WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
22,766 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

2680 Commits (387f36657c0806ca018c2441f093a60215034f1d)

Author SHA1 Message Date
Sean Parkinson 387f36657c Dilithium: Add KATs and fix key generation 
Add KATs from NIST and fix key generation to produce output of KATs.
 2024-07-04 22:22:11 +10:00
JacobBarthelmeh 6409b68b21
Merge pull request #7698 from dgarske/asan_compat_list 
Fix ASAN warning with compatibility layer cipher list parsing
 2024-07-02 17:12:38 -06:00
JacobBarthelmeh a490d4fdf7
Merge pull request #7628 from SparkiDev/alert_after_ch 
TLS: wrong TLS version in alert after ClientHello
 2024-07-02 17:10:24 -06:00
Sean Parkinson 1e3f623ff3 Regression testing: fix compilation for unusual configs 
Disable ECC but have OPENSSL_EXTRA and curve25519 - fix #ifdef
protection in ssl.c.

tests/api.c:
SSL_SESSION_get_max_fragment_length is not available when no session
cache.
ASN1 APIs using generalized time disabled when NO_ASN_TIME defined so
disable tests.
 2024-07-01 21:52:56 +10:00
David Garske 7faf0dccc7 Fix for ASAN warning with compatibility layer lists in `ParseCipherList` and `CheckcipherList` (ZD 18175). Add test case for ASAN to trigger NULL + 1 warning. Cleanup messy `WOLFSSL_TIRTOS` in api.c. 2024-06-28 15:26:40 -07:00
Sean Parkinson 4d56cc1790 Regression testing: memory allocation failure 
Fixes from memory allocation failure testing.
Also:
fix asn.c to have ifdef protection around code compiled in with dual
algorithm certificates.
  fix test_tls13_rpk_handshake() to support no TLS 1.2 or no TLS 1.3.
fix wc_xmss_sigsleft() to initialize the index to avoid compilation
error.
 2024-06-27 17:17:53 +10:00
jordan 394948ce94 Fix Infer issues. 2024-06-24 20:44:33 -05:00
Sean Parkinson a094831e1a Dilithium: C code optimized 
Changes to get best out of 32-bit ARM chips.
Fixes come compile errors when cutting out functions.
WOLFSSL_DILITHIUM_SIGN_CHECK_Y and WOLFSSL_DILITHIUM_SIGN_CHECK_W0 added
to speed up signing. No longer specification conformat when either used.
 2024-06-24 16:37:43 +10:00
David Garske d545253df7
Merge pull request #7594 from JacobBarthelmeh/socat 
Updating socat version support
 2024-06-20 09:17:41 -07:00
Daniel Pouzzner 38c7327660
Merge pull request #7622 from SparkiDev/ml-dsa 
Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87
 2024-06-19 13:32:35 -04:00
Sean Parkinson 3e3a00dafd Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 
Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
 2024-06-19 21:27:01 +10:00
Takashi Kojo 2f379ed322 alloc a buff for NULL pointer 2024-06-18 09:41:11 +09:00
kaleb-himes 20911f254b ECC, DH, GCM, GMAC, CCM and AES updated services 2024-06-12 18:16:33 -04:00
Daniel Pouzzner 202b0a15b4
Merge pull request #7629 from julek-wolfssl/test_wrong_cs_downgrade-clamp 
test_wrong_cs_downgrade: clamp error to exact value
 2024-06-10 18:26:54 -04:00
JacobBarthelmeh b9e5c0252d remove extra asign and use ExpectIntEQ test directly 2024-06-10 16:19:27 -06:00
David Garske e960a00650
Merge pull request #7625 from JacobBarthelmeh/x509 
sanity check on non conforming serial number of 0
 2024-06-07 08:33:38 -07:00
Juliusz Sosinowicz 8c47e8d6f2 test_wrong_cs_downgrade: clamp error to exact value 2024-06-07 11:33:38 +02:00
Sean Parkinson d7d8d14e95 TLS: wrong TLS version in alert after ClientHello 
Ignore protocol version being less than expected when received directly
after ClientHello.
Protocol version negotiation hasn't taken place and a lower version can
be sent to cover minimum supported protocol version.
 2024-06-07 10:42:12 +10:00
JacobBarthelmeh d09f955e6c
Merge pull request #7626 from lealem47/parseServerHello 
Improved fix for TLS1.3 to TLS1.2 client downgrade
 2024-06-06 17:16:30 -06:00
Sean Parkinson c82230324e
Merge pull request #7546 from oltolm/cmake 
cmake: fix generation of options.h
 2024-06-07 08:51:12 +10:00
JacobBarthelmeh 467b3cb561 add parsing 0 serial numbers for certs with python 2024-06-06 16:24:48 -06:00
JacobBarthelmeh 68f52cb49a add test case 2024-06-06 15:06:15 -06:00
Lealem Amedie 7cc0ac14c4 Adding test case 2024-06-06 13:24:07 -06:00
David Garske 60ccaf379d Remove uses of stdint in api.c. 2024-06-06 10:57:46 -07:00
Juliusz Sosinowicz ede8cde8a7 dtls: Increment sequence number in SendAlert 2024-06-04 17:13:04 +02:00
Juliusz Sosinowicz e428c2833b Allow user to send a user_canceled alert 2024-06-04 17:13:04 +02:00
David Garske 1f684e62d6
Merge pull request #7604 from ColtonWilley/explicit_len_pattern_match 
Rewrite pattern matching to use explicit length
 2024-06-03 12:04:12 -07:00
David Garske 43f4ba91da
Merge pull request #7608 from ejohnstown/rsa-add 
Import Raw RSA Private Key
 2024-06-03 09:33:38 -07:00
John Safranek e8e6eaeb4d Import Raw Rsa Key 
1. Add API for importing an RSA private key, `wc_RsaPrivateKeyDecodeRaw()`,
   when all you have are the components of the key in raw arrays. Also
   recalculates dP and dQ if missing.
2. Add API test for `wc_RsaPrivateKeyDecodeRaw()`.
 2024-06-03 09:03:29 -07:00
David Garske 3975af88cf
Merge pull request #7191 from kojo1/ecpoint-h2p 
Add EC_POINT_hex2point
 2024-06-01 07:13:31 -07:00
JacobBarthelmeh 2445fe844a rework get max fragment length 2024-05-31 16:45:50 -06:00
JacobBarthelmeh 2caee1c7c5 add support for spaces around '=' with x509 name print 2024-05-31 15:04:01 -06:00
JacobBarthelmeh ff7626419e add some simple test cases 2024-05-31 15:02:58 -06:00
JacobBarthelmeh 40562a0cb3
Merge pull request #7599 from dgarske/asn_checkcertsig 
Expose `wc_CheckCertSigPubKey` with `WOLFSSL_SMALL_CERT_VERIFY`
 2024-05-31 09:20:35 -06:00
David Garske 0789ecb808 Fix the `CheckCertSignature` API mess. 2024-05-31 06:58:35 -07:00
Colton Willey 447f73c25e Merge branch 'master' of github.com:ColtonWilley/wolfssl into explicit_len_pattern_match 2024-05-30 20:12:16 -07:00
Sean Parkinson fc8a509b06
Merge pull request #7597 from ColtonWilley/max_altnames_and_name_constraints 
Max limits on number of alternative names and name constraints
 2024-05-31 11:24:30 +10:00
Colton Willey f646cbcecb Address review comments, fix handling of . in name matching and add more tests for . handling 2024-05-30 18:03:38 -07:00
Colton Willey af3828b2b7 Rewrite pattern matching to always use explicit lengths instead of expecting NULL terminated strings, thus replicating the behavior of openssl X509_check_host() 2024-05-30 15:33:17 -07:00
JacobBarthelmeh ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
Colton Willey f13a82610c Add flag guard for IGNORE_NAME_CONSTRAINTS 2024-05-29 22:41:36 -07:00
Colton Willey 473de5796c Free ctx before return 2024-05-29 20:52:09 -07:00
Colton Willey 284dea43fe Unify max name testing to use cert files for both cases. 2024-05-29 19:00:15 -07:00
Colton Willey a4544ce2eb Updates to address review comments 2024-05-29 17:54:52 -07:00
Colton Willey b00ae2ac69 Initial implementation of max limits on number of alternative names and name constraints 2024-05-29 15:55:17 -07:00
JacobBarthelmeh 288fe430f5 tying in lean staticmemory build with --enable-staticmemory=small 2024-05-29 15:50:11 -06:00
oltolm 5f46809988 fix compilation of tests with GCC 2024-05-16 18:55:27 +02:00
Juliusz Sosinowicz 12b9367598 test_wolfSSL_check_domain: doesn't work with WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY 2024-05-16 18:20:53 +02:00
Juliusz Sosinowicz d9f7629296 Add grpc support 
- Fix BIO_BIO type
  - Set retry flags correctly
- Add CRL callback
- Copy the alt names instead of trying to share a pointer
- Allow calling wolfSSL_get_servername on client side (to get the requested name)
- Return the chain in wolfSSL_X509_STORE_CTX_get_chain in the correct order
  - Peer first, top CA last
- Fix leak in RebuildFullName
- Add CopyString helper function
- Implement
  - X509_CRL_dup
  - ASN1_UTCTIME_set
  - X509_STORE_CTX_get0_param
  - X509_STORE_get0_param
  - X509_STORE_set_verify_cb
  - X509_STORE_set_get_crl
  - X509_set1_notAfter
  - X509_set1_notBefore
 2024-05-16 18:20:53 +02:00
Sean Parkinson abd1e367a5
Merge pull request #7420 from anhu/cmp_name_case 
When comparing subject names, do not worry about case.
 2024-05-16 09:10:56 +10:00