wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 16:39:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,435 Commits 12 Branches 184 Tags
7a4657c88155e22237e62ed3d8a466a668be62ab
Commit Graph

6695 Commits

Author SHA1 Message Date
Sean Parkinson
7a4657c881 Fixes from review 3 2022-10-27 11:25:27 +10:00
Sean Parkinson
5db2d53d54 Fixes from review part 2 2022-10-26 16:04:05 +10:00
Sean Parkinson
e68c7bb74d Move file and BIO reading out to ssl_misc.c 2022-10-26 10:28:20 +10:00
Sean Parkinson
e477571168 Fixes from review part 1 2022-10-26 10:28:20 +10:00
Sean Parkinson
dad62fc182 pk.c: rework DH API and improve PEM read/write 
Reorganized the DH APIs into groups.
Reworked all DH APIs.
Improved testing of DH API.

Implemented wolfSSL_PEM_read_RSAPublicKey() and
wolfSSL_PEM_write_RSA_PUBKEY().
Fix public key PEM write implementations to use the correct
header/footer names.
Added support for "RSA PUBLIC KEY" in header and footer in DerToPemEx().

Reworked PEM read/write APIs to be independent. No longer create an EVP
to use common function - common functionality refectored out.
Similarly file APIs don't create a BIO and call the partner APIs.

Improved testing of PEM read/write APIs.

Generic read BIO from memory BIO now returns the buffer instead of
allocating memory and reading.
No longer reading chunks when a file BIO.

Added wolfssl_make_rng() to create or get get global random. All RSA and
DH APIs now use this. DH_generate_parameters() creates a random object
and use global on error rather than just using global random.

Changed implementations to use BIO_new_fp() instead of create a new BIO
and setting file pointer.
 2022-10-26 10:28:20 +10:00
JacobBarthelmeh
0f9279ce52 Merge pull request #5684 from SparkiDev/ssl_sess_version_check 
SSL session retrieval: check protocol version
 2022-10-25 17:29:54 -06:00
Hayden Roche
2b72a50688 Merge pull request #5662 from Uriah-wolfSSL/haproxy-update-2.6.0 2022-10-25 07:47:54 -07:00
Uriah Pollock
19e30b081f Resolved sanitizer issue. 2022-10-24 16:27:18 -05:00
Hayden Roche
4859a00c2a Merge pull request #5698 from SparkiDev/aes_arm32_no_hw 2022-10-21 12:34:22 -07:00
Hayden Roche
a60a15d544 Merge pull request #5721 from philljj/zd15011 2022-10-21 12:32:03 -07:00
Uriah Pollock
6aff27c5c8 Resolved valgrind issue. Updated ASN1_TIME usage per feedback. 
Refactored wolfSSL_d2i_OCSP_CERTID per feedback.
 2022-10-21 13:16:32 -05:00
jordan
e409acc0f7 cite RFC 5280 in DIST_POINT_NAME comment 2022-10-21 12:38:04 -05:00
Hayden Roche
fdffdd241f Merge pull request #5711 from philljj/add_SSL_set1_host 2022-10-20 15:02:24 -07:00
jordan
bfe8b9b76c correct DIST_POINT_NAME type value 2022-10-20 15:10:36 -05:00
Daniel Pouzzner
895a2e1ac5 WOLFSSL_CALLBACKS codepaths: fixes for bugprone-unused-return-value, bugprone-macro-parentheses, readability-named-parameter, and clang-analyzer-deadcode.DeadStores 2022-10-18 13:34:42 -05:00
Hayden Roche
b7c4ddba72 Merge pull request #5663 from lealem47/scan_build 2022-10-18 08:10:33 -07:00
Stefan Eissing
9726d1f6eb Allowing use of SSL/CTX_set_max_early_data() for client side. 
- updating english doc and test cases
 2022-10-18 10:40:18 +02:00
Sean Parkinson
591101fd8b AES for ARM32 without using crypto hardware instructions 
AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-CCM
Fix ldrd and strd to use even first first register and have
second register be next after first.
 2022-10-18 08:31:53 +10:00
Lealem Amedie
327b66d3ed Miscellaneous fixes from scan-build and KDF refactor & small build fixes 2022-10-17 14:34:08 -07:00
jordan
7e35919cc0 Add SSL_set1_host 2022-10-17 16:23:38 -05:00
Uriah Pollock
f48b736ec3 Changed some WOLFSSL_ASN1_TIME handling and other fixes. 2022-10-14 17:09:35 -05:00
David Garske
2c503a5b34 Merge pull request #5682 from JacobBarthelmeh/Testing 
additional sanity checks on debug callback
 2022-10-14 09:25:14 -07:00
Marco Oliverio
2fa2f8e88d fix: wrong size using DTLSv1.3 in RestartHandshakeHashWithCookie 
HRR_MAX_HS_HEADER_SZ does not consider DTLS handshake extra fields.
 2022-10-13 17:42:58 +02:00
Hayden Roche
4fa0deadda Merge pull request #5696 from ejohnstown/wc_only 2022-10-12 17:11:06 -07:00
John Safranek
b838d65a72 wincrypt.h requires windows.h, which isn't included in internal.h when WOLFCRYPT_ONLY set 2022-10-12 15:33:23 -07:00
Uriah Pollock
dc8997d4b6 Added more APIs for HaProxy integration. 2022-10-12 15:45:09 -05:00
Uriah Pollock
3c7f01d853 Added WOLFSSL_ASN1_TIME to CRL 2022-10-12 15:10:29 -05:00
Uriah Pollock
0f0496ae8f Added WOLFSSL_ASN1_TIME to CRL 2022-10-12 14:30:26 -05:00
Uriah Pollock
5cbb099dc9 Updated per PR comments. 2022-10-12 14:06:57 -05:00
Uriah Pollock
9117f8b51b Added more APIs for HaProxy integration. 2022-10-12 14:06:57 -05:00
Uriah Pollock
b798c5f3a0 Added wolfSSL_X509_REVOKED_get_revocationDate() 2022-10-12 14:06:56 -05:00
jordan
06511a0f2e tiny fix for broken lowresource build option 2022-10-11 17:54:42 -05:00
JacobBarthelmeh
927f4c445d additional sanity checks on debug callback 2022-10-11 13:14:59 -07:00
David Garske
3b33c962c4 Merge pull request #5660 from haydenroche5/load_system_root_certs 
Add support for wolfSSL_CTX_load_system_CA_certs on Windows and Mac.
 2022-10-11 08:38:57 -07:00
Hayden Roche
5f0d85adb5 Merge pull request #5666 from per-allansson/windows-wolfio-connect-timeout-bug 2022-10-11 07:42:46 -07:00
Sean Parkinson
43809b5f97 SSL session retrieval: check protocol version 
When looking up the session by ID on the server, check that the protocol
version of the SSL and session match on TLS 1.3 or not.
TLS 1.3 sessions don't work with TLS 1.2 handshakes and vice-versa.
 2022-10-11 11:07:05 +10:00
Juliusz Sosinowicz
b1f97c6bc0 Merge pull request #5652 from rizlik/send_alert_on_version_mismatch 2022-10-10 11:16:11 +02:00
Hayden Roche
12bfa24ecc Merge pull request #5559 from tmael/crl_bs_p 2022-10-09 09:45:49 -07:00
Hayden Roche
47ccd924c2 Merge pull request #5657 from julek-wolfssl/dtls-1.2-stateless 2022-10-09 09:31:07 -07:00
Hayden Roche
98ac4a6f9c Add ability to toggle system CA certs support. 2022-10-07 12:34:00 -07:00
Tesfa Mael
5704c83f78 Unused param 2022-10-07 12:24:52 -07:00
Tesfa Mael
e4da4f60d9 Implemented suggested changes 2022-10-07 11:24:09 -07:00
Tesfa Mael
a738927846 Add CRL binary search, CRL_STATIC_REVOKED_LIST 2022-10-07 11:24:09 -07:00
John Safranek
b4e5ee3f6b Merge pull request #5672 from SparkiDev/kyber_inc_fix 
Kyber: only include source when not FIPS
 2022-10-07 08:39:54 -07:00
Hayden Roche
5c85c8e128 Merge pull request #5658 from philljj/fix_wolfSSL_sk_X509_new 2022-10-06 17:18:03 -07:00
Hayden Roche
b50a786cb2 Add support for wolfSSL_CTX_load_system_CA_certs on Windows and Mac. 
Additionally, fix CMake build to add WOLFSSL_X86_64_BUILD when building for
x86_64.
 2022-10-06 17:12:21 -07:00
Sean Parkinson
be41af6527 Kyber: only include source when not FIPS 2022-10-07 08:33:05 +10:00
jordan
8ff6dc2a9a clean up wolfSSL_sk_X509_new 2022-10-06 14:13:30 -05:00
Juliusz Sosinowicz
7f42792616 DTLS 1.2: Test stateless server connection 2022-10-06 18:53:13 +02:00
Per Allansson
68dc01e7b7 fix bug with wolfIO_TcpConnect not working with timeout 
- non-blocking connect() on Windows returns SOCKET_ERROR + WSAEWOULDBLOCK
- the check for fd against FD_SETSIZE is wrong (and not needed) on Windows
 2022-10-06 14:14:33 +02:00