mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,151 Commits 5 Branches 162 Tags
Commit Graph

18151 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
cef590131a ECC sign_k: don't have it dynamically allocated 2022-09-02 09:18:42 +10:00
Sean Parkinson
23fd6456c2
Merge pull request #5534 from dgarske/zd14420 
Fix for async session tickets
 2022-09-02 08:50:35 +10:00
Sean Parkinson
ef451d316c Make time in milliseconds 64-bits 
Allow for longer session ticket lives.
 2022-09-02 08:45:07 +10:00
David Garske
f530101ef1 Fix for async with OCSP non-blocking in ProcessPeerCerts. ZD 14754. 2022-09-01 14:39:52 -07:00
Stefan Eissing
65ca72c5a2
Improve EVP support for CHACHA20_POLY1305 (#5527) 
* Add test case for OpenSSLs capability to init a evp context partially in several calls.
* EVP handling of CHACHA20_POLY1305 improvment
- save key at ctx for Init()s without IV
- reuse stored key for Init()s with new IV, reusing ctx
- free and zero key on ctx clenaup
* Adding type cast to XMALLOC to force compiler compatibility.
* EVP: using same DYNAMIC_TYPE in alloc and free of chacha20_poly1305 key.
Co-authored-by: Stefan Eissing <stefan.eissing@greenbytes.de>
 2022-09-01 13:23:42 -07:00
David Garske
2695f36642 Fixes for building with 32-bit and socket size sign/unsigned mismatch. 
Tested with: `./configure --enable-all CFLAGS="-m32 -DXSOCKLENT=int" LDFLAGS="-m32" && make`
 2022-09-01 11:39:34 -07:00
David Garske
ba8ffc765d
Merge pull request #5513 from rizlik/hrr_default 
DTLSv1.3: Do HRR Cookie exchange by default
 2022-09-01 07:45:18 -07:00
David Garske
0222833f7e
Merge pull request #5535 from douzzer/20220831-analyzer-coddling 
20220831-analyzer-coddling
 2022-09-01 07:40:11 -07:00
Daniel Pouzzner
8ccef9f0d3
Merge pull request #5531 from embhorn/zd14665 
Check return from call to wc_Time
 2022-09-01 09:35:49 -05:00
Marco Oliverio
08b89fbef9 server: add optional argument to -J disable hrr cookie 2022-09-01 09:37:35 +02:00
Marco Oliverio
401cfbd8e4 dtls13: enable hrr cookie by default 2022-09-01 09:37:35 +02:00
Marco Oliverio
edd723cc84 ssl: add new wolfSSL_disable_hrr_cookie() API to disable hrr cookie 
Add a way to disable hrr cookie so it can be enabled by default for DTLS
connections.
 2022-09-01 09:37:34 +02:00
Sean Parkinson
ce8959ea77 SHA-3 improvements 
Add x86_64 assembly code:
  - BMI2
  - AVX2 (using ymm, slower than BMI2)
  - AVX2 of 4 similtaneous hashes
Add SHAKE128 functions and tests.
Add Absorb and Squeeze functions for SHAKE128 and SHAK256 and tests.
Add doxygen for SHA-3 and SHAKE functions.
Update other generated x86_64 assembly files to include settings.h.
 2022-09-01 17:11:58 +10:00
Daniel Pouzzner
ea3959f2f6 analyzer coddling: 
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;

in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;

in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
 2022-08-31 22:56:08 -05:00
David Garske
db6d69143e
Merge pull request #5533 from lealem47/crlPrintFix 
Add missing DN nid to work with PrintName()
 2022-08-31 18:32:55 -07:00
David Garske
fe583faf32
Merge pull request #5501 from haydenroche5/ecc_non_block 
Add support for non-blocking ECC key gen and shared secret gen for P-256/384/521.
 2022-08-31 18:31:28 -07:00
David Garske
96ab26e6e9 Fix for async session tickets. ZD14420 
```
./configure --enable-all --enable-asynccrypt CFLAGS="-DWOLFSSL_NO_DEF_TICKET_ENC_CB" && make
./examples/server/server -v 4 -r &
./examples/client/client -v 4 -r
```
 2022-08-31 15:28:49 -07:00
Lealem Amedie
2df1c25263 Add missing DN nid to work with PrintName() 2022-08-31 15:18:12 -07:00
Hayden Roche
41207f5d9b Add support for non-blocking ECC key gen and shared secret gen for 
P-256/384/521.

New functions:

- sp_ecc_make_key_256_nb
- sp_ecc_make_key_384_nb
- sp_ecc_make_key_521_nb
- sp_ecc_secret_gen_256_nb
- sp_ecc_secret_gen_384_nb
- sp_ecc_secret_gen_521_nb

This commit also tweaks the testing for ECDSA testing in test.c. Instead of
testing with one of P-256/384/521, we test with all that are available.
 2022-08-31 14:34:26 -07:00
David Garske
38e4ecc27c
Merge pull request #5529 from anhu/wextra 
Fix Windows CMakeList compiler options
 2022-08-31 14:04:24 -07:00
Eric Blankenhorn
5a25525b2e Check return from call to wc_Time 2022-08-31 15:20:07 -05:00
David Garske
9531552795
Merge pull request #5522 from tim-weller-wolfssl/update-ide-win10-build 
Update ide win10 build files to add missing sp source files
 2022-08-31 12:45:17 -07:00
David Garske
b1301d9dc4
Merge pull request #5518 from CallumMcLoughlin/master 
Allow Post Quantum Keyshare for DTLS 1.3
 2022-08-31 12:29:08 -07:00
David Garske
f0812fa21f Added vcpkg instructions to the INSTALL file. 2022-08-31 11:41:43 -07:00
David Garske
8722a46d52
Merge pull request #5503 from julek-wolfssl/dtls-fragments 
DTLS limit fragments
 2022-08-31 09:53:09 -07:00
David Garske
3b8d230223
Merge pull request #5515 from anhu/custExtDoc 
Improve `wc_SetCustomExtension` documentation
 2022-08-31 08:35:04 -07:00
Anthony Hu
f7482d96e6 Windows cl.exe does not support -Wextra other flags 2022-08-31 10:32:55 -04:00
Tim Weller
1d9d8bdefb Removed sp_c64.c due to reliance on 128-bit type, replaced with sp_x86_64.c and _asm.asm. 2022-08-31 07:15:05 -07:00
Tim Weller
71b1aca373 Merge branch 'master' into update-ide-win10-build 2022-08-31 06:32:20 -07:00
Juliusz Sosinowicz
54bd786707 DTLS limit fragments 
- Limit the amount of fragments we store per a DTLS connection
- Error out when we reach the DTLS fragment connection limit
 2022-08-31 14:24:20 +02:00
David Garske
44f81f8bc0
Merge pull request #5525 from JacobBarthelmeh/release 
Release version 5.5.0
v5.5.0-stable 		2022-08-30 10:35:13 -07:00
JacobBarthelmeh
4ce1cf1d7c update RPM build 2022-08-30 08:50:41 -07:00
Jacob Barthelmeh
d75ce08d75 update readme for release 5.5.0 2022-08-30 09:31:28 -06:00
CallumMcLoughlin
43388186bb
Tidy up TLS 1.3 and DTLS 1.3 check 2022-08-30 19:59:36 +12:00
CallumMcLoughlin
565d1b33e5
Update examples to allow post quantum KEM within DTLS 1.3 2022-08-30 18:39:57 +12:00
gojimmypi
1afc92dd7b internal.c: WC_SHA256_DIGEST_SIZE for wc_Sha256GetHash when WOLFSSL_DEBUG_TLS 2022-08-29 17:06:52 -07:00
JacobBarthelmeh
29f2dee991 handeling DER to internal of an OCSP response with no optional certificates 2022-08-29 15:25:50 -07:00
JacobBarthelmeh
ac3cdb42b7 free structure in test case and return 0 from ocsp renew script 2022-08-29 15:25:50 -07:00
JacobBarthelmeh
5b5f673c51 add simple ocsp response der verify test case 2022-08-29 15:25:50 -07:00
Tim Weller
69d60f5099 Merge branch 'master' into update-ide-win10-build 2022-08-29 09:13:51 -07:00
David Garske
a7f86f9473
Merge pull request #5517 from JacobBarthelmeh/Testing 
misc. testing items from static analysis tools
 2022-08-29 08:48:51 -07:00
JacobBarthelmeh
11c553ea1d
Merge pull request #5520 from julek-wolfssl/sni-tls-1.2 
SNI can appear in ServerHello for TLS 1.2
 2022-08-29 09:36:53 -06:00
Juliusz Sosinowicz
88deaf9b5c SNI can appear in ServerHello for TLS 1.2 
Co-authored-by: Eric Blankenhorn <eric@wolfssl.com>
 2022-08-29 14:22:10 +02:00
CallumMcLoughlin
91d3cd7111
Allow Post Quantum Keyshare for DTLS 1.3 2022-08-28 17:35:28 +12:00
JacobBarthelmeh
1e673aee3b scan-build warning fix 2022-08-26 16:29:11 -07:00
JacobBarthelmeh
ad0fd15a0d static analysis fix from infer 2022-08-26 14:55:42 -07:00
JacobBarthelmeh
ce2cf3439d subject info. acc. should contain a CA repo entry not OCSP 2022-08-26 14:39:20 -07:00
Eric Blankenhorn
1c83438eb3 Add compatibility layer macros 2022-08-26 14:56:35 -05:00
Anthony Hu
b1e9cc320b Add documentation telling the user not to modify a buffer. 2022-08-26 14:27:27 -04:00
David Garske
e88bd66501
Merge pull request #5514 from julek-wolfssl/wolfSSL_EVP_MD_CTX_copy_ex-leak 
Cleanup output object in wolfSSL_EVP_MD_CTX_copy_ex before copy
 2022-08-26 11:08:17 -07:00