In DTLS v1.3 the normal (plaintext) record header can be used only with
unprotected message (epoch == 0). Protected messages use the unified header.
Check this invariant using `IsAtLeastTLSv1_3` instead of `ssl->options.tls1_3`
because the latter is false before version negotiation.
In DTLSv1.2 the DTLS normal header is used for all the epoch, this check doesn't
interfere because:
1. the first CH's epoch must be zero in all DTLS versions
2. In case of downgrade after version negotiation `IsAtLeastTLSv1_3` is false
The `kse->pubKeyLen` parameter is used as an input parameter to `DhGenKeyPair`
to provide the size of the `pubKey` buffer (the same size as the prime p). After
that, `kse->pubKeyLen` is used to check that the public key generated is of the
same length as the prime p. If this is not the case, the public key is
padded. If the key generation is asynchronous, then `TLSX_KeyShare_GenDhKey` may
be invoked twice. The second time, the `kse->pubKeyLen` value, updated
asynchronously by the async code, is overwritten with the prime size at the
beginning of the function. When this happens, a wrong public key value is used,
and the shared secret computed is incorrect.
Similar reasoning can be applied to `kse->keyLen`
* set dev ID with signature check
* refactor devId use and add API to set devId in WOLFSSL_CERT_MANAGER structure
* add api.c call to set devid with WOLFSSL_CERT_MANAGER
* resolving devID CRL issue and CM pointer
* add device find callback
* add simple test case
TLS 1.3 Server: don't cache the messages for Ed25519/Ed448 when doing
TLS 1.3.
ASN DecodeCertInternal: Call GetCertName for issuer and subject after
freeing the dataASN.
* Add TLSv1.3 stateful support
Fix internal and external session cache
* session cache fixes
* Refactor
- implement wolfSSL_CTX_flush_sessions
- use wolfSSL_CTX_flush_sessions to make test_wolfSSL_CTX_add_session_ext deterministic
- add dtls to test_wolfSSL_CTX_add_session_ext
- DoClientTicket_ex does not modify ssl object
- only call session remove callback on:
- timeout
- session is being overwritten/removed from the cache
* Session fixes
- restore bogus ID on session duplicate
- don't evict on overwrite
- use memmove instead on memcpy as `ssl->session == session` is possible
- ignore ClientSession parameter in AddSessionToCache on NO_SESSION_CACHE_REF
- use sessionID when altSessionID not present
* Session fixes
- DoClientTicketFinalize: always copy in the ID as teh altSessionID
- don't overwrite ex_data when overwriting cacheSession and cacheSession owns it
* Callback wants to retain a copy
* wolfSSL_GetSessionClient: ssl->ctx->get_sess_cb does not apply here
* test_wolfSSL_CTX_add_session_ext
gate expected results on WOLFSSL_DTLS_NO_HVR_ON_RESUME
* TlsSessionIdIsValid: copy return can't be ignored
* Silence unused parameter
* test_wolfSSL_CTX_add_session_ext: handle async case
* Gate wolfSSL_SSL_CTX_remove_session on NO_SESSION_CACHE
* ssl.c: style fixes
* Add twcase_get_sessionCb_cleanup to free external cache
* Remove hard tab
* Correct build error in wolfSSL_CTX_flush_sessions
* Jenkins fixes:
- altSessionID only available with WOLFSSL_TICKET_HAVE_ID
- slim out psk_sess_free_cb_ctx
* Stateful dtls case has 2 accesses. Stateless just one.
* Add version numbering to hostap logs
* Import internal.h for test_wolfSSL_SESSION_get_ex_new_index
* wolfSSL_SetSession: don't check SslSessionCacheOff for session setting
* wolfSSL_SetSession: fully set expired session for OpenSSL compatibility
* wolfSSL_SetSession: check if setting same object
* AddSession: always populate the session object to allow re-use
* Add logging to wolfSSL_NewSession and wolfSSL_FreeSession
* Always setup session object
* Check if session has been setup before setting it
* Print errors in async test
* Make SetupSession available outside NO_SESSION_CACHE
* Review comments
* Fix ticBuf leak and TlsSessionIdIsValid logic
* Fix unmatched curly brackets
* TlsSessionIdIsValid: always need to check copy var
* TlsResumptionIsValid: set resume to FALSE default
* wolfSSL_SetSession: remove now variable since only used in one place
* Move internalCacheLookupOff into HAVE_EXT_CACHE block
---------
Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
Ed25519CheckPubKey/Ed448CheckPubKey: get the public key from certificate
in a new function, wc_CertGetPubKey, that uses less memory.
Set the ENCRYPT_BASE_BITS to minimal values when Curve448/Curve25519 are
the largest public key algorithms.
