Commit Graph

3987 Commits

Author SHA1 Message Date
Chris Conlon cdd02f9665 Add check for reseed in ssl.c for HAVE_SELFTEST, similar to old FIPS bundles that do not have older random.c files 2025-06-18 17:21:55 -06:00
David Garske 7d77446964 Merge pull request #8882 from rizlik/dtls13_always_transmit_explicit_ack
dtls13: always send ACKs on detected retransmission
2025-06-17 11:35:07 -07:00
David Garske 6b68797b4f Merge pull request #8883 from JacobBarthelmeh/rng
account for Intel RDRAND build without HAVE_HASHDRBG
2025-06-17 11:33:16 -07:00
Marco Oliverio e82c099bec fix indentation 2025-06-16 18:42:17 +02:00
JacobBarthelmeh ce61f0d517 account for Intel RDRAND build without HAVE_HASHDRBG 2025-06-16 09:04:50 -06:00
Marco Oliverio 509491f554 dtls13: wolfSSL_is_init_finished true after last server ACK
Do not consider the handshake finished until the last server ACK.
This way the application knows where to switch from
wolfSSL_negotiate/wolfSSL_connect to wolfSSL_read/wolfSSL_write.
2025-06-16 14:19:31 +02:00
Juliusz Sosinowicz 37554a13db Updates for OpenSSH 10.0p2
- random.c: use getrandom when available and fall back to direct file access
- openssh.yml: run more tests
- openssh.yml: add 10.0p2 and 9.9p2
- configure.ac: detect if `getrandom` is available on the system
- configure.ac: openssh requires WC_RNG_SEED_CB to always use `getrandom` so that the RNG doesn't get killed by SECCOMP
2025-06-13 18:06:19 +02:00
JacobBarthelmeh 47cf634965 add a way to restore previous pid behavior 2025-06-10 16:12:09 -06:00
JacobBarthelmeh fbbb6b7707 add mutex locking and compat layer FIPS case 2025-06-10 14:37:11 -06:00
JacobBarthelmeh 31490ab813 add sanity checks on pid with RNG 2025-06-10 14:37:11 -06:00
gojimmypi 3254f56d32 Improve PlatformIO Certificate Bundle Support 2025-06-06 15:48:07 -07:00
JacobBarthelmeh 369f9f0339 Merge pull request #8849 from holtrop/reseed-drbg-in-rand-poll
Reseed DRBG in RAND_poll()
2025-06-06 11:55:46 -06:00
Josh Holtrop 0c12337194 Reseed DRBG in RAND_poll() 2025-06-06 12:20:58 -04:00
Sean Parkinson 7eca4fb331 ML_KEM IDs backward compat
Allow backward compatibilitly of Hybrid ML_KEM codepoints in TLS with
version before wolfSSL 5.8.0.
When WOLFSSL_ML_KEM_USE_OLD_IDS is defined, it will accept the old
codepoints for P256 with ML-KEM-512, P384 with ML-KEM-768, P521 with
ML-KEM-10124. (Others combinations were not know pre 5.8.0.)
Both old client with new server and new client with new server work with
old codepoints.
2025-06-06 09:17:40 +10:00
Ruby Martin 5352e100db Add NO_OLD_TLS macroguard, remove dead code 2025-05-22 14:21:38 -06:00
David Garske e09e3f6098 Fix for Curve25519 and static ephemeral issue with curve25519 blinding. Added new test case (used by wolfKeyMgr). 2025-05-12 10:26:31 -07:00
JacobBarthelmeh 77c0f79cbe adjust ech get length only case 2025-05-08 13:50:42 -06:00
David Garske 1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update
ASN.1 OIDs and sum: Change algorithm for sum
2025-05-07 11:43:54 -07:00
Sean Parkinson 112351667a ASN.1 OIDs and sum: Change algorithm for sum
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
2025-05-07 08:32:08 +10:00
jordan baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00
Eric Blankenhorn 66b9256f86 Fixes from CodeSonar report 2025-04-22 14:43:01 -05:00
Lealem Amedie 1b80c03fe9 Change to short type 2025-04-17 10:05:40 -06:00
Lealem Amedie 429f435593 Fix SetMinEccKey_Sz to allow P-521 minimum 2025-04-17 08:22:20 -06:00
Juliusz Sosinowicz 56263d9577 fixup! Push/pop to/from the end of the list object 2025-04-09 14:40:00 +02:00
Juliusz Sosinowicz 5f13aebd5f Push/pop to/from the end of the list object
The last object pushed should be visible in the highest index
2025-04-09 14:40:00 +02:00
Juliusz Sosinowicz 7cbc71b024 Refactor *_push and *_pop compat API 2025-04-09 14:40:00 +02:00
Daniel Pouzzner c401f5caf2 move the newly added wolfcrypt/src/wolfssl_sources.h to wolfssl/wolfcrypt/libwolfssl_sources.h, and likewise for wolfssl_sources_asm.h; revert changes to IDE/ project files. 2025-04-04 18:44:12 -05:00
Daniel Pouzzner 217440c885 Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h,
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
  sources to include them at the top.

  wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
  conditionally, config.h.  settings.h and wc_port.h are unconditionally
  included at the top of types.h.

  wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.

Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
  files.

Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
  wolfssl/wolfcrypt/settings.h to allow coverage testing.

In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
  them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.

Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.

Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
  for clarity.
2025-04-04 16:51:04 -05:00
David Garske 18ac695bb2 Merge pull request #8556 from SparkiDev/ech-config-control
ECH: generate multiple configs and rotate echConfigs
2025-03-20 17:05:43 -07:00
David Garske 86b01bddd8 Merge pull request #8428 from miyazakh/qt_jenkins
Fix Qt Nightly Jenkins failure
2025-03-20 17:03:03 -07:00
David Garske 2c36ae268f Merge pull request #8536 from SparkiDev/kyber_to_mlkem
Update Kyber APIs to ML-KEM APIs
2025-03-20 11:07:53 -07:00
Hideki Miyazaki 9188e0a801 fix PR test failures 2025-03-13 09:48:34 +09:00
Hideki Miyazaki b39c2206d7 modified client chain at server side
added unit test
2025-03-13 09:39:13 +09:00
Hideki Miyazaki d6c0184fda fix qt jenkins failure 2025-03-13 09:39:13 +09:00
Sean Parkinson 74454715ec ECH: generate multiple configs and rotate echConfigs
Change wolfSSL_CTX_GenerateEchConfig to generate multiple configs, add
functions to rotate the server's echConfigs.
2025-03-13 10:24:53 +10:00
John Bland 8ff08740f8 Merge branch 'master' into ech-hello-retry 2025-03-10 03:37:27 -04:00
Sean Parkinson a7690ca24b ML-KEM/Kyber: finish name change 2025-03-10 08:37:14 +10:00
Daniel Pouzzner 058014b3eb src/ssl.c: add missing !NO_WOLFSSL_SERVER gate around wolfSSL_get_servername(). 2025-02-28 19:07:03 -06:00
Daniel Pouzzner f7b911f5cd src/ssl.c, src/internal.c: fix leak in wolfSSL_get_ciphers_compat(): fix gating (OPENSSL_EXTRA, not OPENSSL_ALL) in FreeSuites() re .suitesStack and .clSuitesStack, and similarly fix gating on the implementation of wolfSSL_sk_SSL_CIPHER_free(() and related.
src/ssl_sess: suppress false positive clang-analyzer-unix.Malloc "Argument to 'free()' is the address of a global variable".
2025-02-28 15:23:43 -06:00
Tobias Frauenschläger be6888c589 Fixes for Dilithium in TLS handshake
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-26 15:33:59 +01:00
Reda Chouk 9178c53f79 Fix: Address and clean up code conversion in various files. 2025-02-25 11:17:58 +01:00
Tobias Frauenschläger 89491c7e36 Improvements for PQC hybrid key exchange
Add support for X25519 and X448 based hybrid PQC + ECC key exchange
groups. Furthermore, two new combinations with SECP curves are added to
match OQS combinations.

This also incorporates the changed order of X25519 and X448 based
combinations to place the PQC material before the ECDH material. This is
motivated by the necessity to always have material of a FIPS approved
algorithm first.

Also, codepoints are updated to reflect the latest draft standards for
pure ML-KEM and some of the hybrids. With these changes and based on the
recent additions to both enable ML-KEM final and draft versions
simultaneously, a WolfSSL TLS server is now compatible with all recent
browsers that support either the draft version of ML-KEM (Chromium based
browsers and Firefox < version 132; only when the draft version is
enabled in the build) or the final version already (Firefox > version 132).

In the process of extending support, some code and logic cleanup
happened. Furthermore, some memory leaks within the hybrid code path have
been fixed.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-21 18:44:40 +01:00
Marco Oliverio 7db3c34e2b ocsp: enable OPENSSL tlsext status cb for NGINX and HAPROXY 2025-02-17 14:53:49 +00:00
Marco Oliverio d7711f04ab openssl compat: skip OCSP response verification in statusCb
This aligns with OpenSSL behavior
2025-02-17 08:58:02 +00:00
David Garske 3075e57207 Whitespace and filename comment. 2025-02-14 09:51:29 -06:00
Juliusz Sosinowicz 7380ec68bb cmake.yml: fix error and run tests with ctest 2025-02-14 09:51:29 -06:00
Daniel Pouzzner b466bde5d0 src/internal.c and src/ssl.c: in CheckcipherList() and ParseCipherList(), refactor "while (next++)" to "while (next)" to avoid clang21 UndefinedBehaviorSanitizer "applying non-zero offset 1 to null pointer". 2025-02-04 12:07:29 -06:00
Daniel Pouzzner b41d46a158 src/ssl.c and src/ssl_load.c: fix syntax flubs in WOLFSSL_DILITHIUM_FIPS204_DRAFT paths. 2025-01-25 10:11:25 -06:00
Daniel Pouzzner e6b87c2e54 src/ssl.c: work around false positive from scan-build in wolfSSL_writev(), long ago annotated with PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"").
wolfcrypt/src/misc.c: fix typo, max_size_t_() -> max_size_t().
2025-01-24 17:55:55 -06:00
Daniel Pouzzner 91aad90c59 wolfssl/internal.h and src/internal.c:
change Buffers.prevSent and .plainSz from int to word32;

change SendData() sz arg from int sz to size_t sz;

add asserts in SendData() and ReceiveData() to prevent sz > INT_MAX (assuring no overflow internally or in the returned int).

wolfssl/ssl.h and src/ssl.c:

change WOLFSSL_BUFFER_INFO.length from unsigned int to word32 (no functional change, just for consistency);

add wolfSSL_write_internal(), refactor wolfSSL_write() to call it, and fix wolfSSL_write_ex() to take size_t sz, not int sz.
2025-01-24 17:16:08 -06:00