Commit Graph

7331 Commits

Author SHA1 Message Date
JacobBarthelmeh 6b6c9f9ae0 Merge pull request #6772 from bandi13/zd16449_more_fixes
Zd16449 more fixes
2023-09-14 09:35:01 -06:00
JacobBarthelmeh ba03677569 Merge pull request #6770 from SparkiDev/sp_asm_improvements_1
SP ASM: improve performance
2023-09-13 16:01:03 -06:00
Andras Fekete 3d332a4fad Remove accidental code change 2023-09-13 14:41:21 -04:00
Andras Fekete 2f63eb070e Fix memory leak if the function is being called again because of a retry 2023-09-13 14:05:57 -04:00
Sean Parkinson 114c8cc681 SP ASM: improve performance
Thumb2/ARM32: use umaal instruction to speed up mulitplication, squaring
and reduction. umaal not always available so use umlal instead.
Implementations for architectures less than 4 still kept - no umull.
Cleanup point arithmetic to not take shortcuts.
Make masking for constant time faster.
Add alternate asm for different compilers.
Get ARMv4 and ARMv6 compiling.
Remove whitespace at end of lines.
2023-09-13 21:13:53 +10:00
res0nance 825db397d7 Set namedGroup when generating pqc ciphertext
This fixes an issue where wolfSSL_get_curve_name() will
return NULL when using PQC groups.
2023-09-13 13:29:31 +08:00
John Bland eda3cd6a37 Merge pull request #6762 from jpbland1/ocsp-chain-count-retry
stop DoCertificate from reseting the cert chain
2023-09-12 21:42:09 -04:00
John Bland 6c8eaf26f5 update based on pr comments 2023-09-12 19:43:28 -04:00
John Bland 6e87fc7f90 switch to using ssl->error to check for previous error 2023-09-12 18:25:10 -04:00
John Bland 14017bd67e remove NULL check on non-pointer array 2023-09-12 14:42:33 -04:00
John Bland 937aa3415f set last missing lastErr section 2023-09-11 18:24:37 -04:00
John Bland b99b1d4cfd fix bad error setting and instances where lastErr
wasn't set as it should have been
2023-09-11 17:52:07 -04:00
Dimitri Papadopoulos d532833af9 Fix residual typos found by codespell 2023-09-11 11:34:28 +02:00
John Bland d0c2609ebb stop ProcessPeerCerts from reseting the cert chain
count when an async error was returned
2023-09-11 01:56:58 -04:00
JacobBarthelmeh 298b488bf1 Merge pull request #6749 from cconlon/jniCertReq
Add WOLFSSL_CERT_EXT to --enable-jni, minor CSR items
2023-09-01 16:15:10 -06:00
JacobBarthelmeh 0352b384a5 Merge pull request #6731 from SparkiDev/aes_arm32_thumb2
AES ARM32 and Thumb2 ASM: fixup ARM32 and add Thumb2
2023-09-01 15:56:12 -06:00
Chris Conlon a2e2a3e994 add --enable-certreq to --enable-jni, support extKeyUsage in X509_REQ_sign, add missing X509_REQ_print fields 2023-09-01 11:59:21 -06:00
David Garske 136cb98412 Force 32-bit alignment on kCurve25519BasePoint 2023-09-01 12:14:55 +10:00
JacobBarthelmeh 2aefdfe9d5 Merge pull request #6737 from anhu/ignoreBadPath
Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.
2023-08-30 13:37:56 -06:00
Sean Parkinson 0638ec234b AES ARM32 and Thumb2 ASM: fixup ARM32 and add Thumb2
Fix which functions and data are compiled in depending on defines.
Better handing of constants.
Also fix Aarch64 ed25519 inline assembly.
2023-08-30 20:34:51 +10:00
Anthony Hu d7bb5aa367 Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH. 2023-08-29 10:28:02 -04:00
Juliusz Sosinowicz 357c9a68f2 Only drop plaintext msgs when we don't have stuff to rtx 2023-08-29 12:45:13 +02:00
Juliusz Sosinowicz 6e3c3577f5 Refactor the crazy conditional in VerifyForDtlsMsgPoolSend 2023-08-29 12:45:13 +02:00
Juliusz Sosinowicz b02fe0853f CI fixes 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz 57ce894393 CRL refactor
- CheckCertCRLList: check all entries in case a single issuer has multiple CRL's loaded
- test_multiple_crls_same_issuer: testing two different certificates forcing the client to check both CRL's from the same issuer
- CRL_Entry
  - use a lock instead of a mutex to allow multiple threads to access the same list simultaneously
  - add a verifyMutex when doing verification so that we don't have to release the crlLock
- Add allocation and free functions for CRL_Entry
- DupCRL_Entry: simplify copying by copying all static fields in one memcpy
2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz e85901c8e5 Only list supported sigalgs in certreq 2023-08-28 10:52:36 +02:00
JacobBarthelmeh 14deb7afda Merge pull request #6700 from julek-wolfssl/dtls13-downgrade-acks
DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH)
2023-08-25 09:34:53 -06:00
JacobBarthelmeh c9e9e0fc72 Merge pull request #6704 from icing/session-copy-on-write
Updating a shared session objects needs to do copy on write
2023-08-24 16:52:17 -06:00
JacobBarthelmeh 2f2dddde25 Merge pull request #6727 from bigbrett/tls13-sniffer-keylogfile
TLS 1.3 sniffer keylog file support
2023-08-24 16:52:00 -06:00
Brett Nicholas 15918d8ee6 First pass at TLS1.3 keylog file working 2023-08-24 13:04:59 -06:00
JacobBarthelmeh 5f44a73f8e Merge pull request #6725 from julek-wolfssl/zd/16598
TLSX_CA_Names_Parse: Include header in length check
2023-08-24 10:30:07 -06:00
Juliusz Sosinowicz 82c5170659 TLSX_CA_Names_Parse: Include header in length check 2023-08-24 15:23:37 +02:00
Juliusz Sosinowicz 8ce71cc19c Call HaveUniqueSessionObj when we need to have a unique session object 2023-08-24 15:01:22 +02:00
Sean Parkinson 36b92a4cef Thumb2 ASM, Curve25519
Add support for compiling ASM for Thumb2
Add Curve25519 ASM for Thumb2
Limit assembly code compiled when Ed25519 not required.
Rework all assembly implementations to replace ge_*() functions instead
of having fe_ge_*() versions that take many parameters.
Get ARM32 inline asm working.
2023-08-24 17:43:03 +10:00
Juliusz Sosinowicz a99954c0b0 Update dtls_expected_peer_handshake_number when downgrading 2023-08-23 23:20:51 +02:00
Juliusz Sosinowicz 5624b6e9d2 Update comment 2023-08-23 23:20:51 +02:00
Juliusz Sosinowicz 058dfca809 Use explicit field to signal that we received a unified hdr 2023-08-23 23:20:51 +02:00
Juliusz Sosinowicz 3cc473b1ec Check that HVR and HRR don't appear in the same connection 2023-08-23 22:18:21 +02:00
Juliusz Sosinowicz 9427bea275 DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH) 2023-08-23 22:18:21 +02:00
Stefan Eissing 7b29362d90 Updating a shared session objects needs to do copy on write 2023-08-23 22:15:25 +02:00
JacobBarthelmeh 3033371abc Merge pull request #6717 from bigbrett/sniffer-keylogfile
sniffer keylog file support
2023-08-22 14:06:27 -06:00
Brett Nicholas 66c53b0996 Decoupled keylogfile registration and sniffer server creation APIs
fixed (very old) use-after-free found by ASAN

Updated documentation

review comments (spelling and housekeeping)
2023-08-22 11:29:58 -06:00
Brett Nicholas 2ee6a01d91 Initial sniffer keylog file support for TLS 1.2 2023-08-22 11:23:46 -06:00
JacobBarthelmeh 205cdb1809 Merge pull request #6719 from anhu/MBSTRING_ASC
Support MBSTRING_ASC for cert encoding
2023-08-22 09:29:50 -06:00
Anthony Hu 7669f966f3 Support MBSTRING_ASC for cert encoding 2023-08-18 17:50:25 -04:00
jordan d4ba2e50d4 Used codespell and fixed obvious typos. 2023-08-17 15:20:10 -05:00
JacobBarthelmeh cc4e327316 Merge pull request #6544 from TakayukiMatsuo/rpk
Add support for raw-public-key
2023-08-17 09:23:18 -06:00
Hideki Miyazaki 47caa9b06d generalize sce protect impl to fsp sm(secure module) 2023-08-13 09:23:03 +09:00
TakayukiMatsuo 3a5739a8fa Add support for raw-public-key 2023-08-11 11:29:15 +09:00
Juliusz Sosinowicz e96837aa34 cond: Add start and end API for mutex handling 2023-08-10 18:07:51 +02:00