wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-05 05:44:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,882 Commits 13 Branches 184 Tags
0b0b980784e86d8f4f02e13ffa3f04c192ca474c
Commit Graph

18882 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske d9ca5f6d3a Merge pull request #5893 from kaleb-himes/mtu-with-static-mem 
Add alt case for unsupported static memory API
 2022-12-15 09:22:21 -08:00
Andras Fekete 9c135e59dc Script can run from an arbitrary folder 2022-12-15 12:22:05 -05:00
David Garske d46813953d Merge pull request #5892 from tatowicz/decodealtnames-fuzz-fix 
Add Overflow check to DecodeAltNames input buffer access
 2022-12-15 09:21:37 -08:00
Andras Fekete 64d39dbd74 Cleaner base image 2022-12-15 12:10:48 -05:00
Andras Fekete c1ad3457f3 Run as non-root local user 2022-12-15 12:10:25 -05:00
Andras Fekete be1b3ec007 Fix issue with multiple command arguments 2022-12-15 11:25:43 -05:00
kaleb-himes 46c47e4adc Fix a quick leak in the test apps 
Fix a double-free scenario also
 2022-12-15 09:13:45 -07:00
Stefan Eissing 78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake. 
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
 2022-12-15 09:33:01 +01:00
gojimmypi d8c9a5aa17 return benchmark to auto-scale units by default 2022-12-14 20:45:44 -08:00
gojimmypi 8831fbd22e fix csv math, units/sec, PQ cycle header 2022-12-14 20:27:15 -08:00
JacobBarthelmeh 8924487f27 fix warning for builds using cmac and not devID 2022-12-14 15:38:08 -08:00
JacobBarthelmeh 89c993eff3 fix AES-CCM enc/dec for SECO (passes nonce directly) 2022-12-14 15:20:03 -08:00
JacobBarthelmeh b79879d106 fix setting IV when importing AES key into SECO 2022-12-14 15:20:03 -08:00
JacobBarthelmeh 9f77210b0b update benchmark for devID builds 2022-12-14 15:20:03 -08:00
kaleb-himes ed17524793 Add alt case for unsupported static memory API 2022-12-14 16:02:35 -07:00
Sean Parkinson a3f3c76faa Merge pull request #5890 from anhu/fix_iv_size 
Fix the wrong IV size.
 2022-12-15 08:43:25 +10:00
Sean Parkinson 3d8f25ab7d Merge pull request #5430 from dgarske/sniffer_multithread 
Support for multi-threaded sniffer
 2022-12-15 08:18:49 +10:00
David Garske 3fd2292d11 Merge pull request #5889 from anhu/dtls13_pqtests 
Kyber with DTLS 1.3 tests
 2022-12-14 13:20:32 -08:00
Anthony Tatowicz 370e0ce0f4 Add formatting fixes 2022-12-14 13:54:03 -06:00
Anthony Hu c5ca20fe43 New files so add them to include.am 2022-12-14 13:28:20 -05:00
Andras Fekete d55ef14cc7 First crack at creating a common Docker environment 2022-12-14 13:17:22 -05:00
Anthony Tatowicz 8580ac0377 Add Overflow check to DecodeAltNames input buffer access 2022-12-14 12:08:19 -06:00
Anthony Hu 472a31a801 Fix the wrong IV size. 2022-12-14 13:04:38 -05:00
Anthony Hu ad6d6be620 Kyber with DTLS 1.3 tests 2022-12-14 12:46:24 -05:00
David Garske 6be0512728 Peer review cleanups. 2022-12-14 09:25:04 -08:00
David Garske b2d25ece98 Merge pull request #5885 from anhu/pq_session_ticket 
Allow session tickets to properly resume when using PQ KEMs.
 2022-12-13 16:32:07 -08:00
David Garske e33d59cd76 Review cleanups. 2022-12-13 10:55:22 -08:00
Anthony Hu 364835dc9e Allow session tickets to properly resume when using PQ KEMs. 
Found with:

```
./configure --with-liboqs --enable-session-ticket
./examples/server/server -v 4 -r --pqc P521_KYBER_LEVEL5
./examples/client/client -v 4 -r --pqc P521_KYBER_LEVEL5
```
 2022-12-13 11:36:00 -05:00
Daniel Pouzzner 64ef6aedd6 Merge pull request #5882 from SparkiDev/sp_aarch64_be 
SP: support aarch64 big endian
 2022-12-12 22:06:38 -06:00
Sean Parkinson a7a6d5b297 Merge pull request #5874 from JacobBarthelmeh/tls13 
adjust post auth support with TLS 1.3
 2022-12-13 09:39:31 +10:00
Sean Parkinson bc3b723609 SP: support aarch64 big endian 2022-12-13 09:33:16 +10:00
David Garske d0c9ec6681 Merge pull request #5854 from JacobBarthelmeh/Certs 
fix other name san parsing and add RID cert to test parsing
 2022-12-12 14:44:07 -08:00
David Garske a1e883b43d Merge pull request #5875 from JacobBarthelmeh/Compatibility-Layer 
fix for handling DEFAULT:... cipher suite list
 2022-12-12 14:43:50 -08:00
David Garske 334042d7f5 Merge pull request #5881 from anhu/warn_session_ticket 
Warn that renegotiation in TLS 1.3 requires session ticket.
 2022-12-12 13:51:28 -08:00
David Garske 36413a2c11 Merge pull request #5879 from SparkiDev/api_test_timing 
API test: Report time taken to perform test
 2022-12-12 12:31:06 -08:00
David Garske f87859a00e Whitespace cleanups. Use const for test_tls_ext_duplicate. 2022-12-12 08:59:53 -08:00
David Garske 78f495cdae Merge pull request #5877 from SparkiDev/x509v3_d2i_aia 
X509v3 EXT d2i: fix freeing of aia
 2022-12-12 08:59:15 -08:00
David Garske 2a97862d26 Merge pull request #5878 from SparkiDev/benchmark_aesofb_fix 
Benchmark AES-OFB: initialize and free AES object
 2022-12-12 08:57:44 -08:00
Anthony Hu b017795413 Remove changes around wolfSSL_set_session() as it breaks tests. 2022-12-12 11:44:27 -05:00
David Garske de22dbe61d Support for multi-threaded sniffer. Add support for atomic operations instead of mutex in wc_port.h. 2022-12-12 08:39:42 -08:00
Anthony Hu fffd3adc30 Warn that renegotiation in TLS 1.3 requires session ticket. 2022-12-12 11:30:01 -05:00
David Garske b871829833 Merge pull request #5811 from lealem47/zd15184 
Async Sniffer: Fix for decryption after second handshake
 2022-12-12 08:21:35 -08:00
Sean Parkinson b4b1739783 API test: Report time taken to perform test 
API test now displays timing taken to perform a test case to help
identify ones that are doing too much work.
 2022-12-12 12:24:38 +10:00
David Garske 50c5d61998 Merge pull request #5872 from SparkiDev/tls_ext_no_dup 
TLS: detect duplicate known extensions
 2022-12-11 16:53:38 -08:00
Sean Parkinson 819d40a76f Benchmark AES-OFB: initialize and free AES object 
Device ID is not initialized unless wc_AesInit() is called.
Call wc_AesFree() for possible hardware implementations.
 2022-12-12 10:45:21 +10:00
Sean Parkinson 7f3de91e25 X509v3 EXT d2i: fix freeing of aia 
aia is a stack and must be pop freed rather than freed with XFREE.
Extract function that creates Authority Info Access stack.

Fix spelling issue raised by codespell.
 2022-12-12 10:13:13 +10:00
Sean Parkinson 9ab8867b42 TLS: detect duplicate known extensions 
TLS specification requires that there not be more than one extension of
the same type in a given extension block. E.g. ClientHello
 2022-12-12 08:35:04 +10:00
JacobBarthelmeh f974bd4ad6 move test function call into macro guard 2022-12-10 15:45:14 -08:00
JacobBarthelmeh 8b296877ab fix for handling DEFAULT:... cipher suite list 2022-12-10 14:53:43 -08:00
JacobBarthelmeh 389cf6ed0a adjust post auth support with TLS 1.3 2022-12-10 06:49:51 -08:00