Anthony Hu
22eee3206d
Fixups from review by dgarske
2022-06-14 11:13:28 -04:00
Anthony Hu
4d4ee3b2db
Support psk ciphersuites in benchmarks.
...
Also fixed some small errors during shutdown in benchmarks.
Tested with:
./configure --enable-psk CFLAGS=-DWOLFSSL_STATIC_PSK
make all check
./examples/benchmark/tls_bench
2022-06-13 13:33:51 -04:00
David Garske
d5791d5c74
Fixes for TLS benchmarking app (tls_bench) for shutdown and formatting brace cleanups.
2022-06-10 13:48:46 -07:00
kaleb-himes
96d5814bfe
Implement peer review feedback
2022-06-03 11:06:46 -06:00
kaleb-himes
3bcdef1972
Fix various warnings and an uninitialized XFILE
2022-06-03 09:52:53 -06:00
David Garske
9cfcdfc7aa
Merge pull request #5149 from julek-wolfssl/store-frags-v2
...
Re-use async to support WANT_WRITE while sending fragments
2022-06-01 10:52:54 -07:00
Sean Parkinson
be743b2204
TLS 1.3: send ticket
...
Can send a new session ticket any time after handshake is complete with
TLS v1.3.
Added API for server application to do this.
Added tests.
2022-06-01 10:36:01 +10:00
Juliusz Sosinowicz
6245395f34
Simulate WANT_WRITE only with async I/O support
2022-05-27 23:23:18 +02:00
Juliusz Sosinowicz
50c0b3d2a2
Add testing/docs for blocking write
...
- Fix case where message grouping can make CheckAvailableSize return a WANT_WRITE
- CheckAvailableSize in tls13.c will not return a WANT_WRITE since it only does so for DTLS <=1.2
2022-05-27 21:26:55 +02:00
Daniel Pouzzner
c4920021d8
print errors to stderr, not stdout;
...
fix whitespace in internal.c;
add missing error handling in examples/server/server.c around recvfrom().
2022-05-12 13:07:32 -05:00
Juliusz Sosinowicz
44be4e1cc8
Reset ret in client and server after wolfSSL_dtls_got_timeout()
...
- Do UDP connect only with simulateWantWrite to accommodate macOS that doesn't like sendto being called on connected UDP sockets
- Call wolfSSL_dtls_get_current_timeout only on a DTLS connection
2022-05-12 16:48:04 +02:00
Juliusz Sosinowicz
9914da3046
Fix resumption failure and use range in connect state logic
2022-05-12 15:46:08 +02:00
Juliusz Sosinowicz
a31b76878f
DTLS fixes with WANT_WRITE simulations
...
- WANT_WRITE could be returned in unexpected places. This patch takes care of that.
- Change state after SendBuffered only if in a sending state to begin with.
- Adapt client and server to simulate WANT_WRITE with DTLS
2022-05-12 15:46:08 +02:00
John Safranek
798d81723b
Merge pull request #5128 from rizlik/dtls_bidrectional_shutdown
...
Support DTLS bidirectional shutdown in the examples
2022-05-11 17:00:44 -07:00
Juliusz Sosinowicz
257c55a311
examples: allow bidirectional shutdown in UDP
...
This commit allows the examples to perform a bidirectional shutdown also when
using UDP. It is useful to test DTLS retransmission.
Signed-off-by: Marco Oliverio <marco@wolfssl.com>
2022-05-11 13:27:24 +02:00
Daniel Pouzzner
26673a0f28
where appropriate, use strcmp/strcasecmp, not strncmp/strncasecmp;
...
add macro XSTRCASECMP();
update XSTRNCASECMP() for XC32 >= 1.00 to use strncasecmp.
2022-05-10 12:20:12 -05:00
Marco Oliverio
d133fa6143
server: check that the first packet of udp connection is clientHello
...
Used to allow for bi-directional shutdown tests with UDP and DTLS
2022-05-09 13:45:27 +02:00
David Garske
84a33183a6
Various scan-build fixes.
2022-04-22 16:02:54 -07:00
elms
29392ac6b3
spell fix: OSCP -> OCSP
2022-04-19 15:11:08 -07:00
David Garske
c905c613e9
Support for Intel QuickAssist ECC KeyGen acceleration.
2022-03-30 13:07:47 -07:00
Juliusz Sosinowicz
1fd090d094
Update `wolfSSL_get_session` docs
...
Recommend using `wolfSSL_get1_session` and `NO_SESSION_CACHE_REF` for session resumption purposes. `wolfSSL_get_session` should not be used unless to inspect the current session object.
2022-03-17 12:56:28 +01:00
Daniel Pouzzner
d531e21f34
Merge pull request #4946 from dgarske/async_earlydata
...
Fixes for TLS v1.3 early data with async
2022-03-15 12:12:09 -05:00
Sean Parkinson
2c1ecacbfc
TLS 1.3 script test: wait for server to write file
...
Also fixes for:
./configure --enable-psk --disable-rsa --disable-ecc --disable-dh
C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-shared --enable-curve448 --enable-ed448
--disable-rsa --disable-dh --enable-tls13 --disable-ecc --enable-certgen
--enable-keygen
2022-03-14 14:42:47 +10:00
David Garske
dd8fb41f66
Fixes for TLS v1.3 early data with async.
2022-03-11 14:03:46 -08:00
Juliusz Sosinowicz
3c64731c4f
Don't force a ECC CA when a custom CA is passed with `-A`
...
The following config would fail `../configure --enable-opensslall CFLAGS="-DOPENSSL_COMPATIBLE_DEFAULTS" && make -j check`. This is because `test-fails.conf` `ECC no signer error` test expects a failure while the ECC CA was being added as a trusted cert due to `OPENSSL_COMPATIBLE_DEFAULTS`.
2022-03-08 15:02:43 +01:00
Hayden Roche
a9cc1ca877
Merge pull request #4924 from dgarske/coexist_fixes
2022-03-07 13:00:22 -08:00
Daniel Pouzzner
9be0633ce3
Merge pull request #4824 from dgarske/fips_ready_user
...
User settings template for FIPS v5 ready
2022-03-05 07:52:03 -06:00
David Garske
3839b0e675
Fixes for building wolfSSL along side openssl.
2022-03-04 12:06:24 -08:00
David Garske
6dd7a289e7
Fix for "set but not used".
2022-02-24 13:43:56 -08:00
Sean Parkinson
b13826a3a5
Merge pull request #4840 from haydenroche5/visual_studio_cleanup
...
Clean up Visual Studio output and intermediate directories.
2022-02-24 15:07:13 +10:00
Juliusz Sosinowicz
ceff401269
Fixes for Jenkins tests
...
- Move test to `HAVE_IO_TESTS_DEPENDENCIES`
- Implement `wolfSSL_trust_peer_cert`
- have{cipher} options weren't being set with only RSA enabled
2022-02-23 09:47:34 +01:00
David Garske
194466c35a
Peer review fixes.
2022-02-22 15:22:27 -08:00
David Garske
40b171124f
Fixes to resolve a few make check issues.
2022-02-11 15:20:25 -08:00
David Garske
7ec1e69dba
Fixes for supporting the openssl compatibility layer. Adds ChaCha/Poly, DH extra and verify callbacks.
2022-02-08 10:18:41 -08:00
Hayden Roche
6930cc0b21
Clean up Visual Studio output and intermediate directories.
...
Currently, wolfssl.vcxproj and IDE/WIN10/wolfssl-fips.vcxproj do not use the
same scheme for their output and intermediate directories. Further, across
configuration/platform combinations, wolfssl.vcxproj isn't consistent, either.
For example:
```
Release|x64
OutDir: $(SolutionDir)$(Platform)\$(Configuration)\
IntDir: $(Platform)\$(Configuration)\obj\
Release|Win32
OutDir: $(SolutionDir)$(Configuration)\
IntDir: $(Configuration)\obj\
```
This commit makes every configuration/platform combo for all Visual Studio
projects follow the same pattern:
```
OutDir: $(SolutionDir)$(Platform)\$(Configuration)\
IntDir: $(Configuration)\$(Platform)\$(ProjectName)_obj\
```
The `$(ProjectName)_obj` piece gets rid of a Visual Studio warning about not
mingling the intermediate objects of disparate builds.
2022-02-08 09:23:27 -08:00
David Garske
5169a3cf89
Improve header comments and logic. Remove `NO_PWDBASED` and added CRL.
2022-02-07 15:58:10 -08:00
David Garske
50700c3c28
Make sure Rabbit and HC128 are disabled when building FIPS against older wolfSSL.
2022-02-03 14:53:11 -08:00
David Garske
db6d924d4b
User settings template for FIPS v5.
2022-02-03 13:35:13 -08:00
Anthony Hu
9ea40f3a9c
Purge IDEA cipher
2022-01-31 15:29:25 -05:00
Anthony Hu
b957a6e872
Purge Rabbit cipher
2022-01-28 13:13:53 -05:00
Daniel Pouzzner
2955d7339e
remove a debugging printf, fix whitespace/indentation, and add a comment re gethostbyname_r buffer size.
2022-01-21 13:00:22 -06:00
Daniel Pouzzner
6a56d3e131
jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
...
defect/gripe statistics:
configured --enable-all --enable-sp-math-all --enable-intelasm
with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result
[note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]
pre-patch warning count per file, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 6 wolfssl/tests/suites.c
clang-analyzer-security.insecureAPI.strcpy 2 wolfssl/testsuite/testsuite.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/server/server.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/client/client.c
readability-redundant-preprocessor 2 wolfssl/wolfcrypt/src/asn.c
readability-redundant-preprocessor 1 wolfssl/wolfcrypt/src/rsa.c
readability-redundant-preprocessor 9 wolfssl/src/ssl.c
readability-redundant-preprocessor 2 wolfssl/src/tls13.c
readability-redundant-preprocessor 18 wolfssl/tests/api.c
readability-redundant-preprocessor 3 wolfssl/src/internal.c
readability-redundant-preprocessor 10 wolfssl/wolfcrypt/test/test.c
readability-named-parameter 1 wolfssl/wolfcrypt/benchmark/benchmark.c
readability-named-parameter 7 wolfssl/src/internal.c
readability-named-parameter 1 wolfssl/wolfcrypt/src/ecc.c
readability-named-parameter 1 wolfssl/testsuite/testsuite.c
readability-named-parameter 11 wolfssl/wolfcrypt/src/ge_operations.c
misc-no-recursion 3 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 4 wolfssl/wolfcrypt/src/asn.c
readability-uppercase-literal-suffix 1 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 13 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-too-small-loop-variable 1 wolfssl/wolfcrypt/src/rsa.c
bugprone-too-small-loop-variable 2 wolfssl/wolfcrypt/src/sha3.c
bugprone-too-small-loop-variable 4 wolfssl/wolfcrypt/src/idea.c
bugprone-signed-char-misuse 2 wolfssl/src/ssl.c
bugprone-signed-char-misuse 3 wolfssl/wolfcrypt/src/sp_int.c
bugprone-signed-char-misuse 3 wolfssl/examples/client/client.c
bugprone-macro-parentheses 19 wolfssl/wolfcrypt/src/aes.c
bugprone-macro-parentheses 109 wolfssl/wolfcrypt/src/camellia.c
bugprone-macro-parentheses 1 wolfssl/src/tls.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/md4.c
bugprone-macro-parentheses 2 wolfssl/wolfcrypt/src/asn.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2b.c
bugprone-macro-parentheses 257 wolfssl/wolfcrypt/src/sha3.c
bugprone-macro-parentheses 15 wolfssl/src/ssl.c
bugprone-macro-parentheses 1 wolfssl/wolfcrypt/src/sha.c
bugprone-macro-parentheses 8 wolfssl/tests/api.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/sp_int.c
bugprone-macro-parentheses 6 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-macro-parentheses 38 wolfssl/wolfcrypt/src/hc128.c
bugprone-macro-parentheses 12 wolfssl/wolfcrypt/src/md5.c
bugprone-macro-parentheses 10 wolfssl/wolfcrypt/src/sha256.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/test/test.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/ecc.c
bugprone-macro-parentheses 2 wolfssl/tests/suites.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/cpuid.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2s.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/sha512.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/poly1305.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/ripemd.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/src/internal.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/testsuite/testsuite.c
pre-patch warning count summaries, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-suspicious-missing-comma 6
readability-redundant-preprocessor 45
readability-named-parameter 21
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-too-small-loop-variable 7
bugprone-signed-char-misuse 8
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
pre-patch warning count summaries, without suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-branch-clone 152
readability-non-const-parameter 118
bugprone-suspicious-missing-comma 6
bugprone-suspicious-include 52
readability-magic-numbers 22423
readability-redundant-preprocessor 45
readability-named-parameter 21
readability-function-cognitive-complexity 845
readability-else-after-return 398
bugprone-implicit-widening-of-multiplication-result 595
readability-function-size 21
readability-isolate-declaration 1090
misc-redundant-expression 2
bugprone-narrowing-conversions 994
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-reserved-identifier 56
readability-suspicious-call-argument 74
bugprone-too-small-loop-variable 7
bugprone-easily-swappable-parameters 437
bugprone-signed-char-misuse 8
readability-misleading-indentation 94
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
bugprone-suspicious-string-compare 495
readability-redundant-control-flow 20
readability-braces-around-statements 11483
clang-analyzer-valist.Uninitialized 1
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling 3502
2022-01-21 01:25:48 -06:00
Sean Parkinson
848f5eeb0c
Merge pull request #4755 from dgarske/dtls_srtp
...
DTLS SRTP (RFC5764) support (adds `--enable-srtp`)
2022-01-21 10:43:47 +10:00
Marco Oliverio
231a0bbb84
dtls-srtp: no ekm cross check on single threaded/no pthread conf
2022-01-20 16:12:04 +01:00
David Garske
7adbf59f22
Merge pull request #4767 from anhu/kill_hc128
...
Get rid of HC-128
2022-01-19 12:20:18 -08:00
David Garske
8e0ece920b
Test cleanups. Fix possible leak in `TLSX_UseSRTP`.
2022-01-19 09:22:02 -08:00
Marco Oliverio
86ba0ef643
tests: support test for SRTP
...
the test will check that the same Exported Keying Material is generated between
client and server
2022-01-19 13:35:29 +01:00
Chris Conlon
4c05d35452
Merge pull request #4743 from miyazakh/tls_bench_onlymode
2022-01-18 15:41:48 -07:00
Anthony Hu
c2860cb311
Get rid of HC-128
2022-01-17 18:11:54 -05:00
John Safranek
2085624a29
Old Compiler Warning Cleanup (GCC 4.0.2)
...
1. Removed pragma disabling the warning for non-literal format strings
on `printf()`.
2. Switched the `printf()` into two printf calls.
2022-01-14 17:11:55 -08:00
David Garske
eade8ecdf1
DTLS SRTP improvements. Added support for client to send list of profiles. Added support for more SRTP profiles.
2022-01-14 13:43:29 -08:00
David Garske
6ccbd8776f
DTLS SRTP (RFC5764) support (adds `--enable-srtp`). Used with WebRTC to agree on profile for new real-time session keys.
2022-01-14 07:35:45 -08:00
Hideki Miyazaki
723cfb2d0b
make server/client only work
2022-01-12 09:23:23 +09:00
David Garske
569c066fab
Improve TLS client side session cache references to provide option for not returning an internal session cache pointer. Now use `wolfSSL_get1_sesson` for reference logic, that requires calling `wolfSSL_SESSION_free`. To disable this feature use `NO_SESSION_CACHE_REF`.
2021-12-23 14:25:45 -08:00
Hayden Roche
52754123d9
Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init.
...
Additionally, remove wc_SetSeed_Cb calls applications (e.g. example client and
server), since they are now redundant.
2021-12-22 14:21:06 -08:00
Anthony Hu
7d4c13b9a4
--with-liboqs now defines HAVE_LIBOQS and HAVE_PQC
...
AKA: The Great Rename of December 2021
2021-12-20 11:48:03 -05:00
Jacob Barthelmeh
ad078a7358
adjust macro guard in example client
2021-12-08 13:45:37 -07:00
Jacob Barthelmeh
9a07b3af9b
print out PEM of peer cert with example client
2021-12-07 14:07:47 -07:00
Daniel Pouzzner
30b68060fb
configure.ac: fix whitespace; client.c: make gcc 5.4.0 -Wmaybe-uninitialized happy.
2021-12-04 00:57:49 -06:00
Jacob Barthelmeh
0340b49ff9
do not load example CA if not verifying peer
2021-11-30 10:44:05 -07:00
David Garske
5dac25f470
Eliminate `EIGHTK_BUF` use in asn. Cleanup uses of `0` in set_verify for callback.
2021-11-09 08:23:19 -08:00
Daniel Pouzzner
0b4f34d62a
typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C.
2021-11-08 17:35:05 -06:00
Daniel Pouzzner
8f121e7752
file modes: clear inappropriate executable bits.
2021-11-08 17:28:11 -06:00
Juliusz Sosinowicz
6d89de4f11
Check correct var for `server.c` echo return.
2021-11-05 16:10:17 +01:00
Jacob Barthelmeh
1d91ccb41b
remove exe bit on example.c and server.c
2021-10-29 13:12:43 -06:00
David Garske
0a26335243
Merge pull request #4446 from ejohnstown/dtls-sizing
...
DTLS Sizing
2021-10-28 14:15:36 -07:00
Juliusz Sosinowicz
adee6a86d1
Return the close notify error when expecting an error.
2021-10-28 20:53:58 +02:00
Juliusz Sosinowicz
894303be59
Make the `wolfSSL_GetMaxFragSize` parameter meaning consistent
...
- Add testing for sending as much app data as possible in a single DTLS record
2021-10-28 14:46:15 +02:00
David Garske
c16f0db1b5
Fixes for handling `WC_PENDING_E` async responses in API unit test and examples. Resolves all issues with `--enable-all --enable-asynccrypt --with-intelqa=`.
2021-10-27 15:08:39 -07:00
John Safranek
976402e04b
RNG Update
...
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
as a default callback.
2. Modify all the tests and examples to use the default seed callback if
the seed callback is enabled.
2021-10-26 20:24:25 -05:00
Sean Parkinson
6070981366
Merge pull request #4490 from dgarske/static_mem_unittest
...
Add CTX static memory API unit tests
2021-10-26 09:52:14 +10:00
kaleb-himes
5859779ddf
Check-in non-FIPS specific porting changes for OE22
...
Fix no new line
Change comment style in testsuite.c
Add include for proper socket header in wolfio.h
Add dc_log_printf support to benchmark application
Pull in changes for examples
Refector NETOS check in test.c
Fix format and remove settings used only for validation testing
Implement peer review feedback
Address last items noted in peer review
Add new README to include.am
Adjust comment style on TODO
Gate changes in client and server properly
Add static on customer feedback
Fix settings include
Update latest peer feedback
2021-10-22 15:01:14 -06:00
David Garske
f17187aad9
Fixes for static memory testing. Fix clang memory sanitizer warnings.
2021-10-21 16:33:57 -07:00
David Garske
911d95e5e4
Add CTX static memory API unit tests. Expanded crypto callback TLS tests to older SSL/TLS and DTLS.
2021-10-21 11:47:00 -07:00
David Garske
37a976b4bf
Fix example server to support option 7 (which exists). Fix static mem size required with session cert (matches client now).
2021-10-21 11:41:30 -07:00
David Garske
a03ed32380
Support for Android KeyStore compatibility API's:
...
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
Sean Parkinson
f04380d624
Merge pull request #4475 from douzzer/fix-scan-build-UnreachableCode
...
scan-build LLVM-13 fixes and expanded coverage
2021-10-20 08:30:46 +10:00
David Garske
dcb2ebba39
Fix for openssl.test extraction of version and cipher suites. Fix mem tracking to use stderr. Fix client version print to use single printf with newline.
2021-10-19 13:00:25 -07:00
Daniel Pouzzner
768496be4a
scan-build LLVM-13 fixes: in examples/echoclient/echoclient.c, remove frivolous "break;", avoiding need to pragma-ignore clang -Wunreachable-code-break.
2021-10-18 21:46:10 -05:00
Daniel Pouzzner
76332069ea
examples/client/client.c: remove frivolous `break` to avoid need for PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\"").
2021-10-18 21:46:09 -05:00
Daniel Pouzzner
f621a93081
more scan-build LLVM-13 fixes and expanded coverage: deadcode.DeadStores in client.c and server.c (no functional changes).
2021-10-18 21:46:09 -05:00
Daniel Pouzzner
62822be6ce
scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all.
2021-10-18 21:46:09 -05:00
David Garske
2aa2ef84b2
Merge pull request #4470 from LinuxJedi/md-cleanups
...
Cleanup markdown documentation
2021-10-14 11:04:48 -07:00
Andrew Hutchings
11e3f867b0
Cleanup markdown documentation
...
* Add syntax highlighting where appropriate
* Fix some markdown compliance issues
* Add some links for things
* Add some inline code quoting
* Fix some headings
* Fix copyright date in doxygen html output
2021-10-13 16:39:46 +01:00
David Garske
bc97539756
Increase the size of the temp buffer for starttls. Some SMTP servers send larger messages.
2021-10-12 15:13:38 -07:00
David Garske
da15356c2a
Merge pull request #4444 from anhu/pq_bench
...
Benchmarking the supported groups.
2021-10-05 09:52:51 -07:00
Anthony Hu
41b9b14cfb
whitespace
2021-10-04 18:35:09 -04:00
Anthony Hu
f77a5e26b5
semi-colon --> colon and use wolfTLSv1_3_server_method when NO_WOLFSSL_CLIENT.
2021-10-04 18:31:28 -04:00
Anthony Hu
310ab6692a
Drop a function brace and WOLFSSL_TLS13.
2021-10-04 13:56:01 -04:00
Lealem Amedie
4084928d93
Slight changes to liboqs documentation in INSTALL and example client/server
2021-10-02 13:14:32 -06:00
Anthony Hu
2fa0114d54
Benchmarking the supported groups.
2021-10-01 15:38:07 -04:00
Anthony Hu
33cb823148
Remove legacy NTRU and OQS ( #4418 )
...
* Remove NTRU and OQS
* Keep the DTLS serialization format backwards compatible.
* Remove n from mygetopt_long() call.
* Fix over-zealous deletion.
* Resolve problems found by @SparkiDev
2021-09-24 08:37:53 +10:00
Anthony Hu
13d4722678
Convert post-quantum algorithm group names
...
... from using parameter set names from the papers to NIST levels.
2021-09-17 13:28:34 -04:00
John Safranek
bb70fee1ec
Merge pull request #4390 from anhu/hybridizing
...
Hybridizing NIST ECC groups with the OQS groups.
2021-09-16 22:01:39 -07:00
Eric Blankenhorn
2274d0b773
Fix overflow check in ClientMemSend
2021-09-14 11:17:01 -05:00
Anthony Hu
fb733b4662
Hybridizing the OQS groups with NIST ECC groups.
2021-09-10 13:12:12 -04:00
Juliusz Sosinowicz
4a26b53dfc
Changes for ED25519 and `HAVE_SECRET_CALLBACK`
...
- `HAVE_SECRET_CALLBACK` needs to have `wolfSSL_SSL_CTX_get_timeout` and `wolfSSL_SSL_get_timeout` available
- Call `wolfSSL_KeepArrays` for `HAVE_SECRET_CALLBACK`
- Increase the default `DTLS_MTU_ADDITIONAL_READ_BUFFER` and make it adjustable by the user
- Don't truncate application data returned to user in `wolfSSL_read_internal`
2021-09-02 15:58:30 +02:00
David Garske
9b6cf56a6e
Expanded support for Curve25519/Curve448 and TLS v1.3 sniffer ( #4335 )
...
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
2021-09-01 09:28:24 +10:00
Kareem
9a438ce289
liboqs integration using keyshare/supported_groups extensions in TLS 1.3
2021-08-27 13:56:53 -04:00
David Garske
70535f51d5
Fixes for PK callbacks with TLS v1.3. Tested with `./configure --enable-pkcallbacks CFLAGS="-DTEST_PK_PRIVKEY -DDEBUG_PK_CB"`.
2021-08-16 13:09:17 -07:00