Sean Parkinson
e7dbb5b375
Merge pull request #5548 from dgarske/whitespace
...
Whitespace cleanup
2022-09-06 07:54:29 +10:00
Kaleb Himes
e76361d544
Merge pull request #5551 from SparkiDev/sha3_asm_fix
...
SHA-3: check BMI1 availablity for ASM
2022-09-05 05:03:52 -06:00
Sean Parkinson
f153e65102
SHA-3: check BMI1 availablity for ASM
...
Added benchmarking of SHAKE128 and SHAK256.
2022-09-05 14:11:02 +10:00
kaleb-himes
49065373aa
Merge branch 'fix_sha256_debug' of github.com:gojimmypi/wolfssl
2022-09-04 19:26:38 -06:00
David Garske
aa036b6ea4
Merge pull request #5532 from anhu/sphincs
...
Add sphincs to wolfCrypt.
2022-09-02 11:56:11 -07:00
David Garske
232a750cc2
Whitespace cleanup.
2022-09-02 09:54:17 -07:00
David Garske
4a8a11315b
Merge pull request #5536 from SparkiDev/sha3_x64
...
SHA-3 improvements
2022-09-02 09:46:14 -07:00
JacobBarthelmeh
8ca63b93a4
Merge pull request #5539 from dgarske/ocsp_async
...
Fix for async with OCSP non-blocking in `ProcessPeerCerts`
2022-09-02 10:42:09 -06:00
David Garske
11bb8b3dc4
Merge pull request #5543 from SparkiDev/rsa_max_size_fix
...
RSA max key size checks
2022-09-02 09:26:19 -07:00
Anthony Hu
10ce703d71
Add sphincs to wolfCrypt.
...
Note that we will not support sphincs in TLS so nothing above wolfcrypt changes.
2022-09-02 11:53:55 -04:00
Sean Parkinson
daadd4a1b7
Merge pull request #5540 from dgarske/socksz
...
Fixes for building with 32-bit and socket size sign/unsigned mismatch
2022-09-02 16:33:41 +10:00
Sean Parkinson
3bf6baf596
RSA max key size checks
...
Detect when certificate's RSA public key size is too big and fail on
loading of certificate.
Fix unit test to only attempt to use 3072 bit RSA-PSS keys when
RSA_MAX_SIZE supports it.
2022-09-02 10:37:12 +10:00
Sean Parkinson
23fd6456c2
Merge pull request #5534 from dgarske/zd14420
...
Fix for async session tickets
2022-09-02 08:50:35 +10:00
David Garske
f530101ef1
Fix for async with OCSP non-blocking in ProcessPeerCerts. ZD 14754.
2022-09-01 14:39:52 -07:00
Stefan Eissing
65ca72c5a2
Improve EVP support for CHACHA20_POLY1305 ( #5527 )
...
* Add test case for OpenSSLs capability to init a evp context partially in several calls.
* EVP handling of CHACHA20_POLY1305 improvment
- save key at ctx for Init()s without IV
- reuse stored key for Init()s with new IV, reusing ctx
- free and zero key on ctx clenaup
* Adding type cast to XMALLOC to force compiler compatibility.
* EVP: using same DYNAMIC_TYPE in alloc and free of chacha20_poly1305 key.
Co-authored-by: Stefan Eissing <stefan.eissing@greenbytes.de >
2022-09-01 13:23:42 -07:00
David Garske
2695f36642
Fixes for building with 32-bit and socket size sign/unsigned mismatch.
...
Tested with: `./configure --enable-all CFLAGS="-m32 -DXSOCKLENT=int" LDFLAGS="-m32" && make`
2022-09-01 11:39:34 -07:00
David Garske
ba8ffc765d
Merge pull request #5513 from rizlik/hrr_default
...
DTLSv1.3: Do HRR Cookie exchange by default
2022-09-01 07:45:18 -07:00
David Garske
0222833f7e
Merge pull request #5535 from douzzer/20220831-analyzer-coddling
...
20220831-analyzer-coddling
2022-09-01 07:40:11 -07:00
Daniel Pouzzner
8ccef9f0d3
Merge pull request #5531 from embhorn/zd14665
...
Check return from call to wc_Time
2022-09-01 09:35:49 -05:00
Marco Oliverio
08b89fbef9
server: add optional argument to -J disable hrr cookie
2022-09-01 09:37:35 +02:00
Marco Oliverio
401cfbd8e4
dtls13: enable hrr cookie by default
2022-09-01 09:37:35 +02:00
Marco Oliverio
edd723cc84
ssl: add new wolfSSL_disable_hrr_cookie() API to disable hrr cookie
...
Add a way to disable hrr cookie so it can be enabled by default for DTLS
connections.
2022-09-01 09:37:34 +02:00
Sean Parkinson
ce8959ea77
SHA-3 improvements
...
Add x86_64 assembly code:
- BMI2
- AVX2 (using ymm, slower than BMI2)
- AVX2 of 4 similtaneous hashes
Add SHAKE128 functions and tests.
Add Absorb and Squeeze functions for SHAKE128 and SHAK256 and tests.
Add doxygen for SHA-3 and SHAKE functions.
Update other generated x86_64 assembly files to include settings.h.
2022-09-01 17:11:58 +10:00
Daniel Pouzzner
ea3959f2f6
analyzer coddling:
...
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;
in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;
in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
2022-08-31 22:56:08 -05:00
David Garske
db6d69143e
Merge pull request #5533 from lealem47/crlPrintFix
...
Add missing DN nid to work with PrintName()
2022-08-31 18:32:55 -07:00
David Garske
fe583faf32
Merge pull request #5501 from haydenroche5/ecc_non_block
...
Add support for non-blocking ECC key gen and shared secret gen for P-256/384/521.
2022-08-31 18:31:28 -07:00
David Garske
96ab26e6e9
Fix for async session tickets. ZD14420
...
```
./configure --enable-all --enable-asynccrypt CFLAGS="-DWOLFSSL_NO_DEF_TICKET_ENC_CB" && make
./examples/server/server -v 4 -r &
./examples/client/client -v 4 -r
```
2022-08-31 15:28:49 -07:00
Lealem Amedie
2df1c25263
Add missing DN nid to work with PrintName()
2022-08-31 15:18:12 -07:00
Hayden Roche
41207f5d9b
Add support for non-blocking ECC key gen and shared secret gen for
...
P-256/384/521.
New functions:
- sp_ecc_make_key_256_nb
- sp_ecc_make_key_384_nb
- sp_ecc_make_key_521_nb
- sp_ecc_secret_gen_256_nb
- sp_ecc_secret_gen_384_nb
- sp_ecc_secret_gen_521_nb
This commit also tweaks the testing for ECDSA testing in test.c. Instead of
testing with one of P-256/384/521, we test with all that are available.
2022-08-31 14:34:26 -07:00
David Garske
38e4ecc27c
Merge pull request #5529 from anhu/wextra
...
Fix Windows CMakeList compiler options
2022-08-31 14:04:24 -07:00
Eric Blankenhorn
5a25525b2e
Check return from call to wc_Time
2022-08-31 15:20:07 -05:00
David Garske
9531552795
Merge pull request #5522 from tim-weller-wolfssl/update-ide-win10-build
...
Update ide win10 build files to add missing sp source files
2022-08-31 12:45:17 -07:00
David Garske
b1301d9dc4
Merge pull request #5518 from CallumMcLoughlin/master
...
Allow Post Quantum Keyshare for DTLS 1.3
2022-08-31 12:29:08 -07:00
David Garske
f0812fa21f
Added vcpkg instructions to the INSTALL file.
2022-08-31 11:41:43 -07:00
David Garske
8722a46d52
Merge pull request #5503 from julek-wolfssl/dtls-fragments
...
DTLS limit fragments
2022-08-31 09:53:09 -07:00
David Garske
3b8d230223
Merge pull request #5515 from anhu/custExtDoc
...
Improve `wc_SetCustomExtension` documentation
2022-08-31 08:35:04 -07:00
Anthony Hu
f7482d96e6
Windows cl.exe does not support -Wextra other flags
2022-08-31 10:32:55 -04:00
Tim Weller
1d9d8bdefb
Removed sp_c64.c due to reliance on 128-bit type, replaced with sp_x86_64.c and _asm.asm.
2022-08-31 07:15:05 -07:00
Tim Weller
71b1aca373
Merge branch 'master' into update-ide-win10-build
2022-08-31 06:32:20 -07:00
Juliusz Sosinowicz
54bd786707
DTLS limit fragments
...
- Limit the amount of fragments we store per a DTLS connection
- Error out when we reach the DTLS fragment connection limit
2022-08-31 14:24:20 +02:00
David Garske
44f81f8bc0
Merge pull request #5525 from JacobBarthelmeh/release
...
Release version 5.5.0
v5.5.0-stable
2022-08-30 10:35:13 -07:00
JacobBarthelmeh
4ce1cf1d7c
update RPM build
2022-08-30 08:50:41 -07:00
Jacob Barthelmeh
d75ce08d75
update readme for release 5.5.0
2022-08-30 09:31:28 -06:00
CallumMcLoughlin
43388186bb
Tidy up TLS 1.3 and DTLS 1.3 check
2022-08-30 19:59:36 +12:00
CallumMcLoughlin
565d1b33e5
Update examples to allow post quantum KEM within DTLS 1.3
2022-08-30 18:39:57 +12:00
gojimmypi
1afc92dd7b
internal.c: WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash when WOLFSSL_DEBUG_TLS
2022-08-29 17:06:52 -07:00
Tim Weller
69d60f5099
Merge branch 'master' into update-ide-win10-build
2022-08-29 09:13:51 -07:00
David Garske
a7f86f9473
Merge pull request #5517 from JacobBarthelmeh/Testing
...
misc. testing items from static analysis tools
2022-08-29 08:48:51 -07:00
JacobBarthelmeh
11c553ea1d
Merge pull request #5520 from julek-wolfssl/sni-tls-1.2
...
SNI can appear in ServerHello for TLS 1.2
2022-08-29 09:36:53 -06:00
Juliusz Sosinowicz
88deaf9b5c
SNI can appear in ServerHello for TLS 1.2
...
Co-authored-by: Eric Blankenhorn <eric@wolfssl.com >
2022-08-29 14:22:10 +02:00