mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
20,369 Commits 5 Branches 162 Tags
Commit Graph

2782 Commits

Author SHA1 Message Date
David Garske
10529e6199 Add user_settings.h template for wolfTPM 2023-01-26 10:40:59 -08:00
Sean Parkinson
53dfcd00e2 Ref count: change to use wolfSSL_Ref 
Data structures changed:
WOLFSSL_CERT_MANAGER, WOLFSSL_CTX, WOLFSSL_SESSION, WOLFSSL_X509,
WOLFSSL_X509, WOLFSSL_EVP_PKEY, WOLFSSL_BIO, WOLFSSL_X509_STORE
 2023-01-23 16:29:12 +10:00
tim-weller-wolfssl
cf9b865e33 Update AES-GCM stream decryption setup to allow long IV values (already allowed by encryption APIs) 2023-01-20 20:35:39 +00:00
JacobBarthelmeh
fc19aed8c8
Merge pull request #5623 from dgarske/hpke 
Adds support for TLS v1.3 Encrypted Client Hello (ECH) and HPKE (Hybrid Public Key Encryption)
 2023-01-19 10:03:28 -07:00
David Garske
6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
David Garske
41c35b1249 Fix line length and whitespace issues. Fix macro argument missing parentheses. 2023-01-18 11:10:19 -08:00
Juliusz Sosinowicz
1cb4615435 Add SCR reconnect test 2023-01-18 09:55:32 -08:00
Juliusz Sosinowicz
e431688ca6 ssl->suites: use ssl->ctx->suites when possible 
- Allocate ssl->suites when necessary for the WOLFSSL object to have its own instance. Use AllocateSuites() to allocate the object.
- Move cipher negotiation options from Suites into Options

ZD15346
 2023-01-18 09:55:32 -08:00
Sean Parkinson
b15bc3d236
Merge pull request #5977 from dgarske/kcapi_opensslextra 
Fixes for building KCAPI with opensslextra enabled
 2023-01-17 02:13:50 +10:00
David Garske
fec4fe6095 Fixes for building KCAPI with opensslextra enabled. 2023-01-13 16:33:55 -08:00
jordan
4f4819bd19 EVP_EncryptUpdate should update outl on empty input 2023-01-13 11:32:15 -06:00
David Garske
b2d8b1c2fd
Merge pull request #5954 from JacobBarthelmeh/Compatibility-Layer 
very basic support for public key types in cipher list string with '+'
 2023-01-09 15:46:50 -08:00
John Safranek
86aa3cc836
Merge pull request #5942 from bandi13/evpaesccm 
Evpaesccm
 2023-01-06 11:25:37 -08:00
JacobBarthelmeh
99a489dec3 improve test and handling of public key type cipher suite string 2023-01-06 09:53:51 -08:00
Andras Fekete
8436f82540 Adding in @ejohnstown's suggested patch for line lengths 2023-01-06 12:23:30 -05:00
Anthony Hu
5de817b0c1 Add wolfSSL_CertManagerLoadCABuffer_ex() 
Also add unit tests.
 2023-01-05 15:34:13 -05:00
Andras Fekete
124c04b01a A bit more consistent naming for structure variables 2023-01-04 21:04:58 -05:00
Andras Fekete
51f3386d60 Shorten variable names 2023-01-04 20:29:14 -05:00
JacobBarthelmeh
a3e085f204 very basic support for public key types in cipher list string with '+' 2023-01-04 10:49:18 -08:00
Andras Fekete
0ec0c05eda Change variable names to protect the innocent 2023-01-04 10:23:42 -05:00
Juliusz Sosinowicz
8d59f61b9b Fix test_wolfSSL_dtls_stateless_resume test case 2023-01-04 13:04:45 +01:00
David Garske
023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
Jacob Barthelmeh
9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Andras Fekete
f734f5037d Add similar trick to GCM routines so our code is more uniform 2022-12-30 13:11:26 -05:00
Andras Fekete
a00abb0f88 Fix compilation issue when AESCCM is not enabled 2022-12-30 13:10:24 -05:00
Jacob Barthelmeh
aab12fc14b check DTLS method for test case 2022-12-29 15:49:46 -07:00
Andras Fekete
1132579dd1 Add in zero length test 2022-12-29 17:02:43 -05:00
Andras Fekete
1192d41f0e First successful implementation of EVP_aes_*_ccm 2022-12-29 17:02:43 -05:00
Eric Blankenhorn
004705b38f Fix unguarded XFPRINTF calls 2022-12-28 12:23:40 -06:00
David Garske
49d23cf60a
Merge pull request #5913 from douzzer/20221219-no-sha-1-all-crypto 
20221219-no-sha-1-all-crypto
 2022-12-22 17:02:58 -08:00
John Safranek
9ce79c4de8
Merge pull request #5921 from cconlon/libsuffix 2022-12-22 11:37:28 -08:00
Chris Conlon
9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
Daniel Pouzzner
455e76873c peer review fixes re: minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 10:43:33 -06:00
Daniel Pouzzner
91869f6028 minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 00:42:05 -06:00
JacobBarthelmeh
c6aaa1310e end of year certificate update 2022-12-16 13:32:37 -08:00
Sean Parkinson
4434d898a1
Merge pull request #5894 from kaleb-himes/fix-leak 
Fix a quick leak in the test apps
 2022-12-16 08:04:50 +10:00
kaleb-himes
b23db16ff8 Refactor the double-free fix 2022-12-15 12:21:08 -07:00
kaleb-himes
46c47e4adc Fix a quick leak in the test apps 
Fix a double-free scenario also
 2022-12-15 09:13:45 -07:00
Stefan Eissing
78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake. 
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
 2022-12-15 09:33:01 +01:00
Anthony Hu
c5ca20fe43 New files so add them to include.am 2022-12-14 13:28:20 -05:00
Anthony Hu
ad6d6be620 Kyber with DTLS 1.3 tests 2022-12-14 12:46:24 -05:00
David Garske
d0c9ec6681
Merge pull request #5854 from JacobBarthelmeh/Certs 
fix other name san parsing and add RID cert to test parsing
 2022-12-12 14:44:07 -08:00
David Garske
a1e883b43d
Merge pull request #5875 from JacobBarthelmeh/Compatibility-Layer 
fix for handling DEFAULT:... cipher suite list
 2022-12-12 14:43:50 -08:00
David Garske
f87859a00e Whitespace cleanups. Use const for test_tls_ext_duplicate. 2022-12-12 08:59:53 -08:00
Sean Parkinson
b4b1739783 API test: Report time taken to perform test 
API test now displays timing taken to perform a test case to help
identify ones that are doing too much work.
 2022-12-12 12:24:38 +10:00
David Garske
50c5d61998
Merge pull request #5872 from SparkiDev/tls_ext_no_dup 
TLS: detect duplicate known extensions
 2022-12-11 16:53:38 -08:00
Sean Parkinson
9ab8867b42 TLS: detect duplicate known extensions 
TLS specification requires that there not be more than one extension of
the same type in a given extension block. E.g. ClientHello
 2022-12-12 08:35:04 +10:00
JacobBarthelmeh
f974bd4ad6 move test function call into macro guard 2022-12-10 15:45:14 -08:00
JacobBarthelmeh
8b296877ab fix for handling DEFAULT:... cipher suite list 2022-12-10 14:53:43 -08:00
David Garske
52c6710783 Fix test_wc_ecc_import_raw to handle ECC_INF_E or MP_VAL on point failures. SP math returns MP_VAL in sp_256_ecc_is_point_4. 2022-12-09 10:32:46 -08:00