Commit Graph

4084 Commits

Author SHA1 Message Date
David Garske 02bd0753b1 Merge pull request #10006 from julek-wolfssl/zd/21329
DTLS 1.3 write dup support
2026-03-23 09:55:24 -07:00
David Garske 6bd1785925 Merge pull request #10004 from julek-wolfssl/zd/21318
Add custom BIO callback dispatching
2026-03-23 09:54:30 -07:00
Juliusz Sosinowicz 9dbd35dc7c DTLS 1.3 write dup support
- Copy TLS 1.3 traffic secrets and DTLS 1.3 epoch/cipher state to the
  write-dup side in DupSSL so key updates can be performed.
- Delegate KeyUpdate responses from the read side to the write side via
  the shared WriteDup struct, for both peer-initiated and local key
  updates.
- Delegate DTLS 1.3 ACK sending from the read side to the write side.
- Track DTLS 1.3 KeyUpdate ACKs: write side records the in-flight
  KeyUpdate epoch/seq, read side sets keyUpdateAcked when the matching
  ACK arrives.
- Delegate post-handshake certificate authentication (CertificateRequest
  processing) from the read side to the write side, transferring
  transcript hashes, cert context, and signature parameters.
- Reset prevSent/plainSz to prevent stale values from SendData to think
  that data was already sent.
- Refactor FreeHandshakeHashes into Free_HS_Hashes for reuse.
- Move DTLS 1.3 epoch initialization earlier in InitSSL so the
  write-dup early-return path has valid epoch state.
- Add tests for write dup with all protocol versions, key update,
  post-handshake auth, and WANT_WRITE recovery.
- Add --enable-all --enable-writedup to CI os-check matrix.
2026-03-23 12:21:40 +01:00
Daniel Pouzzner 678660e26d src/keys.c and src/tls13.c: add WC_NO_ERR_TRACE() annotations for various initializations.
wolfssl/ssl.h, examples/client/client.c, examples/server/server.c, src/bio.c, tests/api.c: add error tracing for WOLFSSL_SHUTDOWN_NOT_DONE.

tests/api.c: in test_wolfSSL_read_write_ex(), use WOLFSSL_SUCCESS rather than 1 for expected-success wolfSSL_shutdown()s, and add note that the wrong value is being returned (the test currently always fails, which is masked by an always-success retval).
2026-03-22 13:17:47 -05:00
David Garske 0f41e99c34 Merge pull request #10024 from embhorn/zd21390
Fix DecodeAltNames length check
2026-03-20 12:13:02 -07:00
David Garske 9877bec7b7 Merge pull request #9997 from JacobBarthelmeh/qt
add back WOLFSSL_QT macro guard for get cipher name behavior
2026-03-20 09:46:40 -07:00
David Garske d49df869d9 Merge pull request #9935 from padelsbach/padelsbach/san-ip-addr-test
Add IP SAN matching
2026-03-20 08:15:00 -07:00
David Garske 82b6b9cb22 Merge pull request #10018 from embhorn/zd21389
Fix GetSafeContent to check length
2026-03-20 08:08:16 -07:00
David Garske 2c030ddb0d Merge pull request #10017 from embhorn/zd21388
Fix ssl_DecodePacketInternal chain processing
2026-03-20 08:07:54 -07:00
Juliusz Sosinowicz 84da6d22c8 Address code review 2026-03-20 15:42:50 +01:00
Eric Blankenhorn 8ffb096fc5 Fix from review 2026-03-20 09:06:22 -05:00
Eric Blankenhorn 6446bb2115 Fix DecodeAltNames length check 2026-03-20 08:16:47 -05:00
JacobBarthelmeh 5b9d0a13bf Merge pull request #9992 from dgarske/macro_docs
Add inline documentation for missing macros and fix spelling errors
2026-03-19 17:08:33 -06:00
Paul Adelsbach 041bb185c6 Add IP SAN matching 2026-03-19 15:10:21 -07:00
Eric Blankenhorn b4d2cd6d9c Fix feedback from review 2026-03-19 15:22:39 -05:00
Eric Blankenhorn e0a19a798e Fix GetSafeContent to check length 2026-03-19 15:09:02 -05:00
Eric Blankenhorn a66e29473e Fix ssl_DecodePacketInternal chain processing 2026-03-19 14:56:24 -05:00
David Garske 255f14bab9 Merge pull request #9732 from Frauschi/pqc_first
Enable and use ML-KEM by default
2026-03-19 12:38:36 -07:00
David Garske 533e9b0859 Merge pull request #9995 from julek-wolfssl/zd/21341
Handle OCSP_WANT_READ returned from DoTls13HandShakeMsgType
2026-03-19 12:27:38 -07:00
Juliusz Sosinowicz 056ed9e52e Add custom BIO callback dispatching
- Route BIO_ctrl_pending, BIO_reset, and BIO_get_mem_data through the custom method's ctrlCb when set, enabling fully custom BIO types to handle these operations.
- Add test_wolfSSL_BIO_custom_method that exercises a custom BIO with all callbacks (create, destroy, read, write, puts, gets, ctrl) and verifies each callback is invoked via bitfield tracking.
2026-03-18 18:29:27 +01:00
Tobias Frauenschläger c3289f8aa9 Enable and use ML-KEM by default
* Enable ML-KEM by default in build systems (autoconf and CMake)
* Only allow three to-be-standardized hybrid PQ/T combinations by
  default
* Use X25519MLKEM768 as the default KeyShare in the ClientHello (if user
  does not override that). When Curve25519 is disabled, then either
  WOLFSSL_SECP384R1MLKEM1024 or WOLFSSL_SECP256R1MLKEM768 is used as
  default depending on the ECC configuration
* Disable standalone ML-KEM in supported groups by default (enable with
  --enable-tls-mlkem-standalone)
* Disable extra OQS-based hybrid PQ/T curves by default and gate
  behind --enable-experimental (enable with --enable-extra-pqc-hybrids)
* Reorder the SupportedGroups extension to reflect the preferences
* Reorder the preferredGroup array to also reflect the same preferences
* Add async support for ML-KEM hybrids
2026-03-18 10:48:16 +01:00
JacobBarthelmeh c952b694f7 add back WOLFSSL_QT macro guard for order of cipher suites 2026-03-17 17:46:13 -06:00
JacobBarthelmeh 6f386fd6b2 Merge pull request #9981 from julek-wolfssl/fenrir/260316
Fenrir fixes
2026-03-17 08:36:11 -06:00
Juliusz Sosinowicz 0644369456 Handle OCSP_WANT_READ returned from DoTls13HandShakeMsgType
ZD21341
2026-03-17 14:59:04 +01:00
Tobias Frauenschläger 10b98733f2 Add tests for individual ML-KEM levels (based on #9777)
Also fix minor problems found with these tests
2026-03-17 12:43:15 +01:00
Tobias Frauenschläger 76b1300adb ML-KEM fixes
* DTLS 1.3 cookie and CH frag handling
* static memory handling
* Fix memory leak in TLS server PQC handling in case of ECH
* Make sure hybrids are actually tested in testsuite
2026-03-17 12:43:15 +01:00
David Garske 4c75a866d9 Add inline documentation for missing macros and fix spelling errors 2026-03-16 17:09:13 -07:00
Juliusz Sosinowicz f56356a9b4 test_lms_write_key: check fwrite return 2026-03-16 15:15:11 -07:00
David Garske 96661a5dab Merge pull request #9977 from JacobBarthelmeh/multi-test
Minor fixes for nightly multi-test tool
2026-03-16 14:31:39 -07:00
JacobBarthelmeh 57f416fc43 Merge pull request #9961 from sebastian-carpenter/tls-ech-coverity
minor coverity fixes for tls ech code
2026-03-16 15:27:27 -06:00
David Garske 87906a38ab Merge pull request #9974 from JacobBarthelmeh/oss-fuzz
fix to free CRL reason extension
2026-03-16 13:46:34 -06:00
JacobBarthelmeh 93fc517dd1 add NO_RSA macro guard to test case 2026-03-16 08:58:15 -06:00
JacobBarthelmeh 9b96f49505 check return value of fwrite in test case 2026-03-16 00:07:09 -06:00
JacobBarthelmeh bbf3beef35 fix to free CRL reason extension 2026-03-13 16:17:52 -06:00
Chris Conlon 428030a3e8 Fix wolfSSL_get_ciphers_compat to return NULL when no ciphers available 2026-03-13 15:07:25 -06:00
sebastian-carpenter 47a24d7b90 minor coverity fixes for tls ech 2026-03-13 11:04:44 -06:00
JacobBarthelmeh 156db7dd2d Merge pull request #9831 from julek-wolfssl/pytho-3.13.4
Fixes to run python with --enable-all
2026-03-13 10:50:23 -06:00
Sean Parkinson bac0563669 Merge pull request #9919 from anhu/lms-leaf-idx
Fix buffer-overflow in LMS leaf cache indexing
2026-03-13 10:02:50 +10:00
JacobBarthelmeh 424af6eb5b Merge pull request #9956 from rlm2002/coverity
20260311 Coverity changes
2026-03-12 16:53:39 -06:00
JacobBarthelmeh 351d2594ac Merge pull request #9938 from SparkiDev/regression_fixes_23
Fixes from regression testing
2026-03-12 14:41:18 -06:00
JacobBarthelmeh a05a3ed1c2 Merge pull request #9940 from cconlon/pathLenSet
Fix pathlen not copied in ASN1_OBJECT_dup and not marked set in X509_add_ext
2026-03-12 10:34:58 -06:00
Ruby Martin 6ebd967345 bounds check on ext_dump 2026-03-12 09:53:35 -06:00
JacobBarthelmeh a8dfa59bbe Merge pull request #9761 from julek-wolfssl/ocsp-responder
Implement OCSP responder
2026-03-11 17:27:33 -06:00
Sean Parkinson bbd2f6f898 Fixes from regression testing
CRL APIs not usable when NO_ASN_TIME defined.
WOLFSSL_TLS13 needs to be defined with HAVE_ECH.
When session ticket encrypted with CBC, must be a multiple of block
size.
Fix test define protection.
Fix ML-DSA protection of reduction functions.
Need !NO_RSA with WC_RSA_PSS.
Connection ID is not a DTLS 1.3 only extension.
2026-03-12 08:19:39 +10:00
Anthony Hu 00d0b09401 Fix buffer-overflow in LMS leaf cache indexing
wc_lms_treehash_init() writes leaf node hashes into the leaf cache
using an absolute index (i * hash_len), but the cache is only
max_cb entries starting from leaf->idx. When leaf->idx > 0 (which
occurs when wc_LmsKey_Reload is called after signing more than
max_cb times), the write goes past the end of the cache buffer.

Fix by using the relative offset (i - leaf->idx) * hash_len instead.

Added unit tests (test_lms.c):
  - test_wc_LmsKey_sign_verify: basic sign/verify sanity check
  - test_wc_LmsKey_reload_cache: (TDD) reproduces the overflow by
    signing 33 times then reloading the key
2026-03-11 16:58:48 -04:00
sebastian-carpenter bb7c6a13c8 ECH tidying 2026-03-11 12:07:20 -06:00
sebastian-carpenter 8a7d327d24 ECH fixes F-293, F-201, F-358, F-203 2026-03-11 10:06:37 -06:00
Chris Conlon 354691d24a Copy pathlen in ASN1_OBJECT_dup() and set pathLengthSet in X509_add_ext() when adding basic constraints with a path length 2026-03-11 09:59:19 -06:00
sebastian-carpenter e17ac41070 TLS ECH fixes [SNI, api.c, server.c, comments] 2026-03-11 09:52:13 -06:00
sebastian-carpenter 58625d1f03 corrections for ECH specification 2026-03-11 09:52:11 -06:00