- Mark old epochs as invalid so we don't attempt to decrypt with them
- Return a non-zero value if possible in unit tests
- Move Dtls13CheckAEADFailLimit to dtls13.c
- Reset state in processreply
wolfSSL_clear: check return from InitSSL_Suites() call.
TLS13: check ClientHello cipher suite length is even.
Silently remove duplicate cipher suites from user input.
Add tests of duplicate cipher suite removal.
Handle multiple instances of the same cipher suite being in the server's
list.
Fix client order negotiation of cipher suite when doing pre-shared keys.
- Use WOLF_SK_COMPARE_CB() to generate the correct types instead of using void* for the callback parameters.
- Remove WOLFSSL_STACK.comp entirely since it is not used anywhere. Ignore input parameters that used to set this member.
This function would only accept the string "SHA" for SHA-1-based HMAC, but it
should also accept "SHA1." This is similar to how wolfSSL_EVP_get_digestbyname
allows both "SHA" and "SHA1." We didn't have a test for this in api.c. I added
one, and it failed before my fix here.
Don't reserve the full message length of memory. Instead we only allocate memory for the fragments that we have already received. We also dynamically combine memory fragments when we receive overlap.
- wire the wc_ChaCha_* implementation into the EVP API
as `wolfSSL_EVP_chacha20`
- follow IV conversions of OpenSSL
- add test case
- have QUIC support use this for header protection when
CHACHA20_POLY1305 has been negotiated in the handshake.
Ed25519 and Ed448 make public key APIs now check whether the private key
was set.
The private key and public key flags setting and clearing also updated.
Testing of unset private key and calling make public key added for
Ed25519 and Ed448.
Detect when certificate's RSA public key size is too big and fail on
loading of certificate.
Fix unit test to only attempt to use 3072 bit RSA-PSS keys when
RSA_MAX_SIZE supports it.
* Add test case for OpenSSLs capability to init a evp context partially in several calls.
* EVP handling of CHACHA20_POLY1305 improvment
- save key at ctx for Init()s without IV
- reuse stored key for Init()s with new IV, reusing ctx
- free and zero key on ctx clenaup
* Adding type cast to XMALLOC to force compiler compatibility.
* EVP: using same DYNAMIC_TYPE in alloc and free of chacha20_poly1305 key.
Co-authored-by: Stefan Eissing <stefan.eissing@greenbytes.de>
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;
in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;
in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
This function was just freeing the stack object itself of GENERAL_NAMES with
wolfSSL_sk_free, but this doesn't free the data in the items of the stack. The
fix is to replace wolfSSL_sk_free with wolfSSL_sk_GENERAL_NAME_free.
1. In api.c, change the name of the devId global to testDevId.
2. In api.c, for the SNI test, some of the pointers were multiply
typecast eventually to `void **`. An older compiler didn't like
that. Just use void pointer.
Marco Oliverio
David Garske
Juliusz Sosinowicz
JacobBarthelmeh
Sean Parkinson
Hayden Roche
Stefan Eissing
Stanislav Klima
Stefan Eissing
Daniel Pouzzner
John Safranek
Lealem Amedie