wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 01:19:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,888 Commits 12 Branches 184 Tags
8a9c893c6f82db596a0fb8af668cddfa1da0e69f
Commit Graph

2934 Commits

Author SHA1 Message Date
Daniel Pouzzner
0a928ead3f address peer review around WOLFSSL_HAVE_BIO_ADDR: 
refactor housekeeping for bio->bytes_read and bio->bytes_write, and add WOLFSSL_BIO_HAVE_FLOW_STATS gate;

add WOLFSSL_BIO_FLAG_RETRY housekeeping for WOLFSSL_BIO_SOCKET and WOLFSSL_BIO_DGRAM;

refactor WOLFSSL_BIO.peer_addr to be inline rather than a pointer;

add wolfSSL_set_mtu_compat() and wolfSSL_CTX_load_verify_locations_compat() implementations;

enable WOLFSSL_HAVE_BIO_ADDR and WOLFSSL_DTLS_MTU when OPENSSL_ALL.
 2024-07-16 19:12:18 -05:00
Daniel Pouzzner
29ec038aa6 checkpoint: add WOLFSSL_BIO_ADDR, wolfSSL_BIO_ADDR_new(), wolfSSL_BIO_ADDR_free(), wolfSSL_BIO_ADDR_clear(), wolfIO_SendTo(), wolfIO_RecvFrom(); fix name of wolfSSL_BIO_s_datagram(). 2024-07-16 19:12:18 -05:00
Daniel Pouzzner
41efa0492c add ASN_ prefixes to ISSUER, SUBJECT, BEFORE, and AFTER enum constants defined in wolfssl/wolfcrypt/asn.h. 2024-07-16 19:12:18 -05:00
JacobBarthelmeh
baec0ced59 Merge pull request #7731 from ColtonWilley/zephyr_tls_support 
Changes needed for default TLS support in zephyr kernel
 2024-07-11 16:46:43 -06:00
JacobBarthelmeh
6703a58c51 fix for staticmemory and singlethreaded build 2024-07-10 09:44:10 -06:00
Colton Willey
4ec07bb5a8 Changes needed for default TLS support in zephyr kernel 2024-07-09 12:00:34 -07:00
Daniel Pouzzner
780fd98f40 src/internal.c: in ProcessPeerCerts(), smallstack refactor of a span gated on HAVE_CERTIFICATE_STATUS_REQUEST_V2, to get DecodedCert off the stack. 2024-07-06 10:04:06 -05:00
JacobBarthelmeh
8946e3fb4b Merge pull request #7702 from rizlik/ocspv2 
ocsp stapling improvements
 2024-07-05 10:29:25 -06:00
Marco Oliverio
3e58cfd864 fixup! ocsp: improvements 2024-07-04 10:21:20 +02:00
Marco Oliverio
fe932b893c fixup! csrv2multi: pending ca list 2024-07-04 10:21:20 +02:00
JacobBarthelmeh
1c23d2222c Merge pull request #7693 from philljj/zd18204 
Fixes ZD 18204: check hashsigalgo matches ssl suites.
 2024-07-03 17:12:43 -06:00
jordan
f7f3ba9c76 check hashsigalgo matches ssl suites on client side. 2024-07-03 11:59:18 -05:00
JacobBarthelmeh
6409b68b21 Merge pull request #7698 from dgarske/asan_compat_list 
Fix ASAN warning with compatibility layer cipher list parsing
 2024-07-02 17:12:38 -06:00
JacobBarthelmeh
a490d4fdf7 Merge pull request #7628 from SparkiDev/alert_after_ch 
TLS: wrong TLS version in alert after ClientHello
 2024-07-02 17:10:24 -06:00
Marco Oliverio
9222cb1304 ocsp: improvements 2024-07-02 09:51:34 +02:00
Marco Oliverio
b5206e8504 csrv2multi: pending ca list 2024-07-02 09:51:34 +02:00
Juliusz Sosinowicz
7814e4c264 DoCertificateStatus: Clean up logic in WOLFSSL_CSR2_OCSP_MULTI 2024-07-02 01:29:44 +02:00
jordan
7dfef18cf4 Refactor unneeded PickHashSigAlgo_ex function. 2024-06-28 18:32:13 -05:00
David Garske
7faf0dccc7 Fix for ASAN warning with compatibility layer lists in ParseCipherList and CheckcipherList (ZD 18175). Add test case for ASAN to trigger NULL + 1 warning. Cleanup messy WOLFSSL_TIRTOS in api.c. 2024-06-28 15:26:40 -07:00
JacobBarthelmeh
80d4f71eb9 Merge pull request #7683 from SparkiDev/def_ticket_cb_inlen 
SSL default ticket encryption callback: check in len on decrypt
 2024-06-28 16:04:58 -06:00
Sean Parkinson
864a9d0598 Dilithium: fixes 
TLS uses DER API now and needs to be protected with the right #ifdefs.
Do the right check of size in wc_Dilithium_PrivateKeyDecode().
Don't require public key when doing private DER.
 2024-06-28 10:55:16 +10:00
jordan
107cc82a06 Fixes ZD 18204: check hashsigalgo matches ssl suites. 2024-06-27 10:45:02 -05:00
Sean Parkinson
4d56cc1790 Regression testing: memory allocation failure 
Fixes from memory allocation failure testing.
Also:
fix asn.c to have ifdef protection around code compiled in with dual
algorithm certificates.
  fix test_tls13_rpk_handshake() to support no TLS 1.2 or no TLS 1.3.
fix wc_xmss_sigsleft() to initialize the index to avoid compilation
error.
 2024-06-27 17:17:53 +10:00
Sean Parkinson
6d0dc7f2e7 SSL default ticket encryption callback: check in len on decrypt 
Make sure that the length of the data to decrypt is correct for the
default ticket encryption implementation.
 2024-06-26 08:21:17 +10:00
JacobBarthelmeh
38335f4947 Merge pull request #7678 from bandi13/fixReturnType 
ret will be set to 1 (WOLFSSL_SUCCESS), the rest checks for 'ret == 0'
 2024-06-25 10:53:03 -06:00
Andras Fekete
773451a5dc ret will be set to 1 (WOLFSSL_SUCCESS), the rest checks for 'ret == 0' 
Need to use another type of return code
 2024-06-24 12:11:57 -04:00
Tobias Frauenschläger
7cd610bc45 Fixes for WolfSSL ML-DSA implementation 
* Update OIDs etc. to match OQS ML-DSA values (old ones were Dilithium
  Round 3 values)
* Make sure private key files/buffers containing both the private and
  the public key are parsed correctly

Signed-off-by: Tobias Frauenschläger
<tobias.frauenschlaeger@oth-regensburg.de>
 2024-06-24 15:00:44 +02:00
JacobBarthelmeh
7405ea8162 Merge pull request #7671 from miyazakh/dtls_ocsp 
Fix ocsp response message build for DTLS
 2024-06-21 14:43:29 -06:00
kaleb-himes
610af43d03 XCODE support for v5.2.3 of the FIPS module 2024-06-21 10:36:57 -06:00
Hideki Miyazaki
30eb558d58 fix ocsp response when using DTLS 2024-06-21 09:57:59 +09:00
Sean Parkinson
3e3a00dafd Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 
Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
 2024-06-19 21:27:01 +10:00
Daniel Pouzzner
d2f4cc9e28 Merge pull request #7616 from embhorn/zd17762 
Static analysis fixes
 2024-06-12 17:07:02 -04:00
Daniel Pouzzner
1b907d05ed WOLFSSL_DEBUG_TRACE_ERROR_CODES: restore several initializations, one because needed (in wolfSSL_UseSecureRenegotiation()), the rest in an abundance of caution, and rearrange wolfSSL_CryptHwMutexInit() and wolfSSL_CryptHwMutexUnLock() in a similar abundance of caution. 2024-06-10 13:44:03 -05:00
Daniel Pouzzner
b3e8f0ad24 add --enable-debug-trace-errcodes, WOLFSSL_DEBUG_TRACE_ERROR_CODES, WC_ERR_TRACE(), WC_NO_ERR_TRACE(), support/gen-debug-trace-error-codes.sh. also add numerous deployments of WC_NO_ERR_TRACE() to inhibit frivolous/misleading errcode traces when -DWOLFSSL_DEBUG_TRACE_ERROR_CODES. 2024-06-08 16:39:53 -05:00
Sean Parkinson
d7d8d14e95 TLS: wrong TLS version in alert after ClientHello 
Ignore protocol version being less than expected when received directly
after ClientHello.
Protocol version negotiation hasn't taken place and a lower version can
be sent to cover minimum supported protocol version.
 2024-06-07 10:42:12 +10:00
Eric Blankenhorn
55837fa254 Static analysis fixes 2024-06-04 12:37:46 -05:00
Juliusz Sosinowicz
ede8cde8a7 dtls: Increment sequence number in SendAlert 2024-06-04 17:13:04 +02:00
David Garske
1f684e62d6 Merge pull request #7604 from ColtonWilley/explicit_len_pattern_match 
Rewrite pattern matching to use explicit length
 2024-06-03 12:04:12 -07:00
Colton Willey
0c0069331b Use same types for i and chklen, bring all lines under 80 chars 2024-06-03 09:25:41 -07:00
JacobBarthelmeh
40562a0cb3 Merge pull request #7599 from dgarske/asn_checkcertsig 
Expose `wc_CheckCertSigPubKey` with `WOLFSSL_SMALL_CERT_VERIFY`
 2024-05-31 09:20:35 -06:00
David Garske
0789ecb808 Fix the CheckCertSignature API mess. 2024-05-31 06:58:35 -07:00
Colton Willey
447f73c25e Merge branch 'master' of github.com:ColtonWilley/wolfssl into explicit_len_pattern_match 2024-05-30 20:12:16 -07:00
Colton Willey
f646cbcecb Address review comments, fix handling of . in name matching and add more tests for . handling 2024-05-30 18:03:38 -07:00
Colton Willey
af3828b2b7 Rewrite pattern matching to always use explicit lengths instead of expecting NULL terminated strings, thus replicating the behavior of openssl X509_check_host() 2024-05-30 15:33:17 -07:00
JacobBarthelmeh
ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
JacobBarthelmeh
288fe430f5 tying in lean staticmemory build with --enable-staticmemory=small 2024-05-29 15:50:11 -06:00
gasbytes
063e48014a fix tabs and spaces 2024-05-24 17:52:54 +02:00
gasbytes
3f96d14b32 80 characters limit fix 2024-05-24 00:12:38 +02:00
gasbytes
12a5cb45fb separating two x509_store xmalloc checks 2024-05-23 23:04:00 +02:00
David Garske
425dd1986b Merge pull request #7568 from lealem47/fips_pkcallback 
Fix building FIPS v5 with PK callbacks
 2024-05-22 08:45:58 -07:00