WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
5,874 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

305 Commits (626eeaa63d9302dd90b043e7dc808a220123f4f6)

Author SHA1 Message Date
David Garske df119692d1 Fixes for using async with `HAVE_MAX_FRAGMENT` or `--enable-maxfragment` which affected TLS 1.2/1.3. Added TLS 1.2 test for using max fragment. 2017-07-03 19:57:37 -07:00
Sean Parkinson d2ce95955d Improvements to TLS v1.3 code 
Reset list of supported sig algorithms before sending certificate
request on server.
Refactored setting of ticket for both TLS13 and earlier.
Remember the type of key for deciding which sig alg to use with TLS13
CertificateVerify.
RSA PKCS #1.5 not allowed in TLS13 for CertificateVerify.
Remove all remaining DTLS code as spec barely started.
Turn off SHA512 code where decision based on cipher suite hash.
Fix fragment handling to work with encrypted messages.
Test public APIS.
 2017-06-29 09:00:44 +10:00
David Garske 47cc3ffdbc Fix build with either `NO_WOLFSSL_SERVER` or `NO_WOLFSSL_CLIENT` defined. 2017-06-26 23:05:32 -07:00
Jacob Barthelmeh b0f87fdcf7 update .am files for make dist 2017-06-22 14:14:45 -06:00
dgarske 06fa3de31c Merge pull request #980 from SparkiDev/tls13_0rtt 
TLS v1.3 0-RTT
 2017-06-22 09:44:41 -07:00
jrblixt 1aee054902 Add Arc4 to unit test. 2017-06-21 17:03:27 -06:00
Chris Conlon c183e03802 Merge pull request #986 from jrblixt/unitTest_api_addRabbit-PR06192017 
Add Rabbit unit test functions.
 2017-06-21 10:45:41 -06:00
Sean Parkinson 350ce5fcef TLS v1.3 0-RTT 2017-06-21 08:35:28 +10:00
Kaleb Himes 97906bfdb2 Merge pull request #982 from JacobBarthelmeh/Testing 
set return code to TEST_SUCCESS on successful connection
 2017-06-20 16:21:50 -06:00
jrblixt c14e2d5888 Add Rabbit unit test functions. 2017-06-20 15:16:12 -06:00
Jacob Barthelmeh c118146803 set return code to TEST_SUCCESS on successful connection 2017-06-19 09:26:16 -06:00
jrblixt 6a2824f199 Add Camellia unit test functions.. 2017-06-16 16:27:03 -06:00
jrblixt 43d6b7a145 Add ChaCha unit test functions. 2017-06-16 13:00:17 -06:00
jrblixt d5a43af751 Code review changes. Reviewer: Chris. 2017-06-15 11:12:01 -06:00
jrblixt 25ce52cd0c Add IDEA unit test functions. 2017-06-14 23:43:00 -06:00
toddouska 55d421d8b6 Merge pull request #964 from SparkiDev/ecc_priv_only 
Ecc priv only
 2017-06-14 16:42:24 -07:00
Sean Parkinson 13c4fe6cc4 Add test 2017-06-14 09:44:26 +10:00
jrblixt 0ef1129f18 Changes WRT small stack. 2017-06-13 13:44:06 -06:00
Sean Parkinson 613d30bcae ED25519 TLS support 2017-06-08 09:26:49 +10:00
Sean Parkinson 5d5ff56336 External PSK working in TLS13 2017-06-07 17:20:22 +10:00
Sean Parkinson 6b34a94589 Fix NO_DH build issue 2017-06-01 11:56:53 +10:00
jrblixt e345471b21 Logical error fix. 2017-05-26 13:27:27 -06:00
jrblixt 1c0006882a Remove AssertIntEq from within function. 2017-05-26 09:44:12 -06:00
jrblixt edddd05226 Changes per Chris. 2017-05-24 11:50:18 -06:00
jrblixt b47fca5760 Patched and Clean up for PR. 2017-05-24 11:50:13 -06:00
jrblixt fc5a37ac02 Changes per Chris. 2017-05-23 10:01:31 -06:00
David Garske 4edcbc79c1 RipeMd and Sha224 added to unit test. 2017-05-18 09:32:11 -06:00
John Safranek 40800d8065 DTLS-SCTP fix 
1. Add the SCTP suite test file to the include.am.
2. Skip the sequence number increment for client_hello messages in
   DTLS, but do the increment for SCTP.
 2016-12-21 14:24:20 -08:00
toddouska f922d3f2d6 Merge pull request #624 from SparkiDev/sha224 
SHA224 implementation added
 2016-11-15 13:53:34 -08:00
Sean Parkinson fdfc177254 SHA224 implementation added 
Added SHA24 implementation and tetss.
Added HMAC-SHA224 implementation and tests.
Added RSA-SHA224 and ECDSA-SHA224.
Added MGF1-SHA224
Added OpenSSL APIs for SHA224
Configuration option to enable SHA224 and it is on by default for x86_64
 2016-11-10 15:52:26 +10:00
Jacob Barthelmeh f06a392764 COMPAT. LAYER : DES set key and malloc/free 2016-11-07 13:21:05 -07:00
Jacob Barthelmeh b686deecbe PKCS12 : Add PKCS12 parsing 2016-10-29 13:12:26 -06:00
John Safranek b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon 88fab67804 add extended master unit tests 2016-09-01 15:15:17 -06:00
John Safranek e0a035a063 DTLS-SCTP Tests 
1. Added a check to configure for SCTP availablility.
2. Added DTLS-SCTP to the cipher suite test.
 2016-08-29 15:24:51 -07:00
John Safranek 46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
toddouska 78ca9e7716 Merge pull request #482 from dgarske/async 
Asynchronous wolfCrypt RSA and TLS client support
 2016-08-25 10:06:18 -07:00
John Blixt a9935cbc28 Made changes found by Jenkins. 2016-08-19 10:23:55 -06:00
John Blixt 813a9b05b5 Clean up and Chris check added the changes. 2016-08-18 15:07:07 -06:00
John Blixt f61c045e65 Changes to the Assert Macros used and added wolfSSL_CTX_use_certificate_buffer() 2016-08-18 10:03:33 -06:00
John Blixt b068eec96d added wolfSSL_CTX_SetMinVersion 2016-08-17 14:41:37 -06:00
John Blixt cddc771829 Added wolfSSL_SetMinVersion 2016-08-17 14:05:37 -06:00
John Blixt 584733b138 Chris looked at functions added for correctness. 2016-08-17 11:27:14 -06:00
John Blixt 65b2b14a0f added test functions for wolfCrypt_Init and OCSP stapling v1 and v2 2016-08-17 10:32:03 -06:00
David Garske 17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
David Garske 5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Jacob Barthelmeh f6bbe845f5 Merge https://github.com/wolfSSL/wolfssl into bio 2016-06-22 09:14:53 -06:00
Jacob Barthelmeh ea71814518 Merge https://github.com/wolfSSL/wolfssl 2016-06-17 13:58:53 -06:00
John Safranek 2f9c9b9a22 Add cipher suite ECDHE-ECDSA-AES128-CCM 
1. Added the usual cipher suite changes for the new suite.
2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing
   against GnuTLS. It wants to receive strings with newlines.
3. Updated the test configs for the new suite.

Tested against GnuTLS's client and server using the options:

    $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost
    $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509"

To talk to GnuTLS, wolfSSL also needed the supported curves option
enabled.
 2016-06-13 14:39:41 -07:00