Commit Graph

3067 Commits

Author SHA1 Message Date
Takashi Kojo 2f379ed322 alloc a buff for NULL pointer 2024-06-18 09:41:11 +09:00
kaleb-himes 20911f254b ECC, DH, GCM, GMAC, CCM and AES updated services 2024-06-12 18:16:33 -04:00
Daniel Pouzzner 202b0a15b4 Merge pull request #7629 from julek-wolfssl/test_wrong_cs_downgrade-clamp
test_wrong_cs_downgrade: clamp error to exact value
2024-06-10 18:26:54 -04:00
David Garske e960a00650 Merge pull request #7625 from JacobBarthelmeh/x509
sanity check on non conforming serial number of 0
2024-06-07 08:33:38 -07:00
Juliusz Sosinowicz 8c47e8d6f2 test_wrong_cs_downgrade: clamp error to exact value 2024-06-07 11:33:38 +02:00
JacobBarthelmeh d09f955e6c Merge pull request #7626 from lealem47/parseServerHello
Improved fix for TLS1.3 to TLS1.2 client downgrade
2024-06-06 17:16:30 -06:00
Sean Parkinson c82230324e Merge pull request #7546 from oltolm/cmake
cmake: fix generation of options.h
2024-06-07 08:51:12 +10:00
JacobBarthelmeh 467b3cb561 add parsing 0 serial numbers for certs with python 2024-06-06 16:24:48 -06:00
JacobBarthelmeh 68f52cb49a add test case 2024-06-06 15:06:15 -06:00
Lealem Amedie 7cc0ac14c4 Adding test case 2024-06-06 13:24:07 -06:00
David Garske 60ccaf379d Remove uses of stdint in api.c. 2024-06-06 10:57:46 -07:00
Juliusz Sosinowicz ede8cde8a7 dtls: Increment sequence number in SendAlert 2024-06-04 17:13:04 +02:00
Juliusz Sosinowicz e428c2833b Allow user to send a user_canceled alert 2024-06-04 17:13:04 +02:00
David Garske 1f684e62d6 Merge pull request #7604 from ColtonWilley/explicit_len_pattern_match
Rewrite pattern matching to use explicit length
2024-06-03 12:04:12 -07:00
David Garske 43f4ba91da Merge pull request #7608 from ejohnstown/rsa-add
Import Raw RSA Private Key
2024-06-03 09:33:38 -07:00
John Safranek e8e6eaeb4d Import Raw Rsa Key
1. Add API for importing an RSA private key, `wc_RsaPrivateKeyDecodeRaw()`,
   when all you have are the components of the key in raw arrays. Also
   recalculates dP and dQ if missing.
2. Add API test for `wc_RsaPrivateKeyDecodeRaw()`.
2024-06-03 09:03:29 -07:00
David Garske 3975af88cf Merge pull request #7191 from kojo1/ecpoint-h2p
Add EC_POINT_hex2point
2024-06-01 07:13:31 -07:00
JacobBarthelmeh 40562a0cb3 Merge pull request #7599 from dgarske/asn_checkcertsig
Expose `wc_CheckCertSigPubKey` with `WOLFSSL_SMALL_CERT_VERIFY`
2024-05-31 09:20:35 -06:00
David Garske 0789ecb808 Fix the CheckCertSignature API mess. 2024-05-31 06:58:35 -07:00
Colton Willey 447f73c25e Merge branch 'master' of github.com:ColtonWilley/wolfssl into explicit_len_pattern_match 2024-05-30 20:12:16 -07:00
Sean Parkinson fc8a509b06 Merge pull request #7597 from ColtonWilley/max_altnames_and_name_constraints
Max limits on number of alternative names and name constraints
2024-05-31 11:24:30 +10:00
Colton Willey f646cbcecb Address review comments, fix handling of . in name matching and add more tests for . handling 2024-05-30 18:03:38 -07:00
Colton Willey af3828b2b7 Rewrite pattern matching to always use explicit lengths instead of expecting NULL terminated strings, thus replicating the behavior of openssl X509_check_host() 2024-05-30 15:33:17 -07:00
JacobBarthelmeh ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
Colton Willey f13a82610c Add flag guard for IGNORE_NAME_CONSTRAINTS 2024-05-29 22:41:36 -07:00
Colton Willey 473de5796c Free ctx before return 2024-05-29 20:52:09 -07:00
Colton Willey 284dea43fe Unify max name testing to use cert files for both cases. 2024-05-29 19:00:15 -07:00
Colton Willey a4544ce2eb Updates to address review comments 2024-05-29 17:54:52 -07:00
Colton Willey b00ae2ac69 Initial implementation of max limits on number of alternative names and name constraints 2024-05-29 15:55:17 -07:00
JacobBarthelmeh 288fe430f5 tying in lean staticmemory build with --enable-staticmemory=small 2024-05-29 15:50:11 -06:00
kaleb-himes a22956d881 Address periodic CAST failures observed in unit.test by pre-empting the CASTs 2024-05-20 16:35:50 -04:00
oltolm 5f46809988 fix compilation of tests with GCC 2024-05-16 18:55:27 +02:00
Juliusz Sosinowicz 12b9367598 test_wolfSSL_check_domain: doesn't work with WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY 2024-05-16 18:20:53 +02:00
Juliusz Sosinowicz d9f7629296 Add grpc support
- Fix BIO_BIO type
  - Set retry flags correctly
- Add CRL callback
- Copy the alt names instead of trying to share a pointer
- Allow calling wolfSSL_get_servername on client side (to get the requested name)
- Return the chain in wolfSSL_X509_STORE_CTX_get_chain in the correct order
  - Peer first, top CA last
- Fix leak in RebuildFullName
- Add CopyString helper function
- Implement
  - X509_CRL_dup
  - ASN1_UTCTIME_set
  - X509_STORE_CTX_get0_param
  - X509_STORE_get0_param
  - X509_STORE_set_verify_cb
  - X509_STORE_set_get_crl
  - X509_set1_notAfter
  - X509_set1_notBefore
2024-05-16 18:20:53 +02:00
Sean Parkinson abd1e367a5 Merge pull request #7420 from anhu/cmp_name_case
When comparing subject names, do not worry about case.
2024-05-16 09:10:56 +10:00
David Garske 287323ab4c Merge pull request #6933 from kareem-wolfssl/zd16927
Add stub for wolfSSL_set_ecdh_auto.
2024-05-15 13:04:06 -07:00
Kareem 4481f9b626 Add stub for wolfSSL_set_ecdh_auto. 2024-05-15 10:19:47 -07:00
Colton Willey b156a51e82 Code cleanup per review comments 2024-05-15 09:51:00 -07:00
Colton Willey de0a492499 Remove trailing whitespace 2024-05-15 09:12:00 -07:00
Colton Willey d522feb1cd Free X509 object 2024-05-15 08:37:39 -07:00
Colton Willey 958b5ac465 Clean up cast warning 2024-05-15 08:30:38 -07:00
Colton Willey eb24bce93f Add test case for bad alternative name 2024-05-15 08:22:11 -07:00
Andras Fekete a59a3d109f Explicit cast 2024-05-14 11:03:20 -04:00
Andras Fekete affd0a318e Fix sign conversion errors 2024-05-14 11:02:28 -04:00
Daniel Pouzzner 8ee7c36bb1 tests/api.c: add suppression for clang-analyzer-optin.core.EnumCastOutOfRange in "Bad hash type" subtest in test_wc_ecc_sm2_create_digest(). 2024-05-13 19:06:54 -05:00
David Garske 29f7578a61 Merge pull request #7446 from julek-wolfssl/hostap
hostap update
2024-05-13 10:35:01 -07:00
David Garske d39ab765f6 Merge pull request #7519 from julek-wolfssl/gh/7516
Return length in wc_Curve448PublicKeyToDer with NULL output param
2024-05-13 09:00:33 -07:00
Daniel Pouzzner 9ac6bdd438 fixes and suppressions for defects reported by clang-analyzer-unix.Stream (new in llvm-19.0.0_pre20240504):
* added POSIX definitions for XFEOF(), XFERROR(), and XCLEARERR(), currently with no-op fallbacks for !POSIX.
* added missing file handle checks in testsuite/testsuite.c:file_test() and tests/utils.h:copy_file().
* added fixes and suppression around tests/api.c:test_wolfSSL_SMIME_read_PKCS7().
* added various fixes in examples/asn1/asn1.c and examples/pem/pem.c.
2024-05-11 15:24:54 -05:00
Juliusz Sosinowicz 239706615c Return length in wc_Curve448PublicKeyToDer with NULL output param 2024-05-10 20:10:23 +02:00
Daniel Pouzzner cb689104d1 Merge pull request #7466 from julek-wolfssl/gh/7273
Mark all record sequence numbers before stateful parsing as read
2024-05-09 13:57:13 -04:00