WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
8,646 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

8646 Commits (4295db218a968890023d028a1fa41908eb1c6a7a)

Author SHA1 Message Date
John Safranek 98291f8465 Update comment in dh.c. 2018-11-02 11:38:52 -07:00
John Safranek 1261247e2a Added the resource.h and wolfssl.rc to the list of EXTRA_DIST files. 2018-11-02 11:30:29 -07:00
John Safranek cfafbd9659 Added the prime check to the functions wolfSSL_SetTmpDh() and wolfSSL_CTX_SetTmpDh(). 2018-11-02 11:01:39 -07:00
JacobBarthelmeh 1ffc1108a6
Merge pull request #1906 from cconlon/selftest-fixes 
fixes for CAVP selftest build errors
 2018-11-01 11:31:39 -06:00
Jacob Barthelmeh a953a3141e infer and g++ build fixes 2018-11-01 09:59:35 -06:00
Sean Parkinson 81650d6cef Fix for subtract 
Added cortex-m support using umull for faster implementation.
 2018-11-01 15:21:51 +10:00
Sean Parkinson 2b3b19d1c8
Merge pull request #1904 from JacobBarthelmeh/PKCS7 
add test for degenerate case and allow degenerate case by default
 2018-11-01 08:36:15 +10:00
Jacob Barthelmeh 6dd4fba888 fix for clang warning 2018-10-30 17:41:03 -06:00
Jacob Barthelmeh cc3ccbaf0c add test for degenerate case and allow degenerate case by default 2018-10-30 17:04:33 -06:00
David Garske f6093e1e0d Fixes to remove DH prime checks for server side DH parameters. 2018-10-30 15:51:47 -07:00
Chris Conlon def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske f4b0261ca7 Fix to not do prime test on DH key the server loaded. Now it will only do the prime test on the peer's provided public DH key using 8 miller rabbins. Refactored the fast math miller rabin function to reuse mp_int's, which improved peformance for `mp_prime_is_prime_ex` from 100ms to 80ms. Normal math `mp_prime_is_prime_ex` is ~40ms (as-is). Added test for `wc_DhSetCheckKey`. 2018-10-30 11:20:07 -07:00
Chris Conlon 2c0edae96f
Merge pull request #1889 from kojo1/t4_demo 
Renesas RX demo
 2018-10-30 10:14:02 -06:00
Sean Parkinson ab458db504 Review comment changes 
Add heap as a device initialization parameter.
Allocate slot info pointer wiht device heap pointer.
ForceZero user pin on token finalization.
Add comments to structure definitions.
 2018-10-30 15:56:31 +10:00
Takashi Kojo b64c527138 added files under t4_demo to include.am 2018-10-30 13:18:58 +09:00
David Garske ba90674357
Merge pull request #1897 from WolfWalter/fix_sigrs_length 
ATECC508 reference PK callback fix for signature length
 2018-10-29 08:54:46 -07:00
toddouska ae07ba93ad
Merge pull request #1894 from dgarske/pk_keysize 
Fixes for key size detection when using PK callbacks
 2018-10-26 09:46:10 -07:00
toddouska d18c9cad61
Merge pull request #1895 from dgarske/test_384bit 
Added ECC P-384 bit test certs and keys
 2018-10-26 09:44:41 -07:00
toddouska a6adfd434d
Merge pull request #1893 from dgarske/ecdsa_hashalgo 
New build option to match ECDSA hash algo digest size with ephemeral key size
 2018-10-26 09:43:07 -07:00
Wolf Walter a47eeec145 fixed sigRs length 
atmel_ecc_sign and atmel_ecc_verify expect sigRS length to be 64 Byte (32 Byte each).
 2018-10-26 16:43:03 +02:00
David Garske 153c7cc684 Fix for unused variable in new fast-rsa function `wc_RsaPublicKeyDecode_ex`. 2018-10-25 11:12:33 -07:00
David Garske 3be7eacea9 Added client/server certs and keys for P-384-bit signed by P-384 CA. Fix for broken certs/ecc/genecc.sh script. Added simple P-384 cipher suite test. 2018-10-25 09:21:27 -07:00
David Garske d21603334b Added build option `USE_ECDSA_KEYSZ_HASH_ALGO` to alter the hash algorithm selection for `ecc_dsa_sa_algo`. With this build option we try and choose a hash algorithm digest size that matches the ephemeral key size, if not found then will match on next highest. We've seen cases with some Windows based TLS client's where they do not properly support hashing a smaller ephemeral key with a larger hash digest size (such as P-256 key and SHA512 hash). 2018-10-25 09:19:35 -07:00
David Garske 81651c351b Added optional logging for example PK callbacks in test.h enabled with `DEBUG_PK_CB`. 2018-10-25 09:15:34 -07:00
David Garske 86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects `HAVE_PK_CALLBACKS` on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API `wc_RsaPublicKeyDecode_ex` for parsing an RSA public key for the modulus and exponent. Changed `wolfSSL_CTX_SetTmpEC_DHE_Sz` to support a `size == 0` for using the long-term private key's size. Changed `ECDHE_SIZE` so it can be overridden and build-time. Added tests for `wolfSSL_CTX_SetTmpEC_DHE_Sz` and `wolfSSL_SetTmpEC_DHE_Sz`. 2018-10-25 09:15:23 -07:00
toddouska 23445546c5
Merge pull request #1892 from dgarske/ecdhe_keysize 
Fix for ephemeral key size selection
 2018-10-25 07:27:20 -07:00
David Garske c4d6f886b7 Revert change from PR #1845 commit 24f9f12844. This ensure the ephemeral key is P-256 or the overridden value determined by `wolfSSL_CTX_SetTmpEC_DHE_Sz` and `wolfSSL_SetTmpEC_DHE_Sz`. This restores previous behavior from last release. 2018-10-24 09:48:03 -07:00
toddouska 0eb115e7a1
Merge pull request #1884 from kaleb-himes/ECC_DISABLED_TEST_FIX 
Fixes to resolve skipped tests with ECC disabled
 2018-10-24 09:30:47 -07:00
Sean Parkinson 7586e1df42 Only do early data in initial handshake when using PSK 2018-10-24 09:47:30 +10:00
toddouska c173d72423
Merge pull request #1891 from SparkiDev/nginx-1.15.5 
Add defines for latest nginx
 2018-10-23 08:07:52 -07:00
Sean Parkinson ef8b564d2e Add defines for latest nginx 2018-10-23 22:08:44 +10:00
toddouska 22aa01a547
Merge pull request #1881 from SparkiDev/pkcs7_no_si 
Return error when attempting to verify signed data without signers
 2018-10-22 15:00:55 -07:00
toddouska 878b5925fc
Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
toddouska 42fecee77b
Merge pull request #1859 from SparkiDev/pkcs7-cons 
Support constructed OCTET_STRING in PKCS#7 signed data
 2018-10-22 14:52:50 -07:00
Chris Conlon 353f9018f5
Merge pull request #1890 from miyazakh/jamsg 
Added Japanese message into the examples client and server
 2018-10-22 13:44:11 -06:00
David Garske 0b720c4412 Fixes for TLSv1.3 early data. 2018-10-22 11:35:40 -07:00
Chris Conlon 96abf43238
Merge pull request #1888 from MJSPollard/nidFIX 
Fixed compilation issues with Asio, Websocket++, and HAProxy
 2018-10-22 10:19:05 -06:00
Hideki Miyazaki 6953677a8f Keep the max line length to 80 2018-10-20 17:15:17 +09:00
Hideki Miyazaki a27b4c2efb Added Japanese message into the examples client and server 2018-10-20 13:40:01 +09:00
David Garske 7ce236f3af Fix for new `test_wolfSSL_PKCS8` changes to init/free the ecc_key. 2018-10-19 16:04:02 -07:00
Takashi Kojo dabeccca27 README_en 2018-10-20 07:59:22 +09:00
Takashi Kojo f2ef67446d T4 demo 2018-10-20 07:21:52 +09:00
David Garske c268829b68 Fix bug with SendClientKeyExchange and ifdef logic for `ecdhe_psk_kea`, which was preventing `ECDHE-PSK` from working if HAVE_CURVE25519 was defined. Disabled broken downgrade test in test-tls13-down.conf (@SpariDev will need to investigate). Various spelling fixes. 2018-10-19 13:21:56 -07:00
Carie Pointer fac6ce794d Fix HAProxy redefinition warning 2018-10-19 12:14:57 -06:00
MJSPollard 355184bc9b added fix for failing asio and haproxy tests 2018-10-18 17:32:42 -06:00
David Garske 4a4ae446aa Fix for unit.test fails with `-H verifyFail`. 2018-10-18 11:58:00 -07:00
David Garske 84fb23cfab
Merge pull request #1880 from kojo1/NID 
NID definitions are in asn.h
 2018-10-18 09:48:20 -07:00
Sean Parkinson 7551e49fed Improvements for PKCS#11 library 2018-10-18 17:31:17 +10:00
Sean Parkinson 67bb558025 Return error when attempting to verify signed data without signers 2018-10-18 13:44:13 +10:00
Takashi Kojo 8a872891c5 NID_domainComponent is moved to asn.h 2018-10-18 09:28:15 +09:00