Commit Graph

12015 Commits

Author SHA1 Message Date
David Garske 28b2be37cd Merge pull request #3259 from ejohnstown/sniffer-no-oldtls
Sniffer without OldTls
2020-08-31 07:34:24 -07:00
Sean Parkinson d2802f2d15 Merge pull request #3264 from dgarske/iar_sp
Fix for building SP math with IAR
2020-08-31 08:40:50 +10:00
Sean Parkinson f444c63560 Merge pull request #3262 from julek-wolfssl/missing-cipherExtraData-2
HAVE_SESSION_TICKET can also be defined without TLS 1.2
2020-08-31 08:34:54 +10:00
David Garske 5692135819 Fix for building SP math with IAR to force noinline. ZD 10839 2020-08-28 11:04:28 -07:00
Juliusz Sosinowicz c6d1d524fc HAVE_SESSION_TICKET can also be defined without TLS 1.2 2020-08-28 16:05:28 +02:00
Sean Parkinson 015c73686f Merge pull request #3261 from dgarske/zd10848
Fixes for several implicit cast warnings
2020-08-28 16:49:03 +10:00
David Garske 94b0dcb7e9 Peer review feedback to add explicit parenthesis on cast. 2020-08-27 16:18:54 -07:00
David Garske 0d2e37cc42 Fixes for several implicit cast warnings. ZD 10848. 2020-08-27 13:51:55 -07:00
John Safranek 5b39976cc0 Sniffer without OldTls
1. Put a guard around the call to DeriveKeys() when building with
  --enable-sniffer --disable-oldtls. Disabling OldTls removes the
  DeriveKeys() function. Similar logic used in internal.c.
2020-08-26 16:47:44 -07:00
toddouska d077efcbb3 Merge pull request #3237 from SparkiDev/mp_oob_1
Fix out of bounds read when writing to very long buffer
2020-08-24 15:28:00 -07:00
toddouska c5cab6afba Merge pull request #3236 from dgarske/retcheck
Various fixes and improvements (return codes, build warns and func doc)
2020-08-24 15:27:04 -07:00
toddouska 7e6100593e Merge pull request #3223 from SparkiDev/fp_gcd_fix
Check the error return from fp_mod in fp_gcd
2020-08-24 15:24:20 -07:00
toddouska cf208901fd Merge pull request #3218 from guidovranken/wc_PKCS12_PBKDF_ex-leak-fix
In wc_PKCS12_PBKDF_ex, free outer loop variable if inner loop fails
2020-08-24 15:23:47 -07:00
David Garske a23b30bc18 Merge pull request #3245 from tmael/ctx_pKey
Correct a mismatch of directives
2020-08-24 14:39:43 -07:00
David Garske 749025963e Merge pull request #3239 from SparkiDev/ed448_cast
Ed448: Fix compiler warning Intel -m32
2020-08-24 10:13:25 -07:00
David Garske 47cc8d232a Fix in ED448 wc_ed448_check_key function for possible dereference of a null pointer. 2020-08-24 07:31:06 -07:00
Sean Parkinson 4f44df96dc MP: integer OOB write fix
mp_to_unsigned_bin_len() now checks length passed in is greater than or
equal length to write.
2020-08-24 22:48:52 +10:00
Sean Parkinson 955a53dce3 Ed448: Fix compiler warning Intel -m32 2020-08-24 16:29:48 +10:00
Sean Parkinson e30361e186 Fix out of bounds read when writing to very long buffer
mp_to_unsigned_bin_len() didn't handle buffers longer than maximum MP
size. Fixed tfm and sp_int versions.
2020-08-24 09:18:07 +10:00
David Garske 7d45e85b03 Add ED448 to the "all" options. 2020-08-21 15:47:02 -07:00
David Garske 083f143c89 Fixes for warnings with minimum ECC build. 2020-08-21 15:47:02 -07:00
David Garske 51c2960407 Added function comment for wolfSSL_i2a_ASN1_OBJECT. Added heap context for wolfSSL_CertManagerCheckOCSP 2020-08-21 15:47:02 -07:00
David Garske 5f059306fd Fix for case with ssl->error not being set. 2020-08-21 15:47:02 -07:00
David Garske 03b7ac559a Fix for example return code checking. 2020-08-21 15:47:02 -07:00
toddouska 44e575b8c4 Merge pull request #3227 from dgarske/release-4.5.0-async
Release 4.5.0 async
2020-08-21 15:34:20 -07:00
David Garske fd2aece058 Fix for building ECC_CACHE_CURVE without WOLFSSL_CUSTOM_CURVES. 2020-08-20 16:16:18 -07:00
David Garske 3fbaccc8a1 Fix for API unit test test_wolfSSL_X509_sign, which can have a varying length depending on if MSB is set. About 1 in 200 tests would fail. 2020-08-20 15:33:28 -07:00
David Garske dd517fd81c Fixed several compiler warnings with inline variable declaration, deprecated func decl and small stack use of invaid memory (heap). Thanks @douzzer for these. 2020-08-20 15:13:43 -07:00
David Garske 92cf0d7b10 Fix numerous maybe-uninitialized errors in WOLFSSL_SP_SMALL and WOLFSSL_SMALL_STACK cases. 2020-08-20 15:05:20 -07:00
David Garske 25f9d15980 Fix for benchmark example when using the ECC encrypt (--enable-eccencrypt) and timing resistance. New timing resistance RNG requirements for ECC Shared Secret. 2020-08-20 14:25:06 -07:00
David Garske 1d55b2f526 Fixes for several memory leaks related to HAVE_WOLF_BIGINT. 2020-08-20 14:25:06 -07:00
David Garske 79c0fd3f29 Fix for ECC make key test not waiting for async completion. 2020-08-20 14:25:05 -07:00
David Garske 0011b7b376 Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with wc_DhKeyDecode and WOLFSSL_DH_EXTRA. Fix leak in dh_test with new call to DH key import. 2020-08-20 14:25:05 -07:00
toddouska 0fa5af9929 Merge pull request #3224 from ejohnstown/release-update
Release v4.5.0 Supplement
v4.5.0-stable
2020-08-20 09:34:58 -07:00
John Safranek 05671d183c update README/ChangeLog 2020-08-19 10:53:26 -07:00
Sean Parkinson 549c47de65 Handle when k is 1 or order + 1 for timing resistant ECC 2020-08-19 10:50:37 -07:00
John Safranek 362e328180 NTRU fixes
1. When configuring for NTRU, enable static RSA.
2. The echoserver should not try to use NTRU with TLSv1.3.
2020-08-19 10:46:03 -07:00
David Garske 1f10e77b0f Fix for SP math with WOLFSSL_VALIDATE_ECC_KEYGEN. Fixes logic error on point x/y zero check. 2020-08-19 09:30:32 -07:00
John Safranek 55632a0567 Two more out of order DTLS message fixes. 2020-08-18 17:54:25 -07:00
Sean Parkinson 38b717eb42 Clear MP in ECC to free allocated memory 2020-08-18 17:54:25 -07:00
John Safranek 113753370d Long Test Fixes
1. Sniffer was trying to log a NULL pointer as a string. Logged a string instead.
2. Few misc fixes in ECC.
2020-08-18 17:54:25 -07:00
Tesfa Mael fbe0e04388 Correct mismatch of directives 2020-08-18 16:44:43 -07:00
Sean Parkinson 3a7ad4f03b Check the error return from fp_mod in fp_gcd
Error can occur when using small stack and memory allocation fails.
2020-08-19 08:50:27 +10:00
John Safranek 6e49a63e50 fix call to MakeAnyCert from wc_MakeNtruCert(); it was missing the new parameter 2020-08-17 17:12:11 -07:00
John Safranek c1090cff3f update rpm-spec.in 2020-08-17 14:42:20 -07:00
toddouska 028bddd7ab Merge pull request #3215 from ejohnstown/release-4.5.0
Release Update
2020-08-17 13:51:23 -07:00
John Safranek 5c6da52ac1 Update release notes. 2020-08-17 09:20:53 -07:00
Sean Parkinson cb5d6a5c12 Check ECC scalar before multiplication
A k with more bits than in order doesn't work in ECC scalar
multiplication.
Check private key length in wc_ecc_check_key()
Check private key length in ecc_make_pub_ex()
2020-08-17 08:39:39 -07:00
John Safranek 3be7f3ea3a Reject DTLS application data messages in epoch 0 as out of order. 2020-08-14 17:21:39 -07:00
John Safranek ef5271dd9f fips-check script shouldn't force FIPS-ready build to be v2. 2020-08-14 14:31:50 -07:00