8161dfe3aa
Fix for GCC9 warning.
...
```
src/tls.c:201:13: note: in expansion of macro 'XSTRNCMP'
201 | if (XSTRNCMP((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0)
| ^~~~~~~~
In file included from src/tls.c:33:
./wolfssl/internal.h:4312:19: note: referenced argument declared here
4312 | static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
| ^~~~~~
```
2020-05-04 15:07:28 -07:00
174b4d5159
Cleanup of SP with small stack. Expand support for WOLFSSL_SP_NO_MALLOC. Fix for evp.c when included directly.
2020-05-04 14:23:32 -07:00
df067b6781
Merge pull request #2919 from kaleb-himes/ZD10194
...
Fix for Freescale common examples that predated hardening warning
2020-05-04 13:43:07 -06:00
62d67c3da1
Don't need if not using TLS 1.2
2020-05-04 12:54:36 -06:00
da01961254
Merge pull request #2939 from JacobBarthelmeh/SanityChecks
...
sanity check on PemToDer type
2020-05-04 11:26:33 -07:00
d848495a66
Merge pull request #2937 from dgarske/wolfio_tcpcon_fd
...
Fix issue with failed TCP connect using invalid socket file descriptor
2020-05-04 11:22:54 -07:00
8e0f5ef8ce
Fixes for WOLFSSL_SP_CACHE_RESISTANT with small stack.
2020-05-04 11:22:12 -07:00
c28ad38b16
Fix for cast issue caused by PR #2900 . Applies to WOLFSSL_SP_CACHE_RESISTANT and c32/c64 versions only.
2020-05-04 10:49:59 -07:00
082e51d778
check on length of unwrap before memmove
2020-05-04 10:32:05 -06:00
9f735b4d6e
sanity check on PemToDer type
2020-05-01 16:41:18 -06:00
3944c8eb73
Merge pull request #2935 from ejohnstown/hush-tfm
...
Hush TFM Warnings
2020-05-01 08:26:42 -07:00
31502ec3f9
Fix issue with failed TCP connect using invalid socket file descriptor on close. Fixes #2936
2020-05-01 07:32:00 -07:00
b6bd86d2b1
TFM Warnings
...
When building in VS, the MSC will complain about some constants getting
implicitly promoted to 64-bit. Added some type-casts to hush the warnings.
2020-04-30 19:43:18 -07:00
f772bc8d9a
Merge pull request #2923 from dgarske/pic32mz
...
Fixes for PIC32MZ crypto hardware cache and large hash
2020-04-30 16:22:13 -07:00
df9dd3012f
Merge pull request #2934 from SparkiDev/tls13_cookie_ks
...
TLS13: Prepend the SupportedVersions extension to list
2020-04-30 14:58:11 -07:00
a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks
...
check on tag length for AES-CCM
2020-04-30 14:51:20 -07:00
7879d3762a
TLS13: Prepend the SupportedVersions extension to list
...
Must have SupportedVersions at start of list for Cookie to be
constructed correctly.
Application can set the key share extension before handshake and
SupportedVersions will be added after. Extensions written in order of
adding to list.
Prepend SupportedVersions so that it will always appear in the correct
place so when reconstructing HelloRetryRequest, the extensions will
always be in the same order.
2020-04-30 08:46:23 +10:00
505fbed4df
fix AES-CCM tag size check on decryption
2020-04-29 15:15:54 -06:00
7e267546cb
Merge pull request #2933 from SparkiDev/tls13_rsa8192
...
Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA
2020-04-29 11:24:44 -07:00
390f066028
Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA
2020-04-29 12:37:41 +10:00
e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix
...
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
2020-04-29 09:00:04 +10:00
b73e52f33f
move AES-CCM tag check into a local function
2020-04-28 14:46:06 -06:00
951cb4aaf4
Fix building with one-side only tls13/dtls
2020-04-28 14:33:00 -06:00
f770d28ff0
Merge pull request #2916 from dgarske/testfixes
...
Improvements to ECC key decode and tests
2020-04-28 09:57:44 -07:00
a585e4115e
Merge pull request #2927 from SparkiDev/tls13_ccs
...
In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row
2020-04-28 09:52:46 -07:00
cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++
...
Fixes for G++ and enable-all
2020-04-28 09:51:34 -07:00
c02c408409
Only 80 characters a line
2020-04-28 12:38:02 +02:00
a104caef13
Merge pull request #2929 from dgarske/sp_rsalowmem
...
Fix for SP math with `RSA_LOW_MEM` (ARM only)
2020-04-28 08:43:31 +10:00
c85a53c631
add macro guard for fips and selftest builds
2020-04-27 15:36:53 -06:00
6185e0f477
Remove execute bit on files.
2020-04-27 11:16:02 -07:00
327cdefc24
Fix for SP math with RSA_LOW_MEM, which was broken in PR #2892 .
2020-04-27 08:59:54 -07:00
01a6dded72
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
...
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
2020-04-27 15:52:01 +02:00
1e726e19a4
Fix for XMALLOC cast.
2020-04-27 06:48:41 -07:00
c153873337
Fail when WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT set in TLS1.3
2020-04-27 16:17:03 +10:00
df1b7f34f1
In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row
2020-04-27 15:27:02 +10:00
3c93a7b757
Fix Value stored to 'ret' is never read.
2020-04-24 11:31:12 -07:00
a4caa42793
Improve the Base64 line size for NO_ASN case. Fix report of unread ret.
2020-04-24 11:26:55 -07:00
589712f870
PIC32MZ Fix for cache coherency to enable write-through (no write allocation) to resolve descriptor corruption. ZD 10212.
2020-04-24 09:13:28 -07:00
0f11369680
PIC32MZ Fix for WOLFSSL_PIC32MZ_LARGE_HASH: Only submit to hardware if update data provided matches expected. ZD 10211.
2020-04-24 09:01:51 -07:00
cfc0aeb857
Fix for RSA and KeyGen only in test.c.
2020-04-24 08:56:31 -07:00
41fc208195
Fixes for isHMAC checks.
2020-04-24 08:51:56 -07:00
5fa7bb5b9f
Fix possible unused args.
2020-04-24 07:48:41 -07:00
6d025f8c0f
Refactor of the EVP macType to use enum wc_HashType to resolve issues with invalid casting.
2020-04-24 07:43:44 -07:00
28b686a8ca
* Exposed useful sizes MAX_X509_HEADER_SZ and PEM_LINE_SZ
...
* Refactor the PEM saving code in `test.c`, so its not using large 4K buffer and calculates based on DER.
* Enable ECC key generation test even without `WOLFSSL_KEY_GEN`.
* Added `ECC_KEYGEN_SIZE` macro for ECC key generation testing.
* Refactor ECC DER key generation to use `ECC_BUFSIZE`.
2020-04-23 16:11:54 -07:00
81f959336b
Added support for important private key DER using wc_EccPublicKeyDecode. Added ECC key generation and decode test case.
2020-04-23 16:07:43 -07:00
b07dfa425d
Fixes for ./configure CC="g++" --enable-all && make. Resolves issues with implicit casts and use of reserved template keyword.
2020-04-23 15:26:04 -07:00
5376763638
Merge pull request #2913 from SparkiDev/sp_cortexm4_ecc
...
Improve performance of SP Cortex M asm
2020-04-23 09:47:05 -07:00
7318121d3a
Merge pull request #2915 from dgarske/async_v4.4.0
...
Fixes for async release v4.4.0
2020-04-23 09:26:08 -07:00
54aa50e628
Merge pull request #2912 from SparkiDev/sp_movbe
...
Only use Intel instruction movbe when available
2020-04-23 09:25:02 -07:00
6132176715
Merge pull request #2917 from ejohnstown/postrelease
...
Minor wolfCrypt Test Fixes
2020-04-23 07:16:07 -07:00
David Garske
Chris Conlon
kaleb-himes
toddouska
Jacob Barthelmeh
John Safranek
Sean Parkinson
Juliusz Sosinowicz