wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 21:32:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,783 Commits 12 Branches 184 Tags
6b28a68e42bba7e01f5f668efe97fadbc714b367
Commit Graph

7351 Commits

Author SHA1 Message Date
JacobBarthelmeh
96205fc80d Merge pull request #6820 from julek-wolfssl/zd/16550-int-crl 
CRL verify the entire chain including loaded CA's
 2023-10-04 14:37:50 -06:00
Juliusz Sosinowicz
7baf151c37 CRL verify the entire chain including loaded CA's 
- Regen CRL's as most of them are expired
- certs/crl/extra-crls/ca-int-cert-revoked.pem: CRL that revokes certs/intermediate/ca-int-cert.pem signed by certs/ca-cert.pem
- Add CheckCertCRL_ex API to not depend on DecodedCert
- CheckCertCRLList: accept raw serial or hashed version to work with Signers
- Add XELEM_CNT to simplify pre-proc element counting
 2023-10-03 11:45:43 +02:00
Marco Oliverio
c70b3f297e fix: tls13: don't use stale suites pointers in CheckPreSharedKeys 2023-10-02 15:03:55 +00:00
JacobBarthelmeh
369db531d2 Merge pull request #6817 from anhu/tls13_server_suppgroups 
Allow the server to send supported groups extension in TLS 1.3
 2023-09-29 13:53:37 -06:00
Anthony Hu
7c1cc5e8f9 Allow the server to send supported groups extension in TLS 1.3 2023-09-29 12:42:44 -04:00
Sean Parkinson
3ea0fb30dd AES XTS x64 ASM: add AVX1 and AESNI implementations 
Adding AES-XTS AVX1 and AESNI implementations.
Fix name in comment at top of x64 assembly files.
 2023-09-28 14:44:23 -05:00
Sean Parkinson
9acba6ee2d Static RSA length check 
Better length check on decrypted pre-master secret length.
 2023-09-27 07:55:53 +10:00
Kareem
df6a65e151 Prevent current handshake counter from underflowing. 2023-09-22 14:47:00 -07:00
David Garske
16e6a8c150 Merge pull request #6795 from jpbland1/ech-double-free-fix 
Fix ECH double free on rejection
 2023-09-20 14:25:11 -07:00
David Garske
bc02006def Merge pull request #6794 from res0nance/fix-memory-type 
pqc: fix memory type for shared secret storage server side
 2023-09-20 14:24:42 -07:00
John Bland
f71423d626 set ssl->hsHashesEch to NULL regardless of acceptance 
to avoid double free, clean up style violations
 2023-09-20 14:51:40 -04:00
Andras Fekete
9ed19cddfa Need to increment state after the async task completes 2023-09-20 12:23:14 -04:00
res0nance
0983ea9a80 pqc: fix memory type for shared secret storage server side 
This gets copied to preMasterSecret and freed in
TLSX_KeyShare_ProcessPqc with the SECRET type but is allocated
with the TLSX type.
 2023-09-20 15:45:26 +08:00
Andras Fekete
da39f66ff0 Remove accidental comment left in. 2023-09-19 13:10:16 -04:00
Andras Fekete
186d3c2eb4 Fixes to various Async issues 2023-09-19 13:10:16 -04:00
David Garske
763de1a685 Merge pull request #6790 from bandi13/codesonar 
Clean up memory leaks
 2023-09-19 09:48:22 -07:00
David Garske
eca28ea2f6 Merge pull request #6789 from bandi13/renameAsyncEnumPart2 
Clean up double enum
 2023-09-19 09:08:32 -07:00
Andras Fekete
2af5ae89a2 Rename enum to protect the innocent 
WC_NO_PENDING_E indicates that there really isn't any asynchronous task that is pending.
 2023-09-19 10:46:11 -04:00
Eric Blankenhorn
911c4519ef Fix writedup rng leak 2023-09-18 16:19:22 -05:00
Andras Fekete
3bb0643cdd Clean up memory leaks 2023-09-18 16:53:48 -04:00
JacobBarthelmeh
6b6c9f9ae0 Merge pull request #6772 from bandi13/zd16449_more_fixes 
Zd16449 more fixes
 2023-09-14 09:35:01 -06:00
JacobBarthelmeh
ba03677569 Merge pull request #6770 from SparkiDev/sp_asm_improvements_1 
SP ASM: improve performance
 2023-09-13 16:01:03 -06:00
Andras Fekete
3d332a4fad Remove accidental code change 2023-09-13 14:41:21 -04:00
Andras Fekete
2f63eb070e Fix memory leak if the function is being called again because of a retry 2023-09-13 14:05:57 -04:00
Sean Parkinson
114c8cc681 SP ASM: improve performance 
Thumb2/ARM32: use umaal instruction to speed up mulitplication, squaring
and reduction. umaal not always available so use umlal instead.
Implementations for architectures less than 4 still kept - no umull.
Cleanup point arithmetic to not take shortcuts.
Make masking for constant time faster.
Add alternate asm for different compilers.
Get ARMv4 and ARMv6 compiling.
Remove whitespace at end of lines.
 2023-09-13 21:13:53 +10:00
res0nance
825db397d7 Set namedGroup when generating pqc ciphertext 
This fixes an issue where wolfSSL_get_curve_name() will
return NULL when using PQC groups.
 2023-09-13 13:29:31 +08:00
John Bland
eda3cd6a37 Merge pull request #6762 from jpbland1/ocsp-chain-count-retry 
stop DoCertificate from reseting the cert chain
 2023-09-12 21:42:09 -04:00
John Bland
6c8eaf26f5 update based on pr comments 2023-09-12 19:43:28 -04:00
John Bland
6e87fc7f90 switch to using ssl->error to check for previous error 2023-09-12 18:25:10 -04:00
John Bland
14017bd67e remove NULL check on non-pointer array 2023-09-12 14:42:33 -04:00
John Bland
937aa3415f set last missing lastErr section 2023-09-11 18:24:37 -04:00
John Bland
b99b1d4cfd fix bad error setting and instances where lastErr 
wasn't set as it should have been
 2023-09-11 17:52:07 -04:00
Dimitri Papadopoulos
d532833af9 Fix residual typos found by codespell 2023-09-11 11:34:28 +02:00
John Bland
d0c2609ebb stop ProcessPeerCerts from reseting the cert chain 
count when an async error was returned
 2023-09-11 01:56:58 -04:00
JacobBarthelmeh
298b488bf1 Merge pull request #6749 from cconlon/jniCertReq 
Add WOLFSSL_CERT_EXT to --enable-jni, minor CSR items
 2023-09-01 16:15:10 -06:00
JacobBarthelmeh
0352b384a5 Merge pull request #6731 from SparkiDev/aes_arm32_thumb2 
AES ARM32 and Thumb2 ASM: fixup ARM32 and add Thumb2
 2023-09-01 15:56:12 -06:00
Chris Conlon
a2e2a3e994 add --enable-certreq to --enable-jni, support extKeyUsage in X509_REQ_sign, add missing X509_REQ_print fields 2023-09-01 11:59:21 -06:00
David Garske
136cb98412 Force 32-bit alignment on kCurve25519BasePoint 2023-09-01 12:14:55 +10:00
JacobBarthelmeh
2aefdfe9d5 Merge pull request #6737 from anhu/ignoreBadPath 
Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.
 2023-08-30 13:37:56 -06:00
Sean Parkinson
0638ec234b AES ARM32 and Thumb2 ASM: fixup ARM32 and add Thumb2 
Fix which functions and data are compiled in depending on defines.
Better handing of constants.
Also fix Aarch64 ed25519 inline assembly.
 2023-08-30 20:34:51 +10:00
Anthony Hu
d7bb5aa367 Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH. 2023-08-29 10:28:02 -04:00
Juliusz Sosinowicz
357c9a68f2 Only drop plaintext msgs when we don't have stuff to rtx 2023-08-29 12:45:13 +02:00
Juliusz Sosinowicz
6e3c3577f5 Refactor the crazy conditional in VerifyForDtlsMsgPoolSend 2023-08-29 12:45:13 +02:00
Juliusz Sosinowicz
b02fe0853f CI fixes 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz
57ce894393 CRL refactor 
- CheckCertCRLList: check all entries in case a single issuer has multiple CRL's loaded
- test_multiple_crls_same_issuer: testing two different certificates forcing the client to check both CRL's from the same issuer
- CRL_Entry
  - use a lock instead of a mutex to allow multiple threads to access the same list simultaneously
  - add a verifyMutex when doing verification so that we don't have to release the crlLock
- Add allocation and free functions for CRL_Entry
- DupCRL_Entry: simplify copying by copying all static fields in one memcpy
 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz
e85901c8e5 Only list supported sigalgs in certreq 2023-08-28 10:52:36 +02:00
JacobBarthelmeh
14deb7afda Merge pull request #6700 from julek-wolfssl/dtls13-downgrade-acks 
DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH)
 2023-08-25 09:34:53 -06:00
JacobBarthelmeh
c9e9e0fc72 Merge pull request #6704 from icing/session-copy-on-write 
Updating a shared session objects needs to do copy on write
 2023-08-24 16:52:17 -06:00
JacobBarthelmeh
2f2dddde25 Merge pull request #6727 from bigbrett/tls13-sniffer-keylogfile 
TLS 1.3 sniffer keylog file support
 2023-08-24 16:52:00 -06:00
Brett Nicholas
15918d8ee6 First pass at TLS1.3 keylog file working 2023-08-24 13:04:59 -06:00