WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
19,161 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

472 Commits (24fd561bf8db0f3ccddb5d05e93dec294ee40a0a)

Author SHA1 Message Date
Sean Parkinson b624fc8377 TLS 1.3 PSK: add option to require only PSK with DHE 
Can specify only PSK without DHE.
Add only PSK with DHE.
 2023-02-16 09:21:29 +10:00
Daniel Pouzzner 0b0b980784 fix an oversight in wolfSentry integration in examples/{client,server}. 2023-01-05 17:59:10 -06:00
Daniel Pouzzner 43265669c6 fix warnings around clang-diagnostic-embedded-directive and readability-uppercase-literal-suffix; update wolfSentry integration for upcoming release 0.8.0. 2023-01-05 00:13:17 -06:00
David Garske 023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Anthony Hu fffd3adc30 Warn that renegotiation in TLS 1.3 requires session ticket. 2022-12-12 11:30:01 -05:00
Anthony Hu a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
Anthony Hu 0bfa5c9836 Purge NTRU and SABER. Not going to be standardized. 2022-11-25 14:54:08 -05:00
Daniel Pouzzner 48ba365fd6 fixes for defects: 
clang-analyzer-deadcode.DeadStores in examples/server/server.c;

-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;

nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
 2022-11-08 14:04:16 -06:00
David Garske 1ee3a78e4a Fixes for various tests that do not properly handle `WC_PENDING_E`. 2022-11-04 14:56:40 -07:00
Daniel Pouzzner 895a2e1ac5 WOLFSSL_CALLBACKS codepaths: fixes for bugprone-unused-return-value, bugprone-macro-parentheses, readability-named-parameter, and clang-analyzer-deadcode.DeadStores 2022-10-18 13:34:42 -05:00
JacobBarthelmeh 927f4c445d additional sanity checks on debug callback 2022-10-11 13:14:59 -07:00
Sean Parkinson 005f77180b PSK only TLS: fix ENCRYPT_LEN 
Allow no PK algorithms and TLS to build and test.
Use PSK cipher suite with GCM if AES-CBC not available.
 2022-09-12 11:21:01 +10:00
Marco Oliverio 08b89fbef9 server: add optional argument to -J disable hrr cookie 2022-09-01 09:37:35 +02:00
CallumMcLoughlin 565d1b33e5
Update examples to allow post quantum KEM within DTLS 1.3 2022-08-30 18:39:57 +12:00
David Garske a0448155d5 Fix for type warnings in example for DTLS CID `./configure --enable-dtls --enable-dtlscid --enable-dtls13`. 2022-08-24 16:02:05 -07:00
Marco Oliverio 90fcd95f9b server/client: add --cid option to use ConnectionID extension 2022-08-23 16:58:24 +02:00
Eric Blankenhorn 3d8562f07b Fixes for build and runtime issues 2022-08-19 08:12:04 -05:00
Daniel Pouzzner 969ad96dee
examples/{client,server}/{client,server}.c: remove spurious commas in --pqc help strings, and mollify clang-tidy bugprone-suspicious-missing-comma re --force-curve help strings. (#5480) 2022-08-18 13:32:58 -04:00
Peter Torelli aa812c8aa9
Added support for P384 pre-share in server (#5442) 
Added support for new server `--force-curve` option.
 2022-08-17 15:30:48 -07:00
David Garske 995100eed1 Fix for handling `WC_PENDING_E` from decrypt session ticket callback. ZD14420 2022-08-10 22:20:49 -07:00
David Garske 8605195709 Support for asynchronous session ticket callback (can return WC_PENDING_E). Requires wolfAsyncCrypt support. ZD 14420. 2022-07-20 16:43:17 -07:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Marco Oliverio fd4836772b examples: support DTLS version downgrading 2022-07-06 16:18:44 +02:00
Marco Oliverio 80f3db6e1d fix: examples/server: dtls mode checking 
This fixes using ssl to check if we are using dtls or not, when ssl is not yet
valid.

Fix: 060dfe1a69
 2022-07-04 10:21:11 +02:00
David Garske b87b255d52
Merge pull request #5295 from rizlik/dtls13_bugfix 
server: fix wrong minVersion setting when non in dtls
 2022-06-28 09:35:23 -07:00
Chris Conlon 14c65e0117
Merge pull request #5281 from miyazakh/example_japanese_translate 2022-06-28 10:08:06 -06:00
Marco Oliverio 060dfe1a69 server: fix wrong minVersion setting when non in dtls 2022-06-28 12:10:18 +02:00
Hideki Miyazaki c34c32f621
translated Japanese messages 2022-06-24 08:09:28 +09:00
Daniel Pouzzner a5250482ce examples/: refactor a couple help strings to avoid hitting clang-tidy bugprone-suspicious-missing-comma. 2022-06-23 15:25:23 -05:00
Marco Oliverio fdc4cdf5ec examples: update usage() with DTLSv1.3 version 2022-06-22 18:50:18 +02:00
Marco Oliverio 12a3efeca8 client/server: tolerate WANT_WRITE errors 2022-06-15 10:46:43 -07:00
Marco Oliverio 4e112419f5 examples: client/server: support DTLSv1.3 (-u -v4) 
This commits add some new options to examples/[server,client] to support testing
of DTLS v1.3.

client: add waitTicket option

If this option is used, the client will wait until it receives a sessionTicket
from the server. This is useful when testing DTLS retransmission.

client: add waitKeyUpdate option

When this option is set, the client waits until the UpdateKey message is
acknowledged by the server. This is useful to test DTLS retransmission logic
 2022-06-15 10:46:43 -07:00
Marco Oliverio c1dc90d9b0 server: request cert only once if doing post-handshake auth 2022-06-15 10:46:43 -07:00
David Garske 9cfcdfc7aa
Merge pull request #5149 from julek-wolfssl/store-frags-v2 
Re-use async to support WANT_WRITE while sending fragments
 2022-06-01 10:52:54 -07:00
Sean Parkinson be743b2204 TLS 1.3: send ticket 
Can send a new session ticket any time after handshake is complete with
TLS v1.3.
Added API for server application to do this.
Added tests.
 2022-06-01 10:36:01 +10:00
Juliusz Sosinowicz 6245395f34 Simulate WANT_WRITE only with async I/O support 2022-05-27 23:23:18 +02:00
Juliusz Sosinowicz 50c0b3d2a2 Add testing/docs for blocking write 
- Fix case where message grouping can make CheckAvailableSize return a WANT_WRITE
- CheckAvailableSize in tls13.c will not return a WANT_WRITE since it only does so for DTLS <=1.2
 2022-05-27 21:26:55 +02:00
Daniel Pouzzner c4920021d8 print errors to stderr, not stdout; 
fix whitespace in internal.c;

add missing error handling in examples/server/server.c around recvfrom().
 2022-05-12 13:07:32 -05:00
Juliusz Sosinowicz 44be4e1cc8 Reset ret in client and server after wolfSSL_dtls_got_timeout() 
- Do UDP connect only with simulateWantWrite to accommodate macOS that doesn't like sendto being called on connected UDP sockets
- Call wolfSSL_dtls_get_current_timeout only on a DTLS connection
 2022-05-12 16:48:04 +02:00
Juliusz Sosinowicz 9914da3046 Fix resumption failure and use range in connect state logic 2022-05-12 15:46:08 +02:00
Juliusz Sosinowicz a31b76878f DTLS fixes with WANT_WRITE simulations 
- WANT_WRITE could be returned in unexpected places. This patch takes care of that.
- Change state after SendBuffered only if in a sending state to begin with.
- Adapt client and server to simulate WANT_WRITE with DTLS
 2022-05-12 15:46:08 +02:00
John Safranek 798d81723b
Merge pull request #5128 from rizlik/dtls_bidrectional_shutdown 
Support DTLS bidirectional shutdown in the examples
 2022-05-11 17:00:44 -07:00
Juliusz Sosinowicz 257c55a311 examples: allow bidirectional shutdown in UDP 
This commit allows the examples to perform a bidirectional shutdown also when
using UDP. It is useful to test DTLS retransmission.

Signed-off-by: Marco Oliverio <marco@wolfssl.com>
 2022-05-11 13:27:24 +02:00
Daniel Pouzzner 26673a0f28 where appropriate, use strcmp/strcasecmp, not strncmp/strncasecmp; 
add macro XSTRCASECMP();

update XSTRNCASECMP() for XC32 >= 1.00 to use strncasecmp.
 2022-05-10 12:20:12 -05:00
Marco Oliverio d133fa6143 server: check that the first packet of udp connection is clientHello 
Used to allow for bi-directional shutdown tests with UDP and DTLS
 2022-05-09 13:45:27 +02:00
elms 29392ac6b3 spell fix: OSCP -> OCSP 2022-04-19 15:11:08 -07:00
David Garske dd8fb41f66 Fixes for TLS v1.3 early data with async. 2022-03-11 14:03:46 -08:00
David Garske 3839b0e675 Fixes for building wolfSSL along side openssl. 2022-03-04 12:06:24 -08:00
David Garske 6dd7a289e7 Fix for "set but not used". 2022-02-24 13:43:56 -08:00