Juliusz Sosinowicz
a6a40de249
init sssd support
...
- Refactor OCSP to separate IO callback
- wolfSSL_BIO_reset: fix return
- CheckCertCRL_ex: return CRL_CERT_DATE_ERR instead of ASN_AFTER_DATE_E
- CheckCertCRL_ex: return most relevant error code
- i2d/d2i APIs: correct parameters handling and return codes
- Custom ASN1 structures: major refactor to make it much more versatile
- Use WOLFSSL_ASSERT_SIZEOF_GE where applicable
- wolfSSL_EVP_SignFinal: implement ecc
- wolfSSL_EVP_VerifyFinal: implement ecc
- OBJ_NAME_do_all: bring closer to OpenSSL functionality
- Correct return of *_push api
- Implement:
- OCSP_REQ_CTX API
- d2i_ECPKParameters
- wolfSSL_sk_insert
- OCSP_parse_url
- X509_STORE_set1_param
- X509_get0_subject_key_id
- X509_OBJECT_retrieve_by_subject
- OCSP_sendreq_nbio
2024-08-16 17:22:41 +02:00
Andras Fekete
d350ba6c41
remove NULL test with XFREE arguments with dereference
2024-08-06 10:44:59 -04:00
David Garske
548a2c6d8e
Fixed issues building with nocrypt. Improved logic on ASN_BER_TO_DER. Improved logic on unknown extension callback (new WC_ASN_UNKNOWN_EXT_CB gate).
2024-07-31 09:42:46 -07:00
JacobBarthelmeh
31a6a2bf59
update copyright to 2024
2024-07-19 13:15:05 -06:00
Marco Oliverio
fe932b893c
fixup! csrv2multi: pending ca list
2024-07-04 10:21:20 +02:00
Sean Parkinson
3e3a00dafd
Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87
...
Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
2024-06-19 21:27:01 +10:00
Juliusz Sosinowicz
4caef93346
Implement transient certs
...
Add wolfSSL_CertManagerUnloadIntermediateCerts API to clear intermediate certs added to store.
2024-02-20 14:33:36 +01:00
gojimmypi
bf29066d70
Add wolfSSL debug messages
2024-02-08 17:22:36 -08:00
Anthony Hu
dfc10741a5
Adding unknown extension callback to CertManager
2024-01-31 16:27:07 -05:00
John Bland
66f04958e3
use wolfSSL_CTX_new_ex for heap hint support
2024-01-19 11:20:50 -05:00
John Bland
d1a3646d5c
add heap hint support for a few of the x509 functions
2024-01-17 11:26:52 -05:00
Sean Parkinson
54f2d56300
ssl.c: Move out crypto compat APIs
...
ssl_crypto.c contains OpenSSL compatibility APIS for:
- MD4, MD5, SHA/SHA-1, SHA2, SHA3
- HMAC, CMAC
- DES, DES3, AES, RC4
API implementations reworked.
Tests added for coverage.
TODOs for future enhancements.
2023-11-08 19:43:18 +10:00
Juliusz Sosinowicz
1ae248018f
Implement untrusted certs in wolfSSL_X509_STORE_CTX_init
2023-10-18 22:24:19 +02:00
JacobBarthelmeh
ae3fdbec47
add free in error case CID 327286
2023-10-16 13:59:05 -06:00
kaleb-himes
e51399ca0f
Do the success checkout out front
2023-10-05 17:05:36 -06:00
kaleb-himes
4bb6c51d2d
Fix -4 return code when expected BAD_FUNC_ARG(-173)
2023-10-05 14:20:37 -06:00
jordan
d4ba2e50d4
Used codespell and fixed obvious typos.
2023-08-17 15:20:10 -05:00
Dimitri Papadopoulos
6d9c85a762
Fix typos found by codespell
2023-07-27 23:38:44 +02:00
John Bland
a9c9662124
fix bad & statement that was setting ocspSendNonce
...
to 1 when WOLFSSL_OCSP_NO_NONCE was selected
related to but doesn't solve zd 16377
2023-07-24 16:51:10 -04:00
Sean Parkinson
2c9609039d
Type conversion fixes: make explicit
...
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
David Garske
770590a3be
Rebase fix to add back set_verify call in CertManagerLoadCA. Fix API tests for bad date check. Various spelling fixes.
2023-07-07 15:08:08 -07:00
Sean Parkinson
3af87f6f93
Moved CertManager APIs into own file
...
Split out certificate manager APIs into ssl_certman.c.
ssl.c includes ssl_certman.c
Better test coverage.
Minor fixes.
wolfSSL_X509_chain_up_ref calls XFREE with name->heap but name may be
NULL. Check for NULL first.
2023-07-07 15:08:08 -07:00