Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes and refactor for static ephemeral key support #4522

Merged
merged 6 commits into from
Nov 9, 2021
Merged

Fixes and refactor for static ephemeral key support #4522

merged 6 commits into from
Nov 9, 2021

Conversation

dgarske
Copy link
Contributor

@dgarske dgarske commented Nov 1, 2021
edited

  • Added x448 static ephemeral support.
  • Refactor of the static ephemeral key internals and addition of mutex protection.
  • Fix for possible use after free if loaded in CTX and used in SSL then reloaded in CTX.
  • Fix to allow calls to get TLS session random even if wolfSSL_KeepArrays has not been called.
  • Eliminate EIGHTK_BUF use in asn.
  • Cleanup uses of 0 in set_verify for callback.

@dgarske dgarske self-assigned this Nov 1, 2021
@dgarske dgarske assigned SparkiDev and unassigned dgarske Nov 2, 2021
SparkiDev
SparkiDev requested changes Nov 2, 2021
View reviewed changes
src/ssl.c Outdated Show resolved Hide resolved
@dgarske dgarske assigned dgarske and unassigned SparkiDev Nov 2, 2021
@dgarske dgarske assigned SparkiDev and unassigned dgarske Nov 5, 2021
@dgarske dgarske mentioned this pull request Nov 8, 2021
Merged
@anhu
Copy link
Member

anhu commented Nov 8, 2021
edited

Got this building on Linux.

./configure --enable-sniffer --enable-all  CFLAGS="-DWOLFSSL_DH_EXTRA"

src/sniffer.c: In function ‘SetupKeys’:
src/sniffer.c:2722:12: error: ‘ret’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
 2722 |         if (ret == 0 && keyBuf == NULL) {
      |            ^

make check also fails:

FAIL: scripts/ocsp.test
FAIL: scripts/ocsp-stapling.test
FAIL: scripts/ocsp-stapling2.test
FAIL: scripts/unit.test

@SparkiDev
Copy link
Contributor

Configuration fails unit.test:
./configure --enable-sniffer --enable-curve448

@SparkiDev SparkiDev assigned dgarske and unassigned SparkiDev Nov 9, 2021
@dgarske
Copy link
Contributor Author

dgarske commented Nov 9, 2021

Configuration fails unit.test:
./configure --enable-sniffer --enable-curve448

@SparkiDev : Thank you for finding that! Very good bug report with this PR. Ready for another review pass once Jenkins is done.

@dgarske dgarske assigned SparkiDev and unassigned dgarske Nov 9, 2021
@SparkiDev SparkiDev merged commit 8e0fdc6 into wolfSSL:master Nov 9, 2021
@dgarske dgarske deleted the static_eph branch November 9, 2021 23:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SparkiDev SparkiDev SparkiDev approved these changes

Assignees

@SparkiDev SparkiDev

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dgarske @anhu @SparkiDev