Marco Oliverio
7e69c2049b
dtls cid: address reviewer's comments
2024-10-01 06:45:37 +00:00
Marco Oliverio
9dccd66a3a
address review: better guarding in test
2024-09-24 12:54:15 +00:00
Juliusz Sosinowicz
cf96ab22ba
Address code review
2024-09-20 15:31:01 +02:00
Juliusz Sosinowicz
99a99e3d6e
Implement DTLS 1.2 Connection ID (CID)
2024-09-20 15:31:01 +02:00
András Fekete
bbbc40dacc
Merge pull request #7996 from julek-wolfssl/move-mymemmem
...
memmem is only being used in testing so move it there
Failing test is disabled in: https://github.com/wolfSSL/wolfssl/pull/7991/commits/5be198fa0e7aa035cbba1b2cc58162bd359a1208
2024-09-20 09:08:44 -04:00
Sean Parkinson
8768c55579
Merge pull request #7991 from douzzer/20240917-fixes
...
20240917-fixes
2024-09-20 15:20:51 +10:00
Daniel Pouzzner
5be198fa0e
.github/workflows/packaging.yml: disable broken RedHat/Fedora rpm packaging tests.
2024-09-19 17:44:27 -05:00
Daniel Pouzzner
af8feed531
Revert "wolfssl/wolfcrypt/ecc.h: fixes for more linker relocation errors in Fedora packaging test: always export ECC_API functions, but when !WOLFSSL_PUBLIC_ECC_ADD_DBL, remap them with wc_ prefixes."
...
This reverts commit a31e914b98 .
2024-09-19 17:44:08 -05:00
Daniel Pouzzner
a31e914b98
wolfssl/wolfcrypt/ecc.h: fixes for more linker relocation errors in Fedora packaging test: always export ECC_API functions, but when !WOLFSSL_PUBLIC_ECC_ADD_DBL, remap them with wc_ prefixes.
2024-09-19 17:30:44 -05:00
Daniel Pouzzner
da1b8358dc
wolfcrypt/benchmark/benchmark.c: add RSA3072 to keygen bench.
2024-09-19 17:07:19 -05:00
Daniel Pouzzner
212708e3b4
wolfssl/wolfcrypt/ecc.h and wolfcrypt/src/ecc.c: refactor ecc_sets and ecc_sets_count using accessor functions, to fix linker relocation errors in Fedora packaging test.
2024-09-19 17:03:07 -05:00
Daniel Pouzzner
510d6a07bf
wolfssl/wolfcrypt/types.h: dial in the __static_assert() gating+definitions, and add static_assert2().
2024-09-19 13:10:47 -05:00
Juliusz Sosinowicz
d7303664b5
memmem is only being used in testing so move it there
2024-09-19 15:54:20 +02:00
Daniel Pouzzner
fbbb2b876b
wolfssl/wolfcrypt/types.h: add static_assert() definitions;
...
wolfssl/internal.h: add DTLS13_HANDSHAKE_HEADER_SZ;
src/tls13.c: in EchHashHelloInner(), use falseHeader[DTLS13_HANDSHAKE_HEADER_SZ] to fix buffer overrun;
src/dtls13.c: add static assert for DTLS13_HANDSHAKE_HEADER_SZ.
2024-09-19 01:15:42 -05:00
Daniel Pouzzner
263cb5bf78
tests/api.c:test_Sha512_Family_Final(): fix unreachable null pointer deref reported by clang-tidy in FIPS/Async configs.
2024-09-18 17:42:05 -05:00
Daniel Pouzzner
072c5311a5
m4/ax_atomic.m4: fixes for C++ compatibility.
...
wolfssl/wolfcrypt/wc_port.h: add WOLFSSL_API attribute to wolfSSL_Atomic_Int_Init, wolfSSL_Atomic_Int_FetchAdd, and wolfSSL_Atomic_Int_FetchAdd, and add fallback definitions for them, allowing elimination of SINGLE_THREADED implementations of wolfSSL_Ref*(), and allowing ungated use of wolfSSL_Atomic_* calls in api.c.
wolfcrypt/src/dh.c: in wc_DhAgree_ct(), remove frivolous XMEMSET() and stray semicolon.
wolfcrypt/benchmark/benchmark.c: fix bench_rsaKeyGen() to skip tests of key sizes below RSA_MIN_SIZE, and add 4096 bit benchmark if RSA_MAX_SIZE is big enough.
tests/unit.h:
* adopt definitions of TEST_FAIL, TEST_SUCCESS, and TEST_SKIPPED from unit.c, remap TEST_SKIPPED from -7777 to 3, and add TEST_SUCCESS_NO_MSGS, TEST_SKIPPED_NO_MSGS, EXPECT_DECLS_NO_MSGS(), and EXPECT_FAILURE_CODEPOINT_ID, to support existing and future expected-particular-failure test cases without log noise.
* rename outer gate from CyaSSL_UNIT_H to TESTS_UNIT_H.
tests/api.c:
* use EXPECT_DECLS_NO_MSGS() in test_ssl_memio_setup(), test_ssl_memio_read_write(), and test_wolfSSL_client_server_nofail_memio(), and globally update affected expected error codes to correspond.
* use atomics for {client,server}SessRemCount{Malloc,free} to fix races in SessRemCtxCb() and SessRemSslSetupCb().
2024-09-18 16:25:26 -05:00
JacobBarthelmeh
b9908409d4
Merge pull request #7987 from bandi13/betterEngineFlagsFix
...
FIPS defines RSA_MIN_SIZE and users may want to override
2024-09-18 11:18:24 -06:00
JacobBarthelmeh
87dc45b938
Merge pull request #7986 from julek-wolfssl/crl-cb
...
Add crl error override callback
2024-09-18 10:43:37 -06:00
JacobBarthelmeh
46f2b21abf
Merge pull request #7985 from julek-wolfssl/curl-ci
...
Use nproc not nproc+1 threads
2024-09-18 10:35:08 -06:00
JacobBarthelmeh
ffd0fb23f7
Merge pull request #7979 from SparkiDev/sp_x86_64_no_avx_fix
...
SP x86_64 asm: check for AVX2 support
2024-09-18 10:23:12 -06:00
JacobBarthelmeh
ec8a1ba956
Merge pull request #7962 from embhorn/zd18558
...
Add cmake support for WOLFSSL_CUSTOM_CURVES
2024-09-18 10:18:38 -06:00
JacobBarthelmeh
fcb8d3ffc5
Merge pull request #7887 from kojo1/crl-pss
...
allow sigParamsSz is zero and malloc(0) to return NULL
2024-09-18 10:04:29 -06:00
JacobBarthelmeh
fb2144d290
Merge pull request #7951 from julek-wolfssl/dtls13-cid-fixes
...
DTLS 1.3 CID fixes
2024-09-18 09:38:15 -06:00
Andras Fekete
bd77ee4f37
FIPS defines RSA_MIN_SIZE and users may want to override
2024-09-18 10:28:10 -04:00
Juliusz Sosinowicz
ae6c872797
Add crl error override callback
2024-09-18 11:58:53 +02:00
Juliusz Sosinowicz
84c80b4c0f
make mymemmem available for linking
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
1e75a2367c
Address code review
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
74ac2cd07d
dtls 1.3: pad plaintext when too short for record header protection
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
29f51b6245
CheckcipherList: Check Cipher minor to detect TLS 1.3 ciphersuite
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
4a26af0dfa
dtls 1.3: Add cid size to output buffer length
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
ee2b77c0bd
Move manual memio to api.c
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
6d5fefde4a
dtls 1.3: Check header length before copying
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
8ce6f17144
Add dtls 1.3 cid api test
2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz
c166b9dd77
Use nproc not nproc+1 threads
2024-09-18 10:28:28 +02:00
JacobBarthelmeh
c3900470aa
Merge pull request #7982 from bandi13/fixEngineFlags
...
Engine needs to have a RSA_MIN_SIZE=1024
2024-09-17 17:03:11 -06:00
Daniel Pouzzner
ef6f1562d6
Merge pull request #7980 from ejohnstown/small-stack-fp
...
FP SmallStack Fix
2024-09-17 17:28:46 -05:00
Andras Fekete
41b3a729d2
Engine needs to have a RSA_MIN_SIZE=1024
2024-09-17 17:36:37 -04:00
John Safranek
47e51400bb
FP SmallStack Fix
...
The function _fp_exptmod_nct() is using WOLFSSL_NO_MALLOC to guard
using stack allocation vs malloc. It's twin function _fp_exptmod_ct()
is using WOLFSSL_SMALL_STACK for this. This is causing inappropriate use
of malloc() in a small stack environment. The no-malloc case will also
be kept so static memory and no-malloc fix still works.
1. Change the guards for `#ifndef WOLFSSL_NO_MALLOC` in the function
`_fp_exptmod_nct()` to `#if defined(WOLFSSL_SMALL_STACK) &&
!defined(WOLFSSL_NO_MALLOC)`.
2024-09-17 10:55:11 -07:00
Sean Parkinson
aa41e09937
SP x86_64 asm: check for AVX2 support
...
Check for AVX2 as well as BMI2 and ADX.
Some virtual machines may not have AVX2 with the others.
2024-09-17 14:14:27 +10:00
Sean Parkinson
5ef617a75a
Merge pull request #7978 from douzzer/20240916-wc_DhAgree_ct-sp-math
...
20240916-wc_DhAgree_ct-sp-math
2024-09-17 09:38:07 +10:00
Daniel Pouzzner
04c781ad9b
wolfcrypt/src/dh.c: in wc_DhAgree_ct(), implement failsafe constant-time key size fixup, to work around sp-math constant-time key clamping.
...
also fix a -Wunused in src/ssl_load.c:DataToDerBuffer() teased out by configuration permutations.
2024-09-16 17:33:25 -05:00
András Fekete
9666394b73
Merge pull request #7977 from billphipps/have_rsa_fix
...
Update to remove HAVE_RSA references. Correct NO_MALLOC RSA test bug.
2024-09-16 16:26:26 -04:00
Bill Phipps
b4a491de12
Add missing guard to api.c
2024-09-16 14:03:31 -04:00
Bill Phipps
92f3a808b0
Update to remove HAVE_RSA references. Correct NO_MALLOC RSA test bug.
2024-09-16 13:29:38 -04:00
Sean Parkinson
e6b466dd71
Merge pull request #7923 from embhorn/rsa2048_min
...
Set RSA_MIN_SIZE default to 2048 bits
2024-09-16 21:38:19 +10:00
Daniel Pouzzner
52030f182b
Merge pull request #7972 from miyazakh/renesas_tsip_update_
...
Renesas TSIP version update
2024-09-14 00:41:19 -05:00
Daniel Pouzzner
990d38a068
Merge pull request #7974 from dgarske/noasn
...
Support for NO_ASN when wildcard *.c is used
2024-09-14 00:34:15 -05:00
Daniel Pouzzner
80f3b0d3d8
Merge pull request #7926 from philljj/x509_acert_support
...
x509 attribute cert support
2024-09-14 00:30:29 -05:00
Daniel Pouzzner
4545a9b4a2
Merge pull request #7960 from night1rider/mmcau-DesEcb
...
DES ECB using mmcau HW Library, and DES ECB basic test
2024-09-14 00:07:18 -05:00
David Garske
0d5659ff2d
Merge pull request #7975 from douzzer/20240913-fixes
...
20240913-fixes
2024-09-13 17:20:36 -07:00