wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 23:32:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,993 Commits 12 Branches 184 Tags
000fc64f272fb0fbfae37ea6daefda8658680a62
Commit Graph

9993 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
000fc64f27 Fixes from overnight build failures 
ssl.c: Certificate store fields freed without being NULLed and then
freed again.
integer.c: Compiler complained that a->dp may be NULL in mp_set_bit when
setting bit.
pkcs12.c: ret is zero after GetLength and this is an error but data is
freed only when ret != 0.
pkcs7.c: derArr was not zeroized for full allocated size.
 2019-09-16 10:21:08 +10:00
toddouska
9d69f17f17 Merge pull request #2468 from tmael/RSA_inline 
Fix for RSA inline
 2019-09-13 13:46:33 -07:00
toddouska
9d3d170411 Merge pull request #2456 from dgarske/freedom_unleashed 
Support for SiFive HiFive Unleashed board
 2019-09-13 11:58:11 -07:00
toddouska
40fc86dfd2 Merge pull request #2464 from SparkiDev/rshift_neg 
Use constant time comparison in MaskMac with scanStart and macStart
 2019-09-13 11:56:12 -07:00
toddouska
a2d3da2831 Merge pull request #2463 from ejohnstown/maintenance-dtls 
Maintenance DTLS
 2019-09-13 11:53:20 -07:00
toddouska
6894dde4e9 Merge pull request #2460 from dgarske/debug_buffer 
Improvements to `WOLFSSL_BUFFER` function
 2019-09-13 11:49:20 -07:00
John Safranek
b70f22e21a 1. Use the session deallocator on the deserialized session in the client. 
2. Free the flatten session if the size check fails.
 2019-09-12 16:04:34 -07:00
Chris Conlon
09541082d6 Merge pull request #2416 from kojo1/OCSP-error 
Detail error code
 2019-09-12 16:51:34 -04:00
Tesfa Mael
4e62d1f509 Fix for RSA inline 2019-09-11 22:57:54 -07:00
John Safranek
c27a4b3865 TLS Maintenance 
When serializing the WOLFSSL_SESSION, serialize everything.
 2019-09-11 16:44:54 -07:00
John Safranek
852d50adcf DTLS Maintenance 
To go with the fix for the functions wolfSSL_(i2d|d2i)_SSL_SESSION,
modify the example client to use a serialized session record for
resumption instead of the direct reference into the session cache. This
change only happens when OPENSSL_EXTRA and HAVE_EXT_CACHE are defined.
 2019-09-11 15:29:57 -07:00
Sean Parkinson
2a1a9f36cc Use constant time comparison in MaskMac with scanStart and macStart 
Right shift of a negative value is undefined.
Add an 'int' return version of constant time greater than equal.
Change equal and not equal to be constant time in more situations.
 2019-09-11 10:57:23 +10:00
David Garske
ed06f34f55 Updated benchmarks running at 1.5GHz (default is 1 GHz). 2019-09-10 16:09:18 -07:00
John Safranek
22c398494e DTLS Maintenance 
The options to switch on and off the code to serialize/deserialize items
in the struct need to match the options for the struct.
(ZD5130, ZD5590)
 2019-09-10 16:01:48 -07:00
John Safranek
e93e3b60da DTLS Maintenance 
Allow the DTLS server to retransmit a stored flight of messages in an additional acccept state.
(ZD5644)
 2019-09-10 11:51:38 -07:00
David Garske
def36ddfe8 Added instructions for installing Debian on Unleashed board. 2019-09-10 09:16:35 -07:00
David Garske
66b76a4420 Improvements to WOLFSSL_BUFFER function to eliminate recursive call and use snprintf for string safety. Adds support for build-time change of LINE_LEN. 2019-09-10 08:57:35 -07:00
David Garske
645f8ddd31 Update RISC 64-bit detection to use __riscv_xlen. 2019-09-10 07:47:28 -07:00
toddouska
99252cc936 Merge pull request #2399 from dgarske/ovs 
Compatibility changes for OpenVSwitch
 2019-09-09 16:02:27 -07:00
David Garske
95d3289fa2 Merge pull request #2437 from kaleb-himes/ZD_5546_IAR_CC_CHECK 
Fix failing IAR builds, thanks to Joseph C. for the report
 2019-09-09 11:42:19 -07:00
David Garske
ab5c12fd17 Added parenthesis around types.h pointer size macro. 2019-09-09 09:01:18 -07:00
David Garske
c0317ad198 Fix to only expose SSL_want when OPENSSL_EXTRA is defined. 2019-09-09 08:07:30 -07:00
David Garske
342d03a294 Added SSL_want. 2019-09-09 08:07:30 -07:00
David Garske
2cf26a1353 Compatibility changes for OpenVSwitch. 2019-09-09 08:07:30 -07:00
julek-wolfssl
c52801754c Fips ready (#2422) 
* Changes to update stunnel support

* Required additions for building fips-ready with speedups

* Fix SetASNIntRSA
 2019-09-09 02:47:02 -07:00
julek-wolfssl
02419e248f Fix clang 3.8 arm (#2449) 
* Fix 'value size does not match register size' error in clang with arm assembly

* More readable casting
 2019-09-09 02:46:48 -07:00
julek-wolfssl
4c88d94d13 Chacha20 and poly1305 without x18 (#2454) 
* Remove use of x18 and organize new optimizations

* Fix invalid operand
 2019-09-08 16:03:04 -07:00
Sean Parkinson
afb15f6521 Merge pull request #2455 from JacobBarthelmeh/HardwareAcc 
change detection of AESNI support to read bit 25 from ECX
 2019-09-09 08:29:00 +10:00
David Garske
ebe99cf5ef Support for SiFive HiFive Unleashed board. 2019-09-06 16:04:34 -07:00
toddouska
37328544ad Merge pull request #2453 from SparkiDev/armv8_x18 
ARM64 assembly - x18 not able to be used
 2019-09-06 15:45:02 -07:00
toddouska
85b123046b Merge pull request #2377 from SparkiDev/sha2_cs_oldtls 
Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes
 2019-09-06 15:41:15 -07:00
Sean Parkinson
3e12d260b8 ARM64 assembly - x18 not able to be used 
Fix Curve25519/Ed25519, SHA-512 and SP code to not use x18.
 2019-09-06 15:49:24 +10:00
Sean Parkinson
a975ba9e97 Disallow SHA-2 ciphersuites from TLS 1.0 and 1.1 handshakes 2019-09-06 09:31:14 +10:00
Jacob Barthelmeh
171902f1fb change detection of AESNI support to read bit 25 from ECX 2019-09-05 17:02:44 -06:00
David Garske
1785089798 Merge pull request #2433 from kaleb-himes/ZD_5602_MINGW_XSNPRINTF 
Resolve XSNPRINTF unconditional use in asn.c breaking mingw32 builds
 2019-09-05 11:37:21 -07:00
toddouska
d6685edfa0 Merge pull request #2440 from SparkiDev/tlsfuzzer_fixes 
Fixes for fuzz testing
 2019-09-05 09:01:10 -07:00
toddouska
eaeaaf12c1 Merge pull request #2446 from SparkiDev/gplusplus_fix_1 
Fixes for g++ compilation
 2019-09-04 16:28:42 -07:00
toddouska
bf7296aefb Merge pull request #2438 from SparkiDev/armv8-poly1305-clang 
Fix ARMv8 Poly1305 inline assembly code to compile with clang 3.5
 2019-09-04 16:28:02 -07:00
Sean Parkinson
56df8162bd Fixes for g++ compilation 2019-09-04 10:09:36 +10:00
toddouska
b35fd4f1aa Merge pull request #2441 from JacobBarthelmeh/UnitTests 
strncpy gcc warning fixes
 2019-09-03 15:44:10 -07:00
toddouska
0927f93b07 Merge pull request #2442 from JacobBarthelmeh/HardwareAcc 
build fix for aesccm + devcrypto=cbc + wpas and afalg
 2019-09-03 15:42:41 -07:00
toddouska
b19e785c2c Merge pull request #2418 from dgarske/sha3_keccak256 
Added support for older KECCAK256
 2019-09-03 15:42:05 -07:00
toddouska
492ce6ac91 Merge pull request #2414 from dgarske/pkcs8_asn1 
Added support for loading a PKCS8 ASN.1 formatted private key
 2019-09-03 15:36:31 -07:00
Sean Parkinson
46790080a7 Fix ARMv8 Poly1305 inline assembly code to compile with clang 3.5 2019-09-02 09:52:25 +10:00
Sean Parkinson
60befc82c5 Fixes for fuzz testing 
Changes
- Don't ignore decryption errors when doing TLS 1.3 and after Client
Finished.
- Put out an alert when TLS 1.3 decryption fails.
- Properly ignore RSA pss_pss algorithms when checking for matching
cipher suite.
- Check X25519 public value before import in TLS v1.2-
- REcognise TLS 1.3 integrity-only cipher suites as not negotiable with
TLS 1.2-.
- Send decode_error alert when bad message data in CertificateVerify.
- Negotiate protocol version in TLS 1.3 using extension and keep
decision when using TLS 1.2 parsing.
- Must have a signature algorithms extension in TLS 1.3 if not doing
PSK.
- More TLS v1.3 alerts.
- MAX_PSK_ID_LEN needs to be modified at compile time for tlsfuzzer to
work.
- change the good ecc public key to be a real public key when compiled
to check imported public keys
- Fix early data in TLS 1.3
- Make max early data size able to be changed at compile time - default
4K but fuzzer sends 16K
- Fix HRR, PSK and message hashes: Don't initialize hashes in parsing
ClientHello as need to keep hash state from previous ClientHello and
HelloRetryRequest
 2019-09-02 08:58:14 +10:00
Jacob Barthelmeh
9fd38dc340 build fix for aesccm + devcrypto=cbc + wpas and afalg 2019-08-30 16:15:48 -06:00
Jacob Barthelmeh
2a750cd18d strncpy gcc warning fixes 2019-08-30 13:34:51 -06:00
toddouska
ef20276ab5 Merge pull request #2424 from SparkiDev/enc_then_mac 
Add support for Encrypt-Then-MAC to TLS 1.2 and below
 2019-08-30 11:09:04 -07:00
toddouska
adc548fc61 Merge pull request #2428 from ejohnstown/ecckey-test-fix 
Fix ECC key decode test
 2019-08-30 11:07:00 -07:00
toddouska
347a859ffc Merge pull request #2435 from JacobBarthelmeh/SanityChecks 
sanity check on ticket encrypt callback
 2019-08-30 10:18:58 -07:00