WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
24,529 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1129 Commits (devin/1739556249-pem-hash-algorithm)

Author SHA1 Message Date
JacobBarthelmeh 31a6a2bf59 update copyright to 2024 2024-07-19 13:15:05 -06:00
JacobBarthelmeh 7405ea8162
Merge pull request #7671 from miyazakh/dtls_ocsp 
Fix ocsp response message build for DTLS
 2024-06-21 14:43:29 -06:00
JacobBarthelmeh e72db4a306
Merge pull request #7612 from dgarske/rsa_pad 
Improvements to RSA padding to expose Pad/Unpad API's
 2024-06-21 13:19:28 -06:00
Hideki Miyazaki 30eb558d58 fix ocsp response when using DTLS 2024-06-21 09:57:59 +09:00
David Garske 305a754de3 Improvements to RSA padding. Expose API's to support external pad/unpad. 2024-06-03 12:23:31 -07:00
David Garske d07d4fb8ac Update support for wolfSSH with `RSA_LOW_MEM`. 2024-06-03 12:08:37 -07:00
David Garske b4910c4615 wolfSSH size optimizations. Disable RSA OAEP, enable SHA-1 with DH. Do not need SHA2-384/512. 2024-06-03 09:34:53 -07:00
David Garske cfbadc8b07 Fixes for wolfSSH user_settings.h template. Add low resource option. 2024-06-03 09:34:53 -07:00
David Garske 3d374239a1 Template for wolfSSH minimal build using user_settings.h. ZD 17991. 2024-06-03 09:34:52 -07:00
David Garske 7fadd4ed9f
Merge pull request #7595 from JacobBarthelmeh/static 
Pull in some staticmemory features
 2024-05-30 16:31:54 -07:00
JacobBarthelmeh ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
JacobBarthelmeh cf61df129c fix typo with NO_CERTS macro 2024-05-29 17:08:01 -06:00
JacobBarthelmeh 6cca3a0d92 tie in static memory debug callback 2024-05-29 15:50:14 -06:00
JacobBarthelmeh 288fe430f5 tying in lean staticmemory build with --enable-staticmemory=small 2024-05-29 15:50:11 -06:00
David Garske 7d4e601902
Merge pull request #6623 from bigbrett/FIPS-TLS-benchmark-CAST-fix 
Fix benchmark failure on FIPS builds
 2024-05-20 14:07:59 -07:00
Brett Nicholas c6db51b8a0 fixed formatting 2024-05-20 12:47:30 -06:00
gasbytes a40dcd3cb3 u_int16_t -> uint16_t 2024-05-17 18:44:15 +02:00
Brett Nicholas e823da99ae declare loop variable at top of function body 2024-05-17 07:08:32 -07:00
Brett Nicholas 9fa838881c fixed bug where tls_bench failed KATs for FIPS builds in a multithreaded environment 2024-05-17 07:08:32 -07:00
David Garske 7782f8eed2
Merge pull request #7528 from gojimmypi/PR-PlatformIO-FreeRTOS 
Introduce IDE/PlatformIO; add wolfSSL Benchmark and Test Examples
 2024-05-17 06:42:47 -07:00
jordan 040e0c956a Used codespell and fixed obvious typos. 2024-05-16 13:53:26 -05:00
gojimmypi 74c0d9b9f6 Update example/configs list, sort order. 2024-05-16 10:48:14 -07:00
gojimmypi 503bbbec8f Update PlatformIO wolfssl/wolfssl@^5.7.0-rev.3c 2024-05-15 17:13:03 -07:00
Andras Fekete a1797f0d0d Fix casts depending on OS 2024-05-14 11:03:20 -04:00
Andras Fekete bf92797cbc Fix conversion error in client.c 2024-05-14 11:02:28 -04:00
Andras Fekete 0bf69e240a Fix build failures 2024-05-14 11:02:28 -04:00
Andras Fekete affd0a318e Fix sign conversion errors 2024-05-14 11:02:28 -04:00
Daniel Pouzzner 9ac6bdd438 fixes and suppressions for defects reported by clang-analyzer-unix.Stream (new in llvm-19.0.0_pre20240504): 
* added POSIX definitions for XFEOF(), XFERROR(), and XCLEARERR(), currently with no-op fallbacks for !POSIX.
* added missing file handle checks in testsuite/testsuite.c:file_test() and tests/utils.h:copy_file().
* added fixes and suppression around tests/api.c:test_wolfSSL_SMIME_read_PKCS7().
* added various fixes in examples/asn1/asn1.c and examples/pem/pem.c.
 2024-05-11 15:24:54 -05:00
Sean Parkinson 97d560d9af Fixes from configuration testing 
asn1.c: Allow sample to build without coding (base64 decoding).

set_curves_list(): function for ECC, Ed25519, Ed448 but this block of
code is ECC only. Fixed #ifdef protection.

wolfSSL_CTX_set1_curves_list and wolfSSL_set1_curves_list also available
when Curve25519/Curve448 compiled in but not ECC.
 2024-04-19 08:40:19 +10:00
Sean Parkinson 8e9810e87e ssl.c: Move functions out to separate files 
Moved E[CD][25519||448] APIs to pk.c
Move public key PEM APIs to pk.c.
Move wolfSSL loading and using of private keys and certificates to
ssl_load.c
Move PKCS#7 and PKCS#12 APIs to ssl_p7p12.c.
Move session and session cache APIs to ssl_sess.c.
Other minor fixes.
 2024-04-16 10:30:59 +10:00
Daniel Pouzzner 7d66cc46ff
Merge pull request #7375 from mrdeep1/fix_rpk 
RPK: Define Certificates correctly for (D)TLS1.2
 2024-04-05 15:48:25 -04:00
JacobBarthelmeh 8b587b563c
Merge pull request #7286 from Frauschi/hybrid_signatures 
Improvements to dual algorithm certificates
 2024-04-03 13:37:16 -06:00
JacobBarthelmeh 75da69911c
Merge pull request #7369 from dgarske/infineon_modustoolbox 
Support for Infineon Modus Toolbox with wolfSSL
 2024-04-02 17:34:07 -06:00
Anthony Hu 6a4d4bf6f1 cks_order is used later; don't let it fall out of scope. 2024-04-01 17:37:03 -04:00
Jon Shallow f2e6f49721 RPK: Define Certificates correctly for (D)TLS1.2 
As per https://datatracker.ietf.org/doc/html/rfc7250#section-3 Figure 1,
the RPK is a single ASN.1_subjectPublicKeyInfo, whereas X509 certificates
etc. are transmitted as a certificate list (even if there is only 1).

This is for (D)TLS1.2 transfers, and this PR fixes this.

As per https://datatracker.ietf.org/doc/html/rfc8446#section-4.4.2 all
certificates (both RPK and Z509) are transferred using a certificate list.

Update examples client to support RPK certificates.

For testing:-
Server:
$ gnutls-serv --http --x509fmtder --priority NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK --rawpkfile certs/server-keyPub.der --rawpkkeyfile certs/server-key.der

Client:
$ examples/client/client -g -p 5556 -c certs/client-keyPub.der -k certs/client-key.der --rpk --files-are-der
 2024-03-28 17:58:02 +00:00
David Garske 2d7f9d1874 Support for Infineon Modus Toolbox with wolfSSL. 2024-03-27 15:37:50 -07:00
Kareem d867405ffb Fix floating point comparison. 2024-03-20 16:03:43 -07:00
Kareem 4d4f4e3f30 Fix potential division by zero in example server. 2024-03-20 15:48:46 -07:00
gojimmypi 9057e8120d Ignore build file warnings for Arduino, update examples 2024-03-13 12:24:00 -07:00
gojimmypi e40eb3c774 Update Arduino examples; add wolfcrypt breadcrumbs. 2024-03-06 15:13:37 -08:00
David Garske 6f88ed0901
Merge pull request #7177 from gojimmypi/PR-Arduino-Update 
Improved Arduino Support: ESP32, Due
 2024-02-13 09:43:42 -08:00
David Garske ca726e97f8 Peer review fixes. 2024-02-03 10:43:46 -08:00
gojimmypi ee0e25de5f Improved Arduino Support, ESP32, Due; (+ code review x2) 2024-02-01 08:31:00 -08:00
David Garske 9e47703402 Template for TLS v1.2 only. 2024-01-31 10:13:31 -08:00
Andras Fekete 4971b9a567 Fix compilation errors about uninitialized variables 
When compiling with '--enable-all CFLAGS=-Og' there were a ton of errors that needed fixing.
 2024-01-25 09:49:30 -05:00
Anthony Hu 9be390250d
Adding support for dual key/signature certificates. (#7112) 
Adding support for dual key/signature certificates with X9.146. Enabled with `--enable-dual-alg-certs` or `WOLFSSL_DUAL_ALG_CERTS`.
 2024-01-18 13:20:57 -08:00
jordan e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
Daniel Pouzzner ff9fee758e examples/client/client.c: fix client_usage_msg undersized array dimension. 2023-12-16 13:22:22 -06:00
Daniel Pouzzner 16c6bd6846 examples/client/client.c and tests/api.c: add missing CloseSocket() calls. 2023-12-14 13:22:27 -06:00
JacobBarthelmeh 1857648d7d
Merge pull request #6976 from embhorn/gh6974 
Fix build errors with dtls1.3 and no tls1.2
 2023-12-04 14:53:35 -07:00
Lealem Amedie e1ac56f2dd Reworking MINGW mutex/threading 2023-11-29 16:45:06 -07:00
Eric Blankenhorn 7223b5a708 Fix spelling warnings 2023-11-22 12:34:56 -06:00
Eric Blankenhorn 7bbeadcf97 Fix build errors with dtls1.3 and no tls1.2 2023-11-15 10:37:09 -06:00
JacobBarthelmeh 2b1c61a013
Merge pull request #6949 from bigbrett/zd16925 
fix WOLFSSL_CALLBACK memory error
 2023-11-08 23:35:32 -07:00
Brett Nicholas ba37dc9933 Fixes bug where example server with WOLFSSL_CALLBACKS hangs when used with 
-6 option (simulated WANT_WRITE errors) or with DTLS, causing make check
to fail
 2023-11-07 11:44:20 -07:00
JacobBarthelmeh c5e2f414ea
Merge pull request #6929 from julek-wolfssl/dtls13-early-data-server-side 
dtls 1.3: allow to skip cookie exchange on resumption
 2023-11-06 13:30:21 -07:00
Juliusz Sosinowicz 8c87920903 Address code review 2023-11-03 11:02:41 +01:00
Daniel Pouzzner d6f37d48d6 examples/asn1/asn1.c: remove now-redundant fclose(fp) in asn1App_ReadFile() (which also was incorrectly closing stdin). see #6905. 2023-11-02 16:14:40 -05:00
lealem47 2ee94023f9
Merge pull request #6937 from dgarske/stm32wl 
Support for the STM32WL55 and PKA improvements for ECC parameters
 2023-11-01 17:44:22 -06:00
David Garske 0dde07e282 Whitespace cleanups (appease multi-test "check-source-text"). 2023-11-01 15:03:12 -07:00
David Garske 33e12e3537 Support for the STM32WL55 and PKA improvements for ECC parameters. Fixes #6386 and Fixes #6396. 2023-11-01 13:55:31 -07:00
JacobBarthelmeh 21f34ef028
Merge pull request #6905 from bandi13/moreCodeSonarFixes 
Don't nag about leaked resources
 2023-11-01 14:46:02 -06:00
Andras Fekete bb9031da6e Remove dead code 2023-11-01 13:30:40 -04:00
jordan 34f349e510 Used codespell and fixed obvious typos. 2023-11-01 10:35:12 -05:00
Juliusz Sosinowicz aed715cb2c dtls 1.3: allow to skip cookie exchange on resumption 
tls 1.3: do cookie exchange when asked too even when found a matching cipher
 2023-10-31 14:29:04 +01:00
Andras Fekete f8f080d7de Don't nag about leaked resources 2023-10-27 15:31:28 -04:00
Daniel Pouzzner 501299bc31 fix null pointer derefs in examples/pem/pem.c:pemApp_ReadFile() and tests/api.c:LoadPKCS7SignedDataCerts() detected by clang-tidy. 2023-10-21 13:34:04 -05:00
JacobBarthelmeh b7b0316ac9 free buffer on error case 2023-10-16 15:04:57 -06:00
JacobBarthelmeh 79a6e1eb04
Merge pull request #6808 from SparkiDev/sp_sm2 
SP updates for SM2
 2023-10-13 10:17:17 -06:00
Sean Parkinson 0cc21a42f3 SP updates for SM2 
Allow wolfSSL to build with SP implementations of SM2.
Updates to SP implementation of other code.
 2023-10-13 08:14:15 +10:00
Juliusz Sosinowicz 85a596e54a DTLS 1.3: allow fragmenting the second ClientHello message 
- DTLS 1.3 pqc support
- Add --enable-dtls-frag-ch option to enable CH fragmenting
- Send an alert when we get an empty keyshare with a cookie present to not allow for multiple HRR in one connection
- Only update the DTLS window when we have successfully processed or stored a message
- Call ssl->chGoodCb as soon as we have processed a verified full or fragmented ClientHello cookie
 2023-10-09 12:54:11 +02:00
David Garske b72d02dd88
Merge pull request #6742 from embhorn/zd16187_2 
Fixes for NO_FILESYSTEM and NO_BIO config
 2023-09-19 11:19:07 -07:00
David Garske e4b211bee9
Merge pull request #6764 from bandi13/zd16449_async 
Zd16449 async
 2023-09-12 08:38:16 -07:00
Andras Fekete d25f4f06bf clang-tidy is being super picky 2023-09-11 16:30:29 -04:00
Andras Fekete c7f5043774 Fixes for the sanitizer 2023-09-11 15:57:20 -04:00
Andras Fekete 57e870e0d4 Add Async examples 2023-09-11 12:05:11 -04:00
kaleb-himes 0fb514fa41 Remove references to WOLFSSL_SP_CACHE_RESISTANT as it is always on 2023-09-07 14:24:51 -06:00
Eric Blankenhorn 7262a30074 Fixes for NO_FILESYSTEM config 2023-08-30 13:54:49 -05:00
Juliusz Sosinowicz c3fea8c930 fixup! client: resend data when didn't receive reply after timeout 2023-08-10 20:14:35 +02:00
Juliusz Sosinowicz e96837aa34 cond: Add start and end API for mutex handling 2023-08-10 18:07:51 +02:00
Juliusz Sosinowicz 1b393199f4 client: resend data when didn't receive reply after timeout 2023-08-10 18:07:35 +02:00
Juliusz Sosinowicz d747df2ae4 Make sure no mutexes are held when cond API are called 2023-08-09 16:25:58 +02:00
David Garske 5b16586483 Fixes for wolfSSL conditional porting. Can cause deadlock in high usage situations. Added better signal support on MacOS. Issue created in PR #6437. 2023-08-08 12:46:42 -07:00
Daniel Pouzzner e51ca7941f fixes for code warned by clang-tidy:18 and cppcheck-2.11: 
bugprone-inc-dec-in-conditions: examples/server/server.c:server_test(), src/internal.c:MatchDomainName(), src/x509.c:wolfSSL_X509_set_ext(), wolfcrypt/src/asn.c:MatchBaseName()

missingReturn: wolfcrypt/src/wc_port.c:mystrnstr()

bugprone-unused-return-value: wolfcrypt/src/wc_port.c:wolfSSL_NewThreadNoJoin()

clang-analyzer-deadcode.DeadStores: wolfssl/test.h:udp_accept()
 2023-08-05 12:28:41 -05:00
JacobBarthelmeh c9b72d7b61
Merge pull request #6673 from anhu/readfile 
Change ReadFile instances to app-specific naming.
 2023-08-04 13:48:49 -06:00
Anthony Hu 30fda7ad38 Change ReadFile instances to app-specific naming. 
ReadFile conflicts with a windows API.
 2023-08-04 13:50:46 -04:00
Juliusz Sosinowicz 67d6d438c5 Port testing to wolfSSL threading interface 2023-08-04 10:49:39 +02:00
Andras Fekete 2a6956a954 Missing commit 2023-08-01 17:55:38 -04:00
Andras Fekete 25f542adb4 Clean up compile errors 2023-08-01 15:46:18 -04:00
Andras Fekete 9eb339f9fd Remove cyassl from example code 2023-08-01 10:17:38 -04:00
Andras Fekete ab953c3141 Update VS project files 2023-07-31 15:37:48 -04:00
Andras Fekete 2b2509c56c Drop code support 2023-07-31 15:36:38 -04:00
JacobBarthelmeh a785c39a12
Merge pull request #6657 from kojo1/multibyte 
multi-byte code
 2023-07-27 16:35:22 -06:00
JacobBarthelmeh 3e63589664
Merge pull request #6605 from dgarske/ada 
Ada Bindings for wolfSSL
 2023-07-27 15:21:52 -06:00
Takashi Kojo 136738fd33 Avoid mult-byte code error 2023-07-27 17:04:41 +09:00
David Garske c0b4cde6df
Merge pull request #6632 from jpbland1/ocsp-want-read-error 
OCSP_WANT_READ mishandled re-run
 2023-07-25 08:23:46 -07:00
JacobBarthelmeh 1285ae7816
Merge pull request #6506 from DimitriPapadopoulos/codespell 
Fix typos found by codespell
 2023-07-24 10:34:29 -06:00
John Bland 2e4b651b87 update tls13 to handle an OCSP_WANT_READ, update 
async client test to retry connect on OCSP_WANT_READ instead of timing out
 2023-07-21 16:24:59 -04:00
Brett Nicholas 9bed65ad57 split up error message 
split #if into multiple lines
 2023-07-13 15:14:02 -06:00
Brett Nicholas b02a22b5b3 added error reporting macro for invalid configuration 2023-07-13 15:14:02 -06:00