wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:32:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,490 Commits 12 Branches 184 Tags
ded3f4e9b6508ea5116ca511cd85b1cc842a95ff
Commit Graph

17490 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Safranek
ded3f4e9b6 Merge pull request #5284 from julek-wolfssl/dtls-good-ch-cb 
DTLS 1.3: additions for event driven server in wolfssl-examples
 2022-07-05 10:14:59 -07:00
David Garske
1c009e8f91 Merge pull request #5311 from SparkiDev/ed_check_pubkey 
Ed25519/Ed448: assume public key is not trusted
 2022-07-05 09:25:50 -07:00
Juliusz Sosinowicz
4caffee590 ForceZero the private key on import error 2022-07-05 13:44:31 +02:00
Sean Parkinson
4a962b7fb2 Ed25519/448: improvements 
Check lengths of buffers in import functions.
priv/pub key set flag set on success only.
 2022-07-05 09:02:05 +10:00
David Garske
1b64b82a6f Merge pull request #5316 from LinuxJedi/fix-embos-mutex 
Use the correct mutex type for embOS
 2022-07-04 11:51:20 -07:00
David Garske
07b8f45d35 Merge pull request #5315 from rizlik/dtls_doDtls_fix 
fix: examples/server: dtls mode checking
 2022-07-04 10:20:20 -07:00
Andrew Hutchings
f8c67345d6 Use the correct mutex type for embOS 
OS_MUTEX_Lock() is acutally a non-blocking mutex lock, for
wc_LockMutex() we need a blocking mutex. Switch to this.
 2022-07-04 15:59:36 +01:00
Juliusz Sosinowicz
9dc2c27e3d Expand wolfDTLS_SetChGoodCb() docs 2022-07-04 14:31:24 +02:00
Juliusz Sosinowicz
10c8a1668e Reset cookie when resetting DTLS 1.3 state 2022-07-04 12:52:25 +02:00
Juliusz Sosinowicz
a8adde66c8 Use wc_HmacInit and wc_HmacFree in cookie logic 2022-07-04 12:51:50 +02:00
David Garske
00391a5ace Rename callback to wolfDTLS_SetChGoodCb and add doxygen for it. Clarify DTLS_CTX.connected. Fix build errors for ./configure --enable-dtls --enable-dtls13 --disable-examples CFLAGS="-DNO_WOLFSSL_SERVER". 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
7ea13bf5bf Apply connected to sendto and address code review 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
dd7073740b DTLS 1.3: tie cookie to peer address 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
e605cfeccb Add docs for new features 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
afdd5648aa Address code review 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
d72edd03b8 dtls: wolfSSL_set_dtls_fd_connected 
wolfSSL_set_dtls_fd_connected sets the connected socket file descriptor. This descriptor should be called without addr and addr_len.
 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
c6aa4fc526 DTLS 1.3: allow the server to operate without maintaining state 2022-07-04 11:08:39 +02:00
Juliusz Sosinowicz
8fb48464e3 Add callback when we parse a verified ClientHello 2022-07-04 11:08:39 +02:00
Marco Oliverio
80f3db6e1d fix: examples/server: dtls mode checking 
This fixes using ssl to check if we are using dtls or not, when ssl is not yet
valid.

Fix: 060dfe1a69
 2022-07-04 10:21:11 +02:00
Sean Parkinson
1077829f9d Merge pull request #5313 from douzzer/20220701-sp_div-deadstore 
fix clang-analyzer-deadcode.DeadStores in sp_div().
 2022-07-04 08:32:50 +10:00
Sean Parkinson
7b9c214b3c Merge pull request #4985 from kareem-wolfssl/iarWarningsFix 
Fix compilation warnings from IAR.
 2022-07-04 08:23:26 +10:00
Daniel Pouzzner
b16c2a2aef fix clang-analyzer-deadcode.DeadStores in sp_div(). 2022-07-01 23:49:58 -05:00
Daniel Pouzzner
5819332f89 Merge pull request #5312 from dgarske/fips_v5dev 
FIPS in core hash using SHA2-256 and SHA2-384
 2022-07-01 23:25:52 -05:00
David Garske
6c7db7318e Merge pull request #5309 from kareem-wolfssl/arrayBoundFix 
Pass in and check output length in SetCurve.
 2022-07-01 18:58:42 -07:00
David Garske
b9be5c2c24 Update to FIPS v5-ready will use latest master. Support for FIPS in core hash using SHA2-256 and SHA2-384 in fips_test.h. Fixes for MATH_INT_T. Fix error: ‘tls13_kdf_test’ declared ‘static’ but never defined. 2022-07-01 15:40:21 -07:00
David Garske
bb68766bda For ED255219 and ED448 if importing private only and public key is already set then check it. 2022-07-01 14:13:45 -07:00
Kareem
90749b7f88 Don't declare tls13_kdf_test if TLS 1.3 is not enabled, to avoid unused function warning. 2022-07-01 13:22:16 -07:00
Kareem
96aedc2f47 Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx. 2022-07-01 13:18:33 -07:00
Kareem
7a7d8d170d Pass in and check output length in SetCurve. 2022-07-01 13:18:33 -07:00
David Garske
bd75e1d6a4 Merge pull request #5307 from kareem-wolfssl/miscfixes2 
Fix a couple of STM32 bugs, and add some missing mutex frees.
 2022-07-01 09:46:22 -07:00
David Garske
0459e83a59 Merge pull request #5310 from SparkiDev/memusage_fix_1 
TLS memusage: reduce usage
 2022-07-01 09:13:05 -07:00
Sean Parkinson
2c943282f0 Ed25519/Ed448: assume public key is not trusted 
In defense against attack, assume the imported public key is not trusted
and check it matches the private key if set.
Added APIs that allow application to explicitly trust public key.
Original APIs default to not trusting public key.
 2022-07-01 09:05:43 -07:00
Sean Parkinson
b9a8f18a97 Merge pull request #5300 from douzzer/20220629-multi-test-fixes 
20220629-multi-test-fixes
 2022-07-01 16:22:05 +10:00
Sean Parkinson
7d58dc5678 TLS memusage: reduce usage 
Reduce the amount allocated to reduce maximum overall dynamic memory
usage.
Rework ServerKeyExchange by extracting the handling of the signed data.
 2022-07-01 14:24:59 +10:00
Kareem
b2e7f4a8eb Fix cast spacing. Don't cast in wolfSSL_X509_set_version, check is valid as is. 2022-06-30 16:26:43 -07:00
Kareem
7555cd0685 Fix a couple of STM32 bugs, and add some missing mutex frees. 2022-06-30 16:11:16 -07:00
David Garske
402a4dafd4 Merge pull request #5306 from kareem-wolfssl/ltc_ed235519 
Fix missing return checks in KSDK ED25519 code.
 2022-06-30 16:06:45 -07:00
Daniel Pouzzner
fc5f1f5eca Merge pull request #5305 from dgarske/cryptonly 
Improvements to configure.ac cryptonly and math selection
 2022-06-30 17:55:27 -05:00
Daniel Pouzzner
2bdcbcc8be src/tls13.c: fix whitespace. 2022-06-30 17:17:50 -05:00
Daniel Pouzzner
4f6527353b src/{pk.c,x509.c}: style/clarity cleanups from dgarske. 2022-06-30 17:07:35 -05:00
Daniel Pouzzner
1a9388b935 src/pk.c: fix misuses around snprintf(). 2022-06-30 17:07:35 -05:00
Daniel Pouzzner
28213ad198 src/x509.c: fix wolfSSL_X509_signature_print() to print raw signature algorithm as hex digits, not as an (unprintable) string; fix printed-null bug in wolfSSL_X509_NAME_print_ex() (relates particularly to calls from wolfSSL_X509_NAME_print_ex_fp()). 2022-06-30 17:07:35 -05:00
Daniel Pouzzner
5bd8288b37 fix printed-null bug in wolfssl_print_number(). 2022-06-30 17:07:35 -05:00
Daniel Pouzzner
b7ec529f61 wolfcrypt/src/siphash.c: in wc_SipHash(), use FALL_THROUGH macro, not /* fall-through */. 2022-06-30 17:07:35 -05:00
Chris Conlon
867a1f7afa Merge pull request #5289 from TakayukiMatsuo/tls13 2022-06-30 15:49:53 -06:00
Kareem
e09bbb1989 Fix compilation warnings from IAR. 2022-06-30 14:30:06 -07:00
Kareem
13beadbfc3 Fix missing return checks in KSDK ED25519 code. 2022-06-30 13:35:00 -07:00
David Garske
2f1e236305 Improvements to --enable-cryptonly in configure.ac output. Improvement to math select order in configure.ac and stray heap math=yes. 2022-06-30 12:42:55 -07:00
David Garske
ed1fdc410e Merge pull request #5303 from SparkiDev/match_dyn_type_fix_1 
Fix mismatched dynamic types
 2022-06-30 08:56:43 -07:00
TakayukiMatsuo
ba19737627 Add support for TLS1.3 2022-06-30 23:00:05 +09:00