Commit Graph

6101 Commits

Author SHA1 Message Date
Eric Blankenhorn ab6dc8d669 Add ability to set ECC Sign userCTX using WOLFSSL_CTX 2022-04-11 08:41:27 -05:00
Chris Conlon 9859492222 Merge pull request #5029 from haydenroche5/asn1_time_diff_2038 2022-04-07 16:45:11 -06:00
Daniel Pouzzner 0083afc279 fix whitespace. 2022-04-07 07:59:07 -05:00
Hayden Roche 161d74879a Change time2epoch to TimeToUnixTime. 2022-04-06 21:38:24 -07:00
Sean Parkinson 25aa0af260 ssl.c break out
Move the X509 API out of ssl.c into x509.c
2022-04-06 17:25:26 +10:00
David Garske 99fbd6f160 Merge pull request #4963 from SparkiDev/tls13_psk_multi_id
TLS 1.3 PSK: multiple ids for a cipher suite
2022-04-05 09:47:14 -07:00
David Garske e9a238ca86 Merge pull request #5021 from JacobBarthelmeh/certs
allow up to and including CTC_MAX_SKID_SIZE (32 byte hash)
2022-04-05 09:46:34 -07:00
Sean Parkinson 77485d987e Merge pull request #5010 from haydenroche5/asn1_time_diff_2038
Fix year 2038 problem in wolfSSL_ASN1_TIME_diff.
2022-04-05 07:58:36 +10:00
Jacob Barthelmeh 68ebb051e5 allow up to and including CTC_MAX_SKID_SIZE (32 byte hash) 2022-04-04 15:19:17 -06:00
David Garske 829a8a4039 Merge pull request #5009 from embhorn/zd13980
Fix build errors for NO_WOLFSSL_SERVER and NO_WOLFSSL_CLIENT
2022-04-04 12:43:49 -07:00
Hayden Roche 9c1e2a83d1 Fix year 2038 problem in wolfSSL_ASN1_TIME_diff.
Prior to this commit, this function used XMKTIME (mktime) to convert the
passed in WOLFSSL_ASN1_TIMEs to Unix timestamps. On platforms where time_t is
32 bits long, times after the year 2038 can't be represented with this type. To
fix this, we need to not use XMKTIME. With this commit, the static function
time2epoch is added to ssl.c, which uses the date time information to compute
seconds since the Unix epoch without the use of mktime. It returns the seconds
as a long long. This is sufficient to make the function work for years > 2038 on
the platform of the user who discovered this problem in the first place (Yocto
Linux on ARMv7).
2022-04-04 11:01:21 -07:00
Daniel Pouzzner 0d6c283f7a fixes for -Werror=declaration-after-statement in debug builds. 2022-04-04 09:29:26 -05:00
Sean Parkinson 0fba16a394 Merge pull request #4998 from haydenroche5/get_conv_form
Add wolfSSL_EC_KEY_get_conv_form to compatibility layer.
2022-04-04 08:47:14 +10:00
Hayden Roche 880afe0d89 Add wolfSSL_EC_KEY_get_conv_form to compatibility layer. 2022-04-02 13:57:33 -07:00
Daniel Pouzzner ae3996fd0e fix codebase for -Wvla -Wdeclaration-after-statement; fix some whitespace. 2022-04-01 14:44:10 -05:00
Eric Blankenhorn ef16ce806c Fix build errors for NO_WOLFSSL_SERVER and NO_WOLFSSL_CLIENT 2022-04-01 08:04:41 -05:00
Chris Conlon b45cd921b6 Merge pull request #5005 from dgarske/renesas_spell 2022-03-31 17:44:04 -06:00
Sean Parkinson 79444fdb56 Merge pull request #4997 from dgarske/qat_eckg
Support for Intel QuickAssist ECC KeyGen acceleration
2022-04-01 08:32:21 +10:00
Sean Parkinson 1add8703e2 Merge pull request #4996 from haydenroche5/bn_rand
Improve wolfSSL_BN_rand.
2022-04-01 08:12:22 +10:00
Daniel Pouzzner 01f9f7df5f Merge pull request #5002 from JacobBarthelmeh/Compatibility-Layer
sanity check before copy with new memory bio
2022-03-31 15:08:26 -05:00
David Garske 1993851274 Renesas spelling, code formatting and whitespace fixes. 2022-03-31 08:02:00 -07:00
Hayden Roche 3f03f4e40a Handle case where bits is 0 properly. 2022-03-30 16:56:53 -07:00
JacobBarthelmeh 8136c55a39 sanity check before copy with new memory bio 2022-03-30 14:02:03 -07:00
David Garske c905c613e9 Support for Intel QuickAssist ECC KeyGen acceleration. 2022-03-30 13:07:47 -07:00
Eric Blankenhorn ea38e1aab5 Add wolfSSL_CTX_SetCertCbCtx to set user context for CB 2022-03-30 12:27:11 -05:00
David Garske 2029bf0a0b Merge pull request #4992 from JacobBarthelmeh/Compatibility-Layer
support creating new mem bio of length 0
2022-03-30 06:55:53 -07:00
Hayden Roche 2077690bf0 Improve wolfSSL_BN_rand.
- Previously, this function would round up the requested bits to the next
multiple of 8. With this commit, the function returns a number of exactly the
number of bits requested, which is the same behavior as OpenSSL. This problem
was discovered by a user using the compatibility layer with OpenSSH's ssh-keygen
utility.
- This function now respects the top and bottom parameters.
- Improved unit testing.
2022-03-29 18:08:21 -07:00
Kaleb Himes 1dc3808aae Merge pull request #4986 from cconlon/sslFipsReady
Fix FIPS defines in wolfSSL_RSA_sign_generic_padding() / RSA_verify_ex()
2022-03-29 16:02:17 -05:00
Chris Conlon 4ad2f68071 fix defines for FIPS around RSA-PSS in wolfSSL_RSA_sign_generic_padding() and wolfSSL_RSA_verify_ex() 2022-03-29 10:03:16 -06:00
Jacob Barthelmeh f7f94cede0 support creating new mem bio of length 0 2022-03-28 15:52:42 -06:00
JacobBarthelmeh 25d5a624d2 Merge pull request #4975 from cconlon/smallStack
smallstack cleanup for OpenSSL Compatibility Functions
2022-03-25 17:06:59 -06:00
David Garske 04e2b6c62a Merge pull request #4983 from douzzer/20220324-gcc-12-fixes
fixups for warnings from gcc-12
2022-03-24 19:16:27 -07:00
Sean Parkinson feb58a8455 Merge pull request #4956 from julek-wolfssl/bind-9.18.0
bind 9.18.0 fixes
2022-03-25 08:27:34 +10:00
Daniel Pouzzner 12776b3772 fixups for warnings from gcc-12:
src/internal.c: use XMEMCMP(), not ==, to compare array elements (fixes conflict of 74408e3ee3 vs 617eda9d44);

fix spelling of NAMEDGROUP_LEN (was NAMEDGREOUP_LEN);

src/ssl.c: in CheckcipherList() and wolfSSL_parse_cipher_list(), use XMEMCPY(), not XSTRNCPY(), to avoid (benign) -Wstringop-truncation;

scripts/sniffer-tls13-gen.sh: fix for shellcheck SC2242 (exit 1, not -1).
2022-03-24 16:33:36 -05:00
Anthony Hu ceae169a34 Merge pull request #4969 from dgarske/pk_pubkey 2022-03-24 12:40:03 -04:00
David Garske 624f1499f0 Merge pull request #4978 from julek-wolfssl/issue/4970
Prefer status_request_v2 over status_request when both are present
2022-03-24 08:30:12 -07:00
Juliusz Sosinowicz 29c0c9bf48 Rebase fixes 2022-03-24 13:41:50 +01:00
Juliusz Sosinowicz 88d5059c36 Jenkins fixes
`WS_RETURN_CODE` was not functioning properly in master
2022-03-24 12:16:59 +01:00
Juliusz Sosinowicz 98bc8402db Refactor memory BIO
- use the `WOLFSSL_BUF_MEM` struct to resize the internal memory buffer
- add a `WOLFSSL_BIO_RESIZE_THRESHOLD` define that will be used to determine how often to shrink the internal buffer. This should cut down on the number of free/malloc calls made significantly. This should help with our inefficient 1 byte reads in `loadX509orX509REQFromPemBio`.
- implement `wolfSSL_BUF_MEM_resize` which allows bi-directional buffer size manipulation
2022-03-24 12:16:59 +01:00
Juliusz Sosinowicz ae9b01c5b8 bind 9.18.0 fixes
- return `1` from `wolfSSL_BIO_set_mem_eof_return` instead of `0` for success
- bind requires ALPN
- `OPENSSL_COMPATIBLE_DEFAULT` defined for bind
- `WOLFSSL_ERROR_CODE_OPENSSL` defined when using compatibility layer
- return `bio->eof` on no pending data to read in memory BIO (defaults to `WOLFSSL_BIO_ERROR`)
- `flags` is no longer an input parameter in `wolfSSL_ERR_get_error_line_data`
- allow lazy parameter loading in `wolfSSL_DH_set0_key`
- implement reference counter in `WOLFSSL_EC_KEY`
- load serial number from `x509->serialNumber` if `x509->serial` is empty
2022-03-24 12:16:59 +01:00
Anthony Hu f71a85d5f9 Merge pull request #4979 from dgarske/sniffer_tidy 2022-03-23 15:13:20 -04:00
David Garske f129c32273 Fixes for whitespace, script bug and bit-field type. 2022-03-23 09:31:04 -07:00
Juliusz Sosinowicz 4412496adb Prefer status_request_v2 over status_request when both are present
Reported in https://github.com/wolfSSL/wolfssl/issues/4970
2022-03-23 11:20:22 +01:00
Sean Parkinson 90f53aed34 ssl.c: move out X509 store APIs to new file 2022-03-23 13:59:54 +10:00
Daniel Pouzzner d864fc9a3f Merge pull request #4972 from julek-wolfssl/asn-time-tz-diff
`mktime` may return a negative due to timezones around the unix epoch
2022-03-22 14:03:59 -05:00
Chris Conlon 906ea4ad03 smallstack reduction for wolfSSL_EC_POINT_invert 2022-03-22 10:00:17 -06:00
Chris Conlon 64a309e245 smallstack reduction for wolfSSL_ASN1_INTEGER_to_BN 2022-03-22 10:00:17 -06:00
Chris Conlon ddc1899d48 smallstack reduction for wolfSSL_EC_POINT_get_affine_coordinates_GFp 2022-03-22 10:00:17 -06:00
Chris Conlon 94e1b87ae0 smallstack reduction for wolfSSL_X509_set_ext, wolfSSL_EC_POINT_mul, wolfSSL_ECDSA_do_sign, wolfSSL_i2d_X509_NAME, wolfSSL_X509_REQ_sign 2022-03-22 10:00:13 -06:00
Anthony Hu c41bef6486 Get rid of tabs I added previously. 2022-03-22 11:56:15 -04:00