wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 21:52:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,585 Commits 12 Branches 184 Tags
2fa206dec072850859f8d40d763176cd151641bc
Commit Graph

6101 Commits

Author SHA1 Message Date
Daniel Pouzzner
2fa206dec0 wolfcrypt/src/siphash.c: fix bugprone-macro-parentheses, and in wc_SipHash(), fix clang-diagnostic-overlength-strings around inline asm. 2022-11-18 22:43:13 -06:00
JacobBarthelmeh
34f8fa797e Merge pull request #5695 from embhorn/gh5693 
Fix --enable-devcrypto build error for sys without u_int8_t type
 2022-11-17 16:01:35 -07:00
Tesfa Mael
647ce794dd unmask malloc returning NULL 2022-11-16 09:25:25 -08:00
Eric Blankenhorn
dc9f46a3be Fix --enable-devcrypto build error for sys without u_int8_t type 2022-11-11 15:40:12 -06:00
David Garske
9036c098b0 Merge pull request #5760 from cconlon/se050 
NXP SE050: feature expansion and fixes
 2022-11-11 13:31:05 -08:00
David Garske
cb7f73d0a3 Merge pull request #5792 from JacobBarthelmeh/Testing 
allow for cpuid public functions with non-intel build
 2022-11-11 12:28:06 -08:00
Chris Conlon
45bf793b5a SE050 expansion: add RSA support, allow for larger key IDs, get/set key ID from ecc_key/RsaKey, fixes for SE050 hashing, remove XREALLOC dependency, API to store/get binary object, API to erase object, test.c compatibility 2022-11-11 12:14:14 -07:00
Jacob Barthelmeh
c78b669b42 allow for cpuid public functions with non-intel build 2022-11-11 09:42:02 -07:00
Daniel Pouzzner
3bfff3bfc5 wolfcrypt/src/dh.c: fix benign uses of uninited var in wc_DhAgree_Sync(), introduced in #5782 -- see oss-fuzz #53177. 2022-11-11 08:51:17 -06:00
JacobBarthelmeh
7887576032 Merge pull request #5788 from dgarske/small_build 
Fix for misc `HashObject` to be excluded for `WOLFCRYPT_ONLY`
 2022-11-10 16:03:25 -07:00
David Garske
77ffacf6d1 Fix for build error with SHA2-256 disabled. 2022-11-10 11:38:08 -08:00
David Garske
35ccd880ed Fix for misc HashObject to be excluded for WOLFCRYPT_ONLY. 2022-11-09 15:07:36 -08:00
Sean Parkinson
922771bf05 Merge pull request #5785 from miyazakh/undef_gcc4p8 
fix compile error due to Werro=undef on gcc-4.8
 2022-11-10 08:05:56 +10:00
David Garske
231a4098fa Merge pull request #5783 from SparkiDev/sp_small_p521_fix 
SP P521 small HAVE_COMP_KEY: sp_521_mont_sqr_n*
 2022-11-09 06:07:12 -08:00
Hideki Miyazaki
454cd02627 fix compile error due to Werro=undef on gcc-4.8 2022-11-09 14:00:50 +09:00
Sean Parkinson
3e58c63647 SP P521 small HAVE_COMP_KEY: sp_521_mont_sqr_n* 
Specific compress key code for P521 doesn't need a n square function.

Fixing generation of x86_64 ASM scripts resulted in adding carriage
return to chacha_asm.S.
 2022-11-09 11:43:13 +10:00
Sean Parkinson
2d757eadd0 DH: fix when using SP 
The agreed secret must not be 0 or 1 by SP800-56A, 5.7.1.1.
Check done when not using SP.
Add check to SP calling code.
 2022-11-09 09:55:16 +10:00
Eric Blankenhorn
4b30f47e9b Fix casts in evp.c and build issue in ParseCRL 2022-11-08 10:59:18 -06:00
Sean Parkinson
bd83345c02 Merge pull request #5773 from dgarske/async_v5.5.3 
Fixes for various tests that do not properly handle `WC_PENDING_E`
 2022-11-08 14:47:23 +10:00
David Garske
826dfd8a23 Merge pull request #5766 from SparkiDev/x509_subj_dir_attr_fix 
ASN X509 subject directory attribute: fix ASN template parsing
 2022-11-07 17:41:27 -08:00
David Garske
44e66fd7c7 Merge pull request #5762 from SparkiDev/pkcs11_find_no_class_type 
PKCS#11: compile time check in finding keys
 2022-11-07 17:40:50 -08:00
David Garske
9c645cf5ce Merge pull request #5747 from SparkiDev/pkcs11_nullptr_user_pin 
PKCS#11: User PIN can be NULL_PTR
 2022-11-07 17:40:38 -08:00
David Garske
887b4bd9f0 Merge pull request #5767 from haydenroche5/load_system_root_certs 
Improve logic for enabling system CA certs on Apple devices.
 2022-11-07 15:15:13 -08:00
Sean Parkinson
b845c8bfc8 SP int: support mingw64 again 
Check for _MSC_VER to determine that we are compiling for MSVC.
 2022-11-07 16:34:26 +10:00
David Garske
1ee3a78e4a Fixes for various tests that do not properly handle WC_PENDING_E. 2022-11-04 14:56:40 -07:00
Hayden Roche
d0f33f62f4 Fix missing config.h include in some ARMv8 files. 2022-11-04 13:53:22 -07:00
Hayden Roche
4a917219f7 Merge pull request #5608 from SparkiDev/pk_c_rework_2 2022-11-04 13:32:36 -07:00
Hayden Roche
1ce5951f0d Merge pull request #5722 from dgarske/stm32 2022-11-04 13:32:11 -07:00
Hayden Roche
7cc2336af7 Merge pull request #5737 from SparkiDev/ecc_cofactor 2022-11-04 13:31:24 -07:00
Hayden Roche
fbc4af8701 Merge pull request #5739 from anhu/no_WOLFSSL_DYN_CERT 2022-11-03 14:24:34 -07:00
David Garske
1adc06d181 Fix for Intel QAT handling of sign R when cofactor is not 1. ZD 15017 2022-11-03 10:00:07 -07:00
Sean Parkinson
4766a978cf ECC cofactor: fix check scalar bits 
For shared secrets, when a curve has a cofactor, the private key (in
range of order) is multiplied by the cofactor before use.

If there is a cofactor involved, check bit size of scalar against
modulus instead of order.
 2022-11-03 10:00:07 -07:00
Sean Parkinson
336bef666a ASN X509 subject directory attribute: fix ASN template parsing 
Support multiple attributes.
When Country of Citizenship, pull out PRINTABLE_STRING explicitly.
Each type of attribute has a different format.
 2022-11-03 09:24:59 +10:00
Sean Parkinson
ae22babf8b PKCS#11: compile time check in finding keys 
When WC_PKCS11_FIND_WITH_ID_ONLY defined, don't add key class and
type to attributes of search for by Id.
 2022-11-01 17:38:46 +10:00
Anthony Hu
0158c82487 Keep WOLFSSL_DYN_CERT 2022-10-28 13:37:55 -04:00
Sean Parkinson
7bd8ced7af ARM32 ASM: fix asm saving and restoring of registers 
Fix push and pop generated at beginning and end of function.
 2022-10-28 09:51:32 +10:00
Sean Parkinson
4b648e7e08 PKCS#11: User PIN can be NULL_PTR 
Allow TokenInit to store NULL for User Pin.
New APIs to handle not setting User PIN.
 2022-10-28 08:52:18 +10:00
JacobBarthelmeh
319901a85c Merge pull request #5743 from SparkiDev/tls_perf_fix_forcezero 
TLS performance fix: ForceZero minimization
 2022-10-27 13:43:17 -06:00
JacobBarthelmeh
7366a9edbd Merge pull request #5744 from SparkiDev/regression_fixes_4 
Regresssion testing fixes
 2022-10-27 11:49:52 -06:00
Sean Parkinson
fd7544ca19 Regresssion testing fixes 
Ed25519 and Ed448 need to enable certs.

If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.

Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.

MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
 2022-10-27 17:47:48 +10:00
Sean Parkinson
b1e37377a1 TLS performance fix: ForceZero minimization 
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.

ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.

Fix SP to zeroize the whole buffer.

Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
 2022-10-27 17:00:42 +10:00
JacobBarthelmeh
1c09a67f6a Merge pull request #5735 from SparkiDev/aes_gcm_c_dec_auth 
AES GCM decrypt C: don't decrypt when auth tag invalid
 2022-10-26 22:41:25 -06:00
Hayden Roche
294a26ba0c Merge pull request #5708 from JacobBarthelmeh/OCSP 2022-10-26 15:43:15 -07:00
David Garske
e26d4f84fc Improvements for AES GCM on STM32. Cleanups for STM32 example. 2022-10-26 14:10:19 -07:00
JacobBarthelmeh
33617588fc fix setting dynamic flag with ocsp and asn template 2022-10-26 10:31:50 -07:00
David Garske
0c79ca1de1 Fix for STM32 PKA with coefSign for non 256-bit curves. Don't check point for STM PKA. ZD14928 2022-10-26 09:44:58 -07:00
JacobBarthelmeh
a26b89f66b fix leak with multiple entries 2022-10-26 09:29:06 -07:00
Anthony Hu
9486721bb8 Prevent WOLFSSL_NO_MALLOC from breaking RSA certificate verfication 2022-10-26 12:11:55 -04:00
Stanislav Klima
6fa43a3d84 removed backslash 2022-10-26 15:03:31 +02:00
Sean Parkinson
dad62fc182 pk.c: rework DH API and improve PEM read/write 
Reorganized the DH APIs into groups.
Reworked all DH APIs.
Improved testing of DH API.

Implemented wolfSSL_PEM_read_RSAPublicKey() and
wolfSSL_PEM_write_RSA_PUBKEY().
Fix public key PEM write implementations to use the correct
header/footer names.
Added support for "RSA PUBLIC KEY" in header and footer in DerToPemEx().

Reworked PEM read/write APIs to be independent. No longer create an EVP
to use common function - common functionality refectored out.
Similarly file APIs don't create a BIO and call the partner APIs.

Improved testing of PEM read/write APIs.

Generic read BIO from memory BIO now returns the buffer instead of
allocating memory and reading.
No longer reading chunks when a file BIO.

Added wolfssl_make_rng() to create or get get global random. All RSA and
DH APIs now use this. DH_generate_parameters() creates a random object
and use global on error rather than just using global random.

Changed implementations to use BIO_new_fp() instead of create a new BIO
and setting file pointer.
 2022-10-26 10:28:20 +10:00