Wykres commitów

44 Commity (919e674f6ebb553a2cc5fc064a78c98a8d1c82ce)

Autor SHA1 Wiadomość Data
Angus Gratton 66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
David Cermak 1c8171c3e8 asio: option to use wolfSSL as TLS stack for ASIO
Plus other minor update, make openssl aware of current modes (SSL_set_mode)
Update coding style in examples and tests, including copyright notices
2020-07-14 10:42:17 +00:00
David Cermak bd1e9b5ea7 openssl: basic support for errors and bio objects
Closes https://github.com/espressif/esp-idf/issues/3406
2020-07-14 10:42:17 +00:00
Anton Maklakov afbaf74007 tools: Mass fixing of empty prototypes (for -Wstrict-prototypes) 2019-08-01 16:28:56 +07:00
Angus Gratton a67d5d89e0 Replace all DOS line endings with Unix
Command run was:
git ls-tree -r HEAD --name-only | xargs dos2unix
2018-07-12 19:10:37 +08:00
Ivan Grokhotkov cb649e452f remove executable permission from source files 2018-05-29 20:07:45 +08:00
Jitin George f0ebf613f4 OpenSSL API addition 2018-02-20 12:32:12 +05:30
Andy Green ae1f1e9b84 openssl wrapper: introduce X509_VERIFY_PARAM_set/clear_hostflags
This defines the OpenSSL X509_CHECK_FLAG_...s and the set/clear
accessors.  Since none of them are supported, the set / clear
accessor currently always does nothing and returns error.

This call is often part of the generic openssl user code to
set up certificate verification.  This patch allows it to
compile for ESP32 and decide at runtime what to do about
unsupported flags.

Merges https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:25:57 +11:00
Andy Green effc6c6d0d openssl wrapper: introduce X509_VERIFY_PARAM_set1_host
This lets the user code set the mbedtls hostname using the standard OpenSSL
X509_VERIFY_PARAM_set1_host() API semantics.

The API takes an X509_VERIFY_PARAM pointer.  We use the fact that is
a composed member of the SSL struct to derive the SSL pointer.

The X509_VERIFY_PARAM_set1_host() is unusual in that it can accept a
NUL terminated C string as usual, or a nonterminated pointer + length.
This implementation converts the latter to the former if given, before
using it.

This is enough for user code to get the openssl wrapper to make
mbedtls confirm the CN on the peer cert belongs to the hostname used
to reach it, by doing, eg

	X509_VERIFY_PARAM_set1_host(SSL_get0_param(myssl), myhostname, 0);

Merges https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:24:06 +11:00
Andy Green 0f02a38262 openssl wrapper: introduce SSL_get0_param
This adds the standard OpenSSL api to get a pointer to the SSL struct's
X509_VERIFY_PARAM.  We need this for the OpenSSL api to set the peer
hostname introduced in the next patch.

Part of https://github.com/espressif/esp-idf/pull/980
2017-11-20 16:23:18 +11:00
Kedar Sovani b65f47c586 [openssl] Add support for SNI (sending the hostname) 2017-10-31 16:57:38 +05:30
Kedar Sovani 3420baa01b [openssl] Add support for defining ALPN protocols 2017-10-31 16:57:38 +05:30
Dong Heng 905180667c components/openssl: refactor openssl debugging and assert function
1. add openssl option at menuconfig
2. remove SSL_ERR to reduce complexity
3. add more functions about debugging and assert

According these, our coders and customers may use and debug the OpenSSL code easily.
2017-01-17 10:15:26 +08:00
Dong Heng 8c7dfef317 examples/10_openssl_server: fixup SSL server with method of specific version
1. add method of any version supporting at OpenSSL and add API in header file
2. change OpenSSL server context method to be method of any version

Fixes http://esp32.com/viewtopic.php?f=14&t=696.
2017-01-05 15:57:25 +08:00
Dong Heng 734c1dd954 components/openssl: sync the code form esp8266 sdk 2016-11-14 09:40:12 +08:00
Dong Heng 12e78e9590 components/openssl: add more debug stream output function 2016-11-01 15:16:14 +08:00
Dong Heng bc710e5b88 components/openssl: refacetor the SSL debug function
Add the "ssl_opt.h" file to make user able t add its platform interface
2016-11-01 14:59:50 +08:00
Dong Heng fc6b52574a components/openssl: refactor the SSL port function and debug function 2016-11-01 13:07:10 +08:00
Dong Heng ecefb1305a components/openssl: change header file relationship of level 2016-10-10 10:40:00 +08:00
Dong Heng 2033068a72 components/openssl: add internal openssl X509 debug function 2016-10-09 16:42:49 +08:00
Dong Heng 877adaab7a components/openssl: add some function description 2016-09-27 18:50:57 +08:00
Dong Heng 3882937427 components/openssl: add debug message and change verifying mode 2016-09-27 10:06:24 +08:00
Dong Heng cf4aaf6397 components/openssl: optimize the SSL certification and private key function
1. add inheritance function
2. remove low-level platform unload cert & pkey function
3. optimize the cert load and free function
2016-09-26 11:14:19 +08:00
Dong Heng d2bc170b86 components/openssl: add SSL session function
1. add SSL session new and free function
2. add SSL session peer cert get and free operation
3. above all, change low-level cert object to be object point not object
2016-09-23 18:13:10 +08:00
dongheng 83aea6c833 components/openssl: add extern C symbol 2016-09-23 15:18:14 +08:00
dongheng 5c5f7eb7fe components/openssl: add openssl stack object function 2016-09-23 14:53:19 +08:00
dongheng f9fd5b6c72 components/openssl: add X509 verify result errno 2016-09-23 14:52:33 +08:00
dongheng 59bb9a9a01 components/openssl: [TW7411] supply doxygen type note 2016-09-23 14:50:27 +08:00
dongheng e475d0539e components/openssl: add SSL and SSL context verify mode selection 2016-09-23 11:41:57 +08:00
dongheng 07c8bbca6c components/openssl: SSL low-level reload cert when user add new cert 2016-09-23 10:53:18 +08:00
dongheng 9fc054bb55 components/openssl: SSL load cert with creating new cert object
1. when 'SSL_new' SSL's cert is pointed to SSL context cert
           If SSL load new cert, it will create a new cert object
        2. change some debug informaion
2016-09-23 10:33:31 +08:00
dongheng 18787fd4fc components/openssl: add empty fucntion to get peer certification and fix ref overflow 2016-09-22 17:20:07 +08:00
dongheng f796b4e58e components/openssl: SSL load verify data from itself structure when "new" 2016-09-22 16:41:51 +08:00
dongheng 2faa2376a0 components/openssl: add empty function to load verify file into SSL context
1. add empty function to load private key into SSL context
        2. add empty function to load certification into SSL context
	3. add function to load RSA private key
2016-09-22 15:39:28 +08:00
dongheng 6f07409d7c components/openssl: add function to set and get verify depth
1. add function to set and get SSL verify depth
	2. add function to set and get SSL context verify depth
	3. add X509_VERIFY_PARAM structure
2016-09-22 15:30:25 +08:00
dongheng b3145446aa components/openssl: add function "ssl_pm_get_verify_result"
1. add function ssl_pm_get_verify_result
	2. add its platform low-level interface
2016-09-22 15:15:16 +08:00
dongheng 2cc32db52d component/openssl: add openssl stack function and clear unused variate
1. add openssl 'new' and 'free' function
	2. add clear unused variate to void warning to appear when compile
        3. add internal function 'X509_new' to take the place of 'sk_X509_NAME_new_null' function whitch is openssl stack function
2016-09-22 14:42:49 +08:00
dongheng c504fe4856 components/openssl: 1. add stack_st structure and its advanced defination including its derived child defination
2. add SSL_add_client_CA & SSL_get_certificate
2016-09-22 12:57:39 +08:00
dongheng 845ca8b34f components/openssl: delete ssl_rsa.c & .h file 2016-09-22 11:43:59 +08:00
dongheng 6bd3d62d7c components/openssl: add license header 2016-09-22 10:28:08 +08:00
dongheng b89168d0f1 components/openssl: add ssl_port.c & .h file 2016-09-21 17:51:12 +08:00
dongheng 5adc661d05 components/openssl: add more interface for application 2016-09-21 09:23:29 +08:00
dongheng 44c466c0ea components/openssl: add base function version 2016-09-20 16:58:46 +08:00
dongheng db2da43fc1 components/openssl: add API header for openssl compatibility layer 2016-09-14 19:39:24 +08:00