WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
21,573 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

21573 Commits (9e47703402f6739dfc85cc959577c0e1b09778be)

Author SHA1 Message Date
Andras Fekete 77e8a66ca3 Not cryptocb's job to sanity check input 
Don't need to check parameters at every level
 2023-12-19 15:55:38 -05:00
Andras Fekete 12192b7683 Set result to invalid as first step 2023-12-19 15:54:25 -05:00
Andras Fekete f45ffd8802 Rename variable to keep the names similar across functions 2023-12-19 15:37:58 -05:00
Andras Fekete 9e974027a8 Fix ARIA signing 
Used the wrong function to extract key
 2023-12-19 15:33:28 -05:00
David Garske 41d4f4a972 Fix TLS v1.2 case where SHA-1 could be used uninitialized. Exclude the SHA1 struct from HS_Hashes when not needed. Fixes mix-match of the SHA-1 with `NO_OLD_TLS` and `WOLFSSL_ALLOW_TLS_SHA1`. 2023-12-19 12:30:53 -08:00
David Garske fb5eab8f79 Fix one shot hash routines to attempt offloading to crypto callbacks. Fix random.c health test to use devId. Fix FIPS unused "ssl". 2023-12-19 11:20:56 -08:00
David Garske 2001d1c74b Fixes for TLS v1.3 with crypto callbacks not offloading DeriveKeyMsg, KDF HMAC and ECH. 2023-12-19 08:15:58 -08:00
David Garske 66596ad9e1
Merge pull request #7075 from cconlon/v5.6.6-prep 
5.6.6 version bump and README changes
 2023-12-18 19:14:18 -08:00
gojimmypi 07a5566c52 Add wolfcrypt SHA support for ESP32-C2, other minor updates 2023-12-18 17:35:43 -08:00
David Garske 90748b5f61 Remove the SHA1-/SHA2-256 auto devId selection `devId = wc_CryptoCb_GetDevIdAtIndex(0);` 2023-12-18 17:14:58 -08:00
David Garske 8b203719d3 Add support for using `devId` with one-shot hash functions. 2023-12-18 17:14:43 -08:00
David Garske d5e83310b6 Fix typo with HMAC determination of update/final. 2023-12-18 17:11:33 -08:00
David Garske 205403ebb2 Add more information in the `DEBUG_CRYPTOCB`. 2023-12-18 17:11:16 -08:00
Lealem Amedie dd55cdbea8 Initialize variables to NULL 2023-12-18 16:51:51 -07:00
Chris Conlon 5046e577d3 update ChangeLog/README with 5.6.6 release information 2023-12-18 15:24:14 -07:00
Chris Conlon a003338a88 bump version to 5.6.6 2023-12-18 12:16:34 -07:00
philljj 4e081960d3
Merge pull request #7078 from douzzer/20231218-AddSessionToClientCache-round-2 
20231218-AddSessionToClientCache-round-2
 2023-12-18 13:15:52 -06:00
Daniel Pouzzner 7eed28fbe0 src/ssl.c: in AddSessionToClientCache(), remove benign frivolous assignment, and fix so that ret is assigned only if no error. 2023-12-18 11:15:28 -06:00
Chris Conlon 3e483f32a4
Merge pull request #7076 from douzzer/20231216-client_usage_msg-array-length 
20231216-client_usage_msg-array-length
 2023-12-18 09:30:49 -07:00
gojimmypi da644c7be3 wolfSSL_NewThread() type update for Espressif FreeRTOS 2023-12-17 11:59:42 -08:00
Daniel Pouzzner ff9fee758e examples/client/client.c: fix client_usage_msg undersized array dimension. 2023-12-16 13:22:22 -06:00
Tobias Frauenschläger 8a89470422 Fix for liboqs on zephyr 
When using WolfSSL on zephyr, we need POSIX names for networking systems
calls. This can either be enabled with CONFIG_NET_SOCKETS_POSIX_NAMES or
with CONFIG_POSIX_API. This commit enables support for the latter.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:26 +01:00
Tobias Frauenschläger 0780fd9719 liboqs: add RNG support for sphincs 
Added a RNG argument to the wc_sphincs_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:26 +01:00
Tobias Frauenschläger 85c40b1728 liboqs: add RNG support for falcon 
Added a RNG argument to the wc_falcon_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:26 +01:00
Tobias Frauenschläger ec86a86096 liboqs: add RNG support for dilithium 
Added a RNG argument to the wc_dilithium_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:26 +01:00
Tobias Frauenschläger 755c385b1f Liboqs: use WolfSSL RNG 
Improve the interface to liboqs by properly configuring and using the
RNG provided by WolfSSL from within liboqs.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:25 +01:00
Tobias Frauenschläger d31e2c3581 Added PQC support for the Zephyr port using liboqs 
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2023-12-16 12:40:25 +01:00
Chris Conlon 64e48deb0e
Merge pull request #7074 from douzzer/20231215-srtp-cleanup 
20231215-srtp-cleanup
 2023-12-15 14:31:32 -07:00
Daniel Pouzzner ef14176b7f SRTP fixes: 
* in wolfssl/ssl.h, add missing arg names to wolfSSL_CTX_set_tlsext_use_srtp(), wolfSSL_set_tlsext_use_srtp(), and wolfSSL_export_dtls_srtp_keying_material();
* in wolfcrypt/src/kdf.c, call wc_AesFree if and only if wc_AesInit() succeeded;
* in src/ssl.c:DtlsSrtpSelProfiles(), fix bugprone-inc-dec-in-conditions;
* in tests/suites.c:execute_test_case(), fix several -Wdeclaration-after-statement and -Wmissing-field-initializers;
* in wolfcrypt/test/test.c, fix a shiftTooManyBitsSigned warning in srtpkdf_test(), and fix a typo (kaSz/ksSz).
 2023-12-15 14:06:36 -06:00
Daniel Pouzzner 8f2a48c676
Merge pull request #7073 from julek-wolfssl/move-mutex-init 
Move the mutex initializer into the appropriate existing section
 2023-12-15 12:17:37 -05:00
Chris Conlon 62b3ca5fb5
Merge pull request #7071 from douzzer/20231214-WOLF_CRYPTO_CB-not-WC_AESFREE_IS_MANDATORY 
20231214-WOLF_CRYPTO_CB-not-WC_AESFREE_IS_MANDATORY
 2023-12-15 09:25:48 -07:00
Juliusz Sosinowicz 57355f357e Move the mutex initializer into the appropriate existing section 2023-12-15 10:03:06 +01:00
Daniel Pouzzner 7ebbb927f3 wolfssl/wolfcrypt/aes.h: don't set WC_AESFREE_IS_MANDATORY for WOLF_CRYPTO_CB -- free is only needed when callbacks are both installed and used. 2023-12-14 18:09:39 -06:00
Chris Conlon 2ffc818c28
Merge pull request #7069 from douzzer/20231213-misc-fixes 
20231213-misc-fixes
 2023-12-14 15:18:12 -07:00
David Garske 4b771a9b28 Document new macro and rename to: `NO_TIME_SIGNEDNESS_CHECK` 2023-12-14 13:58:29 -08:00
Chris Conlon 27c6ee4d05
Merge pull request #7068 from SparkiDev/srtp_kdf_label 
SRTP/SRTCP KDF: add APIs that derives one key from a label
 2023-12-14 14:54:58 -07:00
Chris Conlon fb6b022f42
Merge pull request #7020 from SparkiDev/ecc_gen_k_by_reject 
ECC: generate values in range of order by rejection
 2023-12-14 14:54:39 -07:00
David Garske 8b048bc246 Disable the old TI workarounds. Enable support for CCM. 2023-12-14 13:50:03 -08:00
David Garske f2e4360f8d Spelling fixes. 2023-12-14 12:15:32 -08:00
David Garske 1cf87ce0c9 Spelling fix. 2023-12-14 12:14:30 -08:00
Chris Conlon f6ef58dbc2
Merge pull request #7064 from philljj/fix_infer_issues 
Fix issues from infer diff report.
 2023-12-14 12:27:34 -07:00
Daniel Pouzzner 64e4796ed6 wolfssl/wolfcrypt/wc_port.h: add definition for WOLFSSL_MUTEX_INITIALIZER, currently only #ifdef WOLFSSL_PTHREADS. 
src/ssl.c: refactor dynamics of count_mutex, count_mutex_valid, and initRefCount, to be intrinsically race-free on pthreads builds, and to be always race-free for callers that call wolfSSL_Init() first, then wait for return before any other wolfSSL calls, and call wolfSSL_Cleanup() at most as many times as wolfSSL_Init().

also, in AddSessionToClientCache(), move final access to ClientCache inside the lock-protected span, to mollify Coverity.
 2023-12-14 13:22:27 -06:00
Daniel Pouzzner 16c6bd6846 examples/client/client.c and tests/api.c: add missing CloseSocket() calls. 2023-12-14 13:22:27 -06:00
Chris Conlon 1b76f6d56b
Merge pull request #7065 from miyazakh/fix_ra6m3 
fix benchmark compile error
 2023-12-14 09:15:32 -07:00
Sean Parkinson 659a245b27 SRTP/SRTCP KDF: add APIs that derives one key from a label 
Added more generic APIs that derive a single key with a label.
Added defines for label values and index lengths.
 2023-12-14 14:45:35 +10:00
Hideki Miyazaki 3af91c265b
remove tab 2023-12-14 11:16:36 +09:00
David Garske 0bc244962a Fixes for TI AES GCM and GMAC. 2023-12-13 17:32:45 -08:00
David Garske c021e3e85d
Merge pull request #7066 from cconlon/v5.6.6-fixes 
Fixes from release prep testing, example certificate updates
 2023-12-13 17:00:45 -08:00
Chris Conlon d0aa80eb37 update example/test certs for end of year release 2023-12-13 16:41:59 -07:00
Chris Conlon a14a1bf467 define WOLFSSL_AES_DIRECT in configure.ac with --enable-aes-bitsliced 2023-12-13 16:41:59 -07:00