mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,151 Commits 5 Branches 162 Tags
Commit Graph

18151 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marco Oliverio
56d6087749 tls13: support ticketNonce bigger than MAX_TICKET_NONCE_SZ 
to enable it, use WOLFSSL_TICKET_NONCE_MALLOC define
 2022-09-28 19:54:14 +02:00
Marco Oliverio
1a983b4a8f session: use plain buffer to store ticket nonce in ticket 2022-09-21 14:51:07 +02:00
Kaleb Himes
43715d1bb5
Merge pull request #5607 from haydenroche5/140_3_version_fixes 
Clean up some FIPS versioning logic in configure.ac and WIN10 user_settings.h.
 2022-09-19 20:48:25 -06:00
Hayden Roche
d212974d5e Clean up some FIPS versioning logic in configure.ac and WIN10 user_settings.h. 
configure.ac: Get rid of v5-RC8, v5-RC9, v5-RC10, v5-RC11, v5-ready, and v5-dev.
v5-ready is now just ready and v5-dev just dev.
IDE/WIN10/user_settings.h: Make the FIPS blocks define HAVE_FIPS. Change WCv5.0
block to WCv5.0-RC12. Change FIPS Ready block to use HAVE_FIPS_VERSION_MINOR 3
instead of HAVE_FIPS_VERSION_MINOR 2.
 2022-09-19 15:26:06 -07:00
David Garske
73dbc873bd
Merge pull request #5586 from julek-wolfssl/dtls-misc-security 
Add missing minor security checks
 2022-09-19 09:47:00 -07:00
David Garske
cf3d9df443
Merge pull request #5605 from julek-wolfssl/gitignore 
Add async and fips test folders to gitignore
 2022-09-19 09:36:06 -07:00
David Garske
0b81a584cc
Merge pull request #5604 from SparkiDev/mp_init_size_fizes_2 
SP int: mp_init_size fixes when SP_WORD_SIZE == 8
 2022-09-19 06:50:26 -07:00
Juliusz Sosinowicz
9eac8bf5a9 Add async and fips test folders to gitignore 2022-09-19 11:42:45 +02:00
Juliusz Sosinowicz
23e9cf2dc1 Test AEAD limits only without WOLFSSL_TLS13_IGNORE_AEAD_LIMITS 2022-09-19 10:30:29 +02:00
Sean Parkinson
dd32f30306
Merge pull request #5601 from douzzer/20220917-fixes 
20220917-fixes
 2022-09-19 13:50:25 +10:00
Sean Parkinson
e7dba670d6 SP int: mp_init_size fix for sp_mont_norm 
sp_mont_norm should check wrong parameter when determining whether the
calculation values will fit.
 2022-09-19 10:04:30 +10:00
Sean Parkinson
02e51953fd SP int: mp_init_size fixes when SP_WORD_SIZE == 8 
Setting an integer may have a value larger than one word being set.
Check size of SP int in this case.
 2022-09-19 09:26:47 +10:00
Sean Parkinson
e43a7843b6
Merge pull request #5603 from kaleb-himes/scripts-update 
Address Issue pointed out in (now deleted) comment on an old merge
 2022-09-19 09:06:39 +10:00
kaleb-himes
9a193a3e02 Address Issue pointed out in (now deleted) comment on an old merge 2022-09-18 08:45:18 -06:00
Daniel Pouzzner
ac0d7f4d84 src/internal.c: 
in DtlsMsgNew(), iff WOLFSSL_ASYNC_CRYPT, allow sz==0 allocation, to fix infinite loop in ProcessReplyEx() around DoDtlsHandShakeMsg();

in DtlsMsgAssembleCompleteMessage() restore fix from 0603031362a for pointerOutOfBounds (undefined behavior) construct;

in ProcessReplyEx(), in WOLFSSL_DTLS13 case ack, check and propagate error from DoDtls13Ack() (fix from @guidovranken).
 2022-09-17 13:02:51 -05:00
Daniel Pouzzner
0fc80f5f85 wolfcrypt/src/sp_int.c: catch and propagate errors from sp_init_size() in sp_invmod() and sp_gcd() to fix clang-analyzer-core.UndefinedBinaryOperatorResult. 2022-09-17 12:55:48 -05:00
Daniel Pouzzner
02cc7bf82e fix whitespace/linelength/indentation. 2022-09-17 12:53:37 -05:00
Chris Conlon
e6bd6a94a0
Merge pull request #5521 from TakayukiMatsuo/clientverify 2022-09-16 16:55:38 -06:00
JacobBarthelmeh
7a728c0c48
Merge pull request #5569 from SparkiDev/kyber 
Kyber: Add option to build Kyber API
 2022-09-16 14:56:02 -06:00
JacobBarthelmeh
c6f6086b15
Merge pull request #5576 from julek-wolfssl/dtls-windows 
Fix build errors and warnings for MSVC with DTLS 1.3
 2022-09-16 11:11:46 -06:00
JacobBarthelmeh
b780ad6da0
Merge pull request #5594 from julek-wolfssl/zd14813 
Do not allow 0 size DtlsMsg
 2022-09-16 10:21:54 -06:00
John Safranek
43b16f67b9
Merge pull request #5596 from SparkiDev/mac_m1_arm_sha256_fix 
Aarch64 SHA-256 Mac M1 fix
 2022-09-16 09:13:23 -07:00
David Garske
24d0112d2c
Merge pull request #5581 from SparkiDev/sp_int_size_fix 
SP int: mp_init_size() fix
 2022-09-16 08:29:06 -07:00
Juliusz Sosinowicz
9ef10b5435 Check return of DtlsMsgCreateFragBucket() 2022-09-16 12:13:12 +02:00
Juliusz Sosinowicz
bf4be901e4 Add prototypes for w64wrapper functions 2022-09-16 11:28:29 +02:00
Sean Parkinson
4b3718543e Aarch64 SHA-256 Mac M1 fix 
Inline assembly is told K when finished is not important but K is
changing. Take a local copy of K and mark as a changing value.
 2022-09-16 13:20:48 +10:00
Sean Parkinson
e52730d008 SP int: mp_init_size() and check size fixes 
Check size passed to mp_init_size() 1..SP_INT_DIGITS.
More checks of parameters to SP int functions to ensure result is big
enough to hold value calculated.
 2022-09-16 10:13:33 +10:00
Sean Parkinson
523c16130d
Merge pull request #5579 from douzzer/20220911-fixes-re-multi-test 
20220911-fixes-re-multi-test
 2022-09-16 08:29:41 +10:00
Daniel Pouzzner
d18a654f74 wolfcrypt/src/sp_int.c: address peer review around _sp_zero(), sp_init(), and sp_init_size(), re sp_int_minimal. 2022-09-15 14:33:45 -05:00
Daniel Pouzzner
5d2610c96d wolfssl/wolfcrypt/sp_int.h and wolfcrypt/src/sp_int.c: add struct sp_int_minimal, with same structure as struct sp_int but only one digit, to allow error-free access to sp_ints allocated with ALLOC_SP_INT() with fewer than SP_INT_DIGITS digits, and use the new type in _sp_zero() and sp_init_size() to eliminate -Werror=array-bounds on _sp_zero() under gcc-13. 2022-09-15 13:16:27 -05:00
Daniel Pouzzner
23b16c09d7 linuxkm/Makefile: add support for $KBUILD_EXTRA_FLAGS. 2022-09-15 13:16:27 -05:00
David Garske
2a96d62e43
Merge pull request #5573 from embhorn/zd14802 
Add WOLFSSL_ATECC_TFLXTLS for Atmel port
 2022-09-15 08:59:40 -07:00
Juliusz Sosinowicz
4b3f6ada8a Do not allow 0 size DtlsMsg 2022-09-15 16:18:24 +02:00
Juliusz Sosinowicz
1941fb2b35 Keep a separate drop counter for each epoch 2022-09-15 15:49:05 +02:00
Juliusz Sosinowicz
67473bac28 Code review fixes 
- Mark old epochs as invalid so we don't attempt to decrypt with them
- Return a non-zero value if possible in unit tests
- Move Dtls13CheckAEADFailLimit to dtls13.c
- Reset state in processreply
 2022-09-15 14:39:33 +02:00
Juliusz Sosinowicz
63ba2f7b8f TLS 1.3: Check maximum records encrypted with one key set 2022-09-15 12:17:46 +02:00
Juliusz Sosinowicz
4e9106c355 Enforce maximum amount of failed decryptions in DTLS 1.3 2022-09-15 12:17:46 +02:00
TakayukiMatsuo
c7de58ebaf Add code to fallback to S/W if TSIP cannot handle 2022-09-15 11:16:37 +09:00
Sean Parkinson
ad39e8f77d Kyber: fix OQS memory leak 2022-09-15 09:18:47 +10:00
JacobBarthelmeh
37adf0ff06
Merge pull request #5592 from douzzer/20220914-fix-quic-test-default-build 
20220914-fix-quic-test-default-build
 2022-09-14 14:15:46 -06:00
JacobBarthelmeh
f21b021bb6
Merge pull request #5590 from SparkiDev/tlsx_symbol_fix 
TLSX: function not used
 2022-09-14 09:10:56 -06:00
JacobBarthelmeh
8b641df116
Merge pull request #5588 from SparkiDev/tls13_cs_fixes 
TLSv1.3 cipher suites: fixes
 2022-09-14 09:06:31 -06:00
Daniel Pouzzner
eef67478e9 tests/quic.c: gate QuicConversation_fail() definition to avoid -Wunused-function. 2022-09-14 09:46:07 -05:00
Juliusz Sosinowicz
17df33cef8 Fix TLS 1.3 testsuite for wolfssl64.sln solution 2022-09-14 11:39:27 +02:00
Sean Parkinson
e8d5cf9662 TLSX: function not used 2022-09-14 09:52:26 +10:00
Sean Parkinson
79d85f6c13 TLS cipher suite: improvements 
wolfSSL_clear: check return from InitSSL_Suites() call.
TLS13: check ClientHello cipher suite length is even.
Silently remove duplicate cipher suites from user input.
Add tests of duplicate cipher suite removal.
 2022-09-14 09:26:00 +10:00
JacobBarthelmeh
3cafde2519
Merge pull request #5589 from SparkiDev/sp_mac_m1_asm 
SP; Mac M1 failure fix
 2022-09-13 16:35:57 -06:00
John Safranek
fa8c158f3c
Merge pull request #5587 from tim-weller-wolfssl/dev-win-build-fips-update 
Remove FIPS preprocessor defines from Windows build options
 2022-09-13 13:47:51 -07:00
JacobBarthelmeh
12ec2272d6
Merge pull request #5585 from icing/groups-key-share 
wolfSSL_set1_curves_list(), wolfSSL_CTX_set1_curves_list() improvements.
 2022-09-13 10:36:25 -06:00
Eric Blankenhorn
1a0073b558 Add WOLFSSL_ATECC_TFLXTLS for Atmel port 2022-09-13 11:04:58 -05:00