wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:19:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,739 Commits 12 Branches 184 Tags
e32cfb79e513aa04a919ea256af9133f4126aecd
Commit Graph

6402 Commits

Author SHA1 Message Date
Sean Parkinson
e32cfb79e5 Merge pull request #5419 from dgarske/aurix 
Support for Infineon AURIX IDE and minor compiler warnings.
 2022-08-04 08:01:57 +10:00
David Garske
664fe390d6 Merge pull request #5382 from icing/announce-pskkem-plain 
Announce TLSX_PSK_KEY_EXCHANGE_MODES in non-resuming ClientHello
 2022-08-03 07:40:24 -07:00
David Garske
4937557ddc Merge pull request #5422 from julek-wolfssl/dtls-async-fix 
Fix dtls + async multi-test misc errors
 2022-08-03 07:24:58 -07:00
David Garske
53e0483e47 Support for Infineon AURIX IDE. Fixes for Aurix compiler warnings. 2022-08-02 16:53:47 -07:00
Anthony Hu
fd412ed298 Fix so curl can do FTPS on TLS 1.3 with session resumption. 2022-08-02 10:51:14 -04:00
Marco Oliverio
8878922f95 fix: dtls13: use correct buffer index to get epoch bits 
Fixes: d079662765
 2022-08-01 14:24:20 +02:00
Juliusz Sosinowicz
fb2feee9b6 Fix dtls + async multi-test misc errors 
DTLS uses DtlsMsgStore() to process messages when using async crypto. A check was skipping the storing straight to DtlsMsgDrain().
 2022-07-29 15:49:49 +02:00
Stefan Eissing
a943de7969 Changes after PR review. 
- removed additions to REAME.md
- changed coding style of conditional PSKKEM announce
  as requested.
 2022-07-29 11:26:08 +02:00
Stefan Eissing
c8008e29b9 Announce TLSX_PSK_KEY_EXCHANGE_MODES in non-resuming ClientHello. 
- can be reverted to previous style by defining NO_TLSX_PSKKEM_PLAIN_ANNOUNCE
- QUIC interop testing reveals that at least QUIC stacks refrain from
  issuing session tickets unless the ClientHello shows this extension.
 2022-07-29 11:18:56 +02:00
David Garske
da422eb422 Merge pull request #5406 from SparkiDev/mp_int_size 
Maths bit size: ensure size is right
 2022-07-28 15:36:58 -07:00
Daniel Pouzzner
9256d6aa7c src/internal.c: fixes for redundant assignments and preprocessor typo. 2022-07-27 14:42:00 -05:00
Daniel Pouzzner
c63e22701f src/pk.c: fix type mismatch in return value. 2022-07-27 14:42:00 -05:00
Daniel Pouzzner
ed449d5b20 wolfsentry integration: avoid redundant and frivolous dispatches (ssl.c wolfSSL_connect(), wolfSSL_negotiate(), wolfSSL_accept(); tls13.c wolfSSL_connect_TLSv13(), wolfSSL_accept_TLSv13()). 2022-07-27 14:42:00 -05:00
David Garske
a56d25d58e Merge pull request #5408 from julek-wolfssl/FreeAsyncCtx-location 
FreeAsyncCtx should only be called when advancing state
 2022-07-27 09:59:28 -07:00
Juliusz Sosinowicz
e9b3b5936f FreeAsyncCtx should only be called when advancing state 
The call to FreeAsyncCtx after SendBuffered was added to clean up state when we are ready to advance state. If we do not advance state, then clean up should be handled in the relevant state.
 2022-07-27 14:14:22 +02:00
Sean Parkinson
460845ba49 Maths bit size: ensure size is right 
Ensure WOLFSSL_MAX_RSA_BITS works.
Fix SP math size defines.
Regression testing maths implementations.
 2022-07-27 18:58:30 +10:00
Sean Parkinson
01aad13c38 Rework 2022-07-27 12:02:15 +10:00
David Garske
9c480ece66 Fix to use the new outTmp. 2022-07-26 15:48:58 -07:00
Marco Oliverio
856ea2ffc8 internal.c: RsaDec improvements 2022-07-26 20:59:01 +02:00
Marco Oliverio
1727efbc2c internal.c: rsa decription buffer handling 2022-07-26 20:59:01 +02:00
David Garske
a98642ba61 Merge pull request #5383 from julek-wolfssl/negating-ciphersuites 
Expand SetCipherList()
 2022-07-25 08:26:47 -07:00
Juliusz Sosinowicz
e7cd1562b4 Expand SetCipherList() 
- support disabling ciphersuites starting from the default list
 2022-07-25 11:14:16 +02:00
Eric Blankenhorn
4369873540 Fix to copy TLS version with wolfSSL_write_dup 2022-07-22 15:09:35 -05:00
Juliusz Sosinowicz
6f2889c07d BIO_eof returns 1 when no more data remains in the BIO 2022-07-22 13:24:32 +02:00
Sean Parkinson
dc8b796d1d Merge pull request #5347 from dgarske/async_sess_tick 
Support for asynchronous session ticket callback
 2022-07-22 08:04:48 +10:00
Marco Oliverio
163acb89af dtls13: consider certificate_request processed on WC_PENDING_E 
The error is due to the message triggered by the processing of the
message (Connect()->SendTls13Certificate/SendTls13CertificateVerify/SendTls13Verify). Consider
the message processed to avoid double processing.
 2022-07-21 12:00:18 -07:00
Marco Oliverio
aca83b42d7 fix: dtls13: send immediately post-handshake certificate request 2022-07-21 12:00:18 -07:00
Marco Oliverio
53dde1dafe dtls12: async: store the message only if async is really used 2022-07-21 12:00:18 -07:00
David Garske
964ea85d3d Fix typos for dynamic types in dtls13.c. 2022-07-21 12:00:18 -07:00
Marco Oliverio
dce63fdfb3 async: fix issue with DTLSv1.3 2022-07-21 12:00:16 -07:00
Marco Oliverio
07afc594a8 dtls13: aesthetic only changes 2022-07-21 11:55:50 -07:00
David Garske
b5ce0b021e Merge pull request #5381 from rizlik/async_fix 
fix: async: don't rewind index if post-handshake connect() fails
 2022-07-21 11:53:15 -07:00
JacobBarthelmeh
1281d97b1e Merge pull request #5373 from haydenroche5/error_queue_fix 
Fix backwards behavior for various wolfSSL_ERR* functions.
 2022-07-21 09:35:21 -06:00
Marco Oliverio
a235de25fe fix: async: don't rewind index if post-handshake connect() fails 
During post-handshake authentication async code mistakes connect() error code
with the error code of DoTls13CertificateRequest and wrongly rewinds the buffer.

The bug was never triggered because of side effects of ShrinkBuffer (removed in
40cb6e0853)
 2022-07-21 16:35:43 +02:00
David Garske
8605195709 Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420. 2022-07-20 16:43:17 -07:00
Daniel Pouzzner
3842889649 src/tls13.c: in SendTls13ClientHello(), move nullness check on WOLFSSL* ssl back to the start of the function. 2022-07-20 18:19:58 -05:00
David Garske
706ab6aac0 Merge pull request #5377 from kareem-wolfssl/rsaKeyEncipher 
Don't require digital signature bit for static RSA cipher suites.  Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA.
 2022-07-20 15:28:55 -07:00
Kareem
741d61574b Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA. 2022-07-20 12:24:47 -07:00
Kareem
873890316c Don't require digital signature bit for static RSA cipher suites. 2022-07-20 12:08:20 -07:00
David Garske
1c7f64cce9 Fixes for sniffer session ticket resumption with TLS v1.2. ZD14531. 2022-07-20 11:18:19 -07:00
David Garske
b46a308544 Merge pull request #5361 from embhorn/zd14491 
Fix for build with NO_TLS
 2022-07-20 09:28:23 -07:00
Hayden Roche
e6da540fb3 Fix backwards behavior for various wolfSSL_ERR* functions. 
wolfSSL_ERR_get_error and wolfSSL_ERR_peek_error_line_data should return the
earliest error in the queue (i.e. the error at the front), but prior to this
commit, they returned the latest/most recent one instead.

In DoAlert, we were adding an error to the queue for all alerts. However, a
close_notify isn't really an error. This commit makes it so DoAlert only adds
errors to the queue for non-close_notify alerts. In ReceiveData, similarly, we
were adding an error to the queue when the peer sent a close_notify, as
determined by ssl->error == ZERO_RETURN. Now, we don't add an error in this
case.
 2022-07-20 08:56:48 -07:00
David Garske
ab60865178 Merge pull request #5374 from julek-wolfssl/dtls-multiple-msgs 
ShrinkInputBuffer should not be called in the middle of ProcessReply
 2022-07-20 08:27:56 -07:00
David Garske
719e814841 Merge pull request #5370 from rizlik/dtls13_partial_read_fixes 
dtlsv1.3 fixes
 2022-07-20 08:03:29 -07:00
David Garske
e4c1e71b38 Merge pull request #5364 from embhorn/zd14519 
Fix wolfSSL_Init error handling
 2022-07-20 08:03:08 -07:00
Marco Oliverio
2e0d53a07d fix: dtls13: use correct handshaketype on hello retry request 2022-07-20 15:25:50 +02:00
Marco Oliverio
3850e6b554 fix: dtls13: use aes for record numbers encryption if using aes-ccm 2022-07-20 15:25:50 +02:00
Marco Oliverio
066f17faad fix: dtls13: hello_retry_request type isn't an encrypted message 2022-07-20 15:25:50 +02:00
Marco Oliverio
c0fc87342c tls13: avoid spurious state advances in connect/accept state machine 2022-07-20 15:25:50 +02:00
Marco Oliverio
11dfb713e9 openssl_compatible_default: use DTLSv1.0 as minDowngrade in DTLS 2022-07-20 15:25:46 +02:00