wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 15:22:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,559 Commits 12 Branches 184 Tags
f4c4cf8afed39d2145dfd0069de6e502e9e79e93
Commit Graph

1800 Commits

Author SHA1 Message Date
John Safranek
b9dac74086 Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh
86e5287a14 Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
JacobBarthelmeh
7b9d6a3f5e Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Jacob Barthelmeh
ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
TakayukiMatsuo
5df0f7820a Add wolfSSL_CTX_set_keylog_callback 2021-07-03 14:51:23 +09:00
TakayukiMatsuo
567d8ed704 Make wolfSSL_set_session return success on timeout under WOLFSSL_ERROR_CODE_OPENSSL macro definition. 2021-07-02 10:50:00 +09:00
TakayukiMatsuo
aef9e560b1 Make wolfSSL_CTX_set_timeout call wolfSSL_CTX_set_TicketHint internally to change session-ticket-lifetime-hint. 2021-07-02 09:15:01 +09:00
David Garske
43f8c5ba1b Merge pull request #4121 from JacobBarthelmeh/PKCS7 
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
 2021-07-01 17:03:56 -07:00
JacobBarthelmeh
45486ac904 Merge pull request #4166 from miyazakh/supportedversion_ex_mindowngrade 
not include smaller versions than minimum downgrade
 2021-07-01 21:00:20 +07:00
Chris Conlon
9179071af5 Merge pull request #4153 from JacobBarthelmeh/Testing 
fix for keyid with ktri cms
 2021-06-29 11:40:00 -06:00
David Garske
74b9b5a8cd Merge pull request #4156 from SparkiDev/regression_fixes_1 
Regression test fixes
 2021-06-25 07:48:02 -07:00
Jacob Barthelmeh
5038a27cda add test cases and set content oid with decode encrypted data 2021-06-25 21:16:01 +07:00
Hideki Miyazaki
5bb52915b9 update test conf to fix jenkins failures 2021-06-25 16:31:49 +09:00
Hideki Miyazaki
d576e3ef96 not send smaller versions than minimum downgradable version as supportedversion ext 2021-06-25 14:51:34 +09:00
Sean Parkinson
dab6724059 Regression fixes: more configurations 
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
 2021-06-25 15:23:51 +10:00
Sean Parkinson
1994811d24 Merge pull request #4144 from haydenroche5/pkcs8 
Make a bunch of PKCS#8 improvements.
 2021-06-25 12:22:11 +10:00
Sean Parkinson
8592053856 Regression test fixes 
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
 2021-06-25 09:18:06 +10:00
Juliusz Sosinowicz
656e49cc3b Expand SHA-3 support 
Add more support in the EVP layer as well as add signing support. The SHA-3 OID's were also added for DER algorithm identifier encoding.
 2021-06-24 19:31:43 +02:00
Hayden Roche
b3401bd102 Make a bunch of PKCS#8 improvements. 
- Add doxygen documentation for wc_GetPkcs8TraditionalOffset, wc_CreatePKCS8Key,
wc_EncryptPKCS8Key, and wc_DecryptPKCS8Key.
- Add a new API function, wc_CreateEncryptedPKCS8Key, which handles both
creation of an unencrypted PKCS#8 key and the subsequent encrypting of said key.
This is a wrapper around TraditionalEnc, which does the same thing. This may
become a first-class function at some point (i.e. not a wrapper). TraditionalEnc
is left as is since it is used in the wild.
- Added a unit test which exercises wc_CreateEncryptedPKCS8Key and
wc_DecryptPKCS8Key. Testing wc_CreateEncryptedPKCS8Key inherently also tests
TraditionalEnc, wc_CreatePKCS8Key, and wc_EncryptPKCS8Key.
- Modified wc_EncryptPKCS8Key to be able to return the required output buffer
size via LENGTH_ONLY_E idiom.
- Added parameter checking to wc_EncryptPKCS8Key and wc_DecryptPKCS8Key.
 2021-06-23 08:39:20 -07:00
Sean Parkinson
2923d812bd Merge pull request #4058 from miyazakh/qt_oslext_cs 
TLS: extend set_cipher_list() compatibility layer API
 2021-06-23 10:12:11 +10:00
Chris Conlon
4b3bd3e384 Merge pull request #4049 from miyazakh/set_verifyDepth_3 
Set verify depth limit
 2021-06-22 10:23:43 -06:00
Chris Conlon
446393bcab Merge pull request #3793 from TakayukiMatsuo/os_base64 
Add wolfSSL_EVP_Encode/Decode APIs
 2021-06-22 10:19:30 -06:00
Chris Conlon
b050463dce Merge pull request #4059 from miyazakh/qt_unit_test 
fix qt unit test
 2021-06-22 10:12:48 -06:00
Jacob Barthelmeh
647bde671c macro guard on test case 2021-06-22 22:56:35 +07:00
Jacob Barthelmeh
3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske
c4ea64b7fc Merge pull request #4140 from SparkiDev/set_sig_algs 2021-06-21 19:18:10 -07:00
Sean Parkinson
7224fcd9bc TLS: add support for user setting signature algorithms 2021-06-18 16:19:01 +10:00
Hideki Miyazaki
1ebb4a47f6 addressed jenkins failure 2021-06-18 11:22:20 +09:00
Hideki Miyazaki
4feedb72cc simulate set_ciphersuites comp. API 2021-06-18 11:22:19 +09:00
Hideki Miyazaki
ddf2a0227f additional fix for set verify depth to be compliant with openssl limit 2021-06-18 11:00:51 +09:00
Hideki Miyazaki
951de64e2c set PSK at the beginning 2021-06-18 07:59:35 +09:00
Eric Blankenhorn
1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
TakayukiMatsuo
9e02655ac4 Merge remote-tracking branch 'upstream/master' into os_base64 2021-06-16 23:19:52 +09:00
Sean Parkinson
b73673a218 Merge pull request #3794 from TakayukiMatsuo/os_keyprint 
Add wolfSSL_EVP_PKEY_print_public
 2021-06-16 08:43:41 +10:00
TakayukiMatsuo
c6680d08ba Fix coding issues 2021-06-15 11:16:38 +09:00
Sean Parkinson
12c358bc30 Merge pull request #3979 from dgarske/tls13_async 
Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
 2021-06-15 10:02:19 +10:00
David Garske
77df7d8630 Merge pull request #3968 from elms/pedantic_cleanup 
Fixes for some `-pedantic` errors
 2021-06-14 13:46:39 -07:00
David Garske
fd6b30ef32 Merge pull request #4111 from elms/silabs/fix_ecc_shared_secret_outlen 
silabs: fix `wc_ecc_shared_secret` to only return x coordinate
 2021-06-14 13:44:00 -07:00
Chris Conlon
a8d185cb9e Merge pull request #4117 from TakayukiMatsuo/tk12403 
Add null-parameters-test cases for SHA(), SHA224(), MD5() and MD5_xxx().
 2021-06-14 13:52:01 -06:00
Elms
ed4cf6e91c silabs: fix wc_ecc_shared_secret to only return x coordinate 
secure element computes and returns the full coordinate. The wolfSSL
API should only return the x component.
 2021-06-13 21:46:23 -07:00
TakayukiMatsuo
ebec2fbd25 Fixed uninitialized parameter for Base16_Encode 2021-06-14 13:45:12 +09:00
Hideki Miyazaki
6d3b9aec80 fix api compile failure 2021-06-12 09:24:11 +09:00
David Garske
2e4e65f518 Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement 
* Added async support to `SendTls13ClientHello`, `DoTls13ServerHello` and `DoTls13ClientHello`.
* Cleanup of the example client/server use key share code.
* Fix some scan-build warnings.
ZD 12065
 2021-06-11 14:12:12 -07:00
TakayukiMatsuo
ed5cb0a1bd Modified along the revire comments 2021-06-11 21:08:27 +09:00
TakayukiMatsuo
779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson
36a9cd3010 Merge pull request #3911 from TakayukiMatsuo/tk11851 
Fix SSL_read behaving differently from openSSL after bidirectional shutdown
 2021-06-11 10:25:39 +10:00
David Garske
624e150c7b Merge pull request #3827 from SparkiDev/tls13_psk_hash 
TLS 1.3 PSK: use the hash algorithm to choose cipher suite
 2021-06-10 06:59:40 -07:00
Sean Parkinson
3ecb8d5a3e Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
TakayukiMatsuo
4d3f2f92fd Add test cases for SHA(), SHA224(), MD5() and MD5_xxx() to test with null parameters. 2021-06-10 16:40:51 +09:00
Sean Parkinson
7e0c372e4c TLS 1.3 PSK: use the hash algorithm to choose cipher suite 
See RFC 8446: 4.2.11
With TLS 1.3 PSK callback, If the returned cipher suite isn't available,
use the hash from the cipher suite and choose from available list.
Require exact match when: WOLFSSL_TLS13_PSK_NO_MATCH_HASH

Alternative callback for client added that is passed a cipher suite
string. Called for each cipher suite that is to be negotiated.
If cipher suite to be used with PSK then return client identity.
Returning an identity based on cipher suite hash will result in
only one PSK extension being added per hash.
 2021-06-10 09:55:27 +10:00