Commit Graph

20599 Commits

Author SHA1 Message Date
Chris Conlon a2e2a3e994 add --enable-certreq to --enable-jni, support extKeyUsage in X509_REQ_sign, add missing X509_REQ_print fields 2023-09-01 11:59:21 -06:00
JacobBarthelmeh efd08eadb8 Merge pull request #6746 from douzzer/20230831-ge_p3_dbl
20230831-ge_p3_dbl
2023-08-31 15:06:17 -06:00
Daniel Pouzzner dc2905ce80 wolfssl/wolfcrypt/ge_operations.h: fix for bugprone-macro-parentheses in ge_p3_dbl() found by multi-test clang-tidy-all-intelasm. 2023-08-31 13:22:53 -05:00
JacobBarthelmeh ffd6c2b859 Merge pull request #6625 from TakayukiMatsuo/jp6352
Update Japanese API comments
2023-08-31 10:03:09 -06:00
JacobBarthelmeh 927930c86e Merge pull request #6740 from SparkiDev/ecies_kdf
ECIES: add support for other KDFs
2023-08-30 16:27:39 -06:00
Sean Parkinson b546473495 Merge pull request #6739 from JacobBarthelmeh/fuzzing
additional sanity check with GetIntPositive
2023-08-31 07:11:05 +10:00
JacobBarthelmeh 2aefdfe9d5 Merge pull request #6737 from anhu/ignoreBadPath
Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.
2023-08-30 13:37:56 -06:00
JacobBarthelmeh 944db2c2e5 Merge pull request #6726 from julek-wolfssl/dropped-ccs
Server should not ignore plaintext packets as long as it has stuff to rtx
2023-08-30 09:40:14 -06:00
Sean Parkinson 41d6afcfa1 ECIES: add support for other KDFs 2023-08-30 10:37:57 +10:00
JacobBarthelmeh 1ada2e6a43 additional sanity check with GetIntPositive 2023-08-29 15:43:01 -07:00
Anthony Hu d7bb5aa367 Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH. 2023-08-29 10:28:02 -04:00
Kaleb Himes 70c362f680 Merge pull request #6736 from ejohnstown/fips-update
FIPS Update
2023-08-29 08:21:47 -06:00
JacobBarthelmeh c47600c52c update comment 2023-08-29 12:45:45 +02:00
Juliusz Sosinowicz a0fef66c3b Add test case for dropped ccs 2023-08-29 12:45:45 +02:00
Juliusz Sosinowicz 357c9a68f2 Only drop plaintext msgs when we don't have stuff to rtx 2023-08-29 12:45:13 +02:00
Juliusz Sosinowicz 6e3c3577f5 Refactor the crazy conditional in VerifyForDtlsMsgPoolSend 2023-08-29 12:45:13 +02:00
John Safranek b13294623b FIPS Update
1. Restore the linuxv5 option of fips-check.
2. Added option linuxv5.2.1 to fips-check.
2023-08-28 16:41:47 -07:00
John Safranek 2380086209 FIPS Update
1. Rename the error code for degraded mode so it matches what's in the
   fips repo.
2. Update the tag used for linuxv5 builds in the fips-check script.
2023-08-28 15:11:13 -07:00
JacobBarthelmeh c5c968aae3 Merge pull request #6722 from julek-wolfssl/zd/16550
ZD16550
2023-08-28 10:19:19 -06:00
JacobBarthelmeh 872551a5fc Merge pull request #6734 from julek-wolfssl/curl-action-correct-name
Correct name in curl github action
2023-08-28 09:30:34 -06:00
Juliusz Sosinowicz 9bea33b598 Correct name in curl github action 2023-08-28 11:55:42 +02:00
Juliusz Sosinowicz b02fe0853f CI fixes 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz 57ce894393 CRL refactor
- CheckCertCRLList: check all entries in case a single issuer has multiple CRL's loaded
- test_multiple_crls_same_issuer: testing two different certificates forcing the client to check both CRL's from the same issuer
- CRL_Entry
  - use a lock instead of a mutex to allow multiple threads to access the same list simultaneously
  - add a verifyMutex when doing verification so that we don't have to release the crlLock
- Add allocation and free functions for CRL_Entry
- DupCRL_Entry: simplify copying by copying all static fields in one memcpy
2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz abfcda8750 Decode the key usage extension as LE not BE 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz e85901c8e5 Only list supported sigalgs in certreq 2023-08-28 10:52:36 +02:00
JacobBarthelmeh 5b5e66b55f Merge pull request #6732 from billphipps/correct_cryptocb_debug
Correct cryptocb cmd debug message
2023-08-25 13:57:32 -06:00
billphipps 7a6e851a82 Corrected print format string. 2023-08-25 13:59:23 -04:00
JacobBarthelmeh 2a5ed11f34 Merge pull request #6730 from gojimmypi/aria-no-openssl
ARIA no longer needs OpenSSL enabled
2023-08-25 11:48:11 -06:00
JacobBarthelmeh b20c6c54d1 Merge pull request #6729 from ejohnstown/degraded-mode
FIPS Degraded Mode
2023-08-25 10:10:22 -06:00
JacobBarthelmeh 14deb7afda Merge pull request #6700 from julek-wolfssl/dtls13-downgrade-acks
DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH)
2023-08-25 09:34:53 -06:00
billphipps d7f8cc55d8 Update wolfcrypt/src/cryptocb.c
Correction
2023-08-25 11:24:47 -04:00
billphipps 27bc7219e5 Correct cryptocb cmd debug message 2023-08-25 11:16:15 -04:00
TakayukiMatsuo 0484f3e0f7 Update Japanese API comments to match PR6352 2023-08-25 10:32:10 +09:00
John Safranek e48b7ef3d7 FIPS Degraded Mode
1. Add error code for entering FIPS degraded mode.
2. Add string for the error code.
2023-08-24 16:27:23 -07:00
gojimmypi 8803510375 ARIA no longer needs OpenSSL enabled 2023-08-24 15:57:14 -07:00
JacobBarthelmeh c9e9e0fc72 Merge pull request #6704 from icing/session-copy-on-write
Updating a shared session objects needs to do copy on write
2023-08-24 16:52:17 -06:00
JacobBarthelmeh 2f2dddde25 Merge pull request #6727 from bigbrett/tls13-sniffer-keylogfile
TLS 1.3 sniffer keylog file support
2023-08-24 16:52:00 -06:00
JacobBarthelmeh a6257ca635 Merge pull request #6724 from julek-wolfssl/zd/16445
ZD16445
2023-08-24 13:46:49 -06:00
Brett Nicholas f1027464e8 added tls13 keylog test, refactored diff test to only use app data output 2023-08-24 13:05:01 -06:00
Brett Nicholas 15918d8ee6 First pass at TLS1.3 keylog file working 2023-08-24 13:04:59 -06:00
JacobBarthelmeh 5f44a73f8e Merge pull request #6725 from julek-wolfssl/zd/16598
TLSX_CA_Names_Parse: Include header in length check
2023-08-24 10:30:07 -06:00
JacobBarthelmeh 6b09b5c0cf Merge pull request #6690 from julek-wolfssl/packaging
Init deb packaging
2023-08-24 10:28:24 -06:00
David Garske 88ad5ce6b0 Merge pull request #6607 from SparkiDev/curve25519_thumb2
Thumb2 ASM, Curve25519
2023-08-24 08:29:54 -07:00
Juliusz Sosinowicz 82c5170659 TLSX_CA_Names_Parse: Include header in length check 2023-08-24 15:23:37 +02:00
Juliusz Sosinowicz 8ce71cc19c Call HaveUniqueSessionObj when we need to have a unique session object 2023-08-24 15:01:22 +02:00
Juliusz Sosinowicz 06d81f7f8f Add a test case that negotiates tickets during another handshake 2023-08-24 15:01:22 +02:00
Juliusz Sosinowicz b44d31df02 Jenkins fixes 2023-08-24 10:57:45 +02:00
Juliusz Sosinowicz b771b6ebf5 ZD16445
- Use unions for type punning in xor API
- Initialise potentially uninitialised variables
- Use `LL` suffix to specify a larger integer type
- Don't use `max` as it can shadow other definitions
2023-08-24 10:53:26 +02:00
Sean Parkinson 36b92a4cef Thumb2 ASM, Curve25519
Add support for compiling ASM for Thumb2
Add Curve25519 ASM for Thumb2
Limit assembly code compiled when Ed25519 not required.
Rework all assembly implementations to replace ge_*() functions instead
of having fe_ge_*() versions that take many parameters.
Get ARM32 inline asm working.
2023-08-24 17:43:03 +10:00
Juliusz Sosinowicz a99954c0b0 Update dtls_expected_peer_handshake_number when downgrading 2023-08-23 23:20:51 +02:00