wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 08:32:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,095 Commits 12 Branches 184 Tags
d80b282fdd8ff0cf5134d61ec291a7dcbbc8a9ac
Commit Graph

17095 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
d80b282fdd Merge pull request #5156 from anhu/HAVE_AES_GCM 
Rename HAVE_AES_GCM guard to HAVE_AESGCM in the tests.
 2022-05-20 15:03:57 -07:00
David Garske
04ddd0abe4 Merge pull request #5095 from haydenroche5/decoded_cert_crit_fields 
Make the critical extension flags in DecodedCert always available.
 2022-05-20 15:03:39 -07:00
David Garske
2fc129e236 Merge pull request #5162 from rliebscher/master 
Remove unused warning in ecc.c
 2022-05-20 11:42:39 -07:00
René Liebscher
a8024a32c5 Remove unused warning in ecc.c 
When WOLFSSL_ECIES_OLD is defined you get an unused warning
in ecc.c / wc_ecc_encrypt_ex().
Just suppress it by "using" the parameter.
 2022-05-20 16:05:10 +02:00
David Garske
9427ebc5be Merge pull request #5160 from haydenroche5/tls_unique 
Provide access to "Finished" messages outside the compat layer.
 2022-05-19 21:30:30 -07:00
Sean Parkinson
b6290f1590 Merge pull request #5157 from douzzer/20220519-multi-test-fixes 
20220519-multi-test-fixes
 2022-05-20 13:47:09 +10:00
Hayden Roche
6d9fbf7ab3 Provide access to "Finished" messages outside the compat layer. 
Prior to this commit, if you wanted access to the Finished messages from a
handshake, you needed to turn on the compatibility layer, via one of
OPENSSL_ALL, WOLFSSL_HAPROXY, or WOLFSSL_WPAS. With this commit, defining any
of these causes WOLFSSL_HAVE_TLS_UNIQUE to be defined (a reference to the
tls-unique channel binding which these messages are used for) in settings.h.
This allows a user to define WOLFSSL_HAVE_TLS_UNIQUE to access the Finished
messages without bringing in the whole compat layer.
 2022-05-19 16:34:13 -07:00
Daniel Pouzzner
efc8d36aa5 configure.ac: add whitespace separators to "((" groupings to mollify shellcheck SC1105 "Shells disambiguate (( differently or not at all. For subshell, add spaces around ( . For ((, fix parsing errors." 2022-05-19 18:19:11 -05:00
Daniel Pouzzner
6984cf83b2 scripts/ocsp-stapling.test: fix whitespace. 2022-05-19 16:45:50 -05:00
Daniel Pouzzner
5988f35593 src/wolfio.c: in EmbedReceiveFrom((), clear peer before recvfrom() to fix clang-analyzer-core.UndefinedBinaryOperatorResult; add DTLS_ prefix to macros SENDTO_FUNCTION and RECVFROM_FUNCTION, and gate their definitions on their being undefined to allow overrides. 2022-05-19 11:31:24 -05:00
Daniel Pouzzner
f2e9f5349f wolfcrypt/src/asn.c: refactor DecodeBasicOcspResponse() to keep DecodedCert off the stack in WOLFSSL_SMALL_STACK builds. 2022-05-19 11:28:34 -05:00
Daniel Pouzzner
368854b243 scripts/: refactor TLS version support tests to use -V, rather than -v (which makes frivolous connection attempts). 2022-05-19 11:18:34 -05:00
Anthony Hu
cf81ae79e4 HAVE_AESGCM 2022-05-19 11:30:58 -04:00
Anthony Hu
9c2903c176 Remove HAVE_AES_GCM guard as it is never defined. 2022-05-19 01:20:55 -04:00
David Garske
4a3ff40eb3 Merge pull request #5138 from haydenroche5/issuer_names 
Add ability to store issuer name components when parsing a certificate.
 2022-05-18 16:56:55 -07:00
Sean Parkinson
cd41c8beaf Merge pull request #5147 from rizlik/do_alert_reset 
internal.c:reset input/processReply state if exiting after DoAlert()
 2022-05-19 09:36:44 +10:00
Daniel Pouzzner
b53484be10 Merge pull request #5155 from cconlon/configFix 
Fix --enable-openssh FIPS detection syntax in configure.ac
 2022-05-18 17:34:43 -05:00
Chris Conlon
628a34a43d fix --enable-openssh FIPS detection syntax in configure.ac 2022-05-18 12:52:07 -06:00
Chris Conlon
1026c7141e Merge pull request #5148 from JacobBarthelmeh/PKCS7 2022-05-18 11:44:20 -06:00
Marco Oliverio
be172af3cd internal.c: check that we have data before processing messages 
We should never encounter this bug under normal circumstances. But if we enter
processReplyEx with a wrongly `ssl->options.processReply` set to
`runProcessingOneMessage` we check that we have some data.
 2022-05-18 18:49:33 +02:00
Marco Oliverio
6940a5eaae internal.c:reset input/processReply state if exiting after DoAlert() 2022-05-18 18:35:29 +02:00
John Safranek
40063f7487 Merge pull request #5109 from rizlik/dtls_peer_matching_fix 
wolfio: dtls: fix incorrect peer matching check
 2022-05-18 09:12:26 -07:00
David Garske
ac3fc89df9 Merge pull request #5151 from SparkiDev/tls13_premaster 
TLS 1.3:  pre-master secret zeroizing
 2022-05-17 19:18:43 -07:00
Sean Parkinson
1765e2c482 Merge pull request #5150 from haydenroche5/benchmark_main_void 
Fix main signature in benchmark.c.
 2022-05-18 10:10:07 +10:00
Hayden Roche
04ff6afbad Add ability to store issuer name components when parsing a certificate. 
This is turned on when `WOLFSSL_HAVE_ISSUER_NAMES` is defined. This allows the
user to inspect various issuer name components (e.g. locality, organization,
etc.) by using these new fields in a `DecodedCert`.
 2022-05-17 16:29:52 -07:00
Sean Parkinson
2f91028f2d TLS 1.3: pre-master secret zeroizing 2022-05-18 08:52:38 +10:00
Hayden Roche
fd535242a0 Fix main signature in benchmark.c. 
If `NO_CRYPT_BENCHMARK` is defined, the main function is `int main()`, but it
should be `int main(void)`.
 2022-05-17 14:28:43 -07:00
Jacob Barthelmeh
8b46c95f06 macro guard for build with disable ecc 2022-05-17 11:36:09 -06:00
David Garske
c9ae021427 Merge pull request #5143 from julek-wolfssl/x509-ret-empty-name 
Return subject and issuer X509_NAME obj even when not set
 2022-05-17 09:16:54 -07:00
David Garske
50cc6d0422 Merge pull request #5139 from cconlon/opensshfips 
Modify --enable-openssh to not enable non-FIPS algos for FIPS builds
 2022-05-17 09:16:21 -07:00
Marco Oliverio
6df65c0162 wolfio: dtls: fix incorrect peer matching check 
Ignore packet if coming from a peer of a different size *or* from a different
peer. Avoid whole memcmp of sockaddr_in[6] struct because is not portable (there
are optional fields in struct sockaddr_in).
 2022-05-17 11:01:55 +02:00
Sean Parkinson
fc12c68601 Merge pull request #5146 from dgarske/kcapi_keywrap 
Fix to allow enabling AES key wrap (direct) with KCAPI
 2022-05-17 08:16:00 +10:00
Jacob Barthelmeh
1dc5e4cee5 add padding for variable ecc signature size 2022-05-16 15:26:29 -06:00
David Garske
ec619e3f35 Merge pull request #5107 from julek-wolfssl/wpas-ex-data-leak 
Call ctx->rem_sess_cb when a session is about to be invalid
 2022-05-16 13:27:08 -07:00
David Garske
579a37bdf0 Merge pull request #5117 from cconlon/getrandom 
add support for Linux getrandom() with WOLFSSL_GETRANDOM
 2022-05-16 12:36:30 -07:00
Chris Conlon
0ef4707859 Merge pull request #5137 from JacobBarthelmeh/docs 2022-05-16 12:18:14 -06:00
Juliusz Sosinowicz
7f8f0dcffe Refactor cache ex_data update/retrieve into one function 
- Add explicit pointer cast
 2022-05-16 13:01:05 +02:00
Juliusz Sosinowicz
d996086a6d Return subject and issuer X509_NAME obj even when not set 
This allows the user to set the attributes of the subject and issuer name by calling X509_REQ_get_subject_name and adding attributes to it.
 2022-05-16 12:49:34 +02:00
David Garske
6b1e3003fb Merge pull request #5142 from SparkiDev/ssl_move_pk 
ssl.c rework
 2022-05-13 12:56:14 -07:00
David Garske
643cd78ea2 Fix to allow enabling AES key wrap (direct) with KCAPI. 2022-05-13 11:15:32 -07:00
David Garske
1a57e3065a Small cleanups. Missing (void), spelling and formatting. Also fixes for variations of 25519/448 build. 2022-05-13 09:24:59 -07:00
John Safranek
7305616452 Merge pull request #5080 from JacobBarthelmeh/DH 
with WOLFSSL_NO_DH186 restriction allow odd DH param size generations
 2022-05-13 08:57:33 -07:00
David Garske
50f53f9576 Merge pull request #5129 from LinuxJedi/remove-python-wrappers 
Remove the Python wrappers from wolfSSL source
 2022-05-13 08:36:33 -07:00
David Garske
630c5ef364 Merge pull request #5140 from SparkiDev/sp_fixes_7 
SP fixes
 2022-05-12 21:57:48 -07:00
Sean Parkinson
852d5169d4 ssl.c rework 
Move the public key APIs out of ssl.c and into pk.c.
(RSA, DSA, DH and EC)
 2022-05-13 11:12:44 +10:00
Sean Parkinson
eea537e5ea Merge pull request #5124 from kaleb-himes/WIN_MULTICONFIG 
Address issues ID'd by new windows multi-config test
 2022-05-13 09:39:15 +10:00
Sean Parkinson
e8160f049e SP fixes 
Fix div_word without using div.
Fix ARM32 and Cortex-M builds to work for 4096 again.
 2022-05-13 09:37:24 +10:00
Chris Conlon
c3a79f50d8 modify --enable-openssh to not enable non-FIPS algos for FIPS builds 2022-05-12 16:53:57 -06:00
Chris Conlon
e6ce735ed8 add support for Linux getrandom() with WOLFSSL_GETRANDOM 2022-05-12 16:51:38 -06:00
Sean Parkinson
6aaee73585 Merge pull request #5133 from rizlik/cookie_keyshare_fix 
tls13: fix cookie has keyShare information check
 2022-05-13 08:01:59 +10:00