mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,602 Commits 5 Branches 162 Tags
Commit Graph

1808 Commits

Author SHA1 Message Date
Hideki Miyazaki
b76d44dad9
add ERR_lib_error_string 2021-07-21 10:31:00 +09:00
John Safranek
f82fd01283
Merge pull request #4202 from JacobBarthelmeh/BuildOptions 
fix for build with wpas and disable tls13
 2021-07-14 09:07:08 -07:00
JacobBarthelmeh
18399091ce
Merge pull request #4012 from julek-wolfssl/haproxy 
HaProxy 2.4-dev18 support
 2021-07-14 15:46:04 +07:00
Jacob Barthelmeh
2592a04d8a fix for build with wpas and disable tls13 2021-07-13 15:49:40 +07:00
JacobBarthelmeh
c01a63508a account for testing on big endian system 2021-07-09 08:18:39 -06:00
John Safranek
b9dac74086
Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh
86e5287a14
Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
Juliusz Sosinowicz
b7bd3766c7 Fix pedantic errors about macros in macros 2021-07-07 10:54:34 +02:00
JacobBarthelmeh
7b9d6a3f5e
Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Juliusz Sosinowicz
1acf906612 Code review changes 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
1b6b16c2c3 HaProxy 2.4-dev18 support 
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
    - `STACK_TYPE_X509_OBJ`
    - `OCSP_id_cmp`
    - `X509_STORE_get0_objects`
    - `X509V3_EXT_nconf_nid`
    - `X509V3_EXT_nconf`
    - `X509_chain_up_ref`
    - `X509_NAME_hash`
    - `sk_X509_NAME_new_null`
    - `X509_OBJECT_get0_X509`
    - `X509_OBJECT_get0_X509_CRL`
    - `ASN1_OCTET_STRING_free`
    - `X509_LOOKUP_TYPE`
    - `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
    - WOLFSSL_CTX
        - Enable all compiled in protocols
        - Allow anonymous ciphers
        - Set message grouping
        - Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
    - Return first that occured
    - Set correct value on date error
    - Set revoked error on OCSP or CRL error
    - Save value in session and restore on resumption
    - Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
 2021-07-06 15:39:23 +02:00
Jacob Barthelmeh
ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
TakayukiMatsuo
5df0f7820a Add wolfSSL_CTX_set_keylog_callback 2021-07-03 14:51:23 +09:00
TakayukiMatsuo
567d8ed704 Make wolfSSL_set_session return success on timeout under WOLFSSL_ERROR_CODE_OPENSSL macro definition. 2021-07-02 10:50:00 +09:00
TakayukiMatsuo
aef9e560b1 Make wolfSSL_CTX_set_timeout call wolfSSL_CTX_set_TicketHint internally to change session-ticket-lifetime-hint. 2021-07-02 09:15:01 +09:00
David Garske
43f8c5ba1b
Merge pull request #4121 from JacobBarthelmeh/PKCS7 
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
 2021-07-01 17:03:56 -07:00
JacobBarthelmeh
45486ac904
Merge pull request #4166 from miyazakh/supportedversion_ex_mindowngrade 
not include smaller versions than minimum downgrade
 2021-07-01 21:00:20 +07:00
Chris Conlon
9179071af5
Merge pull request #4153 from JacobBarthelmeh/Testing 
fix for keyid with ktri cms
 2021-06-29 11:40:00 -06:00
David Garske
74b9b5a8cd
Merge pull request #4156 from SparkiDev/regression_fixes_1 
Regression test fixes
 2021-06-25 07:48:02 -07:00
Jacob Barthelmeh
5038a27cda add test cases and set content oid with decode encrypted data 2021-06-25 21:16:01 +07:00
Hideki Miyazaki
5bb52915b9
update test conf to fix jenkins failures 2021-06-25 16:31:49 +09:00
Hideki Miyazaki
d576e3ef96
not send smaller versions than minimum downgradable version as supportedversion ext 2021-06-25 14:51:34 +09:00
Sean Parkinson
dab6724059 Regression fixes: more configurations 
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
 2021-06-25 15:23:51 +10:00
Sean Parkinson
1994811d24
Merge pull request #4144 from haydenroche5/pkcs8 
Make a bunch of PKCS#8 improvements.
 2021-06-25 12:22:11 +10:00
Sean Parkinson
8592053856 Regression test fixes 
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
 2021-06-25 09:18:06 +10:00
Juliusz Sosinowicz
656e49cc3b Expand SHA-3 support 
Add more support in the EVP layer as well as add signing support. The SHA-3 OID's were also added for DER algorithm identifier encoding.
 2021-06-24 19:31:43 +02:00
Hayden Roche
b3401bd102 Make a bunch of PKCS#8 improvements. 
- Add doxygen documentation for wc_GetPkcs8TraditionalOffset, wc_CreatePKCS8Key,
wc_EncryptPKCS8Key, and wc_DecryptPKCS8Key.
- Add a new API function, wc_CreateEncryptedPKCS8Key, which handles both
creation of an unencrypted PKCS#8 key and the subsequent encrypting of said key.
This is a wrapper around TraditionalEnc, which does the same thing. This may
become a first-class function at some point (i.e. not a wrapper). TraditionalEnc
is left as is since it is used in the wild.
- Added a unit test which exercises wc_CreateEncryptedPKCS8Key and
wc_DecryptPKCS8Key. Testing wc_CreateEncryptedPKCS8Key inherently also tests
TraditionalEnc, wc_CreatePKCS8Key, and wc_EncryptPKCS8Key.
- Modified wc_EncryptPKCS8Key to be able to return the required output buffer
size via LENGTH_ONLY_E idiom.
- Added parameter checking to wc_EncryptPKCS8Key and wc_DecryptPKCS8Key.
 2021-06-23 08:39:20 -07:00
Sean Parkinson
2923d812bd
Merge pull request #4058 from miyazakh/qt_oslext_cs 
TLS: extend set_cipher_list() compatibility layer API
 2021-06-23 10:12:11 +10:00
Chris Conlon
4b3bd3e384
Merge pull request #4049 from miyazakh/set_verifyDepth_3 
Set verify depth limit
 2021-06-22 10:23:43 -06:00
Chris Conlon
446393bcab
Merge pull request #3793 from TakayukiMatsuo/os_base64 
Add wolfSSL_EVP_Encode/Decode APIs
 2021-06-22 10:19:30 -06:00
Chris Conlon
b050463dce
Merge pull request #4059 from miyazakh/qt_unit_test 
fix qt unit test
 2021-06-22 10:12:48 -06:00
Jacob Barthelmeh
647bde671c macro guard on test case 2021-06-22 22:56:35 +07:00
Jacob Barthelmeh
3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske
c4ea64b7fc
Merge pull request #4140 from SparkiDev/set_sig_algs 2021-06-21 19:18:10 -07:00
Sean Parkinson
7224fcd9bc TLS: add support for user setting signature algorithms 2021-06-18 16:19:01 +10:00
Hideki Miyazaki
1ebb4a47f6
addressed jenkins failure 2021-06-18 11:22:20 +09:00
Hideki Miyazaki
4feedb72cc
simulate set_ciphersuites comp. API 2021-06-18 11:22:19 +09:00
Hideki Miyazaki
ddf2a0227f
additional fix for set verify depth to be compliant with openssl limit 2021-06-18 11:00:51 +09:00
Hideki Miyazaki
951de64e2c
set PSK at the beginning 2021-06-18 07:59:35 +09:00
Eric Blankenhorn
1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
TakayukiMatsuo
9e02655ac4 Merge remote-tracking branch 'upstream/master' into os_base64 2021-06-16 23:19:52 +09:00
Sean Parkinson
b73673a218
Merge pull request #3794 from TakayukiMatsuo/os_keyprint 
Add wolfSSL_EVP_PKEY_print_public
 2021-06-16 08:43:41 +10:00
TakayukiMatsuo
c6680d08ba Fix coding issues 2021-06-15 11:16:38 +09:00
Sean Parkinson
12c358bc30
Merge pull request #3979 from dgarske/tls13_async 
Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
 2021-06-15 10:02:19 +10:00
David Garske
77df7d8630
Merge pull request #3968 from elms/pedantic_cleanup 
Fixes for some `-pedantic` errors
 2021-06-14 13:46:39 -07:00
David Garske
fd6b30ef32
Merge pull request #4111 from elms/silabs/fix_ecc_shared_secret_outlen 
silabs: fix `wc_ecc_shared_secret` to only return x coordinate
 2021-06-14 13:44:00 -07:00
Chris Conlon
a8d185cb9e
Merge pull request #4117 from TakayukiMatsuo/tk12403 
Add null-parameters-test cases for SHA(), SHA224(), MD5() and MD5_xxx().
 2021-06-14 13:52:01 -06:00
Elms
ed4cf6e91c silabs: fix wc_ecc_shared_secret to only return x coordinate 
secure element computes and returns the full coordinate. The wolfSSL
API should only return the x component.
 2021-06-13 21:46:23 -07:00
TakayukiMatsuo
ebec2fbd25 Fixed uninitialized parameter for Base16_Encode 2021-06-14 13:45:12 +09:00
Hideki Miyazaki
6d3b9aec80
fix api compile failure 2021-06-12 09:24:11 +09:00