Commit Graph

11159 Commits

Author SHA1 Message Date
toddouska 06c6e583c8 Merge pull request #2891 from julek-wolfssl/refactor-evp-functions
Move EVP functions to evp.c
2020-04-14 09:22:51 -07:00
toddouska a2892f66c0 Merge pull request #2889 from JacobBarthelmeh/SanityChecks
sanity check on input length before secure renegotiation compare
2020-04-14 09:21:29 -07:00
Juliusz Sosinowicz dad0bc0159 Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions 2020-04-14 12:52:23 +02:00
Sean Parkinson 416f0775d3 Merge pull request #2900 from dgarske/sp_no_malloc
Added option to build SP small without malloc
2020-04-14 09:40:11 +10:00
toddouska 3cb0c600ba Merge pull request #2894 from SparkiDev/ecc_cr_fix
Change constant time and cache resistant ECC mulmod
2020-04-13 16:36:22 -07:00
JacobBarthelmeh f309173518 Merge pull request #2899 from embhorn/zd9564
Adding check for invalid SAN ext with no entries
2020-04-13 15:31:06 -06:00
toddouska ee0289bea6 Merge pull request #2825 from julek-wolfssl/self-include-options
OpenVPN changes
2020-04-13 13:11:18 -07:00
toddouska aadec345ab Merge pull request #2871 from vaintroub/master
Fix clang warnings (issue #2870)
2020-04-13 09:02:51 -07:00
David Garske 1f5a7bffaa Build fixes for WOLFSSL_NO_MALLOC in wolfCrypt test. 2020-04-13 07:39:06 -07:00
David Garske b01ce168ea Fixes for SP small with no malloc in sp_256_ecc_mulmod_10 and sp_384_ecc_mulmod_15. 2020-04-13 07:19:06 -07:00
toddouska 4748254b60 Merge pull request #2896 from embhorn/zd9916
Fix wc_KeyPemToDer with PKCS1 and empty key
2020-04-10 15:38:07 -07:00
David Garske d412ccb6f8 Added new option WOLFSSL_SP_NO_MALLOC for building small SP without malloc. Added SP documentation. Added ./configure --enable-sp=yes,nomalloc supprt. https://github.com/wolfSSL/scripts/pull/79 2020-04-10 11:13:55 -07:00
Eric Blankenhorn 8644fdca7d Update from review 2020-04-10 08:29:31 -05:00
Sean Parkinson ffd06e359f Change constant time and cache resistant ECC mulmod
Ensure points being operated on change to make constant time.
2020-04-10 09:28:20 +10:00
toddouska 0a40bbe2a9 Merge pull request #2897 from ejohnstown/omit-omit
Omit -fomit-frame-pointer from CFLAGS
2020-04-09 16:01:34 -07:00
toddouska cf8459e518 Merge pull request #2892 from SparkiDev/cppcheck_fixes_4
Fixes from cppcheck
2020-04-09 16:01:11 -07:00
Eric Blankenhorn 7d82c4e3f2 Adding check for invalid SAN ext with no entries 2020-04-09 16:49:52 -05:00
Eric Blankenhorn c3e0575914 Fix from review 2020-04-09 12:52:32 -05:00
Juliusz Sosinowicz f6b9b2e0eb Remove redundant guards 2020-04-09 18:26:23 +02:00
toddouska 2bf9dc4037 Merge pull request #2895 from dgarske/qat_tls13
Fix for asynchronous TLS v1.3 issue
2020-04-09 09:25:36 -07:00
Juliusz Sosinowicz 9cbbd164e0 Fix test errors 2020-04-09 14:54:09 +02:00
Sean Parkinson 6621465433 Merge pull request #2890 from JacobBarthelmeh/Testing
set ChaCha counter state for TLS 1.3 AEAD
2020-04-09 10:28:50 +10:00
John Safranek 7a6de91296 Omit -fomit-frame-pointer from CFLAGS. 2020-04-08 14:06:11 -07:00
Eric Blankenhorn 4d6e33b1dd Fix wc_KeyPemToDer with PKCS1 and empty key 2020-04-08 11:34:24 -05:00
toddouska 97d798743a Merge pull request #2893 from SparkiDev/tls13_capable_fix
Another place where TLS 1.3 capable check is required
2020-04-08 09:09:19 -07:00
David Garske 5e5af8e93a Fix for asynchronous TLS v1.3 issue where connect or accept state is incorrectly advanced when there is data to queued to send. 2020-04-08 07:26:21 -07:00
Sean Parkinson 7001599782 Another place where TLS 1.3 capable check is required 2020-04-08 11:36:47 +10:00
Sean Parkinson 411aee6e05 Fixes from cppcheck
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
2020-04-08 09:46:22 +10:00
toddouska 9e08efe8e0 Merge pull request #2885 from SparkiDev/sp_x64_ecc_tweak
Tweak the SP x86_64 ECC assembly
2020-04-07 14:27:12 -07:00
toddouska 6e8d3f224d Merge pull request #2888 from SparkiDev/tls13_down_rand
Fix downgrade fixed random to match spec
2020-04-07 14:22:07 -07:00
toddouska 690b546260 Merge pull request #2887 from dgarske/nodir
Fix for building with `NO_WOLFSSL_DIR`
2020-04-07 14:14:34 -07:00
toddouska b6f98a3cde Merge pull request #2886 from kaleb-himes/ZD10106
Avoid leak when HAVE_AESGCM and NO_AES_DECRYPT. Thanks to G.G. on ZD …
2020-04-07 14:13:43 -07:00
Juliusz Sosinowicz 4c0ea10e45 Move EVP functions to evp.c 2020-04-07 22:36:50 +02:00
toddouska ebcf86070d Merge pull request #2883 from miyazakh/esp_aescounter
add aes counter on esp32
2020-04-07 13:24:53 -07:00
toddouska 77b75ef3a2 Merge pull request #2881 from dgarske/ecc_asn
Fixes for building ECC without ASN
2020-04-07 13:09:37 -07:00
toddouska dec111722f Merge pull request #2880 from SparkiDev/tls_csr_ext_empty
GNU TLS server sends empty CSR extension
2020-04-07 13:08:21 -07:00
toddouska c002df4cce Merge pull request #2879 from ejohnstown/dtls-fix
DTLS Fix
2020-04-07 13:07:30 -07:00
toddouska 154dd552e9 Merge pull request #2877 from SparkiDev/tls_hmac_trunc
Allow use of truncated HMAC with TLS_hmac checking
2020-04-07 13:06:36 -07:00
toddouska 65cf5a0d46 Merge pull request #2802 from embhorn/zd9764
Fix for bidirectional shutdown
2020-04-07 13:03:54 -07:00
toddouska f742693062 Merge pull request #2867 from SparkiDev/aes-ccm-aesni
For CCM using AES-NI, do 4 blocks at a time if possible
2020-04-07 13:03:23 -07:00
toddouska 4a4f383485 Merge pull request #2842 from julek-wolfssl/set_curve_groups_list
Check length to avoid XSTRNCMP accessing  memory after `list`
2020-04-07 13:02:18 -07:00
Jacob Barthelmeh bf332b459b set ChaCha counter state for TLS 1.3 AEAD 2020-04-07 10:36:23 -06:00
Jacob Barthelmeh 1ce0268477 sanity check on input length before secure renegotiation compare 2020-04-07 10:10:03 -06:00
Sean Parkinson e6affa386f Fix downgrade fixed random to match spec 2020-04-07 09:42:08 +10:00
David Garske 31ea4b388c Fix for building with NO_WOLFSSL_DIR when compatibility layer is enabled. ZD 10117. 2020-04-06 10:33:16 -07:00
kaleb-himes 4ec0591e45 Avoid leak when HAVE_AESGCM and NO_AES_DECRYPT. Thanks to G.G. on ZD #10106 for the report 2020-04-06 09:43:24 -06:00
Juliusz Sosinowicz 06f23223e4 Allow wolfSSL to include options.h with EXTERNAL_OPTS_OPENVPN header 2020-04-06 15:06:15 +02:00
Sean Parkinson 9c67bc2864 For CCM using AES-NI, do 4 blocks at a time if possible 2020-04-06 11:11:28 +10:00
Sean Parkinson 7dad0d3965 Tweak the SP x86_64 ECC assembly
Put back fixes undone in previous commits:
 - Fix casting warning in SP when mp_digit < sp_digit
 - SP fix check for NULL in EC point_new
2020-04-06 11:02:30 +10:00
Hideki Miyazaki 302e1d6818 add aes counter on esp32 2020-04-04 14:04:44 +09:00