mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17,645 Commits 5 Branches 162 Tags
Commit Graph

17645 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hayden Roche
daf5135642 Begin refactor of api.c. 
- Modify all existing tests to return an int. This moves us in the direction of
being able to return error/success from a test rather than just calling abort
when something fails. Also, all tests now have the same signature, so they can
easily be members of an array of test cases.
- Wrap each test in a TEST_CASE struct, which just stores a pointer to the test
function and the name of the test, for now. In the future, other metadata can
be added (e.g. should this test be run/skipped) to TEST_CASE, if desired.
- Modify all tests to return 0 on success. Right now, this doesn't do us much
good because the failure mechanism isn't returning some value != 0, it's
abort.
- Add TestSetup and TestCleanup functions that run before and after each test,
respectively. The former does nothing right now, and the latter clears the
error queue, if the error queue is compiled in.
 2022-07-21 10:12:26 -07:00
JacobBarthelmeh
1281d97b1e
Merge pull request #5373 from haydenroche5/error_queue_fix 
Fix backwards behavior for various wolfSSL_ERR* functions.
 2022-07-21 09:35:21 -06:00
JacobBarthelmeh
a4e3dc9638
Merge pull request #5379 from douzzer/20220720-fixes 
20220720-fixes
 2022-07-20 21:34:08 -06:00
Daniel Pouzzner
542c53f3ac snip out errant "#/" strings added to various text files by copyright boilerplate update in 8eaa85e412. 2022-07-20 18:23:28 -05:00
Daniel Pouzzner
a3fd714501 configure.ac: allow --enable-opensslextra with --enable-linuxkm if --enable-cryptonly is also given. 2022-07-20 18:21:29 -05:00
Daniel Pouzzner
3842889649 src/tls13.c: in SendTls13ClientHello(), move nullness check on WOLFSSL* ssl back to the start of the function. 2022-07-20 18:19:58 -05:00
David Garske
706ab6aac0
Merge pull request #5377 from kareem-wolfssl/rsaKeyEncipher 
Don't require digital signature bit for static RSA cipher suites.  Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA.
 2022-07-20 15:28:55 -07:00
Sean Parkinson
bd2b510487
Merge pull request #5376 from dgarske/sniff_tlsv12_sessticket 
Fixes for sniffer session ticket resumption with TLS v1.2
 2022-07-21 08:22:33 +10:00
David Garske
9450fa1412
Merge pull request #5375 from LinuxJedi/se050-private-key-add 
Add ECC private key insertion for SE050
 2022-07-20 12:42:13 -07:00
Kareem
741d61574b Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA. 2022-07-20 12:24:47 -07:00
Kareem
873890316c Don't require digital signature bit for static RSA cipher suites. 2022-07-20 12:08:20 -07:00
David Garske
564f79c91a
Merge pull request #5371 from douzzer/20220719-linuxkm-get_thread_size-no-thunks 
linuxkm: inhibit thunk generation in get_thread_size.
 2022-07-20 11:48:48 -07:00
David Garske
1c7f64cce9 Fixes for sniffer session ticket resumption with TLS v1.2. ZD14531. 2022-07-20 11:18:19 -07:00
David Garske
b46a308544
Merge pull request #5361 from embhorn/zd14491 
Fix for build with NO_TLS
 2022-07-20 09:28:23 -07:00
Hayden Roche
e6da540fb3 Fix backwards behavior for various wolfSSL_ERR* functions. 
wolfSSL_ERR_get_error and wolfSSL_ERR_peek_error_line_data should return the
earliest error in the queue (i.e. the error at the front), but prior to this
commit, they returned the latest/most recent one instead.

In DoAlert, we were adding an error to the queue for all alerts. However, a
close_notify isn't really an error. This commit makes it so DoAlert only adds
errors to the queue for non-close_notify alerts. In ReceiveData, similarly, we
were adding an error to the queue when the peer sent a close_notify, as
determined by ssl->error == ZERO_RETURN. Now, we don't add an error in this
case.
 2022-07-20 08:56:48 -07:00
Andrew Hutchings
07d2940757 Fix issue caused by undo in IDE 2022-07-20 16:42:09 +01:00
David Garske
ab60865178
Merge pull request #5374 from julek-wolfssl/dtls-multiple-msgs 
ShrinkInputBuffer should not be called in the middle of ProcessReply
 2022-07-20 08:27:56 -07:00
Andrew Hutchings
d7b4abfa0b Fixups to the SE050 ECC pkey insert function 2022-07-20 16:25:39 +01:00
David Garske
719e814841
Merge pull request #5370 from rizlik/dtls13_partial_read_fixes 
dtlsv1.3 fixes
 2022-07-20 08:03:29 -07:00
David Garske
e4c1e71b38
Merge pull request #5364 from embhorn/zd14519 
Fix wolfSSL_Init error handling
 2022-07-20 08:03:08 -07:00
David Garske
f4191a102b
Merge pull request #5304 from SKlimaRA/SKlimaRA/cert-pathlen 
drafted pathlen for cert struct
 2022-07-20 07:54:13 -07:00
David Garske
aab2459d1f
Merge pull request #5372 from JacobBarthelmeh/copyright 
update copyright year to 2022
 2022-07-20 07:52:05 -07:00
David Garske
c029b23043
Merge pull request #5308 from SparkiDev/ecies_gen_iv 
ECIES: Google Pay generates IV and places it before msg
 2022-07-20 06:46:14 -07:00
Marco Oliverio
2e0d53a07d fix: dtls13: use correct handshaketype on hello retry request 2022-07-20 15:25:50 +02:00
Marco Oliverio
3850e6b554 fix: dtls13: use aes for record numbers encryption if using aes-ccm 2022-07-20 15:25:50 +02:00
Marco Oliverio
066f17faad fix: dtls13: hello_retry_request type isn't an encrypted message 2022-07-20 15:25:50 +02:00
Marco Oliverio
c0fc87342c tls13: avoid spurious state advances in connect/accept state machine 2022-07-20 15:25:50 +02:00
Marco Oliverio
11dfb713e9 openssl_compatible_default: use DTLSv1.0 as minDowngrade in DTLS 2022-07-20 15:25:46 +02:00
Marco Oliverio
6711756b03 dtls13: support stream-based medium 
Don't assume that the underlying medium of DTLS provides the full message in a
single operation. This is usually true for message-based socket (eg. using UDP)
and false for stream-based socket (eg. using TCP).

Commit changes:

- Do not error out if we don't have the full message while parsing the header.
- Do not assume that the record header is still in the buffer when decrypting
  the message.
- Try to get more data if we didn't read the full DTLS header.
 2022-07-20 14:53:07 +02:00
Juliusz Sosinowicz
40cb6e0853 ShrinkInputBuffer should not be called in the middle of ProcessReply 2022-07-20 11:57:48 +02:00
Andrew Hutchings
ea34fb1643 Add ECC private key insertion for SE050 
This adds a utility function which allows an ECC private key to be
inserted into the SE050's permanent storage.
 2022-07-20 10:45:26 +01:00
Stanislav Klima
66c5a947fd XSTRNCPY, fixed typos 2022-07-20 08:56:59 +02:00
Sean Parkinson
09bba3510f ECIES: Google Pay ECIES 
Generates IV and places it before msg
Uses 12 byte IV with AES-CTR
Add API to explicitly set KDF salt.
 2022-07-20 09:30:47 +10:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Eric Blankenhorn
8b904e9082 Fix for build with NO_TLS 2022-07-19 11:12:18 -05:00
Daniel Pouzzner
0dac3ec022 linuxkm: inhibit thunk generation in get_thread_size. 2022-07-19 10:20:04 -05:00
Stanislav Klima
1a44bad8cc drafted test case for path len 2022-07-19 15:34:20 +02:00
Stanislav Klima
3d721bd533 more WOLFSSL_CERT_EXT 2022-07-19 11:00:36 +02:00
Stanislav Klima
6ce5f645f3 added ASN template code and WOLFSSL_CERT_EXT, still missing testcase 2022-07-19 10:38:47 +02:00
David Garske
9a3efb67b8
Merge pull request #5368 from lealem47/disableAes 
Fix for --disable-aes without --disable-aesgcm
 2022-07-18 15:05:59 -07:00
David Garske
feb3f889af
Merge pull request #5369 from embhorn/zd14522 
Fix var init in wc_ecc_shared_secret
 2022-07-18 14:17:53 -07:00
Lealem Amedie
cee9f9a871 Fix for --disable-aes without --disable-aesgcm 2022-07-18 10:26:20 -07:00
Chris Conlon
c63abe398f
Merge pull request #5321 from miyazakh/tsip_add_usecase 2022-07-18 09:35:43 -06:00
Eric Blankenhorn
f55fe7fccd Fix var init in wc_ecc_shared_secret 2022-07-18 09:13:07 -05:00
David Garske
218ab7e396
Merge pull request #5362 from haydenroche5/ssl_set_options_public 
Make wolfSSL_(get|set)_options available outside compat layer.
 2022-07-15 10:36:29 -07:00
Eric Blankenhorn
e7303d697b Fix wolfSSL_Init error handling 2022-07-15 09:30:30 -05:00
Andrew Hutchings
8a757ef7cf
Merge pull request #5363 from dgarske/se050_curve25519 
Fixes for SE050 Curve25519 endianness
 2022-07-15 08:49:27 +01:00
Hideki Miyazaki
15725400a7
addressed review comments 5 2022-07-15 13:46:30 +09:00
Hayden Roche
a1b7c29309 Make wolfSSL_(get|set)_options available outside compat layer. 
Also make wolfSSL_CTX_get_options available.
 2022-07-14 16:03:58 -07:00
David Garske
dec8a7fd93 Fixes for SE050 Curve25519 endianness (SDK assumes little endian). Fix for ECC se050_ecc_shared_secret use of wrong pointer on error handle free. 2022-07-14 15:34:50 -07:00