Commit Graph

13203 Commits

Author SHA1 Message Date
John Safranek 3e4c3d13fe Merge pull request #3671 from julek-wolfssl/dtls-scr-2
DTLS secure renegotiation fixes
2021-01-21 13:37:05 -08:00
Juliusz Sosinowicz d8a01c6f8b DTLS: client re-send on duplicate HelloRequest as well 2021-01-21 12:45:16 +01:00
Juliusz Sosinowicz 969de38764 Reset dtls_start_timeout on a timeout 2021-01-21 12:45:16 +01:00
Juliusz Sosinowicz 774fdc9fd6 Free HS data on rehandshake
When we call _Rehandshake before we receive application data and the receive application data during the renegotiation process then it is possible for the send queue to be preemptively deleted
2021-01-21 12:45:16 +01:00
David Garske 57b06f700d Merge pull request #3656 from haydenroche5/windows_rsa_public_decrypt
Allow wolfSSL_RSA_public_decrypt on Windows.
2021-01-20 09:09:49 -08:00
Hayden Roche 12abb5191d Allow wolfSSL_RSA_public_decrypt on Windows. 2021-01-20 06:57:59 -06:00
John Safranek eaa1bc1ace Merge pull request #3595 from julek-wolfssl/dtls-only-resend-on-timeout
Only resend previous flight on a timeout from the network layer
2021-01-19 10:43:13 -08:00
David Garske 209c4c08e1 Merge pull request #3663 from SparkiDev/sp_int_fixes_3
SP int: make sp_copy more available
2021-01-18 22:02:34 -08:00
Sean Parkinson 949af909bf SP int: make sp_copy more available 2021-01-19 11:01:00 +10:00
toddouska a13e9bde29 Merge pull request #3599 from julek-wolfssl/nginx-mem-leak
Fix memory leaks
2021-01-18 15:31:50 -08:00
toddouska 5b7e6ccc14 Merge pull request #3613 from SparkiDev/sp_rand_prime_len
SP rand_prime: fix length check
2021-01-18 15:23:15 -08:00
toddouska 279c3f4c1b Merge pull request #3614 from SparkiDev/aes_test_fix
AES test: Remove unneeded loop
2021-01-18 15:22:06 -08:00
toddouska 78d2b3b440 Merge pull request #3616 from SparkiDev/sp_int_funcs
SP int: Hide func decls if only available with WOLFSSL_SP_MATH_ALL
2021-01-18 15:21:39 -08:00
toddouska 267b00e0a2 Merge pull request #3620 from haydenroche5/zd11434
Clamp the normalization value at the end of sp_mont_norm.
2021-01-18 15:21:03 -08:00
toddouska 85faf974aa Merge pull request #3621 from SparkiDev/sp_mac_arm64
SP arm64 MAC: stop non-ct mod inv from using x29
2021-01-18 15:19:46 -08:00
toddouska 87a0ee5ef4 Merge pull request #3622 from SparkiDev/sp_int_fixes_2
SP math all: doco fix and don't assign 0 to o
2021-01-18 15:19:06 -08:00
toddouska 4b5d7d0595 Merge pull request #3624 from SparkiDev/tls13_set_groups
TLS 1.3 key share: add a key share from supported list
2021-01-18 15:18:14 -08:00
toddouska 8ae609d078 Merge pull request #3626 from SparkiDev/tls13_middlebox_fix
TLS send change cipher: Don't set keys when negotiating TLS 1.3
2021-01-18 15:14:58 -08:00
toddouska 1e9394d5a8 Merge pull request #3627 from elms/EVP/ofb_rc4_size
EVP: return proper cipher type and block size
2021-01-18 15:13:55 -08:00
toddouska 563e3c6b60 Merge pull request #3628 from SparkiDev/even_mp_test
RSA/DH test: even number error check fixup
2021-01-18 13:39:54 -08:00
toddouska cd78a5dfb2 Merge pull request #3630 from SparkiDev/no_fs_all
X509 API no file system: hide wolfSSL_X509_NAME_print_ex_fp
2021-01-18 13:39:21 -08:00
toddouska d514cc31b3 Merge pull request #3631 from SparkiDev/rsa_vfy_only_sp_fixes
RSA: verify only build fixes
2021-01-18 13:38:52 -08:00
toddouska 5a7e79cbfd Merge pull request #3632 from SparkiDev/all_not_tls13_fix
Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only op…
2021-01-18 13:37:34 -08:00
toddouska 3bae6e2dc2 Merge pull request #3633 from SparkiDev/ecc_gen_z_fix
ECC gen z: convert blinding value to Montgomery form before using
2021-01-18 13:36:13 -08:00
toddouska fff3c77568 Merge pull request #3644 from dgarske/zd11476
Fix for sniffer with TLS v1.2 static ECDH ciphers
2021-01-18 13:32:57 -08:00
toddouska b1c8825e74 Merge pull request #3647 from dgarske/zd11424
Fix for TLS v1.3 early data mac digest
2021-01-18 13:31:44 -08:00
toddouska 67d4f7c37b Merge pull request #3658 from SparkiDev/curve25519_uint64_t
Curve25519: replace uint64_t with word64
2021-01-18 13:29:16 -08:00
Sean Parkinson ac76ef8ee7 Curve25519: replace uint64_t with word64
Remove usages of stdint.h types
Added a sword type for signed words.
2021-01-18 17:30:36 +10:00
Sean Parkinson eda1b52ee2 TLS 1.3 integrity only: initialize HMAC
Ensure the HMAC object is initialized when allocated.
2021-01-15 11:27:26 +10:00
John Safranek 0ac43bb095 Merge pull request #3618 from haydenroche5/ocsp_self_signed_issue
Modify ParseCertRelative to ensure issuerKeyHash gets parsed and copi…
2021-01-14 14:22:06 -08:00
Sean Parkinson 5a4dfc1a29 Don't set encrypt side if sending early data
Make check to see if early data has been or is going to be sent.
Last message encrypted with this key is EndOfEarlyData message.
2021-01-14 09:44:09 +10:00
David Garske 22ce25afba Merge pull request #3648 from douzzer/disable-ecc-enable-dsa
--disable-ecc --enable-dsa
2021-01-13 14:00:20 -08:00
Daniel Pouzzner 1e49bc2e82 asn.c/asn.h: fix --disable-ecc --enable-dsa. 2021-01-13 13:55:06 -06:00
David Garske d7aa8e1795 Fix for issue where mac digest changes between early data and server_hello, which can leave section of response uninitialized. ZD11424 2021-01-13 11:10:12 -08:00
Sean Parkinson 382deb1f86 Merge pull request #3645 from douzzer/sp_copy_pedantic_error_handling
sp_copy() pedantic error handling
2021-01-13 10:05:35 +10:00
Daniel Pouzzner f8013580df sp_int.c: fix 4 instances of "Value stored to 'o' is never read" found by LLVM9 scan-build. 2021-01-12 15:01:28 -06:00
Daniel Pouzzner fb82114866 sp_int.c: pay attention to the return value from sp_copy(), for general hygiene and to eliminate an inlining-related warning in sp_todecimal(). 2021-01-12 14:58:29 -06:00
David Garske aaec9832e4 Fix for sniffer with TLS v1.2 static ECDH ciphers. The sniffer will now correctly try using the key for ECC if the RSA key decode fails. ZD 11476. 2021-01-12 09:49:32 -08:00
Elms 8fec1de07c EVP: address CTR block size 2021-01-11 12:03:01 -08:00
Elms 3b07f5d8e3 EVP: expand tests for EVP_CIPHER_block_size 2021-01-11 12:03:01 -08:00
Elms a6535528f3 EVP: add tests for openssl block size (including RC4) 2021-01-11 12:03:01 -08:00
Elms 0cccf58fec EVP: return proper cipher type for AES OFB 2021-01-11 12:03:01 -08:00
David Garske 88faef9bd9 Merge pull request #3641 from JacobBarthelmeh/Testing
add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen …
2021-01-11 11:00:55 -08:00
Jacob Barthelmeh e2b411805d add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen script 2021-01-12 00:40:15 +07:00
Hayden Roche a3cc4110b0 Clamp the normalization value at the end of sp_mont_norm. 2021-01-11 09:59:11 -06:00
Juliusz Sosinowicz 0fe3efb8b4 Add option to only resend previous DTLS flight on a network read timeout 2021-01-07 19:13:35 +01:00
Chris Conlon c57fee136a Merge pull request #3568 from miyazakh/espidf_unittest
fix wolfssl unit test on ESP-IDF
2021-01-07 09:18:18 -07:00
Sean Parkinson f955c92008 ECC gen z: convert blinding value to Montgomery form before using 2021-01-07 11:30:58 +10:00
David Garske 209ad82df2 Merge pull request #3629 from ejohnstown/aarch64
M1 Support
2021-01-06 14:12:45 -08:00
David Garske 931dc5b29f Merge pull request #3619 from tmael/fuzz_math
Fix for OSS-Fuzz issue #29103: out-of-bounds read in TLSX_CSR_Parse()
2021-01-06 14:10:28 -08:00