WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
22,011 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1049 Commits (7d66cc46ff06405a8b50e23bff36d037cd9338ab)

Author SHA1 Message Date
Daniel Pouzzner 7d66cc46ff
Merge pull request #7375 from mrdeep1/fix_rpk 
RPK: Define Certificates correctly for (D)TLS1.2
 2024-04-05 15:48:25 -04:00
JacobBarthelmeh 8b587b563c
Merge pull request #7286 from Frauschi/hybrid_signatures 
Improvements to dual algorithm certificates
 2024-04-03 13:37:16 -06:00
JacobBarthelmeh 75da69911c
Merge pull request #7369 from dgarske/infineon_modustoolbox 
Support for Infineon Modus Toolbox with wolfSSL
 2024-04-02 17:34:07 -06:00
Anthony Hu 6a4d4bf6f1 cks_order is used later; don't let it fall out of scope. 2024-04-01 17:37:03 -04:00
Jon Shallow f2e6f49721 RPK: Define Certificates correctly for (D)TLS1.2 
As per https://datatracker.ietf.org/doc/html/rfc7250#section-3 Figure 1,
the RPK is a single ASN.1_subjectPublicKeyInfo, whereas X509 certificates
etc. are transmitted as a certificate list (even if there is only 1).

This is for (D)TLS1.2 transfers, and this PR fixes this.

As per https://datatracker.ietf.org/doc/html/rfc8446#section-4.4.2 all
certificates (both RPK and Z509) are transferred using a certificate list.

Update examples client to support RPK certificates.

For testing:-
Server:
$ gnutls-serv --http --x509fmtder --priority NORMAL:+CTYPE-CLI-RAWPK:+CTYPE-SRV-RAWPK --rawpkfile certs/server-keyPub.der --rawpkkeyfile certs/server-key.der

Client:
$ examples/client/client -g -p 5556 -c certs/client-keyPub.der -k certs/client-key.der --rpk --files-are-der
 2024-03-28 17:58:02 +00:00
David Garske 2d7f9d1874 Support for Infineon Modus Toolbox with wolfSSL. 2024-03-27 15:37:50 -07:00
Kareem d867405ffb Fix floating point comparison. 2024-03-20 16:03:43 -07:00
Kareem 4d4f4e3f30 Fix potential division by zero in example server. 2024-03-20 15:48:46 -07:00
gojimmypi 9057e8120d Ignore build file warnings for Arduino, update examples 2024-03-13 12:24:00 -07:00
gojimmypi e40eb3c774 Update Arduino examples; add wolfcrypt breadcrumbs. 2024-03-06 15:13:37 -08:00
David Garske 6f88ed0901
Merge pull request #7177 from gojimmypi/PR-Arduino-Update 
Improved Arduino Support: ESP32, Due
 2024-02-13 09:43:42 -08:00
David Garske ca726e97f8 Peer review fixes. 2024-02-03 10:43:46 -08:00
gojimmypi ee0e25de5f Improved Arduino Support, ESP32, Due; (+ code review x2) 2024-02-01 08:31:00 -08:00
David Garske 9e47703402 Template for TLS v1.2 only. 2024-01-31 10:13:31 -08:00
Andras Fekete 4971b9a567 Fix compilation errors about uninitialized variables 
When compiling with '--enable-all CFLAGS=-Og' there were a ton of errors that needed fixing.
 2024-01-25 09:49:30 -05:00
Anthony Hu 9be390250d
Adding support for dual key/signature certificates. (#7112) 
Adding support for dual key/signature certificates with X9.146. Enabled with `--enable-dual-alg-certs` or `WOLFSSL_DUAL_ALG_CERTS`.
 2024-01-18 13:20:57 -08:00
jordan e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
Daniel Pouzzner ff9fee758e examples/client/client.c: fix client_usage_msg undersized array dimension. 2023-12-16 13:22:22 -06:00
Daniel Pouzzner 16c6bd6846 examples/client/client.c and tests/api.c: add missing CloseSocket() calls. 2023-12-14 13:22:27 -06:00
JacobBarthelmeh 1857648d7d
Merge pull request #6976 from embhorn/gh6974 
Fix build errors with dtls1.3 and no tls1.2
 2023-12-04 14:53:35 -07:00
Lealem Amedie e1ac56f2dd Reworking MINGW mutex/threading 2023-11-29 16:45:06 -07:00
Eric Blankenhorn 7223b5a708 Fix spelling warnings 2023-11-22 12:34:56 -06:00
Eric Blankenhorn 7bbeadcf97 Fix build errors with dtls1.3 and no tls1.2 2023-11-15 10:37:09 -06:00
JacobBarthelmeh 2b1c61a013
Merge pull request #6949 from bigbrett/zd16925 
fix WOLFSSL_CALLBACK memory error
 2023-11-08 23:35:32 -07:00
Brett Nicholas ba37dc9933 Fixes bug where example server with WOLFSSL_CALLBACKS hangs when used with 
-6 option (simulated WANT_WRITE errors) or with DTLS, causing make check
to fail
 2023-11-07 11:44:20 -07:00
JacobBarthelmeh c5e2f414ea
Merge pull request #6929 from julek-wolfssl/dtls13-early-data-server-side 
dtls 1.3: allow to skip cookie exchange on resumption
 2023-11-06 13:30:21 -07:00
Juliusz Sosinowicz 8c87920903 Address code review 2023-11-03 11:02:41 +01:00
Daniel Pouzzner d6f37d48d6 examples/asn1/asn1.c: remove now-redundant fclose(fp) in asn1App_ReadFile() (which also was incorrectly closing stdin). see #6905. 2023-11-02 16:14:40 -05:00
lealem47 2ee94023f9
Merge pull request #6937 from dgarske/stm32wl 
Support for the STM32WL55 and PKA improvements for ECC parameters
 2023-11-01 17:44:22 -06:00
David Garske 0dde07e282 Whitespace cleanups (appease multi-test "check-source-text"). 2023-11-01 15:03:12 -07:00
David Garske 33e12e3537 Support for the STM32WL55 and PKA improvements for ECC parameters. Fixes #6386 and Fixes #6396. 2023-11-01 13:55:31 -07:00
JacobBarthelmeh 21f34ef028
Merge pull request #6905 from bandi13/moreCodeSonarFixes 
Don't nag about leaked resources
 2023-11-01 14:46:02 -06:00
Andras Fekete bb9031da6e Remove dead code 2023-11-01 13:30:40 -04:00
jordan 34f349e510 Used codespell and fixed obvious typos. 2023-11-01 10:35:12 -05:00
Juliusz Sosinowicz aed715cb2c dtls 1.3: allow to skip cookie exchange on resumption 
tls 1.3: do cookie exchange when asked too even when found a matching cipher
 2023-10-31 14:29:04 +01:00
Andras Fekete f8f080d7de Don't nag about leaked resources 2023-10-27 15:31:28 -04:00
Daniel Pouzzner 501299bc31 fix null pointer derefs in examples/pem/pem.c:pemApp_ReadFile() and tests/api.c:LoadPKCS7SignedDataCerts() detected by clang-tidy. 2023-10-21 13:34:04 -05:00
JacobBarthelmeh b7b0316ac9 free buffer on error case 2023-10-16 15:04:57 -06:00
JacobBarthelmeh 79a6e1eb04
Merge pull request #6808 from SparkiDev/sp_sm2 
SP updates for SM2
 2023-10-13 10:17:17 -06:00
Sean Parkinson 0cc21a42f3 SP updates for SM2 
Allow wolfSSL to build with SP implementations of SM2.
Updates to SP implementation of other code.
 2023-10-13 08:14:15 +10:00
Juliusz Sosinowicz 85a596e54a DTLS 1.3: allow fragmenting the second ClientHello message 
- DTLS 1.3 pqc support
- Add --enable-dtls-frag-ch option to enable CH fragmenting
- Send an alert when we get an empty keyshare with a cookie present to not allow for multiple HRR in one connection
- Only update the DTLS window when we have successfully processed or stored a message
- Call ssl->chGoodCb as soon as we have processed a verified full or fragmented ClientHello cookie
 2023-10-09 12:54:11 +02:00
David Garske b72d02dd88
Merge pull request #6742 from embhorn/zd16187_2 
Fixes for NO_FILESYSTEM and NO_BIO config
 2023-09-19 11:19:07 -07:00
David Garske e4b211bee9
Merge pull request #6764 from bandi13/zd16449_async 
Zd16449 async
 2023-09-12 08:38:16 -07:00
Andras Fekete d25f4f06bf clang-tidy is being super picky 2023-09-11 16:30:29 -04:00
Andras Fekete c7f5043774 Fixes for the sanitizer 2023-09-11 15:57:20 -04:00
Andras Fekete 57e870e0d4 Add Async examples 2023-09-11 12:05:11 -04:00
kaleb-himes 0fb514fa41 Remove references to WOLFSSL_SP_CACHE_RESISTANT as it is always on 2023-09-07 14:24:51 -06:00
Eric Blankenhorn 7262a30074 Fixes for NO_FILESYSTEM config 2023-08-30 13:54:49 -05:00
Juliusz Sosinowicz c3fea8c930 fixup! client: resend data when didn't receive reply after timeout 2023-08-10 20:14:35 +02:00
Juliusz Sosinowicz e96837aa34 cond: Add start and end API for mutex handling 2023-08-10 18:07:51 +02:00