mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,443 Commits 5 Branches 162 Tags
Commit Graph

4242 Commits

Author SHA1 Message Date
toddouska
29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
toddouska
e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska
48783c1982
Merge pull request #2996 from dgarske/stm32hal 
Fixes and improvements for STM32 crypto hardware
 2020-06-09 13:24:27 -07:00
toddouska
7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
David Garske
8791573dfe Fix for building with NO_PUBLIC_GCM_SET_IV when ChaCha20/Poly1305 is enabled. Cleanup use of not used STD_PERI_LIB. 2020-06-08 08:37:54 -07:00
David Garske
3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in AddSession. 2020-06-05 13:33:03 -07:00
David Garske
7879e83ae0 Fixes for building with ./configure --enable-tls13 --disable-rsa --disable-ecc --enable-psk. Fix to properly detect if missing a asymmetric key algorithm (required by TLS v1.3). 2020-06-04 16:31:19 -07:00
David Garske
66fdc2c536 Disable TLS v1.3 if none of these are available "ECC, CURVE25519, CURVE448 or DH". 2020-06-04 15:31:19 -07:00
David Garske
d4fdd1e590 Fix for TLS v1.3 test PSK callback to support cipher list. Add support for GetCipherSuiteFromName to accept a name ending with colon. 2020-06-04 15:31:18 -07:00
David Garske
8823a581d0 Add PSK user context support (Fixes #2952.). 2020-06-04 15:31:18 -07:00
David Garske
0228d1eeea Cleanups for the TLS v1.3 build requirements. Add check for TLS v1.3 call to EncodeSigAlg. 2020-06-04 15:31:18 -07:00
David Garske
4d8cf5b571 Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF). 2020-06-04 15:31:18 -07:00
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
toddouska
3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
toddouska
23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
79465d70f7
Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00
kaleb-himes
5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00
Chris Conlon
1c1a01fffe rename dup to resolve NetBSD global shadow warnings 2020-06-03 14:11:12 -06:00
Chris Conlon
d220168384
Merge pull request #3017 from kojo1/supplicant-error 
alertWhy: unknown_ca for ASN_NO_SIGNER_E
 2020-06-03 10:44:31 -05:00
Sean Parkinson
0d1ed9efc7 TLS 1.3: Never send CertiifcateRequest when PSK 
Server must not send a CertificateRequest when authenticating with a
PSK.
Increase the max size of the signature algorithms as ED448 has been
added.
 2020-06-03 12:48:31 +10:00
Tesfa Mael
d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
toddouska
c7331fa699
Merge pull request #3008 from embhorn/zd10320 
Fix possible NULL dereference error in TLSX_SecureRenegotiation_Parse
 2020-06-02 11:13:17 -07:00
kaleb-himes
6217118ee4 Account for unmodifiable FIPS module files when adding new OpenSSL functionality 2020-06-01 16:28:32 -06:00
Takashi Kojo
5bcd121ab5 alertWhy: unknown_ca for ASN_NO_SIGNER_E 2020-06-02 05:54:16 +09:00
toddouska
2ee8f335b7
Merge pull request #2992 from SparkiDev/tls13_enc_alert_2 
Actually make TLS 1.3 alerts encrypted when possible
 2020-05-29 13:04:49 -07:00
David Garske
e498e07390
Merge pull request #3005 from cconlon/608a 
ATECC608A improvements for use with Harmony 3 and PIC32MZ
 2020-05-28 16:10:39 -07:00
toddouska
5962931b21
Merge pull request #2947 from SparkiDev/tls13_integ_fix 
Fix TLS 1.3 integrity only for interop
 2020-05-28 13:48:43 -07:00
Eric Blankenhorn
4e8f5fce66 Fix NULL dereference error 2020-05-28 12:17:29 -05:00
Sean Parkinson
3fec01c0aa Actually make TLS 1.3 alerts encrypted when possible 
Pervious fix didn't work.
This time, if TLS 1.3 and encryption is on then it will encrypt the
alert.
 2020-05-28 10:57:33 +10:00
Chris Conlon
896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
JacobBarthelmeh
8e9f518caa fix for gcc 10+ error on snprintf 2020-05-27 16:20:39 -06:00
toddouska
e388885407
Merge pull request #2997 from kaleb-himes/ZD10356 
Fix a seg fault when cert not loaded prior to key check
 2020-05-26 16:19:43 -07:00
Kaleb Himes
5179503e8f
Merge pull request #2995 from julek-wolfssl/va-copy-check 
Enable wolfSSL_BIO_vprintf on Windows
 2020-05-26 08:58:05 -07:00
Sean Parkinson
eed5943b6f Fix TLS 1.3 integrity only for interop 
Make key size the size of the digest.
 2020-05-25 16:02:53 +10:00
Chris Conlon
165fce7c57
Merge pull request #2988 from miyazakh/peakmem 
added WOLFSSL_LEAVE for measuring peak memory script
 2020-05-22 15:37:30 -06:00
kaleb-himes
53d2a17b43 Fix a seg fault when cert not loaded prior to key check 2020-05-22 15:03:11 -06:00
Juliusz Sosinowicz
de61a8e5d3 Enable wolfSSL_BIO_vprintf on Windows 
Enable wolfSSL_BIO_vprintf use with WOLFSSL_BIO_MEMORY and WOLFSSL_BIO_SSL on Windows with the HAVE_VA_COPY flag
 2020-05-21 19:41:40 +02:00
Juliusz Sosinowicz
a67e1fc2ad Fix implicit conversions 2020-05-21 13:20:42 +02:00
Juliusz Sosinowicz
70c55ce30a Set offset in cipher struct 2020-05-21 12:51:23 +02:00
David Garske
19848076ec
Merge pull request #2986 from kaleb-himes/ZD9610_REPORT2 
Fix building with openssl extra x509 small writes to heap without alloc
 2020-05-20 08:10:43 -07:00
Juliusz Sosinowicz
5f7832909b BIO_new_mem_buf with negative len should take strlen of buf as len 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz
4a85bf8108 Additional OpenSSL compat layer stuff 
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
 2020-05-20 16:55:16 +02:00
kaleb-himes
08c02b037c Fix building with openssl extra x509 small writes to heap without alloc 2020-05-19 17:12:36 -06:00
toddouska
7901f74d0b
Merge pull request #2977 from SparkiDev/tlsx_ks_ecc_fix 
KeyShare ECC shift index range check
 2020-05-19 15:49:41 -07:00
toddouska
754c96965a
Merge pull request #2974 from SparkiDev/tls13_enc_alert 
If encryption setup, TLS 1.3 alerts encrypted
 2020-05-19 15:48:54 -07:00
Sean Parkinson
5b918f7ace KeyShare ECC shift index range check 2020-05-18 08:49:38 +10:00
toddouska
bdddb00ebc
Merge pull request #2973 from kaleb-himes/FIPS-OE6 
for OE6 sp_arm32.c asm code is inlined in rsa.c and ecc.c
 2020-05-14 10:55:54 -07:00
toddouska
fbfb28d5ee
Merge pull request #2926 from SparkiDev/tls13_failnocert 
Fail when WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT set in TLS1.3
 2020-05-14 10:53:18 -07:00