Commit Graph

20376 Commits

Author SHA1 Message Date
Brett Nicholas 2ee6a01d91 Initial sniffer keylog file support for TLS 1.2 2023-08-22 11:23:46 -06:00
JacobBarthelmeh 05b692d01c Merge pull request #6661 from julek-wolfssl/zd/16477
Recover when the client sends a 0-length session ID when using tickets
2023-08-02 11:37:21 -06:00
Juliusz Sosinowicz dee32247b9 Code review 2023-08-02 18:02:41 +02:00
Juliusz Sosinowicz bfe7bc0fcc Recover when the client sends a 0-length session ID when using tickets
Fixes ZD16477
2023-08-02 18:02:30 +02:00
JacobBarthelmeh fbc6ed4fe4 Merge pull request #6662 from julek-wolfssl/zd/16504
DoHelloVerifyRequest: only do DTLS 1.3 version check
2023-08-02 09:22:05 -06:00
JacobBarthelmeh a885a94b21 Merge pull request #6669 from douzzer/20230801-fips-nullcipher
20230801-fips-nullcipher
2023-08-02 08:59:46 -06:00
Juliusz Sosinowicz 6f4fabaac9 Adjust DER size 2023-08-02 10:30:12 +02:00
Juliusz Sosinowicz 724fe53379 DoHelloVerifyRequest: only do DTLS 1.3 version check 2023-08-02 10:30:12 +02:00
Daniel Pouzzner d250eb8327 configure.ac: in FIPS builds, remove nullcipher from enable-all and enable-all-crypto, and error on explicit --enable-nullcipher with FIPS unless fips=dev. 2023-08-01 12:24:50 -05:00
Chris Conlon 27a59761b9 Merge pull request #6520 from miyazakh/tsip_cryptonly
Support TSIP crypt only
2023-08-01 10:13:18 -06:00
JacobBarthelmeh 1468d77e50 Merge pull request #6644 from julek-wolfssl/zd/16441
TLSX_CA_Names_Parse: Verify the length of the extension
2023-07-31 16:03:23 -06:00
JacobBarthelmeh 4b80dcf733 Merge pull request #6617 from SparkiDev/aes_gcm_win_asm_fix
AES-GCM x86_64 MSVC ASM: XMM6-15 are non-volatile
2023-07-31 09:15:42 -06:00
Juliusz Sosinowicz 854ae0dcdb Code review 2023-07-31 15:16:59 +02:00
JacobBarthelmeh 106a065a41 Merge pull request #6660 from DimitriPapadopoulos/codespell
Fix residual typos found by codespell
2023-07-28 11:52:47 -06:00
Juliusz Sosinowicz a495bb4e7f TLSX_CA_Names_Parse: make sure to do cleanup when smallstack is on 2023-07-28 16:34:35 +02:00
Dimitri Papadopoulos 1b10fb5ca7 Fix typos(?) found by codespell
These typos could have been generated by some program, in which case
the program should be fixed instead. Yet the typos are inconcistent,
as if the output had been manually copied. Why is the output poorly
aligned?

Use seconds or s for seconds, consistently.

Use ops for operations, consistently. Unless you want the singular
op for operation, as the value is often < 2.
2023-07-28 10:03:27 +02:00
Dimitri Papadopoulos 52f91e4ab9 Fix residual typos found by codespell 2023-07-28 09:29:28 +02:00
JacobBarthelmeh 5043ecefc1 Merge pull request #6648 from DimitriPapadopoulos/codespell
Fix typos found by codespell
2023-07-27 17:07:30 -06:00
JacobBarthelmeh a785c39a12 Merge pull request #6657 from kojo1/multibyte
multi-byte code
2023-07-27 16:35:22 -06:00
Dimitri Papadopoulos 6d9c85a762 Fix typos found by codespell 2023-07-27 23:38:44 +02:00
JacobBarthelmeh 3e63589664 Merge pull request #6605 from dgarske/ada
Ada Bindings for wolfSSL
2023-07-27 15:21:52 -06:00
billphipps 10adca1a45 Add CryptoCb features (#6636)
* Update to support invoking cryptocb during un/register.
2023-07-27 13:16:43 -07:00
David Garske c529b2f3aa Merge pull request #6627 from jpbland1/ocsp-nonce-usage-fix
fix bad & statement that was setting ocspSendNonce
2023-07-27 09:22:08 -07:00
JacobBarthelmeh d0abfd7686 Merge pull request #6658 from julek-wolfssl/krb5-action-update
Point krb5 action to master branch of osp repo
2023-07-27 10:19:06 -06:00
Juliusz Sosinowicz ee9ecd9591 Point krb5 action to master branch of osp repo 2023-07-27 11:14:41 +02:00
Takashi Kojo 136738fd33 Avoid mult-byte code error 2023-07-27 17:04:41 +09:00
David Garske 3510ea4fec Merge pull request #6656 from JacobBarthelmeh/sanitizer
conversion warning flagged on Windows test builds
2023-07-26 14:48:19 -07:00
Sean Parkinson 67913b5800 Merge pull request #6603 from JacobBarthelmeh/xilinx
fix for AES-GCM use with petalinux
2023-07-27 07:38:03 +10:00
Hideki Miyazaki 02ec92a3b9 Support TSIP crypt only
- Aes, sha,
  - rsa
     MakeRsaKey, sign/verify

fix compile error when not enabled TSIP
2023-07-27 06:23:34 +09:00
JacobBarthelmeh 7c11c0f201 conversion warning flagged on Windows test builds 2023-07-26 13:48:33 -07:00
JacobBarthelmeh 8d77090ad9 Merge pull request #6650 from DimitriPapadopoulos/spaces
Fix tab/space inconsistencies
2023-07-26 14:17:31 -06:00
JacobBarthelmeh 3e5e16f1ff Merge pull request #6641 from julek-wolfssl/gh/6555
Dtls13GetRnMask: Correctly get chacha counter on BE systems
2023-07-26 11:29:39 -06:00
JacobBarthelmeh 48434f7814 Merge pull request #6653 from julek-wolfssl/kerberos-update
Updates for Kerberos 5 1.21.1
2023-07-26 11:26:57 -06:00
Juliusz Sosinowicz 4a175ba280 Updates for Kerberos 5 1.21.1
- wolfssl_ec_point_mul: fix parameters being passed into ec_mul2add
- Compile in compressed ecc key parsing for OPENSSLALL
- Improve debugging around compat layer ecc operations
- wolfSSL_BN_div: dv can be NULL
- Add spake like computation test
- Add CI krb5 testing
- Add timeouts to CI
2023-07-26 16:40:38 +02:00
Juliusz Sosinowicz 5947c9ae8c TLSX_CA_Names_Parse: Verify the length of the extension 2023-07-26 13:32:37 +02:00
Juliusz Sosinowicz 5cf42244f0 Add comment back in 2023-07-26 12:04:11 +02:00
JacobBarthelmeh 681a75da24 fix for AES-GCM use with petalinux 2023-07-25 22:08:20 -06:00
Sean Parkinson d87bb14ac0 Merge pull request #6647 from gojimmypi/SM4_Hash_fix
WOLFSSL_NO_HASH_RAW Hmac_UpdateFinal() properties for SM3
2023-07-26 11:32:35 +10:00
gojimmypi 31dfdf8360 TLS SM2, SM3, SM4-CBC: hash details for SM3 2023-07-25 17:25:11 -07:00
Sean Parkinson cfac603ee1 AES-GCM x86_64 MSVC ASM: XMM6-15 are non-volatile
Put XMM6-15, when used, on the stack at start of function and restore at
end of function.
2023-07-26 08:22:58 +10:00
JacobBarthelmeh 746802be89 Merge pull request #6652 from douzzer/20230724-cppcheck-2v11
20230724-cppcheck-2v11
2023-07-25 14:59:50 -06:00
Daniel Pouzzner cebb4da307 fixes and workarounds for cppcheck 2.11 with uninitvar checks reactivated, and legacyUninitvar suppressed globally (as before):
src/internal.c:wolfSSL_DtlsUpdateWindow(): shiftTooManyBitsSigned and integerOverflowCond (true positive, fixed);

src/ssl.c:wolfSSL_GetSessionFromCache(): autoVariables (true positive, intentional and now suppressed);

wolfcrypt/src/asn.c: several uninitvars in EccSpecifiedECDomainDecode(), wc_EccPrivateKeyDecode(), DecodeSingleResponse(), and DecodeResponseData() (false positives due to bug in cppcheck short circuit eval analysis, mitigated by refactoring && expressions to nested-if constructs that are semantically identical);

src/ssl.c:wolfSSL_GetSessionFromCache(): nullPointer (false positive due to bug in cppcheck value flow analysis, workarounded).
2023-07-25 11:31:01 -05:00
David Garske c0b4cde6df Merge pull request #6632 from jpbland1/ocsp-want-read-error
OCSP_WANT_READ mishandled re-run
2023-07-25 08:23:46 -07:00
John Bland a9c9662124 fix bad & statement that was setting ocspSendNonce
to 1 when WOLFSSL_OCSP_NO_NONCE was selected
related to but doesn't solve zd 16377
2023-07-24 16:51:10 -04:00
Dimitri Papadopoulos 4ff99a6780 Fix tab/space inconsistencies 2023-07-24 20:10:57 +02:00
JacobBarthelmeh 1285ae7816 Merge pull request #6506 from DimitriPapadopoulos/codespell
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
JacobBarthelmeh 1812d32258 Merge pull request #6635 from julek-wolfssl/zd/16403
Fix ClientHello parsing when no extensions are present
2023-07-24 09:49:28 -06:00
Juliusz Sosinowicz d3aa11bf87 Place manual memio helpers in utils.c and add macro for them 2023-07-24 09:14:21 +02:00
Juliusz Sosinowicz ab560aa6b8 Fix ClientHello parsing when no extensions are present 2023-07-24 09:14:21 +02:00
Juliusz Sosinowicz 8ec2e23773 Rework curl action to use actions-build-autotools-project 2023-07-24 09:13:10 +02:00