mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
20,378 Commits 5 Branches 162 Tags
Commit Graph

20378 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andras Fekete
6fa080642c Use liboqs v0.8 2023-07-11 15:36:44 -04:00
Lealem Amedie
f30364a00d Fix test 2023-07-11 13:27:37 -06:00
Lealem Amedie
e140a83fad Add curl gh actions test 2023-07-11 13:27:37 -06:00
Lealem Amedie
5fbe319ce9 Remove references to config.h from test headers 2023-07-11 13:27:37 -06:00
Lealem Amedie
1329543b62 Other miscellaneous fixes 2023-07-11 13:27:37 -06:00
Lealem Amedie
bcbeef7647 Fix for curl build 2023-07-11 13:27:37 -06:00
Anthony Hu
0b18e250ed
Merge pull request #6576 from iyanmv/liboqs-1.8 
Rename sphincs algs to follow upstream
 2023-07-11 14:56:49 -04:00
David Garske
36c1d20bb2 If malloc is disabled make sure it is also disabled in SP math 2023-07-11 11:51:40 -07:00
David Garske
3e9bdb7671 Fix defaultdhparams typo fix logic. 2023-07-11 10:26:40 -07:00
David Garske
8f36f78e6c
Merge pull request #6400 from bandi13/ARIA-cipher 
Aria cipher
 2023-07-11 09:50:42 -07:00
Iyán Méndez Veiga
fd091a745c
Include all post-quantum algorithm files in cmake 
GH-5407 already included falcon.c, but now we also add sphincs.c,
dilithium.c and ext_kyber.c to avoid undefined reference errors.
 2023-07-11 17:57:00 +02:00
JacobBarthelmeh
ba4c96f727
Merge pull request #6593 from SparkiDev/sm_update_2 
SM cipher suite: fix name
 2023-07-11 09:28:24 -06:00
Andras Fekete
ecc138fc6e Fixed g++ shortcomings 2023-07-11 09:26:39 -04:00
jordan
d7c3a176e2 LMS cleanup. 2023-07-10 23:43:07 -05:00
Sean Parkinson
9f61cb9f2a
Merge pull request #6590 from dgarske/sp_math_only 
Fix for SP math only case to ensure fast math and heap math are disabled
 2023-07-11 10:33:46 +10:00
David Garske
29edef1645 Fix for SP math only case to ensure fast math and heap math are disabled. Also fix build error for case where WOLFSSL_HAVE_SP_ECC is defined, but HAVE_ECC is not. ZD 16419 2023-07-10 15:12:38 -07:00
Eric Blankenhorn
d84adce608 Fix Micrium config and new examples with NO_FILESYSTEM 2023-07-10 17:12:12 -05:00
Sean Parkinson
f26b8bdf62
Merge pull request #6584 from julek-wolfssl/issue/6554 
Always enable tls13MiddleBoxCompat with WOLFSSL_TLS13_MIDDLEBOX_COMPAT
 2023-07-11 07:53:56 +10:00
Sean Parkinson
ce02ad7347 SM cipher suite: fix name 
Fix name of TLSv1.3 CCM cipher suite.
 2023-07-11 07:30:44 +10:00
Andras Fekete
a317ac280c PR comments 2023-07-10 16:50:54 -04:00
Andras Fekete
27a95e7e82 CMake is on a TODO for later 2023-07-10 15:44:30 -04:00
David Garske
2299282fdd
Merge pull request #6235 from kareem-wolfssl/hitch 
Hitch
 2023-07-10 11:46:57 -07:00
David Garske
e4c9a73296
Merge pull request #6587 from gojimmypi/ESP32WROOM-refactor 
Espressif refactor WROOM32 ESP32
 2023-07-10 11:46:10 -07:00
Iyán Méndez Veiga
d64d73a13f
Fix format keys 2023-07-10 19:43:59 +02:00
Kareem
8906ee95fd Hitch code review feedback. 2023-07-10 10:06:12 -07:00
Kareem
2d0cc65381 Fix hitch test make check. 2023-07-10 10:06:12 -07:00
Kareem
56328d845a Hitch code review feedback. 2023-07-10 10:06:12 -07:00
Kareem
3bfa189286 Fix hitch Github action. 2023-07-10 10:06:12 -07:00
Kareem
e871b1c04d Add hitch support to wolfSSL. 
Add support for cipher aliases DHE, EDH and EECDH.

Add define SSL_CTRL_GET_CHAIN_CERTS to help hitch and other programs detect SSL_CTX_get0_chain_certs is supported.

Add wolfSSL_get_locking_callback.

Allow using ECDHE+RSA cipher suites when ECDHE alias is used while in OpenSSL compatibility mode.

Add more alerts for hitch.

SSL_CM should use the CTX's x509_store_pt if available.

Add support for SSL_CERT_FILE and SSL_CERT_DIR.  Load default OpenSSL TLS 1.3 ciphers when using OPENSSL_COMPATIBLE_DEFAULTS.

Use wolfSSL_sk_X509_new_null to allocate WOLFSSL_STACK in wolfSSL_CTX_get_extra_chain_certs.  Previous approach of malloc'ing without setting type/memsetting was leading to a segfault.

Add --enable-hitch.

hitch: Add unit tests for new APIs, fix a couple of issues uncovered by unit testing.

Correct behavior of wolfSSL_BIO_set_mem_buf for BIO_CLOSE/NOCLOSE and update unit test accordingly.

Add Github action test for hitch.
 2023-07-10 10:06:10 -07:00
JacobBarthelmeh
9d18648dfb
Merge pull request #6589 from SparkiDev/aarch64_aes_opensslextra_fix 
AES GCM stream: arm asm fix when --enable-opensslextra
 2023-07-10 10:55:50 -06:00
Andras Fekete
0a02218ba3 Clean up allocated memory on failure 2023-07-10 12:37:07 -04:00
Iyán Méndez Veiga
7c14ea67ae
Rename sphincs algs to follow upstream 
This also adds new keys for SPHINCS+. The reason is that SPHINCS+
was updated to 3.1 in liboqs (open-quantum-safe/liboqs/pull/1420),
and old keys are incompatible with the new implementation.

Keys were generated using the oqs-provider for OpenSSL 3

openssl genpkey \
    -provider default -provider oqsprovider \
    -algorithm sphincsshake128fsimple \
    -outform der \
    -out bench_sphincs_fast_level1_key.der

And certs_test.h was updated using xxd

xxd -i -c 10 -u bench_sphincs_fast_level1_key.der

This was repeated for the 6 variants of SPHINCS+ that wolfSSL supports.
 2023-07-10 18:31:07 +02:00
Andras Fekete
299b4d8552 Make wc_BuildEccKeyDer non-static 2023-07-10 11:32:17 -04:00
JacobBarthelmeh
2426cf14ca
Merge pull request #6583 from SparkiDev/certman_split 
Moved CertManager APIs into own file
 2023-07-10 09:20:09 -06:00
Andras Fekete
0efdf966d0 addressing PR comments 2023-07-10 11:14:07 -04:00
Juliusz Sosinowicz
86fd570e8c Remove MyKeyLog.txt 2023-07-10 13:23:35 +02:00
Juliusz Sosinowicz
d0b8b919df Always enable tls13MiddleBoxCompat with WOLFSSL_TLS13_MIDDLEBOX_COMPAT 2023-07-10 11:40:51 +02:00
Sean Parkinson
9f6ef65e8f
Merge pull request #6557 from julek-wolfssl/zd/16332 
Don't allow a resumption handshake inside of a SCR
 2023-07-10 13:51:29 +10:00
Sean Parkinson
fa053be533
Merge pull request #6496 from JacobBarthelmeh/PKCS7 
parse ASN1 only with SMIME_read_PKCS7
 2023-07-10 10:16:20 +10:00
Sean Parkinson
360b61aff2 AES GCM stream: arm asm fix when --enable-opensslextra 
aadLen is now in gcm field of Aes.
 2023-07-10 10:13:26 +10:00
Sean Parkinson
52a3d591b5 Fix check of date to respect VERIFY_SKIP_DATE in ASN.1 template 
DecodeCertInternal was not recognizing VERIFY_SKIP_DATE.
 2023-07-10 10:05:59 +10:00
JacobBarthelmeh
9d3a95a287 account for error return in test case when building without pkcs7 streaming 2023-07-09 12:42:29 -07:00
JacobBarthelmeh
0e2749eeb4 adjust test case for asn=original 2023-07-08 07:37:26 -07:00
JacobBarthelmeh
7866a40d06 resolve kari decode without recipient certificate 2023-07-08 07:37:26 -07:00
JacobBarthelmeh
f0354b4cbe parse ASN1 only with SMIME_read_PKCS7 2023-07-08 07:36:10 -07:00
gojimmypi
57546405c0 refactor WROOM32 ESP32 2023-07-07 15:47:00 -07:00
David Garske
770590a3be Rebase fix to add back set_verify call in CertManagerLoadCA. Fix API tests for bad date check. Various spelling fixes. 2023-07-07 15:08:08 -07:00
Sean Parkinson
3af87f6f93 Moved CertManager APIs into own file 
Split out certificate manager APIs into ssl_certman.c.
ssl.c includes ssl_certman.c
Better test coverage.
Minor fixes.
wolfSSL_X509_chain_up_ref calls XFREE with name->heap but name may be
NULL. Check for NULL first.
 2023-07-07 15:08:08 -07:00
David Garske
f2809c5a24
Merge pull request #6586 from julek-wolfssl/zephyr-action 
Add zephyr testing github action
 2023-07-07 14:54:07 -07:00
jordan
55bbd5865c LMS/HSS: cleanup, and safer write/read callbacks 2023-07-07 15:30:50 -05:00