9eb339f9fd
Remove cyassl from example code
2023-08-01 10:17:38 -04:00
ab953c3141
Update VS project files
2023-07-31 15:37:48 -04:00
2b2509c56c
Drop code support
2023-07-31 15:36:38 -04:00
a785c39a12
Merge pull request #6657 from kojo1/multibyte
...
multi-byte code
2023-07-27 16:35:22 -06:00
3e63589664
Merge pull request #6605 from dgarske/ada
...
Ada Bindings for wolfSSL
2023-07-27 15:21:52 -06:00
136738fd33
Avoid mult-byte code error
2023-07-27 17:04:41 +09:00
c0b4cde6df
Merge pull request #6632 from jpbland1/ocsp-want-read-error
...
OCSP_WANT_READ mishandled re-run
2023-07-25 08:23:46 -07:00
1285ae7816
Merge pull request #6506 from DimitriPapadopoulos/codespell
...
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
2e4b651b87
update tls13 to handle an OCSP_WANT_READ, update
...
async client test to retry connect on OCSP_WANT_READ instead of timing out
2023-07-21 16:24:59 -04:00
9bed65ad57
split up error message
...
split #if into multiple lines
2023-07-13 15:14:02 -06:00
b02a22b5b3
added error reporting macro for invalid configuration
2023-07-13 15:14:02 -06:00
44faddac6c
fix compiler error for targets that don't define HAVE_PTHREAD
2023-07-13 15:14:02 -06:00
2c9609039d
Type conversion fixes: make explicit
...
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
d20a096ffa
Ada Bindings for wolfSSL. Credit Joakim Dahlgren Strandberg <joakimds@kth.se>
2023-07-12 12:37:52 -07:00
d84adce608
Fix Micrium config and new examples with NO_FILESYSTEM
2023-07-10 17:12:12 -05:00
7213cb3cfb
Merge pull request #6463 from dgarske/silabs_erf32
...
Updated support for Silicon Labs Simplicity Studio and the ERF32 Gecko SDK
2023-07-07 11:42:00 -06:00
1912f1bc2a
fixes for clang-analyzer-core.NullDereference, clang-analyzer-core.NonNullParamChecker, clang-analyzer-deadcode.DeadStores, readability-redundant-preprocessor, clang-diagnostic-unreachable-code-break, -Werror=sign-conversion, bugprone-macro-parentheses, "Call to 'malloc' has an allocation size of 0 bytes", clang-diagnostic-declaration-after-statement re tests/unit.h:ExpectPtr() pragmas.
2023-07-06 00:53:37 -05:00
f00b5c3a1e
Merge pull request #6537 from SparkiDev/sm
...
SM2/SM3/SM4: Chinese cipher support
2023-07-04 10:03:37 -07:00
b682c2c4bb
Merge pull request #6437 from julek-wolfssl/windows-crl-monitor
...
Implement CRL monitor for Windows
2023-07-04 10:03:14 -07:00
50752f5a2b
Fix typos found by codespell
2023-07-04 07:21:27 +02:00
e2424e6744
SM2/SM3/SM4: Chinese cipher support
...
Add support for:
- SM2 elliptic curve and SM2 sign/verify
- SM3 digest
- SM4 cipher with modes ECB/CBC/CTR/GCM/CCM
Add APIs for SM3 and SM4.
Add SM2 sign and verify APIs.
Add support for SM3 in wc_Hash and wc_Hmac API.
Add support for SM3 and SM4 through EVP layer.
Add support for SM2-SM3 certificates. Support key ID and name hash being
with SHA-1/256 or SM3.
Add support for TLS 1.3 cipher suites: TLS-SM4-GCM-SM3, TLS-SM4-CCM-SM3
Add support for TLS 1.2 SM cipher suite: ECDHE-ECDSA-SM4-CBC-SM3
Add support for SM3 in wc_PRF_TLS.
Add SM2-SM3 certificates and keys. Generated with GmSSL-3.0.0 and
OpenSSL.
2023-07-04 13:36:28 +10:00
f72a6b705f
Minor spelling fixes.
2023-07-03 10:23:55 -07:00
3d68bcd6f7
Jenkins fixes
2023-07-03 14:02:51 +02:00
bff2cf5690
Add crl monitor unit testing
2023-07-03 14:02:51 +02:00
a39a04fc88
PEM example: new example for convert between PEM and DER
...
PEM example converts PEM to DER and DER to PEM.
Supports encrypting DER and writing out as PEM.
Added better support for 40-bit RC2-CBC PBE.
Added AES-128-CBC encryption support with PKCS#5v2.
Fixed handling of iterations to support writing 24-bit values.
Declared enum types for pass to PKCS#8 encryption APIs.
Add more DER and PEM files to certs directory.
Add testing of 'pem' with pem.test script.
2023-07-03 17:20:35 +10:00
e0651e4eb3
Merge pull request #6434 from TakayukiMatsuo/fixtypo
...
Fixed some typos in Japanese help in examples/client
2023-06-28 11:20:42 +09:00
6b240fa41a
Refactor HAVE_PTHREAD and _POSIX_THREADS ( #6536 )
...
* HAVE_PTHREAD gate in test.h
* add config.h and settings.h to test.h
* added config.h and settings.h to other test.h in wolfcrypt/test
* settings #ifdef _POSIX_THREADS HAVE_PTHREAD
* cyassl settings _POSIX_THREADS HAVE_PTHREAD
* undo cyassl _POSIX_THREADS HAVE_PTHREAD
* move settings.h #include in both test.h
* add !defined(SINGLE_THREADED) logic
* refactor HAVE_PTHREAD, _POSIX_THREADS
2023-06-26 07:32:20 -07:00
83dca07421
Updated support for Silicon Labs Simplicity Studio and the ERF32 Gecko SDK. Fix ECC unused functions with HW crypto like SE. ZD 15874.
2023-06-23 14:20:40 -07:00
53fe93430e
Update EBSNET port
2023-06-21 15:52:42 -05:00
c2c97c2b57
Fix typos in Japanese help.
2023-05-23 07:11:53 +09:00
55a91c2b55
Minor fixes
...
configure.ac: Don't use == in test.
client.c: Merge string to one line.
asn.c/asn_public.h:
fix conversion warnings/errors.
wc_Asn1_Print no longer public and doesn't need to check for NULL.
wc_Asn1_PrintAll check all pointer parameters for NULL.
2023-05-05 08:43:50 +10:00
6e572cc91d
Merge pull request #6352 from SparkiDev/asn1_print
...
ASN.1 print utility: asn1
2023-05-04 10:55:47 -07:00
d2afe9e5e0
Memory usage improvements
...
ECC: make private key field 'k' able to be smaller when ALT_ECC_SIZE is
defined.
WOLFSSL_SMALL_STACK_CACHE: allocate temps using new macros.
2023-05-04 10:26:57 +10:00
9cdee20a7d
ASN.1 print: implementation to parse and print added
...
New API to parse and print DER/BER data from a buffer.
Add an example to parse DER, Base64 and PEM files and print out ASN.1 items.
2023-05-04 09:57:44 +10:00
61dfbf5ef2
Fixes and improvements for building with low footprint. Fix for ASN template with RSA verify only (was missing `mp_leading_bit`). Fix to allow disabling DRBG with crypto callbacks enabled. Updated the wolfTPM user_settings.h template with low resource option.
2023-05-02 16:51:41 -07:00
8851065848
cppcheck fixes
...
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
22a5a5c45e
Add introspection for math build and math cleanups:
...
* Add introspection for math build.
* Raise build error if more than one multi-precision math library used.
* Fix ESP32 to support using any multi-precision math option.
* Refactor math headers to use `wolfmath.h`
* Refactor of the opaque math variable type `MATH_INT_T` used by crypto hardware (QuickAssist, SE050, ESP32 and STM32).
* Cleanups for building with `WOLFCRYPT_ONLY` and `NO_BIG_INT`.
* Stop forcing use of fast math by default for platforms in settings.h. Note: For users that still want to use fast math (tfm.c) they will need to add USE_FAST_MATH to their build settings.
Applies To:
```
WOLFSSL_ESPWROOM32
WOLFSSL_ESPWROOM32SE
MICROCHIP_PIC32
WOLFSSL_PICOTCP_DEMO
WOLFSSL_UTASKER
WOLFSSL_NRF5x
FREERTOS_TCP
WOLFSSL_TIRTOS
EBSNET
FREESCALE_COMMON
FREESCALE_KSDK_BM
WOLFSSL_DEOS
MICRIUM
WOLFSSL_SGX
```
2023-03-30 14:42:55 -07:00
fc6d693dae
Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of `SSL_SUCCESS` and `SSL_FAILURE`. Add `WOLFSSL_DEBUG_NONBLOCK` option to allow printing iterations without debug enabled.
2023-02-21 12:02:15 -08:00
464c2d19dc
Merge pull request #6006 from SparkiDev/tls13_only_psk_dhe_ke
...
TLS 1.3 PSK: add option to require only PSK with DHE
2023-02-15 21:10:27 -08:00
b624fc8377
TLS 1.3 PSK: add option to require only PSK with DHE
...
Can specify only PSK without DHE.
Add only PSK with DHE.
2023-02-16 09:21:29 +10:00
10529e6199
Add `user_settings.h` template for wolfTPM
2023-01-26 10:40:59 -08:00
6b6ad38e4f
Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180.
2023-01-18 11:37:27 -08:00
0b0b980784
fix an oversight in wolfSentry integration in examples/{client,server}.
2023-01-05 17:59:10 -06:00
43265669c6
fix warnings around clang-diagnostic-embedded-directive and readability-uppercase-literal-suffix; update wolfSentry integration for upcoming release 0.8.0.
2023-01-05 00:13:17 -06:00
023db01aca
* Fixed some build configuration variations.
...
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
2023-01-03 10:59:59 -08:00
bdcf6928a2
Merge pull request #5945 from JacobBarthelmeh/copyright
...
update copyright to 2023
2023-01-03 09:29:39 -08:00
4edae51095
Fix StartTLS_Init ( #5907 )
...
* Fix StartTLS_Init (contribution by Yota Nagaya)
2023-01-03 09:28:23 -08:00
9dcc48c8f7
update copyright to 2023
2022-12-30 17:12:11 -07:00
9a7ff8773b
add --with-libsuffix support, append suffix to library artifact name
2022-12-21 13:31:07 -07:00
364835dc9e
Allow session tickets to properly resume when using PQ KEMs.
...
Found with:
```
./configure --with-liboqs --enable-session-ticket
./examples/server/server -v 4 -r --pqc P521_KYBER_LEVEL5
./examples/client/client -v 4 -r --pqc P521_KYBER_LEVEL5
```
2022-12-13 11:36:00 -05:00
b017795413
Remove changes around wolfSSL_set_session() as it breaks tests.
2022-12-12 11:44:27 -05:00
fffd3adc30
Warn that renegotiation in TLS 1.3 requires session ticket.
2022-12-12 11:30:01 -05:00
9d9549fbd3
Merge pull request #5836 from anhu/kyber_cleanup
...
Remove kyber-90s and route all kyber through wolfcrypt.
2022-12-05 13:18:44 -08:00
a2fb4c0788
Remove kyber-90s and route all kyber through wolfcrypt.
2022-11-30 17:17:28 -05:00
4bacc25e22
examples/benchmark/tls_bench.c: fix for clang-analyzer-deadcode.DeadStores in bench_tls().
2022-11-29 17:09:05 -06:00
0bfa5c9836
Purge NTRU and SABER. Not going to be standardized.
2022-11-25 14:54:08 -05:00
48ba365fd6
fixes for defects:
...
clang-analyzer-deadcode.DeadStores in examples/server/server.c;
-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;
nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
2022-11-08 14:04:16 -06:00
1ee3a78e4a
Fixes for various tests that do not properly handle `WC_PENDING_E`.
2022-11-04 14:56:40 -07:00
895a2e1ac5
WOLFSSL_CALLBACKS codepaths: fixes for bugprone-unused-return-value, bugprone-macro-parentheses, readability-named-parameter, and clang-analyzer-deadcode.DeadStores
2022-10-18 13:34:42 -05:00
2c503a5b34
Merge pull request #5682 from JacobBarthelmeh/Testing
...
additional sanity checks on debug callback
2022-10-14 09:25:14 -07:00
927f4c445d
additional sanity checks on debug callback
2022-10-11 13:14:59 -07:00
98ac4a6f9c
Add ability to toggle system CA certs support.
2022-10-07 12:34:00 -07:00
898ddac159
Add --sys-ca-certs option to example client.
...
Using this option will call wolfSSL_CTX_load_system_CA_certs on the client ctx.
2022-10-03 09:05:23 -07:00
17df33cef8
Fix TLS 1.3 testsuite for wolfssl64.sln solution
2022-09-14 11:39:27 +02:00
005f77180b
PSK only TLS: fix ENCRYPT_LEN
...
Allow no PK algorithms and TLS to build and test.
Use PSK cipher suite with GCM if AES-CBC not available.
2022-09-12 11:21:01 +10:00
08b89fbef9
server: add optional argument to -J disable hrr cookie
2022-09-01 09:37:35 +02:00
565d1b33e5
Update examples to allow post quantum KEM within DTLS 1.3
2022-08-30 18:39:57 +12:00
a0448155d5
Fix for type warnings in example for DTLS CID `./configure --enable-dtls --enable-dtlscid --enable-dtls13`.
2022-08-24 16:02:05 -07:00
90fcd95f9b
server/client: add --cid option to use ConnectionID extension
2022-08-23 16:58:24 +02:00
3d8562f07b
Fixes for build and runtime issues
2022-08-19 08:12:04 -05:00
969ad96dee
examples/{client,server}/{client,server}.c: remove spurious commas in --pqc help strings, and mollify clang-tidy bugprone-suspicious-missing-comma re --force-curve help strings. ( #5480 )
2022-08-18 13:32:58 -04:00
aa812c8aa9
Added support for P384 pre-share in server ( #5442 )
...
Added support for new server `--force-curve` option.
2022-08-17 15:30:48 -07:00
995100eed1
Fix for handling `WC_PENDING_E` from decrypt session ticket callback. ZD14420
2022-08-10 22:20:49 -07:00
8605195709
Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420.
2022-07-20 16:43:17 -07:00
8eaa85e412
update copyright year to 2022
2022-07-19 10:44:31 -06:00
ccc5952369
global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked;
...
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";
tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;
wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);
unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");
sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
2022-07-11 22:28:09 -05:00
6b6abfac54
examples/client/client.c: remove break after err_sys() to mollify clang-tidy unreachable-break sensor.
2022-07-06 17:32:26 -05:00
fd4836772b
examples: support DTLS version downgrading
2022-07-06 16:18:44 +02:00
80f3db6e1d
fix: examples/server: dtls mode checking
...
This fixes using ssl to check if we are using dtls or not, when ssl is not yet
valid.
Fix: 060dfe1a69
2022-07-04 10:21:11 +02:00
b87b255d52
Merge pull request #5295 from rizlik/dtls13_bugfix
...
server: fix wrong minVersion setting when non in dtls
2022-06-28 09:35:23 -07:00
14c65e0117
Merge pull request #5281 from miyazakh/example_japanese_translate
2022-06-28 10:08:06 -06:00
060dfe1a69
server: fix wrong minVersion setting when non in dtls
2022-06-28 12:10:18 +02:00
c34c32f621
translated Japanese messages
2022-06-24 08:09:28 +09:00
a5250482ce
examples/: refactor a couple help strings to avoid hitting clang-tidy bugprone-suspicious-missing-comma.
2022-06-23 15:25:23 -05:00
fdc4cdf5ec
examples: update usage() with DTLSv1.3 version
2022-06-22 18:50:18 +02:00
9c5821569f
For STM32 hashing to wait for hash done on block size + 1 word. Updated the STM32U5 benchmarks. Added note about new GCM_TABLE_4BIT.
2022-06-17 09:07:45 -07:00
aa8df1af78
Fixes for building without DTLS v1.2 and TLS v1.2. Fixes for explicit cast warnings.
2022-06-15 10:49:18 -07:00
12a3efeca8
client/server: tolerate WANT_WRITE errors
2022-06-15 10:46:43 -07:00
4e112419f5
examples: client/server: support DTLSv1.3 (-u -v4)
...
This commits add some new options to examples/[server,client] to support testing
of DTLS v1.3.
client: add waitTicket option
If this option is used, the client will wait until it receives a sessionTicket
from the server. This is useful when testing DTLS retransmission.
client: add waitKeyUpdate option
When this option is set, the client waits until the UpdateKey message is
acknowledged by the server. This is useful to test DTLS retransmission logic
2022-06-15 10:46:43 -07:00
c1dc90d9b0
server: request cert only once if doing post-handshake auth
2022-06-15 10:46:43 -07:00
22eee3206d
Fixups from review by dgarske
2022-06-14 11:13:28 -04:00
4d4ee3b2db
Support psk ciphersuites in benchmarks.
...
Also fixed some small errors during shutdown in benchmarks.
Tested with:
./configure --enable-psk CFLAGS=-DWOLFSSL_STATIC_PSK
make all check
./examples/benchmark/tls_bench
2022-06-13 13:33:51 -04:00
d5791d5c74
Fixes for TLS benchmarking app (tls_bench) for shutdown and formatting brace cleanups.
2022-06-10 13:48:46 -07:00
96d5814bfe
Implement peer review feedback
2022-06-03 11:06:46 -06:00
3bcdef1972
Fix various warnings and an uninitialized XFILE
2022-06-03 09:52:53 -06:00
9cfcdfc7aa
Merge pull request #5149 from julek-wolfssl/store-frags-v2
...
Re-use async to support WANT_WRITE while sending fragments
2022-06-01 10:52:54 -07:00
be743b2204
TLS 1.3: send ticket
...
Can send a new session ticket any time after handshake is complete with
TLS v1.3.
Added API for server application to do this.
Added tests.
2022-06-01 10:36:01 +10:00
6245395f34
Simulate WANT_WRITE only with async I/O support
2022-05-27 23:23:18 +02:00
50c0b3d2a2
Add testing/docs for blocking write
...
- Fix case where message grouping can make CheckAvailableSize return a WANT_WRITE
- CheckAvailableSize in tls13.c will not return a WANT_WRITE since it only does so for DTLS <=1.2
2022-05-27 21:26:55 +02:00
c4920021d8
print errors to stderr, not stdout;
...
fix whitespace in internal.c;
add missing error handling in examples/server/server.c around recvfrom().
2022-05-12 13:07:32 -05:00
44be4e1cc8
Reset ret in client and server after wolfSSL_dtls_got_timeout()
...
- Do UDP connect only with simulateWantWrite to accommodate macOS that doesn't like sendto being called on connected UDP sockets
- Call wolfSSL_dtls_get_current_timeout only on a DTLS connection
2022-05-12 16:48:04 +02:00
9914da3046
Fix resumption failure and use range in connect state logic
2022-05-12 15:46:08 +02:00
a31b76878f
DTLS fixes with WANT_WRITE simulations
...
- WANT_WRITE could be returned in unexpected places. This patch takes care of that.
- Change state after SendBuffered only if in a sending state to begin with.
- Adapt client and server to simulate WANT_WRITE with DTLS
2022-05-12 15:46:08 +02:00
798d81723b
Merge pull request #5128 from rizlik/dtls_bidrectional_shutdown
...
Support DTLS bidirectional shutdown in the examples
2022-05-11 17:00:44 -07:00
257c55a311
examples: allow bidirectional shutdown in UDP
...
This commit allows the examples to perform a bidirectional shutdown also when
using UDP. It is useful to test DTLS retransmission.
Signed-off-by: Marco Oliverio <marco@wolfssl.com>
2022-05-11 13:27:24 +02:00
26673a0f28
where appropriate, use strcmp/strcasecmp, not strncmp/strncasecmp;
...
add macro XSTRCASECMP();
update XSTRNCASECMP() for XC32 >= 1.00 to use strncasecmp.
2022-05-10 12:20:12 -05:00
d133fa6143
server: check that the first packet of udp connection is clientHello
...
Used to allow for bi-directional shutdown tests with UDP and DTLS
2022-05-09 13:45:27 +02:00
84a33183a6
Various scan-build fixes.
2022-04-22 16:02:54 -07:00
29392ac6b3
spell fix: OSCP -> OCSP
2022-04-19 15:11:08 -07:00
c905c613e9
Support for Intel QuickAssist ECC KeyGen acceleration.
2022-03-30 13:07:47 -07:00
1fd090d094
Update `wolfSSL_get_session` docs
...
Recommend using `wolfSSL_get1_session` and `NO_SESSION_CACHE_REF` for session resumption purposes. `wolfSSL_get_session` should not be used unless to inspect the current session object.
2022-03-17 12:56:28 +01:00
d531e21f34
Merge pull request #4946 from dgarske/async_earlydata
...
Fixes for TLS v1.3 early data with async
2022-03-15 12:12:09 -05:00
2c1ecacbfc
TLS 1.3 script test: wait for server to write file
...
Also fixes for:
./configure --enable-psk --disable-rsa --disable-ecc --disable-dh
C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-shared --enable-curve448 --enable-ed448
--disable-rsa --disable-dh --enable-tls13 --disable-ecc --enable-certgen
--enable-keygen
2022-03-14 14:42:47 +10:00
dd8fb41f66
Fixes for TLS v1.3 early data with async.
2022-03-11 14:03:46 -08:00
3c64731c4f
Don't force a ECC CA when a custom CA is passed with `-A`
...
The following config would fail `../configure --enable-opensslall CFLAGS="-DOPENSSL_COMPATIBLE_DEFAULTS" && make -j check`. This is because `test-fails.conf` `ECC no signer error` test expects a failure while the ECC CA was being added as a trusted cert due to `OPENSSL_COMPATIBLE_DEFAULTS`.
2022-03-08 15:02:43 +01:00
a9cc1ca877
Merge pull request #4924 from dgarske/coexist_fixes
2022-03-07 13:00:22 -08:00
9be0633ce3
Merge pull request #4824 from dgarske/fips_ready_user
...
User settings template for FIPS v5 ready
2022-03-05 07:52:03 -06:00
3839b0e675
Fixes for building wolfSSL along side openssl.
2022-03-04 12:06:24 -08:00
6dd7a289e7
Fix for "set but not used".
2022-02-24 13:43:56 -08:00
b13826a3a5
Merge pull request #4840 from haydenroche5/visual_studio_cleanup
...
Clean up Visual Studio output and intermediate directories.
2022-02-24 15:07:13 +10:00
ceff401269
Fixes for Jenkins tests
...
- Move test to `HAVE_IO_TESTS_DEPENDENCIES`
- Implement `wolfSSL_trust_peer_cert`
- have{cipher} options weren't being set with only RSA enabled
2022-02-23 09:47:34 +01:00
194466c35a
Peer review fixes.
2022-02-22 15:22:27 -08:00
40b171124f
Fixes to resolve a few make check issues.
2022-02-11 15:20:25 -08:00
7ec1e69dba
Fixes for supporting the openssl compatibility layer. Adds ChaCha/Poly, DH extra and verify callbacks.
2022-02-08 10:18:41 -08:00
6930cc0b21
Clean up Visual Studio output and intermediate directories.
...
Currently, wolfssl.vcxproj and IDE/WIN10/wolfssl-fips.vcxproj do not use the
same scheme for their output and intermediate directories. Further, across
configuration/platform combinations, wolfssl.vcxproj isn't consistent, either.
For example:
```
Release|x64
OutDir: $(SolutionDir)$(Platform)\$(Configuration)\
IntDir: $(Platform)\$(Configuration)\obj\
Release|Win32
OutDir: $(SolutionDir)$(Configuration)\
IntDir: $(Configuration)\obj\
```
This commit makes every configuration/platform combo for all Visual Studio
projects follow the same pattern:
```
OutDir: $(SolutionDir)$(Platform)\$(Configuration)\
IntDir: $(Configuration)\$(Platform)\$(ProjectName)_obj\
```
The `$(ProjectName)_obj` piece gets rid of a Visual Studio warning about not
mingling the intermediate objects of disparate builds.
2022-02-08 09:23:27 -08:00
5169a3cf89
Improve header comments and logic. Remove `NO_PWDBASED` and added CRL.
2022-02-07 15:58:10 -08:00
50700c3c28
Make sure Rabbit and HC128 are disabled when building FIPS against older wolfSSL.
2022-02-03 14:53:11 -08:00
db6d924d4b
User settings template for FIPS v5.
2022-02-03 13:35:13 -08:00
9ea40f3a9c
Purge IDEA cipher
2022-01-31 15:29:25 -05:00
b957a6e872
Purge Rabbit cipher
2022-01-28 13:13:53 -05:00
2955d7339e
remove a debugging printf, fix whitespace/indentation, and add a comment re gethostbyname_r buffer size.
2022-01-21 13:00:22 -06:00
6a56d3e131
jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
...
defect/gripe statistics:
configured --enable-all --enable-sp-math-all --enable-intelasm
with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result
[note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]
pre-patch warning count per file, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 6 wolfssl/tests/suites.c
clang-analyzer-security.insecureAPI.strcpy 2 wolfssl/testsuite/testsuite.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/server/server.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/client/client.c
readability-redundant-preprocessor 2 wolfssl/wolfcrypt/src/asn.c
readability-redundant-preprocessor 1 wolfssl/wolfcrypt/src/rsa.c
readability-redundant-preprocessor 9 wolfssl/src/ssl.c
readability-redundant-preprocessor 2 wolfssl/src/tls13.c
readability-redundant-preprocessor 18 wolfssl/tests/api.c
readability-redundant-preprocessor 3 wolfssl/src/internal.c
readability-redundant-preprocessor 10 wolfssl/wolfcrypt/test/test.c
readability-named-parameter 1 wolfssl/wolfcrypt/benchmark/benchmark.c
readability-named-parameter 7 wolfssl/src/internal.c
readability-named-parameter 1 wolfssl/wolfcrypt/src/ecc.c
readability-named-parameter 1 wolfssl/testsuite/testsuite.c
readability-named-parameter 11 wolfssl/wolfcrypt/src/ge_operations.c
misc-no-recursion 3 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 4 wolfssl/wolfcrypt/src/asn.c
readability-uppercase-literal-suffix 1 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 13 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-too-small-loop-variable 1 wolfssl/wolfcrypt/src/rsa.c
bugprone-too-small-loop-variable 2 wolfssl/wolfcrypt/src/sha3.c
bugprone-too-small-loop-variable 4 wolfssl/wolfcrypt/src/idea.c
bugprone-signed-char-misuse 2 wolfssl/src/ssl.c
bugprone-signed-char-misuse 3 wolfssl/wolfcrypt/src/sp_int.c
bugprone-signed-char-misuse 3 wolfssl/examples/client/client.c
bugprone-macro-parentheses 19 wolfssl/wolfcrypt/src/aes.c
bugprone-macro-parentheses 109 wolfssl/wolfcrypt/src/camellia.c
bugprone-macro-parentheses 1 wolfssl/src/tls.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/md4.c
bugprone-macro-parentheses 2 wolfssl/wolfcrypt/src/asn.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2b.c
bugprone-macro-parentheses 257 wolfssl/wolfcrypt/src/sha3.c
bugprone-macro-parentheses 15 wolfssl/src/ssl.c
bugprone-macro-parentheses 1 wolfssl/wolfcrypt/src/sha.c
bugprone-macro-parentheses 8 wolfssl/tests/api.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/sp_int.c
bugprone-macro-parentheses 6 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-macro-parentheses 38 wolfssl/wolfcrypt/src/hc128.c
bugprone-macro-parentheses 12 wolfssl/wolfcrypt/src/md5.c
bugprone-macro-parentheses 10 wolfssl/wolfcrypt/src/sha256.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/test/test.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/ecc.c
bugprone-macro-parentheses 2 wolfssl/tests/suites.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/cpuid.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2s.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/sha512.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/poly1305.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/ripemd.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/src/internal.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/testsuite/testsuite.c
pre-patch warning count summaries, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-suspicious-missing-comma 6
readability-redundant-preprocessor 45
readability-named-parameter 21
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-too-small-loop-variable 7
bugprone-signed-char-misuse 8
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
pre-patch warning count summaries, without suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-branch-clone 152
readability-non-const-parameter 118
bugprone-suspicious-missing-comma 6
bugprone-suspicious-include 52
readability-magic-numbers 22423
readability-redundant-preprocessor 45
readability-named-parameter 21
readability-function-cognitive-complexity 845
readability-else-after-return 398
bugprone-implicit-widening-of-multiplication-result 595
readability-function-size 21
readability-isolate-declaration 1090
misc-redundant-expression 2
bugprone-narrowing-conversions 994
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-reserved-identifier 56
readability-suspicious-call-argument 74
bugprone-too-small-loop-variable 7
bugprone-easily-swappable-parameters 437
bugprone-signed-char-misuse 8
readability-misleading-indentation 94
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
bugprone-suspicious-string-compare 495
readability-redundant-control-flow 20
readability-braces-around-statements 11483
clang-analyzer-valist.Uninitialized 1
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling 3502
2022-01-21 01:25:48 -06:00
848f5eeb0c
Merge pull request #4755 from dgarske/dtls_srtp
...
DTLS SRTP (RFC5764) support (adds `--enable-srtp`)
2022-01-21 10:43:47 +10:00
231a0bbb84
dtls-srtp: no ekm cross check on single threaded/no pthread conf
2022-01-20 16:12:04 +01:00
7adbf59f22
Merge pull request #4767 from anhu/kill_hc128
...
Get rid of HC-128
2022-01-19 12:20:18 -08:00
8e0ece920b
Test cleanups. Fix possible leak in `TLSX_UseSRTP`.
2022-01-19 09:22:02 -08:00
86ba0ef643
tests: support test for SRTP
...
the test will check that the same Exported Keying Material is generated between
client and server
2022-01-19 13:35:29 +01:00
4c05d35452
Merge pull request #4743 from miyazakh/tls_bench_onlymode
2022-01-18 15:41:48 -07:00
c2860cb311
Get rid of HC-128
2022-01-17 18:11:54 -05:00
2085624a29
Old Compiler Warning Cleanup (GCC 4.0.2)
...
1. Removed pragma disabling the warning for non-literal format strings
on `printf()`.
2. Switched the `printf()` into two printf calls.
2022-01-14 17:11:55 -08:00
eade8ecdf1
DTLS SRTP improvements. Added support for client to send list of profiles. Added support for more SRTP profiles.
2022-01-14 13:43:29 -08:00
6ccbd8776f
DTLS SRTP (RFC5764) support (adds `--enable-srtp`). Used with WebRTC to agree on profile for new real-time session keys.
2022-01-14 07:35:45 -08:00
723cfb2d0b
make server/client only work
2022-01-12 09:23:23 +09:00
569c066fab
Improve TLS client side session cache references to provide option for not returning an internal session cache pointer. Now use `wolfSSL_get1_sesson` for reference logic, that requires calling `wolfSSL_SESSION_free`. To disable this feature use `NO_SESSION_CACHE_REF`.
2021-12-23 14:25:45 -08:00
52754123d9
Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init.
...
Additionally, remove wc_SetSeed_Cb calls applications (e.g. example client and
server), since they are now redundant.
2021-12-22 14:21:06 -08:00
7d4c13b9a4
--with-liboqs now defines HAVE_LIBOQS and HAVE_PQC
...
AKA: The Great Rename of December 2021
2021-12-20 11:48:03 -05:00
ad078a7358
adjust macro guard in example client
2021-12-08 13:45:37 -07:00
9a07b3af9b
print out PEM of peer cert with example client
2021-12-07 14:07:47 -07:00
30b68060fb
configure.ac: fix whitespace; client.c: make gcc 5.4.0 -Wmaybe-uninitialized happy.
2021-12-04 00:57:49 -06:00
0340b49ff9
do not load example CA if not verifying peer
2021-11-30 10:44:05 -07:00
5dac25f470
Eliminate `EIGHTK_BUF` use in asn. Cleanup uses of `0` in set_verify for callback.
2021-11-09 08:23:19 -08:00
0b4f34d62a
typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C.
2021-11-08 17:35:05 -06:00
8f121e7752
file modes: clear inappropriate executable bits.
2021-11-08 17:28:11 -06:00
6d89de4f11
Check correct var for `server.c` echo return.
2021-11-05 16:10:17 +01:00
1d91ccb41b
remove exe bit on example.c and server.c
2021-10-29 13:12:43 -06:00
0a26335243
Merge pull request #4446 from ejohnstown/dtls-sizing
...
DTLS Sizing
2021-10-28 14:15:36 -07:00
adee6a86d1
Return the close notify error when expecting an error.
2021-10-28 20:53:58 +02:00
894303be59
Make the `wolfSSL_GetMaxFragSize` parameter meaning consistent
...
- Add testing for sending as much app data as possible in a single DTLS record
2021-10-28 14:46:15 +02:00
c16f0db1b5
Fixes for handling `WC_PENDING_E` async responses in API unit test and examples. Resolves all issues with `--enable-all --enable-asynccrypt --with-intelqa=`.
2021-10-27 15:08:39 -07:00
976402e04b
RNG Update
...
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
as a default callback.
2. Modify all the tests and examples to use the default seed callback if
the seed callback is enabled.
2021-10-26 20:24:25 -05:00
6070981366
Merge pull request #4490 from dgarske/static_mem_unittest
...
Add CTX static memory API unit tests
2021-10-26 09:52:14 +10:00
5859779ddf
Check-in non-FIPS specific porting changes for OE22
...
Fix no new line
Change comment style in testsuite.c
Add include for proper socket header in wolfio.h
Add dc_log_printf support to benchmark application
Pull in changes for examples
Refector NETOS check in test.c
Fix format and remove settings used only for validation testing
Implement peer review feedback
Address last items noted in peer review
Add new README to include.am
Adjust comment style on TODO
Gate changes in client and server properly
Add static on customer feedback
Fix settings include
Update latest peer feedback
2021-10-22 15:01:14 -06:00
f17187aad9
Fixes for static memory testing. Fix clang memory sanitizer warnings.
2021-10-21 16:33:57 -07:00
911d95e5e4
Add CTX static memory API unit tests. Expanded crypto callback TLS tests to older SSL/TLS and DTLS.
2021-10-21 11:47:00 -07:00
37a976b4bf
Fix example server to support option 7 (which exists). Fix static mem size required with session cert (matches client now).
2021-10-21 11:41:30 -07:00
a03ed32380
Support for Android KeyStore compatibility API's:
...
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
f04380d624
Merge pull request #4475 from douzzer/fix-scan-build-UnreachableCode
...
scan-build LLVM-13 fixes and expanded coverage
2021-10-20 08:30:46 +10:00
dcb2ebba39
Fix for openssl.test extraction of version and cipher suites. Fix mem tracking to use stderr. Fix client version print to use single printf with newline.
2021-10-19 13:00:25 -07:00
768496be4a
scan-build LLVM-13 fixes: in examples/echoclient/echoclient.c, remove frivolous "break;", avoiding need to pragma-ignore clang -Wunreachable-code-break.
2021-10-18 21:46:10 -05:00
76332069ea
examples/client/client.c: remove frivolous `break` to avoid need for PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\"").
2021-10-18 21:46:09 -05:00
f621a93081
more scan-build LLVM-13 fixes and expanded coverage: deadcode.DeadStores in client.c and server.c (no functional changes).
2021-10-18 21:46:09 -05:00
62822be6ce
scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all.
2021-10-18 21:46:09 -05:00
2aa2ef84b2
Merge pull request #4470 from LinuxJedi/md-cleanups
...
Cleanup markdown documentation
2021-10-14 11:04:48 -07:00
11e3f867b0
Cleanup markdown documentation
...
* Add syntax highlighting where appropriate
* Fix some markdown compliance issues
* Add some links for things
* Add some inline code quoting
* Fix some headings
* Fix copyright date in doxygen html output
2021-10-13 16:39:46 +01:00
bc97539756
Increase the size of the temp buffer for starttls. Some SMTP servers send larger messages.
2021-10-12 15:13:38 -07:00
da15356c2a
Merge pull request #4444 from anhu/pq_bench
...
Benchmarking the supported groups.
2021-10-05 09:52:51 -07:00
41b9b14cfb
whitespace
2021-10-04 18:35:09 -04:00
f77a5e26b5
semi-colon --> colon and use wolfTLSv1_3_server_method when NO_WOLFSSL_CLIENT.
2021-10-04 18:31:28 -04:00
310ab6692a
Drop a function brace and WOLFSSL_TLS13.
2021-10-04 13:56:01 -04:00
4084928d93
Slight changes to liboqs documentation in INSTALL and example client/server
2021-10-02 13:14:32 -06:00
2fa0114d54
Benchmarking the supported groups.
2021-10-01 15:38:07 -04:00
33cb823148
Remove legacy NTRU and OQS ( #4418 )
...
* Remove NTRU and OQS
* Keep the DTLS serialization format backwards compatible.
* Remove n from mygetopt_long() call.
* Fix over-zealous deletion.
* Resolve problems found by @SparkiDev
2021-09-24 08:37:53 +10:00
13d4722678
Convert post-quantum algorithm group names
...
... from using parameter set names from the papers to NIST levels.
2021-09-17 13:28:34 -04:00
bb70fee1ec
Merge pull request #4390 from anhu/hybridizing
...
Hybridizing NIST ECC groups with the OQS groups.
2021-09-16 22:01:39 -07:00
2274d0b773
Fix overflow check in ClientMemSend
2021-09-14 11:17:01 -05:00
fb733b4662
Hybridizing the OQS groups with NIST ECC groups.
2021-09-10 13:12:12 -04:00
4a26b53dfc
Changes for ED25519 and `HAVE_SECRET_CALLBACK`
...
- `HAVE_SECRET_CALLBACK` needs to have `wolfSSL_SSL_CTX_get_timeout` and `wolfSSL_SSL_get_timeout` available
- Call `wolfSSL_KeepArrays` for `HAVE_SECRET_CALLBACK`
- Increase the default `DTLS_MTU_ADDITIONAL_READ_BUFFER` and make it adjustable by the user
- Don't truncate application data returned to user in `wolfSSL_read_internal`
2021-09-02 15:58:30 +02:00
9b6cf56a6e
Expanded support for Curve25519/Curve448 and TLS v1.3 sniffer ( #4335 )
...
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
2021-09-01 09:28:24 +10:00
9a438ce289
liboqs integration using keyshare/supported_groups extensions in TLS 1.3
2021-08-27 13:56:53 -04:00
70535f51d5
Fixes for PK callbacks with TLS v1.3. Tested with `./configure --enable-pkcallbacks CFLAGS="-DTEST_PK_PRIVKEY -DDEBUG_PK_CB"`.
2021-08-16 13:09:17 -07:00
8601c14f1c
Merge pull request #4297 from anhu/master
...
Fix a race condition in the benchmark example and …
2021-08-12 13:51:43 -07:00
7c75b9836e
Changes to make Jenkins happy and reduce verbosity.
...
- added HAVE_PTHREAD guards
- usleep ---> XSLEEP_MS
- only print polling message if verbose output requested.
2021-08-12 11:13:15 -04:00
586317f198
Fix a race condition in the benchmark example and all output goes to stderr.
2021-08-11 17:07:01 -04:00
d4d225e33f
Fix broken link in examples/README.md
2021-08-11 10:49:38 -06:00
0722fb56d8
Adding README.md to examples dir and links to wolfssl-examples github repo in client/server.c
2021-08-02 20:27:41 -06:00
1b6b16c2c3
HaProxy 2.4-dev18 support
...
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
- `STACK_TYPE_X509_OBJ`
- `OCSP_id_cmp`
- `X509_STORE_get0_objects`
- `X509V3_EXT_nconf_nid`
- `X509V3_EXT_nconf`
- `X509_chain_up_ref`
- `X509_NAME_hash`
- `sk_X509_NAME_new_null`
- `X509_OBJECT_get0_X509`
- `X509_OBJECT_get0_X509_CRL`
- `ASN1_OCTET_STRING_free`
- `X509_LOOKUP_TYPE`
- `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
- WOLFSSL_CTX
- Enable all compiled in protocols
- Allow anonymous ciphers
- Set message grouping
- Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
- Return first that occured
- Set correct value on date error
- Set revoked error on OCSP or CRL error
- Save value in session and restore on resumption
- Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
2021-07-06 15:39:23 +02:00
45486ac904
Merge pull request #4166 from miyazakh/supportedversion_ex_mindowngrade
...
not include smaller versions than minimum downgrade
2021-07-01 21:00:20 +07:00
b0688688c1
addressed review comments
2021-06-30 13:52:46 +09:00
d576e3ef96
not send smaller versions than minimum downgradable version as supportedversion ext
2021-06-25 14:51:34 +09:00
8592053856
Regression test fixes
...
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
2021-06-25 09:18:06 +10:00
Andras Fekete
JacobBarthelmeh
Takashi Kojo
David Garske
John Bland
Brett Nicholas
Sean Parkinson
Eric Blankenhorn
Daniel Pouzzner
Dimitri Papadopoulos
Juliusz Sosinowicz
Hideki Miyazaki
gojimmypi
TakayukiMatsuo
youtai
Chris Conlon
Anthony Hu
Hayden Roche
Marco Oliverio
CallumMcLoughlin
Peter Torelli
kaleb-himes
John Safranek
elms
Andrew Hutchings
Lealem Amedie
Anthony Hu
Kareem
Anthony Hu