Commit Graph

3658 Commits

Author SHA1 Message Date
toddouska 85b123046b Merge pull request #2377 from SparkiDev/sha2_cs_oldtls
Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes
2019-09-06 15:41:15 -07:00
Sean Parkinson a975ba9e97 Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes 2019-09-06 09:31:14 +10:00
toddouska d6685edfa0 Merge pull request #2440 from SparkiDev/tlsfuzzer_fixes
Fixes for fuzz testing
2019-09-05 09:01:10 -07:00
toddouska eaeaaf12c1 Merge pull request #2446 from SparkiDev/gplusplus_fix_1
Fixes for g++ compilation
2019-09-04 16:28:42 -07:00
Sean Parkinson 56df8162bd Fixes for g++ compilation 2019-09-04 10:09:36 +10:00
toddouska b35fd4f1aa Merge pull request #2441 from JacobBarthelmeh/UnitTests
strncpy gcc warning fixes
2019-09-03 15:44:10 -07:00
toddouska 492ce6ac91 Merge pull request #2414 from dgarske/pkcs8_asn1
Added support for loading a PKCS8 ASN.1 formatted private key
2019-09-03 15:36:31 -07:00
Sean Parkinson 60befc82c5 Fixes for fuzz testing
Changes
- Don't ignore decryption errors when doing TLS 1.3 and after Client
Finished.
- Put out an alert when TLS 1.3 decryption fails.
- Properly ignore RSA pss_pss algorithms when checking for matching
cipher suite.
- Check X25519 public value before import in TLS v1.2-
- REcognise TLS 1.3 integrity-only cipher suites as not negotiable with
TLS 1.2-.
- Send decode_error alert when bad message data in CertificateVerify.
- Negotiate protocol version in TLS 1.3 using extension and keep
decision when using TLS 1.2 parsing.
- Must have a signature algorithms extension in TLS 1.3 if not doing
PSK.
- More TLS v1.3 alerts.
- MAX_PSK_ID_LEN needs to be modified at compile time for tlsfuzzer to
work.
- change the good ecc public key to be a real public key when compiled
to check imported public keys
- Fix early data in TLS 1.3
- Make max early data size able to be changed at compile time - default
4K but fuzzer sends 16K
- Fix HRR, PSK and message hashes: Don't initialize hashes in parsing
ClientHello as need to keep hash state from previous ClientHello and
HelloRetryRequest
2019-09-02 08:58:14 +10:00
Jacob Barthelmeh 2a750cd18d strncpy gcc warning fixes 2019-08-30 13:34:51 -06:00
toddouska ef20276ab5 Merge pull request #2424 from SparkiDev/enc_then_mac
Add support for Encrypt-Then-MAC to TLS 1.2 and below
2019-08-30 11:09:04 -07:00
toddouska 347a859ffc Merge pull request #2435 from JacobBarthelmeh/SanityChecks
sanity check on ticket encrypt callback
2019-08-30 10:18:58 -07:00
tmael b8d2ccee83 Merge branch 'master' into phase2_compatibility_APIs 2019-08-29 09:16:41 -07:00
toddouska 9034e3a0fe Merge pull request #2432 from embhorn/api_p2
Adding compatibility API phase 2
2019-08-29 09:05:01 -07:00
Sean Parkinson 24e98dd05e Add support for Encrypt-Then-MAC to TLS 1.2 and below
An extension is used to indicate that ETM is to be used.
Only used when doing block ciphers - HMAC performed on encrypted data.
2019-08-29 09:00:30 +10:00
Eric Blankenhorn 0c9ba1b361 Adding compatibility API phase 2 2019-08-28 09:29:49 -05:00
Tesfa Mael 625c3074b9 Review comments, sanity check 2019-08-27 17:06:36 -07:00
toddouska a49f447e47 Merge pull request #2413 from dgarske/load_ca_nodate
Refactor of the verify option for processing X.509 files
2019-08-27 13:20:30 -07:00
Tesfa Mael f9e364f893 Updated wolfSSL_EVP_Cipher() for AES GCM 2019-08-27 11:36:39 -07:00
Jacob Barthelmeh 10431738c7 sanity check on ticket encrypt callback 2019-08-27 11:41:27 -06:00
Tesfa Mael e8f468e2cf correct ifdef directive 2019-08-26 19:17:41 -07:00
Tesfa Mael 00dadafddb Add HAVE_FAST_RSA around RSA_print() 2019-08-26 16:54:10 -07:00
Tesfa Mael b2555d38bc Jenkins PRB enable options test 2019-08-26 15:43:58 -07:00
toddouska 0f60ee8a85 Merge pull request #2402 from schlatterbeck/master
Fixes for 16-bit systems
2019-08-26 12:41:47 -07:00
Tesfa Mael 5e28dd94a2 OpenSSL compatible APIs:
ASN1_STRING_type
EVP_aes_128_gcm
EVP_CIPHER_CTX_ctrl
EVP_PKEY_sign
EVP_PKEY_sign_init
RSA_print
RSA_NO_PADDING
RSA_PKCS1_PSS_PADDING
2019-08-26 12:20:18 -07:00
David Garske 76b9476b9a Remove debug printf. 2019-08-23 16:24:45 -07:00
David Garske 99329b0fc4 Improvements to the CRL verify handling. 2019-08-23 16:09:39 -07:00
toddouska 2c97b040ff Merge pull request #2419 from dgarske/ctx_sec_reneg
Adds use secure renegotiation at CTX level
2019-08-23 12:55:30 -07:00
toddouska 1bad2bed3c Merge pull request #2404 from dgarske/strict_cipher
Added strict cipher suite check on client server_hello processing
2019-08-23 12:42:57 -07:00
toddouska 6209e8ff24 Merge pull request #2412 from JacobBarthelmeh/PKCS12
adjust wc_i2d_PKCS12 API
2019-08-23 10:30:04 -07:00
Jacob Barthelmeh 65aeb71d6c sanity check on buffer size before reading short 2019-08-22 11:36:35 -06:00
David Garske 67c3751836 Adds new wolfSSL_CTX_UseSecureRenegotiation API for setting secure renegotiation at the WOLFSSL_CTX level. 2019-08-20 16:43:28 -07:00
David Garske 24bfea1ad2 Fixes for various build options (!NO_RSA, HAVE_ECC, NO_PKCS8, NO_PKCS12). Added new NO_CHECK_PRIVATE_KEY to allow reduce code size when not required. 2019-08-20 10:38:08 -07:00
David Garske 644e7a8f45 Fixes for PKCS8 w/wo encryption as DER/ASN.1. Fixes for building with --disable-oldnames. Fix to enable the PKCS8 enc test without openssl comat. Added additional PKCS8 tests. 2019-08-19 16:27:46 -07:00
David Garske 3e1c103c78 Added support for loading a PKCS8 ASN.1 formatted private key (not encrypted). 2019-08-16 16:09:00 -07:00
David Garske 586b74b05f Refactor of the verify option for processing X.509 files. Adds support for ignoring date checks when loading a CA using the WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY flag on wolfSSL_CTX_load_verify_buffer_ex and wolfSSL_CTX_load_verify_locations_ex. 2019-08-16 15:19:55 -07:00
toddouska 7d4023f6a1 Merge pull request #2408 from dgarske/coverity
Minor fixes to resolve Coverity static analysis checks
2019-08-16 14:45:13 -07:00
Jacob Barthelmeh 487e66394e adjust wc_i2d_PKCS12 API 2019-08-16 15:19:33 -06:00
David Garske eb68ad162b Enable strict cipher suite checking by default. Changed to enable by default and can be disabled using WOLFSSL_NO_STRICT_CIPHER_SUITE. 2019-08-16 10:20:25 -07:00
David Garske 0d13b385ab Fixes for possible cases where DerBuffer is not free'd in AddCA error cases. 2019-08-15 17:01:30 -07:00
toddouska 489af0cd2b Merge pull request #2386 from SparkiDev/tls13_integ_only
TLS 1.3 and Integrity-only ciphersuites
2019-08-15 16:02:12 -07:00
Eric Blankenhorn 1b841363cc Adding tests 2019-08-15 12:27:23 -05:00
Eric Blankenhorn b2b24a06f3 Adding API 2019-08-14 15:09:17 -05:00
David Garske e75417fde1 Added build option to enforce check for cipher suite in server_hello from server. Enabled using WOLFSSL_STRICT_CIPHER_SUITE. Some cipher suites could be allowed if they were supported a build-time even though not sent in the cipher suite list in client_hello.
Example log output for test case where `client_hello` sent a cipher suite list and server choose a cipher suite not in the list:

```
wolfSSL Entering DoServerHello
ServerHello did not use cipher suite from ClientHello
wolfSSL Leaving DoHandShakeMsgType(), return -501
wolfSSL Leaving DoHandShakeMsg(), return -501
```

RFC 5246: 7.4.1.3: Server Hello:  `cipher_suite: The single cipher suite selected by the server from the list in ClientHello.cipher_suites.`
2019-08-13 15:56:19 -07:00
Eric Blankenhorn 48fa6a458c Adding compatibility API phase 1 2019-08-13 17:09:56 -05:00
Tesfa Mael 9301cce9ac Check a null pointer dereference 2019-08-13 11:48:20 -07:00
Tesfa Mael b1ad0525ea cast to correct static analysis issue 2019-08-13 10:45:24 -07:00
Tesfa Mael b7bd710bc8 Add small stack option 2019-08-13 10:29:37 -07:00
Tesfa Mael 1acd24deb8 Review comment to reduce stack usage 2019-08-13 10:15:57 -07:00
Tesfa Mael b9ddbb974a perform domain name check on the peer certificate 2019-08-13 09:55:28 -07:00
Ralf Schlatterbeck 63c6c47165 Fixes for 16-bit systems
Systems with sizof(int) == 2 default to expressions with that size.
So we have to do some explicit casts or use unigned long constants in
some cases.
In ssl.h the prototype of a function was not matching the definition.
This resulted in a type incompatibility on a 16-bit system.
2019-08-10 18:27:29 +02:00