wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 06:19:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,661 Commits 12 Branches 184 Tags
eda3cd6a37e35ecf4bedebd3da4dff06ce6ea4e5
Commit Graph

7325 Commits

Author SHA1 Message Date
Juliusz Sosinowicz
db1f199a11 Add comment about keyshare negotiation 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
cbedae2f55 This path in TLSX_KeyShare_Choose should not be taken normally 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
06749144d5 Add RFC link to help understand constraints 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
f2032e8744 Clear decrypted ticket that failed checks in DoClientTicket_ex 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
b0d7656ad2 Rebase fixes 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
61c2059cd9 Differentiate between empty and missing extension 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
5f39c594aa TLS 1.3: hold decrypted ticket to check which ciphersuite matches 
DTLS 1.3: Move stateless ticket decoding to FindPskSuiteFromExt
 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
8c08dbb6ce Adding checks for SigAlgs, KeyShare, and Supported Groups 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
2bbdf6979a Reuse ReadVector16 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
de6ed96feb CopyExtensions -> CopySupportedGroup 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
5f65752414 Refactor alerts into one location 
Remove previous stateless code. Now all DTLS 1.3 stateless handling is done in dtls.c
 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
51a384eba5 Read cookie extension into separate field 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
5b0903a82d Missing casts 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
b5e7761e58 For DTLS 1.3 use PSK for ticket 
Resumption info is also necessary when WOLFSSL_DTLS_NO_HVR_ON_RESUME is not defined.
 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
969c610ef7 Fix unused variable 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
57dccc4cf4 Calculate cookie in SendStatelessReplyDtls13() 
Not touching ssl->hsHashes while in stateless mode
 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
c15043b191 Refactor SendStatelessReply 1.3 branch into new function 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
2f31cdef69 Re-create hs header for hash 2023-03-07 12:04:54 +01:00
Juliusz Sosinowicz
aa9dcca624 Rebase and Jenkins fixes 2023-03-07 12:02:54 +01:00
Juliusz Sosinowicz
a999909969 Use PSK callback to get the ciphersuite to use 
- Allocate additional byte in TLSX_PreSharedKey_New for null terminator
 2023-03-07 12:02:54 +01:00
Juliusz Sosinowicz
6160f93f94 Fix Jenkins errors 2023-03-07 12:02:54 +01:00
Juliusz Sosinowicz
7dfa96a729 Define usePSK when ext is present 2023-03-07 12:02:54 +01:00
Juliusz Sosinowicz
984d709db0 dtls 1.3: Stateless ClientHello parsing 2023-03-07 12:02:54 +01:00
Chris Conlon
9bc3b867e0 Merge pull request #6157 from miyazakh/add_favouriteDrinkNID 2023-03-06 16:45:14 -07:00
David Garske
86e1b0d8ab Merge pull request #6165 from SparkiDev/bn_move 
BN compatibility API: move implementation out to separate API
 2023-03-06 09:27:24 -08:00
David Garske
9f66a58afd Merge pull request #6159 from philljj/zd15693 
Fix ASN1_STRING leak in create_by_NID and create_by_txt
 2023-03-06 09:25:37 -08:00
Sean Parkinson
e4c2386b61 BN compatibility API: move implementation out to separate API 
BN APIs from ssl.c have been moved out to ssl_bn.c that is included in
ssl.c.
Added defines for BN_rand() and BN_pseudo_rand() to indicate which bits
are to be set.
'internal' field now always maps to the ;mpi' field that is a MP
integer.
SetIndividualInternal/External renamed to wolfssl_bn_get/set_value.
Fixed BN APIs to work as closely to OpenSSL as possible.
Added tests.
Moved wolfssl_make_rng out to ssl.c as BN APIs are using it now.
SP int and TFM now check trials are in a valid range for
mp_prime_is_prime_ex().
 2023-03-06 14:32:10 +10:00
Hideki Miyazaki
05b0796361 add favourite drink pilot attibute type to get it from the encoding 2023-03-04 14:20:48 +09:00
Daniel Pouzzner
e76d12f932 src/ssl.c: fix a couple suppressions to use C comment syntax, for C89 goodness. 2023-03-03 22:01:52 -06:00
jordan
51dbb44799 Fix ASN1_STRING leak in create_by_NID and create_by_txt 2023-03-03 08:22:35 -06:00
Sean Parkinson
a8723f71cb Merge pull request #6154 from kaleb-himes/wolfmikey-w-fips-140-3 
Allow building of sakke as external non-FIPS algorithm with wolfmikey product
 2023-03-03 08:18:40 +10:00
David Garske
41a9b1148f Merge pull request #6152 from philljj/spelling_cleanup 
Used codespell and fixed obvious typos in src and wolfssl.
 2023-03-02 11:39:45 -08:00
David Garske
871754b97c Merge pull request #6153 from bandi13/fixZD15705 
Fix memory leak
 2023-03-02 11:39:03 -08:00
kaleb-himes
7ca4b1bc66 Allow building of sakke as external non-FIPS algorithm with wolfmikey product 2023-03-02 11:30:56 -07:00
Andras Fekete
406d8753be Fix memory leak 2023-03-02 11:15:32 -05:00
jordan
409ed6232a Used codespell and fixed obvious typos in src and wolfssl. 2023-03-02 09:52:07 -06:00
David Garske
17ad27c350 Fixes for building with C++17. Adds new USE_CPLUSPLUS_BYTE build option to use std::byte as byte to avoid redefinition issues when customer application sets default namespace to "std" or wants to use "byte". 
Tested using `./configure CC="g++ -std=c++17" --enable-all && make check`.
 2023-03-01 12:49:47 -08:00
Kareem
08a3e2cb6e Avoid building TLSX_SetResponse unless it is being used. Initialize PIC32 UPDPTR register in all cases. 2023-02-28 14:37:45 -07:00
David Garske
469226f214 Merge pull request #6107 from anhu/ecc_pub 
Fixes for encoding/decoding ecc public keys.
 2023-02-24 08:36:15 -08:00
Anthony Hu
c2daca1393 Fixes for encoding/decoding ecc public keys. 2023-02-23 13:56:48 -05:00
David Garske
ffa392cdb5 Merge pull request #6125 from embhorn/gh6007 
Include sys/time.h for WOLFSSL_RIOT_OS
 2023-02-22 16:06:10 -08:00
David Garske
434e869b1d Merge pull request #6109 from nunojpg/master 
Fix out of bound memset to 0
 2023-02-22 15:43:09 -08:00
David Garske
2e7713f4c2 Merge pull request #6120 from embhorn/zd15698 
Fix NULL dereference in TLSX_CSR_Parse
 2023-02-22 13:43:43 -08:00
Eric Blankenhorn
3d71d3c388 Include sys/time.h for WOLFSSL_RIOT_OS 2023-02-22 15:36:50 -06:00
Eric Blankenhorn
0a928208f2 Fix NULL dereference in TLSX_CSR_Parse 2023-02-22 08:19:11 -06:00
Sean Parkinson
b81759173a Merge pull request #5840 from kareem-wolfssl/dynSessCache2 
Add dynamic session cache which allocates sessions from the heap.
 2023-02-22 15:14:38 +10:00
David Garske
74bad76707 Merge pull request #6117 from SparkiDev/priv_key_id_fix 
Private Key ID: change to always set priv key type and size
 2023-02-21 19:23:51 -08:00
Sean Parkinson
39cfd8e566 Private Key ID: change to always set priv key type and size 
When a certificate is loaded then the private key type and size is set
based on the public key.
Always set, even if previously set.
Use case is setting an RSA certificate against ctx and then setting EC
certificate against ssl.
 2023-02-22 08:07:27 +10:00
David Garske
fc6d693dae Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of SSL_SUCCESS and SSL_FAILURE. Add WOLFSSL_DEBUG_NONBLOCK option to allow printing iterations without debug enabled. 2023-02-21 12:02:15 -08:00
gojimmypi
136267d29c Add new SHA-512/224 and SHA-512/256 tests 2023-02-20 16:55:38 -08:00