This will allow the user to pass in a context pointer. Allows them to avoid
global variables.
We also add unknown extensions callback when processing a CA in cert manager
as CA certs can have unknown extensions as well.
Fixes ZD 18252
pk.c:
EncryptDerKey - setting wrong ret value on allocation failure.
wolfssl_rsa_generate_key_native - now checks e is a valid long
before passing in.
Fix formatting.
ssl_load.c:
ProcessBufferPrivPkcs8Dec - now checking password is not NULL
before zeroizing. Allocation may fail and ForceZero doesn't check for
NULL.
Fix formatting.
tests/api.c:
test_RsaSigFailure_cm - Check cert_sz is greater than zero
before use.
send_new_session_ticket - assert that building the message
doesn't return error or 0.
test_ticket_nonce_malloc - fix setting of medium and big to use
preprocessor. Fix big to be medium + 20.
asn.c:
GetLength_ex - Fix type of bytes so that it can go negative.
sp_int.h:
sp_clamp - add one to ii while it is a signed.
Fix formatting.
Add option to use AES-CBC with HMAC for default session ticket enc/dec.
Defaults to AES-128-CBC with HMAC-SHA256.
Options include:
WOLFSSL_TICKET_ENC_HMAC_SHA512 for HMAC-SHA512
WOLFSSL_TICKET_ENC_HMAC_SHA384 for HMAC-SHA384
WOLFSSL_TICKET_ENC_AES256_CBC for AES-256-CBC
Disable ECC but have OPENSSL_EXTRA and curve25519 - fix #ifdef
protection in ssl.c.
tests/api.c:
SSL_SESSION_get_max_fragment_length is not available when no session
cache.
ASN1 APIs using generalized time disabled when NO_ASN_TIME defined so
disable tests.
TLS uses DER API now and needs to be protected with the right #ifdefs.
Do the right check of size in wc_Dilithium_PrivateKeyDecode().
Don't require public key when doing private DER.
Fixes from memory allocation failure testing.
Also:
fix asn.c to have ifdef protection around code compiled in with dual
algorithm certificates.
fix test_tls13_rpk_handshake() to support no TLS 1.2 or no TLS 1.3.
fix wc_xmss_sigsleft() to initialize the index to avoid compilation
error.
* Update OIDs etc. to match OQS ML-DSA values (old ones were Dilithium
Round 3 values)
* Make sure private key files/buffers containing both the private and
the public key are parsed correctly
Signed-off-by: Tobias Frauenschläger
<tobias.frauenschlaeger@oth-regensburg.de>
