mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,497 Commits 5 Branches 162 Tags
Commit Graph

4275 Commits

Author SHA1 Message Date
Jacob Barthelmeh
b8b2f7ef7d vs build warning fixes 2020-06-24 10:57:31 -06:00
JacobBarthelmeh
b88342eeaf memory handling fixes 2020-06-19 10:08:42 -07:00
Jacob Barthelmeh
1e431e1ade add test case and fixes from review 2020-06-18 10:57:25 -06:00
Jacob Barthelmeh
82921f8650 fix for x509 store add crl 2020-06-17 11:30:18 -06:00
Kaleb Himes
b1aa903c1b
Merge pull request #3052 from julek-wolfssl/infinite-loop-fuzzer 
Alert level must be cleared or ProcessReply will loop indefinitely
 2020-06-16 18:55:15 -06:00
Juliusz Sosinowicz
90caeaf925 Alert level must be cleared or ProcessReply will loop indefinitely 2020-06-16 23:21:54 +02:00
JacobBarthelmeh
7c6dccd4a0
Merge pull request #3038 from embhorn/zd10457 
Unused var error
 2020-06-16 14:10:54 -06:00
Chris Conlon
b9f13dba61
Merge pull request #3030 from TakayukiMatsuo/usertime 
ASN1_TIME_new in correct macro condition
 2020-06-15 17:49:44 -05:00
toddouska
1e07563411
Merge pull request #2984 from julek-wolfssl/dtls-scr 
Add secure renegotiation to DTLS 1.2
 2020-06-12 11:22:55 -07:00
toddouska
6166902f66
Merge pull request #2990 from julek-wolfssl/fix-leak 
Fix leak in SetIndividualInternal
 2020-06-12 11:17:40 -07:00
toddouska
4c2dee77d8
Merge pull request #3028 from julek-wolfssl/CRYPTO_memcmp 
Implement CRYPTO_memcmp
 2020-06-12 11:16:18 -07:00
Eric Blankenhorn
0f36cdf066 Unused var error 2020-06-12 10:43:01 -05:00
Unknown
cab8dd3731 Ignore duplicate or out of order CCS message 
Init variables since compiler complains they might be used without initialization.
 2020-06-12 12:27:48 +02:00
Juliusz Sosinowicz
ac028e551d Code Review 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
69802ed1a9 Missing ssl->heap in FreeBuildMsgArgs 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
3980d6117d Fix Jenkins 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
01b446f469 Fix SessionTicket length in unencrypted case 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
f2d2dadc89 ASYNC: Fix issues with TLS and DTLS 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
eb7a49a1d7 ASYNC: Working TLS SCR 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
a7c4d88876 ASYNC: Working AES128-SHA 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
7b604ad714 WIP 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
73105305cf WIP 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
a107688891 Fix asynchronous DTLS issue 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
d88f6f1156 DTLS test cases 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
4e60e4b3b7 DTLS Message Grouping 
Flush output buffer when we suspect that the grouped messages may exceed MTU.
 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
d2542dcf38 Restore StoreKeys functionality for TLS case 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
c2ca9f614e Jenkins tests fixes 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
eb910a64d0 Comments and formatting 2020-06-12 11:36:43 +02:00
Juliusz Sosinowicz
651a7a97b9 Add secure renegotiation to DTLS 1.2 
- Hash of fragmented certificate was not calculated as a single message and instead we were hashing individual fragments which produced the wrong digest, shared secret, etc...
- Reset handshake number after server Finished packet is sent or received (depending on side)
- Reserve space in buffer for cipher stuff
- Take `DTLS_RECORD_EXTRA` and  `DTLS_HANDSHAKE_EXTRA` into size and offset calculations for DTLS path
- Fix renegotiation in DTLS with AES128-SHA
- Fix renegotiation in DTLS with AES-GCM
- Support HelloVerify request during secure renegotiation
- Save renegotiation handshake messages for retransmission in timeout
- Handle cipher parameters from different epochs. DTLS may need to resend and receive messages from previous epochs so handling different sets of encryption and decryption parameters is crucial.
 2020-06-12 11:36:43 +02:00
toddouska
29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
Juliusz Sosinowicz
d5577c9404 Explicit convert 2020-06-10 18:43:27 +02:00
toddouska
e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska
48783c1982
Merge pull request #2996 from dgarske/stm32hal 
Fixes and improvements for STM32 crypto hardware
 2020-06-09 13:24:27 -07:00
toddouska
7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
David Garske
8791573dfe Fix for building with NO_PUBLIC_GCM_SET_IV when ChaCha20/Poly1305 is enabled. Cleanup use of not used STD_PERI_LIB. 2020-06-08 08:37:54 -07:00
Tak
b883617c0d Moved wolfSSL_ASN1_TIME_new() to under #ifndef NO_ASN_TIME condition 2020-06-08 14:10:20 +09:00
David Garske
3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in AddSession. 2020-06-05 13:33:03 -07:00
Juliusz Sosinowicz
a75f83c9f2 Implement CRYPTO_memcmp 2020-06-05 16:44:12 +02:00
David Garske
7879e83ae0 Fixes for building with ./configure --enable-tls13 --disable-rsa --disable-ecc --enable-psk. Fix to properly detect if missing a asymmetric key algorithm (required by TLS v1.3). 2020-06-04 16:31:19 -07:00
David Garske
66fdc2c536 Disable TLS v1.3 if none of these are available "ECC, CURVE25519, CURVE448 or DH". 2020-06-04 15:31:19 -07:00
David Garske
d4fdd1e590 Fix for TLS v1.3 test PSK callback to support cipher list. Add support for GetCipherSuiteFromName to accept a name ending with colon. 2020-06-04 15:31:18 -07:00
David Garske
8823a581d0 Add PSK user context support (Fixes #2952.). 2020-06-04 15:31:18 -07:00
David Garske
0228d1eeea Cleanups for the TLS v1.3 build requirements. Add check for TLS v1.3 call to EncodeSigAlg. 2020-06-04 15:31:18 -07:00
David Garske
4d8cf5b571 Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF). 2020-06-04 15:31:18 -07:00
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
toddouska
3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
toddouska
23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
79465d70f7
Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00