Commit Graph

15865 Commits

Author SHA1 Message Date
Daniel Pouzzner 242eb2dcf1 wolfcrypt/src/pkcs12.c: fix scan-build deadcode.DeadStores gripe. 2021-12-14 18:08:54 -06:00
Daniel Pouzzner eb032e0266 configure.ac: refactor changes of 7cccaa98b7 around FIPS v5*. 2021-12-14 18:08:12 -06:00
David Garske a6c7d56c32 Merge pull request #4655 from haydenroche5/wc_pkcs12_from_file
Add wc_d2i_PKCS12_fp to parse a PKCS #12 file directly in wolfCrypt.
2021-12-14 08:58:57 -08:00
John Safranek 2359045b28 Merge pull request #4649 from kaleb-himes/KCAPI_FIPS_READY
The minimal changes needed to add KCAPI support with fips-ready
2021-12-13 17:33:03 -08:00
Hayden Roche 92d207a1cd Add wc_d2i_PKCS12_fp to parse a PKCS #12 file directly in wolfCrypt. 2021-12-13 15:28:34 -08:00
Sean Parkinson f5cd61e4f9 Merge pull request #4654 from embhorn/zd13375
Fix _sp_exptmod_base_2 to init vars.
2021-12-14 07:38:20 +10:00
David Garske 7fd1b7aa51 Merge pull request #4650 from anhu/changelog
Mention falcon in the changelog
2021-12-13 10:37:07 -08:00
kareem-wolfssl 638d00f593 Merge pull request #4634 from danielinux/iotsafe-16bit-id
IoT-SAFE module: improvements and bug fixes
2021-12-13 11:33:19 -07:00
David Garske caf9024984 Merge pull request #4652 from douzzer/no-rsa-no-dh-no-dsa
WOLFSSL_ECC_NO_SMALL_STACK etc
2021-12-13 10:12:14 -08:00
David Garske 9a85638ac3 Merge pull request #4647 from anhu/evp_pkey_dummy_falcon
In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey.
2021-12-13 10:12:07 -08:00
Eric Blankenhorn 53eb5d2e5a Fix _sp_exptmod_base_2 to init vars. 2021-12-13 10:16:55 -06:00
Daniel Pouzzner 355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Daniel Pouzzner 2193df1d62 add WOLFSSL_ECC_NO_SMALL_STACK. 2021-12-10 23:57:14 -06:00
David Garske 41d4aafa3f Merge pull request #4645 from haydenroche5/parse_cert_public
Make wolfCrypt ASN cert parsing functionality public.
2021-12-10 18:27:18 -08:00
Anthony Hu eec9649049 Mention falcon in the changelog 2021-12-10 16:54:13 -05:00
kaleb-himes 7cccaa98b7 The minimal changes needed to add KCAPI support with fips-ready 2021-12-10 14:44:20 -07:00
Anthony Hu 4c12f0be95 Only one call to wc_falcon_init() and comment on 300. 2021-12-10 16:40:41 -05:00
Anthony Hu 1d8ff70900 In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey.
This allows apache-httpd to work without PQ-specific patch along with a previous
pull request.
2021-12-10 14:18:42 -05:00
Hayden Roche 6764e7c15f Make wolfCrypt ASN cert parsing functionality public.
Currently, the `ParseCert` function is only available if `WOLFSSL_ASN_API` is
defined to `WOLFSSL_API`. The only way to achieve this without enabling the
compatibility layer is to define `WOLFSSL_TEST_CERT`. There are users defining
this so that they can parse certs with wolfCrypt, even though this doesn't seem
to be the original intent of the define. This commit adds the function
`wc_ParseCert` to the public wolfCrypt API. It's simply a wrapper around
`ParseCert`. Similarly, this commit adds `wc_InitDecodedCert` and
`wc_FreeDecodedCert` to the public API, which are wrappers around
`InitDecodedCert` and `FreeDecodedCert`, respectively.
2021-12-10 10:43:28 -08:00
David Garske dde8cd9039 Merge pull request #4646 from julek-wolfssl/SSL_OP_NO_COMPRESSION-redef-error
Fix redefinition error of `WOLFSSL_OP_NO_COMPRESSION`
2021-12-10 08:46:43 -08:00
David Garske 65a0b71994 Merge pull request #4641 from anhu/priv_key_check
Actually do a private/public key check for FALCON.
2021-12-10 06:53:35 -08:00
Juliusz Sosinowicz e40ba00ece Fix redefinition error of WOLFSSL_OP_NO_COMPRESSION 2021-12-10 15:11:11 +01:00
Anthony Hu 6b5fa9d0ae remove consistency check; let it fail elsewhere. 2021-12-09 17:12:42 -05:00
David Garske b921161309 Merge pull request #4633 from SparkiDev/tls13_expired
TLS13: Skip if expired rather than turning off resuming
2021-12-09 14:10:42 -08:00
David Garske dd0e3d6ebf Merge pull request #4644 from kareem-wolfssl/iotsafe_class
Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'.
2021-12-09 09:10:24 -08:00
Anthony Hu 494abde3eb Better casting. 2021-12-09 09:45:28 -05:00
Daniele Lacamera f02763b088 Fixes after review comments 2021-12-09 11:23:44 +01:00
David Garske 4764c4d6fa Merge pull request #4636 from JacobBarthelmeh/client
print out PEM of peer cert with example client
2021-12-08 20:04:57 -08:00
Sean Parkinson 32014c69fd TLS 13 session ticket timeout: fixup checks
Check difference between now and ticket seen from encrypted ticket
against timeout.
2021-12-09 12:43:30 +10:00
Sean Parkinson 6da0cc1ced Merge pull request #4600 from dgarske/cust_oid
Support for Custom OID in subject and CSR request extension
2021-12-09 11:24:30 +10:00
Kareem 4200cf1b4d Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'. 2021-12-08 17:17:58 -07:00
Anthony Hu 7022eb6f89 Actually do a private/public key check for FALCON. 2021-12-08 18:04:11 -05:00
David Garske dac0c21989 Merge pull request #4640 from anhu/prevent_stack_corruption
Pass in pointer to a local size_t var, not word32 var to prevent stack corruption
2021-12-08 14:44:07 -08:00
Sean Parkinson cf0d3263ac Merge pull request #4628 from julek-wolfssl/issue-4623
Handle an `EPIPE` error from the socket
2021-12-09 08:08:56 +10:00
Anthony Hu 74442605fa Pass in pointer to a local size_t var, not word32 var to prevent stack corruption. 2021-12-08 16:01:52 -05:00
Jacob Barthelmeh ad078a7358 adjust macro guard in example client 2021-12-08 13:45:37 -07:00
Chris Conlon dd0e1226b7 Merge pull request #4638 from miyazakh/sce_protect_iar_compiler 2021-12-08 09:50:16 -07:00
Hideki Miyazaki 081d28f556 better handling for global index
fix function proto type definition
2021-12-08 11:42:23 +09:00
Jacob Barthelmeh 9a07b3af9b print out PEM of peer cert with example client 2021-12-07 14:07:47 -07:00
Kaleb Himes 8609d98122 Merge pull request #4635 from julek-wolfssl/PrintPubKeyEC-wrong-free
Return early on failed `key` init
2021-12-07 13:28:53 -07:00
Juliusz Sosinowicz 223f25149b Return early on failed key init 2021-12-07 18:11:19 +01:00
Kaleb Himes 96daf2bede Merge pull request #4632 from julek-wolfssl/PrintPubKeyEC-leak
`a` and `key` were not being freed => leak in `PrintPubKeyEC`
2021-12-07 07:20:05 -07:00
Daniele Lacamera 1cb8b34fba IoT-SAFE: minor fixes + doxygen for new API calls 2021-12-07 14:11:14 +01:00
Daniele Lacamera 9e73c324a4 iot-safe: Fixed debug printf, updated slot number for 16-bit demo 2021-12-07 14:11:14 +01:00
Daniele Lacamera 23982e4fb3 Fixed wolfIoT_ecc_keygen when key is stored during generation 2021-12-07 14:11:14 +01:00
Daniele Lacamera b23d51ab78 Avoid looping on uart read after applet initialization fails 2021-12-07 14:11:14 +01:00
Daniele Lacamera 5da89c6275 Clear meaning for the return value of iotsafe_gen_keypair 2021-12-07 14:11:14 +01:00
Kareem 4d483b0a28 iotsafe: allow init to continue with empty response 2021-12-07 14:11:13 +01:00
Daniele Lacamera 29e20eeadc Fix to rebase branch on current master 2021-12-07 14:11:13 +01:00
Daniele Lacamera e551f439f4 Reworked expect_tok to fix NULL dereferences 2021-12-07 14:11:13 +01:00