WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
11,843 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

59 Commits (ffa2cdd2d18473ff0fdaee24b5e59908ccde3515)

Author SHA1 Message Date
David Garske e6017de19d Fix in `snifftest` to try loading private key into static ephemeral and private key. Updated pcap files (were missing TCP packets). 2020-07-20 11:10:46 -07:00
David Garske 23a3ead758 Framework for new TLS v1.3 sniffer tests. 2020-07-17 15:56:56 -07:00
David Garske 1b051d9c5b TLS v1.3 sniffer support: 
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
 2020-07-17 15:22:35 -07:00
David Garske 3b86a4db20 Adding STM32CubeIDE support (and deprecation of OpenSTM32). 
* Updated example to add support for CMSIS v2 and static memory.
* Improved example to support more build options.
* Added support for detecting Cube HAL and including `wolfSSL.wolfSSL_conf.h`.
 2020-06-11 14:45:17 -07:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
John Safranek 89db0da0aa Synchronous Quick Assist Support for Sniffer 
1. Fixed a compiler warnings.
2. Fixed a memory issue when using the storage callback with QAT.
 2019-10-08 16:49:38 -07:00
John Safranek 89ff909d73 Sniffer IPv6 
1. Sorted out IPv6 configuration for sniff test.
2. Tests the sniffer using an IPv6 file.
 2019-10-04 14:54:17 -07:00
John Safranek a5bfb8a18b Change the IP address wrappers to include the version. Makes comparing 
easier. Hard-coded some IPv6 localhost tests.
 2019-10-04 14:54:17 -07:00
John Safranek 841e469340 Convert the data the snifftest is about to print into printable text. 
Anything that isprint() or isspace() is kept, anything else is changed
to a period.
 2019-10-04 14:54:17 -07:00
John Safranek dea5e73852 Sniffer Chain Input 
Add a new method for handling input records where the input is in the form of an iovec list.
 2019-10-04 14:54:17 -07:00
John Safranek 62ac388f55 Store Data Callback 
Added a callback and support to allow one to handle storing the data
directly without reallocating the data buffer. Also added an example
that uses this callback if the callback is enabled in the build.
 2019-10-04 14:54:17 -07:00
John Safranek 4b0bb75909 Sniffer Watch Cert Chain Part 2 
1. Check the sizes picked up out of the message against the expected
size of the record when looking at the certificate messages.
2. Renamed the cert and certSz in the watch callback with it being a
certChain.
 2019-07-16 09:54:45 -07:00
John Safranek 21afcf17a8 Sniffer Watch Mode 
1. Split the function ssl_SetWatchKey() into ssl_SetWatchKey_file()
which loads the key from a named file and ssl_SetWatchKey_buffer()
which loads the key from a provided buffer. file() uses buffer().
 2019-07-01 13:50:28 -07:00
John Safranek 8be6c0c08c Sniffer Watch Mode 
Add some tests for the Watch mode that will also work with static ECDH.
 2019-07-01 13:50:28 -07:00
John Safranek b61803f165 Sniffer Watch Mode 
Added the build option for the Watch mode for the sniffer. Instead of
setting a set of IP addresses and keys, you set a callback function.
When any TLS connection is started, the hook is called and a hash of the
peer certificate is given to the callback function. It has a chance to
load a private key into the sniffer session. Enable this option with the
build flag "WOLFSSL_SNIFFER_WATCH".
 2019-07-01 13:50:28 -07:00
John Safranek 26384d4936 Sniffer Stats 
Upgrade the sniffer stats to unsigned long ints.
 2019-06-24 16:16:05 -07:00
John Safranek 8439beb525 Sniffer Statistics 
1. Moved sslKeyFails.
2. Added sslEphemeralMisses, sslEncryptedConns, sslDecodeFails.
3. Removed the Rehandshake stats as the sniffer does not support rehandshaking.
4. Removed two of the per second stats as they seemed redundant.
5. Added a function to atomically read and reset the sniffer statistics.
 2019-06-24 09:54:42 -07:00
John Safranek 9715431921 Sniffer Statistics 
1. Wrapped the added code for statistics in a preprocessor guard.
2. Added a check for the current cipher suite and if it is on the list
of allowed suites. Guarded by the statistics option.
3. Added more statistics from the list.
 2019-06-24 09:54:42 -07:00
John Safranek c600f7659a Sniffer Statistics 
Added more of the statistics.
 2019-06-24 09:54:42 -07:00
John Safranek 246c444b93 Updates for v4.0.0 
Update the copyright dates on all the source files to the current year.
 2019-03-15 10:37:36 -07:00
John Safranek 96b4ddad82 Sniffer Update 
1. Collect the SSL Info capture into its own function.
2. Add a Trace function for the SSL Info.
3. When copying the IANA name for the cipher suite, use a strncpy
instead of a memcpy and cap the copy at the length of the destination.
Force a null terminator at the end of the destination, just in case.
4. Modify the snifftest to collect the SSL Info.
 2018-11-21 11:29:28 -08:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
Jacob Barthelmeh 1c17b8eed6 static analysis check of null dereference and memory management 2016-12-21 16:20:18 -07:00
Chris Conlon 2939c3ace1 add ssl_FreeZeroDecode() to sniffer.c 2016-03-31 13:25:39 -06:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske cb3a9cc348 Removed the execute bit on all .c, .h, and .cs files. 2016-02-08 09:45:31 -08:00
John Safranek a42308e28a Add function ssl_FreeDecodeBuffer() to release the sniffer allocated data buffer and reset the pointer. 2015-10-26 12:01:21 -07:00
toddouska 8595890c51 change sniffer decode data to pointer to pointer 2015-10-12 18:10:24 -07:00
John Safranek 1237b35bb8 add option to sniffer to try to restart decoding after an ACK fault 2015-10-02 11:26:45 -07:00
toddouska 2f1836d985 fix snifftest bsd build 2015-08-19 16:52:16 -07:00
toddouska 1e9647023c add snifftest script check to make check 2015-04-18 08:35:47 -07:00
toddouska e4ac398d98 fix snifftest bad include on windows 2015-03-27 09:55:54 -07:00
toddouska 0b6c03ad06 snifftest.c needs socket.h included for AIX, john cyassl commit #a8803e1e16f23 2015-03-17 14:52:42 -07:00
kaleb-himes a389620a29 Copyright (C) updates 2015-01-08 09:39:04 -07:00
Jacob Barthelmeh f516bcf1ce old cyassl header files adjusted 2015-01-07 13:11:37 -07:00
kaleb-himes 369a5f04a9 library wide licence update 2015-01-06 12:14:15 -07:00
John Safranek e35e02a283 Added SNI named keys to the sniffer. 2014-10-21 12:22:12 -07:00
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
toddouska a0d4c34900 allow snifftest to handle jumbo frames + potential partial 16k record from previous data packet on the stack 2014-03-20 15:34:20 -07:00
toddouska 9e56ad262c fix snifftest pcap frees on file mode, close TraceFile on ssl_Free 2013-12-10 16:17:43 -08:00
toddouska b377a60596 add packet# length to snifftest output 2013-10-29 15:41:05 -07:00
toddouska de6b9bc6be fix sniffer with new decrypt/verify code 2013-10-28 17:18:41 -07:00
toddouska f535e5428e make sure all tests/examples *.c use settings.h correctly 2013-04-10 12:17:23 -07:00
toddouska d0e16d25b4 add error message for correct snifftest dir to run from 2013-03-12 16:32:16 -07:00
toddouska 44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
toddouska d0affb0d0e fix snifftest and aesni with new warnings 2012-09-25 11:14:21 -07:00
toddouska 19e50cd46a fix old-style warnings 2012-09-20 12:11:42 -07:00
toddouska 206f565820 add password to snifftest command line 2012-09-18 09:34:45 -07:00
toddouska 638c095737 better error output for temp keys or compression on sniffer 2012-06-29 10:59:48 -07:00