Commit Graph

77 Commits

Author SHA1 Message Date
Juliusz Sosinowicz 54bd786707 DTLS limit fragments
- Limit the amount of fragments we store per a DTLS connection
- Error out when we reach the DTLS fragment connection limit
2022-08-31 14:24:20 +02:00
Marco Oliverio cfbd061625 add initial support for ConnectionID DTLS extension 2022-08-23 16:58:24 +02:00
Anthony Hu 82a900b438 Initial commit to add Dilithium NIST PQC winner.
Also:

* added HAVE_FALCON guards as needed.
* corrected minor falcon bugs as I found them.
* handling OID sum collision between DILITHIUM_LEVEL5 and DILITHIUM_AES_LEVEL3

Tested with the following commands:

examples/server/server -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

with permutations of SHAKE,AES variants and levels 2,3,5
2022-08-11 11:38:31 -04:00
Stefan Eissing 4431438fb2 add QUIC support. 2022-08-08 13:24:00 +02:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Anthony Hu 81def76b18 The NIST round 3 Falcon Signature Scheme integration. 2021-11-02 11:12:10 -04:00
John Safranek 98b1e93429 Merge pull request #4402 from JacobBarthelmeh/Compatibility-Layer 2021-09-30 15:53:58 -07:00
Anthony Hu 33cb823148 Remove legacy NTRU and OQS (#4418)
* Remove NTRU and OQS

* Keep the DTLS serialization format backwards compatible.

* Remove n from mygetopt_long() call.

* Fix over-zealous deletion.

* Resolve problems found by @SparkiDev
2021-09-24 08:37:53 +10:00
JacobBarthelmeh 60aa7b9a62 compat layer adjustments, pseudo rand update, fix for peek with ASN1_R_HEADER_TOO_LONG 2021-09-16 00:56:44 -07:00
David Garske 700b1c56c1 Improve CRL error codes. Add --enable-crl=io option. ZD 12791 2021-08-24 11:12:12 -07:00
Daniel Pouzzner 1cbe696716 checkpoint: fully functioning demo via examples/server/ and unit.test (which produces a "filtered" error on a subtest when built --enable-wolfsentry). 2021-04-20 23:59:57 -05:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
Hideki Miyazaki e39477c531 initial implement SSL_get_early_data_status 2021-03-05 08:19:15 +09:00
Juliusz Sosinowicz 8b934624f5 DTLS non-blocking scrwith example 2020-08-25 11:26:20 +02:00
Sean Parkinson 76a35f2a77 TLS 1.3: Client with no certificate an error with define
WOLFSSL_NO_CLIENT_CERT_ERROR
2020-07-27 09:54:51 +10:00
John Safranek 5d5aa129ca When attempting to send a message with DTLS, if it is too large, return an error rather than splitting it across records. (ZD 10602) 2020-07-20 16:14:53 -07:00
Sean Parkinson 614e675a00 Call secret callback when TLS 1.3 secrets generated 2020-02-14 08:42:47 +10:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
Eric Blankenhorn 51d5abd63f Clarify wolfSSL_shutdown error on subsequent calls 2019-12-12 13:16:52 -06:00
Eric Blankenhorn 8c6c4e2432 Add unique error codes to verify failures 2019-11-14 16:02:02 -06:00
cariepointer 2dafd2102c Add Apache HTTP Server compatibility and --enable-apachehttpd option (#2466)
* Added Apache httpd support `--enable-apachehttpd`.

* Added `SSL_CIPHER_get_version`, `BIO_new_fp`, `SSL_SESSION_print` and `SSL_in_connect_init` compatibility API's.

* Fix to expose `ASN1_UTCTIME_print` stub.

* Pulled in `wolfSSL_X509_get_ext_count` from QT.

* Added `X509_get_ext_count`, `BIO_set_callback`, `BIO_set_callback_arg` and `BIO_get_callback_arg`.

* Added `wolfSSL_ERR_print_errors`.

* Added `BIO_set_nbio` template.

* Fixes for building with Apache httpd.

* Added DH prime functions required for Apache httpd.

* Fix and move the BN DH prime macros.

* Fix for `SSL_CTX_set_tlsext_servername_arg` to have return code.

* Only add the `BN_get_rfc*_prime_*` macro's if older than 1.1.0.

* Added `ERR_GET_FUNC`, `SSL_CTX_clear_extra_chain_certs` prototypes.

* Added `wolfSSL_CTX_set_client_cert_cb` template and `OPENSSL_load_builtin_modules` stub macro.

* Added `X509_INFO` templates (`X509_INFO_new`, `X509_INFO_free`, `sk_X509_INFO_new_null`, `sk_X509_INFO_num`, `sk_X509_INFO_value`, `sk_X509_INFO_free`). Added `sk_X509_shift`.

* Added BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg

* add BIO_set_nbio, ERR_print_errors and tests

* add X509 INFO stack push function

* Add ASN1_UTCTIME_print and unit test

* Add X509_get_ext_count unit test

* initial commit of wolfSSL_PEM_X509_INFO_read_bio

* Added `sk_X509_NAME_new`, `sk_X509_NAME_push`, `sk_X509_NAME_find`, `sk_X509_NAME_set_cmp_func` and `sk_X509_NAME_free`. Grouped `sk_X509_NAME_*` functions.

* Cleanup sk X509 NAME/INFO pop free template.

* Advance openssl compatibility to v1.1.0 for Apache httpd. Added TLS version macros. Implemented sk X509 NAME/INFO pop and pop_free.

* Added `TLS_client_method` support.

* Added `SSL_get_server_tmp_key` and `EC_curve_nid2nist`.

* Added `SSL_CTX_set_min_proto_version` and `SSL_CTX_set_max_proto_version`. Fix for `BN_get_rfc*_prime_*` with the v1.1.0 change.

* add test cases for PEM_X509_INFO_read_bio

* Fixes for `BN_get_rfc*_prime_*` macros. Added template for `SSL_DH_set0_pqg`. Fix for `SSL_OP_NO_` to use Macro's (as is done in openssl). Added `SSL_set_verify_result`. Added stub for `OPENSSL_malloc_init`.

* Apache httpd compatibility functions. BIO setter/getters.

* implement ASN1_TIME_check and add test case

* add SSL_get_client_CA_list

* add initial implementation of wolfSSL_DH_set0_pqg

* Add apache support to OBJ_txt2nid and unit test, add stub for OBJ_create

* add X509_STORE_CTX_get1_chain, sk_free, sk_X509_dup

* Add sk_SSL_COMP_num and SSL_COMP struct

* implement and test of SSL_SESSION_print

* add SSL_CTX_set_client_cert_cb

* expand BIO_printf and add test case

* Added `OCSP_CERTID_dup`. Added `ASN1_TYPE`.

* add implementation for wolfSSL_get_server_tmp_key

* add wolfSSL_BIO_puts and test case

* Add X509_EXTENSION_get_object and X509_EXTENSION_get_data

* add helper for bio flag set and null x509 stack

* add test adn implementation for wolfSSL_i2d_PrivateKey

* Added `ASN1_OTHERNAME`, `ACCESS_DESCRIPTION` and `GENERAL_NAME`. Added `sk_ACCESS_DESCRIPTION_pop_free` and `ACCESS_DESCRIPTION_free` stubs.

* add wolfSSL_PEM_read_bio_ECPKParameters

* add BIO_vfree

* add X509_up_ref

* add X509_STORE_CTX_set_ex_data

* add _GNU_SOURCE macro and wolfSSL_EVP_read_pw_string

* add wolfSSL_EVP_PKEY_ref_up function

* X509_get_ext, X509V3_EXT_print, and d2i_DISPLAYTEXT stubs

* add X509_set_issuer_name

* add wolfSSL_sk_SSL_CIPHER_* functions and tests

* add prototype for sk_X509_EXTENSION and ACCESS_DESCRIPTION

* fix casting to avoid clang warning

* adjust test_wolfSSL_X509_STORE_CTX test case

* Added `OpenSSL_version`

* renegotiate functions and additional stack functions

* add aditional stub functions

* Add Apache httpd requirements for ALPN, CRL, Cert Gen/Req/Ext and SecRen. Fix for `sk_X509_INFO_new_null`.

* add ocsp stub functions

* Proper fix for `sk_X509_INFO_new_null`. Added templates for `X509_get_ext_by_NID` and `X509_add_ext`. Added templates for `ASN1_TIME_diff` and `ASN1_TIME_set`.

* x509 extension stack additions

* Fixed template for `OCSP_id_get0_info`.

* add X509 stub functions

* add X509_STORE_CTX_get0_store() and unit test

* Added `EVP_PKEY_CTX_new_id`, `EVP_PKEY_CTX_set_rsa_keygen_bits`, `EVP_PKEY_keygen_init`, `EVP_PKEY_keygen` and `BN_to_ASN1_INTEGER`.

* x509v3 stubs and req add extensions

* Add OBJ_txt2obj and unit test; add long name to wolfssl_object_info table for use by OBJ_* functions

* wolfSSL_set_alpn_protos implementation

* Added `EVP_SignInit_ex` and `TLS_server_method` implementation. Added stubs for  `RSA_get0_key` and `i2d_OCSP_REQUEST_bio`. Fix typo on `OCSP_response_create`. Fix warning in `wolfSSL_set_alpn_protos`.

* Added `X509_EXTENSION_free` stub. Fixed a few macro typos/adding missing.

* add X509_STORE_CTX_get0_current_issuer and unit test

* add OBJ_cmp and unit test

* add RSA_get0_key and unit test

* add OCSP_check_nonce

* Implement X509_set_notAfter/notBefore/serialNumber/version,X509_STORE_CTX_set_depth,X509V3_set_ctx.

* Modify wolfSSL_X509_set_notAfter/notBefore and add tests for each.

* Add test_wolfSSL_X509_set_version w/ fixes to _set_version and fix _set_notBefore/notAfter tests

* add OCSP_id_get0_info and unit test, move WOLFSSL_ASN1_INTEGER to asn_public.h from ssl.h

* inital implementation of wolfSSL_X509_sign

* add debugging messages and set data for BIO's

* Add i2d_OCSP_REQUEST_bio.

* implementation of some WOLFSSL_BIO_METHOD custom functions

* fix for ASN time structure and remove log node

* initial eNULL support and sanity checks

* fixes after rebasing code

* adjust test cases and ASN1_TIME print

* Various fixes for memory leaks

* Apache compatibility in CTX_set_client_CA_list for X509_NAME use; add X509_NAME_dup as supporting function

* Add initial X509_STORE_load_locations stub for Apache

* Updates to X509_get_ext_d2i to return GENERAL_NAME struct instead of ASN1_OBJECT for alternative names and add supporting GENERAL_NAME functions

* Add X509_STORE_load_locations implementation; add wolfSSL_CertManagerLoadCRL_ex; initial renegotiation fixes/updates

* Fix for freeing peer cert in wolfSSL_Rehandshake instead of FreeHandShakeResources during secure renegotiation

* Add X509_ALGOR and X509_PUBKEY structs for X509_PUBKEY_get0_param and X509_get_X509_PUBKEY implementation

* Initial implementation of wolfSSL_X509_get_X509_PUBKEY and wolfSSL_X509_PUBKEY_get0_param

* Add implementation for X509_get0_tbs_sigalg and X509_ALGOR_get0

* Add OBJ_nid2ln implementation

* Fix compile errors in tests/api.c for some build options

* Updates to X509_STORE_load_locations for non-CRL types; Add additional DETECT_CERT_TYPE enum and logic for detecting certificate type in ProcessFile

* Add X509_STORE_load_locations unit test and minor error handling fixes

* Add unit test for X509_sign

* Set correct alert type for revoked certificates; add/fix a few WOLFSSL_ENTER messages

* Add X509_ALGOR member to X509 struct; refactoring and unit tests for wolfSSL_X509_ALGOR_get0 and wolfSSL_X509_get0_tbs_sigalg

* Add X509_PUBKEY member to X509 struct; refactoring and unit tests for wolfSSL_X509_get_X509_PUBKEY and wolfSSL_X509_PUBKEY_get0_param

* Stack fixes after rebase

* Secure renegotiation refactoring: add ACCEPT_BEGIN_RENEG to AcceptState for use in wolfSSL_SSL_in_connect_init; free old peer cert when receiving new cert to fix memory leak

* Move enc-then-mac enable option in configure.ac for apache httpd compatibility

* Simplify wolfSSL_SSL_in_connect_init logic

* Remove unneeded wolfSSL_CertManagerLoadCRL_ex

* Fixes for jenkins test failures

* SSL_get_secure_renegotiation_support for print statement in Apache
2019-09-19 17:11:10 -07:00
Hideki Miyazaki a37b604da9 addressed review comments 2019-09-19 11:18:52 +09:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
John Safranek b7663a940e Trusted CA Key Indication Extension
Added an API for enabling the Trusted CA Key Indication extension from
RFC6066 section 6. If the server doesn't have a match for the client,
the client will abandon the session.
2019-03-11 12:35:12 -07:00
toddouska 6e1b05316d Merge pull request #2104 from ejohnstown/renegotiation-testing
Secure Renegotiation
2019-03-11 12:10:48 -07:00
John Safranek 65c72ddfe1 Reverted an earlier change to the renegotiation resumption. Still need
to check the cert subject hash.
2019-02-26 14:26:09 -08:00
John Safranek 7389553bd6 1. For secure renegotiation, remove the check of the peer certificate's
subject ID on renegotiation. Both endpoints are already
cryptographically linked on an encrypted channel.
2. The error code list has gaps where deprecated codes were deleted,
remove the redundant gaps where there aren't missing codes.
2019-02-20 11:45:21 -08:00
Sean Parkinson 7aa5cd6f10 Support FFDHE in TLS 1.2 and below. Better TLS 1.3 version support.
Add support for the fixed FFDHE curves to TLS 1.2. Same curves in TLS
1.3 already. On by default - no checking of prime required.
Add option to require client to see FFDHE parameters from server as per
'may' requirements in RFC 7919.

Change TLS 1.3 ClientHello and ServerHello parsing to find the
SupportedVersions extension first and process it. Then it can handle
other extensions knowing which protocol we are using.
2019-02-18 14:51:59 +10:00
John Safranek 63f6c1d280 DTLS Nonblocking Updates
1. Add error code for trying to retransmit a flight when transmitting
the flight hasn't finished.
2. Add function to retransmit the stored flight without updating the
timeout count.
2019-01-18 09:15:11 -08:00
Eric Blankenhorn 02ff19a6c4 Moving PRF to wolfcrypt 2019-01-16 17:23:49 -06:00
David Garske 680a863054 Added support for building with certificate parsing only. ./configure --enable-asn=nocrypt. Added new API for parsing PIV format certificates wc_ParseCertPIV with WOLFSSL_CERT_PIV build option. Added wc_DeCompress_ex with ability to decompress GZIP. Moved the ZLIB error codes into wolfCrypt. 2018-10-02 15:18:56 -07:00
David Garske f9e830bce7 First pass at changes to move PemToDer into asn.c. 2018-04-09 13:28:14 -07:00
Chris Conlon 2660ff0b93 Merge pull request #1251 from kojo1/openSSL-Compat-201711
openSSL compatibility 201711
2017-12-21 16:25:46 -07:00
David Garske de05c563b6 Fix to handle non-blocking OCSP when WOLFSSL_NONBLOCK_OCSP is defined and not using async. OCSP callback should return OCSP_WANT_READ. Added ability to simulate non-blocking OCSP using TEST_NONBLOCK_CERTS. 2017-12-08 03:12:33 +01:00
Takashi Kojo 527c94c06b add test_wolfSSL_msgCb 2017-11-24 06:02:01 +09:00
David Garske fd455d5a5e Fix for handling of static RSA PKCS formatting failures so they are indistinguishable from from correctly formatted RSA blocks (per RFC5246 section 7.4.7.1). Adjusted the static RSA preMasterSecret RNG creation for consistency in client case. Removed obsolete PMS_VERSION_ERROR. 2017-11-14 14:05:50 -08:00
Moisés Guimarães 0dd2ba2d80 adds unsupported_extension behavior to SNI 2017-11-03 15:31:13 -03:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
Sean Parkinson 24e9f7c43d Add NULL check after signature alg extension search 2017-08-01 13:55:06 +10:00
toddouska 66852a9252 add AlertCount to detect dos attempt 2017-07-31 15:17:54 -07:00
John Safranek 1657569605 DTLS Multicast
1. Adding the prototypes for the sequence number high water callback.
2. Added the accessors to set the highwater callback function,
   trigger levels, and application context.
3. Calls the highwater callback at specified sequence number thresholds
   per peer.
2017-07-19 13:34:32 -07:00
Sean Parkinson 8bd6a1e727 Add TLS v1.3 Cookie extension support
Experimental stateless cookie
2017-06-26 16:41:05 +10:00
Sean Parkinson 89e6ac91bf Improve PSK timeout checks
Post-handshake Authentication

Fix KeyUpdate to derive keys properly

Fix supported curves (not checking ctx extensions)
2017-06-14 11:28:53 -07:00
Sean Parkinson 2b1e9973ec Add TLS v1.3 as an option 2017-05-04 14:51:30 -07:00
toddouska 15423428ed add wolfSSL_write_dup(), creates write_only WOLFSSL to allow concurrent access 2017-03-20 15:08:34 -07:00
David Garske 628f740363 Added support for inline CRL lookup when HAVE_CRL_IO is defined (shares code with OCSP lookup in io.c). Added http chunk transfer encoding support. Added default connection timeout value (DEFAULT_TIMEOUT_SEC) and new wolfIO_SetTimeout() API with HAVE_IO_TIMEOUT. Added generic wolfIO_ API’s for connect, select, non-blocking, read and write. Added new define USE_WOLFSSL_IO to enable access to new wolfIO_* socket wrappers even when WOLFSSL_USER_IO is defined. Moved all API declarations for io.c into new io.h header. Added HAVE_HTTP_CLIENT to expose HTTP API’s. Moved SOCKET_T and SOCKET_ defines into io.h. Added WOLFIO_DEBUG define to display request/responses. 2017-03-15 12:26:18 -07:00
David Garske a55ebb4c18 Fixes for building CRL with Windows. Refactor load_verify_buffer and LoadCRL to use new wc_ReadDir* functions. Added new directory/file API's: wc_ReadDirFirst(), wc_ReadDirNext(), wc_ReadDirClose(). Moved MAX_PATH and MAX_FILENAME_SZ to wc_port.h. Moved BAD_PATH_ERROR into error-crypt.h. The wc_ReadDir is only supported when NO_WOLFSSL_DIR and NO_FILESYSTEM are not defined. Add map to __FUNCTION__ macro in Windows with debug enabled (to resolve build error with VS and __func__ missing). Fix cast warning on response from EncodeOcspRequestExtensions. Fix for cast to call to BuildCertificateStatus. 2017-03-08 11:21:11 -08:00
John Safranek be65f26dd2 If there is a badly formed handshake message with extra data at the
end, but the correct size with the extra data, send a decode_error
alert and fail the handshake.
2016-12-14 16:02:29 -08:00
John Safranek a3ea8378ec Cap the size of the transmit and receive DTLS message lists at 255. 2016-11-02 09:15:05 -07:00