wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:12:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,875 Commits 12 Branches 184 Tags
0dbd0ffb4e50ef4b8c6b8280ce01ac9e9962d677
Commit Graph

17875 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
0dbd0ffb4e Merge pull request #5483 from embhorn/zd14659 2022-08-22 14:28:29 +02:00
Sean Parkinson
26c61f8e0f Merge pull request #5473 from icing/quic-hello-retry 
Respect disabled curves on HelloRetryRequests
 2022-08-22 08:32:30 +10:00
David Garske
b417f94435 Merge pull request #5485 from SparkiDev/tls13_state_string_long 
wolfSSL_state_string_long - update for TLS 1.3 and DTLS 1.3
 2022-08-19 10:09:09 -07:00
David Garske
f3b9cfa71c Merge pull request #5487 from icing/tls13_early_nr 
Improved EarlyData Indicator reply fix based on PR #5486
 2022-08-19 09:54:17 -07:00
Stefan Eissing
a7c0c4649e Fixing Handshake Hash update when Preshared Keys offered by client, 
but none of them was accepted.

- This applies to TLSv1.3 and QUIC
- QUIC test case to trigger the bug enabled
 2022-08-19 15:56:20 +02:00
David Garske
1d0e83bd1a Merge pull request #5474 from julek-wolfssl/zd14644-2 
Match OpenSSL self signed error return.
 2022-08-19 06:46:26 -07:00
Eric Blankenhorn
3d8562f07b Fixes for build and runtime issues 2022-08-19 08:12:04 -05:00
Stefan Eissing
6cb0caa0a0 Adding disabledCurves as a member of WOLFSSL in the OPENSSL_EXTRA case. 
- inheriting from WOLFSSL_CTX on creation
- enabling on WOLFSSL only when wolfSSL_set1_curves_list() is called
 2022-08-19 11:03:23 +02:00
Stefan Eissing
7a5170b6e1 Improved EarlyData Indicator reply fix based on PR #5486 
- PR #5486 had test failures in tls13.test and quit unit.test
- the extension was no longer added in SessionTicket messages
- added extra parameter to clarify how the TLSX is used
 2022-08-19 10:07:06 +02:00
Stefan Eissing
a66516d3a5 Extending quic resumption tests. 2022-08-19 09:02:28 +02:00
Sean Parkinson
4b8cd6c62b wolfSSL_state_string_long - update for TLS 1.3 and DTLS 1.3 2022-08-19 09:41:01 +10:00
Daniel Pouzzner
969ad96dee examples/{client,server}/{client,server}.c: remove spurious commas in --pqc help strings, and mollify clang-tidy bugprone-suspicious-missing-comma re --force-curve help strings. (#5480) 2022-08-18 13:32:58 -04:00
Stefan Eissing
6316e26bdc Adding the forgotten wolfSSL_CTX_free() at the end of the new test_quic_key_share case. 2022-08-18 10:24:18 +02:00
Chris Conlon
e830a0f613 Merge pull request #5434 from satoshiyamaguchi/trial4 2022-08-17 17:04:36 -06:00
Peter Torelli
aa812c8aa9 Added support for P384 pre-share in server (#5442) 
Added support for new server `--force-curve` option.
 2022-08-17 15:30:48 -07:00
Chris Conlon
91a49da4b8 Merge pull request #5468 from SparkiDev/wolfssl_clear 2022-08-17 15:51:25 -06:00
David Garske
91d1bbbd44 Merge pull request #5477 from douzzer/20220817-make-quic-optional 
20220817-make-quic-optional
 2022-08-17 14:34:12 -07:00
Daniel Pouzzner
5b260ac52e configure.ac: remove enable-quic from enable-all feature set; 
remove ENABLED_QUIC="yes" from "$ENABLED_CURL" = "yes" setup section;
add ENABLED_CURVE25519=yes if $ENABLED_QUIC = yes;

tests/unit.c: move QuicTest() and SrpTest() before SuiteTest().
 2022-08-17 14:25:38 -05:00
Daniel Pouzzner
be378a346e Merge pull request #5475 from dgarske/rsa_pss_async 
Fixes for RSA PSS with `--enable-asynccrypt` in `ConfirmSignature`
 2022-08-17 12:04:05 -05:00
David Garske
b9c9ad0339 Fixes for RSA PSS with --enable-asynccrypt in ConfirmSignature. 2022-08-17 08:20:06 -07:00
Stefan Eissing
3918a2e29a Renaming the named_curve parameter to curve_id to avoid shadowing. 2022-08-17 17:01:18 +02:00
Juliusz Sosinowicz
008e947fec Match OpenSSL self signed error return. 
OpenSSL compat expects ASN_SELF_SIGNED_E when a self signed cert can't be verified. This is useful when translating the error with GetX509Error into a X509_V_ERR_* error.
 2022-08-17 12:40:16 +02:00
Stefan Eissing
d6548b6b88 Small refactoring of named group handling for readability and de-duplicating of code. 
- add wolfSSL_CTX_curve_is_disabled() and wolfSSL_curve_is_disabled()
  to have common checks on wether a curve has been disabled by user
- add macros returning 0 for above function when OPENSSL_EXTRA is not
  defined, enabling use without #fidef check
- add macros for checking if named groups are in a certain range
  WOLFSSL_NAMED_GROUP_IS_FFHDE()
  WOLFSSL_NAMED_GROUP_IS_PQC()

Fixed QuicTransportParam_free() use without case when compiling
with c++.
 2022-08-17 11:46:48 +02:00
Sean Parkinson
7435402c30 Fixes to better handle re-use of a WOLFSSL object via wolfSSL_clear. 2022-08-16 15:44:05 -07:00
David Garske
3f7d56d957 Merge pull request #5471 from icing/quic-mem-leak 
Fix memory leak in QUIC transport parameters extension
 2022-08-16 13:22:20 -07:00
John Safranek
be2a6cbeb9 Merge pull request #5420 from Uriah-wolfSSL/ms_abi 
Ms abi
 2022-08-16 09:21:14 -07:00
Stefan Eissing
3434210b13 Fix memory leak in QUIC transport parameters extension 2022-08-16 18:13:25 +02:00
Satoshi Yamaguchi
e1b3f14d35 Fix FILE pointer not closed in tests/api.c 2022-08-17 00:11:29 +09:00
David Garske
55eb460d1a Merge pull request #5403 from SparkiDev/ecc_import_priv_order 
ECC import priv: validate priv is less than order
 2022-08-15 21:36:46 -07:00
David Garske
a954cf82e3 Merge pull request #5469 from anhu/init_CertName 
Initialize the Enc memberss of CertName struct.
 2022-08-15 20:42:26 -07:00
Sean Parkinson
8aa2bde3c2 Merge pull request #5470 from kaleb-himes/openssl3_0_testing 
Allow for renegotiation testing with openssl 3.0 installed on jenkins…
 2022-08-16 11:02:22 +10:00
kaleb-himes
1dd318741d Allow for renegotiation testing with openssl 3.0 installed on jenkins slaves (also tested with openssl 1.1) 2022-08-15 16:33:06 -06:00
Anthony Hu
52ed047a44 Fix a mismatched decl and impl 2022-08-15 12:13:05 -04:00
Sean Parkinson
23a01b3276 SP: CT from_mp when sp_digit bits equal mp_digit bits. 
Made constant time copy of values from an mp_int int array of sp_digit.
Stops OOB writes when mp_int is bigger than it should be.
 2022-08-15 09:02:24 -07:00
Anthony Hu
5e7cff71fd Initialize the Enc memberss of CertName struct. 
Tested by reproducing the problem in an example and confirming fix makes problem
go away.
 2022-08-15 11:43:33 -04:00
David Garske
e56a2355ca Merge pull request #5464 from julek-wolfssl/zd14644 
Translate the verify callback error to an X509_V_ERR_* value when OPENSSL_COMPATIBLE_DEFAULTS is defined
 2022-08-15 06:30:36 -07:00
Uriah Pollock
7e00b32c71 Corrected line spacing incorrect arg passings. 2022-08-14 20:16:42 -05:00
David Garske
28f22859bb Merge pull request #5451 from embhorn/zd14428 
Fix TSIP ret value in TLSX_KeyShare_ProcessEcc
 2022-08-14 11:27:20 -07:00
David Garske
dfb3616d50 Merge pull request #5465 from douzzer/20220812-fixes 
20220812-fixes
 2022-08-14 08:03:40 -07:00
Derzsi Dániel
f515916f68 Add liboqs integration to CMake build system (#5407) 
* Add liboqs integration to CMake build system

* Rephrase WOLFSSL_OQS option

* Add new FindOQS.cmake file to cmake/include.am

Co-authored-by: Disyer <denialmc1@gmail.com>
 2022-08-12 16:23:24 -04:00
Daniel Pouzzner
e382905311 CMakeLists.txt: synchronize CMAKE_C_FLAGS with diagnostic flags set in autotools-generated Makefile (-Wall -Wextra -Wno-unused -Werror), and fix WOLFSSL_RSA_PSS to add -DWOLFSSL_PSS_LONG_SALT as needed by changes to test_wolfSSL_CertRsaPss() in fb531dacc2 (gating of those changes is also added in this commit). 2022-08-12 15:18:41 -05:00
Daniel Pouzzner
b4f1b6d04d fix whitespace and C++-style comments. 2022-08-12 15:18:27 -05:00
David Garske
60437bba6e Merge pull request #5378 from anhu/dilithium 
Initial commit to add Dilithium NIST PQC winner.
 2022-08-12 09:29:42 -07:00
Anthony Hu
0d78bd2127 Merge pull request #5459 from dgarske/docs 
Improve documentation for CMAC
 2022-08-12 10:37:07 -04:00
Juliusz Sosinowicz
551acd2b19 Translate verify callback error with compat layer 2022-08-12 16:27:31 +02:00
Juliusz Sosinowicz
126a570a37 Add HAVE_WOLFSSL_MSG_EX define when WOLFSSL_MSG_EX is available 2022-08-12 16:27:31 +02:00
David Garske
90c65bd50b Merge pull request #5458 from icing/quic-earlydata 
QUIC fixes for handling of early data
 2022-08-11 17:52:29 -07:00
Chris Conlon
c66a21c40a Add Zephyr support for nRF5340 with CryptoCell-312, PSA Crypto fixes (#5418) 
* PSA: set AES key bits, define PSA_ALG_NONE/PSA_KEY_ID_NULL if needed
* Zephyr: add TimeNowInMilliseconds() for tls13.c, clock_settime() for test.c, update CMakeLists.txt
* Skip including unistd.h for Zephyr in benchmark.c
* Zephyr: update README, add nRF5340dk support to wolfssl_test sample app
* Zephyr: add wolfCrypt benchmark sample app
* Zephyr: add nRF5340 support to tls_thread sample app
* PSA: use specific hash algo with psa_sign/verify_hash()
* Zephyr: add support for PSA Crypto API with PK callbacks to wolfssl_tls_threaded sample app
* Zephyr: add new files to zephyr/include.am
 2022-08-11 17:42:05 -07:00
David Garske
3f4b3605a6 Merge pull request #5460 from douzzer/20220811-quic-fixes-and-OLD-TLS-gating 
20220811-quic-fixes-and-OLD-TLS-gating
 2022-08-11 17:36:06 -07:00
Sean Parkinson
d4646696ed Merge pull request #5448 from julek-wolfssl/ext-msg-check 
Validate that extensions appear in correct messages
 2022-08-12 08:39:42 +10:00