WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
10,172 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1761 Commits (d30e4ac74fbda54c77ecae678e9cd247a80762ce)

Author SHA1 Message Date
toddouska eaeaaf12c1
Merge pull request #2446 from SparkiDev/gplusplus_fix_1 
Fixes for g++ compilation
 2019-09-04 16:28:42 -07:00
Sean Parkinson 56df8162bd Fixes for g++ compilation 2019-09-04 10:09:36 +10:00
toddouska b35fd4f1aa
Merge pull request #2441 from JacobBarthelmeh/UnitTests 
strncpy gcc warning fixes
 2019-09-03 15:44:10 -07:00
toddouska 492ce6ac91
Merge pull request #2414 from dgarske/pkcs8_asn1 
Added support for loading a PKCS8 ASN.1 formatted private key
 2019-09-03 15:36:31 -07:00
Jacob Barthelmeh 2a750cd18d strncpy gcc warning fixes 2019-08-30 13:34:51 -06:00
toddouska ef20276ab5
Merge pull request #2424 from SparkiDev/enc_then_mac 
Add support for Encrypt-Then-MAC to TLS 1.2 and below
 2019-08-30 11:09:04 -07:00
tmael b8d2ccee83
Merge branch 'master' into phase2_compatibility_APIs 2019-08-29 09:16:41 -07:00
toddouska 9034e3a0fe
Merge pull request #2432 from embhorn/api_p2 
Adding compatibility API phase 2
 2019-08-29 09:05:01 -07:00
Sean Parkinson 24e98dd05e Add support for Encrypt-Then-MAC to TLS 1.2 and below 
An extension is used to indicate that ETM is to be used.
Only used when doing block ciphers - HMAC performed on encrypted data.
 2019-08-29 09:00:30 +10:00
Eric Blankenhorn 0c9ba1b361 Adding compatibility API phase 2 2019-08-28 09:29:49 -05:00
Tesfa Mael 625c3074b9 Review comments, sanity check 2019-08-27 17:06:36 -07:00
toddouska a49f447e47
Merge pull request #2413 from dgarske/load_ca_nodate 
Refactor of the verify option for processing X.509 files
 2019-08-27 13:20:30 -07:00
Tesfa Mael f9e364f893 Updated wolfSSL_EVP_Cipher() for AES GCM 2019-08-27 11:36:39 -07:00
Tesfa Mael e8f468e2cf correct ifdef directive 2019-08-26 19:17:41 -07:00
Tesfa Mael 00dadafddb Add HAVE_FAST_RSA around RSA_print() 2019-08-26 16:54:10 -07:00
Tesfa Mael b2555d38bc Jenkins PRB enable options test 2019-08-26 15:43:58 -07:00
Tesfa Mael 5e28dd94a2 OpenSSL compatible APIs: 
ASN1_STRING_type
EVP_aes_128_gcm
EVP_CIPHER_CTX_ctrl
EVP_PKEY_sign
EVP_PKEY_sign_init
RSA_print
RSA_NO_PADDING
RSA_PKCS1_PSS_PADDING
 2019-08-26 12:20:18 -07:00
David Garske 76b9476b9a Remove debug printf. 2019-08-23 16:24:45 -07:00
David Garske 99329b0fc4 Improvements to the CRL verify handling. 2019-08-23 16:09:39 -07:00
toddouska 2c97b040ff
Merge pull request #2419 from dgarske/ctx_sec_reneg 
Adds use secure renegotiation at CTX level
 2019-08-23 12:55:30 -07:00
toddouska 6209e8ff24
Merge pull request #2412 from JacobBarthelmeh/PKCS12 
adjust wc_i2d_PKCS12 API
 2019-08-23 10:30:04 -07:00
David Garske 67c3751836 Adds new `wolfSSL_CTX_UseSecureRenegotiation` API for setting secure renegotiation at the WOLFSSL_CTX level. 2019-08-20 16:43:28 -07:00
David Garske 24bfea1ad2 Fixes for various build options (!NO_RSA, HAVE_ECC, NO_PKCS8, NO_PKCS12). Added new `NO_CHECK_PRIVATE_KEY` to allow reduce code size when not required. 2019-08-20 10:38:08 -07:00
David Garske 644e7a8f45 Fixes for PKCS8 w/wo encryption as DER/ASN.1. Fixes for building with `--disable-oldnames`. Fix to enable the PKCS8 enc test without openssl comat. Added additional PKCS8 tests. 2019-08-19 16:27:46 -07:00
David Garske 3e1c103c78 Added support for loading a PKCS8 ASN.1 formatted private key (not encrypted). 2019-08-16 16:09:00 -07:00
David Garske 586b74b05f Refactor of the verify option for processing X.509 files. Adds support for ignoring date checks when loading a CA using the `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` flag on `wolfSSL_CTX_load_verify_buffer_ex` and `wolfSSL_CTX_load_verify_locations_ex`. 2019-08-16 15:19:55 -07:00
toddouska 7d4023f6a1
Merge pull request #2408 from dgarske/coverity 
Minor fixes to resolve Coverity static analysis checks
 2019-08-16 14:45:13 -07:00
Jacob Barthelmeh 487e66394e adjust wc_i2d_PKCS12 API 2019-08-16 15:19:33 -06:00
David Garske 0d13b385ab Fixes for possible cases where DerBuffer is not free'd in `AddCA` error cases. 2019-08-15 17:01:30 -07:00
Eric Blankenhorn 1b841363cc Adding tests 2019-08-15 12:27:23 -05:00
Eric Blankenhorn b2b24a06f3 Adding API 2019-08-14 15:09:17 -05:00
Eric Blankenhorn 48fa6a458c Adding compatibility API phase 1 2019-08-13 17:09:56 -05:00
Tesfa Mael 9301cce9ac Check a null pointer dereference 2019-08-13 11:48:20 -07:00
Tesfa Mael b1ad0525ea cast to correct static analysis issue 2019-08-13 10:45:24 -07:00
Tesfa Mael b7bd710bc8 Add small stack option 2019-08-13 10:29:37 -07:00
Tesfa Mael 1acd24deb8 Review comment to reduce stack usage 2019-08-13 10:15:57 -07:00
Tesfa Mael b9ddbb974a perform domain name check on the peer certificate 2019-08-13 09:55:28 -07:00
Tesfa Mael 4bff2b6bef Fixed valgrind issue 2019-08-06 15:49:36 -07:00
Tesfa Mael 1371fc8327 Review comments 2019-08-06 13:23:18 -07:00
Tesfa Mael c1938969aa Convert to pointer to pass static memory 2019-08-06 10:47:30 -07:00
Tesfa Mael 000c38ae1f Use wolfSSL_PKCS7_free, not wc_PKCS7_Free 2019-08-06 07:46:57 -07:00
Tesfa Mael f5f5947616 New OpenSSL compatible APIs: 
wolfSSL_PEM_write_bio_PKCS7
wolfSSL_PKCS7_SIGNED_new
wolfSSL_X509_subject_name_hash
wolfSSL_CTX_use_PrivateKey_ASN1
wolfSSL_get0_param
wolfSSL_X509_VERIFY_PARAM_set1_host
 2019-08-05 17:35:37 -07:00
David Garske 91251eb319 Fixes for minor compiler cast warnings. 2019-07-29 08:14:27 -07:00
David Garske e3653a7a07 Various spelling corrections. 2019-07-29 08:14:07 -07:00
Jacob Barthelmeh 6c9fac2a71 add wolfSSL_RAND_Cleanup to match wolfSSL_RAND_seed call on init 2019-07-10 16:43:44 -06:00
Chris Conlon 0bb6b388c0
Merge pull request #2312 from kojo1/RAND_bytes_2 
RAND_bytes
 2019-07-08 15:30:06 -06:00
toddouska baf65f4f43
Merge pull request #2327 from JacobBarthelmeh/Compatibility-Layer 
add wolfSSL_PEM_write_DHparams implementation
 2019-07-08 12:58:10 -07:00
toddouska e6ab7d165c
Merge pull request #2325 from JacobBarthelmeh/Testing 
remove HAVE_CRL macro guard from X509 PEM write function
 2019-07-08 12:57:15 -07:00
toddouska 1070aba5e2
Merge pull request #2308 from SparkiDev/resumption_fix 
Don't resume if stored session's ciphersuite isn't in client list
 2019-07-08 12:52:59 -07:00
toddouska 2a4b935e07
Merge pull request #2299 from JacobBarthelmeh/DTLS-MultiCore 
DTLS export/import state only
 2019-07-08 12:47:13 -07:00
Jacob Barthelmeh 4cf8923838 make wc_DhParamsToDer a static function to avoid DhKey redefenition 2019-07-05 11:58:40 -06:00
Takashi Kojo 9b654d25d1 wolfSSL_RAND_seed(NULL, 0); 2019-07-04 18:31:57 +09:00
Jacob Barthelmeh ab9d89cb31 cast on return and move location of function declaration 2019-07-03 15:20:08 -06:00
Jacob Barthelmeh f2bb5e8944 implementation of wolfSSL_PEM_write_DHparams 2019-07-02 17:42:33 -06:00
Jacob Barthelmeh a7acacff41 remove HAVE_CRL macro guard from X509 PEM write function 2019-07-02 14:37:33 -06:00
Takashi Kojo 43ce956d9c minor fix 2019-06-29 16:47:39 +09:00
Takashi Kojo 1634d9571c RAND_seed in init, GlobalRNG before tmp. 2019-06-29 09:21:30 +09:00
Sean Parkinson e96ede65ce Don't resume if stored session's ciphersuite isn't in client list 
Turn this check off with NO_RESUME_SUITE_CHECK.
 2019-06-28 16:23:41 +10:00
toddouska b957415609
Merge pull request #2245 from MKinclRA/coverity-issues 
Coverity issues
 2019-06-24 16:12:52 -07:00
Jacob Barthelmeh b236a1c32f add export/import window state only 2019-06-21 15:52:48 -06:00
kaleb-himes c114bcaead Addressed peer feedback, avoid double check when HAVE_CURVE25519 not set 2019-06-21 09:40:17 -06:00
kaleb-himes 49a631996c Check other names when FFDHE returns NULL 2019-06-21 09:27:15 -06:00
kaleb-himes ce251417f5 curve25519 in get_curve_name when HAVE_ECC not defined. Thanks to C.B. for the report. 2019-06-20 10:57:07 -06:00
toddouska cab4a8c9b1
Merge pull request #2240 from dgarske/x509small_showcerts 
Added support for `SHOW_CERTS` with `OPENSSL_EXTRA_X509_SMALL`
 2019-05-23 11:41:32 -07:00
toddouska a742cf9bf8
Merge pull request #2234 from JacobBarthelmeh/Testing 
add sanity check on buffer index and regression tests
 2019-05-23 11:32:38 -07:00
Martin Kinčl cae4d400b9 Removed dead code from wolfSSL_d2i_X509_fp_ex. 2019-05-16 16:54:40 +02:00
Jacob Barthelmeh 88bf5d9676 add sanity check on buffer index and regression tests 
macro guards on use case and adjustment for memory size

gcc-8 warning fix

adjustement to default memory bucket sizes
 2019-05-14 15:55:24 -06:00
David Garske 10dde24363 Added support for `SHOW_CERTS` with `OPENSSL_EXTRA_X509_SMALL` for embedded debugging of certs. Minor build warning fixes with `OPENSSL_EXTRA` and `STM32_HASH` on IAR. 2019-05-14 09:24:59 -07:00
kaleb-himes 79bf578fd3 Check appropriate flag for private vs public - Thanks to: E.M. 2019-05-09 17:05:34 -06:00
abrahamsonn bbb72946b7 initialized var. 2019-04-26 11:35:50 -06:00
Jacob Barthelmeh 3e24212780 add sanity check on buffer size when copying public key 2019-04-23 13:42:49 -06:00
Jacob Barthelmeh de299848c1 initialize pubkey size to 0 2019-04-22 10:01:17 -06:00
Jacob Barthelmeh 82796d4b4c remove pubKeyX509 from WOLFSSL_X509 structure 2019-04-19 15:15:02 -06:00
Jacob Barthelmeh 29101a29c9 free key in test case, initialize variables fix, macro guard on iana use 2019-04-19 09:47:15 -06:00
Jacob Barthelmeh ec2849b885 macro guard on EncodePolicyOID use 2019-04-18 14:56:24 -06:00
Jacob Barthelmeh efc96e40d1 add test cases 2019-04-18 10:41:51 -06:00
Jacob Barthelmeh b291b51988 adjust get pubkey from X509 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh e1537b2a56 add case CRL_DIST_OID and fix key usage check 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 083183e3b1 add get cipher iana list and parse iana list 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 6976219b05 add x509 TBS getter function 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 7da46501cc add certgen and certext to jni, add get timeout function 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 788443d3cf set initial buffer size 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 494e469dd2 implement wolfSSL_OBJ_txt2nid for OIDs 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh 72f3329faa add wolfSSL_X509_verify function 2019-04-18 09:31:01 -06:00
Jacob Barthelmeh bf3d876e6a getter function for X509 public key 2019-04-18 09:31:01 -06:00
Chris Conlon 2cf264a9d5
Merge pull request #2207 from ejohnstown/evp-init-fix 
EVP Init Fix
 2019-04-17 17:16:42 -07:00
John Safranek 3bf01072d8 EVP Init Fix 
When calling wolfSSL_EVP_DigestInit() with an unsupported string, the
macType should be set to NONE, rather than ignored. In a particular
build combination, functions using that EVP could false the type because
of memory garbage. Just set it in the else case.
 2019-04-17 14:04:00 -07:00
Hideki Miyazaki 1ab5a022c6 updated as the latest version of sw use 2019-04-17 16:30:11 +09:00
toddouska b224f6fac9
Merge pull request #2181 from JacobBarthelmeh/Compatibility-Layer 
update wolfSSL_i2d_RSAPrivateKey function
 2019-04-03 09:16:10 -07:00
David Garske e8afb6ea51
Merge pull request #2174 from embhorn/zd4879 
Fixes for static analysis issues
 2019-04-01 08:48:40 -07:00
Jacob Barthelmeh b599dc2b9d update wolfSSL_i2d_RSAPrivateKey function 2019-03-28 14:15:57 -06:00
Eric Blankenhorn cffe7eccde Fixes for high impact issues 2019-03-28 12:08:19 -05:00
David Garske b1c791dbd9
Merge pull request #2180 from miyazakh/wolfsslclean_fix 
Initialized sendVerify when calling wolfSSL_clear
 2019-03-27 23:32:41 -07:00
JacobBarthelmeh 8c6316eb9c
Merge pull request #2179 from kojo1/X509_STORE_CTX 
X509_STORE_CTX_free compatibility
 2019-03-27 17:17:26 -06:00
Hideki Miyazaki 05987ec717 Initialized sendVerify when reseting WOLFSSL object 2019-03-27 10:18:43 +09:00
John Safranek 7aa159ca6d
Merge pull request #2157 from kojo1/ocsp_staple 
Expose CheckResponse as wolfSSL_CertManagerCheckOCSP_Staple
 2019-03-25 13:48:29 -07:00
JacobBarthelmeh 6b325929e5
Merge pull request #2175 from kojo1/BN_init 
add BN_init
 2019-03-25 09:04:36 -06:00
Takashi Kojo 3e42c6edcd remove sk_X509_free for compatibility 2019-03-24 16:57:08 +09:00
Chris Conlon d9e6b8a62d
Merge pull request #2168 from aaronjense/master 
Remove NULL check before pub and priv have a chance to be set
 2019-03-22 16:34:34 -06:00
Takashi Kojo 744c247e92 change CheckOCSP_staple to OCSPResponse, move to ssl.h 2019-03-22 13:56:32 +09:00