JacobBarthelmeh
b9e5c0252d
remove extra asign and use ExpectIntEQ test directly
2024-06-10 16:19:27 -06:00
JacobBarthelmeh
3d33c78e9d
use unsigned char instead of uint8_t
2024-06-06 16:30:40 -06:00
JacobBarthelmeh
119d2a5da1
do session conversion dance
2024-06-04 14:41:01 -06:00
JacobBarthelmeh
533aa48b14
adjust macro guards around get max fragment
2024-05-31 16:52:31 -06:00
JacobBarthelmeh
2445fe844a
rework get max fragment length
2024-05-31 16:45:50 -06:00
JacobBarthelmeh
2caee1c7c5
add support for spaces around '=' with x509 name print
2024-05-31 15:04:01 -06:00
JacobBarthelmeh
01a1685159
updating socat support to version 1.8.0.0
2024-05-31 15:02:58 -06:00
JacobBarthelmeh
40562a0cb3
Merge pull request #7599 from dgarske/asn_checkcertsig
...
Expose `wc_CheckCertSigPubKey` with `WOLFSSL_SMALL_CERT_VERIFY`
2024-05-31 09:20:35 -06:00
David Garske
0789ecb808
Fix the CheckCertSignature API mess.
2024-05-31 06:58:35 -07:00
David Garske
7fadd4ed9f
Merge pull request #7595 from JacobBarthelmeh/static
...
Pull in some staticmemory features
2024-05-30 16:31:54 -07:00
JacobBarthelmeh
ebdc8b9a32
rename of macros, add descriptions, minor fixes
2024-05-30 14:48:52 -06:00
David Garske
107c10d795
Merge pull request #7596 from JacobBarthelmeh/decl
...
make function signature match declaration
2024-05-30 10:59:04 -07:00
JacobBarthelmeh
cf61df129c
fix typo with NO_CERTS macro
2024-05-29 17:08:01 -06:00
JacobBarthelmeh
9673b3f218
make function signature match declaration
2024-05-29 17:00:22 -06:00
JacobBarthelmeh
288fe430f5
tying in lean staticmemory build with --enable-staticmemory=small
2024-05-29 15:50:11 -06:00
Anthony Hu
021b573027
Merge pull request #7581 from dgarske/embos_emnet
...
Fixes for Segger emNet to handle non-blocking want read/want write
2024-05-24 17:31:16 -04:00
gasbytes
063e48014a
fix tabs and spaces
2024-05-24 17:52:54 +02:00
David Garske
9b058ec3a2
Fixes for EMNET with non-blocking to handle want read/want write. ZD 18012
2024-05-24 07:42:18 -07:00
gasbytes
3f96d14b32
80 characters limit fix
2024-05-24 00:12:38 +02:00
gasbytes
12a5cb45fb
separating two x509_store xmalloc checks
2024-05-23 23:04:00 +02:00
Tobias Frauenschläger
d28dd602e5
Various fixes for dual algorithm certificates ( #7577 )
...
This commit adds varios fixes for the implementation of hybrid
certificates with two algorithms:
* Support for Certificate Signing Requests (both creating hybrid ones
and also verifying ones)
* Fix for SAN fields in the DecodedCert and PreTBS generation
* Fix related to WOLFSSL_SMALL_STACK
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com >
2024-05-23 15:03:55 -04:00
Tobias Frauenschläger
9a58301ab1
Fix PQC and hybrid certificate regressions
...
Due to recent changes in the logic to decode private keys and to parse
the TLS1.3 CertificateVerify message, some regressions regarding PQC
private keys and hybrid certificates have been introduced:
* Decoding PQC private keys fails as the PKCS8 header of a decoded DER
file is now already removed before parsing the key.
* The key size wasn't properly stored in the context for PQC keys after
decoding a certificate (always the maximum size)
* The two 16-bit size values in case of a hybrid signature in the
CertificateVerify message have been incorrectly decoded as 32-bit
values instead of 16-bit values. This resulted in wrong values,
leading to segmentation faults.
All three regressions are fixed with the changes in this commit.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com >
2024-05-23 16:01:28 +02:00
David Garske
425dd1986b
Merge pull request #7568 from lealem47/fips_pkcallback
...
Fix building FIPS v5 with PK callbacks
2024-05-22 08:45:58 -07:00
Lealem Amedie
ba5cc9bdaf
Fix building FIPS v5 with PK callbacks
2024-05-21 15:07:32 -06:00
Daniel Pouzzner
c5ce984966
wolfcrypt/src/wc_xmss_impl.c:wc_xmssmt_sign_next_idx(): use (XmssIdx)1, not (word32)1, for a shift-by-height operand;
...
src/ssl.c:set_curves_list(): don't attempt to enable curves that are out-of-range for word32 disabled.
2024-05-21 13:57:40 -05:00
gojimmypi
84032fa24c
Correct error message file name in ssl_load.c
2024-05-20 17:20:39 -07:00
Daniel Pouzzner
5c6218696b
wolfcrypt/src/misc.c: fix -Wconversions in CopyString();
...
src/ssl.c: fix missing semicolon in wolfSSL_CTX_check_private_key().
2024-05-18 02:31:58 -05:00
David Garske
219a338107
Merge pull request #7547 from philljj/spelling_cleanup
...
Used codespell and fixed some obvious typos.
2024-05-16 14:10:19 -07:00
David Garske
a8dd736b1e
Merge pull request #7158 from JacobBarthelmeh/psk
...
warning fix for small PSK build
2024-05-16 12:57:08 -07:00
jordan
040e0c956a
Used codespell and fixed obvious typos.
2024-05-16 13:53:26 -05:00
Juliusz Sosinowicz
76aba42bfa
Fix api signature
2024-05-16 18:20:53 +02:00
Juliusz Sosinowicz
c07f73b1c7
Fix typo
2024-05-16 18:20:53 +02:00
Juliusz Sosinowicz
d9a236ba1e
SSL_get_error does not return x509 errors
2024-05-16 18:20:53 +02:00
Juliusz Sosinowicz
d9f7629296
Add grpc support
...
- Fix BIO_BIO type
- Set retry flags correctly
- Add CRL callback
- Copy the alt names instead of trying to share a pointer
- Allow calling wolfSSL_get_servername on client side (to get the requested name)
- Return the chain in wolfSSL_X509_STORE_CTX_get_chain in the correct order
- Peer first, top CA last
- Fix leak in RebuildFullName
- Add CopyString helper function
- Implement
- X509_CRL_dup
- ASN1_UTCTIME_set
- X509_STORE_CTX_get0_param
- X509_STORE_get0_param
- X509_STORE_set_verify_cb
- X509_STORE_set_get_crl
- X509_set1_notAfter
- X509_set1_notBefore
2024-05-16 18:20:53 +02:00
Sean Parkinson
ca47d492d4
Merge pull request #7218 from anhu/gcmccm
...
Fixup places where it should be CCM instead of GCM.
2024-05-16 09:24:43 +10:00
Sean Parkinson
abd1e367a5
Merge pull request #7420 from anhu/cmp_name_case
...
When comparing subject names, do not worry about case.
2024-05-16 09:10:56 +10:00
Anthony Hu
1e2fb8f244
Fixup places where it should be CCM instead of GCM.
...
Fixes https://github.com/wolfSSL/wolfssl/issues/7216
2024-05-15 17:32:09 -04:00
David Garske
287323ab4c
Merge pull request #6933 from kareem-wolfssl/zd16927
...
Add stub for wolfSSL_set_ecdh_auto.
2024-05-15 13:04:06 -07:00
David Garske
8ba96e6881
Merge pull request #7534 from ColtonWilley/deny_null_term_altnames
...
Do not match altnames with NULL terminators in the middle
2024-05-15 12:41:37 -07:00
Kareem
4481f9b626
Add stub for wolfSSL_set_ecdh_auto.
2024-05-15 10:19:47 -07:00
gasbytes
2f24b35ab1
added check that checks if the SEQ's length is > than the buff's length
2024-05-15 18:20:33 +02:00
Colton Willey
676dfb7edb
Do not allow NULL terminators in the middle of alt name for pattern matching. ZD 17987
2024-05-14 16:59:28 -07:00
Andras Fekete
a59a3d109f
Explicit cast
2024-05-14 11:03:20 -04:00
Andras Fekete
12768cdf57
Fix conversion tls13.c
2024-05-14 11:02:28 -04:00
Andras Fekete
692a7d55ff
Fix conversion error in wolfio.c
2024-05-14 11:02:28 -04:00
Andras Fekete
affd0a318e
Fix sign conversion errors
2024-05-14 11:02:28 -04:00
Sean Parkinson
b7eca574bb
SSL/TLS: blind private key DER
...
When WOLFSSL_BLIND_PRIVATE_KEY is defined, blind the private key DER
encoding so that stored private key data is always changing.
2024-05-14 09:47:51 +10:00
Daniel Pouzzner
009ea6640b
Merge pull request #7493 from SparkiDev/sm3_benchmark_fix
...
Benchmark, SM3: fix full hash testing
2024-05-13 19:22:22 -04:00
David Garske
6b79e5380d
Merge pull request #7525 from bandi13/fixCDTDisableOptionsTest
...
Unused variable error
2024-05-13 13:13:06 -07:00
David Garske
29f7578a61
Merge pull request #7446 from julek-wolfssl/hostap
...
hostap update
2024-05-13 10:35:01 -07:00