mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
20,830 Commits 5 Branches 162 Tags
Commit Graph

20830 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
365fae8ac0 Add curl test dep 2023-10-10 11:37:48 +02:00
Juliusz Sosinowicz
64ed7d57eb Add comment 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
275c0a0838 Update window in one place only when stateful 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
8ac72750bc Fix linting issues 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
948d7ae761 keyLog_callback: flush the descriptor to make sure it is written out 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
c1a49fef99 Fix unreachable code error 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
bec87e525f PQC TLS 1.3: test setting pqc with wolfSSL_CTX_set_groups 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
3a881079d3 Fix async 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
2c6c52078a test_dtls13_frag_ch_pq: make sure kyber5 is used 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
37c0d52fa8 Dump manual memio stream with WOLFSSL_DUMP_MEMIO_STREAM 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
c802193119 Simplify the pqc keyshare handling 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
0dbf97c867 fixup! Clear the keyshare instead of storing it 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
230f81712c fixup! Clear the keyshare instead of storing it 2023-10-09 12:54:11 +02:00
Anthony Hu
f640fdf91f Adding a post-quantum DTLS 1.3 test. 
This exercises the fragmenting of ClientHello via large post-quantum key share.

./configure --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtls \
            --enable-dtls13 --with-liboqs
 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
ada785e115 Address code review 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
8da863184c Force DTLS 1.3 when accepting fragmented CH 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
df8ee69075 Clear the keyshare instead of storing it 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
85a596e54a DTLS 1.3: allow fragmenting the second ClientHello message 
- DTLS 1.3 pqc support
- Add --enable-dtls-frag-ch option to enable CH fragmenting
- Send an alert when we get an empty keyshare with a cookie present to not allow for multiple HRR in one connection
- Only update the DTLS window when we have successfully processed or stored a message
- Call ssl->chGoodCb as soon as we have processed a verified full or fragmented ClientHello cookie
 2023-10-09 12:54:11 +02:00
Sean Parkinson
832e0f3726
Merge pull request #6842 from kaleb-himes/fix-err-introduce-with-cm-move 
Fix -4 return code when expected BAD_FUNC_ARG(-173)
 2023-10-09 07:04:24 +10:00
JacobBarthelmeh
c082216661
Merge pull request #6836 from anhu/iar_ewarm_gitignore 
Changes to what gets ignored by git for the IAR-EWARM IDE
 2023-10-06 20:57:25 -06:00
JacobBarthelmeh
5cb80ea898
Merge pull request #6847 from embhorn/zd16767 
Fix wolfSSL_set_verify_result to use correct value
 2023-10-06 16:52:32 -06:00
Eric Blankenhorn
b329c0d5f4 Fix wolfSSL_set_verify_result to use correct value 2023-10-06 16:34:31 -05:00
Anthony Hu
52a9730f56 Changes to gitignore for IAR-EWARM IDE. 2023-10-06 17:02:22 -04:00
JacobBarthelmeh
fd2d098566
Merge pull request #6821 from bigbrett/aes-eax 
AES EAX mode
 2023-10-06 14:14:28 -06:00
Brett Nicholas
fafb9e81c0 Add support for AES EAX mode, as described in https://eprint.iacr.org/2003/069 2023-10-06 11:10:06 -06:00
JacobBarthelmeh
a7950a3739
Merge pull request #6846 from SparkiDev/aes_xts_arm_hw_crypto 
Aarch64 and ARM32 AES XTS with crypto instructions
 2023-10-06 09:58:38 -06:00
JacobBarthelmeh
a24d66939f
Merge pull request #6843 from embhorn/gh6760_take2 
Fix RNG with writedup
 2023-10-06 09:11:33 -06:00
Sean Parkinson
862a98abe0 Aarch64 and ARM32 AES XTS with crypto instructions 
Optimised assembly of AES-XTS for Aarch64 and ARM32 using hardware
crypto instructions.
Aarch64 has loop unrolling.
Update aes.c to not have AES-XTS implementation when assembly
compilable.
Update test of AES-XTS to check expected cipher text of partial block
encryption.
 2023-10-06 12:39:31 +10:00
kaleb-himes
e51399ca0f Do the success checkout out front 2023-10-05 17:05:36 -06:00
JacobBarthelmeh
5a5a8c9b47
Merge pull request #6841 from julek-wolfssl/fix-all-scr 
Fixes for bugs exposed with SCR
 2023-10-05 16:55:01 -06:00
JacobBarthelmeh
c26ad8d19a
Merge pull request #6828 from SparkiDev/mp_sqrtmod_prime_cust_curve 
mp_sqrtmod_prime: bail early on the check for small values
 2023-10-05 16:32:01 -06:00
JacobBarthelmeh
22b838c22b
Merge pull request #6799 from kojo1/no_malloc 
fix NO_MALLOC guard in an error case
 2023-10-05 16:23:54 -06:00
Eric Blankenhorn
a494d04f10 Fix RNG with writedup 2023-10-05 16:03:42 -05:00
kaleb-himes
4bb6c51d2d Fix -4 return code when expected BAD_FUNC_ARG(-173) 2023-10-05 14:20:37 -06:00
JacobBarthelmeh
2c4556c797
Merge pull request #6835 from julek-wolfssl/no-ossl-defs-in-release 
Add option to disable OPENSSL_COMPATIBLE_DEFAULTS
 2023-10-05 10:47:50 -06:00
JacobBarthelmeh
1b4435d134
Merge pull request #6839 from julek-wolfssl/eol-repos 
Remove unsupported distros from readme badge
 2023-10-05 10:46:49 -06:00
JacobBarthelmeh
a333e775c7
Merge pull request #6837 from anhu/doc_corr 
Minor correction to documentation
 2023-10-05 10:46:12 -06:00
Chris Conlon
6968105984
Merge pull request #6831 from miyazakh/renesas_tsip_fix 
fix compile error due to rz port change
 2023-10-05 09:43:34 -06:00
Juliusz Sosinowicz
858c66de3c Add configs that exposed this bug 2023-10-05 16:58:45 +02:00
Juliusz Sosinowicz
89946126f2 Remove dtls_expected_rx and use expected values directly 
We should always read MTU + EXTRA so that we capture the entire message and are able to correctly decrypt the entire datagram. A smaller MTU also breaks larger handshake messages sent during a connection like secure renegotiation in DTLS 1.2 (confirmed) and post-handshake messages in DTLS 1.3 (suspected).
 2023-10-05 16:58:45 +02:00
Juliusz Sosinowicz
80c8c62fb2 Proper initial_ctx clean up 
- Call wolfSSL_CTX_free on ssl->initial_ctx so that it decrements the counter and free's the object
- Clean up where ssl->initial_ctx is free'd. It only needs to be free'd when the ssl object is being free'd
 2023-10-05 16:58:45 +02:00
Juliusz Sosinowicz
9abc611550 Update dtls in readme 2023-10-05 13:32:58 +02:00
Juliusz Sosinowicz
6b28a68e42 Add DTLS 1.3 to README 2023-10-05 13:26:35 +02:00
Juliusz Sosinowicz
c88fec1534 Remove unsupported distros from readme badge 2023-10-05 13:22:34 +02:00
Juliusz Sosinowicz
8ce8359bd7 Add option to disable OPENSSL_COMPATIBLE_DEFAULTS 2023-10-05 10:30:44 +02:00
Anthony Hu
630d75153f Minor correction to documentation 2023-10-04 16:51:55 -04:00
JacobBarthelmeh
96205fc80d
Merge pull request #6820 from julek-wolfssl/zd/16550-int-crl 
CRL verify the entire chain including loaded CA's
 2023-10-04 14:37:50 -06:00
David Garske
4d81725438
Merge pull request #6832 from jpbland1/cryptocb-key-context 
add devCtx to all keys for use in cryptoCb
 2023-10-04 09:34:06 -07:00
JacobBarthelmeh
94043723c9
Merge pull request #6833 from douzzer/20231003-options-h-flag-order-etc 
20231003-options-h-flag-order-etc
 2023-10-04 09:01:58 -06:00
Daniel Pouzzner
45b613ee55 wolfcrypt/test/test.c: fix error codes in hpke_test_single(), hpke_test(), and ecc521_test_deterministic_k(). 2023-10-03 22:44:11 -05:00