wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 21:09:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,041 Commits 12 Branches 184 Tags
2d03a052e17198b8d579beb801cf4d10d58e36bf
Commit Graph

6870 Commits

Author SHA1 Message Date
Anthony Hu
242dcb0141 Closing and opening scope around case statement. 
Related: ZD 15451
 2023-01-30 13:45:03 -05:00
Sean Parkinson
53dfcd00e2 Ref count: change to use wolfSSL_Ref 
Data structures changed:
WOLFSSL_CERT_MANAGER, WOLFSSL_CTX, WOLFSSL_SESSION, WOLFSSL_X509,
WOLFSSL_X509, WOLFSSL_EVP_PKEY, WOLFSSL_BIO, WOLFSSL_X509_STORE
 2023-01-23 16:29:12 +10:00
Daniel Pouzzner
aa776057ff fixes: shellcheck gripes on Docker/OpenWrt/runTests.sh; null pointer derefs and duplicate tests and assigns in src/tls.c and wolfcrypt/src/hpke.c found by cppcheck (nullPointerRedundantCheck, identicalInnerCondition, duplicateAssignExpression). 2023-01-21 00:51:57 -06:00
Daniel Pouzzner
d711e4b9f8 Merge pull request #5995 from jpbland1/ech-no-recursion 
stop ech from using a recursive function call
 2023-01-20 23:47:22 -06:00
tmael
9d73c197e6 Move X509_V errors from enums to defines for HAProxy CLI (#5901) 
* Move X509_V errors to openssl/ssl.h

* Have X509_V define errors in wolfssl/ssl.h

* Refactor X509_V errors

* Add wolfSSL_SESSION_set1_id_*

* Fix overlong line
 2023-01-20 17:50:26 -08:00
John Bland
d14d29e32a stop ech from using a recursive function call 
update bad return value for when retry_configs is returned, add locks around hkdf functions for private key use
 2023-01-20 18:37:19 -05:00
JacobBarthelmeh
fc19aed8c8 Merge pull request #5623 from dgarske/hpke 
Adds support for TLS v1.3 Encrypted Client Hello (ECH) and HPKE (Hybrid Public Key Encryption)
 2023-01-19 10:03:28 -07:00
David Garske
6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
David Garske
41c35b1249 Fix line length and whitespace issues. Fix macro argument missing parentheses. 2023-01-18 11:10:19 -08:00
Juliusz Sosinowicz
50cb3a7b8c Address code review 2023-01-18 09:55:33 -08:00
Juliusz Sosinowicz
0e662dea6e TLSX_SetSignatureAlgorithms: free sa when TLSX_Push fails 2023-01-18 09:55:33 -08:00
Juliusz Sosinowicz
281bb32edf DtlsMsgCreateFragBucket: heap param might be unused 2023-01-18 09:55:33 -08:00
Juliusz Sosinowicz
a58e83847e Don't allocate Suites object on renegotiation 2023-01-18 09:55:33 -08:00
Juliusz Sosinowicz
2f63fdc6ce Allocate CTX->suites in InitSSL when not already allocated 2023-01-18 09:55:33 -08:00
Juliusz Sosinowicz
5b8026899b Refactor SigAlgs to use a custom struct that can override ssl->suites 2023-01-18 09:55:32 -08:00
Juliusz Sosinowicz
e431688ca6 ssl->suites: use ssl->ctx->suites when possible 
- Allocate ssl->suites when necessary for the WOLFSSL object to have its own instance. Use AllocateSuites() to allocate the object.
- Move cipher negotiation options from Suites into Options

ZD15346
 2023-01-18 09:55:32 -08:00
Sean Parkinson
b15bc3d236 Merge pull request #5977 from dgarske/kcapi_opensslextra 
Fixes for building KCAPI with opensslextra enabled
 2023-01-17 02:13:50 +10:00
Juliusz Sosinowicz
b01e42a96c Merge pull request #5970 from ejohnstown/dtls-seq 
DTLS Handshake Sequence
 2023-01-16 07:39:53 -08:00
David Garske
fec4fe6095 Fixes for building KCAPI with opensslextra enabled. 2023-01-13 16:33:55 -08:00
John Safranek
af379f0a0f DTLS Handshake Sequence 
The DTLS server needs to save the message_seq number of the client
hello for use in both the hello verify request in the stateless start
and for the server hello. Move the stashing of the value earlier in
DoClientHello(). (Issue #5224)
 2023-01-12 20:43:05 -08:00
David Garske
b2d8b1c2fd Merge pull request #5954 from JacobBarthelmeh/Compatibility-Layer 
very basic support for public key types in cipher list string with '+'
 2023-01-09 15:46:50 -08:00
John Safranek
86aa3cc836 Merge pull request #5942 from bandi13/evpaesccm 
Evpaesccm
 2023-01-06 11:25:37 -08:00
JacobBarthelmeh
99a489dec3 improve test and handling of public key type cipher suite string 2023-01-06 09:53:51 -08:00
Daniel Pouzzner
d44130d807 src/ssl.c: revert 2c2740d0dc, as it duplicates optimizer functionality, and produces bugprone-sizeof-expression on clang-tidy and sizeofwithnumericparameter on cppcheck. 2023-01-05 18:40:51 -06:00
JacobBarthelmeh
10c324e9ad Merge pull request #5953 from anhu/wolfSSL_CertManagerLoadCABuffer_ex 
Add wolfSSL_CertManagerLoadCABuffer_ex()
 2023-01-05 15:20:58 -07:00
JacobBarthelmeh
ab33788cdb treat ECDHE,RSA cipher suite list as mixed TLS 1.3 and pre TLS 1.3 2023-01-05 13:48:34 -08:00
Anthony Hu
5de817b0c1 Add wolfSSL_CertManagerLoadCABuffer_ex() 
Also add unit tests.
 2023-01-05 15:34:13 -05:00
tim-weller-wolfssl
2c2740d0dc Update comparison of WOLFSSL_BN_ULONG value to MP_MASK to include check for potential type size differences which can lead to pointless-comparison warnings with IAR tools 2023-01-04 17:35:46 -06:00
JacobBarthelmeh
a3e085f204 very basic support for public key types in cipher list string with '+' 2023-01-04 10:49:18 -08:00
David Garske
023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
Jacob Barthelmeh
9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Andras Fekete
1192d41f0e First successful implementation of EVP_aes_*_ccm 2022-12-29 17:02:43 -05:00
Andras Fekete
27b5ac421e Use the actual size of the structure 2022-12-29 17:02:43 -05:00
David Garske
5c0abfd7ad Merge pull request #5936 from embhorn/zd15400 
Fix unguarded XFPRINTF calls
 2022-12-28 12:47:19 -08:00
Eric Blankenhorn
004705b38f Fix unguarded XFPRINTF calls 2022-12-28 12:23:40 -06:00
Chris Conlon
aadce3af9c Merge pull request #5930 from miyazakh/subscript_has_char 2022-12-28 10:18:43 -07:00
Anthony Hu
b3e99348cd Purge the AES variant of Dilithium 2022-12-27 14:37:47 -05:00
Hideki Miyazaki
684646c8b9 fix shadows min and subscript by i486-netbsd-gcc 2022-12-25 07:20:04 +09:00
David Garske
49d23cf60a Merge pull request #5913 from douzzer/20221219-no-sha-1-all-crypto 
20221219-no-sha-1-all-crypto
 2022-12-22 17:02:58 -08:00
David Garske
1b18da7e87 Merge pull request #5920 from jpbland1/unrecognized-http-header 
remove http header length check for CRL verification
 2022-12-22 17:01:54 -08:00
David Garske
5c89719c51 Merge pull request #5916 from julek-wolfssl/dtls-srtp-keying-material 
DTLS-SRTP: use wolfSSL_export_keying_material instead of wc_PRF_TLS
 2022-12-22 17:01:37 -08:00
David Garske
135b9f0566 Merge pull request #5915 from julek-wolfssl/dtls-remove-realloc-dep 
DtlsMsgCombineFragBuckets: Remove realloc dependency
 2022-12-22 17:01:31 -08:00
David Garske
62e3835b0e Merge pull request #5911 from julek-wolfssl/DtlsMsgPoolSend-sendSz 
DtlsMsgPoolSend: Use correct sendSz
 2022-12-22 17:01:19 -08:00
John Safranek
9ce79c4de8 Merge pull request #5921 from cconlon/libsuffix 2022-12-22 11:37:28 -08:00
Chris Conlon
9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
John Bland
b36d585335 remove http header length check for CRL verification 2022-12-21 13:01:58 -05:00
Daniel Pouzzner
455e76873c peer review fixes re: minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 10:43:33 -06:00
Juliusz Sosinowicz
6a8be960ba DTLS-SRTP: use wolfSSL_export_keying_material instead of wc_PRF_TLS 2022-12-20 16:42:28 +01:00
Juliusz Sosinowicz
2fe6555fcf DtlsMsgCombineFragBuckets: Remove realloc dependency 2022-12-20 13:53:03 +01:00
Daniel Pouzzner
91869f6028 minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 00:42:05 -06:00