:00
b115e4d898
Merge branch 'IntelAsm' of https://github.com/kojo1/wolfssl into kojo-intel
2015-04-07 09:49:17 -07:00
015b68e6fb
cpuflag BMI2 for Intel MULX
2015-04-07 10:21:26 +09:00
e17d452f9b
Updated Xcode projects for missing headers
2015-04-06 16:12:50 -07:00
aef879dc20
Updated iOS FIPS project, bump version
2015-04-06 15:06:56 -07:00
98231f4504
Merge branch 'IntelAsm' of https://github.com/kojo1/wolfssl into kojo-intel
2015-04-06 11:43:12 -07:00
0519085c69
add SOCKET_PEER_CLOSED_E vs general SOCKET_E for case where peer closes underlying transport w/o close notify
2015-04-06 11:40:51 -07:00
4e6f619302
Merge pull request #46 from jay/add-dll-config-to-vcxproj
...
build: Add DLL configurations to wolfssl64.sln and all vcxproj files
2015-04-06 09:05:06 -06:00
d8a6d9cffc
runtime cpuflag for Intel MULX, cleaned in tfm.c
2015-04-06 10:34:07 +09:00
3a372aebe3
Merge commit 'd67a031132b87fc01f0808f161eda0e3101dbba7' into IntelAsm
2015-04-06 10:22:33 +09:00
ebedd64c5f
Merge commit 'b9aa7621e716267f310aec0010c5240270b75cce' into IntelAsm
2015-04-06 10:21:54 +09:00
d67a031132
fix scr gcm mode
2015-04-05 09:13:11 -07:00
a7d004e47d
add sha512 sig_algo processing for server_key_exchange and cert_verify messages
2015-04-04 09:49:34 -07:00
44a3011328
fix STREAM_ALIGN consistency
2015-04-03 13:25:51 -07:00
e39abffc5e
add GNU ld bug error and solution
2015-04-03 12:11:29 -07:00
10f853ae4d
adjustment to chacha for big endian
2015-04-03 12:19:40 -06:00
523775fcd6
updated the iOS readme
2015-04-03 09:54:15 -07:00
b1316796f9
allow CTX set tmp dh w/o asn and certs too
2015-04-02 11:54:16 -07:00
7552764fbb
turn off chacha on big endian
2015-04-02 11:34:17 -07:00
9437a3a303
fix tirtos distcheck
2015-04-02 11:26:55 -07:00
d2c816f322
fix github issue #63 , intelasm checkin broke MMCAU sha256
2015-04-02 10:52:58 -07:00
ee4b063b42
remove double define
2015-04-02 10:01:09 -07:00
a54c916c8f
fix chacha on bigendian, touchups
2015-04-02 09:40:22 -07:00
e1beca3e60
fix with ecc w/o dh functions
2015-04-02 08:14:48 -07:00
b9aa7621e7
Intel MULX run time check in tfm.c
2015-04-02 15:42:38 +09:00
09310a853d
Merge branch 'ti'
2015-04-01 20:09:38 -07:00
2fbab2f8d6
Merge https://github.com/tisb-vikram/wolfssl into ti
2015-04-01 20:06:20 -07:00
327a5c6dc2
added compile time check for Max Strength that all the requirements aren't disabled
2015-04-01 19:38:03 -07:00
4a5912c754
fix tirtos build for wolfssl name change
2015-04-01 16:52:11 -07:00
ad29c262d4
use Seconds APIs instead of MYTIME APIs for TI-RTOS
2015-04-01 16:51:54 -07:00
50e829ea79
when keeping peer cert, alt names were getting lost for the peer name check
2015-04-01 15:36:55 -07:00
afbd517838
fix issue with --enable-maxstrength --disable-ecc losing AES-GCM
2015-04-01 14:32:17 -07:00
2b5de9bd15
move MAX_STRENGTH and IPHONE in settings.h per pattern
2015-04-01 14:14:56 -07:00
b5a1cd186f
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-04-01 13:39:30 -07:00
3039d16e09
1. HAVE_AEAD and HAVE_PFS should be set in internal.h, not CFLAGS
...
2. Added WOLFSSL_MAX_STRENGTH as option in settings.h for non-autoconf
3. When selecting max-strength cipher suites, ECDHE is only dependent on
ECC, not DH
2015-04-01 13:35:13 -07:00
8dd1afb49c
have ./configure error out on maxstrength + sniffer
2015-04-01 12:30:46 -07:00
869aeee6cb
allow sniffer play nice in ecc build
2015-04-01 12:14:48 -07:00
11f65346bc
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-04-01 12:04:29 -07:00
cc804b110f
allow example client to talk with echoserver in ecc mode w/o switch
2015-04-01 12:03:27 -07:00
5ecbe14d2c
Added --enable-maxstrength configure build to only
...
allow TLSv1.2, PFS, and AEAD ciphers.
2015-04-01 11:55:49 -07:00
34700642fa
Merge pull request #47 from jay/ignore-vs-files
...
Ignore Visual Studio Intellisense files
2015-04-01 10:52:35 -06:00
5ed451a29d
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-04-01 09:39:10 -07:00
3abf1952c8
fix leanpsk default changes
2015-04-01 09:37:41 -07:00
1d4187e168
add local struct tm for XGMTIME with TIME_OVERRIDES, fixes issue #55
2015-04-01 10:02:02 -06:00
3aeedcf092
fixed --enable-debug issue on Intel MULX, asm.c
2015-04-01 16:19:29 +09:00
b8b13ad9e9
build: Revert using MSBuild property files to auto-detect platform toolset
...
Prior to this change I had added a .props file for each .vcxproj to
use MSBuild's $(DefaultPlatformToolset) as the the default for
$(PlatformToolset). Typically that configuration allows for the
appropriate toolset to be used no matter which version of VS2010+
the wolfssl64.sln and project files are opened in. Problem is when an
MSBuild was used from the command line to build the solution it got the
$(DefaultPlatformToolset) from a property file based on the solution
header (currently "Format Version 12.00" which maps to Visual Studio
2012) instead. Another side effect was it set the VisualStudioVersion
to 11.0 (n - 1; n in this case 12.0) which was incorrect.
To remedy the above this change reverts back to the old PlatformToolset
method where the v110 toolset (Visual Studio 2012) is specified in every
configuration in every vcxproj. The user will have to specify explicitly
a different toolset to override it (either via command line or the GUI)
if they are not using VS2012.
VS2010 example:
msbuild -p:Configuration="Debug" wolfssl64.sln -p:PlatformToolset=v100
2015-04-01 02:05:15 -04:00
748c5ac128
update configure help strings for AESGCM and DH
2015-03-31 16:23:28 -07:00
d84ff83689
fix leanpsk w/ new defaults
2015-03-31 15:55:39 -07:00
a5f42cc9ca
fix opensslextra time shadow on some systems
2015-03-31 13:56:12 -07:00
5319eb8f38
fix github issue #56 , have tls layer use time_overrides for ticks if available and not using explicit user_ticks
2015-03-31 13:41:10 -07:00
24102eb95f
on x86_64 enable sha512, ecc, and increase max_bits by default
2015-03-31 13:28:49 -07:00
175fd5ce17
updated rpm/spec.in
2015-03-31 10:24:57 -07:00
00b335d71a
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-03-31 09:54:27 -07:00
0458e21211
1. In the sniffer, replace call to strnlen with strlen and
...
accounted for size differences (fixes issue #60 )
2. fixed overrun with long SNI names in hello messages
2015-03-31 09:51:55 -07:00
a24a22670c
fix configure help string for arc4, chacha, poly1305
2015-03-31 09:42:32 -06:00
1c19b67885
update lib version
2015-03-30 13:07:59 -07:00
8588bb8b10
fix README typo
2015-03-30 12:52:59 -07:00
e917df4c59
prepare 3.4.6 release
2015-03-30 12:28:12 -07:00
c47acc7f24
Merge branch 'kojo-intel'
2015-03-30 11:11:28 -07:00
5d4c4d36e5
Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-30 11:07:11 -07:00
6243c6244a
fixed ftm/Intel MULX -O0 option, register usage
2015-03-30 14:49:53 +09:00
69b4e982c8
fix tmp output files lingering around, remove() was called in bad spot
2015-03-29 19:32:48 -07:00
a895a606e7
sha256.c, eliminate platform dependent code.
2015-03-30 07:55:05 +09:00
3ca0bc0d66
fix windows warning
2015-03-29 14:31:09 -07:00
e73b76c8ca
fix warning for compilers that don't understand bitfield size
2015-03-29 14:18:52 -07:00
500ee73be4
fix opensslextra set_timeout assumes long > int
2015-03-29 12:00:04 -07:00
c90977c7a5
fix windows build
2015-03-29 11:51:05 -07:00
4332acbeaa
leanpsk doesn't need new gcm, poly, chacah defaults
2015-03-29 11:30:05 -07:00
b12a1bb2e3
switch pkcs12 encrypted key to 3des since arc4 now off by default
2015-03-29 11:10:21 -07:00
defc66f8db
update client encrypt key to 2048 bit version
2015-03-29 10:53:21 -07:00
72be4d91d0
Merge branch 'kojo-intel'
2015-03-29 10:34:28 -07:00
fc4e0dfd6d
Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-29 09:48:13 -07:00
57d766f1eb
fixed ftm/MULX crash with --enable-debug, missing register def in inline asm destroying registers
2015-03-29 19:50:32 +09:00
bd5fc1712f
fixed sha256/AVX1 crash with --enable-debug: missing register def in inline asm destroy register
...
rorx removed when non-AVX2 build . cleaned set_Transform
2015-03-29 19:39:03 +09:00
a83e85b91e
Intel mulx/adcx/adox
2015-03-29 10:20:30 +09:00
02ffb563d6
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-28 14:59:20 -07:00
9ba62a2c52
allow examples build if no-sha but psk is on
2015-03-28 14:58:17 -07:00
d090721730
fix cycles per byte format is cycles > 100
2015-03-28 14:38:29 -07:00
27faf15678
add intelasm ./configure option
2015-03-28 14:34:39 -07:00
905e5801f8
fix benchmark format, GB/s won't misalign output
2015-03-27 21:36:35 -07:00
1fc3aa100b
aes gcm/ccm require aes, duh
2015-03-27 21:30:27 -07:00
c9a0c9a797
fix some psk warnings
2015-03-27 19:20:31 -07:00
7f621f0637
Merge branch 'kojo-intel'
2015-03-27 15:42:55 -07:00
3b8009bfd4
Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-27 15:41:02 -07:00
32c9f00189
only alloc poly auth size if cipher suite needs it
2015-03-27 15:38:01 -07:00
e66aa9885f
fix linux warning
2015-03-27 15:20:28 -07:00
c92e4bd908
remove save file
2015-03-27 14:32:44 -07:00
495fbe087e
allow dh to be used w/o certs and asn
2015-03-27 14:28:05 -07:00
4b8583168b
add our strsep to msvc build
2015-03-27 12:14:14 -07:00
ff11df2c14
enable chacha - poly by default
2015-03-27 11:22:42 -07:00
af1fd4719a
enable gcm by default
2015-03-27 11:12:42 -07:00
c5f7c7ce57
enable dh by default
2015-03-27 10:23:15 -07:00
d655fb9d74
remove rc4 from default build
2015-03-27 10:17:22 -07:00
e4ac398d98
fix snifftest bad include on windows
2015-03-27 09:55:54 -07:00
ac4b6af823
make attrib align compiler neutral for sha256
2015-03-27 09:40:53 -07:00
ef6e08dc01
static to static const in sha256/512.c
2015-03-27 20:19:43 +09:00
9adbf41baa
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-26 14:28:16 -07:00
2935234484
Merge branch 'kojo-intel'
2015-03-26 14:27:12 -07:00
22afce8609
fixup intel avx request
2015-03-26 14:26:25 -07:00
d4a3e83582
fix OPENSSL_EXTRA + NO_MD5 build, fixes issue #26
2015-03-26 13:52:06 -06:00
0f4216360e
fix StoreExternalIV and SetInternalIV for 3DES
2015-03-26 11:09:36 -07:00
b5cac58845
fix pwdbased + NO_MD5 build
2015-03-26 11:50:15 -06:00
4bd5dfe04a
Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-26 10:28:53 -07:00
699aae25a0
remove extra comments
2015-03-25 18:09:06 -06:00
9ddf775afa
Intel RdSeed, no Rand with hash DRBG
2015-03-26 09:08:02 +09:00
b99b91ed99
:Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-25 13:08:26 -07:00
3c55971ffa
Removed Intel RD from Hash DRBG
2015-03-25 18:31:08 +09:00
994ffa96e0
sha256/512 removed static values for thread safe
2015-03-25 18:26:46 +09:00
4b5a34e378
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-24 11:57:37 -07:00
8f6d7a1ce7
rename ecc25519 to curve25519, less confusing with ed25519 now in play too
2015-03-24 11:56:40 -07:00
54b2f423bc
clear unused variable build warning for OCSP
2015-03-24 11:16:50 -07:00
28109b01f7
Intel rdrand/rdseed: fixed error check, separated rdrand and rdseed
2015-03-24 15:13:11 +09:00
fe303c97c6
refactor CRL/OCSP lookup for peer cert. add option to allow checking all certs in peer cert chain.
2015-03-23 17:35:56 -07:00
572214ebb4
cpuid_flags, thread safe in sha256.c/sha512.c
2015-03-24 06:24:09 +09:00
66a65f84bd
add a few ForceZeros to ecc fp
2015-03-23 11:44:33 -07:00
b841bc66c3
fix github issue #43 , ecc_point uses DYNAMIC_TYPE ECC instead of BIGINT
2015-03-23 11:23:31 -07:00
7e3c310ec9
random.c, runtime switch between Intel RD and software version
2015-03-23 19:40:35 +09:00
2a2bf81c15
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into IntelAVX
2015-03-23 18:43:01 +09:00
a5072d09ae
Ignore Visual Studio Intellisense files
2015-03-23 02:21:34 -04:00
6e14362940
build: Add DLL configurations to wolfssl64.sln and all vcxproj files
...
- Remove extern from declspec in WOLFSSL_API macro.
- Add a property file to *.vcxproj so that $(DefaultPlatformToolset) is
available.
- Remove the specified platform toolset (VS 2012) in *.vcxproj.
This change allows the projects to use $(DefaultPlatformToolset) so that
they will be built using the default platform toolset for whatever
version of Visual Studio 2010+ that loads them.
- Add DLL Release and DLL Debug configurations to *.vcxproj except for
sslSniffer.vcxproj.
The sniffer uses internal library components that aren't exposed in the
wolfSSL DLL so it can only be built by linking to CyaSSL's static lib.
- Change intermediate output directory of obj files to
<current-dir-setting>\obj\.
The purpose of this change is to separate the output files from the
intermediate files because sometimes they can end up in the same dir.
2015-03-23 02:12:01 -04:00
9f2454fc78
Added a noop function wc_FreeRng() for when not using the HashDRBG to keep
...
the calls to InitRng and FreeRng simple and balanced.
2015-03-20 14:19:35 -07:00
0afd09d900
fix OPENSSL_EXTRA + NO_AES build
2015-03-20 11:25:22 -06:00
6c963c8d8e
fix OPENSSL_EXTRA + NO_DES3 build
2015-03-20 10:59:54 -06:00
2e7d3a9121
cleanup ed benchmark
2015-03-19 13:00:20 -07:00
b54c29487d
Merge branch 'jacob-ed'
2015-03-19 12:52:15 -07:00
478a8bb059
adjust ./configure format, change ed sign/verify to msg from hash
2015-03-19 12:48:32 -07:00
d89d524570
initial ed25519 implementation
2015-03-19 11:40:41 -06:00
5577555ce3
adjust test.c CERT_GEN for Freescale MFS examples
2015-03-18 18:21:52 -06:00
605ca8eaf6
update Freescale CodeWarrior project files to wolfSSL
2015-03-18 18:18:09 -06:00
8e82806c01
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-18 15:48:22 -07:00
555eb66292
fix github issue #40 , export Base64_Decode, allow user to export Base64_Encode w/o other options
2015-03-18 15:47:19 -07:00
1d4cc928c6
fix Freescale MQX gmtime, cert generation
2015-03-18 16:15:56 -06:00
eb0d980779
Merge branch 'IntelAVX' of https://github.com/kojo1/wolfssl into kojo-intel
2015-03-18 14:39:54 -07:00
bb47dece1f
Merge branch 'kaleb-master'
2015-03-18 14:27:53 -07:00
8e4b24d6e4
note msvc is complaining compiler
2015-03-18 14:27:07 -07:00
64d83c39a0
Merge https://github.com/kaleb-himes/wolfssl into kaleb-master
2015-03-18 14:25:31 -07:00
f7c99cec3e
obey user ecc choices at TLS layer
2015-03-18 14:12:23 -07:00
f398b20bcc
have ecc SetCurve() and CheckCurve() obey user ecc choices
2015-03-18 13:52:21 -07:00
0316dd2ef6
fix github issue #35 , allow user to pick ecc curves with ECC_USER_CURVES and separate HAVE_ECCxxx defines
2015-03-18 13:36:07 -07:00
145123ff64
fix github issue #38 , +sha512 -sha384 +aes-gcm redefinition
2015-03-18 11:44:39 -07:00
fd772bb434
MSVS warning fixes for all solutions
2015-03-18 10:42:10 -06:00
913240f6e4
add comments to RSA funcs, fix 80 char line limits
2015-03-18 10:06:48 -06:00
6b0bfa1b2c
bump dev version
2015-03-17 14:59:01 -07:00
0b6c03ad06
snifftest.c needs socket.h included for AIX, john cyassl commit #a8803e1e16f23
2015-03-17 14:52:42 -07:00
eba98a9ec2
removed some AC_REQUIRE statements for macros, ksh, John cyassl commit #46d9037d26dc
2015-03-17 14:47:44 -07:00
e9cdfe84ce
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-17 14:26:43 -07:00
24ad168acf
put memset back before ecdsa sig decode for failure case
2015-03-17 14:25:57 -07:00
16f0b603c3
a comment line cleaned
2015-03-17 21:56:12 +09:00
7d6f169e29
random.c for Intel rdseed/rdrand
2015-03-17 21:48:59 +09:00
77145a1f3e
eliminate unsed macro in sha256.c
2015-03-17 21:46:57 +09:00
78375db73b
sha256/384/512 for Intel AVX1/2
2015-03-17 21:19:31 +09:00
33e767a1b4
sniffer should fail a session missing a RSA key
2015-03-16 18:13:51 -07:00
db51c88e25
added cert status trace message to win resource file
2015-03-16 11:30:43 -07:00
4d62389389
added Certificate Status handshake message to sniffer
2015-03-16 11:19:16 -07:00
023f44bacf
fix github issue #31 , allow time overrides for all time uses
2015-03-13 12:44:25 -07:00
4c2bf4ea34
add SetMinVersion at context level
2015-03-13 12:20:39 -07:00
84edbd1ff2
cleanup some configure help text
2015-03-12 12:25:39 -07:00
dbe6ecedf8
fix enable-sniffer option in configure.ac
2015-03-12 12:07:48 -07:00
3daa8369c7
allow XTOUPPER to work with macros that don't like signed types
2015-03-11 17:52:11 -07:00
b02622d1d0
optimize hashDRBG internal state
2015-03-10 18:16:44 -07:00
ab874d70db
make suites at context level on demand only
2015-03-10 16:09:16 -07:00
7e2931e5fa
make sure DHE / client certs freed during handshake free
2015-03-09 22:13:34 -07:00
edfe8b8a87
fix sha256.h copyright
2015-03-09 12:06:51 -07:00
2c00e2c7a4
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-03-09 11:59:11 -07:00
64705acf94
optimize cert_manager layout
2015-03-09 10:08:04 -07:00
e9db5cca74
fix saveArrays check in free handshake resources
2015-03-09 09:54:29 -07:00
c201239d02
missed 2 now redundant inits on CTX
2015-03-09 09:39:50 -07:00
e6c369e026
use memset on Init SSL for 0,NULL defaults
2015-03-09 09:34:38 -07:00
8e6f8d8693
use memset for 0,NULL defaults on CTX init
2015-03-09 09:21:04 -07:00
8822d670b3
rename function parameter to remove global shadow possibility
2015-03-09 10:08:56 -06:00
7d4faf7c90
make handshake hashes dynamic part of ssl, can be freed after handshake
2015-03-09 09:05:06 -07:00
b7b655b8bf
fix example server memory tracker
2015-03-07 12:00:27 -08:00
44b6ca9597
use bitfield for basic options struct
2015-03-07 11:17:22 -08:00
8e7d8e8a55
optimize session layout
2015-03-07 10:53:08 -08:00
22899019b4
optimzie Buffers layout
2015-03-07 10:37:22 -08:00
742278a305
optimize basic SSL layout
2015-03-07 10:32:35 -08:00
f48298cbd5
move bio fds to openssl extra
2015-03-07 10:16:26 -08:00
31a2acd9c3
optimzie cipherSpecs layout
2015-03-07 10:08:34 -08:00
dc5faebb8d
optimize buffer layout
2015-03-07 10:05:36 -08:00
3d971bb885
optimzie bufferStatic layout
2015-03-07 10:04:15 -08:00
28d5d50000
optimize Arrays layout
2015-03-07 10:00:37 -08:00
4bf74da2f3
optimize Suites layout
2015-03-07 09:57:14 -08:00
ef0a918072
optimize hash-drbg layout, save 12 bytes on 64bit
2015-03-07 09:46:14 -08:00
da208e8629
fix github issue #28 , allow FREERTOS user in settings to turn on DH or SHA-512
2015-03-07 08:59:36 -08:00
7caf0499d6
bump version
2015-03-06 13:39:57 -08:00
7a87ce54ca
fix hash size mismatch on HashSession()
2015-03-06 11:33:06 -08:00
874fa8c1f9
fix freeing a failed RNG
2015-03-06 09:51:29 -08:00
d5975e39f8
fix github issue #27 , better help on fips not working w/o license
2015-03-06 09:15:33 -08:00
7ef362d4ba
format of curve25519 key
2015-03-05 15:38:07 -07:00
450ccea7ee
delay peer RSA key alloc/init until needed
2015-03-05 12:38:34 -08:00
818d5c4bf3
fix github issue #25 , delay ecc key allocs/init until needed
2015-03-05 12:15:10 -08:00
11e15188bf
fix github issue #24 , settings first before ifdef checks on 25519_fe files
2015-03-04 12:15:23 -08:00
18e710ce9a
make sure external X509 free uses internal free
2015-03-03 14:14:33 -08:00
9f37133e67
removed top-level iOS/iPhone projects in favor of the IDE/iOS projects
2015-03-02 12:02:29 -08:00
c14bd2dddd
Merge branch 'kojo-itron'
2015-02-28 11:30:39 -08:00
1caaeb8355
tiddy whitespace
2015-02-28 11:29:42 -08:00
6f08459264
uITRON and uT-Kernel, wc-prot.c
2015-02-28 11:24:16 +09:00
b7db43a189
make ConstantCompare available outside of internal.c
2015-02-26 17:31:47 -08:00
6cced22256
add INSTALL, basic build instructions and locations for more info
2015-02-26 13:48:57 -08:00
e25dc7b16c
update README.md
2015-02-26 13:27:54 -08:00
c7a72a2c00
Merge branch 'jacob-master'
2015-02-26 12:37:45 -08:00
681fc85bc8
Merge branch 'master' of https://github.com/JacobBarthelmeh/wolfssl into jacob-master
2015-02-26 12:36:42 -08:00
9913edd7a5
fix github issue #20 , allow user to use settings.h at app level as well for building wolfssl. verified types.h (which includes settings.h) or settings.h is included b4 definition checks at wolfssl and wolcrypt header levels
2015-02-26 12:29:15 -08:00
30cbadc38d
changes for MYSQL port
2015-02-26 10:40:32 -07:00
67e81f534a
mac compare in chacha-poly AEAD and remove unneeded null check
2015-02-26 08:04:15 -07:00
ac979d49ab
fix sni yassl tests
2015-02-25 20:34:50 -08:00
c04a6d2d0e
update README names
2015-02-25 20:29:34 -08:00
1395c88ec4
Merge pull request #14 from lchristina26/master
...
fix STM32 bug in benchmark.c
2015-02-25 13:39:49 -08:00
473a120ba2
remove more stale cyassl headers
2015-02-25 13:34:29 -08:00
dbaac4da12
remvoe stale cyassl headers from openssl layer
2015-02-25 12:34:54 -08:00
ef87043495
fix github issue #16 , stale cyassl header
2015-02-25 12:16:52 -08:00
2b9b3dd395
fix github issue #15 , stale cyassl headers
2015-02-25 12:14:11 -08:00
f04b042c73
fix STM32 bug in benchmark.c
2015-02-25 11:43:30 -07:00
795a32446b
fix github issue #13 , DRBG type-punning
2015-02-24 16:47:00 -08:00
787e73d818
Merge pull request #11 from kaleb-himes/master
...
ntru neo.lib -> NtruEncrypt_DLL.lib
2015-02-24 15:22:40 -08:00
6d691e1b9f
fix github issue #12 , cyassl_mutex leftovers
2015-02-24 15:03:24 -08:00
8ee361a0d4
fix scan-build warning
2015-02-24 12:46:53 -08:00
40d51f13ce
ntru neo.lib -> NtruEncrypt_DLL.lib
2015-02-24 13:44:15 -07:00
501d1cd934
Merge branch 'aburks-chapoly'
2015-02-24 12:35:08 -08:00
9d20e712bf
add autoconf support for chapoly-aead, wipe temp polykey, minor whitespace adjusts
2015-02-24 12:33:52 -08:00
0e5f879d0b
Added documentation and benchmarks.
2015-02-24 10:00:39 -08:00
8c3410d6c2
Added wolfcrypt API for the ChaCha20-Poly1305 AEAD.
2015-02-24 09:15:11 -08:00
14b6254e6e
Fixed dependency chain issue with integer.h since one of the function prototypes uses mp_int.
2015-02-23 15:40:39 -08:00
bbe4a3815f
release README update
2015-02-23 13:04:23 -08:00
9e2c02d47a
wolfcrypt examples build option for build tests
2015-02-23 12:23:16 -08:00
db8619cc76
compatibility layer psk updates
2015-02-23 09:45:22 -07:00
608da64ece
add ForceZero() to force memset(0)
2015-02-20 15:51:21 -08:00
732a0dd39a
removed redundant mp_init of r and s in ecc verify hash
2015-02-20 13:54:30 -08:00
c3f73018a0
fix scan-build warnings
2015-02-20 12:38:29 -08:00
2f20376704
Merge branch 'kojo-pic32'
2015-02-19 18:00:19 -08:00
43918fa0dc
Merge branch 'pic32mz' of https://github.com/kojo1/wolfssl into kojo-pic32
2015-02-19 17:58:21 -08:00
1af158ea23
Add configurations.xml under mplabx/mcaip
2015-02-20 10:54:53 +09:00
d11158431f
Merge branch 'jacob-master'
2015-02-19 16:08:58 -08:00
420668c1f9
tiddy up 25519
2015-02-19 16:07:13 -08:00
cc642fbaf6
tiddy up 25519
2015-02-19 16:06:24 -08:00
9a96da72eb
Change mplabx/mcapi path names in .gitignore
2015-02-20 08:04:42 +09:00
2746a69882
Add Makefile for mplabx, mcapi projects
2015-02-20 07:55:24 +09:00
f6bcb6cf17
Merge https://github.com/JacobBarthelmeh/wolfssl into jacob-master
2015-02-19 14:45:59 -08:00
d5b249754b
make sure poly1305 and chacha defined for chacha-poly aead mode
2015-02-19 14:33:21 -08:00
42b58bd05b
cleanup conditional header inclusion
2015-02-19 14:02:23 -07:00
4babd2cf2d
added in curve25519 crypto
2015-02-19 10:59:05 -07:00
6827e4b8f4
update Makefile.am for mplabx/pcapi
2015-02-19 22:07:10 +09:00
267063e0f9
adjusted mplabx/mcapi projects/include.am to wolfssl
2015-02-19 21:00:54 +09:00
b8f476192d
Eliminating unnecessary files under mplabx projects
2015-02-19 14:10:55 +09:00
255f7381a4
buffering hash message, pic32mz-hash.c
2015-02-19 14:08:33 +09:00
17ed9e147f
fix SLOW_WORD name change
2015-02-18 15:47:50 -08:00
2a068ff025
final powerPC support modification
2015-02-18 08:02:05 -07:00
de2115b140
shutdown shadows global in sys/socket.h line 576 renamed wc_shutdown
2015-02-18 08:00:25 -07:00
0b695f683f
pic32mz crypt engine, pic32mz-hash.c
2015-02-18 16:25:19 +09:00
963ba3fe41
sha512 rollback
2015-02-18 07:46:11 +09:00
1e3fa1fac3
adjusting pic32mz code to wolfssl
2015-02-18 07:38:41 +09:00
3a150da10f
final powerPC support modification
2015-02-17 14:26:01 -07:00
8d5bba7962
shutdown shadows global in sys/socket.h line 576 renamed wc_shutdown
2015-02-17 14:24:31 -07:00
317e7fdb08
Merge branch 'master' of ssh://github.com/wolfSSL/wolfssl
2015-02-17 14:20:53 -07:00
c516c42c9a
reduce footprint size removing compatibility layer where no longer needed
2015-02-17 14:20:10 -07:00
de7c9da363
Merge branch 'leah-master'
2015-02-16 14:24:28 -08:00
5f3b1d90b6
fix shutdown returns
2015-02-16 14:23:33 -08:00
518bdd3a65
Merge branch 'master' of https://github.com/lchristina26/wolfssl into leah-master
2015-02-16 13:43:36 -08:00
ff79e646e1
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-02-16 11:36:23 -08:00
16e468b05f
updated PBKDF2 test to use longer password
2015-02-16 11:33:06 -08:00
4dbb74b9ea
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-02-16 09:55:51 -08:00
0efdabb9a0
move pwdbased lower in config for openssl manual sets
2015-02-16 09:54:55 -08:00
b9e5b5f90c
add libevent installation on the vagrant box
2015-02-15 13:34:56 -03:00
0aa48498b9
1. Added new iOS IDE project
...
2. Added new iOS IDE project for FIPS
3. Added a readme for the iOS projects
4. Added error codes for FIPS local storage
2015-02-14 12:22:51 -08:00
a92d4c5719
fix server-keyPkcs8Enc.pem name change error, password, and add ecc pkcs8 encrypted file
2015-02-11 17:24:15 -08:00
297e1751b2
return line options.h being read literally by debian, fixed
2015-02-11 14:10:06 -07:00
4c7b076cea
updates to shutdown and mymktemp
2015-02-11 09:37:54 -07:00
b26b5f1b51
Merge pull request #1 from wolfSSL/master
...
update to current wolfssl version
2015-02-11 16:33:44 +00:00
1ef9d7852c
fixes from scan-build output in test.c
2015-02-06 08:42:37 -07:00
c8b9c84178
fix c++ build
2015-02-05 17:23:53 -08:00
d3b15e4d50
Merge branch 'master' of https://github.com/lchristina26/wolfssl into leah-master
2015-02-05 11:19:32 -08:00
c2ed94958c
Merge branch 'kaleb-himes-master'
2015-02-05 10:27:00 -08:00
d37abe4363
Merge branch 'master' of https://github.com/kaleb-himes/wolfssl into kaleb-himes-master
2015-02-05 10:22:48 -08:00
430f95e4f1
fix ecc compressed with alt size
2015-02-05 10:17:29 -08:00
c539393ca4
updated all certs
2015-02-04 23:34:04 -07:00
b7ba495924
all certs in renewcerts.sh -> 1000 days
2015-02-04 23:29:56 -07:00
ed80732957
add mymktemp function for random output file name in test.h
2015-02-04 11:52:37 -07:00
b98cf6826e
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-02-04 10:49:51 -07:00
4bc2743b55
changed port.c to wc_port.c in Xcode iOS project
2015-02-03 14:21:20 -08:00
9261aa1d6d
crls updated
2015-02-02 11:24:30 -07:00
c840c0ba3e
endif comment update
2015-02-02 09:19:00 -07:00
55d30ca277
new client-ecc-cert.pem/renewcerts updates/certs relavent name changes
2015-02-02 09:10:07 -07:00
7cff22c4b0
moved the buffers, key, and iv around in the file so lean-psk would still build
2015-01-30 10:43:31 -08:00
dcebbe4445
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-01-30 09:56:35 -08:00
f75329aa2e
1. Changed a memset to 0 of some mp_ints with mp_inits()
...
2. For alt-ecc, implemented the function fp_init_copy()
3. Added an fp_init() for the temp fp_int in fp_sub_d()
2015-01-30 09:03:44 -08:00
29be69b92b
change CYASSL_DEBUG to DEBUG_CYASSL for compatibility
2015-01-30 09:11:42 -07:00
db5a95b370
add option for bidirectional shutdown
2015-01-30 08:41:34 -07:00
fe26b86207
fixes for vagrant scripts due to name changing:
...
update name to wolfssl.
add question before sync.
2015-01-29 12:17:08 -03:00
0e4c008247
add pic32mz header to distribution
2015-01-28 15:30:41 -08:00
c5b495c44e
fix HASH-DRBG memory leak in benchmark
2015-01-28 12:29:53 -08:00
7ac337a21e
Merge branch 'master' of github.com:wolfssl/wolfssl
2015-01-28 10:33:12 -08:00
a26630eec0
remove unused ecc_timing variables
2015-01-28 10:32:12 -08:00
81b6c7ff7a
encrypt shadowing global in unistd.h fix
2015-01-28 11:18:13 -07:00
7dba293fbb
global declaration being shadowed in pwdbased.h
2015-01-28 10:38:10 -07:00
14eaa69eae
version git diff fix
2015-01-27 11:42:25 -07:00
d6d56c8532
fix missing function argument to get_intel_cycles()
2015-01-26 16:49:28 -08:00
a682d53f67
add cycles per byte to gcc + x86_64 benchmarks
2015-01-26 16:33:30 -08:00
466d8a970c
bump version
2015-01-26 14:02:57 -08:00
4c97531d6a
added comment about ALT_ECC_SIZE to ecc.h
2015-01-26 11:08:49 -08:00
6ba6ca7435
fix pointer issue with ECC cache
2015-01-26 09:20:22 -08:00
2bcd55226f
Merge branch 'ecc2'
2015-01-23 10:37:55 -08:00
2e6d118a50
allow different sized fast math for both RSA and ECC
...
add C_EXTRA_FLAGS "-DALT_ECC_SIZE" to enable, and set
size with "-DFP_MAX_BITS_ECC=512", default is 512
2015-01-23 10:26:41 -08:00
3393c3a4b4
CYASSL_DEBUG in compatibility layer
2015-01-23 11:06:01 -07:00
74790fa265
fix gcc 4.9 warning for idx on fpecc
2015-01-20 15:35:58 -08:00
402bbe0321
32 bit implicit cast
2015-01-20 13:44:35 -07:00
b0e88e32ff
Error printouts name changed
2015-01-20 12:36:20 -07:00
859c22f2c2
update to asn compatibility
2015-01-19 21:18:35 -07:00
75fa8af5f6
Merge branch 'master' of https://github.com/wolfSSL/wolfssl
2015-01-19 14:55:52 -03:00
9e667c15c7
fix tolower typecast on CYGWIN, gcc-arm-none-eabi (gnuarmeclipse toolchain) and possible future ports.
2015-01-19 14:53:54 -03:00
780d01afc6
tirtos compatibility
2015-01-19 09:07:13 -07:00
d591716060
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-01-19 08:46:13 -07:00
e735ba1357
formatting and lone API removed
2015-01-19 08:45:09 -07:00
3345293ad7
debugging the debugging function in benchmark
2015-01-14 17:01:44 -07:00
1bd80b20d6
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-01-14 10:03:20 -08:00
8fe965cf24
ntru wc_ fixes
2015-01-14 09:52:33 -07:00
3229a96bb3
pre-commit to use wolfssl/options
2015-01-13 16:22:21 -07:00
53d65de105
visual studio project paths updated
2015-01-13 15:30:57 -07:00
b9a70ce3ca
wc_ in src/ssl.c
2015-01-13 14:01:10 -07:00
b849d1ca8b
visual c name change
2015-01-13 13:42:49 -07:00
03345f1024
catch cyassl_sniffer macro
2015-01-13 13:40:53 -07:00
288d9a039d
legacy defines and updates
2015-01-13 13:27:01 -07:00
7f3184b0ed
header file includes for compatibility and macros added to cyassl/ssl.h
2015-01-12 14:45:21 -07:00
c4c32221a9
update download URL in the rpm/spec template to new location
2015-01-12 09:24:28 -08:00
f138faa565
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-01-09 16:03:07 -07:00
1ebaf41808
random.c updated, conflict with TIRTOS
2015-01-09 16:01:22 -07:00
e6a84243ee
chacha-poly aead test
2015-01-09 15:18:20 -07:00
6c9abe06f9
remove compatibility include
2015-01-09 14:28:26 -07:00
733cfde318
updated RPM build spec for wolfSSL
2015-01-09 11:49:44 -08:00
2be9d8f5c6
Merge branch 'master' of github.com:wolfSSL/wolfssl
2015-01-09 11:22:38 -08:00
e5734d5ef5
wolfssl is a new library, reset libtool version number to 0:0:0
2015-01-09 11:20:41 -08:00
aff7669cad
make distcheck and sniffer comment removed
2015-01-09 11:43:17 -07:00
6b1484ef2f
sniffer underscore
2015-01-09 11:33:40 -07:00
d6dcaab89e
sniffer added to compatibility layer
2015-01-09 11:31:31 -07:00
9dfd47648b
real README.md
2015-01-09 11:18:09 -07:00
7b6c17037c
initial wolfSSL
2015-01-09 11:09:43 -07:00
be35f0df47
3.3.3
2015-01-09 10:37:42 -07:00
74749b2b6a
tirtos name change
2015-01-09 10:09:54 -07:00
819a303a79
version update
2015-01-09 10:08:43 -07:00
9af457f8c3
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-09 10:07:54 -07:00
f2dea4812a
add includes to compatibility
2015-01-09 10:06:50 -07:00
b7aa0e1057
Johns changes in cyassl/cyassl
2015-01-08 16:51:59 -07:00
bb92d41e8d
xcode projects, merge Chriss latest
2015-01-08 16:27:40 -07:00
2d3c607acd
handel poly1305 warning and clean up commented out compatibility layer includes
2015-01-08 15:33:44 -07:00
2951ef5b97
swig updated, tested, and working
2015-01-08 14:47:41 -07:00
492bae7afe
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-08 10:44:00 -07:00
d366599285
adding comment to header and _fips to c files
2015-01-08 10:42:01 -07:00
48fd041c40
no longer user compatibility layer
2015-01-08 10:02:07 -07:00
7e5cac6c43
support dir update
2015-01-08 09:56:06 -07:00
878c1889b3
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-08 09:40:17 -07:00
a389620a29
Copyright (C) updates
2015-01-08 09:39:04 -07:00
0721d575f6
correction on rename of struct
2015-01-07 15:56:02 -07:00
6195ae1db2
placement of poly1305 in test file
2015-01-07 15:37:55 -07:00
1c4b4a2d1e
ripemd in function call fixed
2015-01-07 15:26:09 -07:00
e3826d26c5
refactor settings_comp to respective .h files
2015-01-07 15:03:54 -07:00
bdb37d0da9
adjustment to compatibility in random.h file
2015-01-07 14:45:11 -07:00
252390a476
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-07 14:32:31 -07:00
455db9f84b
adjust cyassl headders
2015-01-07 14:30:28 -07:00
8d98db7593
cyassl/options.h backwards compatibile
2015-01-07 14:30:02 -07:00
02f16b9232
going through wolfcrypt
2015-01-07 13:36:11 -07:00
7e9c8028b2
more macros, fips test passes
2015-01-07 13:33:10 -07:00
639637278d
CYASSL -> WOLFSSL macros
2015-01-07 13:17:57 -07:00
33fff07eee
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-07 13:14:26 -07:00
f516bcf1ce
old cyassl header files adjusted
2015-01-07 13:11:37 -07:00
e256291511
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-07 10:19:53 -07:00
4008bec496
remove assembly files from ctaocrypt and adjustment to visibility
2015-01-07 10:16:52 -07:00
99d0e80248
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-07 08:58:02 -07:00
95aad35e41
prunning on ctaocrypt files
2015-01-06 22:23:20 -07:00
310347f623
prunning on ctaocrypt files
2015-01-06 15:18:36 -07:00
4872ec52f9
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-06 15:02:10 -07:00
e84f429ed4
white space configure.ac
2015-01-06 15:00:38 -07:00
161a90aeae
error crypt header adjusted and removed from ctaocrypt
2015-01-06 14:45:07 -07:00
6f17e5ecd0
prune ctaocrypt, alter cyassl headers and catch wolfssl rsa header
2015-01-06 14:26:13 -07:00
27e7038c00
cyassl coding header and asthetics to settings macros
2015-01-06 14:02:43 -07:00
8315e76f32
update to function calls in ecc c file
2015-01-06 13:43:46 -07:00
11a563aa91
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-06 13:42:50 -07:00
ce65bef5a8
enable-fpecc enable-ecc
2015-01-06 13:42:02 -07:00
f5ec8489b8
dummy files for autoconf
2015-01-06 13:38:16 -07:00
a990a5cebf
missed tfm.h
2015-01-06 13:09:14 -07:00
369a5f04a9
library wide licence update
2015-01-06 12:14:15 -07:00
0790f53f04
remove wolfssl/options.h
2015-01-06 11:31:18 -07:00
067b85877d
full commit passing
2015-01-06 11:29:05 -07:00
0dbdb35222
enable-md4, enable-hkdf, disable-memory
2015-01-06 10:41:47 -07:00
42f3ec73eb
ripemd debug
2015-01-06 10:36:35 -07:00
bc48c83147
blake2 debug and settings refactor
2015-01-06 10:16:56 -07:00
e8af870e37
distribution fix
2015-01-05 16:58:28 -07:00
4d2b620d23
Merge branch 'master' of https://github.com/cyassl/cyassl
2015-01-05 16:38:27 -07:00
9e2ae79c8a
include in tfm and compatability for random and sha256
2015-01-05 16:36:24 -07:00
090a8830ee
fix math problem with configure on ksh88
2015-01-05 15:27:20 -08:00
159afeae14
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-05 15:00:50 -07:00
15554342c2
change of some header file macros
2015-01-05 14:59:48 -07:00
a4ce557263
Licencing update
2015-01-05 14:54:43 -07:00
b84b0401a9
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-05 14:50:41 -07:00
3cbed90cb9
name change for client.c
2015-01-05 14:48:43 -07:00
53ddf53a45
compatibility layer update
2015-01-05 14:38:16 -07:00
37deb65371
aes reverse compat.
2015-01-05 14:16:28 -07:00
e204c41768
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2015-01-05 13:42:22 -07:00
5d377b7bc5
for make dist and also aes compatibility
2015-01-05 13:40:26 -07:00
dcbfae1c31
Anon added to compatibility layer
2015-01-05 11:21:40 -07:00
cf3ba3f0e8
disable-asn, disable-rsa, enable-psk fixed
2015-01-05 11:06:04 -07:00
e09d14f6f8
remove wc_ from non-public functions
2015-01-05 10:50:33 -07:00
15f021c074
--enable-bump fixed
2015-01-05 10:41:22 -07:00
db7f7c39e1
comment in testsuite, adjustment to src include and wolfssl ssl
2015-01-05 10:32:51 -07:00
4ba12c86cb
fastmath, maxfragment, md5, iopool, certreq, certgen
2015-01-05 09:53:00 -07:00
accfaf17af
update to comment headers
2015-01-05 09:48:43 -07:00
966ca9c97e
clean up comments on c files and fix duplicate in chacah header
2015-01-04 23:26:26 -07:00
e6ebbf4fc2
pre-commit pass and update to name change files
2015-01-03 23:33:14 -07:00
2520973b73
update to c files for name change and pwdbased along with debugging src function calls
2015-01-03 19:09:48 -07:00
144798c962
update to md functions and blake for hmac
2015-01-03 17:24:51 -07:00
f64d76257e
readjust c files, autoconf, and some header files
2015-01-02 14:56:58 -07:00
b91934f065
change to header files and update of function calls in src folder
2015-01-01 14:48:33 -07:00
5365bdb06c
debugging on name change
2015-01-01 07:33:07 -07:00
98fa85ed83
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-31 17:03:33 -07:00
aa08c17dc1
sha.c updated
2014-12-31 17:03:07 -07:00
38e129fd24
cleaning up some cyassl
2014-12-31 17:01:27 -07:00
87431aa744
version
2014-12-31 16:05:43 -07:00
5cff32e271
backing up
2014-12-31 16:04:42 -07:00
e3c82842a5
rsa des3 random : update
2014-12-31 15:31:50 -07:00
e6cebf1246
fips preservation update
2014-12-31 15:20:53 -07:00
a50af85e95
autoconf, libversioning, .gitignore updated
2014-12-31 14:06:01 -07:00
f81ee9e4d3
addition to aes and alteration to md files
2014-12-31 13:54:57 -07:00
88e32c6c5a
compatability and sniffer.c
2014-12-31 13:41:30 -07:00
2f15d38dc0
fips MD5 checksum preservation
2014-12-31 13:37:51 -07:00
b569165ad8
configure.ac updates
2014-12-31 13:04:03 -07:00
3483816f9f
fix to test.c and asthetics fo asn_public.h
2014-12-31 11:00:38 -07:00
78e7ffdfa9
rm old asn.c and adjust function calls in new asn.c
2014-12-31 10:42:03 -07:00
924abb2d12
accounting for WOLFSSL in md5.h
2014-12-31 10:33:51 -07:00
d1e48e2364
progress on asn
2014-12-31 10:28:13 -07:00
59eb83c6e9
auto-tools and wc_ updates
2014-12-31 10:01:32 -07:00
62a5548009
compatibility layer additions for wolfssl/ssl.h
2014-12-30 16:19:50 -07:00
e8d8f97c64
src/ssl.c, cyassl/ssl.h
2014-12-30 15:48:01 -07:00
e1db640cd5
test for command line utility
2014-12-30 15:37:12 -07:00
c0302b4b2c
wc_ removed from internal method
2014-12-30 15:19:59 -07:00
3b49b72436
debugging on asn and internal.c
2014-12-30 15:14:27 -07:00
0d4a65cd6f
pwdbased updated
2014-12-30 14:41:49 -07:00
c57609acc3
wc_ udates in src/ directory
2014-12-30 14:13:57 -07:00
7a3fdbc07f
debugging for test script
2014-12-30 13:50:40 -07:00
3511454bce
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-30 13:05:48 -07:00
26a2688f0e
debuging test script
2014-12-30 13:05:24 -07:00
1c75a6e74f
tests/api.c updated
2014-12-30 12:41:26 -07:00
23368a2bca
ctaocrypt -> wolfcrypt
2014-12-30 11:57:58 -07:00
7da867135f
wolfssl/openssl/ headers updated
2014-12-30 11:52:21 -07:00
8594ccf2df
working on commit tests
2014-12-30 11:00:18 -07:00
9f3de72055
src/include.am update
2014-12-30 10:38:41 -07:00
5eef118ff5
test and debug of poly-chacha suites
2014-12-30 10:30:54 -07:00
da2c78026c
changes to integer.h
2014-12-30 09:28:25 -07:00
bf9d41cbcc
src/include.am updated
2014-12-30 09:09:42 -07:00
adfa2348ba
cleanup
2014-12-29 17:06:45 -07:00
76249dd8ee
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-29 16:38:47 -07:00
174e2b23c2
ecc check and adjustment to visibility
2014-12-29 16:38:13 -07:00
1078106c65
output file specified LIBWOLFSSL_VERSION
2014-12-29 16:33:47 -07:00
64d06580c1
examples not seeing WOLFSSL_API
2014-12-29 16:30:26 -07:00
cbbdfc7b96
wolfcrypt api testwolfcrypt update
2014-12-29 14:35:46 -07:00
67858df5e0
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-29 13:00:07 -07:00
894b888291
update to misc.c integer.c and tfm.c
2014-12-29 12:59:14 -07:00
bd1ff08aa9
certs name changes
2014-12-29 11:53:25 -07:00
edf53a1ed0
new changes
2014-12-29 10:27:03 -07:00
db383fbbac
Merge branch 'master' of https://github.com/cyassl/cyassl
2014-12-22 09:20:57 -07:00
2ab4f6e2f0
echoclient, server, libwolfssl updates
2014-12-22 09:01:53 -07:00
98cefa88c4
Fixes #136
2014-12-22 12:17:11 -03:00
64b456df59
Fixes #137
2014-12-22 12:11:00 -03:00
a37fb63c0c
examples
2014-12-19 16:53:49 -07:00
279f149828
adjustments to reverse compatibility
2014-12-19 16:31:01 -07:00
77f167790d
progress on name change
2014-12-19 15:43:19 -07:00
5107c6c12b
debugging linking error
2014-12-19 15:30:07 -07:00
626a4f318e
removed ifdef
2014-12-19 15:13:15 -07:00
86ea853eab
header and compatibility layer updates
2014-12-19 15:09:20 -07:00
4f15949bd6
compatibility updates
2014-12-19 13:06:42 -07:00
8212f5df46
src and compatability layer updates
2014-12-19 12:50:30 -07:00
c97db6ba6e
src updated, CTaoCrypt -> wc_
2014-12-19 11:27:01 -07:00
42e5c8fb35
sync up
2014-12-19 10:47:38 -07:00
10c4dd7b4c
src/include.am fips updates
2014-12-19 10:46:58 -07:00
d6f37bd34f
shell files for autotools
2014-12-19 10:19:29 -07:00
a5529b124d
moving over more files
2014-12-19 09:56:51 -07:00
f944bf88b0
src/include.am
2014-12-19 09:26:22 -07:00
b70f0938d0
include.am updates
2014-12-19 09:06:27 -07:00
d958a2f3d6
close to build test with --disable-examples option
2014-12-18 15:40:09 -07:00
d2a97b035d
header files for des3, hmac, random and rsa
2014-12-18 14:58:09 -07:00
7bab3a9564
headers
2014-12-18 14:53:27 -07:00
e6a629118c
api calls to crypt library in portibality layer
2014-12-18 14:23:33 -07:00
2867920d62
Merge branch 'master' of https://github.com/cyassl/cyassl
2014-12-18 14:12:19 -07:00
a073730c38
compatibility layer includes
2014-12-18 14:06:27 -07:00
4898047aca
visibility
2014-12-18 13:17:09 -07:00
09a09f80bd
wolfssl/wolfcrypt/memory.h
2014-12-18 13:04:32 -07:00
324177a4a8
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-18 11:57:13 -07:00
ddae6974e3
header files for poly, rabbit, and ripemd
2014-12-18 11:57:05 -07:00
0ce0a7b558
wolfssl/wolfcrypt/visibility.h
2014-12-18 11:52:35 -07:00
557e969b3b
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-18 11:44:56 -07:00
607760f829
header files for aes, arc4, camellia, chacha, dh, and dsa
2014-12-18 11:44:48 -07:00
fc1ddf117f
header updates
2014-12-18 11:40:51 -07:00
d7a3585a96
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-18 11:11:09 -07:00
50eee6afdf
wolf c files for des, hmac, random, and rsa
2014-12-18 11:10:55 -07:00
8c70593da6
header updates
2014-12-18 11:08:12 -07:00
c300d77c55
fix PRQA-C level 6 warnings
2014-12-18 09:50:15 -07:00
aa0d339b05
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-17 15:48:37 -07:00
664a40844c
c files for pkcs, poly, rabbit and ripemd
2014-12-17 15:47:00 -07:00
cf8cf779c5
headers and include.ams
2014-12-17 15:33:22 -07:00
0da381e019
mem.h in wolfcrypt, compatibility layer
2014-12-17 14:59:19 -07:00
6e1a0befdc
md's c files
2014-12-17 14:57:56 -07:00
473d1d18a6
chacha, dh, dsa, hc128 c files
2014-12-17 14:37:13 -07:00
0957d275b3
latest
2014-12-17 13:55:34 -07:00
d3acb121ff
Merge branch 'master' of https://github.com/kaleb-himes/cyassl
2014-12-17 11:00:07 -07:00
ea3bf1649d
in process of shiffting many files
2014-12-17 10:59:27 -07:00
17c37ae208
moved cyassl -> wolfssl
2014-12-17 10:29:35 -07:00
881c0b941a
progress on name change, arc4, aes, camilea
2014-12-17 10:28:35 -07:00
53057f0b0d
name changes kaleb push
2014-12-17 10:00:17 -07:00
813ad2e102
name change progress
2014-12-17 09:58:11 -07:00
34633617f7
fix ecc 64bit cast for systems where long is 32bits
2014-12-11 21:20:39 -08:00
513ea4d38a
add SNI_UNSUPPORTED for better handling SSL 3.0 buffers on CyaSSL_SNI_GetFromBuffer()
2014-12-08 17:31:37 -03:00
1ada0dfa31
update README.md for 3.3.0 release
2014-12-05 10:48:27 -07:00
15bffb2a1e
prepare 3.3.0 release
2014-12-05 09:37:19 -08:00
51ffb84e11
fix build errors when compiler is C++
2014-12-04 17:16:39 -08:00
8105b9efa2
fix bug in sniffer with SNI using the key from ctx rather than the session
2014-12-04 14:16:39 -08:00
7aed412512
fix SMALL_STACK typo
2014-12-04 13:44:33 -08:00
8ef04a8cde
remove exit as goto label
2014-12-04 13:30:30 -08:00
e499b8f828
fix dh_test drbg memory leak
2014-12-04 12:46:50 -08:00
66f14c8a9a
add dh to commit tests
2014-12-04 12:42:39 -08:00
5f9660b23e
fix aes gcm set key return
2014-12-04 11:51:19 -08:00
da5f235d75
Merge branch 'master' of github.com:cyassl/cyassl
2014-12-04 11:25:59 -08:00
53cb50761d
fix hash hrbg memory leaks
2014-12-04 11:24:38 -08:00
9dc6084e3e
Merge branch 'master' of github.com:cyassl/cyassl
2014-12-04 11:22:44 -08:00
9fff57839f
fixed saving ServerKeyExchange message in DTLS for most key exchange types
2014-12-04 11:21:19 -08:00
7fbf8359e2
fix coverity tell < 0 and store fread bytes issues
2014-12-04 10:53:29 -08:00
a9d9ff8b58
fix sanity check for DHE-PSK cipher suite handshake
2014-12-04 10:27:00 -08:00
d3eec77294
fix SMALL Stack change error
2014-12-03 16:10:05 -08:00
3f53d9f229
fix sniffer coverity problem
2014-12-03 16:06:28 -08:00
a4a3ebb567
use input stream record end for sniffer multi msg
2014-12-03 14:44:18 -08:00
d552390b39
allow sniffer muliple msgs per record to handle encrypted msgs too
2014-12-03 14:12:13 -08:00
264e180147
allow sniffer to handle bundled record layer messages
2014-12-03 11:58:50 -08:00
f1c6e901a4
allow user to set sniffer cache timeout at compile time w/ CYASSL_SNIFFER_TIMEOUT
2014-12-02 10:33:10 -08:00
09d290f552
allow user to set session timeout at compile time w/ CYASSL_SESSION_TIMEOUT
2014-12-02 10:28:47 -08:00
1688fd1670
help static anaylsis
2014-12-01 16:35:04 -08:00
52c2c126c1
turncate hashSigAlgoSz to max buffer size
2014-12-01 15:53:59 -08:00
09aeda2162
fix SetCipherList() possible 1 byte overrun
2014-12-01 14:34:48 -08:00
295e65ca02
add sanity size check to iv fill in case block size is bad
2014-12-01 14:23:10 -08:00
4954043def
release lock on client side cache bad hash
2014-12-01 14:11:32 -08:00
1742e0ddb6
Merge in the ADH-AES128-SHA changes and add a check for it during the
...
packet order sanity checking.
2014-12-01 11:44:32 -08:00
b2f9d62852
make HASH-DRBG default RNG w/ autoconf
2014-12-01 09:12:26 -08:00
fe81c2855d
sanity size check on handshake headers
2014-12-01 08:58:52 -08:00
1f8d84553c
add server_ready file to externally monitor example server for ready to accept, -r option
2014-11-26 12:13:47 -08:00
438cb515d5
added a make clean after updating the verify hash when running the fips check
2014-11-24 15:52:47 -08:00
98db39a913
fixed the check in commit-tests to see if FIPS test should run
2014-11-24 13:33:14 -08:00
f7235819d2
bugfix in the FIPS check script
2014-11-24 12:50:55 -08:00
a352908c61
fix optimized fastmath read digit for explicit 32bit digits
2014-11-24 10:00:13 -08:00
65c0dd4f8a
Added fips-check script when running commit-tests.
2014-11-19 12:00:04 -08:00
17a4cc8239
fix ctaocrypt test RNG leak when using HASH-DRBG
2014-11-18 16:52:37 -08:00
f1ab188949
disallow client to fast forward handshake messages
2014-11-18 16:27:39 -08:00
25362268db
Merge pull request #132 from tisb/master
...
Fix for TI-RTOS CyaSSL build errors
2014-11-17 17:16:11 -08:00
9fd6e680a2
Removed extra comma to avoid TI compiler warnings.
2014-11-17 15:58:19 -08:00
e0bec88f76
fixed build errors for TI-RTOS.
2014-11-17 15:58:05 -08:00
59e62b7c49
Merge pull request #131 from lchristina26/master
...
add braces around empty if statements
2014-11-17 15:30:14 -08:00
57522d217b
disallow basic server fast forwards during handshake
2014-11-17 15:25:49 -08:00
31858d2a34
move gotChangeCipher from options into msgsReceived
2014-11-17 13:11:45 -08:00
5318b243ba
add messages received framework, disallow duplicates
2014-11-17 12:55:07 -08:00
b3b0c8d1fc
Add braces around empty if statements
2014-11-17 11:10:23 -07:00
de388bf37f
version 3.2.6
2014-11-14 11:49:14 -08:00
2c85756130
fixed carry error on array add in HashDRBG
2014-11-13 18:08:23 -08:00
6c2a238c9b
bump version
2014-11-13 10:19:03 -08:00
730cede82d
add HAVE_FORCE_FIPS_FAILURE for operational testing
2014-11-12 17:09:16 -08:00
6944eb69f6
added error code for AESGCM FIPS KAT test error
2014-11-10 15:38:41 -08:00
654c421441
fix benchmark error with NO_AES, jenkins found
2014-11-10 10:13:23 -07:00
eb59597fed
fix bug in sniffer when using old client hellos where large hello message may
...
be ignored
2014-11-07 17:11:38 -08:00
54f678b9ee
Merge branch 'master' of github.com:cyassl/cyassl
2014-11-07 17:06:04 -08:00
12a6978401
refactored HashDRBG to remove some redundant code
2014-11-07 17:05:18 -08:00
eda2103dc3
add size check to fips core hash gen
2014-11-07 16:43:32 -08:00
e6e24d92fb
Merge branch 'master' of github.com:cyassl/cyassl
2014-11-07 16:23:56 -08:00
81fd594c9f
add fips get status functions
2014-11-07 16:23:19 -08:00
4d819dea87
fix hashType warning on Linux
2014-11-07 17:19:11 -07:00
138ce50bae
Merge branch 'master' of github.com:cyassl/cyassl
2014-11-07 15:36:49 -08:00
00965d44dc
fix sniffer bug with detecting old client hello
2014-11-07 15:35:36 -08:00
71da84122f
expose EncodeSignature() for DER-encoded comparisons
2014-11-07 16:33:38 -07:00
a45a8f2cd8
Merge branch 'master' of github.com:cyassl/cyassl
2014-11-07 14:40:21 -08:00
d829b5f93b
Allow sniffer to follow ports using STARTTLS.
2014-11-07 14:37:00 -08:00
233bca3346
add RsaPublicKeyDecodeRaw() to load key from existing n, e
2014-11-07 15:24:02 -07:00
b36f823da5
only do fips verify core check on fips files
2014-11-07 13:09:32 -08:00
4441e3be1a
HashDRBG continuity failure passed up to caller
2014-11-07 12:08:26 -08:00
3130145213
Added note to SSL_ResourceFree()
2014-11-06 16:07:05 -08:00
580289375c
Fix memory leak in CyaSSL when using Hash DRBG
2014-11-06 15:44:24 -08:00
f11d2c435d
add fips continuous test error code/msg
2014-11-06 14:56:11 -08:00
202a1a152d
fix jenkins report for smallstack derive tls keys
2014-11-04 15:39:54 -08:00
322f79f521
allow user to set minimum downgrade version with v23 methods()
2014-11-03 15:12:48 -08:00
d9f5ada772
add external wrappers for TLS Master Secret generation and Key Expansion
2014-11-03 09:56:40 -08:00
02f7c71222
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-31 13:24:29 -07:00
0f641e07a2
remove old client hello processing by default, can turn on with OLD_HELLO_ALLOWED, add sanity checks before size front alloc
2014-10-31 13:23:50 -07:00
2fe0d9b38d
update RNG_HealthTest to output generated bits
2014-10-31 14:05:13 -06:00
bb8853aa50
fix memory leak when resetting the peer address on a DTLS session
2014-10-30 16:23:25 -07:00
56c12c9716
For sniffer with SNI, refactored ssl_SetPrivateKey and
...
ssl_SetNamedPrivateKey so they can be called in any order
for a particular server.
2014-10-30 14:08:45 -07:00
1e7b579777
sniffer signals got change cipher
2014-10-29 14:14:32 -07:00
7fed36b09d
explicit check for change cipher before finished instead of encryptionOn implicit
2014-10-29 14:07:41 -07:00
a4228740f5
add FIPS pos errors and messages, better output for in core check and how to fix
2014-10-28 14:21:55 -07:00
247bef6be3
add fips pos cb for fail codes, generated hash
2014-10-28 14:03:58 -07:00
c982dd2281
allow aes gcm fips wrappers, no void returns
2014-10-27 15:52:22 -07:00
bf718a7d51
Added a callback function to set the master secret on the client
2014-10-24 15:26:47 -07:00
6138ce720c
internal.c: refactoring SendServerKeyExchange to reduce stack usage:
...
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable hash moved to the heap (36 bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable hash256 moved to the heap (32 bytes saved)
--- variable sha384 moved to the heap (sizeof(sha384) saved)
--- variable hash256 moved to the heap (48 bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
*** the variables above appear twice in the code
2014-10-24 13:51:58 -03:00
dc90935fc7
internal.c: refactoring SendServerKeyExchange to reduce stack usage:
...
--- variable exportBuf moved to the heap (256 bytes saved)
--- indentation fixes
2014-10-24 13:29:18 -03:00
0e43240180
trims trailing white spaces.
2014-10-24 10:33:24 -03:00
62f0c9f661
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-23 14:08:11 -07:00
4d7f26af8d
Add continuous block test to Hash DRBG
2014-10-23 14:07:31 -07:00
6108f9cd45
add LICENSING file
2014-10-22 14:26:20 -06:00
b64b864431
Merge pull request #130 from tass-belgium/master
...
Updated picoTCP support, based on newer HTTPS demo
2014-10-22 14:10:57 -06:00
fde4d56845
Updated picoTCP support, based on newer HTTPS demo
2014-10-22 12:11:31 +02:00
a60332d9a3
internal.c: refactoring DoServerKeyExchange to reduce stack usage:
...
--- using goto to centralize resources deallocation.
2014-10-21 20:23:50 -03:00
5056ebe829
internal.c: refactoring DoServerKeyExchange to reduce stack usage:
...
--- variable hash256 moved to the heap (32 bytes saved)
--- variable hash384 moved to the heap (48 bytes saved)
--- variable hash moved to the heap (36 bytes saved)
--- variable messageVerify moved to the heap (612 bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
0447bf7551
internal.c: refactoring DoServerKeyExchange to reduce stack usage:
...
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable sha384 moved to the heap (sizeof(Sha384) saved)
2014-10-21 20:23:50 -03:00
7f836cd6b3
internal.c: refactoring SendClientKeyExchange to reduce stack usage:
...
--- variable encSecret moved to the heap (1027 bytes saved)
--- variables priv moved to the heap (1024 bytes saved)
2014-10-21 20:23:50 -03:00
949094cfbc
internal.c: refactoring DoCertificateVerify to reduce stack usage:
...
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
9368c8d1e8
internal.c: refactoring SendCertificateVerify to reduce stack usage:
...
--- variable encodedSig moved to the heap (512 bytes saved)
2014-10-21 20:23:50 -03:00
845e49781f
internal.c: refactoring DoServerHello to reduce stack usage:
...
--- variable clSuites removed (sizeof(Suites) saved)
ps.: TLSX_Parse() does not requires the suites parameter at client side.
2014-10-21 20:23:50 -03:00
a7e585b63d
internal.c: refactoring BuildMessage to reduce stack usage:
...
--- variable hmac moved to the heap (up to 64 bytes saved)
2014-10-21 20:23:50 -03:00
5ef9a21eaa
internal.c: refactoring DoCertificate to reduce stack usage:
...
--- variable domain moved to the heap (256 bytes saved)
--- variable dCert moved to the heap (sizeof(DecodedCert) saved)
--- variable store moved to the heap (sizeof(CYASSL_X509_STORE_CTX) saved)
2014-10-21 20:23:49 -03:00
37c1627234
internal.c: refactoring BuildFinished to reduce stack usage:
...
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
--- variable sha384 moved to the heap (sizeof(Sha384) saved)
2014-10-21 20:23:49 -03:00
50a00d4ff0
add PicoTCP support
2014-10-21 15:43:43 -06:00
e35e02a283
Added SNI named keys to the sniffer.
2014-10-21 12:22:12 -07:00
35bcc98948
Added a callback when receiving a NewSessionTicket handshake message.
2014-10-20 09:25:14 -07:00
60790ee4ae
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-16 22:01:55 -07:00
b2f25cd91c
1. Added accessors for session tickets.
...
2. Fixed client case when server doesn't want to resume session with ticket.
2014-10-16 22:00:13 -07:00
c2ade678e1
Adds use of ssl->session.sessionIDSz during SendClientHello().
2014-10-13 23:16:11 -03:00
b10fdbf1f0
Adds storage of ssl->arrays->sessionIDSz in SessionCache at AddSession();
...
Adds storage of ssl->arrays->sessionIDSz in ssl->session at FreeArrays();
2014-10-13 23:16:11 -03:00
6956d146d1
Adds capture of ssl->arrays->sessionIDSz at DoServerHello.
2014-10-13 23:16:11 -03:00
e98eb1ba4d
Adds sessionIDSz to CYASSL_SESSION and Arrays.
2014-10-13 23:16:11 -03:00
08cdf91761
bump version
2014-10-13 14:44:39 -07:00
d457ff8d71
don't set GetLength input value to negative in error case, shouldn't matter if return value checked
2014-10-10 10:25:42 -07:00
159abadd73
add NO_FORCE_SCR_SAME_SUITE flag for scr
2014-10-09 11:10:40 -07:00
5019eab073
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-07 15:51:38 -07:00
54049c6000
allow dhe 4096bit for ssl key exchange
2014-10-07 15:50:33 -07:00
557f19db0b
Adds support to session IDs of size 1 to 31 bytes.
...
Only session IDs of size 0 or 32 bytes was allowed before, now the session ID size may be from 0 to 32 bytes.
A size of zero bytes means that is no session ID provided by the server.
2014-10-07 13:02:59 -03:00
c65b14a891
add scr check against subject hash, only allow explicit session ticket resupmtion during scr
2014-10-06 16:12:45 -07:00
214eba0325
fix session ticket get size
2014-10-06 14:52:05 -07:00
7c67a9261c
trimmed some unused code for session tickets
2014-10-06 12:44:52 -07:00
954740e2a8
Added check for expected session ticket
2014-10-04 12:41:51 -07:00
b95b2a8463
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-03 13:27:22 -07:00
80a474ebad
1. Fixed encoding of session ticket hello extension.
...
2. Session tickets used as alternative resumption.
2014-10-03 13:19:59 -07:00
24bfade874
catch user error with write() after WANT_WRITE with short size
2014-10-03 12:03:20 -07:00
3f01f097e7
allow scr sessoin ticket
2014-10-02 10:43:06 -07:00
668fed4796
don't allow scr and fake indication together
2014-10-02 10:18:11 -07:00
9dbc1d2d00
Parse the NewSessionTicket handshake message
2014-10-01 16:28:01 -07:00
2f5520d14c
fix potential resource leaks with scr and normal math on key reuse
2014-10-01 11:15:36 -07:00
8e96234513
Merge branch 'master' of github.com:cyassl/cyassl
2014-10-01 09:45:57 -07:00
41647e441a
preview scr
2014-10-01 09:44:24 -07:00
ee68797cf1
Adds a flag to tell the handshake framework to expect a session ticket.
2014-09-30 18:50:19 -03:00
eb42494ddd
check scr cipher suite for changes
2014-09-30 12:55:15 -07:00
29d4148637
handle bunlded scr messages
2014-09-30 11:52:21 -07:00
a937040087
Adds Session Ticket TLS Extension handling.
...
New Session Ticket Handshake Message handling is still needed for Session Tickets to work.
2014-09-30 09:30:23 -03:00
6a75c8d144
fix TURN_ON mask
...
adds --enable-session-ticket configure option
2014-09-30 09:30:23 -03:00
f81f22799a
separate allow scr and force client scr in example client
2014-09-29 15:32:41 -07:00
dcde28db51
add server initiated scr
2014-09-29 14:48:49 -07:00
d3db4546ec
allow client auth with scr
2014-09-29 13:38:56 -07:00
369b7559c5
fix session ticket warnings
2014-09-26 16:16:11 -07:00
c340d78c93
adds SESSION_TICKET extension id.
...
adds HAVE_TLS_EXTENSIONS as a dependency to HAVE_SECURE_RENEGOTIATION
reduces tlsx semaphore from 16 to 8 bytes (128 flags to 64 flags).
refactors ConvertExtType() to TLSX_ToSemaphore() for a better name and behavior. Now the overflowing flags are set backwards from the end of the flags to avoid collisions.
2014-09-26 16:01:50 -03:00
95585e93df
scr session resumption example
2014-09-26 10:47:57 -07:00
a260171e23
add scr for ephemeral keys
2014-09-26 10:27:14 -07:00
f5a95a9f62
struct for one time authentication ciphers
2014-09-25 16:19:50 -06:00
0c20584ed3
add client side initiated secure r, same specs
2014-09-24 18:48:23 -07:00
74c6f35766
new handShakeDone flag to allow app data during scr
2014-09-24 13:10:01 -07:00
21f46373f3
delay SetKeys() with SetKeysSide() until last possible moment, needed for scr
2014-09-24 11:27:13 -07:00
ed1beafdfc
allow SetKeys() to be called with encrypt or decrypt, or both
2014-09-24 10:12:22 -07:00
596148840d
adds braces requested by commit_tests.sh on linux
2014-09-22 13:17:05 -03:00
613337cf89
ssl: refactoring PemToDer to reduce stack usage:
...
--- variable header moved to the heap (80 bytes saved)
--- variable footer moved to the heap (80 bytes saved)
--- variable password moved to the heap (80 bytes saved)
fixes memory leak in CyaSSL_RAND_bytes
2014-09-22 11:37:36 -03:00
d9472d65da
ssl: refactoring ProcessBuffer to reduce stack usage:
...
--- variable password moved to the heap (80 bytes saved)
--- variable key moved to the heap (32 bytes saved)
--- variable iv moved to the heap (16 bytes saved)
--- variable Des moved to the heap (sizeof(Des) saved)
--- variable Des3 moved to the heap (sizeof(Des3) saved)
--- variable Aes moved to the heap (sizeof(Aes) saved)
--- variable RsaKey moved to the heap (sizeof(RsaKey) saved)
Utility functions added to Des, Des3 and Aes for easier decryption.
2014-09-22 11:37:36 -03:00
df3ea53494
replaces tabs with spaces.
2014-09-22 11:37:35 -03:00
e9af29e3e3
ssl: refactoring CyaSSL_CTX_load_verify_locations to reduce stack usage:
...
--- variable name moved to the heap (256 bytes saved)
2014-09-22 11:37:35 -03:00
cb9dafca26
ssl: refactoring CyaSSL_SetTmpDH_buffer_wrapper to reduce stack usage:
...
--- variable p moved to the heap (513 bytes saved)
--- variable p moved to the heap (513 bytes saved)
2014-09-22 11:37:35 -03:00
3281e0dfcf
ssl: refactoring CyaSSL_RAND_bytes to reduce stack usage:
...
--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
2014-09-22 11:37:35 -03:00
7cafb11791
ssl: refactoring CyaSSL_BN_rand to reduce stack usage:
...
--- variable decoded moved to the heap (1024 bytes saved)
--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
2014-09-22 11:37:35 -03:00
68063874dc
ssl: refactoring CyaSSL_BN_hex2bn to reduce stack usage:
...
--- variable decoded moved to the heap (1024 bytes saved)
2014-09-22 11:37:35 -03:00
4b783b3d80
ssl: refactoring SetDhInternal to reduce stack usage:
...
--- variable p moved to the heap (1024 bytes saved)
--- variable g moved to the heap (1024 bytes saved)
2014-09-22 11:37:35 -03:00
5605a24e4f
ssl: refactoring CyaSSL_DH_generate_key to reduce stack usage:
...
--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
--- variable pub moved to the heap (1024 bytes saved)
--- variable priv moved to the heap (1024 bytes saved)
2014-09-22 11:37:35 -03:00
6b7dbb9f2a
ssl: refactoring CyaSSL_DH_compute_key to reduce stack usage:
...
--- variable pub moved to the heap (1024 bytes saved)
--- variable priv moved to the heap (1024 bytes saved)
2014-09-22 11:37:35 -03:00
cab23472be
ssl: refactoring CyaSSL_RSA_generate_key_ex to reduce stack usage:
...
--- variable rng moved to the heap (sizeof(RNG) saved)
2014-09-22 11:37:35 -03:00
c325504de7
ssl: refactoring CyaSSL_DSA_do_sign to reduce stack usage:
...
--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
2014-09-22 11:37:35 -03:00
3f459591c6
ssl: refactoring CyaSSL_RSA_sign to reduce stack usage:
...
--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
--- variable encodedSig moved to the heap (512 bytes saved)
2014-09-22 11:37:35 -03:00
961bf710bc
Removes unnecessary indentation. Since we use 80 characters line wrap, every space is important.
2014-09-22 11:37:35 -03:00
79dfb3a3c3
ssl: refactoring CyaSSL_HMAC to reduce stack usage:
...
--- variable hmac moved to the heap (sizeof(Hmac) saved)
2014-09-22 11:37:35 -03:00
8eeadc01b9
ssl: refactoring HashSession to reduce stack usage:
...
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable sha256 moved to the heap (sizeof(Sha256) saved)
ssl: refactoring CyaSSL_EVP_BytesToKey to reduce stack usage:
--- variable md5 moved to the heap (sizeof(Md5) saved)
2014-09-22 11:37:35 -03:00
19516cf5fd
ssl: refactoring AddCA to reduce stack usage:
...
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring ProcessBuffer to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring CyaSSL_CertManagerCheckOCSP to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring CyaSSL_CertManagerCheckCRL to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring CyaSSL_X509_d2i to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
ssl: refactoring CyaSSL_get_chain_X509 to reduce stack usage:
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
2014-09-22 11:37:35 -03:00
b2b5179392
fix indentation -- no code changed.
2014-09-22 11:37:35 -03:00
b22e3abfff
ssl: refactoring CyaSSL_PemCertToDer to have a single return point.
2014-09-22 11:37:35 -03:00
958ec5d578
ssl: refactoring ProcessBuffer to reduce stack usage:
...
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_PemCertToDer to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_cmp_peer_cert_to_file to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring ProcessFile to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_CertManagerVerify to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_SetTmpDH_file_wrapper to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
ssl: refactoring CyaSSL_writev to reduce stack usage:
--- variable staticBuffer moved to the heap (1023 bytes saved)
2014-09-22 11:37:34 -03:00
82d2aca505
ssl: refactoring CyaSSL_CertManagerVerifyBuffer to reduce stack usage:
...
--- variable cert moved to the heap (sizeof(DecodedCert) saved)
2014-09-22 11:37:34 -03:00
d264a8f890
ssl: refactoring ProcessBuffer to reduce stack usage:
...
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
ssl: refactoring CyaSSL_CertManagerVerifyBuffer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
ssl: refactoring CyaSSL_PemCertToDer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
ssl: refactoring CyaSSL_X509_load_certificate_file to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
ssl: refactoring CyaSSL_cmp_peer_cert_to_file to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
2014-09-22 11:37:34 -03:00
97548cc842
ssl: refactoring CyaSSL_CertPemToDer to reduce stack usage:
...
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
ssl: refactoring CyaSSL_KeyPemToDer to reduce stack usage:
--- variable info moved to the heap (sizeof(EncryptedInfo) saved)
2014-09-22 11:37:34 -03:00
27ad083dbf
add CodeWarrior wolfCrypt benchmark project files
2014-09-19 11:25:08 -06:00
d284225b7e
add SHA-384 benchmark
2014-09-19 11:07:30 -06:00
d61af5d9ae
adds record_overflow alert used by max_fragment_length tls extension.
2014-09-18 21:53:10 -03:00
63a90d9cb6
fix CodeWarrior wolfCrypt test debug configuration
2014-09-18 15:53:13 -06:00
231bfd5b85
update MQX example project README
2014-09-17 16:59:10 -06:00
cfa71e82cc
update .gitignore for CodeWarrior files
2014-09-17 16:55:02 -06:00
ecc6ef19d1
update cyassl_client CodeWarrior project files
2014-09-17 16:53:53 -06:00
b4e58a4105
update wolfcrypt_test CodeWarrior project files
2014-09-17 16:50:45 -06:00
53b5d7d7f4
update util_lib CodeWarrior project files
2014-09-17 16:39:15 -06:00
c1bfdeeb81
update cyassl CodeWarrior project files
2014-09-17 16:35:45 -06:00
75657aad40
secure r extensions, sizes correct
2014-09-17 13:49:51 -07:00
110a65d41a
fix secure r extensions send/recv
2014-09-16 18:56:32 -07:00
a735a52608
switch to extensions secure r state
2014-09-16 17:26:57 -07:00
d80e820654
Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions.
...
Adds SecureRenegotiation functions
2014-09-16 20:33:17 -03:00
89b972d946
Renames TLSX_Append to TLSX_Push, adding data param and making sure the list doesn't holds duplicate extensions.
...
Adds SecureRenegotiation functions
2014-09-16 20:21:29 -03:00
32cea012d9
Adds secure renegotiation TLSX_Type, structure and enabler function.
2014-09-16 20:21:29 -03:00
91e4545441
use new name under tlsx for secure r flags
2014-09-16 16:19:22 -07:00
496f1481ab
fixes for Freescale MQX, CodeWarrior GCC
2014-09-16 15:43:51 -06:00
4bb20612a1
move secure r inside of tls extensions
2014-09-16 12:42:13 -07:00
9a90a0c113
save secure r verify data
2014-09-16 11:51:13 -07:00
2e6b472ace
init secure r state
2014-09-15 15:22:13 -07:00
996418c383
add secure reneg state variables
2014-09-15 15:18:01 -07:00
f45ffe4a38
fix clang analyzer warning
2014-09-12 11:14:23 -07:00
7ed180a04b
update README.md
2014-09-10 18:01:13 -06:00
7ea5d6c509
bump version to 3.2.0
2014-09-10 16:46:39 -06:00
0a96557102
update README
2014-09-10 16:43:37 -06:00
c2c9922380
fix Visual Studio warning, scan-build issue
2014-09-10 16:17:13 -06:00
8d902637b2
add ctaocrypt_test() return value to fix err_sys() on IAR
2014-09-10 11:10:51 -06:00
91214ad5a6
Fixed issue with ECDH-ECDSA cipher suites rejecting certificates without
...
the DigitalSignature key usage.
2014-09-09 17:49:38 -07:00
ddeb1bb9f7
Verify RSA type 1 padding.
2014-09-09 15:35:54 -07:00
6175a2a20c
cleanup fp cache on examples with thread local storage
2014-09-09 10:14:32 -07:00
2c595139db
fix tirtos merge
2014-09-08 19:40:03 -07:00
3a0837ffd5
sanity size checks on ecc private key import
2014-09-08 12:14:58 -07:00
ca3f879907
Merge branch 'master' of github.com:cyassl/cyassl
2014-09-08 11:35:06 -07:00
9e40e967a0
add ecc key to DER, make sure ctaocrypt test errors always caught at make check level
2014-09-08 11:33:06 -07:00
d6b4f85d7c
Makes TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite optional if using SetCipherList()
2014-09-08 15:03:30 -03:00
a905d3f877
add libpq-dev (bump dependency)
2014-09-08 14:29:55 -03:00
f8f9008c96
simplify hello_request padSz calc with cached value
2014-09-05 16:18:10 -07:00
c8d67670f3
fix hello_request processing w/ mac-verify at upper layer
2014-09-05 14:29:18 -07:00
422a2b8be8
change word type to cyassl_word to prevent conflicts with some toolchains
2014-09-05 10:17:24 -06:00
ffd7dd3555
fix github issue #126
...
api tests refectory with ifdef and prototypes cleaning + use of asserts. Now, if the tests fails, it will point the line error and expected behavior like this:
ERROR - tests/api.c line 715 failed with:
test: server_args.return_code is true
result: server_args.return_code => FALSE
2014-09-04 14:17:55 -03:00
ce0df18c58
Merge branch 'master' of github.com:cyassl/cyassl
2014-09-03 23:10:53 -07:00
1a88e9fbdc
Added function to flatten the RSA public key to a pair of byte arrays
2014-09-03 23:10:10 -07:00
907670f89a
fix github issue #127
2014-09-03 16:56:49 -07:00
8bb52380a8
TLS_EMPTY_RENEGOTIATION_INFO_SCSV added on SetCipherList.
...
Function InitSuitesHashSigAlgo() extracted from InitSuites and SetCipherList.
2014-09-01 18:35:30 -03:00
7f18a39b7a
ignore .vagrant folder created by Vagrant
2014-09-01 13:53:45 -03:00
e30a06329b
fix scan-build issues
2014-08-29 18:35:54 -07:00
b02b648c4d
fix mp_val non prime issue
2014-08-29 18:09:18 -07:00
658f3ec073
fix memory leaks on todays pushes
2014-08-29 15:15:42 -07:00
03800a9df4
Merge branch 'keycomp'
2014-08-29 14:34:44 -07:00
dbfe2aa242
fix raw import inits
2014-08-29 14:33:48 -07:00
3072edb696
add compressed key support
2014-08-29 14:25:58 -07:00
7e7cbdc715
add raw ECC key import functionality and tests
2014-08-29 10:46:25 -06:00
2362dfdfa8
Fixed minor typecasting bugs for OCSP
2014-08-28 16:04:51 -07:00
b6345d654a
delay ssl server from creating ecdhe key until really needed
2014-08-27 10:48:19 -07:00
d5d3292ba7
break out of case correctly at end
2014-08-26 16:59:34 -07:00
496228e5b0
Merge branch 'master' of github.com:cyassl/cyassl
2014-08-19 22:38:42 -07:00
100f0e8a96
Don't allow sniffer to decrypt records if the key hasn't been setup. (Possible with misbehaving client.)
2014-08-19 22:38:04 -07:00
72be4a31ef
Add AES-GCM/CCM/Direct support for mmCAU, rearrange aes.c to better accommodate hardware crypto
2014-08-18 13:27:53 -06:00
87564bdffe
get_cipher fixes
2014-08-15 10:56:38 -07:00
aaf4e74453
Merge https://github.com/ShaneIsrael/cyassl into shane
2014-08-15 10:03:50 -07:00
e975c36988
Merge pull request #121 from kaleb-himes/master
...
All suites build initially
2014-08-15 09:55:42 -07:00
7752fe0331
Merge pull request #122 from JacobBarthelmeh/master
...
Fuzzer callbacks with fuzzer ctx pointer
2014-08-15 09:43:31 -07:00
7e6b3a86d5
Added more bounds checking when saving a DTLS message fragment.
2014-08-14 15:14:29 -07:00
11bc26d839
Update README.md
2014-08-14 11:37:30 -06:00
ae1153a721
Update README.md
2014-08-14 11:36:24 -06:00
6e45a79eb0
Update README.md
2014-08-14 11:33:12 -06:00
e0c5d797a2
Update README.md
2014-08-14 11:15:51 -06:00
be296edea0
Update README.md
2014-08-14 11:11:47 -06:00
aedbb299b1
added README.md
2014-08-14 11:01:08 -06:00
1a4c7811a6
Merge remote-tracking branch 'upstream/master'
2014-08-14 09:04:29 -06:00
a7c0f66813
all suites build initially
2014-08-13 13:06:04 -06:00
a23e0c3f5a
all suites build initially
2014-08-13 12:59:28 -06:00
57f2affe20
Added GetCipherName() which takes an index
2014-08-13 09:46:13 -06:00
f043b90a7f
fixed line comment
2014-08-12 16:30:51 -06:00
856aab7f30
add fuzzer CYASSL* and fuzzer ctx
2014-08-12 16:25:58 -06:00
bb9696c9f2
Added CyaSSL_get_ciphers() and necessary functions
2014-08-12 16:17:36 -06:00
9d4fb79009
add ecc timing mulmod
2014-08-12 12:21:00 -07:00
6620df2e4e
Merge remote-tracking branch 'upstream/master'
2014-08-12 13:03:55 -06:00
20e8e4e0a2
Merge pull request #117 from kaleb-himes/master
...
All encryptions work. settings.h generic, allow end user mod
2014-08-12 11:02:02 -07:00
a18602951b
record header fuzz
2014-08-12 11:56:20 -06:00
20f8493046
All encryptions work. settings.h generic, allow end user mod
2014-08-12 10:41:11 -06:00
58caf70dc9
Merge remote-tracking branch 'upstream/master'
2014-08-12 10:38:12 -06:00
5c72bf6272
fuzzer callbacks
2014-08-11 16:29:19 -06:00
1a8d06a0e3
keys: fixing DeriveKeys:
...
--- variables md5InputSz, shaInputSz and keyDataSz removed
keys: refactoring MakeSslMasterSecret to reduce stack usage:
--- variable shaOutput moved to the heap (20 bytes saved)
--- variable md5Input moved to the heap (532 bytes saved)
--- variable shaInput moved to the heap (579 bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
2014-08-11 14:17:44 -07:00
cc6b11c95b
vagrant recipe to get a linux machine for testing.
...
The virtual machine is provided by hashicorp (the company that makes vagrant) and is an Ubuntu Precise 64
The provisioning script that runs in the first boot of the machine will copy and setup a synchronize script so you don't have to run ./autogen.sh and ./configure every time to build in a different OS and you can also build and run on both (guest and host) at the same time.
The ./pull_to_vagrant.sh script should be called at least once before building cyassl so you get all the changes from you host machine.
2014-08-11 11:31:36 -07:00
0919a2927c
fix digest sizes in internal.h
2014-08-06 06:53:24 -07:00
39c167710f
keys: refactoring DeriveKeys to reduce stack usage:
...
--- variable shaOutput moved to the heap (20 bytes saved)
--- variable md5Input moved to the heap (68 bytes saved)
--- variable shaInput moved to the heap (119 bytes saved)
--- variable keyData moved to the heap (112 bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
2014-08-05 15:28:30 -07:00
32847ee78e
tls: refactoring CyaSSL_make_eap_keys to reduce stack usage:
...
--- variable seed moved to the heap (up to 64 bytes saved)
2014-08-05 15:28:30 -07:00
04dd56df79
tls: refactoring MakeTlsMasterSecret to reduce stack usage:
...
--- variable seed moved to the heap (up to 64 bytes saved)
2014-08-05 15:28:30 -07:00
c74440b27e
tls: refactoring DeriveTlsKeys to reduce stack usage:
...
--- variable seed moved to the heap (up to 64 bytes saved)
--- variable key_data moved to the heap (up to 224 bytes saved)
2014-08-05 15:28:30 -07:00
0283a917e8
tls: refactoring doPRF to reduce stack usage:
...
--- variable md5_hash moved to the heap (up to 256 bytes saved)
--- variable sha_hash moved to the heap (up to 256 bytes saved)
--- variable labelSeed moved to the heap (up to 128 bytes saved)
--- variable md5_result moved to the heap (up to 224 bytes saved)
--- variable sha_result moved to the heap (up to 224 bytes saved)
tls: refactoring PRF to reduce stack usage:
--- variable labelSeed moved to the heap (up to 128 bytes saved)
2014-08-05 15:28:30 -07:00
e3db86753c
tls: refactoring p_hash to reduce stack usage:
...
--- variable previous moved to the heap (up to 48 bytes saved)
--- variable current moved to the heap (up to 48 bytes saved)
--- variable hmac moved to the heap (sizeof(Hmac) bytes saved)
2014-08-05 15:28:30 -07:00
9429f07a8a
add MD5_DIGEST_SZ to NO_MD5 for non no-old-tls build types that still need it
2014-08-05 13:41:55 -07:00
63b8460210
tirtos build fix: port.c renamed wc_port.c
2014-08-01 10:24:40 -06:00
e99c7c2870
don't copy ntru-cert.der into certs/
2014-07-31 16:45:30 -07:00
3cc648f56d
Merge branch 'master' of https://github.com/kaleb-himes/cyassl into certs
2014-07-31 16:33:46 -07:00
dffd5e09bf
make dist adds for tirtos files
2014-07-29 16:34:12 -07:00
7a95bc452d
Merge branch 'master' into ti
2014-07-29 16:20:57 -07:00
e9297f092d
updated HashDRBG so private data not available via struct declaration in header file
2014-07-29 15:19:51 -07:00
5a175450e8
Merge branch 'JonasNorling-master'
2014-07-28 15:15:07 -07:00
277598e34a
Use same sequence number calculation in tls.c and internal.c
...
The DTLS sequence number used when decrypting CCM/GCM was taken from
the internal state, instead of from the actual message record.
If any DTLS messages were dropped, the expectation of the next
sequence number was wrong. This lead to a failed MAC check on the next
message to arrive, and an alert was generated.
2014-07-28 15:10:17 -07:00
aba16ae239
Merge branch 'master' into ti
2014-07-24 20:15:18 -07:00
4ebd5a0717
remove hard tabs
2014-07-24 20:12:10 -07:00
3f2ee0801a
declaration locations for ARM
2014-07-24 18:59:39 -06:00
f51bba0a43
line 221 fix, portability improvements
2014-07-23 15:58:09 -06:00
0c6a961e35
Merge branch 'master' into ti
2014-07-23 14:20:58 -07:00
c20fdb037e
io: refactoring EmbedOcspLookup:
...
--- single return point
--- changed stack reduction MEMORY_E to -1 to match XMALLOC fail at httpBuf
--- variable written removed
--- variable ocspRespSz renamed to ret (initialized with -1 and set only once with process_http_response result)
2014-07-23 13:20:23 -03:00
7dfb9e2d5f
io: refactoring EmbedGenerateCookie to reduce stack usage:
...
--- use ShaHash instead of InitSha, ShaUpdate and ShaFinal (sizeof(Sha) saved)
io: refactoring EmbedOcspLookup to reduce stack usage:
--- variable domainName moved to the heap (80 bytes saved)
--- variable path moved to the heap (80 bytes saved)
2014-07-23 12:28:54 -03:00
ec0fd7e969
Merge branch 'master' into ti
2014-07-22 13:55:59 -07:00
01ef6c3390
Merge pull request #111 from kojo1/MDK5
...
mdk5 pack for CyaSSL 3.1.0
2014-07-22 13:53:03 -07:00
b2a1b08660
Eliminate license, manual file from mdk5 pack
2014-07-22 20:18:38 +09:00
bc3942e34f
MDK5 software pack update for CyaSSL 3.1.0
2014-07-22 20:08:18 +09:00
2245204685
crl: refactoring LoadCRL to reduce stack usage:
...
--- variable name moved to the heap (256 bytes saved)
2014-07-21 22:52:06 -03:00
3ae9105b05
crl: refactoring DoMonitor to reduce stack usage:
...
--- variable buff moved to the heap (8192 bytes saved)
2014-07-21 22:52:05 -03:00
108b21e36f
crl: refactoring SwapLists to reduce stack usage:
...
--- variable tmp moved to the heap (sizeof(CYASS_CRL) saved)
2014-07-21 22:52:05 -03:00
6e0c6551ff
crl: refactoring BufferLoadCRL to reduce stack usage:
...
--- variable dcrl moved to the heap (sizeof(DecodedCRL) saved)
2014-07-21 22:52:05 -03:00
fb3e706d69
ocsp: refactoring CheckCertOCSP to reduce stack usage:
...
--- variable newStatus moved to the heap (sizeof(CertStatus) saved)
--- variable ocspRequest moved to the heap (sizeof(OcspRequest) saved)
--- variable ocspResponse moved to the heap (sizeof(OcspResponse) saved)
2014-07-21 22:52:05 -03:00
063e5cec80
Merge branch 'master' into ti
2014-07-21 16:38:38 -07:00
c214f0cc1b
fixup ntru encrypt benchmark
2014-07-21 16:37:41 -07:00
4fab7e9884
Merge branch 'master' of https://github.com/ShaneIsrael/cyassl
2014-07-21 16:32:07 -07:00
cc72a50cee
bump dev version
2014-07-21 16:28:57 -07:00
a73a160aaf
Merge branch 'master' into ti
2014-07-21 16:26:39 -07:00
3bfd0bbf3b
fixup some chacah-poly suite things including a valgrind error
2014-07-21 16:20:17 -07:00
48e3ef1c31
Update ctaocrypt.vcproj
2014-07-21 15:26:04 -06:00
2f18af2f5f
added --override-ntru, -h, -help, and error checking
2014-07-21 15:13:37 -06:00
ff58f65418
merge
2014-07-21 15:12:12 -06:00
3c27deb9d0
merge
2014-07-21 13:50:22 -06:00
9a44fc4012
Merge branch 'master', remote-tracking branch 'upstream/master'
2014-07-21 11:35:36 -06:00
c0ef346073
Merge branch 'master' into ti
2014-07-18 19:27:04 -07:00
726cc3e3a4
sanity check and recent cyassl release
2014-07-18 14:42:45 -06:00
7cb65d8b3d
asthetics
2014-07-17 15:33:48 -06:00
b77a1fdbbb
refactoring
2014-07-17 15:00:40 -06:00
307e5f3bff
fix build warnings with lean-psk mode
2014-07-16 14:40:41 -07:00
7eb8f571ed
reverse compatibility
2014-07-16 14:55:38 -06:00
a26f9b9068
Merge branch 'master' into ti
2014-07-16 13:55:31 -07:00
99f6fd8450
have explicit Rsa Padding error
2014-07-16 13:52:31 -07:00
beec798d4d
Added a basic NTRU Encrypt and Decrypt benchmark
2014-07-16 13:20:16 -06:00
e76c5cc59e
Update formatting for HAVE_COLDFIRE_SEC in aes.c, 80 char line limit
2014-07-16 11:11:41 -06:00
237bde7918
bump version to 3.1.0
2014-07-15 10:50:45 -06:00
6297490f88
update README
2014-07-15 10:49:19 -06:00
54b02c3979
fix order of variables in myDateCb for Windows/VS
2014-07-15 09:39:37 -06:00
9c9499584d
remove client-test.sh from make check
2014-07-14 15:19:31 -07:00
5b08cb35d7
updated sequence number in AD and unit tests
2014-07-14 16:13:24 -06:00
161fe4894b
update ntru cert key w/ new ca
2014-07-11 15:22:16 -07:00
fa5b68d56e
Merge pull request #99 from kaleb-himes/master
...
updated certs
2014-07-11 15:10:31 -07:00
4250955003
arg error checking and CHACHA_AEAD_TEST update
2014-07-11 16:06:29 -06:00
ba34ba0f0f
crls to sha1 from sha256
2014-07-11 14:41:57 -06:00
4972e0a70b
updated certs
2014-07-11 14:14:53 -06:00
15f432c521
updated certs
2014-07-11 13:55:10 -06:00
e62fbdd49f
added ECDSA and DHE_RSA support for chacha-poly
2014-07-10 16:35:56 -06:00
8a9c1ce2fb
Merge branch 'master' into ti
2014-07-10 11:48:39 -07:00
4d969d2850
reduce ntru benchmark stack use
2014-07-10 11:47:05 -07:00
1264c0742c
make sure ntru benchmark pub key size init
2014-07-10 11:14:22 -07:00
c322cb05ad
uses most recent version of cyassl
2014-07-10 11:18:49 -06:00
7c608af579
Merge branch 'master' into ti
2014-07-09 17:48:35 -07:00
1c7eb61017
ntru keygen is indepedent of additional cyassl keygen, use cyassl types, correct ntru benchmark output
2014-07-09 16:18:55 -07:00
b134894eb8
Merge branch 'master' of https://github.com/ShaneIsrael/cyassl
2014-07-09 15:58:15 -07:00
8462ed0653
fix issue #94 , keygen w/ normal math
2014-07-09 15:47:37 -07:00
0a2a56db57
fixed casting issue caught when using clang
2014-07-09 16:33:25 -06:00
1f6dcd94ba
Fixed NTRU param issue in asn.c and added an NTRU keygen benchmark
2014-07-09 16:10:10 -06:00
da0876c474
Merge branch 'cipher-suite' of https://github.com/JacobBarthelmeh/cyassl into cipher-suite
2014-07-09 15:49:29 -06:00
fb25db9c28
progress on suite
2014-07-09 15:48:40 -06:00
9ffc44a01f
ecc_free should be called only upon ecc_import_x963 success.
2014-07-08 13:41:42 -03:00
d6f5f57452
remove unnecessary check on pubKey
2014-07-08 13:03:12 -03:00
f8cf3bf853
remove stack reduction macros
2014-07-08 10:51:27 -03:00
ff59078053
remove stack reduction macros from hash functions
2014-07-08 10:51:10 -03:00
4ed9b3fa33
Merge branch 'master' into ti
2014-07-07 10:32:52 -07:00
b7acbc090f
asn: refactoring EccPrivateKeyDecode to reduce stack usage (199 bytes - pointer sizes saved):
...
--- variable priv moved to the heap (66 bytes saved)
--- variable pub moved to the heap (133 bytes saved)
2014-07-04 12:03:56 -03:00
2913aa89d4
asn: refactoring SetAltNamesFromCert to reduce stack usage:
...
--- variable decoded moved to the heap (sizeof(DecodedCert) bytes saved)
asn: refactoring SetDatesFromCert to reduce stack usage:
--- variable decoded moved to the heap (sizeof(DecodedCert) bytes saved)
asn: refactoring SetNameFromCert to reduce stack usage:
--- variable decoded moved to the heap (sizeof(DecodedCert) bytes saved)
2014-07-04 11:35:11 -03:00
85dcc8e5e2
asn: refactoring MakeAnyCert to reduce stack usage:
...
--- variable der moved to the heap (sizeof(DerCert) bytes saved)
asn: refactoring MakeCertReq to reduce stack usage:
--- variable der moved to the heap (sizeof(DerCert) bytes saved)
2014-07-04 11:06:34 -03:00
1739aea535
asn: refactoring SignCert to reduce stack usage: 512 bytes - pointers size moved to the heap.
...
--- variable sig moved to the heap (1152 bytes saved)
2014-07-04 10:45:09 -03:00
30977adc84
asn: refactoring MakeSignature to reduce stack usage:
...
--- variable encSig moved to the heap (98 bytes saved)
--- variable md5 moved to util function (sizeof(Md5) bytes saved)
--- variable sha moved to util function (sizeof(Sha) bytes saved)
--- variable sha256 moved to util function (sizeof(Sha256) bytes saved)
add cast to variables that may not be used in some builds.
fix - put RSA code inside #ifndef NO_RSA
2014-07-04 09:40:19 -03:00
de14fac069
add hash utility functions to promote cleaner code, smaller footprint, centralized logs and error handling.
2014-07-04 09:17:18 -03:00
a281c6bc6c
asn: refactoring ConfirmSignature to reduce stack usage:
...
--- variable digest moved to the heap (20..64 bytes saved)
--- variable pubKey moved to the heap (sizeof(RsaKey) bytes saved)
--- variable encodedSig moved to the heap (512 bytes saved)
--- variable plain moved to the heap (512 bytes saved)
--- variable pubKey moved to the heap (sizeof(ecc_key) bytes saved)
--- variable md2 moved to the heap (sizeof(Md2) bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) bytes saved)
--- variable sha moved to the heap (sizeof(Sha) bytes saved)
--- variable sha256 moved to the heap (sizeof(Sha256) bytes saved)
--- variable sha384 moved to the heap (sizeof(Sha384) bytes saved)
--- variable sha512 moved to the heap (sizeof(Sha512) bytes saved)
fix - In some cases, the function was returning error codes, that could be interpreted as a false positive.
2014-07-04 09:17:17 -03:00
b875f6f631
add stack reduction macros
2014-07-04 09:17:17 -03:00
8dd4589650
asn: refactoring SetName to reduce stack usage: 1152 bytes - pointers size moved to the heap.
...
--- variable names moved to the heap (1152 bytes saved)
2014-07-04 09:17:17 -03:00
1cd81c1bb6
asn: refactoring SetRsaPublicKey to reduce stack usage: 553 bytes - pointers size moved to the heap.
...
--- variable n moved to the heap (517 bytes saved)
--- variable e moved to the heap (16 bytes saved)
--- variable algo moved to the heap (20 bytes saved)
2014-07-04 09:17:17 -03:00
4aab92c982
asn: refactoring SetEccPublicKey to reduce stack usage: 296 bytes - pointers size moved to the heap.
...
--- variable algo moved to the heap (20 bytes saved)
--- variable curve moved to the heap (20 bytes saved)
--- variable pub moved to the heap (256 bytes saved)
2014-07-04 09:17:17 -03:00
171d7bf920
asn: refactoring DerToPem to reduce stack usage: 160 bytes - pointers size moved to the heap.
...
--- variable header moved to the heap (80 bytes saved)
--- variable footer moved to the heap (80 bytes saved)
2014-07-04 09:17:16 -03:00
e077cd067b
asn: refactoring GetKey to reduce stack usage: 610 bytes - pointers size moved to the heap.
...
--- variable keyBlob moved to the heap (610 bytes saved)
2014-07-04 09:17:16 -03:00
8c1a4a4944
asn: refactoring ToTraditionalEnc to reduce stack usage: 128 bytes - pointers size moved to the heap.
...
--- variable salt moved to the heap (64 bytes saved)
--- variable cbcIv moved to the heap (64 bytes saved)
2014-07-04 09:17:16 -03:00
96aa460d03
asn: refactoring DecryptKey to reduce stack usage: 64 bytes - pointer size moved to the heap.
...
--- variable key moved to the heap (64 bytes saved)
2014-07-04 09:17:16 -03:00
40ef0c8daa
asn: refactoring GetCertHeader to reduce stack usage: ~ sizeof(mp_int) bytes moved to the heap.
...
--- variable mpi moved to the heap (~ sizeof(mp_int) bytes saved)
2014-07-04 09:17:16 -03:00
adf5ba96e6
tie in the client test script to check target
2014-07-03 12:18:03 -07:00
8a3b3b03d2
fix crl problem error out if verify peer disabled
2014-07-03 12:13:41 -07:00
61e989ed99
Merge branch 'master' into ti
2014-07-03 11:34:15 -07:00
2d63c559cc
dh now disabled by default but can be enabled w/o opensslextra
2014-07-03 11:32:24 -07:00
cc74206f9c
Merge branch 'master' into ti
2014-07-02 20:06:49 -07:00
cac799f683
add optional ecc ctx info
2014-07-02 16:59:45 -07:00
6817e3cd2e
Merge branch 'master' into ti
2014-07-02 16:31:55 -07:00
18119610fb
Update tls.c
2014-07-02 16:06:41 -06:00
b7baf024ab
add expired-ca for testing as well
2014-07-02 12:21:52 -07:00
0272d51ce4
remove C++ comments from cyassl proper
2014-07-02 12:11:01 -07:00
be402277e0
add override cert date example for bad clock testing
2014-07-02 12:07:25 -07:00
0c30053f52
Merge branch 'cipher-suite' of https://github.com/JacobBarthelmeh/cyassl into cipher-suite
2014-07-02 12:53:59 -06:00
a1e8eb0802
progress on suite
2014-07-02 12:49:14 -06:00
0950b19da8
Merge branch 'master' into ti
2014-07-02 10:49:22 -07:00
4aac37bff9
move CipherRequires() to both client and server, VerifyClientSuite() to client only
2014-07-02 10:48:04 -07:00
91af14544f
Update poly1305.c
2014-07-01 16:14:57 -06:00
53c63dd257
progress on suite
2014-07-01 16:08:52 -06:00
6c366a1863
progress on suite
2014-07-01 15:19:55 -06:00
bcb31dcb4b
progress on suite
2014-07-01 14:18:21 -06:00
5bf411f345
progress on suite
2014-07-01 14:16:44 -06:00
599da85d9e
Merge branch 'master' into ti
2014-07-01 12:00:15 -07:00
e145e978e1
Merge branch 'master' into ti
2014-07-01 11:58:46 -07:00
1122f2a399
master merge resolve
2014-07-01 11:58:33 -07:00
d875931a3f
hook new DER files into include.am
2014-07-01 11:20:39 -06:00
4eebba8162
Merge branch 'master' of github.com:cyassl/cyassl
2014-07-01 09:28:40 -07:00
c957e9a909
make default I/O callbacks external for user to base/wrap if desired
2014-07-01 09:27:31 -07:00
ee0d989c24
add sizeof ints back to certs_test.h, fix cert buffer usage in benchmark.c
2014-07-01 09:38:12 -06:00
5e09ca669b
update gencertbuf.pl to generate sizeof ints
2014-07-01 09:36:27 -06:00
3ea0f7b4ab
add key/cert buffers for CA cert, server key/cert
2014-07-01 08:58:47 -06:00
f2de04ae46
Merge branch 'master' into ti
2014-06-26 08:57:35 -06:00
9339d7d5b1
add support to TLS extensions in DTLS
2014-06-25 13:26:42 -03:00
16d64104db
Merge branch 'master' into ti
2014-06-25 09:32:27 -06:00
eb56afdbf6
remove spaces
2014-06-25 09:28:44 -06:00
e2a6d68abf
fix - add missing FreeDecodeCert on success.
2014-06-24 20:03:52 -03:00
f2c8826e16
fix missing FreeRsaKey on error.
2014-06-23 15:28:57 -03:00
a6ea32461d
Merge branch 'master' into ti
2014-06-20 14:48:53 -07:00
edb94557e9
pkcs7: refactoring PKCS7_EncodeEnvelopedData to reduce stack usage: ~ 1300 bytes moved to the heap.
...
--- variable contentKeyEnc moved to the heap (512 bytes saved)
--- variable recip moved to the heap (~800 bytes saved)
2014-06-20 14:52:16 -03:00
46d0f68097
pkcs7: refactoring PKCS7_DecodeEnvelopedData to reduce stack usage: ~ 9 * sizeof(mp_int) bytes + 512 bytes moved to the heap.
...
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable encryptedKey moved to the heap (512 bytes saved)
--- variable serialNum moved to the heap (sizeof(mp_int) bytes saved)
2014-06-20 14:52:16 -03:00
21982b50db
pkcs7: refactoring CreateRecipientInfo to reduce stack usage: ~ 8 * sizeof(mp_int) bytes + ~935 bytes moved to the heap.
...
--- variable pubKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable decoded moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
--- variable serial moved to the heap (35 bytes saved)
--- variable keyAlgArray moved to the heap (20 bytes saved)
2014-06-20 14:52:16 -03:00
90e9696ad6
pkcs7: refactoring PKCS7_InitWithCert to reduce stack usage: ~ 880 bytes moved to the heap.
...
--- variable dCert moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
2014-06-20 14:52:16 -03:00
eacff3ba83
pkcs7: refactoring PKCS7_VerifySignedData to reduce stack usage: ~ 50 bytes + 8 * sizeof(mp_int) bytes moved to the heap.
...
--- variable key moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable digest moved to the heap (50 bytes saved)
2014-06-20 14:52:15 -03:00
60b2495f47
pkcs7: refactoring PKCS7_EncodeSignedData to reduce stack usage: ~1300 bytes + ~ 8 * sizeof(mp_int) bytes moved to the heap.
...
--- variable esd moved to the heap (1264 bytes saved)
--- variable digestInfo moved to the heap (50 bytes saved)
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
2014-06-20 14:52:15 -03:00
e6d9151f47
add user cert chain functionality at SSL level instead of just CTX
2014-06-20 10:49:21 -07:00
a319354e92
Merge branch 'master' into ti
2014-06-20 09:24:11 -07:00
0c12f7c9ac
Merge branch 'master' of github.com:cyassl/cyassl
2014-06-20 09:23:30 -07:00
6371b3c262
send ecdsa_sign for client cert request type is sig algo ecdsa
2014-06-20 09:22:40 -07:00
544c86b8e4
update taoCerts.txt to use 1024 RSA by default, SHA1 instead of MD5
2014-06-20 10:16:07 -06:00
4fe938cf3a
Merge branch 'master' into ti
2014-06-19 16:01:35 -07:00
9642902c07
fix disable rsa w/ opensslextra
2014-06-19 15:59:24 -07:00
ae073cb1f9
fix pkcs7 memory leaks and XMALLOC result verification.
2014-06-18 14:32:20 -03:00
00abb2d90e
Merge branch 'master' into ti
2014-06-17 09:17:17 -07:00
8eae068000
fix error codes checking to use enum value from error-ssl.h
2014-06-16 17:57:47 -03:00
59196df818
Merge branch 'master' into ti
2014-06-16 12:31:24 -07:00
8350d91780
fix PemToDer encrypted key search start position for bundled files
2014-06-16 12:30:04 -07:00
9a180b0ec8
Merge branch 'master' into ti
2014-06-16 11:05:20 -07:00
acb3b1afb2
fix bug with DTLS and IO Pools
2014-06-15 17:26:18 -07:00
33fb679334
fix small config bug between AES-GCM and AES-CCM
2014-06-15 13:59:33 -07:00
a3687a200a
fix tests based on Wolfcrypt error codes.
2014-06-13 15:30:30 -03:00
675f99294b
Merge branch 'master' into ti
2014-06-12 16:02:37 -07:00
0223708ac4
make crl monitor watch init -1
2014-06-12 16:01:34 -07:00
233d4f422b
Merge branch 'master' into ti
2014-06-12 16:00:33 -07:00
b14bf25881
merge master
2014-06-12 16:00:25 -07:00
ceafd298f3
fix linux crl monitor newer gcc warning
2014-06-12 15:56:44 -07:00
e30e1c40f7
Merge branch 'master' into ti
2014-06-11 11:57:11 -07:00
ddf5924b3b
add error code for hmac min key len in new error range
2014-06-11 11:56:17 -07:00
b3abbbb0ce
make more room for wolfCrypt error range
2014-06-11 11:50:14 -07:00
aad204428f
fips mode hmac min key length for 2014 requirements
2014-06-11 11:43:17 -07:00
8237319d80
merge with master
2014-06-10 15:19:45 -07:00
9c905b6519
fix on TLSX_SNI_GetFromBuffer - > should be >= so extensions of length 0 get inside the while.
...
added test to cover case.
2014-06-10 16:56:45 -03:00
ba36c24fc1
fix on TLSX_SNI_GetFromBuffer - undo last fix and return 0 when there is no SNI extension. Now the return is the same when there is no extensions at all.
2014-06-10 15:28:29 -03:00
064483035c
fix on TLSX_SNI_GetFromBuffer - set inOutSz value to zero when there is no SNI extension in the client hello buffer.
2014-06-09 17:31:32 -03:00
c6740feee7
Merge branch 'master' into ti
2014-06-09 12:57:43 -07:00
e0c5c89bf6
add sanity check on send callback sent value
2014-06-09 12:55:17 -07:00
f4c96c68c9
Merge branch 'master' into ti
2014-06-05 17:55:56 -07:00
257959bcde
fix intel asm comment and xmm stack size needed
2014-06-05 17:37:39 -07:00
ae6fe9397c
check NTRU DRBG uninstantiate ret value in test.c
2014-06-05 17:07:19 -06:00
ee45558810
fixes #85 , --enable-debug=no and --disable-debug to actually disable debug
2014-06-05 14:39:05 -07:00
a86e710fc1
make clean to remove generated certs/keys
2014-06-05 15:06:59 -06:00
7e5287e578
update NTRU support, with help from thesourcerer8
2014-06-05 14:42:15 -06:00
2a54de002f
Merge branch 'master' into ti
2014-06-04 15:21:59 -07:00
665bda3ce6
ecb encrypt asm restore correct registers
2014-06-04 15:20:04 -07:00
81a5bdc6f9
fix intel syntax backwards
2014-06-04 15:15:29 -07:00
d728474ef3
store non volatile xmm6-15 for aesni on microsoft
2014-06-04 15:00:42 -07:00
bc3cbee2b6
Merge branch 'master' into ti
2014-06-04 09:59:07 -07:00
2494217a87
add sanity check on output buffer size for BuildMessage()
2014-06-04 09:58:15 -07:00
e4c33cb51e
Merge branch 'master' into ti
2014-06-04 08:08:52 -07:00
d301ab001c
fix Windows compile warnings
2014-06-03 23:11:18 -07:00
0c2c8c7fa3
Merge pull request #83 from jspada/max-altname-buffer-len
...
Increased max AltName buffer size (for cert generation)
2014-06-03 14:37:14 -07:00
3d94a41740
Increased max AltName buffer size (for cert generation)
2014-06-03 10:58:22 +01:00
6ae76721f2
Merge branch 'master' into ti
2014-06-02 11:24:32 -07:00
24b556689f
fix psk define w/ opensslextra
2014-06-02 11:22:47 -07:00
65ad0c987b
Merge branch 'master' into ti
2014-05-30 17:06:36 -07:00
66eb3caac5
bump dev version
2014-05-30 17:02:30 -07:00
a920795665
Merge branch 'master' into ti
2014-05-30 16:57:15 -07:00
5b7a5fe0bb
Merge branch 'master' of github.com:cyassl/cyassl
2014-05-30 16:56:28 -07:00
0f311adb2c
if icc doesn't have 128bit type on x64 don't use it
2014-05-30 16:54:09 -07:00
61ca922c46
Updated for v3.0.2
2014-05-30 16:01:02 -07:00
b60a61fa94
DHE-PSK cipher suites
...
1. fixed the AES-CCM-16 suites
2. added DHE-PSK as a key-exchange algorithm type
3. Added infrastructure for new suites:
* TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
* TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
* TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
* TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
* TLS_DHE_PSK_WITH_NULL_SHA256
* TLS_DHE_PSK_WITH_NULL_SHA384
* TLS_DHE_PSK_WITH_AES_128_CCM
* TLS_DHE_PSK_WITH_AES_256_CCM
4. added test cases for new suites
5. set DHE parameters on test server when using PSK and a custom cipher
suite list
6. updated half premaster key size
2014-05-30 11:26:48 -07:00
086b987efe
Merge branch 'master' into ti
2014-05-28 17:49:34 -07:00
4c9fa39d34
fix icc aesni warning where claims to be gcc
2014-05-28 17:48:08 -07:00
71a5aeeb81
Merge branch 'master' into ti
2014-05-28 17:37:48 -07:00
e11dd9803a
fix icc v14 warnings
2014-05-28 17:36:21 -07:00
8a0fbcb83e
Merge branch 'master' into ti
2014-05-28 13:06:51 -07:00
fe88e925cd
update MPLABX generated project files, formatting
2014-05-28 10:30:47 -06:00
7e13e414cb
rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts
2014-05-28 10:28:01 -06:00
21ebf9485d
Merge branch 'master' into ti
2014-05-28 08:39:11 -07:00
263d3439d9
DecodedCert:
...
* add structure fields to persist encoding format of subject parts;
* set default encoding formats at InitDecodedCert;
* retrieve encoding format from buffer at GetName;
* copy encoding format from DecodedCert to CertName at SetNameFromCert.
2014-05-23 15:48:50 -03:00
e517459f89
CertName:
...
* add structure fields to persist encoding format;
* set default encoding formats at InitCert;
* add function to retrieve encoding format of a specific field based on it's id.
2014-05-23 11:11:46 -03:00
6eeba7f50c
Merge branch 'master' into ti
2014-05-20 17:18:31 -07:00
3fa50ca3ea
fix intel syntax comment
2014-05-20 17:17:35 -07:00
e373b083bf
Merge branch 'master' into ti
2014-05-20 14:33:14 -07:00
15d3d3f790
fix visual studio 64 warnings
2014-05-20 14:31:26 -07:00
b46b8516ae
Merge branch 'master' of github.com:cyassl/cyassl
2014-05-20 14:11:58 -07:00
12841e6093
fix integration bugs with new suites
2014-05-20 14:07:08 -07:00
fc084e9978
Merge branch 'master' into ti
2014-05-20 13:46:27 -07:00
3d803653c6
add visual studio 64 project files to autoconf, fix distclcean
2014-05-20 13:45:11 -07:00
8ac8e0f687
forgot one vcxproj
2014-05-20 13:30:57 -07:00
0d2471b2f7
Merge branch 'master' of https://github.com/cyassl/cyassl
2014-05-20 13:27:29 -07:00
744590c868
add visual studio 64bit solution for vs2012+ with custom build step for aesni
2014-05-20 13:27:03 -07:00
eed5360155
fix volatile registers rdi,rsi by saving to rax,r11 and restore
2014-05-20 13:25:28 -07:00
b889191992
Merge branch 'master' of github.com:cyassl/cyassl
2014-05-19 21:52:00 -07:00
74712b4e71
1. Added the following cipher suites:
...
* TLS_PSK_WITH_AES_128_GCM_SHA256
* TLS_PSK_WITH_AES_256_GCM_SHA384
* TLS_PSK_WITH_AES_256_CBC_SHA384
* TLS_PSK_WITH_NULL_SHA384
2. Fixed CyaSSL_CIPHER_get_name() for AES-CCM cipher suites.
2014-05-19 21:44:04 -07:00
6d3a46ebec
Merge branch 'master' into ti
2014-05-19 17:08:51 -07:00
842ff6f24d
Merge branch 'master' of github.com:cyassl/cyassl
2014-05-19 17:08:27 -07:00
df81401cf0
add debugging output to benchmark
2014-05-19 17:06:56 -07:00
7a5dd55eb9
Merge branch 'dtls'
2014-05-19 14:44:11 -07:00
8f4e65276d
Merge branch 'master' into ti
2014-05-19 14:34:46 -07:00
ac73e1b508
fix visual studio cpuid arg warning
2014-05-19 14:33:15 -07:00
2083b4f1b1
Merge branch 'master' into ti
2014-05-19 13:57:22 -07:00
b9d9371aed
add aesni intel asm syntax for aesni, abstract cpuid and asm linkage better for msvc
2014-05-19 13:55:42 -07:00
da5b042d21
AEAD additional data for encrypt and decrypt should be AEAD_AUTH_DATA_SZ
2014-05-19 09:14:10 -07:00
4a511fe36d
Added epoch to sequence number for AES-GCM with DTLS encrypt/decrypt.
2014-05-19 09:14:10 -07:00
d7a08de9de
Merge branch 'master' into ti
2014-05-17 16:24:44 -07:00
6e5f800555
change behavior when OPTIONAL field keyIdentifier is not present. Not erring out.
2014-05-17 16:03:39 -03:00
91df5e52a6
Merge branch 'master' into ti
2014-05-16 09:13:21 -07:00
628e7b4d72
adjust SendData() output buffer check for DTLS header size
2014-05-15 15:55:32 -07:00
fd84098db4
Merge branch 'master' into ti
2014-05-15 10:41:16 -07:00
2bc066a116
change first output line to cyassl/options gen
2014-05-15 10:39:54 -07:00
e024c8af41
Merge branch 'master' into ti
2014-05-15 10:37:15 -07:00
5ab2ccfa96
Added FIPS wrappers for the DRBG and improved CTaoCrypt test.
2014-05-14 15:25:55 -07:00
f9a78b7e20
Merge branch 'master' into ti
2014-05-14 15:07:47 -07:00
ce39ef62ef
update const error strings for newly added ones
2014-05-14 15:05:20 -07:00
519820133d
Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr
2014-05-14 14:51:40 -07:00
e31382ee4d
Merge branch 'master' into ti
2014-05-14 09:22:57 -07:00
c90c90557b
make sure logging available in all des3 build cases
2014-05-14 09:22:09 -07:00
6ea8f6cb17
Merge branch 'master' into ti
2014-05-13 16:05:51 -07:00
aa5234ae0e
fix des return values for ecb and plain cbc, allow errors
2014-05-13 16:04:52 -07:00
d92869067c
Merge branch 'master' into ti
2014-05-13 15:52:33 -07:00
0a8804b3f8
add freescale mmcau hardware crypto alignment requirement, error out if not met
2014-05-13 15:51:35 -07:00
28b6c5b998
Merge branch 'master' into ti
2014-05-12 14:02:22 -07:00
7f938f3bdf
Merge pull request #80 from kojo1/MDK5
...
MDK5 sw pack 3.0.0
2014-05-12 14:01:42 -07:00
b19a7e2238
2nd merge fix
2014-05-12 14:00:29 -07:00
a3a12a7010
merge resolution in io.c
2014-05-12 13:36:20 -07:00
8c9c257921
Merge pull request #79 from kojo1/IAR
...
sample projects for IAR EWARM
Why is SINGLE_THREADED assumed for IAR with ARM?
2014-05-12 13:28:02 -07:00
aae56394aa
Merge branch 'master' into ti
2014-05-12 09:40:26 -07:00
cffcf3512c
Making small stack usage disabled by default
2014-05-12 08:38:35 -03:00
746ab39367
Remove license.txt
2014-05-12 08:58:09 +09:00
fe94cca3d5
Add settings.h to projects
2014-05-12 08:57:38 +09:00
4c8d94023b
Merge branch 'master' into ti
2014-05-09 14:50:44 -07:00
7fcaa03436
Merge pull request #75 from kojo1/ColdFire
...
ColdFire SEC, PIC32 updates
2014-05-09 14:41:40 -07:00
aae718f155
Merge branch 'master' of github.com:cyassl/cyassl into ti
2014-05-09 14:38:10 -07:00
77aa8a86eb
remove extra spaces from comments
2014-05-09 11:57:41 -07:00
34f2e51415
remove extra spaces from ti cyassl proper files
2014-05-09 11:55:59 -07:00
ec5f3cc681
Merge branch 'master' of https://github.com/tisb/cyassl into ti
2014-05-09 11:38:40 -07:00
f643ca5f48
Added TI-RTOS support for CyaSSL tests
2014-05-08 15:52:20 -07:00
5146f3dd94
Initial commit of CyaSSL port for TI-RTOS
2014-05-08 15:50:55 -07:00
e57d5d1d2f
Merge branch 'master' of github.com:cyassl/cyassl
2014-05-08 10:27:54 -07:00
abbfcde0dc
add fips in core first/last files for code/data hashing
2014-05-08 10:26:31 -07:00
72e9ea8e4b
added Hash DRBG as configure option
2014-05-07 11:54:12 -07:00
ac18ce03df
DRBG Update
...
1. picked better values for entropy and nonce sizes based on
security strength
2. changed output block length to be the SHA-256 digest size
3. use constant drbgReseed when reseeding
4. renamed the "drgb" type constants from "dbrg"
5. removed the small stack change due to buffer size changes
6. internal helper function Hash_DRBG_Instantiate now also
takes a pointer to a nonce and a personalization string
7. the InitRng gathers enough bits from GenerateSeed() to
supply the entropy input and a nonce
8. lowered the reseed interval to 1 million
2014-05-06 14:05:52 -07:00
371d2efa2c
remove SWO.ini files
2014-05-06 21:03:10 +09:00
cdf8ab295c
current_time, generic to CortexM
2014-05-06 11:16:43 +09:00
d6b98c1fab
moved OCSP config code outside NO_FILESYSTEM fence
2014-05-05 16:13:08 -07:00
ec13f65ef0
made OCSP callback not dependent on stdio
2014-05-05 16:11:02 -07:00
6ac7b056ee
Pic benchmark, clock config
2014-05-05 16:41:07 +09:00
cb09e266c3
CMSIS-core based current_time
2014-05-05 15:33:04 +09:00
3063c7d663
Update component version in option files
2014-05-05 12:13:34 +09:00
52144ee9ca
Update component version in project files to 3.0.0
2014-05-05 11:34:36 +09:00
eeb2e28f54
Sync with 3.0.0
2014-05-05 09:45:25 +09:00
238e7b9458
Remove files
2014-05-05 09:39:59 +09:00
2f39b50063
fixed DateLessThan()
...
It was returning true on less-than or equal-to.
2014-05-03 16:46:56 -07:00
fd707ebafb
Hash_DRBG refactoring
...
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
2014-05-02 15:35:10 -07:00
fbe09780ca
remove deadcode redundant length check
2014-05-02 11:40:36 -07:00
697f77bef5
help coverity with max size issue on unsigned addition
2014-05-02 11:06:59 -07:00
4104b74c40
fix resource leak on bad user cert chain big buffer
2014-05-02 10:30:07 -07:00
3e62da0bc9
add linux crl monitor clean shutdown
2014-05-02 10:14:40 -07:00
35d5b66d2c
Merge remote-tracking branch 'CyaSSL-master/master' into IAR
2014-05-02 09:32:55 +09:00
b680e62832
set up Simulator
2014-05-02 09:31:22 +09:00
912ec25a0f
fix linux crl monitor build
2014-05-01 09:34:16 -07:00
14c978ca67
remove space
2014-05-01 09:30:17 -07:00
5ff0336491
add custom kqueue event for crl monitor shutdown
2014-05-01 09:28:33 -07:00
f225714e75
io.c, #include
2014-05-01 17:09:28 +09:00
fb00110b77
CyaSSL library project and README
2014-05-01 17:03:01 +09:00
2069394386
benchmark.c: cert file name
2014-05-01 15:26:55 +09:00
3448610f9d
remove icf
2014-05-01 15:14:20 +09:00
3de36b106e
Merge remote-tracking branch 'CyaSSL-master/master' into IAR
2014-05-01 14:33:49 +09:00
5217d9ca98
Remove unused file
2014-05-01 14:32:02 +09:00
169c0eee20
IAR EWARM project: test, benchmark
2014-05-01 14:29:09 +09:00
20f12af8ec
crypto.h
2014-04-28 15:05:44 +09:00
6cf1c8149b
AesCbcEncrypt/Decrypt return value
2014-04-28 10:52:35 +09:00
f9ad1888cb
Fixed pic32mx/mz clock for benchmark
2014-04-28 10:51:18 +09:00
6e3bbd135e
des3.h
2014-04-25 14:21:28 +09:00
cb70631512
aes.c indentation
2014-04-25 14:18:23 +09:00
2460679718
des3.h
2014-04-25 14:11:56 +09:00
11aff767fd
corrected pic32mz header path
2014-04-25 13:50:12 +09:00
e3becc3a65
des3 parity. internal.h to ctaocrypt/types.h
2014-04-25 13:35:35 +09:00
a67cb1207b
ColdFire SEC for aes, des3: Eliminated type mismatch
2014-04-23 20:45:19 +09:00
41199a480d
ColdFire SEC, fix cache control in aes, des3 driver
2014-04-23 16:56:37 +09:00
1ba30b1eb6
des3 parity
2014-04-23 16:55:18 +09:00
b712380a60
Sync MDK5 Software Pack with 2.9.4
2014-04-11 16:20:12 +09:00
a36c18c27f
implement CyaSSL_ERR_reason_error_string
...
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
user to supply storage for them and copying them around.
2013-12-19 19:40:48 +01:00
