mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,401 Commits 5 Branches 162 Tags 807 MiB
1d01b87741
Commit Graph

11401 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
1d01b87741 Fix to detect if NO_CERTS / --disable-asn is used in scripts/tls13.test. 2020-06-04 16:08:08 -07:00
David Garske
66fdc2c536 Disable TLS v1.3 if none of these are available "ECC, CURVE25519, CURVE448 or DH". 2020-06-04 15:31:19 -07:00
David Garske
93be04f380 Can't send empty list for the client when sniffer is enabled or it will use AES128-SHA. 2020-06-04 15:31:18 -07:00
David Garske
ad93813d75 Fix for expected failure case on client write. Resolves test-fails.con server TLSv1.3 fail on no client certificate test. 2020-06-04 15:31:18 -07:00
David Garske
d4fdd1e590 Fix for TLS v1.3 test PSK callback to support cipher list. Add support for GetCipherSuiteFromName to accept a name ending with colon. 2020-06-04 15:31:18 -07:00
David Garske
3b63e55a68 Fix for TLS v1.3 PSK tests work with additional cipher suites (not just TLS13-AES128-GCM-SHA256) and the echo server/client. 2020-06-04 15:31:18 -07:00
David Garske
8823a581d0 Add PSK user context support (Fixes #2952.). 2020-06-04 15:31:18 -07:00
David Garske
0228d1eeea Cleanups for the TLS v1.3 build requirements. Add check for TLS v1.3 call to EncodeSigAlg. 2020-06-04 15:31:18 -07:00
David Garske
ab2afbd37b Allow the TLS 13 draft 18 build option and just use the final version. This allows the automated test scripts to pass. 2020-06-04 15:31:18 -07:00
David Garske
4d8cf5b571 Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF). 2020-06-04 15:31:18 -07:00
David Garske
8300754ecd Fix for "testsuite" with TLSv1.3 and --enable-sniffer. 2020-06-04 15:31:18 -07:00
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
093d9981fb Disable fast-rsa if RSA PSS is enabled (not supported). 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
JacobBarthelmeh
976db2545d
Merge pull request #3007 from embhorn/zd10318 
Fix OOB access in ParseCRL
 2020-06-04 13:11:59 -06:00
toddouska
23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
b48699c1f0
Merge pull request #3022 from cconlon/jnisni 
enable SNI by default for JNI/JSSE build
 2020-06-04 11:07:56 -07:00
toddouska
79465d70f7
Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00
toddouska
c3407e2052
Merge pull request #3004 from SparkiDev/asn1_int_lead_0_any 
Define to allow badly formed ASN integers
 2020-06-03 14:55:04 -07:00
toddouska
4ddbe546a3
Merge pull request #2993 from dgarske/math_fixes 
Improvements around the ECC max bits calculation
 2020-06-03 14:53:51 -07:00
Eric Blankenhorn
4b10f6aa03 Update from review 2020-06-03 15:56:46 -05:00
Chris Conlon
cafcaa4181 enable SNI by default for JNI/JSSE build 2020-06-03 14:24:10 -06:00
Chris Conlon
d220168384
Merge pull request #3017 from kojo1/supplicant-error 
alertWhy: unknown_ca for ASN_NO_SIGNER_E
 2020-06-03 10:44:31 -05:00
Sean Parkinson
0d1ed9efc7 TLS 1.3: Never send CertiifcateRequest when PSK 
Server must not send a CertificateRequest when authenticating with a
PSK.
Increase the max size of the signature algorithms as ED448 has been
added.
 2020-06-03 12:48:31 +10:00
toddouska
dc1472692a
Merge pull request #3011 from dgarske/nomalloc 
Fixes for using static memory with no malloc
 2020-06-02 11:46:29 -07:00
toddouska
c7331fa699
Merge pull request #3008 from embhorn/zd10320 
Fix possible NULL dereference error in TLSX_SecureRenegotiation_Parse
 2020-06-02 11:13:17 -07:00
Takashi Kojo
5bcd121ab5 alertWhy: unknown_ca for ASN_NO_SIGNER_E 2020-06-02 05:54:16 +09:00
David Garske
b947f69f60 Fix to correct SP 4096-bit enable. Correct nonexistent WOLFSSL_SP_NO_4096, which should be WOLFSSL_SP_4096. 2020-06-01 10:49:08 -07:00
David Garske
bfe1760c17 Improvements to the ECC max bits calculation used with fast math (USE_FAST_MATH and ALT_ECC_SIZE). Updated example code comments to reflect accurate calculation. 2020-06-01 10:48:52 -07:00
toddouska
9c73a4bdbc
Merge pull request #3009 from embhorn/zd10358 
Fix OOB access in RsaUnPad
 2020-06-01 09:29:10 -07:00
Chris Conlon
aeefc09579
Merge pull request #3013 from miyazakh/fix_espidf_buildfail 
fix build failrue on esp-idf
 2020-06-01 09:56:29 -06:00
Hideki Miyazaki
5f783f0198 fix build failrue on esp-idf 2020-05-30 15:19:37 +09:00
toddouska
63a1ccda9b
Merge pull request #3012 from SparkiDev/ecc_mulmod_fix 
Fix ecc mulmod to only do one more bit than modulus len
 2020-05-29 13:07:18 -07:00
toddouska
2ee8f335b7
Merge pull request #2992 from SparkiDev/tls13_enc_alert_2 
Actually make TLS 1.3 alerts encrypted when possible
 2020-05-29 13:04:49 -07:00
Sean Parkinson
2eb9e05518 Fix ecc mulmod to only do one more bit than modulus len 2020-05-29 11:21:37 +10:00
David Garske
e498e07390
Merge pull request #3005 from cconlon/608a 
ATECC608A improvements for use with Harmony 3 and PIC32MZ
 2020-05-28 16:10:39 -07:00
David Garske
10a1cad2dc Fix for TFM _fp_exptmod_nct with WOLFSSL_NO_MALLOC. 2020-05-28 15:15:52 -07:00
David Garske
fd51eecb4f Fix for using signature wrapper with WOLFSSL_NO_MALLOC. Improve wc_SignatureVerifyHash to use RSA verify inline. 2020-05-28 15:12:01 -07:00
David Garske
7ce7d244f8 Fix for using static memory AES GCM test. 2020-05-28 15:12:01 -07:00
toddouska
5962931b21
Merge pull request #2947 from SparkiDev/tls13_integ_fix 
Fix TLS 1.3 integrity only for interop
 2020-05-28 13:48:43 -07:00
toddouska
5360783d7e
Merge pull request #3003 from JacobBarthelmeh/Testing 
fix for gcc 10+ error on snprintf
 2020-05-28 13:28:30 -07:00
Eric Blankenhorn
233a5ca6b8 Fix OOB access 2020-05-28 14:14:19 -05:00
Eric Blankenhorn
4e8f5fce66 Fix NULL dereference error 2020-05-28 12:17:29 -05:00
Eric Blankenhorn
91fb6216a9 Fix OOB access 2020-05-28 09:39:44 -05:00
David Garske
99d8be4f4d
Merge pull request #3002 from ejohnstown/bump-minor-ver 
Bump Patch Version
 2020-05-27 21:09:38 -07:00
Sean Parkinson
3fec01c0aa Actually make TLS 1.3 alerts encrypted when possible 
Pervious fix didn't work.
This time, if TLS 1.3 and encryption is on then it will encrypt the
alert.
 2020-05-28 10:57:33 +10:00
Sean Parkinson
8dee048b04 Define to allow badly formed ASN integers 
Define: WOLFSSL_ASN_INT_LEAD_0_ANY
Allows positive integers to have a leading 0 byte.
DER/BER encoding specifies that leding 0 only on negative numbers
(highest bit of first octet set).
 2020-05-28 08:50:21 +10:00
Chris Conlon
896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
Chris Conlon
8ebd121cac add extern prototype for PIC32 pic32_time() 2020-05-27 16:46:40 -06:00