Commit Graph

19352 Commits

Author SHA1 Message Date
Marco Oliverio 898fed9a8b tests: memio: allow NULL client and/or server ctx 2023-03-14 09:27:19 +00:00
Marco Oliverio 4227f763a8 ssl: send alert on bad psk 2023-03-14 09:27:19 +00:00
Marco Oliverio 7b53baea62 refactor: more centralized extra alerts
on handshake messages' errors:

- don't send alerts on WANT_READ, WANT_WRITE and WC_PENDING_E "errors"
- use return error code to decide which alert description
  to send
- use alert description handshake_failure in the general case
- if a fatal alert was already sent, do not send any new alerts. This allow
  a more specific alert description in case the exact description can't be
  derived from the return code
2023-03-14 09:27:18 +00:00
Marco Oliverio f666a7d4b7 internal.c: fix fall_through compilation issues
src/internal.c: In function 'SendCertificateVerify':
./wolfssl/wolfcrypt/types.h:345:40: error: attribute 'fallthrough' not preceding a case label or default label [-Werror]
  345 |                 #define FALL_THROUGH ; __attribute__ ((fallthrough))

In file included from ./wolfssl/internal.h:27,
                 from src/internal.c:92:
src/internal.c: In function 'SendCertificateVerify':
./wolfssl/wolfcrypt/types.h:345:40: error: attribute 'fallthrough' not preceding a case label or default label [-Werror]
  345 |                 #define FALL_THROUGH ; __attribute__ ((fallthrough))
2023-03-14 09:27:18 +00:00
JacobBarthelmeh 19a1ec8c98 Merge pull request #6192 from kaleb-himes/aes-free-dox
Document use of wc_AesFree()
2023-03-13 16:03:13 -06:00
kaleb-himes 9c1adbd83b Fix typo's in the code sample(s) 2023-03-13 14:56:46 -06:00
kaleb-himes 5bbdda6895 Document use of wc_AesFree() 2023-03-13 11:50:28 -06:00
JacobBarthelmeh e8828574ea Merge pull request #6190 from bandi13/ghActions
Let tests run to completion
2023-03-13 09:24:09 -06:00
JacobBarthelmeh 694b527e67 Merge pull request #5910 from julek-wolfssl/dtls13-stateless
DTLS 1.3 stateless server ClientHello parsing
2023-03-13 09:22:58 -06:00
Andras Fekete f3e785b4c7 Let tests run to completion 2023-03-13 09:48:37 -04:00
JacobBarthelmeh bcd6bce040 Merge pull request #6183 from ejohnstown/rng-tweak
RNG Tweak
2023-03-10 15:16:54 -07:00
András Fekete f2a955d5eb Merge pull request #6182 from julek-wolfssl/hostap-testing
Add initial testing for wpa_supplicant
2023-03-10 15:44:07 -05:00
John Safranek 907a29ab9e RNG Tweak
1. Remove a redundant test. The duplicate data test is not required and
   is checking for something that potentially can happen normally,
   albeit rarely.
2023-03-10 11:08:35 -08:00
Juliusz Sosinowicz a47cf08273 Add initial testing for wpa_supplicant 2023-03-10 17:12:56 +01:00
David Garske 90f1c26211 Merge pull request #6162 from gojimmypi/Espressif_fix_6148
compiler appeasement initialization
2023-03-09 20:08:24 -08:00
Juliusz Sosinowicz 4c7aa5c8dd Address code review 2023-03-09 19:00:25 +01:00
JacobBarthelmeh 2a15363033 Merge pull request #6176 from bandi13/addWolfCLUDocker
Add in wolfCLU Dockerfile
2023-03-09 10:39:56 -07:00
JacobBarthelmeh 4fe3cc60b0 Merge pull request #6177 from cconlon/asnTimeString
Fix GetAsnTimeString() to correctly increment internal data pointer
2023-03-09 09:36:59 -07:00
JacobBarthelmeh a640418832 Merge pull request #6170 from julek-wolfssl/openvpn-test
Add fsanitize testing for openvpn
2023-03-09 09:25:43 -07:00
gojimmypi 30106d82ea replace fp_init_copy to appease some compilers 2023-03-08 20:37:19 -08:00
Chris Conlon d03347d79c fix GetAsnTimeString() to correctly increment data_ptr, fixes PKCS#7 signedData signingTime attribute 2023-03-08 16:39:49 -07:00
Andras Fekete ebf7fa585a First attempt 2023-03-08 15:27:16 -05:00
Juliusz Sosinowicz e04a01dc4c Add fsanitize testing for openvpn 2023-03-08 11:23:41 +01:00
Sean Parkinson 6e58ca3bc4 Merge pull request #6171 from JacobBarthelmeh/Testing
build checks on mp_read_radix
2023-03-08 10:36:19 +10:00
Jacob Barthelmeh 07a1725635 remove redundent check on mp_read_radix available 2023-03-07 16:08:37 -07:00
Sean Parkinson 842b22858b Merge pull request #6168 from anhu/WOLFSSL_RELAXED_ASN_PARSING
Relaxed parsing of explicit ECC public key
2023-03-08 08:20:04 +10:00
Jacob Barthelmeh eb0bf7cd03 build checks on mp_read_radix 2023-03-07 13:55:10 -07:00
Anthony Hu f1757b1bae WOLFSSL_NO_ASN_STRICT 2023-03-07 07:24:25 -05:00
Juliusz Sosinowicz 335722c586 Async fixes 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz f5f67f43d7 Reset DTLS sequence number 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz a432502a98 Refactor sequence number reset for DTLS into one function 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz db1f199a11 Add comment about keyshare negotiation 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz cbedae2f55 This path in TLSX_KeyShare_Choose should not be taken normally 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 06749144d5 Add RFC link to help understand constraints 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz f2032e8744 Clear decrypted ticket that failed checks in DoClientTicket_ex 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz b0d7656ad2 Rebase fixes 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 885cca67fe Check for shared ctx in all configs 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 61c2059cd9 Differentiate between empty and missing extension 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 5f39c594aa TLS 1.3: hold decrypted ticket to check which ciphersuite matches
DTLS 1.3: Move stateless ticket decoding to FindPskSuiteFromExt
2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 8c08dbb6ce Adding checks for SigAlgs, KeyShare, and Supported Groups 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 2bbdf6979a Reuse ReadVector16 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz de6ed96feb CopyExtensions -> CopySupportedGroup 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 5f65752414 Refactor alerts into one location
Remove previous stateless code. Now all DTLS 1.3 stateless handling is done in dtls.c
2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 51a384eba5 Read cookie extension into separate field 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 5b0903a82d Missing casts 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz b5e7761e58 For DTLS 1.3 use PSK for ticket
Resumption info is also necessary when WOLFSSL_DTLS_NO_HVR_ON_RESUME is not defined.
2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 0264df1546 Definition was defined out in some configs 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 969c610ef7 Fix unused variable 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz 57dccc4cf4 Calculate cookie in SendStatelessReplyDtls13()
Not touching ssl->hsHashes while in stateless mode
2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz c15043b191 Refactor SendStatelessReply 1.3 branch into new function 2023-03-07 12:04:54 +01:00