wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 19:59:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,614 Commits 12 Branches 184 Tags
0f0eebfc08cc6d3331bbc6e581cf641e602a11b5
Commit Graph

13614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Safranek
0f0eebfc08 RNG Update 
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
   as a default callback.
2. Modify all the tests and examples to use the default seed callback if
   the seed callback is enabled.
 2021-03-24 16:45:19 -07:00
John Safranek
1c064dd957 If the RNG seeding callback is missing or returns an error, the RNG instantiate fails. 2021-03-17 12:18:21 -07:00
John Safranek
ff64584f34 Removed an outdated comment. 2021-03-11 14:37:00 -08:00
John Safranek
b87fca669d 1. Rename and relabel the FIPS 140-3 option as wolfCrypt v5. 
2. Make sure the correct SHA assembly files are copied over for the latest FIPS build.
 2021-03-11 08:51:54 -08:00
John Safranek
30d0188fca Add callback option for RNG seeding. WCv5.0-RC3 2021-03-09 10:43:26 -08:00
John Safranek
7134608d9f Merge branch 'master' into fipsv3 
# Conflicts:
#	wolfssl/wolfcrypt/hash.h
 2021-03-05 07:59:04 -08:00
John Safranek
49b80c94b7 Add option to fips-check script to checkout specific named files from the FIPS tag. 2021-03-04 16:26:19 -08:00
JacobBarthelmeh
f15450f63e Merge pull request #3839 from cconlon/pkcs7free 
fix PKCS7 dynamic content save/restore in PKCS7_VerifySignedData
 2021-03-05 05:53:38 +07:00
Sean Parkinson
25228cb6c0 Merge pull request #3798 from dgarske/no_hash 
wolfcrypt: Fixes for building without hash or rng
 2021-03-05 08:16:34 +10:00
John Safranek
69d2e4db6a DH key gen should call DH check key. 2021-03-04 14:10:48 -08:00
David Garske
7983734dcb Merge pull request #3786 from tmael/cc310_ecc_importkey 
Add Cryptocell wc_ecc_import_x963_ex
 2021-03-04 13:59:54 -08:00
John Safranek
6fa1fe5b8e ECC key gen should call ECC check key. 2021-03-04 13:19:02 -08:00
toddouska
53a7397418 Merge pull request #3828 from elms/test/fix_openssl_ticket_noaes 
test: fix compile with session-ticket without AES-GCM
 2021-03-04 11:15:20 -08:00
toddouska
bd57e3e4cf Merge pull request #3818 from dgarske/zd11760 
Fix for InTime RTOS v5 random
 2021-03-04 11:14:34 -08:00
toddouska
b8235649ea Merge pull request #3812 from haydenroche5/get-certs-refactor 
Improve wolfSSL_CertManagerGetCerts.
 2021-03-04 11:14:05 -08:00
toddouska
0a74fbf95f Merge pull request #3789 from fabiankeil/configure-accept-amd64 
configure: When enabling --enable-sp-asm, accept host_cpu amd64
 2021-03-04 11:11:13 -08:00
toddouska
12d5c6d416 Merge pull request #3783 from haydenroche5/socat 
Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_…
 2021-03-04 11:10:17 -08:00
toddouska
90d45028cc Merge pull request #3781 from fabiankeil/NO_WOLFSSL_STUB-build-fix 
Fix build with  NO_WOLFSSL_STUB
 2021-03-04 11:07:26 -08:00
toddouska
447b8c9318 Merge pull request #3831 from SparkiDev/sp_int_not_inf 
SP int: define errors for backward compatability
 2021-03-04 11:06:15 -08:00
John Safranek
5080b1d633 Restrict AES-GCM IV minimum size to 96-bits for newer FIPS builds. 2021-03-04 09:55:44 -08:00
Chris Conlon
2be80acdd3 fix PKCS7 dynamic content save/restore in PKCS7_VerifySignedData for multiPart bundles with certs 2021-03-03 16:19:58 -07:00
Sean Parkinson
8c3b5c3402 Merge pull request #3838 from guidovranken/zd11824 
Return error code from sp_cond_swap_ct
 2021-03-04 08:30:19 +10:00
Guido Vranken
6725a4f5d2 Return error code from sp_cond_swap_ct 
ZD 11824
 2021-03-03 20:03:10 +01:00
John Safranek
8634ccc51b Remove MD5 and old TLS from the newest FIPS build. 2021-03-03 08:30:09 -08:00
Sean Parkinson
7b78c61ed3 Merge pull request #3833 from dgarske/ecc_keydp 
ECC: Improve the key ecc_set NULL checking
 2021-03-03 09:47:32 +10:00
David Garske
3752347f14 Improve the random logic for the INTIME RTOS RNG. 2021-03-02 15:04:01 -08:00
David Garske
4d8068a328 Merge pull request #3813 from douzzer/configure-autotools-boilerplate-at-the-top 
configure.ac: put autotools boilerplate at the top
 2021-03-02 09:22:09 -08:00
elms
7e8aa99471 Merge pull request #3820 from haydenroche5/cmake-options-cleanup 
Clean up CMake option strings.
 2021-03-02 08:55:12 -08:00
Elms
4ff886dbda test: fix compile with session-ticket without AES-GCM 
EVP compat layer doesn't support poly chacha so test shouldn't be
included to try and test it.
 2021-03-02 08:40:19 -08:00
David Garske
9fe7be5ac4 Improve the key ecc_set NULL checking for possible use of key->dp == NULL cases. This is cases where the key has not been properly iniailized or loaded prior to calling from a public API. 2021-03-01 17:17:40 -08:00
David Garske
9d4d36f7fe Fix hasty copy/paste with privSz2. 2021-03-01 16:02:51 -08:00
Sean Parkinson
84d5d37f61 SP int: define errors for backward compatability 2021-03-02 08:34:23 +10:00
David Garske
14faf16955 Dismiss unused warnings for dh_test. 2021-03-01 10:14:28 -08:00
David Garske
8c1a93d9e1 Using "rand()" to seed our PRNG as its available on all INTIME RTOS versions. 2021-03-01 09:23:19 -08:00
John Safranek
675a571818 Add CASTs for TLSv1.2, TLSv1.3, and SSH KDFs. WCv5.0-RC2 2021-03-01 08:47:03 -08:00
John Safranek
d68622539d Fix another configure error due to rebase. 2021-02-26 13:15:10 -08:00
John Safranek
1368cac8b5 Add RSA PAT. 2021-02-26 10:17:51 -08:00
Hayden Roche
265b456cac Improve wolfSSL_CertManagerGetCerts. 
- Use wolfSSL_d2i_X509. wolfSSL_CertManagerGetCerts duplicated a lot of work
that wolfSSL_d2i_X509 can do for us.
- This function gets the caLock from the CertManager and then calls ParseCert.
Ultimately, ParseCert calls GetCA, which attempts to acquire the same caLock.
Deadlock ensues. The solution is to get the caLock, make a copy of all the
certs, and release the lock. Then, we use the copy of the certs to build up
the stack of X509 objects. What happens if one of the certs is removed from
the CertManager between our copying and calling wolfSSL_d2i_X509? Nothing of
consequence for this use case. ParseCertRelative won't set the DecodedCert's ca
field, but we don't need that to be set here.
 2021-02-26 10:45:27 -06:00
Hayden Roche
cd9f400cf3 Clean up CMake option strings. 
This commit makes all the binary CMake options (i.e. yes/no) conform to one
string convention: "yes/no." Previously, we had a mixture of yes/no and ON/OFF.
 2021-02-26 10:30:46 -06:00
toddouska
4c1a94a6ad Merge pull request #3768 from SparkiDev/mp_add_d_too_big 
MP small: mp_add_d doesn't support adding a digit greater than MP_DIG…
 2021-02-25 16:56:23 -08:00
toddouska
e18eacfcd2 Merge pull request #3779 from embhorn/zd11711 
Squelch interfering def of SHA_CTX
 2021-02-25 16:05:24 -08:00
toddouska
2d13a43e71 Merge pull request #3819 from elms/fix/nightly_g++ 
ssl: fix g++ compile warning with explicit cast
 2021-02-25 16:04:05 -08:00
John Safranek
4a75585c7a Add ECDSA-KAT CAST. 2021-02-25 16:03:55 -08:00
toddouska
5682d61e75 Merge pull request #3817 from SparkiDev/i2d_x509_name_mv 
ASN: move wolfSSL_i2d_X509_NAME to ssl.c
 2021-02-25 16:03:30 -08:00
toddouska
7d002a7645 Merge pull request #3816 from SparkiDev/win_curve448 
Windows Project: Include the X448 and Ed448 files
 2021-02-25 16:00:53 -08:00
toddouska
dbc4c51a4e Merge pull request #3815 from SparkiDev/sp_math_keygen 
SP int: get keygen working with SP math again
 2021-02-25 16:00:27 -08:00
toddouska
8d37da24dc Merge pull request #3814 from SparkiDev/gcd_lcm_zero 
Math: GCD(0,0) is undefined and LCM(0,*) is undefined.
 2021-02-25 16:00:04 -08:00
Hayden Roche
10181b7bbf Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_version. 
This is needed by socat-1.7.4.1.
 2021-02-25 17:04:41 -06:00
David Garske
bc585e85b6 Dismiss unused warnings for rsa_test. 2021-02-25 11:23:21 -08:00
John Safranek
466076a7cc FIPSv3 
1. Remove the CAST IDs for the redundant RSA tests.
2. Remove the flags in configure.ac that enable the keys for the redundant RSA tests.
 2021-02-25 11:07:26 -08:00