Commit Graph

18796 Commits

Author SHA1 Message Date
David Garske 4fbd4fd36a Merge pull request #5917 from JacobBarthelmeh/release
prepare for release 5.5.4
v5.5.4-stable
2022-12-20 16:15:51 -08:00
JacobBarthelmeh 509ad07dbd Merge pull request #5918 from kareem-wolfssl/zd15369
Fix length being passed into GetFormattedTime.
2022-12-20 17:12:13 -07:00
Kareem eebe04b181 Fix length being passed into GetFormattedTime. 2022-12-20 15:42:02 -07:00
Jacob Barthelmeh cca63a465d prepare for release 5.5.4 2022-12-20 14:19:59 -07:00
David Garske 6f7d8d287d Merge pull request #5905 from JacobBarthelmeh/cert_update
end of year certificate update
2022-12-19 09:52:53 -08:00
JacobBarthelmeh 3d1775320b Merge pull request #5900 from icing/tls12-no-tickets
WOLFSSL_OP_NO_TICKET fix for TLSv1.2
2022-12-16 14:42:50 -07:00
JacobBarthelmeh 91f8b5e58e Merge pull request #5903 from douzzer/20221216-fix-benchmark
20221216-fix-benchmark
2022-12-16 14:35:12 -07:00
JacobBarthelmeh c6aaa1310e end of year certificate update 2022-12-16 13:32:37 -08:00
Kaleb Himes b90c07900b Merge pull request #5904 from anhu/FIPS_fix
ENABLED_FIPS doesn't hold the version; FIPS_VERSION does.
2022-12-16 14:16:47 -07:00
Anthony Hu 24d7f85016 ENABLED_FIPS doesn't hold the version; FIPS_VERSION does.
Found with:

./configure --enable-engine=fips=v2
2022-12-16 14:06:43 -05:00
Daniel Pouzzner 04b31518ba wolfcrypt/benchmark/benchmark.c: fix calculation of outer iteration constant in bench_aesecb_internal(); fix .c.h clash in argument name ("useDevId" vs "useDeviceID"). 2022-12-16 12:55:37 -06:00
David Garske 5c21e40bce Merge pull request #5899 from SparkiDev/regression_fixes_5
Fixes from regression testing.
2022-12-16 06:54:26 -08:00
David Garske 07dcd5270e Merge pull request #5898 from cconlon/androidSystemCa
Add Android CA certs path for wolfSSL_CTX_load_system_CA_certs()
2022-12-16 06:12:24 -08:00
Stefan Eissing 9d0b16097e Fix builds without session tickets. 2022-12-16 09:40:51 +01:00
Stefan Eissing dccabc60a5 Disabling TLSv1.2 session tickets when WOLFSSL_OP_NO_TICKET is being set.
There seems to have been a misunderstanding that WOLFSSL_OP_NO_TICKET would only disable tickets
for TLS version lower than 1.2. But it includes 1.2 as well.
2022-12-16 09:29:44 +01:00
Sean Parkinson 45e3c721b3 Fixes from regression testing.
Fix random prime generation for big endian to set low bits after
shifting top word.
Allow SP_MATH to be built without RSA, DH and ECC - needed for PKCS#12.
Add DH 2048 bit parameters to cert_test.c for test.c when NO_ASN and
WOLFSSL_SP_MATH.
2022-12-16 14:43:29 +10:00
David Garske 502fd843ec Merge pull request #5897 from gojimmypi/gojimmypi-initialize-resp_length
initialize resp_length = 0 in tls.c
2022-12-15 17:23:48 -08:00
Chris Conlon f9bd8f76de add Android system CA certs path for to wolfSSL_CTX_load_system_CA_certs() usage 2022-12-15 16:39:48 -07:00
Sean Parkinson 4434d898a1 Merge pull request #5894 from kaleb-himes/fix-leak
Fix a quick leak in the test apps
2022-12-16 08:04:50 +10:00
JacobBarthelmeh aa784397b0 Merge pull request #5896 from cconlon/atexitOSX
AC_CHECK_DECLS for atexit needs stdlib.h on OSX
2022-12-15 15:00:29 -07:00
gojimmypi e0c9586b79 initialize resp_length = 0 in tls.c 2022-12-15 12:51:33 -08:00
kaleb-himes b23db16ff8 Refactor the double-free fix 2022-12-15 12:21:08 -07:00
David Garske 668efea464 Merge pull request #5884 from icing/ssl-set-ssl-ctx
Fix wolfSSL_set_SSL_CTX() to be usable during handshake.
2022-12-15 10:59:54 -08:00
Chris Conlon 8c54bd0fb1 check for atexit needs stdlib.h on OSX, fixes configure sed error 2022-12-15 11:23:37 -07:00
David Garske 908744dc0f Merge pull request #5646 from JacobBarthelmeh/caam
benchmark devid changes, CCM with SECO fix, set IV on AES import into SECO
2022-12-15 10:01:01 -08:00
David Garske d9ca5f6d3a Merge pull request #5893 from kaleb-himes/mtu-with-static-mem
Add alt case for unsupported static memory API
2022-12-15 09:22:21 -08:00
David Garske d46813953d Merge pull request #5892 from tatowicz/decodealtnames-fuzz-fix
Add Overflow check to DecodeAltNames input buffer access
2022-12-15 09:21:37 -08:00
kaleb-himes 46c47e4adc Fix a quick leak in the test apps
Fix a double-free scenario also
2022-12-15 09:13:45 -07:00
Stefan Eissing 78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake.
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
2022-12-15 09:33:01 +01:00
JacobBarthelmeh 8924487f27 fix warning for builds using cmac and not devID 2022-12-14 15:38:08 -08:00
JacobBarthelmeh 89c993eff3 fix AES-CCM enc/dec for SECO (passes nonce directly) 2022-12-14 15:20:03 -08:00
JacobBarthelmeh b79879d106 fix setting IV when importing AES key into SECO 2022-12-14 15:20:03 -08:00
JacobBarthelmeh 9f77210b0b update benchmark for devID builds 2022-12-14 15:20:03 -08:00
kaleb-himes ed17524793 Add alt case for unsupported static memory API 2022-12-14 16:02:35 -07:00
Sean Parkinson a3f3c76faa Merge pull request #5890 from anhu/fix_iv_size
Fix the wrong IV size.
2022-12-15 08:43:25 +10:00
Sean Parkinson 3d8f25ab7d Merge pull request #5430 from dgarske/sniffer_multithread
Support for multi-threaded sniffer
2022-12-15 08:18:49 +10:00
David Garske 3fd2292d11 Merge pull request #5889 from anhu/dtls13_pqtests
Kyber with DTLS 1.3 tests
2022-12-14 13:20:32 -08:00
Anthony Tatowicz 370e0ce0f4 Add formatting fixes 2022-12-14 13:54:03 -06:00
Anthony Hu c5ca20fe43 New files so add them to include.am 2022-12-14 13:28:20 -05:00
Anthony Tatowicz 8580ac0377 Add Overflow check to DecodeAltNames input buffer access 2022-12-14 12:08:19 -06:00
Anthony Hu 472a31a801 Fix the wrong IV size. 2022-12-14 13:04:38 -05:00
Anthony Hu ad6d6be620 Kyber with DTLS 1.3 tests 2022-12-14 12:46:24 -05:00
David Garske 6be0512728 Peer review cleanups. 2022-12-14 09:25:04 -08:00
David Garske b2d25ece98 Merge pull request #5885 from anhu/pq_session_ticket
Allow session tickets to properly resume when using PQ KEMs.
2022-12-13 16:32:07 -08:00
David Garske e33d59cd76 Review cleanups. 2022-12-13 10:55:22 -08:00
Anthony Hu 364835dc9e Allow session tickets to properly resume when using PQ KEMs.
Found with:

```
./configure --with-liboqs --enable-session-ticket
./examples/server/server -v 4 -r --pqc P521_KYBER_LEVEL5
./examples/client/client -v 4 -r --pqc P521_KYBER_LEVEL5
```
2022-12-13 11:36:00 -05:00
Daniel Pouzzner 64ef6aedd6 Merge pull request #5882 from SparkiDev/sp_aarch64_be
SP: support aarch64 big endian
2022-12-12 22:06:38 -06:00
Sean Parkinson a7a6d5b297 Merge pull request #5874 from JacobBarthelmeh/tls13
adjust post auth support with TLS 1.3
2022-12-13 09:39:31 +10:00
Sean Parkinson bc3b723609 SP: support aarch64 big endian 2022-12-13 09:33:16 +10:00
David Garske d0c9ec6681 Merge pull request #5854 from JacobBarthelmeh/Certs
fix other name san parsing and add RID cert to test parsing
2022-12-12 14:44:07 -08:00