wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 18:59:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,851 Commits 12 Branches 184 Tags
91d1bbbd44f146c1e2203a1a5cd2458b697f38ee
Commit Graph

17851 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
91d1bbbd44 Merge pull request #5477 from douzzer/20220817-make-quic-optional 
20220817-make-quic-optional
 2022-08-17 14:34:12 -07:00
Daniel Pouzzner
5b260ac52e configure.ac: remove enable-quic from enable-all feature set; 
remove ENABLED_QUIC="yes" from "$ENABLED_CURL" = "yes" setup section;
add ENABLED_CURVE25519=yes if $ENABLED_QUIC = yes;

tests/unit.c: move QuicTest() and SrpTest() before SuiteTest().
 2022-08-17 14:25:38 -05:00
Daniel Pouzzner
be378a346e Merge pull request #5475 from dgarske/rsa_pss_async 
Fixes for RSA PSS with `--enable-asynccrypt` in `ConfirmSignature`
 2022-08-17 12:04:05 -05:00
David Garske
b9c9ad0339 Fixes for RSA PSS with --enable-asynccrypt in ConfirmSignature. 2022-08-17 08:20:06 -07:00
David Garske
3f7d56d957 Merge pull request #5471 from icing/quic-mem-leak 
Fix memory leak in QUIC transport parameters extension
 2022-08-16 13:22:20 -07:00
John Safranek
be2a6cbeb9 Merge pull request #5420 from Uriah-wolfSSL/ms_abi 
Ms abi
 2022-08-16 09:21:14 -07:00
Stefan Eissing
3434210b13 Fix memory leak in QUIC transport parameters extension 2022-08-16 18:13:25 +02:00
David Garske
55eb460d1a Merge pull request #5403 from SparkiDev/ecc_import_priv_order 
ECC import priv: validate priv is less than order
 2022-08-15 21:36:46 -07:00
David Garske
a954cf82e3 Merge pull request #5469 from anhu/init_CertName 
Initialize the Enc memberss of CertName struct.
 2022-08-15 20:42:26 -07:00
Sean Parkinson
8aa2bde3c2 Merge pull request #5470 from kaleb-himes/openssl3_0_testing 
Allow for renegotiation testing with openssl 3.0 installed on jenkins…
 2022-08-16 11:02:22 +10:00
kaleb-himes
1dd318741d Allow for renegotiation testing with openssl 3.0 installed on jenkins slaves (also tested with openssl 1.1) 2022-08-15 16:33:06 -06:00
Anthony Hu
52ed047a44 Fix a mismatched decl and impl 2022-08-15 12:13:05 -04:00
Sean Parkinson
23a01b3276 SP: CT from_mp when sp_digit bits equal mp_digit bits. 
Made constant time copy of values from an mp_int int array of sp_digit.
Stops OOB writes when mp_int is bigger than it should be.
 2022-08-15 09:02:24 -07:00
Anthony Hu
5e7cff71fd Initialize the Enc memberss of CertName struct. 
Tested by reproducing the problem in an example and confirming fix makes problem
go away.
 2022-08-15 11:43:33 -04:00
David Garske
e56a2355ca Merge pull request #5464 from julek-wolfssl/zd14644 
Translate the verify callback error to an X509_V_ERR_* value when OPENSSL_COMPATIBLE_DEFAULTS is defined
 2022-08-15 06:30:36 -07:00
Uriah Pollock
7e00b32c71 Corrected line spacing incorrect arg passings. 2022-08-14 20:16:42 -05:00
David Garske
28f22859bb Merge pull request #5451 from embhorn/zd14428 
Fix TSIP ret value in TLSX_KeyShare_ProcessEcc
 2022-08-14 11:27:20 -07:00
David Garske
dfb3616d50 Merge pull request #5465 from douzzer/20220812-fixes 
20220812-fixes
 2022-08-14 08:03:40 -07:00
Derzsi Dániel
f515916f68 Add liboqs integration to CMake build system (#5407) 
* Add liboqs integration to CMake build system

* Rephrase WOLFSSL_OQS option

* Add new FindOQS.cmake file to cmake/include.am

Co-authored-by: Disyer <denialmc1@gmail.com>
 2022-08-12 16:23:24 -04:00
Daniel Pouzzner
e382905311 CMakeLists.txt: synchronize CMAKE_C_FLAGS with diagnostic flags set in autotools-generated Makefile (-Wall -Wextra -Wno-unused -Werror), and fix WOLFSSL_RSA_PSS to add -DWOLFSSL_PSS_LONG_SALT as needed by changes to test_wolfSSL_CertRsaPss() in fb531dacc2 (gating of those changes is also added in this commit). 2022-08-12 15:18:41 -05:00
Daniel Pouzzner
b4f1b6d04d fix whitespace and C++-style comments. 2022-08-12 15:18:27 -05:00
David Garske
60437bba6e Merge pull request #5378 from anhu/dilithium 
Initial commit to add Dilithium NIST PQC winner.
 2022-08-12 09:29:42 -07:00
Anthony Hu
0d78bd2127 Merge pull request #5459 from dgarske/docs 
Improve documentation for CMAC
 2022-08-12 10:37:07 -04:00
Juliusz Sosinowicz
551acd2b19 Translate verify callback error with compat layer 2022-08-12 16:27:31 +02:00
Juliusz Sosinowicz
126a570a37 Add HAVE_WOLFSSL_MSG_EX define when WOLFSSL_MSG_EX is available 2022-08-12 16:27:31 +02:00
David Garske
90c65bd50b Merge pull request #5458 from icing/quic-earlydata 
QUIC fixes for handling of early data
 2022-08-11 17:52:29 -07:00
Chris Conlon
c66a21c40a Add Zephyr support for nRF5340 with CryptoCell-312, PSA Crypto fixes (#5418) 
* PSA: set AES key bits, define PSA_ALG_NONE/PSA_KEY_ID_NULL if needed
* Zephyr: add TimeNowInMilliseconds() for tls13.c, clock_settime() for test.c, update CMakeLists.txt
* Skip including unistd.h for Zephyr in benchmark.c
* Zephyr: update README, add nRF5340dk support to wolfssl_test sample app
* Zephyr: add wolfCrypt benchmark sample app
* Zephyr: add nRF5340 support to tls_thread sample app
* PSA: use specific hash algo with psa_sign/verify_hash()
* Zephyr: add support for PSA Crypto API with PK callbacks to wolfssl_tls_threaded sample app
* Zephyr: add new files to zephyr/include.am
 2022-08-11 17:42:05 -07:00
David Garske
3f4b3605a6 Merge pull request #5460 from douzzer/20220811-quic-fixes-and-OLD-TLS-gating 
20220811-quic-fixes-and-OLD-TLS-gating
 2022-08-11 17:36:06 -07:00
Sean Parkinson
d4646696ed Merge pull request #5448 from julek-wolfssl/ext-msg-check 
Validate that extensions appear in correct messages
 2022-08-12 08:39:42 +10:00
Sean Parkinson
2b38ba0300 Merge pull request #5455 from dgarske/zd14420 
Fix for handling `WC_PENDING_E` from decrypt session ticket callback
 2022-08-12 08:20:57 +10:00
Daniel Pouzzner
017c4e7a41 fix gating and unused-variable warnings in src/quic.c wolfSSL_quic_aead_is_{gcm,ccm,chacha20}(); 
fix TLS version gating in tests/quic.c;

fix gating in src/ssl.c for wolfSSLv2_client_method() and wolfSSLv2_server_method();

reorganize prototypes in wolfssl/ssl.h for wolf*_method*() to group systematically by protocol version and gate correctly on support for that version in the build.
 2022-08-11 14:58:59 -05:00
David Garske
5445b183ed Adding CMAC documentation. Fixes ZD14601. 2022-08-11 12:00:19 -07:00
Stefan Eissing
b3de591c6f Rename of buffer to tmpbuffer to avoid collision with customer setup test. 2022-08-11 20:06:46 +02:00
David Garske
499b9c4f35 Merge pull request #5456 from SparkiDev/ssl_set1_curve_fix 
wolfSSL_CTX_set1_curves_list: X25519 and X448 defines
 2022-08-11 09:19:25 -07:00
Stefan Eissing
53fd4b37f2 QUIC fixes for handling of early data 
- new internal field for keeping early data enabled status,
  as QUIC does not call SSL_write_early_data() itself.
- using read_/write_early_data() methods in QUIC handshake
  when early data is enabled. This triggers the internals
  that emit the proper early data indication handlings.
 2022-08-11 18:08:37 +02:00
David Garske
fef84e2c4c Fixes for asn_public.h documentation. Fix spelling error. 2022-08-11 08:58:32 -07:00
Anthony Hu
82a900b438 Initial commit to add Dilithium NIST PQC winner. 
Also:

* added HAVE_FALCON guards as needed.
* corrected minor falcon bugs as I found them.
* handling OID sum collision between DILITHIUM_LEVEL5 and DILITHIUM_AES_LEVEL3

Tested with the following commands:

examples/server/server -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

with permutations of SHAKE,AES variants and levels 2,3,5
 2022-08-11 11:38:31 -04:00
David Garske
5e6c45a6fb Merge pull request #5397 from SparkiDev/cert_rsa_pss 
Certs with RSA-PSS sig
 2022-08-11 08:19:12 -07:00
David Garske
66644c2e31 Merge pull request #5457 from kaleb-himes/openssl-test-stuck-fix 
Fix a very frequent stuck scenario with the openssl.test script
 2022-08-11 07:43:23 -07:00
kaleb-himes
8efc8b0819 Fix up other test scripts using the same logic 2022-08-11 06:26:43 -06:00
Juliusz Sosinowicz
a317126509 Validate that extensions appear in correct messages 2022-08-11 10:53:10 +02:00
Sean Parkinson
dd2a6410d1 Merge pull request #5454 from dgarske/docs_hashtype 
Improve the documentation for HMAC hash types
 2022-08-11 16:50:55 +10:00
David Garske
87d96c9c96 Merge pull request #5452 from icing/quic-resume 
QUIC session resumption and early data handshake handling.
 2022-08-10 22:33:13 -07:00
David Garske
995100eed1 Fix for handling WC_PENDING_E from decrypt session ticket callback. ZD14420 2022-08-10 22:20:49 -07:00
David Garske
9ec61d4ce4 Merge pull request #5449 from douzzer/20220809-quic-fixes 
20220809-quic-fixes
 2022-08-10 21:56:45 -07:00
Sean Parkinson
4d8a713783 wolfSSL_CTX_set1_curves_list: X25519 and X448 defines 
Support wolfSSL_CTX_set1_curves_list being available when X25519 and/or
X448 only defined.
Don't recognize X25519 or X448 if corresponding define is not set.
Enable test in api.c.
 2022-08-11 14:13:04 +10:00
Sean Parkinson
fb531dacc2 Certs with RSA-PSS sig 
Add support for parsing and verifying certificates with RSA-PSS
signatures. Including check PSS parameters in key with those in
signature algorithm.
Add support for parsing private RSA PSS key.
Add support for parsing public RSA PSS key.
 2022-08-11 09:43:01 +10:00
kaleb-himes
a0e1c2567e Fix a very frequent stuck scenario with the openssl.test script 2022-08-10 17:41:54 -06:00
Uriah Pollock
5ef47cc86f Addressed code review. 2022-08-10 17:18:38 -05:00
Daniel Pouzzner
8197f958a9 address peer review on PR #5449. 2022-08-10 13:33:57 -05:00