mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17,641 Commits 5 Branches 162 Tags
Commit Graph

17641 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Pouzzner
542c53f3ac snip out errant "#/" strings added to various text files by copyright boilerplate update in 8eaa85e412. 2022-07-20 18:23:28 -05:00
Daniel Pouzzner
a3fd714501 configure.ac: allow --enable-opensslextra with --enable-linuxkm if --enable-cryptonly is also given. 2022-07-20 18:21:29 -05:00
Daniel Pouzzner
3842889649 src/tls13.c: in SendTls13ClientHello(), move nullness check on WOLFSSL* ssl back to the start of the function. 2022-07-20 18:19:58 -05:00
David Garske
706ab6aac0
Merge pull request #5377 from kareem-wolfssl/rsaKeyEncipher 
Don't require digital signature bit for static RSA cipher suites.  Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA.
 2022-07-20 15:28:55 -07:00
Sean Parkinson
bd2b510487
Merge pull request #5376 from dgarske/sniff_tlsv12_sessticket 
Fixes for sniffer session ticket resumption with TLS v1.2
 2022-07-21 08:22:33 +10:00
David Garske
9450fa1412
Merge pull request #5375 from LinuxJedi/se050-private-key-add 
Add ECC private key insertion for SE050
 2022-07-20 12:42:13 -07:00
Kareem
741d61574b Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA. 2022-07-20 12:24:47 -07:00
Kareem
873890316c Don't require digital signature bit for static RSA cipher suites. 2022-07-20 12:08:20 -07:00
David Garske
564f79c91a
Merge pull request #5371 from douzzer/20220719-linuxkm-get_thread_size-no-thunks 
linuxkm: inhibit thunk generation in get_thread_size.
 2022-07-20 11:48:48 -07:00
David Garske
1c7f64cce9 Fixes for sniffer session ticket resumption with TLS v1.2. ZD14531. 2022-07-20 11:18:19 -07:00
David Garske
b46a308544
Merge pull request #5361 from embhorn/zd14491 
Fix for build with NO_TLS
 2022-07-20 09:28:23 -07:00
Andrew Hutchings
07d2940757 Fix issue caused by undo in IDE 2022-07-20 16:42:09 +01:00
David Garske
ab60865178
Merge pull request #5374 from julek-wolfssl/dtls-multiple-msgs 
ShrinkInputBuffer should not be called in the middle of ProcessReply
 2022-07-20 08:27:56 -07:00
Andrew Hutchings
d7b4abfa0b Fixups to the SE050 ECC pkey insert function 2022-07-20 16:25:39 +01:00
David Garske
719e814841
Merge pull request #5370 from rizlik/dtls13_partial_read_fixes 
dtlsv1.3 fixes
 2022-07-20 08:03:29 -07:00
David Garske
e4c1e71b38
Merge pull request #5364 from embhorn/zd14519 
Fix wolfSSL_Init error handling
 2022-07-20 08:03:08 -07:00
David Garske
f4191a102b
Merge pull request #5304 from SKlimaRA/SKlimaRA/cert-pathlen 
drafted pathlen for cert struct
 2022-07-20 07:54:13 -07:00
David Garske
aab2459d1f
Merge pull request #5372 from JacobBarthelmeh/copyright 
update copyright year to 2022
 2022-07-20 07:52:05 -07:00
David Garske
c029b23043
Merge pull request #5308 from SparkiDev/ecies_gen_iv 
ECIES: Google Pay generates IV and places it before msg
 2022-07-20 06:46:14 -07:00
Marco Oliverio
2e0d53a07d fix: dtls13: use correct handshaketype on hello retry request 2022-07-20 15:25:50 +02:00
Marco Oliverio
3850e6b554 fix: dtls13: use aes for record numbers encryption if using aes-ccm 2022-07-20 15:25:50 +02:00
Marco Oliverio
066f17faad fix: dtls13: hello_retry_request type isn't an encrypted message 2022-07-20 15:25:50 +02:00
Marco Oliverio
c0fc87342c tls13: avoid spurious state advances in connect/accept state machine 2022-07-20 15:25:50 +02:00
Marco Oliverio
11dfb713e9 openssl_compatible_default: use DTLSv1.0 as minDowngrade in DTLS 2022-07-20 15:25:46 +02:00
Marco Oliverio
6711756b03 dtls13: support stream-based medium 
Don't assume that the underlying medium of DTLS provides the full message in a
single operation. This is usually true for message-based socket (eg. using UDP)
and false for stream-based socket (eg. using TCP).

Commit changes:

- Do not error out if we don't have the full message while parsing the header.
- Do not assume that the record header is still in the buffer when decrypting
  the message.
- Try to get more data if we didn't read the full DTLS header.
 2022-07-20 14:53:07 +02:00
Juliusz Sosinowicz
40cb6e0853 ShrinkInputBuffer should not be called in the middle of ProcessReply 2022-07-20 11:57:48 +02:00
Andrew Hutchings
ea34fb1643 Add ECC private key insertion for SE050 
This adds a utility function which allows an ECC private key to be
inserted into the SE050's permanent storage.
 2022-07-20 10:45:26 +01:00
Stanislav Klima
66c5a947fd XSTRNCPY, fixed typos 2022-07-20 08:56:59 +02:00
Sean Parkinson
09bba3510f ECIES: Google Pay ECIES 
Generates IV and places it before msg
Uses 12 byte IV with AES-CTR
Add API to explicitly set KDF salt.
 2022-07-20 09:30:47 +10:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Eric Blankenhorn
8b904e9082 Fix for build with NO_TLS 2022-07-19 11:12:18 -05:00
Daniel Pouzzner
0dac3ec022 linuxkm: inhibit thunk generation in get_thread_size. 2022-07-19 10:20:04 -05:00
Stanislav Klima
1a44bad8cc drafted test case for path len 2022-07-19 15:34:20 +02:00
Stanislav Klima
3d721bd533 more WOLFSSL_CERT_EXT 2022-07-19 11:00:36 +02:00
Stanislav Klima
6ce5f645f3 added ASN template code and WOLFSSL_CERT_EXT, still missing testcase 2022-07-19 10:38:47 +02:00
David Garske
9a3efb67b8
Merge pull request #5368 from lealem47/disableAes 
Fix for --disable-aes without --disable-aesgcm
 2022-07-18 15:05:59 -07:00
David Garske
feb3f889af
Merge pull request #5369 from embhorn/zd14522 
Fix var init in wc_ecc_shared_secret
 2022-07-18 14:17:53 -07:00
Lealem Amedie
cee9f9a871 Fix for --disable-aes without --disable-aesgcm 2022-07-18 10:26:20 -07:00
Chris Conlon
c63abe398f
Merge pull request #5321 from miyazakh/tsip_add_usecase 2022-07-18 09:35:43 -06:00
Eric Blankenhorn
f55fe7fccd Fix var init in wc_ecc_shared_secret 2022-07-18 09:13:07 -05:00
David Garske
218ab7e396
Merge pull request #5362 from haydenroche5/ssl_set_options_public 
Make wolfSSL_(get|set)_options available outside compat layer.
 2022-07-15 10:36:29 -07:00
Eric Blankenhorn
e7303d697b Fix wolfSSL_Init error handling 2022-07-15 09:30:30 -05:00
Andrew Hutchings
8a757ef7cf
Merge pull request #5363 from dgarske/se050_curve25519 
Fixes for SE050 Curve25519 endianness
 2022-07-15 08:49:27 +01:00
Hideki Miyazaki
15725400a7
addressed review comments 5 2022-07-15 13:46:30 +09:00
Hayden Roche
a1b7c29309 Make wolfSSL_(get|set)_options available outside compat layer. 
Also make wolfSSL_CTX_get_options available.
 2022-07-14 16:03:58 -07:00
David Garske
dec8a7fd93 Fixes for SE050 Curve25519 endianness (SDK assumes little endian). Fix for ECC se050_ecc_shared_secret use of wrong pointer on error handle free. 2022-07-14 15:34:50 -07:00
David Garske
6cc2665a81
Merge pull request #5358 from SparkiDev/sp_int_armv6 
SP int ARM32: replace clz instruction when not supported
 2022-07-14 15:32:00 -07:00
Chris Conlon
350ff552c4
Merge pull request #5351 from kojo1/renesas-csp 2022-07-14 16:10:34 -06:00
David Garske
e3c65d86d6
Merge pull request #5360 from LinuxJedi/se050-sign-fix-b 
Missed a small part of my original SE050 sign fix
 2022-07-14 06:39:11 -07:00
Hideki Miyazaki
fd885d89eb
Added multi thread use case 
Improve not to use forward declaration struct definition

 - include ssl.h rather than forward declaration struct to resolve struct name
 - to include ssl.h, it needs to avoid cyclic reference for crypt structure. therefore, Sha and Aes definitions are moved to another header file
 2022-07-14 17:25:21 +09:00