WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
21,705 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

2557 Commits (152c8565b94ea8d6a93a6ddb98f7d10c44d84d7c)

Author SHA1 Message Date
Lealem Amedie 152c8565b9 Fix unit test failure for FIPS 140-2 + WOLFSSL_ARMASM 2024-02-14 16:24:58 -07:00
Sean Parkinson 3b6a7691c5
Merge pull request #7235 from julek-wolfssl/gh/7228 
Send alert on bad psk binder
 2024-02-14 07:24:52 +10:00
Marco Oliverio e923d4c151 tls13: read_early_data: set outSz to 0 if no early data 
If not data is read, set outSz to 0. This way the
caller can detect if no early data was read.
 2024-02-12 17:20:15 +01:00
Juliusz Sosinowicz bd32dfd282 Send alert on bad psk binder 
Issue reported in https://github.com/wolfSSL/wolfssl/pull/7228
 2024-02-09 16:12:04 +01:00
Sean Parkinson 5b5f0ff32c
Merge pull request #7194 from anhu/CerManUnExtCb 
Adding unknown extension callback to CertManager
 2024-02-08 22:10:32 +10:00
Sean Parkinson 9147a7254b
Merge pull request #7214 from julek-wolfssl/zd/17314 
DTLS sequence number and cookie fixes
 2024-02-08 22:08:37 +10:00
Anthony Hu 271462128d Add a test 2024-02-07 16:49:46 -05:00
David Garske dec4caa98f
Merge pull request #7206 from julek-wolfssl/gh/7196 
Fix write_dup with chacha-poly
 2024-02-07 08:40:30 -08:00
Juliusz Sosinowicz 8bddeb10c7 DTLS sequence number and cookie fixes 
- dtls: check that the cookie secret is not emtpy
- Dtls13DoDowngrade -> Dtls13ClientDoDowngrade
- dtls: generate both 1.2 and 1.3 cookie secrets in case we downgrade
- dtls: setup sequence numbers for downgrade
- add dtls downgrade sequence number check test

Fixes ZD17314
 2024-02-05 16:09:03 +01:00
Daniel Pouzzner 4ed197d487
Merge pull request #7205 from julek-wolfssl/fix-test_wolfSSL_OPENSSL_hexstr2buf 
test_wolfSSL_OPENSSL_hexstr2buf: test was always skipped
 2024-02-02 18:45:31 -05:00
Juliusz Sosinowicz 5b5d6481de Fix write_dup with chacha-poly 2024-02-02 19:47:25 +01:00
Juliusz Sosinowicz 188a69e649 test_wolfSSL_OPENSSL_hexstr2buf: test was always skipped 2024-02-02 18:29:15 +01:00
JacobBarthelmeh 5fbadbb215 fix warning with test case 2024-02-01 11:50:51 -07:00
JacobBarthelmeh 8d0dc7a568 fix asn original build, vs warning, and add test cases 2024-02-01 11:50:51 -07:00
JacobBarthelmeh db3873ff40
Merge pull request #7172 from bandi13/fixUninitVar 
Fix compilation errors about uninitialized variables
 2024-01-26 08:32:41 -07:00
JacobBarthelmeh 578735e06c
Merge pull request #7169 from julek-wolfssl/gh/7160 
BIO_BIO: BIO_{write|read} on a BIO pair should wrap around ring buffer
 2024-01-25 12:08:10 -08:00
Andras Fekete 4971b9a567 Fix compilation errors about uninitialized variables 
When compiling with '--enable-all CFLAGS=-Og' there were a ton of errors that needed fixing.
 2024-01-25 09:49:30 -05:00
Juliusz Sosinowicz 4f1d777090 BIO_BIO: BIO_{write|read} on a BIO pair should wrap around ring buffer 
- BIO_nread0 should return 0 when no data to read and -2 when not initialized
 2024-01-25 13:46:45 +01:00
Hideki Miyazaki 00f4afb5ea
fix strict-aliasing rules warning 2024-01-24 12:37:16 +09:00
JacobBarthelmeh eb1fff3ad3
Merge pull request #7141 from julek-wolfssl/zd/17249 
EarlySanityCheckMsgReceived: version_negotiated should always be checked
 2024-01-22 12:18:57 -08:00
JacobBarthelmeh 0c150d2391
Merge pull request #7150 from dgarske/getenv 
Fix build with `NO_STDIO_FILESYSTEM` and improve checks for `XGETENV`
 2024-01-22 08:33:24 -08:00
David Garske 76550465bd Fixes build with `NO_STDIO_FILESYSTEM` defined. 2024-01-19 12:49:53 -08:00
David Garske 6b8280f663
Merge pull request #7144 from bandi13/20240119-codesonar 
20240119 codesonar
 2024-01-19 09:35:02 -08:00
David Garske a3a7012c81
Merge pull request #7136 from jpbland1/x509-new-ex 
add heap hint support for a few of the x509 functions
 2024-01-19 09:29:47 -08:00
Andras Fekete 7069a1805a Avoid "Use after free" 
Warning 544767.5627232
 2024-01-19 10:47:38 -05:00
Juliusz Sosinowicz f6ef146149 EarlySanityCheckMsgReceived: version_negotiated should always be checked 
Multiple handshake messages in one record will fail the MsgCheckBoundary() check on the client side when the client is set to TLS 1.3 but allows downgrading.
  --> ClientHello
  <-- ServerHello + rest of TLS 1.2 flight
  Client returns OUT_OF_ORDER_E because in TLS 1.3 the ServerHello has to be the last message in a record. In TLS 1.2 the ServerHello can be in the same record as the rest of the server's first flight.
 2024-01-19 14:57:35 +01:00
Anthony Hu 9be390250d
Adding support for dual key/signature certificates. (#7112) 
Adding support for dual key/signature certificates with X9.146. Enabled with `--enable-dual-alg-certs` or `WOLFSSL_DUAL_ALG_CERTS`.
 2024-01-18 13:20:57 -08:00
John Bland 41ea1109ec update uses of wolfSSL_X509_new and wolfSSL_X509_d2i 
where heap doesn't require a new ex function or struct field to avoid size increase
 2024-01-17 18:46:24 -05:00
David Garske 11029127df
Merge pull request #7119 from JacobBarthelmeh/crl 
support for RSA-PSS signatures with CRL
 2024-01-16 15:23:16 -08:00
JacobBarthelmeh b140f93b17 refactor sigParams allocation and adjust test file name 2024-01-16 14:41:24 -07:00
David Garske 06a32d3437
Merge pull request #7097 from lealem47/removeUserCrypto 
Remove user-crypto functionality and Intel IPP support
 2024-01-09 17:33:28 -08:00
JacobBarthelmeh cd07e32b13 update crl files and add in compat support for RSA-PSS 2024-01-08 16:38:11 -08:00
JacobBarthelmeh d58acef895 add RSA-PSS CRL test case 2024-01-05 14:47:53 -08:00
Juliusz Sosinowicz 5bdcfaa5d0 server: allow reading 0-RTT data after writing 0.5-RTT data 2024-01-04 13:19:44 +01:00
jordan e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
Lealem Amedie 837452b1ca Remove user-crypto functionality and Intel IPP support 2023-12-27 12:24:19 -07:00
Daniel Pouzzner e65e9f11c7 fixes for clang -Wunreachable-code-aggressive (-Wunreachable-code/clang-diagnostic-unreachable-code in src/ssl.c:wolfSSL_CTX_load_verify_buffer_ex() and -Wunreachable-code/clang-diagnostic-unreachable-code-return in api.c:myCEKwrapFunc()). 2023-12-22 14:12:13 -06:00
Daniel Pouzzner f2d573f01f wolfssl/wolfcrypt/asn.h, src/ssl.c: add "ANONk" to enum Key_Sum, and use the new value in wolfSSL_get_sigalg_info(), fixing clang-analyzer-optin.core.EnumCastOutOfRange. 
add suppressions in tests for expected clang-analyzer-optin.core.EnumCastOutOfRange's.
 2023-12-19 18:14:29 -06:00
Chris Conlon 2ffc818c28
Merge pull request #7069 from douzzer/20231213-misc-fixes 
20231213-misc-fixes
 2023-12-14 15:18:12 -07:00
Chris Conlon f6ef58dbc2
Merge pull request #7064 from philljj/fix_infer_issues 
Fix issues from infer diff report.
 2023-12-14 12:27:34 -07:00
Daniel Pouzzner 16c6bd6846 examples/client/client.c and tests/api.c: add missing CloseSocket() calls. 2023-12-14 13:22:27 -06:00
Chris Conlon d0aa80eb37 update example/test certs for end of year release 2023-12-13 16:41:59 -07:00
Chris Conlon 255086b7c8 fix API test warning, comparison of unsigned expression < 0 is always false 2023-12-13 16:41:59 -07:00
jordan f222adf4c2 Fix issues from infer diff report. 2023-12-13 15:59:03 -06:00
Chris Conlon a66137d2fe
Merge pull request #7062 from lealem47/leaks 
Cleanup leaks in api.c and benchmark.c
 2023-12-13 14:09:23 -07:00
Lealem Amedie 5fd0470f76 Cleanup leaks in api.c and benchmark.c 2023-12-13 13:00:52 -07:00
David Garske 56c7e5c675
Merge pull request #7054 from cconlon/sslAlpnSelectCb 
Add wolfSSL_set_alpn_select_cb() for setting ALPN select callback on WOLFSSL session
 2023-12-13 09:24:07 -08:00
Chris Conlon 269542ed96 add wolfSSL_set_alpn_select_cb() for WOLFSSL-level ALPN select callbacks 2023-12-13 09:16:44 -07:00
Sean Parkinson f12b61183b
Merge pull request #7029 from julek-wolfssl/zd/17108-fix 
Additional TLS checks
 2023-12-13 14:31:11 +10:00
Juliusz Sosinowicz 493bb1760d Add option to remove early sanity checks 2023-12-12 17:31:48 +01:00