Commit Graph

18001 Commits

Author SHA1 Message Date
Sean Parkinson e7dbb5b375 Merge pull request #5548 from dgarske/whitespace
Whitespace cleanup
2022-09-06 07:54:29 +10:00
Kaleb Himes e76361d544 Merge pull request #5551 from SparkiDev/sha3_asm_fix
SHA-3: check BMI1 availablity for ASM
2022-09-05 05:03:52 -06:00
Sean Parkinson f153e65102 SHA-3: check BMI1 availablity for ASM
Added benchmarking of SHAKE128 and SHAK256.
2022-09-05 14:11:02 +10:00
kaleb-himes 49065373aa Merge branch 'fix_sha256_debug' of github.com:gojimmypi/wolfssl 2022-09-04 19:26:38 -06:00
David Garske aa036b6ea4 Merge pull request #5532 from anhu/sphincs
Add sphincs to wolfCrypt.
2022-09-02 11:56:11 -07:00
David Garske 232a750cc2 Whitespace cleanup. 2022-09-02 09:54:17 -07:00
David Garske 4a8a11315b Merge pull request #5536 from SparkiDev/sha3_x64
SHA-3 improvements
2022-09-02 09:46:14 -07:00
JacobBarthelmeh 8ca63b93a4 Merge pull request #5539 from dgarske/ocsp_async
Fix for async with OCSP non-blocking in `ProcessPeerCerts`
2022-09-02 10:42:09 -06:00
David Garske 11bb8b3dc4 Merge pull request #5543 from SparkiDev/rsa_max_size_fix
RSA max key size checks
2022-09-02 09:26:19 -07:00
Anthony Hu 10ce703d71 Add sphincs to wolfCrypt.
Note that we will not support sphincs in TLS so nothing above wolfcrypt changes.
2022-09-02 11:53:55 -04:00
Sean Parkinson daadd4a1b7 Merge pull request #5540 from dgarske/socksz
Fixes for building with 32-bit and socket size sign/unsigned mismatch
2022-09-02 16:33:41 +10:00
Sean Parkinson 3bf6baf596 RSA max key size checks
Detect when certificate's RSA public key size is too big and fail on
loading of certificate.
Fix unit test to only attempt to use 3072 bit RSA-PSS keys when
RSA_MAX_SIZE supports it.
2022-09-02 10:37:12 +10:00
Sean Parkinson 23fd6456c2 Merge pull request #5534 from dgarske/zd14420
Fix for async session tickets
2022-09-02 08:50:35 +10:00
David Garske f530101ef1 Fix for async with OCSP non-blocking in ProcessPeerCerts. ZD 14754. 2022-09-01 14:39:52 -07:00
Stefan Eissing 65ca72c5a2 Improve EVP support for CHACHA20_POLY1305 (#5527)
* Add test case for OpenSSLs capability to init a evp context partially in several calls.
* EVP handling of CHACHA20_POLY1305 improvment
- save key at ctx for Init()s without IV
- reuse stored key for Init()s with new IV, reusing ctx
- free and zero key on ctx clenaup
* Adding type cast to XMALLOC to force compiler compatibility.
* EVP: using same DYNAMIC_TYPE in alloc and free of chacha20_poly1305 key.
Co-authored-by: Stefan Eissing <stefan.eissing@greenbytes.de>
2022-09-01 13:23:42 -07:00
David Garske 2695f36642 Fixes for building with 32-bit and socket size sign/unsigned mismatch.
Tested with: `./configure --enable-all CFLAGS="-m32 -DXSOCKLENT=int" LDFLAGS="-m32" && make`
2022-09-01 11:39:34 -07:00
David Garske ba8ffc765d Merge pull request #5513 from rizlik/hrr_default
DTLSv1.3: Do HRR Cookie exchange by default
2022-09-01 07:45:18 -07:00
David Garske 0222833f7e Merge pull request #5535 from douzzer/20220831-analyzer-coddling
20220831-analyzer-coddling
2022-09-01 07:40:11 -07:00
Daniel Pouzzner 8ccef9f0d3 Merge pull request #5531 from embhorn/zd14665
Check return from call to wc_Time
2022-09-01 09:35:49 -05:00
Marco Oliverio 08b89fbef9 server: add optional argument to -J disable hrr cookie 2022-09-01 09:37:35 +02:00
Marco Oliverio 401cfbd8e4 dtls13: enable hrr cookie by default 2022-09-01 09:37:35 +02:00
Marco Oliverio edd723cc84 ssl: add new wolfSSL_disable_hrr_cookie() API to disable hrr cookie
Add a way to disable hrr cookie so it can be enabled by default for DTLS
connections.
2022-09-01 09:37:34 +02:00
Sean Parkinson ce8959ea77 SHA-3 improvements
Add x86_64 assembly code:
  - BMI2
  - AVX2 (using ymm, slower than BMI2)
  - AVX2 of 4 similtaneous hashes
Add SHAKE128 functions and tests.
Add Absorb and Squeeze functions for SHAKE128 and SHAK256 and tests.
Add doxygen for SHA-3 and SHAKE functions.
Update other generated x86_64 assembly files to include settings.h.
2022-09-01 17:11:58 +10:00
Daniel Pouzzner ea3959f2f6 analyzer coddling:
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;

in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;

in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
2022-08-31 22:56:08 -05:00
David Garske db6d69143e Merge pull request #5533 from lealem47/crlPrintFix
Add missing DN nid to work with PrintName()
2022-08-31 18:32:55 -07:00
David Garske fe583faf32 Merge pull request #5501 from haydenroche5/ecc_non_block
Add support for non-blocking ECC key gen and shared secret gen for P-256/384/521.
2022-08-31 18:31:28 -07:00
David Garske 96ab26e6e9 Fix for async session tickets. ZD14420
```
./configure --enable-all --enable-asynccrypt CFLAGS="-DWOLFSSL_NO_DEF_TICKET_ENC_CB" && make
./examples/server/server -v 4 -r &
./examples/client/client -v 4 -r
```
2022-08-31 15:28:49 -07:00
Lealem Amedie 2df1c25263 Add missing DN nid to work with PrintName() 2022-08-31 15:18:12 -07:00
Hayden Roche 41207f5d9b Add support for non-blocking ECC key gen and shared secret gen for
P-256/384/521.

New functions:

- sp_ecc_make_key_256_nb
- sp_ecc_make_key_384_nb
- sp_ecc_make_key_521_nb
- sp_ecc_secret_gen_256_nb
- sp_ecc_secret_gen_384_nb
- sp_ecc_secret_gen_521_nb

This commit also tweaks the testing for ECDSA testing in test.c. Instead of
testing with one of P-256/384/521, we test with all that are available.
2022-08-31 14:34:26 -07:00
David Garske 38e4ecc27c Merge pull request #5529 from anhu/wextra
Fix Windows CMakeList compiler options
2022-08-31 14:04:24 -07:00
Eric Blankenhorn 5a25525b2e Check return from call to wc_Time 2022-08-31 15:20:07 -05:00
David Garske 9531552795 Merge pull request #5522 from tim-weller-wolfssl/update-ide-win10-build
Update ide win10 build files to add missing sp source files
2022-08-31 12:45:17 -07:00
David Garske b1301d9dc4 Merge pull request #5518 from CallumMcLoughlin/master
Allow Post Quantum Keyshare for DTLS 1.3
2022-08-31 12:29:08 -07:00
David Garske f0812fa21f Added vcpkg instructions to the INSTALL file. 2022-08-31 11:41:43 -07:00
David Garske 8722a46d52 Merge pull request #5503 from julek-wolfssl/dtls-fragments
DTLS limit fragments
2022-08-31 09:53:09 -07:00
David Garske 3b8d230223 Merge pull request #5515 from anhu/custExtDoc
Improve `wc_SetCustomExtension` documentation
2022-08-31 08:35:04 -07:00
Anthony Hu f7482d96e6 Windows cl.exe does not support -Wextra other flags 2022-08-31 10:32:55 -04:00
Tim Weller 1d9d8bdefb Removed sp_c64.c due to reliance on 128-bit type, replaced with sp_x86_64.c and _asm.asm. 2022-08-31 07:15:05 -07:00
Tim Weller 71b1aca373 Merge branch 'master' into update-ide-win10-build 2022-08-31 06:32:20 -07:00
Juliusz Sosinowicz 54bd786707 DTLS limit fragments
- Limit the amount of fragments we store per a DTLS connection
- Error out when we reach the DTLS fragment connection limit
2022-08-31 14:24:20 +02:00
David Garske 44f81f8bc0 Merge pull request #5525 from JacobBarthelmeh/release
Release version 5.5.0
v5.5.0-stable
2022-08-30 10:35:13 -07:00
JacobBarthelmeh 4ce1cf1d7c update RPM build 2022-08-30 08:50:41 -07:00
Jacob Barthelmeh d75ce08d75 update readme for release 5.5.0 2022-08-30 09:31:28 -06:00
CallumMcLoughlin 43388186bb Tidy up TLS 1.3 and DTLS 1.3 check 2022-08-30 19:59:36 +12:00
CallumMcLoughlin 565d1b33e5 Update examples to allow post quantum KEM within DTLS 1.3 2022-08-30 18:39:57 +12:00
gojimmypi 1afc92dd7b internal.c: WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash when WOLFSSL_DEBUG_TLS 2022-08-29 17:06:52 -07:00
Tim Weller 69d60f5099 Merge branch 'master' into update-ide-win10-build 2022-08-29 09:13:51 -07:00
David Garske a7f86f9473 Merge pull request #5517 from JacobBarthelmeh/Testing
misc. testing items from static analysis tools
2022-08-29 08:48:51 -07:00
JacobBarthelmeh 11c553ea1d Merge pull request #5520 from julek-wolfssl/sni-tls-1.2
SNI can appear in ServerHello for TLS 1.2
2022-08-29 09:36:53 -06:00
Juliusz Sosinowicz 88deaf9b5c SNI can appear in ServerHello for TLS 1.2
Co-authored-by: Eric Blankenhorn <eric@wolfssl.com>
2022-08-29 14:22:10 +02:00