wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 17:22:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,705 Commits 12 Branches 184 Tags
2029bf0a0bd44e0c814882c47ea9fc84ced4cf5d
Commit Graph

16705 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
2029bf0a0b Merge pull request #4992 from JacobBarthelmeh/Compatibility-Layer 
support creating new mem bio of length 0
 2022-03-30 06:55:53 -07:00
Sean Parkinson
d9df00cdfb Merge pull request #4994 from dgarske/kcapi 
KCAPI ECC memory optimizations and KCAPI AES build fix
 2022-03-30 11:50:39 +10:00
Kaleb Himes
1dc3808aae Merge pull request #4986 from cconlon/sslFipsReady 
Fix FIPS defines in wolfSSL_RSA_sign_generic_padding() / RSA_verify_ex()
 2022-03-29 16:02:17 -05:00
David Garske
d10e72bc98 Fix for KCAPI AES with WOLFSSL_NO_KCAPI_AES_CBC. 2022-03-29 12:50:28 -07:00
Chris Conlon
4ad2f68071 fix defines for FIPS around RSA-PSS in wolfSSL_RSA_sign_generic_padding() and wolfSSL_RSA_verify_ex() 2022-03-29 10:03:16 -06:00
David Garske
0989a14395 Merge pull request #4995 from douzzer/20220328-multi-test-fixes 
fix reproducible-build for libtool 2.4.7
 2022-03-29 08:00:45 -07:00
Daniel Pouzzner
e9b941e16e configure.ac: fix --enable-reproducible-build to cope with update from libtool-2.4.6 to -2.4.7. 2022-03-29 07:53:43 -05:00
Daniel Pouzzner
8edf237f75 Merge pull request #4993 from SparkiDev/sakke_gen_table_tmp_size_fix 
SP: fix number of temps alloced in sp_ecc_gen_table
 2022-03-28 21:32:35 -05:00
Sean Parkinson
194138f0b8 Merge pull request #4990 from dgarske/async_fix 
Fixes for async ECC
 2022-03-29 10:30:38 +10:00
David Garske
9a8be82653 Merge pull request #4987 from julek-wolfssl/ffmpeg 
Add support for `--enable-ffmpeg`
 2022-03-28 16:33:20 -07:00
Sean Parkinson
f50514b228 SP: fix number of temps alloced in sp_ecc_gen_table 
Ony affects SAKKE and as a result of point add changes.
 2022-03-29 09:11:45 +10:00
David Garske
1abcd4b035 Reduce KCAPI ECC page memory allocation sizes. 2022-03-28 15:40:07 -07:00
David Garske
05f377011b Fix for building with KCAPI AES enabled. 2022-03-28 15:05:58 -07:00
Jacob Barthelmeh
f7f94cede0 support creating new mem bio of length 0 2022-03-28 15:52:42 -06:00
David Garske
12349f39e6 Merge pull request #4974 from kareem-wolfssl/iotsafe 
IOTSafe workarounds
 2022-03-28 13:49:44 -07:00
David Garske
5b0735cdb4 Fixes for async ECC broke in PR #4982. 2022-03-28 11:29:33 -07:00
Kareem
52902f1d37 IoTSafe: Add SP_RSA to user_settings.h template. 2022-03-28 10:25:05 -07:00
Juliusz Sosinowicz
6dc86e7df1 Add support for --enable-ffmpeg 2022-03-28 12:47:19 +02:00
Kareem
be938ed197 IoTSafe Workarounds: Address code review feedback. 2022-03-25 16:17:53 -07:00
JacobBarthelmeh
25d5a624d2 Merge pull request #4975 from cconlon/smallStack 
smallstack cleanup for OpenSSL Compatibility Functions
 2022-03-25 17:06:59 -06:00
John Safranek
0ee01f08bc Merge pull request #4984 from douzzer/20220325-multi-test-cleanup 
20220325 multi-test fixes
 2022-03-25 15:06:34 -07:00
David Garske
3af3274dcd Merge pull request #4982 from SparkiDev/sp_x64_improvements 
SP ASM improvements
 2022-03-25 13:04:01 -07:00
David Garske
07f9ca60ac Fix for async without threading. ./configure --enable-asynccrypt --enable-all CFLAGS="-DWC_NO_ASYNC_THREADING". 2022-03-25 12:43:04 -07:00
David Garske
0930086fa1 Fix for increased mcapi (used by Microchip) ctx sizes if PK callbacks is enabled due to key id/label. 2022-03-25 12:36:07 -07:00
Daniel Pouzzner
008c8509c6 multi-test fixes: whitespace in wolfcrypt/src/random.c and wolfcrypt/test/test.c, bugprone-macro-parentheses and -Wenum-compare in WS_RETURN_CODE() (wolfssl/ssl.h), and clang-analyzer-deadcode.DeadStores in api.c. 2022-03-25 13:26:41 -05:00
David Garske
04e2b6c62a Merge pull request #4983 from douzzer/20220324-gcc-12-fixes 
fixups for warnings from gcc-12
 2022-03-24 19:16:27 -07:00
Sean Parkinson
7eb95674ee Merge pull request #4966 from dgarske/kcapi 
Fixes for KCAPI AES GCM and ECC
 2022-03-25 10:18:16 +10:00
Sean Parkinson
fd66f6bcec SP ASM improvements 
Change Karatsuba implementations for x86_64.
Fix ECC code to better handle corner cases.
Add 'lower' versions of functions wehn an input is known to be less than m.
Add mont_add/dbl/tpl/sub for P384.
Change ECC point add to be cache-attack resistant.
Change mod_exp to be cache-attack resistant.
 2022-03-25 10:04:25 +10:00
John Safranek
14522f25ff Merge pull request #4904 from kaleb-himes/OE22_NS9210_FIX 
Fix up random.h conflicts with cert 3389 releases and some NETOS issues
 2022-03-24 16:07:23 -07:00
Sean Parkinson
feb58a8455 Merge pull request #4956 from julek-wolfssl/bind-9.18.0 
bind 9.18.0 fixes
 2022-03-25 08:27:34 +10:00
Daniel Pouzzner
12776b3772 fixups for warnings from gcc-12: 
src/internal.c: use XMEMCMP(), not ==, to compare array elements (fixes conflict of 74408e3ee3 vs 617eda9d44);

fix spelling of NAMEDGROUP_LEN (was NAMEDGREOUP_LEN);

src/ssl.c: in CheckcipherList() and wolfSSL_parse_cipher_list(), use XMEMCPY(), not XSTRNCPY(), to avoid (benign) -Wstringop-truncation;

scripts/sniffer-tls13-gen.sh: fix for shellcheck SC2242 (exit 1, not -1).
 2022-03-24 16:33:36 -05:00
David Garske
b509e174bb Whitespace fix. 2022-03-24 10:19:28 -07:00
Anthony Hu
ceae169a34 Merge pull request #4969 from dgarske/pk_pubkey 2022-03-24 12:40:03 -04:00
David Garske
624f1499f0 Merge pull request #4978 from julek-wolfssl/issue/4970 
Prefer status_request_v2 over status_request when both are present
 2022-03-24 08:30:12 -07:00
David Garske
5a0d794e88 Merge pull request #4980 from anhu/iv_docs 
Correction about AES using IV in docs
 2022-03-24 08:29:55 -07:00
Juliusz Sosinowicz
29c0c9bf48 Rebase fixes 2022-03-24 13:41:50 +01:00
Juliusz Sosinowicz
850b8c5c3b OpenSSL compatible API 
`WOLFSSL_ERROR_CODE_OPENSSL` breaks ABI compatiblity due to changing the expected return code. Let's only do this when building with the full compatibility layer.
 2022-03-24 12:16:59 +01:00
Juliusz Sosinowicz
88d5059c36 Jenkins fixes 
`WS_RETURN_CODE` was not functioning properly in master
 2022-03-24 12:16:59 +01:00
Juliusz Sosinowicz
98bc8402db Refactor memory BIO 
- use the `WOLFSSL_BUF_MEM` struct to resize the internal memory buffer
- add a `WOLFSSL_BIO_RESIZE_THRESHOLD` define that will be used to determine how often to shrink the internal buffer. This should cut down on the number of free/malloc calls made significantly. This should help with our inefficient 1 byte reads in `loadX509orX509REQFromPemBio`.
- implement `wolfSSL_BUF_MEM_resize` which allows bi-directional buffer size manipulation
 2022-03-24 12:16:59 +01:00
Juliusz Sosinowicz
ae9b01c5b8 bind 9.18.0 fixes 
- return `1` from `wolfSSL_BIO_set_mem_eof_return` instead of `0` for success
- bind requires ALPN
- `OPENSSL_COMPATIBLE_DEFAULT` defined for bind
- `WOLFSSL_ERROR_CODE_OPENSSL` defined when using compatibility layer
- return `bio->eof` on no pending data to read in memory BIO (defaults to `WOLFSSL_BIO_ERROR`)
- `flags` is no longer an input parameter in `wolfSSL_ERR_get_error_line_data`
- allow lazy parameter loading in `wolfSSL_DH_set0_key`
- implement reference counter in `WOLFSSL_EC_KEY`
- load serial number from `x509->serialNumber` if `x509->serial` is empty
 2022-03-24 12:16:59 +01:00
Anthony Hu
f71a85d5f9 Merge pull request #4979 from dgarske/sniffer_tidy 2022-03-23 15:13:20 -04:00
Anthony Hu
1bc71da1df Correction about AES using IV in docs 2022-03-23 13:35:13 -04:00
David Garske
6e550c8d75 Fix for KCAPI ECC KeyGen. Disable ECC consistency checks with KCAPI. Allow public AddSignature (used to be public). Fix KCAPI ECC SharedSecret output size. 2022-03-23 09:37:50 -07:00
David Garske
8bafa7f601 Fix for KCAPI ECC sign (was not returning the signature, since ret always 0). 2022-03-23 09:37:50 -07:00
David Garske
c9e3094cb0 Fixes for KCAPI ECC verify. Cleanup of the pubkey_raw. Fix KCAPI AES possible used uninitialized. 2022-03-23 09:37:50 -07:00
David Garske
8d695f97c9 Fix for KCAPI KcapiEcc_LoadKey parameter to kcapi_kpp_keygen. Added option to release handle on load. Fixes for KCAPI sign output length. Added additional argument checking. 2022-03-23 09:37:50 -07:00
David Garske
318350f63b Fix for ecc_check_privkey_gen with KCAPI. Fix KCAPI ECDSA to ensure we don't leak handle for multiple sign/verify calls. 2022-03-23 09:37:50 -07:00
David Garske
9f2dc408a0 Fixes for KCAPI AES GCM. Add guards for algorithm macros on KCAPI. 2022-03-23 09:37:50 -07:00
David Garske
1b0e5f4806 Allow disabling DRBG with KCAPI. Add KCAPI /dev/hwrng support. 2022-03-23 09:37:50 -07:00
David Garske
5fe6f1c875 For KCAPI do not force enable ECC curves, set K or seed callback, disable AES GCM tests with non standard IV. 2022-03-23 09:37:50 -07:00