WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
4,626 Commits
4 Branches
160 Tags
400 MiB
Commit Graph

4626 Commits (0ee7d7cc1710baca26c2a0928daa1dc427d89324)

Author SHA1 Message Date
John Safranek 0ee7d7cc17 1. Add DES3 enable to full commit test. 
2. Added DES3 to the list of FIPS prereqs.
 2016-09-15 12:19:32 -07:00
John Safranek e3bb4c29e2 Fix openssl.test with the lean-TLS option 
1. Make new CA cert for test that is both client-cert.pem andr
   client-ecc-cert.pem.
2. Use the new client-ca.pem cert in the test script.
3. Update renewcerts script to generate client-ca.pem.
 2016-09-15 11:39:30 -07:00
John Safranek 2d4757b446 Disable DES3 by default. Force it enabled when it is a prereq for 
another option. (SCEP and PKCS7)
 2016-09-15 11:23:36 -07:00
JacobBarthelmeh 01be5cdc07 Merge pull request #550 from toddouska/rsainit 
make sure rsa rng is null on init
 2016-09-14 16:31:07 -06:00
toddouska dc337946d5 make sure rsa rng is null on init 2016-09-14 14:33:08 -07:00
John Safranek 7410b5784f Merge pull request #548 from toddouska/nocache 
add WC_NO_CACHE_RESISTANT option for old code paths
 2016-09-14 10:24:29 -07:00
toddouska e039fcefc0 Merge pull request #549 from JacobBarthelmeh/master 
aes.c : check ILP32 macro defined
 2016-09-14 09:58:19 -07:00
Jacob Barthelmeh 109642fef4 aes.c : check ILP32 macro defined 2016-09-14 09:33:48 -06:00
toddouska b6937626b4 don't require uneeded temp with WC_NO_CACHE_RESISTANT 2016-09-13 17:01:50 -07:00
toddouska 7b3fc558ec add WC_NO_CACHE_RESISTANT option for old code path 2016-09-13 16:45:15 -07:00
John Safranek b77c350153 Merge pull request #547 from toddouska/mathca 
Remove timing resistant cache key bit monitor leaks
 2016-09-13 14:34:23 -07:00
toddouska 05d78dc2ce Merge pull request #544 from cconlon/rsafix 
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
 2016-09-13 11:24:03 -07:00
toddouska 46a0ee8e69 switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor 2016-09-13 11:10:10 -07:00
John Safranek 0477d5379e Merge pull request #546 from toddouska/aesca 
AES T table cache preload.
 2016-09-13 11:05:28 -07:00
toddouska 6ef9e79ff5 switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor 2016-09-13 09:13:39 -07:00
toddouska 6ae1a14c9f do aes cache line stride by bytes, not word32s 2016-09-12 21:09:08 -07:00
toddouska c6256211d6 compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round 2016-09-12 13:04:30 -07:00
toddouska 97a64bcc7c remove unique aes last round Te table, pre fetch Te tables during software aes encrypt 2016-09-12 12:03:37 -07:00
Chris Conlon a149d83bff include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys 2016-09-09 16:11:56 -06:00
John Safranek 68e48e84fd Merge pull request #541 from toddouska/comp 
detect server forcing compression on client w/o support
 2016-09-09 13:00:22 -07:00
toddouska fc54c53f38 Merge pull request #543 from JacobBarthelmeh/ARMv8 
ARMv8 : increase performance with SHA256
 2016-09-09 10:23:44 -07:00
Jacob Barthelmeh 3ec66dd662 ARMv8 : sanity checks and change constraint type 2016-09-09 00:27:40 +00:00
dgarske bd3e40d2fc Merge pull request #542 from JacobBarthelmeh/master 
verify case with unexpected input
 2016-09-08 16:07:28 -07:00
Jacob Barthelmeh f4e604dec3 verify case with unexpected input 2016-09-08 15:32:09 -06:00
toddouska 0c21d76ce3 detect client not sending any compression types 2016-09-08 12:06:22 -07:00
Jacob Barthelmeh 79af4d30e0 ARMv8 : increase performance with SHA256 2016-09-08 18:00:24 +00:00
toddouska 3e80d966d2 Merge pull request #540 from dgarske/fix_noprng_nosha2 
Fix to allow disabling P-RNG and SHA256 with CUSTOM_RAND_GENERATE_BLOCK
 2016-09-07 16:33:32 -07:00
toddouska 3aefc42f04 have TLS server side verify no compression is in list if not using compression 2016-09-07 15:28:30 -07:00
David Garske f6b786cfb5 Updated the random.h source inline comments to clarify SHA256 and RC4. 2016-09-07 09:23:43 -07:00
toddouska baebec4ca4 Merge pull request #538 from JacobBarthelmeh/ARMv8 
initial ARMv8 instructions
 2016-09-07 09:20:14 -07:00
toddouska a5db13cd01 detect server forcing compression on client w/o support 2016-09-07 09:17:14 -07:00
David Garske 8d6ea61a4f Fix to allow disabling P-RNG and SHA256 when CUSTOM_RAND_GENERATE_BLOCK is used. Added inline documentation to describe RNG source options. Example: ./configure --enable-cryptonly --disable-hashdrbg CFLAGS="-DNO_SHA256 -DCUSTOM_RAND_GENERATE_BLOCK" 2016-09-06 16:42:53 -07:00
Jacob Barthelmeh 09b29cb1d4 ARMv8 AES: remove extra memcpy during encrypt/decrypt 2016-09-02 22:55:17 +00:00
JacobBarthelmeh 33f24ebaa8 Merge pull request #537 from ejohnstown/ocsp-issuerKeyHash 
OCSP Fixes
 2016-09-02 14:57:07 -06:00
Jacob Barthelmeh 8e4ccd355c refactor ALIGN16 macro to types.h 2016-09-01 21:24:03 +00:00
Jacob Barthelmeh 41912b92c6 initial ARMv8 instructions 2016-09-01 18:10:06 +00:00
John Safranek 963b9d4c4d OCSP Fixes 
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
 2016-09-01 09:58:34 -07:00
Chris Conlon a0b02236b8 Merge pull request #527 from danielinux/master 
Support for Frosted OS
 2016-08-31 10:07:25 -06:00
toddouska 092916c253 Merge pull request #536 from ejohnstown/dtls-sctp 
DTLS over SCTP
 2016-08-30 13:09:40 -07:00
John Safranek e0a035a063 DTLS-SCTP Tests 
1. Added a check to configure for SCTP availablility.
2. Added DTLS-SCTP to the cipher suite test.
 2016-08-29 15:24:51 -07:00
JacobBarthelmeh de3f66b946 Merge pull request #515 from dgarske/cryptonly_static_mem 
Added support for static memory with wolfCrypt
 2016-08-29 15:23:28 -06:00
David Garske ddff90ea26 Fix duplicate declaration of "wolfSSL_init_memory_heap" (errors after rebase). 2016-08-29 11:50:43 -07:00
David Garske 6a70403547 Fix for "not used" devId in benchmark. 2016-08-29 11:01:16 -07:00
David Garske 2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
John Safranek 05a35a8332 fix scan-build warning on the simple SCTP example server 2016-08-26 20:33:05 -07:00
John Safranek aed68e1c69 1. Needed to tell the client to use sctp. 
2. Creating the example sockets needed the IPPROTO type.
 2016-08-26 19:58:36 -07:00
John Safranek 46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
John Safranek 6d5df3928f SCTP-DTLS examples 
1. Added the set SCTP mode command to client and server.
2. Added a 4K buffer test case.
 2016-08-26 19:58:36 -07:00
John Safranek bab071f961 1. Implemented the SCTP MTU size changes for transmit. 
2. Simplified the MAX_FRAGMENT size when calling SendData().
 2016-08-26 19:58:36 -07:00
John Safranek a6c0d4fed7 1. Added missing -DWOLFSSL_SCTP to configure.ac. 
2. Don't do hello verify requests in SCTP mode.
3. Implemented the SCTP MTU size changes.
4. Simplified the MAX_FRAGMENT size when calling ReceiveData().
 2016-08-26 19:58:36 -07:00