dd0b9fb871
SP Winx64 ASM: XMM6-15 are non-volatile
...
Put the used non-volatile XMM registers on the stack at the start and
get them off again at the end.
2022-06-01 08:46:27 +10:00
81cd1e652e
Merge pull request #5170 from haydenroche5/evp_cipher_aes_gcm
...
Fix EVP_CTRL_GCM_IV_GEN with AES-GCM.
2022-06-01 08:20:33 +10:00
0554b02215
Merge pull request #5177 from JacobBarthelmeh/PKCS7
2022-05-31 09:46:14 -06:00
da91578bc7
Merge pull request #5180 from miyazakh/tsipv_up
2022-05-31 09:41:47 -06:00
8c10c3776d
wolfcrypt/src/asn.c: in C89 codepath of GetFormattedTime(), add buffer size checks before calls to sprintf().
2022-05-27 14:20:38 -05:00
aca199cb05
Fix to compile with c89
...
strncasecmp and snprintf are unavailable in C89
use // static analyzer suppressions
2022-05-27 14:20:37 -05:00
cacf5aeb7e
ASN template: properly handle WOLFSSL_CERT_EXT
...
Encoding extensions didn't properly handle WOLFSSL_CERT_EXT not being
defined.
2022-05-26 10:01:59 +10:00
ad49aea17d
fix for setting AES-CCM decrypt nonce with crypto callback
2022-05-25 13:59:56 -07:00
fa80aa6505
Merge pull request #5132 from JacobBarthelmeh/req
...
Add support for additional CSR attributes
2022-05-25 13:35:46 -07:00
e8d779ab78
Merge pull request #5077 from gojimmypi/ESP8266_Development
...
Add ESP-IDF WOLFSSL_ESP8266 setting for ESP8266 devices
2022-05-25 12:46:10 -07:00
2d8cc055f0
Merge pull request #5179 from SparkiDev/sp_armv6_fix_1
...
SP ARM32 ASM: moving large immediate value
2022-05-25 09:59:47 -07:00
da1cbfda46
Merge pull request #5178 from cconlon/nounaligned
...
Add define to skip SHA-512 unaligned memory test in test.c
2022-05-25 09:55:29 -07:00
3cf636163b
Fix EVP_CTRL_GCM_IV_GEN with AES-GCM.
...
Discovered the AES-GCM flow using this command didn't work in our OpenSSH port.
This commit makes the behavior match OpenSSL and adds testing using known
OpenSSL-generated test vectors to prevent regressions. This was one of those
problems where two ends of a connection would work fine if they were both using
wolfSSL but not if one was using OpenSSL (i.e. OpenSSH interop with AES-GCM
was broken).
2022-05-25 07:00:15 -07:00
0d59d36a80
update TSIP VER to 1.15 for RX65N and RX72N
...
fix -140 error when enabling -O2
fix no_crypto_hash
2022-05-25 18:31:23 +09:00
d2cb0278f6
SP ARM32 ASM: moving large immediate value
...
ARMv6 and early doesn't support moving an immediate value larger than 8
bits. Compiler doesn't have enough spare registers to handle it.
2022-05-25 10:58:32 +10:00
a1fb385450
free recipent list in error cases
2022-05-24 15:12:39 -07:00
5aea58d1e8
Merge pull request #5175 from douzzer/20220524-shellcheck-warnings
...
20220524-shellcheck-warnings
2022-05-24 14:21:49 -07:00
74cbd08ff5
Merge pull request #5164 from cconlon/x509date
...
Remove WOLFSSL_ALT_NAMES restriction on notBefore/notAfter use in Cert struct
2022-05-24 12:41:00 -07:00
321d404d6b
add define to skip unaligned memory tests in test.c
2022-05-24 11:55:21 -06:00
b66fa1680a
fix whitespace.
2022-05-24 12:13:14 -05:00
6a26dab73a
X.509 cert validity for CertFromX509() and EncodeCert() shouldn't be protected by WOLFSSL_ALT_NAMES
2022-05-24 10:28:46 -06:00
fab9e29513
benchmark.c: fix Jenkins failure where byte, word32 not defined
2022-05-24 12:10:01 +10:00
6424af120c
Merge pull request #5161 from SparkiDev/sp_armv7a
...
SP ARM 32: Fixes to get building for armv7-a
2022-05-23 10:01:49 -07:00
cdfdefe9af
improve checking on UUID getter function
2022-05-22 17:18:20 -07:00
9e4de4bfc8
add FASC-N and UUID alt. name support
2022-05-22 17:18:20 -07:00
62cb2b4ca9
ASN.1 Additions for FPKI/CAC
...
1. Add some OIDs used in the Federal PKI Policy Authority standard.
2. Added the SubjectDirectoryAttributes extension to certificate
parsing. (limited to country of citizenship)
3. Rename constant label SUBJECT_INFO_ACCESS to SUBJ_INFO_ACC_OID
4. Added the SubjectInfoAccess extension to certificate parsing.
(limited to one URL)
5. Add the SSH extended key usage flags.
6. Use some of the template changes on the new certificate items.
2022-05-22 17:18:20 -07:00
b5d65b9579
Merge pull request #5159 from kareem-wolfssl/fipsv3HmacMd5
...
Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS boundary.
2022-05-20 18:40:29 -07:00
9a74745246
Merge pull request #5163 from haydenroche5/evp_pkey_derive_guard
...
Remove unneeded FIPS guard on wolfSSL_EVP_PKEY_derive.
2022-05-20 17:12:24 -07:00
ec39ee2cb6
Merge pull request #5070 from miyazakh/crypto_only_flwup
2022-05-20 17:08:29 -06:00
04ddd0abe4
Merge pull request #5095 from haydenroche5/decoded_cert_crit_fields
...
Make the critical extension flags in DecodedCert always available.
2022-05-20 15:03:39 -07:00
a6b948ae59
Remove unneeded FIPS guard on wolfSSL_EVP_PKEY_derive.
2022-05-20 11:29:01 -07:00
a8024a32c5
Remove unused warning in ecc.c
...
When WOLFSSL_ECIES_OLD is defined you get an unused warning
in ecc.c / wc_ecc_encrypt_ex().
Just suppress it by "using" the parameter.
2022-05-20 16:05:10 +02:00
bc5262a5d0
SP ARM 32: Fixes to get building for armv7-a
...
Change ldrd to either have even first register or change over to ldm
with even first register.
Ensure shift value in ORR instruction has a hash before it.
Don't index loads and stores by 256 or more - make them post-index.
div2 for P521 simplified.
2022-05-20 12:15:58 +10:00
832a7a40a6
Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS boundary.
2022-05-19 12:06:20 -07:00
f2e9f5349f
wolfcrypt/src/asn.c: refactor DecodeBasicOcspResponse() to keep DecodedCert off the stack in WOLFSSL_SMALL_STACK builds.
2022-05-19 11:28:34 -05:00
4a3ff40eb3
Merge pull request #5138 from haydenroche5/issuer_names
...
Add ability to store issuer name components when parsing a certificate.
2022-05-18 16:56:55 -07:00
1026c7141e
Merge pull request #5148 from JacobBarthelmeh/PKCS7
2022-05-18 11:44:20 -06:00
54a96cef06
add test case
2022-05-18 11:16:10 +09:00
c1f117413f
get crypto only compiled with openssl extra
2022-05-18 11:16:03 +09:00
04ff6afbad
Add ability to store issuer name components when parsing a certificate.
...
This is turned on when `WOLFSSL_HAVE_ISSUER_NAMES` is defined. This allows the
user to inspect various issuer name components (e.g. locality, organization,
etc.) by using these new fields in a `DecodedCert`.
2022-05-17 16:29:52 -07:00
fd535242a0
Fix main signature in benchmark.c.
...
If `NO_CRYPT_BENCHMARK` is defined, the main function is `int main()`, but it
should be `int main(void)`.
2022-05-17 14:28:43 -07:00
8b46c95f06
macro guard for build with disable ecc
2022-05-17 11:36:09 -06:00
d6935ed3be
Review comments
2022-05-17 09:21:20 -07:00
fc12c68601
Merge pull request #5146 from dgarske/kcapi_keywrap
...
Fix to allow enabling AES key wrap (direct) with KCAPI
2022-05-17 08:16:00 +10:00
1dc5e4cee5
add padding for variable ecc signature size
2022-05-16 15:26:29 -06:00
579a37bdf0
Merge pull request #5117 from cconlon/getrandom
...
add support for Linux getrandom() with WOLFSSL_GETRANDOM
2022-05-16 12:36:30 -07:00
0ef4707859
Merge pull request #5137 from JacobBarthelmeh/docs
2022-05-16 12:18:14 -06:00
6b1e3003fb
Merge pull request #5142 from SparkiDev/ssl_move_pk
...
ssl.c rework
2022-05-13 12:56:14 -07:00
3a4feddf75
update code for continued support with i.MX6
2022-05-13 13:21:45 -06:00
643cd78ea2
Fix to allow enabling AES key wrap (direct) with KCAPI.
2022-05-13 11:15:32 -07:00
Sean Parkinson
Chris Conlon
Daniel Pouzzner
Tesfa Mael
JacobBarthelmeh
David Garske
Hayden Roche
Hideki Miyazaki
John Safranek
René Liebscher
Kareem