David Garske
caf9024984
Merge pull request #4652 from douzzer/no-rsa-no-dh-no-dsa
...
WOLFSSL_ECC_NO_SMALL_STACK etc
2021-12-13 10:12:14 -08:00
Daniel Pouzzner
355b779a3e
feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c.
2021-12-11 14:08:04 -06:00
Anthony Hu
4c12f0be95
Only one call to wc_falcon_init() and comment on 300.
2021-12-10 16:40:41 -05:00
Anthony Hu
1d8ff70900
In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey.
...
This allows apache-httpd to work without PQ-specific patch along with a previous
pull request.
2021-12-10 14:18:42 -05:00
David Garske
b921161309
Merge pull request #4633 from SparkiDev/tls13_expired
...
TLS13: Skip if expired rather than turning off resuming
2021-12-09 14:10:42 -08:00
Sean Parkinson
32014c69fd
TLS 13 session ticket timeout: fixup checks
...
Check difference between now and ticket seen from encrypted ticket
against timeout.
2021-12-09 12:43:30 +10:00
Sean Parkinson
cf0d3263ac
Merge pull request #4628 from julek-wolfssl/issue-4623
...
Handle an `EPIPE` error from the socket
2021-12-09 08:08:56 +10:00
Sean Parkinson
85ec6054c6
TLS13: Skip if expired rather than turning off resuming
2021-12-07 13:58:38 +10:00
Sean Parkinson
9f6aa36866
Merge pull request #4629 from dgarske/zd13337
...
Additional checking for side on TLS messages
2021-12-07 10:13:44 +10:00
Sean Parkinson
d5c27fca7d
Merge pull request #4626 from JacobBarthelmeh/certs
...
add human readable string of IP
2021-12-07 08:23:31 +10:00
Chris Conlon
e45c33a771
Merge pull request #4624 from miyazakh/jenkins_qt_failure
2021-12-06 09:53:34 -07:00
David Garske
54c3e0ac73
Additional checking for side on TLS messages. ZD13337
2021-12-03 11:49:08 -08:00
Juliusz Sosinowicz
e4bd5d9046
Handle an EPIPE error from the socket
...
Issue reported in https://github.com/wolfSSL/wolfssl/issues/4623
2021-12-03 17:44:53 +01:00
Jacob Barthelmeh
1ec86ee4cc
add human readable string of IP
2021-12-02 16:04:58 -07:00
David Garske
b4c6140b64
Merge pull request #4442 from julek-wolfssl/kerberos
...
Add Kerberos 5 support
2021-12-02 09:07:34 -08:00
Hideki Miyazaki
a5bd6cde8d
fix nigtly jenkins Qt Job failure
2021-12-02 16:37:48 +09:00
David Garske
9f611e8b80
Merge pull request #4589 from JacobBarthelmeh/native-lwip
...
Native LwIP support update
2021-12-01 10:37:13 -08:00
Sean Parkinson
d06ada2ccc
Merge pull request #4610 from julek-wolfssl/nginx-1.21.4
...
Add support for Nginx 1.21.4
2021-12-01 22:27:12 +10:00
Juliusz Sosinowicz
aac1b406df
Add support for Nginx 1.21.4
...
- Add KEYGEN to Nginx config
- Check for name length in `wolfSSL_X509_get_subject_name`
- Refactor `wolfSSL_CONF_cmd`
- Implement `wolfSSL_CONF_cmd_value_type`
- Don't forecfully overwrite side
- `issuerName` should be `NULL` since the name is empty
2021-12-01 09:49:52 +01:00
David Garske
a0300f7ab0
Fixes for ECDSA_Size. If group is unknown set to -1, otherwise defaults to first ECC index. Fix the signature size calculation to use our existing enum and calculation logic. ZD13303
2021-11-30 12:33:49 -08:00
David Garske
29517fd617
Merge pull request #4609 from danielinux/tls13_hkdf_callback
...
TLS 1.3: Add HKDF extract callback
2021-11-30 10:59:44 -08:00
Daniele Lacamera
c3b1d9f9e7
Cosmetic and prototypes changes after reviewer's comments
2021-11-30 10:06:54 +01:00
Daniel Pouzzner
a33ae21801
whitespace cleanups and portability/pedantic fixes
2021-11-29 23:58:39 -06:00
Jacob Barthelmeh
f7c34d22e6
add calls to user callback and adjust formating
2021-11-29 15:56:00 -07:00
Chris Conlon
7221e06ff7
Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio
2021-11-29 15:32:48 -07:00
Daniele Lacamera
57fb5453cb
Support for HKDF Extract callback
2021-11-29 14:51:13 +01:00
Hideki Miyazaki
fb4e39f00a
addressed review comments prt1
2021-11-26 16:03:42 +09:00
David Garske
dcc2a2852c
Merge pull request #4590 from JacobBarthelmeh/fuzzing
...
sanity check on pem size
2021-11-22 16:09:13 -08:00
Juliusz Sosinowicz
0de4136ad6
Rebase fixes
2021-11-22 13:10:55 +01:00
Juliusz Sosinowicz
5fc2dadde1
Fix issue in wolfSSL_BN_rand_range causing random errors
2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
1d7b2de074
Code review changes
2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
3da810cb1b
Implement OpenSSL API's
...
- `OBJ_DUP`
- `i2d_PKCS7`
- `BN_rshift1
- `BN_rshift` testing
- Add `--enable-krb`
2021-11-22 11:47:58 +01:00
Juliusz Sosinowicz
e7c5f137be
Implement BN_rand_range
2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
82a9f74476
Compat updates
...
- implement `wolfSSL_PEM_X509_INFO_read`
- `wolfSSL_EVP_CipherUpdate` no-ops on `NULL` input
- add md4 support to `wolfSSL_EVP_MD_block_size` and `wolfSSL_EVP_MD_size`
2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
ccbe184434
Implement CTS
...
Ciphertext stealing on top of CBC is implemented with `wolfSSL_CRYPTO_cts128_encrypt` and `wolfSSL_CRYPTO_cts128_decrypt` APIs
2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
fa662c2ab1
AES_cbc_encrypt enc parameter flipped. 1 = encrypt 0 = decrypt
...
This change makes the `enc` parameter of `AES_cbc_encrypt` consistent with OpenSSL. This commit flips the meaning of this parameter now.
2021-11-22 11:45:27 +01:00
Hideki Miyazaki
82eb23b300
addressed jenkins failures
2021-11-20 10:15:57 +09:00
David Garske
5182e2a8c8
Merge pull request #4580 from kareem-wolfssl/minor_fixes
...
Check ssl->arrays in SendClientHello to avoid null dereference. Allow building with fallthrough defined.
2021-11-19 16:55:01 -08:00
Hideki Miyazaki
d00c7641ae
addressed jenkins failure
2021-11-20 09:14:21 +09:00
David Garske
617668b9aa
Merge pull request #4585 from kareem-wolfssl/encryptMacFix
...
Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined.
2021-11-19 13:45:16 -08:00
Kareem
fd6d479888
Rework ssl and ssl->arrays NULL checks, and add to SendTls13ClientHello as well.
2021-11-19 14:19:27 -07:00
Kareem
72d4dcce0f
Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace.
2021-11-19 14:13:02 -07:00
Kareem
930e1ac473
Check ssl->arrays in SendClientHello to avoid null dereference. Allow building with fallthrough defined.
2021-11-19 14:06:54 -07:00
Jacob Barthelmeh
5d49847147
sanity check on pem size
2021-11-19 13:55:03 -07:00
Chris Conlon
c3500fa24e
Merge pull request #4581 from miyazakh/max_earlydata
...
add get_max_eraly_data
2021-11-19 09:42:01 -07:00
JacobBarthelmeh
7e2fab6f4a
warning with keil build and native lwip want read case
2021-11-18 22:58:50 -07:00
Hideki Miyazaki
f50fcd918e
support Renesas RA SCE protect mode on RA6M4 evaluation board
2021-11-19 14:22:16 +09:00
Sean Parkinson
7e81372131
Merge pull request #4583 from dgarske/zd13242
...
Improve `ret` handling in the `ProcessPeerCerts` verify step.
2021-11-19 10:22:08 +10:00
Kareem
757f3b8105
Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined.
2021-11-18 16:06:22 -07:00
David Garske
3054f20c6a
Improve ret handling in the ProcessPeerCerts verify step.
2021-11-18 14:51:09 -08:00