mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
19,776 Commits 5 Branches 162 Tags
Commit Graph

959 Commits

Author SHA1 Message Date
David Garske
6e572cc91d
Merge pull request #6352 from SparkiDev/asn1_print 
ASN.1 print utility: asn1
 2023-05-04 10:55:47 -07:00
Sean Parkinson
d2afe9e5e0 Memory usage improvements 
ECC: make private key field 'k' able to be smaller when ALT_ECC_SIZE is
defined.
WOLFSSL_SMALL_STACK_CACHE: allocate temps using new macros.
 2023-05-04 10:26:57 +10:00
Sean Parkinson
9cdee20a7d ASN.1 print: implementation to parse and print added 
New API to parse and print DER/BER data from a buffer.
Add an example to parse DER, Base64 and PEM files and print out ASN.1 items.
 2023-05-04 09:57:44 +10:00
David Garske
61dfbf5ef2 Fixes and improvements for building with low footprint. Fix for ASN template with RSA verify only (was missing mp_leading_bit). Fix to allow disabling DRBG with crypto callbacks enabled. Updated the wolfTPM user_settings.h template with low resource option. 2023-05-02 16:51:41 -07:00
Sean Parkinson
8851065848 cppcheck fixes 
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
 2023-04-03 16:59:58 +10:00
David Garske
22a5a5c45e Add introspection for math build and math cleanups: 
* Add introspection for math build.
* Raise build error if more than one multi-precision math library used.
* Fix ESP32 to support using any multi-precision math option.
* Refactor math headers to use `wolfmath.h`
* Refactor of the opaque math variable type `MATH_INT_T` used by crypto hardware (QuickAssist, SE050, ESP32 and STM32).
* Cleanups for building with `WOLFCRYPT_ONLY` and `NO_BIG_INT`.
* Stop forcing use of fast math by default for platforms in settings.h. Note: For users that still want to use fast math (tfm.c) they will need to add USE_FAST_MATH to their build settings.

Applies To:
```
WOLFSSL_ESPWROOM32
WOLFSSL_ESPWROOM32SE
MICROCHIP_PIC32
WOLFSSL_PICOTCP_DEMO
WOLFSSL_UTASKER
WOLFSSL_NRF5x
FREERTOS_TCP
WOLFSSL_TIRTOS
EBSNET
FREESCALE_COMMON
FREESCALE_KSDK_BM
WOLFSSL_DEOS
MICRIUM
WOLFSSL_SGX
```
 2023-03-30 14:42:55 -07:00
David Garske
fc6d693dae Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of SSL_SUCCESS and SSL_FAILURE. Add WOLFSSL_DEBUG_NONBLOCK option to allow printing iterations without debug enabled. 2023-02-21 12:02:15 -08:00
David Garske
464c2d19dc
Merge pull request #6006 from SparkiDev/tls13_only_psk_dhe_ke 
TLS 1.3 PSK: add option to require only PSK with DHE
 2023-02-15 21:10:27 -08:00
Sean Parkinson
b624fc8377 TLS 1.3 PSK: add option to require only PSK with DHE 
Can specify only PSK without DHE.
Add only PSK with DHE.
 2023-02-16 09:21:29 +10:00
David Garske
10529e6199 Add user_settings.h template for wolfTPM 2023-01-26 10:40:59 -08:00
David Garske
6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
Daniel Pouzzner
0b0b980784 fix an oversight in wolfSentry integration in examples/{client,server}. 2023-01-05 17:59:10 -06:00
Daniel Pouzzner
43265669c6 fix warnings around clang-diagnostic-embedded-directive and readability-uppercase-literal-suffix; update wolfSentry integration for upcoming release 0.8.0. 2023-01-05 00:13:17 -06:00
David Garske
023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
David Garske
bdcf6928a2
Merge pull request #5945 from JacobBarthelmeh/copyright 
update copyright to 2023
 2023-01-03 09:29:39 -08:00
youtai
4edae51095
Fix StartTLS_Init (#5907) 
* Fix StartTLS_Init (contribution by Yota Nagaya)
 2023-01-03 09:28:23 -08:00
Jacob Barthelmeh
9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Chris Conlon
9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
Anthony Hu
364835dc9e Allow session tickets to properly resume when using PQ KEMs. 
Found with:

```
./configure --with-liboqs --enable-session-ticket
./examples/server/server -v 4 -r --pqc P521_KYBER_LEVEL5
./examples/client/client -v 4 -r --pqc P521_KYBER_LEVEL5
```
 2022-12-13 11:36:00 -05:00
Anthony Hu
b017795413 Remove changes around wolfSSL_set_session() as it breaks tests. 2022-12-12 11:44:27 -05:00
Anthony Hu
fffd3adc30 Warn that renegotiation in TLS 1.3 requires session ticket. 2022-12-12 11:30:01 -05:00
David Garske
9d9549fbd3
Merge pull request #5836 from anhu/kyber_cleanup 
Remove kyber-90s and route all kyber through wolfcrypt.
 2022-12-05 13:18:44 -08:00
Anthony Hu
a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
Daniel Pouzzner
4bacc25e22 examples/benchmark/tls_bench.c: fix for clang-analyzer-deadcode.DeadStores in bench_tls(). 2022-11-29 17:09:05 -06:00
Anthony Hu
0bfa5c9836 Purge NTRU and SABER. Not going to be standardized. 2022-11-25 14:54:08 -05:00
Daniel Pouzzner
48ba365fd6 fixes for defects: 
clang-analyzer-deadcode.DeadStores in examples/server/server.c;

-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;

nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
 2022-11-08 14:04:16 -06:00
David Garske
1ee3a78e4a Fixes for various tests that do not properly handle WC_PENDING_E. 2022-11-04 14:56:40 -07:00
Daniel Pouzzner
895a2e1ac5 WOLFSSL_CALLBACKS codepaths: fixes for bugprone-unused-return-value, bugprone-macro-parentheses, readability-named-parameter, and clang-analyzer-deadcode.DeadStores 2022-10-18 13:34:42 -05:00
David Garske
2c503a5b34
Merge pull request #5682 from JacobBarthelmeh/Testing 
additional sanity checks on debug callback
 2022-10-14 09:25:14 -07:00
JacobBarthelmeh
927f4c445d additional sanity checks on debug callback 2022-10-11 13:14:59 -07:00
Hayden Roche
98ac4a6f9c Add ability to toggle system CA certs support. 2022-10-07 12:34:00 -07:00
Hayden Roche
898ddac159 Add --sys-ca-certs option to example client. 
Using this option will call wolfSSL_CTX_load_system_CA_certs on the client ctx.
 2022-10-03 09:05:23 -07:00
Juliusz Sosinowicz
17df33cef8 Fix TLS 1.3 testsuite for wolfssl64.sln solution 2022-09-14 11:39:27 +02:00
Sean Parkinson
005f77180b PSK only TLS: fix ENCRYPT_LEN 
Allow no PK algorithms and TLS to build and test.
Use PSK cipher suite with GCM if AES-CBC not available.
 2022-09-12 11:21:01 +10:00
Marco Oliverio
08b89fbef9 server: add optional argument to -J disable hrr cookie 2022-09-01 09:37:35 +02:00
CallumMcLoughlin
565d1b33e5
Update examples to allow post quantum KEM within DTLS 1.3 2022-08-30 18:39:57 +12:00
David Garske
a0448155d5 Fix for type warnings in example for DTLS CID ./configure --enable-dtls --enable-dtlscid --enable-dtls13. 2022-08-24 16:02:05 -07:00
Marco Oliverio
90fcd95f9b server/client: add --cid option to use ConnectionID extension 2022-08-23 16:58:24 +02:00
Eric Blankenhorn
3d8562f07b Fixes for build and runtime issues 2022-08-19 08:12:04 -05:00
Daniel Pouzzner
969ad96dee
examples/{client,server}/{client,server}.c: remove spurious commas in --pqc help strings, and mollify clang-tidy bugprone-suspicious-missing-comma re --force-curve help strings. (#5480) 2022-08-18 13:32:58 -04:00
Peter Torelli
aa812c8aa9
Added support for P384 pre-share in server (#5442) 
Added support for new server `--force-curve` option.
 2022-08-17 15:30:48 -07:00
David Garske
995100eed1 Fix for handling WC_PENDING_E from decrypt session ticket callback. ZD14420 2022-08-10 22:20:49 -07:00
David Garske
8605195709 Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420. 2022-07-20 16:43:17 -07:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Daniel Pouzzner
ccc5952369 global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked; 
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
 2022-07-11 22:28:09 -05:00
Daniel Pouzzner
6b6abfac54 examples/client/client.c: remove break after err_sys() to mollify clang-tidy unreachable-break sensor. 2022-07-06 17:32:26 -05:00
Marco Oliverio
fd4836772b examples: support DTLS version downgrading 2022-07-06 16:18:44 +02:00
Marco Oliverio
80f3db6e1d fix: examples/server: dtls mode checking 
This fixes using ssl to check if we are using dtls or not, when ssl is not yet
valid.

Fix: 060dfe1a693940fff31616570166be7f53b49ad8
 2022-07-04 10:21:11 +02:00
David Garske
b87b255d52
Merge pull request #5295 from rizlik/dtls13_bugfix 
server: fix wrong minVersion setting when non in dtls
 2022-06-28 09:35:23 -07:00
Chris Conlon
14c65e0117
Merge pull request #5281 from miyazakh/example_japanese_translate 2022-06-28 10:08:06 -06:00