3043 Commits

Author SHA1 Message Date
Sean Parkinson
8e9810e87e ssl.c: Move functions out to separate files
Moved E[CD][25519||448] APIs to pk.c
Move public key PEM APIs to pk.c.
Move wolfSSL loading and using of private keys and certificates to
ssl_load.c
Move PKCS#7 and PKCS#12 APIs to ssl_p7p12.c.
Move session and session cache APIs to ssl_sess.c.
Other minor fixes.
2024-04-16 10:30:59 +10:00
JacobBarthelmeh
8b656d5a5f
Merge pull request #7295 from kaleb-himes/SRTP-KDF-FS
SRTP-KDF FS Preview
2024-04-11 13:41:05 -06:00
Sean Parkinson
36b47d1374
Merge pull request #7352 from JacobBarthelmeh/coverity4
Coverity Fixes
2024-04-10 10:46:54 +10:00
JacobBarthelmeh
a8415a7926
Merge pull request #7367 from mrdeep1/hello_verify_request
Support DTLS1.3 downgrade when using PSK
2024-04-09 16:17:59 -06:00
kaleb-himes
2e63ae750d Comments for SP800-38E TODO, wolfEntropy optional setup and remove forced errors api.c 2024-04-09 09:48:33 -06:00
kaleb_himes
81f5ac7f6c SRTP-KDF FS Preview 2024-04-09 09:48:33 -06:00
Sean Parkinson
d96e5ec589 No match cipher suite alert type change
TLS 1.0/1.1/1.2 specifications require the of a return a handshake
failure alert when no cipher suites match.
TLS 1.3 specification requires the return of a "handshake_failure" or
"insufficient_security" fatal alert.

Change alert sent from "illegal_parameter" to "handshake_failure".
2024-04-08 11:25:50 +10:00
Daniel Pouzzner
747755b3c4 fixes for analyzer carps around HAVE_RPK:
fix clang-analyzer-deadcode.DeadStores in src/tls.c TLSX_ClientCertificateType_GetSize();

fix clang-analyzer-deadcode.DeadStores in tests/api.c test_tls13_rpk_handshake();

fix null pointer to XMEMCPY() in src/internal.c CopyDecodedName().
2024-04-04 00:15:01 -05:00
JacobBarthelmeh
8b587b563c
Merge pull request #7286 from Frauschi/hybrid_signatures
Improvements to dual algorithm certificates
2024-04-03 13:37:16 -06:00
jordan
b65e42bf4d Used codespell and fixed obvious typos. 2024-04-02 10:19:39 -05:00
Anthony Hu
2d532dd6b8 Clean up after another round of analyzer execution. 2024-04-01 18:56:44 -04:00
Anthony Hu
3a3a7c2a67 Forgot to clean up the preTBS. 2024-04-01 17:37:04 -04:00
Daniel Pouzzner
2f3495f286 src/tls13.c: remove unreachable break in DoTls13CertificateVerify().
tests/api.c: fix various use-after-frees of file in do_dual_alg_root_certgen() and do_dual_alg_server_certgen().
2024-04-01 17:37:03 -04:00
Anthony Hu
e4b7857e43 If WOLFSSL_TRUST_PEER_CERT is defined, the negative test is no longer negative. 2024-04-01 17:37:03 -04:00
Jon Shallow
a0f3933881 Support (D)TLS1.3 downgrade when using PSK
DTLS Server:
examples/server/server -v3 -u -s

DTLS Client:
examples/client/client -vd -g -u -s

TLS Server:
examples/server/server -v3 -s

TLS Client:
examples/client/client -vd -g -s

Support checking for DTLS1.2 Hello Verify Request when using PSK.

Unset options.tls1_3 when handling a DTLS1.2 Hello Verify Request.

Unset options.tls1_3 when handling a (D)TLS1.2 Server Hello to stop
checking of Encrypted Client Hello

Requires ./configure --enable-all --enable-dtls13

Add in tests for DTLS1.3 and TLS1.3 downgrade when using PSK.
2024-03-29 18:04:30 +00:00
JacobBarthelmeh
489a79ad8b CID 347893 set test cert manager to null after free 2024-03-19 02:59:06 +07:00
JacobBarthelmeh
228544c31e CID 327280 use after free in test case 2024-03-19 02:44:45 +07:00
Daniel Pouzzner
3728cd3dc5 Kyber fixes:
wolfssl/wolfcrypt/wc_kyber.h: in definition of struct KyberKey, use correct type for devId;

wolfcrypt/src/wc_kyber_poly.c: numerous fixes for bugprone-macro-parentheses and readability-inconsistent-declaration-parameter-name;

tests/api.c: in test_tls13_apis(), add missing defined(HAVE_LIBOQS) gate on inclusion of ":P256_KYBER_LEVEL1" in groupList.
2024-03-15 16:06:32 -05:00
Sean Parkinson
d1b16f2c7b Regression testing fixes
api.c: z and ret no longer only when !NO_ASN_TIME.
benchmark.c: rsaKey array type has changed and unusual code path needsed
updating.
cmac.c: Zeroization test failed when checkSz was zero as called function
didn't zero out cmac. checkSz is invalid.
test.c: rsaCaCertDerFile used even when NO_ASN_TIME.
test.h: --enable-sp-math only supports DH of 2048 bits and above. Change
default DH parameters to be 2048 bits.
2024-03-15 13:24:40 +10:00
Sean Parkinson
5daf5fff86
Merge pull request #7272 from JacobBarthelmeh/pkcs7-enc
IO callbacks for content and output with PKCS7 bundle sign/encrypt
2024-03-08 07:18:11 +10:00
Daniel Pouzzner
321a72c906 misc fixes:
wolfcrypt/test/test.c: fix gating for verify4 in scrypt_test(), and fix WOLFSSL_SMALL_STACK -Wframe-larger-than=2048 warnings in sha256_test() and sha512_test().

src/ssl.c: fix for true-but-benign nullPointerRedundantCheck in ProcessBufferTryDecodeEd25519().

tests/api.c: fix for -Wmaybe-uninitialized in test_wc_PKCS7_VerifySignedData_RSA() identified via cross-m68k-all-asm.
2024-03-05 17:44:33 -06:00
JacobBarthelmeh
2708062d39 add sanity check for null buffer after malloc in test case 2024-03-04 07:33:21 -07:00
JacobBarthelmeh
66f419bd18 add user ctx to stream IO callbacks 2024-03-04 06:00:07 -07:00
JacobBarthelmeh
90b28b5cef add test case for verify of stream signed PKCS7 bundle 2024-03-01 23:43:46 +07:00
JacobBarthelmeh
95eb17944c
Merge pull request #6961 from TakayukiMatsuo/pkcs7
Add streaming support for PKCS7_VerifySignedData.
2024-03-01 22:38:07 +07:00
TakayukiMatsuo
eeda0caeb9 Add streaming support for PKCS7_VerifySignedData. 2024-02-27 15:04:32 +09:00
JacobBarthelmeh
9eac8cb41f add a test case 2024-02-26 09:44:23 -07:00
JacobBarthelmeh
2044d6b7dd add callbacks for PKCS7 streaming input and output 2024-02-26 08:28:12 -07:00
Juliusz Sosinowicz
aa19d8221e Add test forcing caTable cleanup during active connections 2024-02-20 14:33:36 +01:00
Juliusz Sosinowicz
4caef93346 Implement transient certs
Add wolfSSL_CertManagerUnloadIntermediateCerts API to clear intermediate certs added to store.
2024-02-20 14:33:36 +01:00
Sean Parkinson
af2b2dddb4
Merge pull request #7253 from julek-wolfssl/zd/17507
wc_ecc_shared_secret_ssh fix
2024-02-20 06:56:28 +10:00
JacobBarthelmeh
757fcbcc25
Merge pull request #7236 from julek-wolfssl/get-sig-nid
Implement SSL_get_peer_signature_nid and SSL_get_peer_signature_type_nid
2024-02-20 02:46:37 +07:00
Daniel Pouzzner
44e0ee1ecd wolfssl/wolfcrypt/types.h:
* fix overallocation in WC_DECLARE_ARRAY() macro in the !WOLFSSL_SMALL_STACK path.
* rename WC_INIT_ARRAY() to WC_ALLOC_ARRAY() for clarity (it doesn't initialize any memory).
* rename WC_DECLARE_ARRAY_DYNAMIC_DEC(), WC_DECLARE_ARRAY_DYNAMIC_EXE(), and WC_FREE_ARRAY_DYNAMIC() to WC_DECLARE_HEAP_ARRAY(), WC_ALLOC_HEAP_ARRAY(), and WC_FREE_HEAP_ARRAY(), respectively, also for clarity, and refactor out the duplicate definitions.
* add WC_ALLOC_VAR(), and move the XMALLOC() in smallstack WC_DECLARE_VAR() into it.  smallstack WC_DECLARE_VAR() now initializes the pointer to NULL, like smallstack WC_DECLARE_ARRAY(), assuring all pointers are valid upon shortcircuit to cleanup for a failed allocation (see WC_ALLOC_DO_ON_FAILURE below).
* add a new hook "WC_ALLOC_DO_ON_FAILURE" in WC_ALLOC_VAR(), WC_ALLOC_ARRAY(), and WC_DECLARE_ARRAY_DYNAMIC_EXE(), which is invoked when an allocation fails.  by default the hook is defined to WC_DO_NOTHING.
* add basic safety to WC_*_HEAP_ARRAY() by recording/detecting allocation state via idx##VAR_NAME.
* add macros WC_ARRAY_OK() and WC_HEAP_ARRAY_OK() to test if allocation succeeded.
* add macros WC_CALLOC_ARRAY() and WC_CALLOC_HEAP_ARRAY() which zero the objects.
* add macro WC_CALLOC_VAR() which zeros the object.

ED448: smallstack refactor of ge448_scalarmult_base().

src/tls.c tests/api.c wolfcrypt/test/test.c: update WC_DECLARE_VAR()s with now-required matching WC_ALLOC_VAR()s.

wolfcrypt/benchmark/benchmark.c:
* no functional changes in default error-free behavior.
* add definition of WC_ALLOC_DO_ON_FAILURE() that prints error message, sets ret, and does goto exit.
* add BENCH_NTIMES and BENCH_AGREETIMES overrideeable macros, to allow fast sanitizer runs and slow high-precision runs.
* smallstack refactor of all declarations of stack arrays of the form foo[BENCH_MAX_PENDING], using WC_DECLARE_ARRAY() (35 in all).
* additional smallstack refactors, using WC_DECLARE_VAR(), for bench_aesxts(), bench_ed448KeyGen(), bench_eccsi*(), and bench_sakke*().
* fixes for various unhandled error conditions around malloc failures.

wolfcrypt/test/test.c: opportunistically constify several (42) static constants, moving them to the readonly data segment.

linuxkm/Makefile: if ENABLED_LINUXKM_BENCHMARKS, add wolfcrypt/benchmark/benchmark.o to WOLFSSL_OBJ_FILES.

linuxkm/Kbuild: enable FPU for benchmark.o, and remove enablement for module_hooks.o.

linuxkm/module_hooks.c: remove inline include of benchmark.c.
2024-02-16 10:26:21 -06:00
Juliusz Sosinowicz
469760e186 wc_ecc_shared_secret_ssh fix
- wc_ecc_shared_secret_ssh should either be declared or not. Having two different signatures for the same function is error prone.
- Don't use wc_ecc_shared_secret_ssh in our code. Use wc_ecc_shared_secret directly.
2024-02-16 13:38:35 +01:00
Juliusz Sosinowicz
44de6dfdd3 Return correct values in get_signature APIs and write tests 2024-02-16 11:32:22 +01:00
Marco Oliverio
c8f3a8f14b
fix: negotiate handshake until the end in wolfSSL_read/wolfSSL_write (#7237)
* tls: negotiate until hs is complete in wolfSSL_read/wolfSSL_write

Don't rely on ssl->options.handShakeSate == HANDSHAKE_DONE to check if
negotiation is needed. wolfSSL_Connect() or wolfSSL_Accept() job may not yet be
completed and/or some messages may be waiting in the buffer because of
non-blocking I/O.

* tests: test case for handshake with wolfSSL_read()/wolfSSL_write()

* doc: clarify wolfSSL_write()

* internal.c: rename: need_negotiate -> ssl_in_handshake
2024-02-15 13:48:19 -08:00
Lealem Amedie
b87f544af6 Reviewer feedback 2024-02-14 16:43:01 -07:00
Lealem Amedie
152c8565b9 Fix unit test failure for FIPS 140-2 + WOLFSSL_ARMASM 2024-02-14 16:24:58 -07:00
Sean Parkinson
3b6a7691c5
Merge pull request #7235 from julek-wolfssl/gh/7228
Send alert on bad psk binder
2024-02-14 07:24:52 +10:00
Marco Oliverio
e923d4c151 tls13: read_early_data: set outSz to 0 if no early data
If not data is read, set outSz to 0. This way the
caller can detect if no early data was read.
2024-02-12 17:20:15 +01:00
Juliusz Sosinowicz
bd32dfd282 Send alert on bad psk binder
Issue reported in https://github.com/wolfSSL/wolfssl/pull/7228
2024-02-09 16:12:04 +01:00
Sean Parkinson
5b5f0ff32c
Merge pull request #7194 from anhu/CerManUnExtCb
Adding unknown extension callback to CertManager
2024-02-08 22:10:32 +10:00
Sean Parkinson
9147a7254b
Merge pull request #7214 from julek-wolfssl/zd/17314
DTLS sequence number and cookie fixes
2024-02-08 22:08:37 +10:00
Anthony Hu
271462128d Add a test 2024-02-07 16:49:46 -05:00
David Garske
dec4caa98f
Merge pull request #7206 from julek-wolfssl/gh/7196
Fix write_dup with chacha-poly
2024-02-07 08:40:30 -08:00
Juliusz Sosinowicz
8bddeb10c7 DTLS sequence number and cookie fixes
- dtls: check that the cookie secret is not emtpy
- Dtls13DoDowngrade -> Dtls13ClientDoDowngrade
- dtls: generate both 1.2 and 1.3 cookie secrets in case we downgrade
- dtls: setup sequence numbers for downgrade
- add dtls downgrade sequence number check test

Fixes ZD17314
2024-02-05 16:09:03 +01:00
Daniel Pouzzner
4ed197d487
Merge pull request #7205 from julek-wolfssl/fix-test_wolfSSL_OPENSSL_hexstr2buf
test_wolfSSL_OPENSSL_hexstr2buf: test was always skipped
2024-02-02 18:45:31 -05:00
Juliusz Sosinowicz
5b5d6481de Fix write_dup with chacha-poly 2024-02-02 19:47:25 +01:00
Juliusz Sosinowicz
188a69e649 test_wolfSSL_OPENSSL_hexstr2buf: test was always skipped 2024-02-02 18:29:15 +01:00
JacobBarthelmeh
5fbadbb215 fix warning with test case 2024-02-01 11:50:51 -07:00