WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
7,363 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

2756 Commits (f9e830bce7c6865361a5a9b897c2736de1d9a742)

Author SHA1 Message Date
David Garske f9e830bce7 First pass at changes to move PemToDer into asn.c. 2018-04-09 13:28:14 -07:00
David Garske 21833e245f Fix TLS 1.3 with ECC disabled and CURVE25519 enabled. Resolves issue with using `./configure --disable-ecc --enable-curve25519 --enable-ed25519 --enable-tls13`. Refactor `TLSX_KeyShare_GenEccKey` to support either ECC or CURVE25519. Fix for `PemToDer` to handle ED25519 without ECC enabled. 2018-04-09 10:10:08 -07:00
David Garske 2a460d3d05
Merge pull request #1484 from embhorn/coverity 
Coverity fixes
 2018-04-06 18:18:38 -07:00
Eric Blankenhorn 36b9b0b558 Updates from code review 2018-04-06 17:29:27 -05:00
Eric Blankenhorn 86767e727c Fixes for CID 185033 185028 185142 185064 185068 185079 185147 2018-04-06 13:15:16 -05:00
Eric Blankenhorn d2c1a1906d Fixes for CID 184980 185017 185047 185167 2018-04-06 11:10:37 -05:00
toddouska 6090fb9020
Merge pull request #1483 from dgarske/winvs 
Fixes for unused `heap` warnings
 2018-04-06 09:01:49 -07:00
Eric Blankenhorn 920e6ed911 Fix warning in ssl.c 2018-04-06 09:30:54 -05:00
Eric Blankenhorn c6ad885459 Coverity fixes for tls.c/n CID 184996 185112 185122 2018-04-06 09:08:00 -05:00
Eric Blankenhorn ec429e50b1 Fixes for ssl.c 2018-04-06 07:45:12 -05:00
David Garske 426335b68f Found additional VS unused `heap` warnings. Replace tabs with 4-spaces. 2018-04-05 12:28:32 -07:00
toddouska 2b48a074eb
Merge pull request #1480 from dgarske/extcache 
Fix for HAVE_EXT_CACHE callbacks not being available without OPENSSL_EXTRA
 2018-04-05 10:52:44 -07:00
Eric Blankenhorn 5439402c1d Refactor for max record size (#1475) 
* Added new internal function `wolfSSL_GetMaxRecordSize`.
* Modified tls_bench to use dynamic buffer based on max record size.
* Added comment for DTLS maxFragment calculation.
 2018-04-05 09:11:58 -07:00
David Garske 412d4d76ee Fix for `HAVE_EXT_CACHE` callbacks not being available without `OPENSSL_EXTRA` defined. Added tests for external cache callbacks. 2018-04-05 07:10:04 -07:00
David Garske a78c6ba4ea Fix for unused `heap` warnings. 2018-04-04 12:51:45 -07:00
David Garske 5702e8ee48 Fix building with `HAVE_EXT_CACHE` when `OPENSSL_EXTRA` is not defined. Fixes issue #1474. 2018-04-04 09:02:52 -07:00
toddouska a92696edec
Merge pull request #1454 from dgarske/noprivkey 
Support for not loading a private key when using `HAVE_PK_CALLBACKS`
 2018-03-22 12:47:22 -07:00
toddouska 040e0ab752
Merge pull request #1456 from dgarske/iocbname 
Refactor IO callback function names to use `_CTX_`
 2018-03-22 12:40:48 -07:00
David Garske e564c973b6 Refactor IO callback function names to use `_CTX_` to eliminate confusion about the first parameter. 2018-03-21 16:08:55 -07:00
David Garske 4b51431546 Fix for possible unused `ctx` in `wolfSSL_CTX_IsPrivatePkSet` when no ECC, RSA or ED25519. 2018-03-21 15:46:08 -07:00
toddouska 104f7a0170
Merge pull request #1451 from JacobBarthelmeh/Optimizations 
Adjust X509 small build and add more macro guards
 2018-03-21 15:15:27 -07:00
toddouska 2a356228be
Merge pull request #1445 from SparkiDev/wpas_fix 
Fixes for wpa_supplicant
 2018-03-21 15:11:43 -07:00
David Garske dbb34126f6 * Added support for not loading a private key for server or client when `HAVE_PK_CALLBACK` is defined and the private PK callback is set. Tested with all cipher suites, TLS 1.2/1.3, client/server certs, RSA/ECC/ED25519. 
* Added PK callback context tests for client/server examples (`SetupPkCallbackContexts`).
* Added new test define for `TEST_PK_PRIVKEY` to allows simulating hardware based private key.
* Added new test.h function for loading PEM key file and converting to DER (`load_key_file`).
* Added way to get private key signature size (`GetPrivateKeySigSize`).
* Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
* Added inline comments to help track down handshake message types.
* Cleanup of RSS PSS terminating byte (0xbc) to use enum value.
* Fixed bug with PK callback for `myEccVerify` public key format.
* Fixed bug with PK callback for ED25519 verify key buffer in DoServerKeyExchange.
 2018-03-21 11:27:08 -07:00
Jacob Barthelmeh 26bb86690a fix for unused parameter warning 2018-03-21 10:06:06 -06:00
Jacob Barthelmeh 0aa3b5fa0e macros for conditionally compiling code 2018-03-21 00:09:29 -06:00
Jacob Barthelmeh 087df8f1cd more macro guards to reduce size 2018-03-20 17:15:16 -06:00
Sean Parkinson c9c2e1a8a7 Don't base signature algorithm support on certificate 
The signature algorithm support is what you can do with another key, not
what you can do with your key.
 2018-03-21 08:33:54 +10:00
Jacob Barthelmeh df6ea54cd5 add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build 2018-03-20 15:06:35 -06:00
toddouska 38d1eea8cd
Merge pull request #1446 from SparkiDev/tls13_draft27 
TLS v1.3 support for Draft 23 and Draft 27
 2018-03-20 09:13:03 -07:00
toddouska 18879ce271
Merge pull request #1440 from dgarske/VerifyRsaSign_PKCallback 
Added VerifyRsaSign PK callback
 2018-03-20 09:02:18 -07:00
toddouska 87c70e76a9
Merge pull request #1441 from dgarske/ocsp_nb 
Fix for handling OCSP with non-blocking
 2018-03-19 12:05:59 -07:00
David Garske 2cc1a1c5bf Renamed callbacks for VerifySign to SignCheck. Switched the new callback context to use the one for the sign. Fix for callback pointer check on VerifyRsaSign. Added inline comments about the new `RsaSignCheckCb` and `RsaPssSignCheckCb`. 2018-03-19 10:19:24 -07:00
toddouska cb8f8a953b
Merge pull request #1438 from SparkiDev/nginx_pem_write 
Fix PEM_write_bio_X509 to work with new BIO code
 2018-03-19 09:13:51 -07:00
toddouska 7ce2efd572
Merge pull request #1431 from JacobBarthelmeh/Optimizations 
more aes macro key size guards
 2018-03-19 09:07:05 -07:00
Sean Parkinson bd53d7ba59 TLS v1.3 support for Draft 23 and Draft 27 
Draft 24: Second ClientHello usees version 0x0303 - no change.
Draft 25: The record layer header is now additional authentication data to
encryption.
Draft 26: Disallow SupportedVersion being used in ServerHello for
negotiating below TLS v1.3.
Draft 27: Older versions can be negotiated (by exclusion of 0x0304) in
SupportedVersion - no change.
 2018-03-19 16:15:02 +10:00
Sean Parkinson b325e0ff91 Fixes for wpa_supplicant 2018-03-19 11:46:38 +10:00
David Garske fa73f7bc55 Fix for handling OCSP with non-blocking. The HashInput function was being called on the re-entry, which produced a bad mac response from server. Also cleanup for some of the WC_PENDING_E logic for the non-async cases to reduce code size. 2018-03-16 12:05:07 -07:00
David Garske e858ec11ac Fix unused arg when building with pk callbacks disabled. 2018-03-16 09:37:07 -07:00
David Garske ed7774e94a Added new callbacks for the VerifyRsaSign, which uses a private key to verify a created signature. The new callbacks API's are `wolfSSL_CTX_SetRsaVerifySignCb` and `wolfSSL_CTX_SetRsaPssVerifySignCb`. These use the same callback prototype as the CallbackRsaVerify and use the same context. 2018-03-15 14:43:41 -07:00
Sean Parkinson 3f99a2a391 Fix PEM_write_bio_X509 to work with new BIO code 2018-03-15 10:45:49 +10:00
David Garske d8fe341998 First pass at added PK_CALLBACK support for `VerifyRsaSign`. 2018-03-14 09:54:18 -07:00
toddouska 717ba83deb
Merge pull request #1434 from SparkiDev/tls13_multi_recs 
Fix multiple handshake messages in last record of certs
 2018-03-14 09:46:32 -07:00
Sean Parkinson afe300acc0 Fix multiple handshake messages in last record of certs 2018-03-14 16:37:58 +10:00
Jacob Barthelmeh 8fb3ccacb7 opensslextra fixs and warning for unused variable 2018-03-12 18:05:24 -06:00
Jacob Barthelmeh 6b04ebe3a4 fix for compiling with different build settings 2018-03-12 16:12:10 -06:00
toddouska b297d9dce0
Merge pull request #1427 from JacobBarthelmeh/Compatibility-Layer 
return value on bad mutex with error nodes and add x509 host check to OPENSSL_EXTRA
 2018-03-12 11:33:20 -07:00
toddouska 0ab4166a80
Merge pull request #1421 from JacobBarthelmeh/Optimizations 
trim out more strings and fix DN tag
 2018-03-08 14:03:10 -08:00
toddouska 1f9583c59c
Merge pull request #1409 from SparkiDev/tls13_old_ver_fix 
Fix downgrading when WOLFSSL_TLS13 is defined (despite NO_OLD_TLS being defined)
 2018-03-08 13:59:59 -08:00
Jacob Barthelmeh e0afec0600 fix RSA macro, tickets without server, and add test case 2018-03-08 14:36:43 -07:00
Jacob Barthelmeh e960e0544a try to clear out error queue with failing mutex 2018-03-08 11:49:16 -07:00