wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 19:32:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,390 Commits 12 Branches 184 Tags
ba8227bcf72a6dd858878cf3d727768cb2e779c3
Commit Graph

4225 Commits

Author SHA1 Message Date
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
toddouska
23d1550439 Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
79465d70f7 Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00
Chris Conlon
d220168384 Merge pull request #3017 from kojo1/supplicant-error 
alertWhy: unknown_ca for ASN_NO_SIGNER_E
 2020-06-03 10:44:31 -05:00
Sean Parkinson
0d1ed9efc7 TLS 1.3: Never send CertiifcateRequest when PSK 
Server must not send a CertificateRequest when authenticating with a
PSK.
Increase the max size of the signature algorithms as ED448 has been
added.
 2020-06-03 12:48:31 +10:00
toddouska
c7331fa699 Merge pull request #3008 from embhorn/zd10320 
Fix possible NULL dereference error in TLSX_SecureRenegotiation_Parse
 2020-06-02 11:13:17 -07:00
Takashi Kojo
5bcd121ab5 alertWhy: unknown_ca for ASN_NO_SIGNER_E 2020-06-02 05:54:16 +09:00
toddouska
2ee8f335b7 Merge pull request #2992 from SparkiDev/tls13_enc_alert_2 
Actually make TLS 1.3 alerts encrypted when possible
 2020-05-29 13:04:49 -07:00
David Garske
e498e07390 Merge pull request #3005 from cconlon/608a 
ATECC608A improvements for use with Harmony 3 and PIC32MZ
 2020-05-28 16:10:39 -07:00
toddouska
5962931b21 Merge pull request #2947 from SparkiDev/tls13_integ_fix 
Fix TLS 1.3 integrity only for interop
 2020-05-28 13:48:43 -07:00
Eric Blankenhorn
4e8f5fce66 Fix NULL dereference error 2020-05-28 12:17:29 -05:00
Sean Parkinson
3fec01c0aa Actually make TLS 1.3 alerts encrypted when possible 
Pervious fix didn't work.
This time, if TLS 1.3 and encryption is on then it will encrypt the
alert.
 2020-05-28 10:57:33 +10:00
Chris Conlon
896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
JacobBarthelmeh
8e9f518caa fix for gcc 10+ error on snprintf 2020-05-27 16:20:39 -06:00
toddouska
e388885407 Merge pull request #2997 from kaleb-himes/ZD10356 
Fix a seg fault when cert not loaded prior to key check
 2020-05-26 16:19:43 -07:00
Kaleb Himes
5179503e8f Merge pull request #2995 from julek-wolfssl/va-copy-check 
Enable wolfSSL_BIO_vprintf on Windows
 2020-05-26 08:58:05 -07:00
Sean Parkinson
eed5943b6f Fix TLS 1.3 integrity only for interop 
Make key size the size of the digest.
 2020-05-25 16:02:53 +10:00
Chris Conlon
165fce7c57 Merge pull request #2988 from miyazakh/peakmem 
added WOLFSSL_LEAVE for measuring peak memory script
 2020-05-22 15:37:30 -06:00
kaleb-himes
53d2a17b43 Fix a seg fault when cert not loaded prior to key check 2020-05-22 15:03:11 -06:00
Juliusz Sosinowicz
de61a8e5d3 Enable wolfSSL_BIO_vprintf on Windows 
Enable wolfSSL_BIO_vprintf use with WOLFSSL_BIO_MEMORY and WOLFSSL_BIO_SSL on Windows with the HAVE_VA_COPY flag
 2020-05-21 19:41:40 +02:00
Juliusz Sosinowicz
a67e1fc2ad Fix implicit conversions 2020-05-21 13:20:42 +02:00
Juliusz Sosinowicz
70c55ce30a Set offset in cipher struct 2020-05-21 12:51:23 +02:00
David Garske
19848076ec Merge pull request #2986 from kaleb-himes/ZD9610_REPORT2 
Fix building with openssl extra x509 small writes to heap without alloc
 2020-05-20 08:10:43 -07:00
Juliusz Sosinowicz
5f7832909b BIO_new_mem_buf with negative len should take strlen of buf as len 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz
4a85bf8108 Additional OpenSSL compat layer stuff 
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
 2020-05-20 16:55:16 +02:00
kaleb-himes
08c02b037c Fix building with openssl extra x509 small writes to heap without alloc 2020-05-19 17:12:36 -06:00
toddouska
7901f74d0b Merge pull request #2977 from SparkiDev/tlsx_ks_ecc_fix 
KeyShare ECC shift index range check
 2020-05-19 15:49:41 -07:00
toddouska
754c96965a Merge pull request #2974 from SparkiDev/tls13_enc_alert 
If encryption setup, TLS 1.3 alerts encrypted
 2020-05-19 15:48:54 -07:00
Sean Parkinson
5b918f7ace KeyShare ECC shift index range check 2020-05-18 08:49:38 +10:00
toddouska
bdddb00ebc Merge pull request #2973 from kaleb-himes/FIPS-OE6 
for OE6 sp_arm32.c asm code is inlined in rsa.c and ecc.c
 2020-05-14 10:55:54 -07:00
toddouska
fbfb28d5ee Merge pull request #2926 from SparkiDev/tls13_failnocert 
Fail when WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT set in TLS1.3
 2020-05-14 10:53:18 -07:00
toddouska
6f750c07b5 Merge pull request #2964 from SparkiDev/tls13down_tls12 
Only check downgrade when TLS 1.2 and no flag set
 2020-05-13 16:25:02 -07:00
Sean Parkinson
0295b5ae3b If encryption setup, TLS 1.3 alerts encrypted 2020-05-13 16:14:47 +10:00
kaleb-himes
9a8fc94181 for OE6 sp_arm32.c asm code is inlined in rsa.c and ecc.c 2020-05-12 16:28:39 -06:00
toddouska
6c9a0e440e Merge pull request #2959 from dgarske/wpas_tiny 
Added wpa_supplicant support with reduced code size option
 2020-05-11 08:55:22 -07:00
Sean Parkinson
ed4899dd91 Only check downgrade when TLS 1.2 and no flag set 
The flag, SSL_OP_NO_TLSv1_2, indicates not to negotiate TLS v1.2.
 2020-05-11 13:18:50 +10:00
Hideki Miyazaki
5dfc36d32a added WOLFSSL_LEAVE for measuring peak memory script 2020-05-09 17:03:17 +09:00
David Garske
10aa8a4ffc Added support --enable-wpas=small for reduced code size when building against the WPA supplicant with EAP-TLS. This does not use OPENSSL_EXTRA, which helps reduce code size. 2020-05-08 13:38:26 -07:00
toddouska
6b930d996c Merge pull request #2958 from julek-wolfssl/ASN_IP_TYPE-without-openssl 
Support IP alternative subject name without OpenSSL
 2020-05-08 13:27:27 -07:00
toddouska
3ef7e588d2 Merge pull request #2932 from kaleb-himes/ZD10223 
Fix building with one-side only tls13/dtls
 2020-05-07 08:43:36 -07:00
Juliusz Sosinowicz
9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
kaleb-himes
62d67c3da1 Don't need if not using TLS 1.2 2020-05-04 12:54:36 -06:00
toddouska
d848495a66 Merge pull request #2937 from dgarske/wolfio_tcpcon_fd 
Fix issue with failed TCP connect using invalid socket file descriptor
 2020-05-04 11:22:54 -07:00
David Garske
31502ec3f9 Fix issue with failed TCP connect using invalid socket file descriptor on close. Fixes #2936 2020-05-01 07:32:00 -07:00
Sean Parkinson
7879d3762a TLS13: Prepend the SupportedVersions extension to list 
Must have SupportedVersions at start of list for Cookie to be
constructed correctly.
Application can set the key share extension before handshake and
SupportedVersions will be added after. Extensions written in order of
adding to list.
Prepend SupportedVersions so that it will always appear in the correct
place so when reconstructing HelloRetryRequest, the extensions will
always be in the same order.
 2020-04-30 08:46:23 +10:00
kaleb-himes
951cb4aaf4 Fix building with one-side only tls13/dtls 2020-04-28 14:33:00 -06:00
toddouska
f770d28ff0 Merge pull request #2916 from dgarske/testfixes 
Improvements to ECC key decode and tests
 2020-04-28 09:57:44 -07:00
toddouska
a585e4115e Merge pull request #2927 from SparkiDev/tls13_ccs 
In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row
 2020-04-28 09:52:46 -07:00