Commit Graph

22777 Commits

Author SHA1 Message Date
JacobBarthelmeh 8946e3fb4b Merge pull request #7702 from rizlik/ocspv2
ocsp stapling improvements
2024-07-05 10:29:25 -06:00
Marco Oliverio 053170613a fixup! csrv2multi: pending ca list 2024-07-05 15:26:41 +00:00
JacobBarthelmeh 5ca9b2f8a4 Merge pull request #7712 from SparkiDev/kyber_ml_kem
KYBER/ML-KEM: make ML-KEM available
2024-07-05 09:15:08 -06:00
JacobBarthelmeh e6fbe25398 Merge pull request #7711 from SparkiDev/dilithium_kats
Dilithium: Add KATs and fix key generation
2024-07-04 19:40:08 -06:00
Sean Parkinson 1fd9f2af91 KYBER/ML-KEM: make ML-KEM available
Added ML-KEM instead of Kyber implementation with WOLFSSL_ML_KEM.
Tests added from NIST for ML-KEM operations.
2024-07-04 23:51:23 +10:00
Sean Parkinson 387f36657c Dilithium: Add KATs and fix key generation
Add KATs from NIST and fix key generation to produce output of KATs.
2024-07-04 22:22:11 +10:00
Marco Oliverio 3e58cfd864 fixup! ocsp: improvements 2024-07-04 10:21:20 +02:00
Marco Oliverio fe932b893c fixup! csrv2multi: pending ca list 2024-07-04 10:21:20 +02:00
JacobBarthelmeh 1c23d2222c Merge pull request #7693 from philljj/zd18204
Fixes ZD 18204: check hashsigalgo matches ssl suites.
2024-07-03 17:12:43 -06:00
jordan f7f3ba9c76 check hashsigalgo matches ssl suites on client side. 2024-07-03 11:59:18 -05:00
JacobBarthelmeh ba1eedb46b Merge pull request #7697 from SparkiDev/arm32_ldrd_strd_fix
ARM32 SHA-3 ASM: fix ldrd/strd for ARMv6
2024-07-02 17:18:06 -06:00
JacobBarthelmeh d7b0aa92cb Merge pull request #7694 from SparkiDev/sp_x64_asm_fix_3
SP Intel x64 ASM: fix get_from_table ASM
2024-07-02 17:13:49 -06:00
JacobBarthelmeh 6409b68b21 Merge pull request #7698 from dgarske/asan_compat_list
Fix ASAN warning with compatibility layer cipher list parsing
2024-07-02 17:12:38 -06:00
JacobBarthelmeh 4ff0af79c7 Merge pull request #7705 from aidangarske/SHA3-cryptocb
Sha3.c wc_Sha3Update and  wc_Sha3Final Hash Type Change
2024-07-02 17:11:01 -06:00
JacobBarthelmeh a490d4fdf7 Merge pull request #7628 from SparkiDev/alert_after_ch
TLS: wrong TLS version in alert after ClientHello
2024-07-02 17:10:24 -06:00
JacobBarthelmeh 5aca239714 Merge pull request #7692 from gasbytes/sni-csharp-wrapper-patch
Sni csharp wrapper patch
2024-07-02 16:49:31 -06:00
aidan garske 804f25d76b Sha3.c wc_Sha3Update and wc_Sha3Final changes so that hash type is determined in the processing functions. 2024-07-02 10:32:57 -07:00
Marco Oliverio 9222cb1304 ocsp: improvements 2024-07-02 09:51:34 +02:00
Marco Oliverio b5206e8504 csrv2multi: pending ca list 2024-07-02 09:51:34 +02:00
Juliusz Sosinowicz 7814e4c264 DoCertificateStatus: Clean up logic in WOLFSSL_CSR2_OCSP_MULTI 2024-07-02 01:29:44 +02:00
Juliusz Sosinowicz dabfad9f6c Fix ocsp stapling test 2 2024-07-02 01:29:44 +02:00
JacobBarthelmeh 32066373c2 Merge pull request #7695 from dgarske/compat_realloc
Fixes for building the compatibility layer with no realloc
2024-07-01 11:37:52 -06:00
JacobBarthelmeh bbf3bb4bf4 Merge pull request #7699 from SparkiDev/regression_fixes_13
Regression testing: fix compilation for unusual configs
2024-07-01 11:02:46 -06:00
Sean Parkinson 1e3f623ff3 Regression testing: fix compilation for unusual configs
Disable ECC but have OPENSSL_EXTRA and curve25519 - fix #ifdef
protection in ssl.c.

tests/api.c:
SSL_SESSION_get_max_fragment_length is not available when no session
cache.
ASN1 APIs using generalized time disabled when NO_ASN_TIME defined so
disable tests.
2024-07-01 21:52:56 +10:00
Sean Parkinson 45442db047 ARM32 SHA-3 ASM: fix ldrd/strd for ARMv6
LDRD/STRD not available with ARMv6 and the alternative is two ldr/str
operations. Pointer was 64-bits causing second ldr/str to be 8 bytes
passed first and not 4 bytes. Fixed in asm to add 4 rather than index.
2024-07-01 15:23:53 +10:00
jordan 7dfef18cf4 Refactor unneeded PickHashSigAlgo_ex function. 2024-06-28 18:32:13 -05:00
JacobBarthelmeh 98a5a4c201 Merge pull request #7660 from julek-wolfssl/zd/18188
wolfSSL_get_SSL_CTX: Make parameter const
2024-06-28 16:40:06 -06:00
David Garske 7faf0dccc7 Fix for ASAN warning with compatibility layer lists in ParseCipherList and CheckcipherList (ZD 18175). Add test case for ASAN to trigger NULL + 1 warning. Cleanup messy WOLFSSL_TIRTOS in api.c. 2024-06-28 15:26:40 -07:00
David Garske 2fd7a2e4ae Fix for test.c memcb_test and missing XREALLOC. 2024-06-28 15:25:01 -07:00
JacobBarthelmeh 80d4f71eb9 Merge pull request #7683 from SparkiDev/def_ticket_cb_inlen
SSL default ticket encryption callback: check in len on decrypt
2024-06-28 16:04:58 -06:00
JacobBarthelmeh 4913289ce5 Merge pull request #7696 from SparkiDev/dilithium_fix_2
Dilithium: fixes
2024-06-28 16:00:05 -06:00
Sean Parkinson 864a9d0598 Dilithium: fixes
TLS uses DER API now and needs to be protected with the right #ifdefs.
Do the right check of size in wc_Dilithium_PrivateKeyDecode().
Don't require public key when doing private DER.
2024-06-28 10:55:16 +10:00
David Garske 2a86ca43f8 Fixes for building the compatibility layer with WOLFSSL_NO_REALLOC. Tested using ./configure --enable-opensslextra CFLAGS="-DWOLFSSL_NO_REALLOC".
Improve benchmark FreeRTOS default tick rate logic. For example Xilinx FreeRTOS uses 10ms tick (not default 1ms), so include `configTICK_RATE_HZ` in calculation if available.
Fix test.c warning around too many parens with no realloc.
2024-06-27 16:02:28 -07:00
Sean Parkinson 4dc52484f6 SP Intel x64 ASM: fix get_from_table ASM
Use movdqu instead of vmovdqu so that function works on SSE2 only CPUs.
2024-06-28 07:42:56 +10:00
JacobBarthelmeh 85552d0fc8 Merge pull request #7662 from julek-wolfssl/enable-WOLFSSL_RSA_KEY_CHECK
Enable WOLFSSL_RSA_KEY_CHECK with OPENSSLALL
2024-06-27 09:49:00 -06:00
jordan 107cc82a06 Fixes ZD 18204: check hashsigalgo matches ssl suites. 2024-06-27 10:45:02 -05:00
JacobBarthelmeh c047e55b92 Merge pull request #7687 from douzzer/20240626-EvictSessionFromCache-ticketNonce-data-leak
20240626-EvictSessionFromCache-ticketNonce-data-leak
2024-06-27 09:41:42 -06:00
gasbytes 91cad98d67 1023 <- 1024, changed buffer to textmate 2024-06-27 17:35:43 +02:00
JacobBarthelmeh 5420c1a081 Merge pull request #7689 from douzzer/20240626-linuxkm-cp-no-clobber
20240626-linuxkm-cp-no-clobber
2024-06-27 09:32:24 -06:00
JacobBarthelmeh 7691bb6a2a Merge pull request #7690 from SparkiDev/regression_fixes_12
Regression testing: memory allocation failure
2024-06-27 09:32:00 -06:00
gasbytes 97adb4be6e fixed wolfSSL_SNI_GetFromBuffer 2024-06-27 17:03:05 +02:00
Juliusz Sosinowicz f66e5a52bd wolfSSL_get_SSL_CTX: Make parameter const 2024-06-27 15:48:46 +02:00
gasbytes 6dd43caae9 wolfSSL_SNI_GetRequest working, fixing up wolfSSL_SNI_GetFromBuffer 2024-06-27 15:05:02 +02:00
Sean Parkinson 4d56cc1790 Regression testing: memory allocation failure
Fixes from memory allocation failure testing.
Also:
fix asn.c to have ifdef protection around code compiled in with dual
algorithm certificates.
  fix test_tls13_rpk_handshake() to support no TLS 1.2 or no TLS 1.3.
fix wc_xmss_sigsleft() to initialize the index to avoid compilation
error.
2024-06-27 17:17:53 +10:00
Daniel Pouzzner ae0d40b119 linuxkm/Makefile: use old/deprecated cp --no-clobber rather than newfangled cp --update=none in libwolfssl.ko recipe, for compatibility with older cp (pre-coreutils-9.3 of 2023-04-18). note that coreutils-9.5 restores the behavior of --no-clobber pre-9.2, whereby skips of existing files are non-errors. 2024-06-26 17:58:29 -05:00
Daniel Pouzzner 4d43dbf83b src/ssl_sess.c: in EvictSessionFromCache(), free session->ticketNonce.data if it was dynamically allocated. fixes memory leak via wolfSSL_Cleanup(). 2024-06-26 14:15:42 -05:00
Daniel Pouzzner 474b8a0673 Merge pull request #7682 from SparkiDev/dilithium_fix_1
Dilithium: fix public and private key decode
2024-06-26 00:03:03 -04:00
Takashi Kojo 3d7583e743 Merge pull request #7684 from kojo1/pk-fix
Fix in pk.c
2024-06-26 11:33:38 +09:00
Takashi Kojo 72b6074b93 Fixes in pk.c 2024-06-26 08:47:41 +09:00
Sean Parkinson 6d0dc7f2e7 SSL default ticket encryption callback: check in len on decrypt
Make sure that the length of the data to decrypt is correct for the
default ticket encryption implementation.
2024-06-26 08:21:17 +10:00