wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 03:22:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,114 Commits 12 Branches 184 Tags
6028dfd394cf66ab3286ef807e7c58fa122e68ee
Commit Graph

966 Commits

Author SHA1 Message Date
David Garske
f72a6b705f Minor spelling fixes. 2023-07-03 10:23:55 -07:00
Sean Parkinson
a39a04fc88 PEM example: new example for convert between PEM and DER 
PEM example converts PEM to DER and DER to PEM.
Supports encrypting DER and writing out as PEM.

Added better support for 40-bit RC2-CBC PBE.
Added AES-128-CBC encryption support with PKCS#5v2.
Fixed handling of iterations to support writing 24-bit values.
Declared enum types for pass to PKCS#8 encryption APIs.

Add more DER and PEM files to certs directory.
Add testing of 'pem' with pem.test script.
 2023-07-03 17:20:35 +10:00
Hideki Miyazaki
e0651e4eb3 Merge pull request #6434 from TakayukiMatsuo/fixtypo 
Fixed some typos in Japanese help in examples/client
 2023-06-28 11:20:42 +09:00
gojimmypi
6b240fa41a Refactor HAVE_PTHREAD and _POSIX_THREADS (#6536) 
* HAVE_PTHREAD gate in test.h
* add config.h and settings.h to test.h
* added config.h and settings.h to other test.h in wolfcrypt/test
* settings #ifdef _POSIX_THREADS HAVE_PTHREAD
* cyassl settings _POSIX_THREADS HAVE_PTHREAD
* undo cyassl _POSIX_THREADS HAVE_PTHREAD
* move settings.h #include in both test.h
* add !defined(SINGLE_THREADED) logic
* refactor  HAVE_PTHREAD, _POSIX_THREADS
 2023-06-26 07:32:20 -07:00
Eric Blankenhorn
53fe93430e Update EBSNET port 2023-06-21 15:52:42 -05:00
TakayukiMatsuo
c2c97c2b57 Fix typos in Japanese help. 2023-05-23 07:11:53 +09:00
Sean Parkinson
55a91c2b55 Minor fixes 
configure.ac: Don't use == in test.
client.c: Merge string to one line.
asn.c/asn_public.h:
  fix conversion warnings/errors.
  wc_Asn1_Print no longer public and doesn't need to check for NULL.
  wc_Asn1_PrintAll check all pointer parameters for NULL.
 2023-05-05 08:43:50 +10:00
David Garske
6e572cc91d Merge pull request #6352 from SparkiDev/asn1_print 
ASN.1 print utility: asn1
 2023-05-04 10:55:47 -07:00
Sean Parkinson
d2afe9e5e0 Memory usage improvements 
ECC: make private key field 'k' able to be smaller when ALT_ECC_SIZE is
defined.
WOLFSSL_SMALL_STACK_CACHE: allocate temps using new macros.
 2023-05-04 10:26:57 +10:00
Sean Parkinson
9cdee20a7d ASN.1 print: implementation to parse and print added 
New API to parse and print DER/BER data from a buffer.
Add an example to parse DER, Base64 and PEM files and print out ASN.1 items.
 2023-05-04 09:57:44 +10:00
David Garske
61dfbf5ef2 Fixes and improvements for building with low footprint. Fix for ASN template with RSA verify only (was missing mp_leading_bit). Fix to allow disabling DRBG with crypto callbacks enabled. Updated the wolfTPM user_settings.h template with low resource option. 2023-05-02 16:51:41 -07:00
Sean Parkinson
8851065848 cppcheck fixes 
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
 2023-04-03 16:59:58 +10:00
David Garske
22a5a5c45e Add introspection for math build and math cleanups: 
* Add introspection for math build.
* Raise build error if more than one multi-precision math library used.
* Fix ESP32 to support using any multi-precision math option.
* Refactor math headers to use `wolfmath.h`
* Refactor of the opaque math variable type `MATH_INT_T` used by crypto hardware (QuickAssist, SE050, ESP32 and STM32).
* Cleanups for building with `WOLFCRYPT_ONLY` and `NO_BIG_INT`.
* Stop forcing use of fast math by default for platforms in settings.h. Note: For users that still want to use fast math (tfm.c) they will need to add USE_FAST_MATH to their build settings.

Applies To:
```
WOLFSSL_ESPWROOM32
WOLFSSL_ESPWROOM32SE
MICROCHIP_PIC32
WOLFSSL_PICOTCP_DEMO
WOLFSSL_UTASKER
WOLFSSL_NRF5x
FREERTOS_TCP
WOLFSSL_TIRTOS
EBSNET
FREESCALE_COMMON
FREESCALE_KSDK_BM
WOLFSSL_DEOS
MICRIUM
WOLFSSL_SGX
```
 2023-03-30 14:42:55 -07:00
David Garske
fc6d693dae Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of SSL_SUCCESS and SSL_FAILURE. Add WOLFSSL_DEBUG_NONBLOCK option to allow printing iterations without debug enabled. 2023-02-21 12:02:15 -08:00
David Garske
464c2d19dc Merge pull request #6006 from SparkiDev/tls13_only_psk_dhe_ke 
TLS 1.3 PSK: add option to require only PSK with DHE
 2023-02-15 21:10:27 -08:00
Sean Parkinson
b624fc8377 TLS 1.3 PSK: add option to require only PSK with DHE 
Can specify only PSK without DHE.
Add only PSK with DHE.
 2023-02-16 09:21:29 +10:00
David Garske
10529e6199 Add user_settings.h template for wolfTPM 2023-01-26 10:40:59 -08:00
David Garske
6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
Daniel Pouzzner
0b0b980784 fix an oversight in wolfSentry integration in examples/{client,server}. 2023-01-05 17:59:10 -06:00
Daniel Pouzzner
43265669c6 fix warnings around clang-diagnostic-embedded-directive and readability-uppercase-literal-suffix; update wolfSentry integration for upcoming release 0.8.0. 2023-01-05 00:13:17 -06:00
David Garske
023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
David Garske
bdcf6928a2 Merge pull request #5945 from JacobBarthelmeh/copyright 
update copyright to 2023
 2023-01-03 09:29:39 -08:00
youtai
4edae51095 Fix StartTLS_Init (#5907) 
* Fix StartTLS_Init (contribution by Yota Nagaya)
 2023-01-03 09:28:23 -08:00
Jacob Barthelmeh
9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Chris Conlon
9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
Anthony Hu
364835dc9e Allow session tickets to properly resume when using PQ KEMs. 
Found with:

```
./configure --with-liboqs --enable-session-ticket
./examples/server/server -v 4 -r --pqc P521_KYBER_LEVEL5
./examples/client/client -v 4 -r --pqc P521_KYBER_LEVEL5
```
 2022-12-13 11:36:00 -05:00
Anthony Hu
b017795413 Remove changes around wolfSSL_set_session() as it breaks tests. 2022-12-12 11:44:27 -05:00
Anthony Hu
fffd3adc30 Warn that renegotiation in TLS 1.3 requires session ticket. 2022-12-12 11:30:01 -05:00
David Garske
9d9549fbd3 Merge pull request #5836 from anhu/kyber_cleanup 
Remove kyber-90s and route all kyber through wolfcrypt.
 2022-12-05 13:18:44 -08:00
Anthony Hu
a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
Daniel Pouzzner
4bacc25e22 examples/benchmark/tls_bench.c: fix for clang-analyzer-deadcode.DeadStores in bench_tls(). 2022-11-29 17:09:05 -06:00
Anthony Hu
0bfa5c9836 Purge NTRU and SABER. Not going to be standardized. 2022-11-25 14:54:08 -05:00
Daniel Pouzzner
48ba365fd6 fixes for defects: 
clang-analyzer-deadcode.DeadStores in examples/server/server.c;

-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;

nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
 2022-11-08 14:04:16 -06:00
David Garske
1ee3a78e4a Fixes for various tests that do not properly handle WC_PENDING_E. 2022-11-04 14:56:40 -07:00
Daniel Pouzzner
895a2e1ac5 WOLFSSL_CALLBACKS codepaths: fixes for bugprone-unused-return-value, bugprone-macro-parentheses, readability-named-parameter, and clang-analyzer-deadcode.DeadStores 2022-10-18 13:34:42 -05:00
David Garske
2c503a5b34 Merge pull request #5682 from JacobBarthelmeh/Testing 
additional sanity checks on debug callback
 2022-10-14 09:25:14 -07:00
JacobBarthelmeh
927f4c445d additional sanity checks on debug callback 2022-10-11 13:14:59 -07:00
Hayden Roche
98ac4a6f9c Add ability to toggle system CA certs support. 2022-10-07 12:34:00 -07:00
Hayden Roche
898ddac159 Add --sys-ca-certs option to example client. 
Using this option will call wolfSSL_CTX_load_system_CA_certs on the client ctx.
 2022-10-03 09:05:23 -07:00
Juliusz Sosinowicz
17df33cef8 Fix TLS 1.3 testsuite for wolfssl64.sln solution 2022-09-14 11:39:27 +02:00
Sean Parkinson
005f77180b PSK only TLS: fix ENCRYPT_LEN 
Allow no PK algorithms and TLS to build and test.
Use PSK cipher suite with GCM if AES-CBC not available.
 2022-09-12 11:21:01 +10:00
Marco Oliverio
08b89fbef9 server: add optional argument to -J disable hrr cookie 2022-09-01 09:37:35 +02:00
CallumMcLoughlin
565d1b33e5 Update examples to allow post quantum KEM within DTLS 1.3 2022-08-30 18:39:57 +12:00
David Garske
a0448155d5 Fix for type warnings in example for DTLS CID ./configure --enable-dtls --enable-dtlscid --enable-dtls13. 2022-08-24 16:02:05 -07:00
Marco Oliverio
90fcd95f9b server/client: add --cid option to use ConnectionID extension 2022-08-23 16:58:24 +02:00
Eric Blankenhorn
3d8562f07b Fixes for build and runtime issues 2022-08-19 08:12:04 -05:00
Daniel Pouzzner
969ad96dee examples/{client,server}/{client,server}.c: remove spurious commas in --pqc help strings, and mollify clang-tidy bugprone-suspicious-missing-comma re --force-curve help strings. (#5480) 2022-08-18 13:32:58 -04:00
Peter Torelli
aa812c8aa9 Added support for P384 pre-share in server (#5442) 
Added support for new server `--force-curve` option.
 2022-08-17 15:30:48 -07:00
David Garske
995100eed1 Fix for handling WC_PENDING_E from decrypt session ticket callback. ZD14420 2022-08-10 22:20:49 -07:00
David Garske
8605195709 Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420. 2022-07-20 16:43:17 -07:00