Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,601 Commits 12 Branches 184 Tags
3b768bcb5ee5e737a8f66adee6f6737f012ce2c1
Commit Graph

2459 Commits

Author SHA1 Message Date
Hideki Miyazaki
3b768bcb5e addressed review comments 2021-03-06 10:18:31 +09:00
Hideki Miyazaki
896245cae7 addressed jenkins cavp test failure 2021-03-05 08:19:25 +09:00
Hideki Miyazaki
464f82a575 addressed jenkins failure part4 2021-03-05 08:19:24 +09:00
Hideki Miyazaki
302c6dfe11 addressed jenkins failure part3 2021-03-05 08:19:22 +09:00
Hideki Miyazaki
9bae05525c addressed review comments 2021-03-05 08:19:22 +09:00
Hideki Miyazaki
cd26444e01 addressed jenkins failure part1 2021-03-05 08:19:21 +09:00
Hideki Miyazaki
5fb9aa3f9b implemented SHA512_Transform and unit test 2021-03-05 08:19:20 +09:00
Hideki Miyazaki
82fb498ed5 Implemented MD5 unit tests 2021-03-05 08:19:19 +09:00
Hideki Miyazaki
525d28f38f Implemented MD5_Transform 2021-03-05 08:19:18 +09:00
Hideki Miyazaki
502e1458f9 Implemented SHA one shot 
Implemented SHA_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki
95cf3675e9 implemented SHA256_Transform 
WIP SHA512_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki
cb3fa8ff9e SHA224 implementation 2021-03-05 08:19:16 +09:00
Hideki Miyazaki
44a20c8ce6 add more unit test case for load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki
544ed32893 implemented X509_load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki
2e223fb101 implemeted wolfSSL_CTX_get0/set1_param, and corresponding to sub-methods 2021-03-05 08:19:13 +09:00
toddouska
b8235649ea Merge pull request #3812 from haydenroche5/get-certs-refactor 
Improve wolfSSL_CertManagerGetCerts.
 2021-03-04 11:14:05 -08:00
toddouska
12d5c6d416 Merge pull request #3783 from haydenroche5/socat 
Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_…
 2021-03-04 11:10:17 -08:00
toddouska
90d45028cc Merge pull request #3781 from fabiankeil/NO_WOLFSSL_STUB-build-fix 
Fix build with  NO_WOLFSSL_STUB
 2021-03-04 11:07:26 -08:00
Hayden Roche
265b456cac Improve wolfSSL_CertManagerGetCerts. 
- Use wolfSSL_d2i_X509. wolfSSL_CertManagerGetCerts duplicated a lot of work
that wolfSSL_d2i_X509 can do for us.
- This function gets the caLock from the CertManager and then calls ParseCert.
Ultimately, ParseCert calls GetCA, which attempts to acquire the same caLock.
Deadlock ensues. The solution is to get the caLock, make a copy of all the
certs, and release the lock. Then, we use the copy of the certs to build up
the stack of X509 objects. What happens if one of the certs is removed from
the CertManager between our copying and calling wolfSSL_d2i_X509? Nothing of
consequence for this use case. ParseCertRelative won't set the DecodedCert's ca
field, but we don't need that to be set here.
 2021-02-26 10:45:27 -06:00
toddouska
2d13a43e71 Merge pull request #3819 from elms/fix/nightly_g++ 
ssl: fix g++ compile warning with explicit cast
 2021-02-25 16:04:05 -08:00
Hayden Roche
10181b7bbf Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_version. 
This is needed by socat-1.7.4.1.
 2021-02-25 17:04:41 -06:00
Elms
afbe3607d7 ssl: fix g++ compile warning with explicit cast 
cast OpenSSL callback to `void*` for storage as context to be used by
static callback
 2021-02-25 11:01:16 -08:00
Sean Parkinson
d271092aef ASN: move wolfSSL_i2d_X509_NAME to ssl.c 
Move WOLFSSL_X509_NAME APIs out of asn.[ch].
 2021-02-25 11:45:12 +10:00
toddouska
94a23c1d48 Merge pull request #3646 from julek-wolfssl/nginx-1.19.6 
Add support for Nginx 1.19.6
 2021-02-24 12:21:51 -08:00
Juliusz Sosinowicz
d074e7443f Remove default ticket cb as this will be added in another PR 2021-02-23 10:06:11 +01:00
David Garske
b5239f97c4 Fixes for warnings in Windows. Fix for failing wc_BufferKeyEncrypt with PBKDF disabled. ZD 11759. 2021-02-22 16:51:17 -08:00
Eric Blankenhorn
ebb2c7ae71 Fix ret val for wolfSSL_BIO_set_ssl 2021-02-19 16:35:01 -06:00
Fabian Keil
400a1d6927 Compile wolfSSL_ASN1_TIME_set_string() independently of NO_WOLFSSL_STUB 2021-02-19 05:45:09 +01:00
Sean Parkinson
ad58478d29 Merge pull request #3765 from embhorn/zd11703 
Validate name size
 2021-02-18 08:42:26 +10:00
Eric Blankenhorn
caa39f78ae Fix from review and leak in wolfSSL_X509_get_serialNumber 2021-02-17 13:53:30 -06:00
Eric Blankenhorn
608083f559 Add more checks for name->sz 2021-02-17 12:19:42 -06:00
Eric Blankenhorn
806b5d7d23 Validate name size 2021-02-16 14:58:58 -06:00
Juliusz Sosinowicz
89fd0b375b Correctly read anon cipher run-time options 2021-02-16 14:27:19 +01:00
Juliusz Sosinowicz
9265c3f71f Use native API for ticket callback 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
0ae1a8b8c5 Jenkins fixes 
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
e80158a96e Set full chain with known CA's in wolfSSL_set_peer_cert_chain 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
26df833074 Compat layer session tickets 
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
9a1e54cfd5 Nginx 1.19.6 Fixes 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
b63f43a2af Nginx 1.19.6 
- Implement X509_pubkey_digest
- Initialize entire WOLFSSL_X509_NAME struct to zero
- Set raw and rawLen when copying WOLFSSL_X509_NAME
 2021-02-16 14:25:45 +01:00
Eric Blankenhorn
b7b07e1945 Adding wolfSSL_CTX_get_TicketEncCtx 2021-02-15 11:28:46 -06:00
Jacob Barthelmeh
1c852f60ab fix for g++ build 2021-02-12 23:26:54 +07:00
toddouska
80b9949052 Merge pull request #3739 from kaleb-himes/FusionRTOS-Porting-R3 
Fusion RTOS porting round 3
 2021-02-11 12:25:55 -08:00
toddouska
39cb84de25 Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff 
OpenVPN master additions
 2021-02-11 08:56:45 -08:00
toddouska
032cc1645c Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb 
TLS Session Ticket: default encryption callback
 2021-02-10 16:13:33 -08:00
toddouska
67b1280bbf Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
kaleb-himes
223ba43c2c Add debug message regarding failure 2021-02-10 12:15:43 -07:00
kaleb-himes
9e6ab4ab70 Address indendation, fix return on stub, remove warning 2021-02-10 11:26:29 -07:00
kaleb-himes
4c171524dd Address missed CloseSocket item and revert some white space changes 2021-02-10 09:14:54 -07:00
Sean Parkinson
794cb5c7a9 TLS Session Ticket: default encryption callback 
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
 2021-02-10 14:31:54 +10:00
kaleb-himes
89b97a0fbf Implement peer feedback 2021-02-09 18:42:23 -07:00