wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 14:22:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,627 Commits 12 Branches 184 Tags
313d29f752f77ed539fe75936d05883fde74c3fb
Commit Graph

15627 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Pouzzner
313d29f752 linuxkm: in module_hooks.c, refactor WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED gates to WOLFSSL_LINUXKM_SIMD_X86, and add updateFipsHash(). 2021-11-09 22:02:17 -06:00
Sean Parkinson
8e0fdc64be Merge pull request #4522 from dgarske/static_eph 
Fixes and refactor for static ephemeral key support
 2021-11-10 08:22:51 +10:00
David Garske
9a83842c29 Merge pull request #4536 from luizluca/refactor_nameconstraints-permit 
ASN: refactor name constraints checks
 2021-11-09 10:44:17 -08:00
David Garske
bd0f6736c5 Merge pull request #4513 from masap/wpa_sup_dpp 
Fix X509_PUBKEY_set() to show correct algorithm and parameters
 2021-11-09 10:26:59 -08:00
David Garske
fe172ed9c1 Fix for generation of ephemeral key if static ephemeral is not set. 2021-11-09 10:14:23 -08:00
David Garske
eebed0cc1c Fix for possible ret may be used uninitialized. 2021-11-09 08:27:44 -08:00
David Garske
df82b01e68 Added x448 static ephemeral support. 2021-11-09 08:27:42 -08:00
David Garske
e91439f2eb Fixes for static ephemeral key support with threading and possible use after free. 2021-11-09 08:25:47 -08:00
David Garske
4a04e56ac8 Fix to allow calls to get TLS session random even if wolfSSL_KeepArrays has not been called. 2021-11-09 08:23:19 -08:00
David Garske
5dac25f470 Eliminate EIGHTK_BUF use in asn. Cleanup uses of 0 in set_verify for callback. 2021-11-09 08:23:19 -08:00
David Garske
1d9832c0de Merge pull request #4545 from douzzer/misc-fixes-20211105 
global typographic and file mode fixes
 2021-11-08 20:54:20 -08:00
Daniel Pouzzner
97557ed29b linuxkm: add --enable-benchmark switch (default yes) and BUILD_BENCHMARK conditional to configure.ac to allow build with testwolfcrypt but without benchmark; change gate in wolfcrypt/benchmark/include.am from if !BUILD_LINUXKM to if BUILD_BENCHMARK. 2021-11-08 18:25:15 -06:00
Daniel Pouzzner
03d5c4e6d3 test.c: fix whitespace. 2021-11-08 18:24:42 -06:00
Daniel Pouzzner
18e487069b src/internal.c: fix typo introduced in earlier "typographic cleanup". 2021-11-08 18:24:08 -06:00
Daniel Pouzzner
95bed1cdfd test.c: smallstack refactors for idea_test(), ed448_test(), and verifyBundle() (fixes various error-dependent leaks too). 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
25f74d4967 ssl.c: wolfSSL_UseALPN(): allocate char **token (2kB) on the heap, not the stack. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
f8565f26e2 fixes for --disable-harden. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
27d4bb304c test.c add smallstack refactor of pkcs7enveloped_run_vectors(). 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
26cc534dd2 wolfcrypt/test/test.c: fix memory leaks in pkcs7signed_run_[SingleShot]Vectors() added in smallstack refactor. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
11ffb037ba linuxkm/module_exports.c.template: remove accidentally added MSC clause. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
beebd1411d linuxkm/module_hooks.c: fix whitespace, and update code around WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE and updateFipsHash(). 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
8b3048a0ea wolfcrypt/test/test.c: smallstack refactors for pkcs7authenveloped_run_vectors(), pkcs7signed_run_vectors(), and pkcs7signed_run_SingleShotVectors(); typographic&whitespace cleanup. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
59ec9fc285 configure.ac: refactor setup for --enable-reproducible-build; remove mutex between --enable-sp-math and --enable-sp-math-all (they can now coexist); whitespace cleanup. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
Luiz Angelo Daros de Luca
01335e2e1c ASN: refactor name constraints checks 
Use the same logic for any type of name constraint.

It could be even cleaner if there were a altNamesByType[],
permittedNamesByType[] and excludedNamesByType[] in cert.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2021-11-08 20:29:18 -03:00
Daniel Pouzzner
8f121e7752 file modes: clear inappropriate executable bits. 2021-11-08 17:28:11 -06:00
Sean Parkinson
dd833807d8 Merge pull request #4523 from dgarske/nxp_se050_fixes 
Fixes for NXP SE050 ECC create and key store id
 2021-11-09 08:56:03 +10:00
David Garske
5a4577eb6c Merge pull request #4541 from SparkiDev/mp_hexchar_asm 
SP, TFM: fixes
 2021-11-08 14:49:02 -08:00
Sean Parkinson
49024b131e Merge pull request #4534 from JacobBarthelmeh/fuzzing 
check size of values with sp_gcd
 2021-11-09 08:40:21 +10:00
Masashi Honma
ee39fd079f Fix X509_PUBKEY_set() to show correct algorithm and parameters 
When build with OpenSSL, trailing program outputs these messages.

algorithm: id-ecPublicKey
parameters: prime256v1

But with wolfSSL, X509_PUBKEY_get0_param() fails.
This patch fixes wolfSSL to display the same values as OpenSSL.

This program was extracted from wpa_supplicant in order to reproduce the
issue.

----------------
int main(void)
{
    EVP_PKEY *pkey;
    X509_PUBKEY *pub = NULL;
    ASN1_OBJECT *ppkalg, *poid;
    const ASN1_OBJECT *pa_oid;
    const uint8_t *pk;
    int ppklen, ptype;
    X509_ALGOR *pa;
    void *pval;
    char buf[100];
    const uint8_t data[] = {
        0x30, 0x39, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
        0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x22, 0x00, 0x03, 0x33, 0x6d, 0xb4, 0xe9, 0xab,
        0xf1, 0x1c, 0x96, 0x87, 0x5e, 0x02, 0xcc, 0x92, 0xaf, 0xf6, 0xe1, 0xed, 0x2b, 0xb2, 0xb7, 0xcc,
        0x3f, 0xd2, 0xb5, 0x4e, 0x6f, 0x20, 0xc7, 0xea, 0x2f, 0x3f, 0x42
    };
    size_t data_len = sizeof(data);
    const uint8_t *p;
    int res;

    p = data;
    pkey = d2i_PUBKEY(NULL, &p, data_len);
    if (!pkey) {
        fprintf(stderr, "d2i_PUBKEY() failed\n");
        return -1;
    }

    if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) {
        fprintf(stderr, "invalid type\n");
        EVP_PKEY_free(pkey);
        return -1;
    }

    res = X509_PUBKEY_set(&pub, pkey);
    if (res != 1) {
        fprintf(stderr, "X509_PUBKEY_set() failed\n");
        return -1;
    }

    res = X509_PUBKEY_get0_param(&ppkalg, &pk, &ppklen, &pa, pub);
    if (res != 1) {
        fprintf(stderr, "X509_PUBKEY_get0_param() failed\n");
        return -1;
    }
    res = OBJ_obj2txt(buf, sizeof(buf), ppkalg, 0);
    if (res < 0 || (size_t) res >= sizeof(buf)) {
        fprintf(stderr, "OBJ_obj2txt() failed\n");
        return -1;
    }
    fprintf(stdout, "algorithm: %s\n", buf);

    X509_ALGOR_get0(&pa_oid, &ptype, (void *) &pval, pa);
    if (ptype != V_ASN1_OBJECT) {
        fprintf(stderr, "X509_ALGOR_get0() failed\n");
        return -1;
    }
    poid = pval;
    res = OBJ_obj2txt(buf, sizeof(buf), poid, 0);
    if (res < 0 || (size_t) res >= sizeof(buf)) {
        fprintf(stderr, "OBJ_obj2txt() failed\n");
        return -1;
    }
    fprintf(stdout, "parameters: %s\n", buf);

    X509_PUBKEY_free(pub);
    EVP_PKEY_free(pkey);
    return 0;
}

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-09 07:30:58 +09:00
David Garske
4453001fac Merge pull request #4550 from kareem-wolfssl/gh4547 
Fix doAsync warning in bench_ecc.
 2021-11-08 13:24:18 -08:00
David Garske
478f57b347 Merge pull request #4535 from kareem-wolfssl/zd13165 
Fix building with NO_ECC_KEY_EXPORT.
 2021-11-08 11:11:53 -08:00
David Garske
67a11df15b Merge pull request #4548 from anhu/TlS 
Fix capitalization.
 2021-11-08 11:07:00 -08:00
Kareem
2f1a37769e Fix doAsync warning in bench_ecc. 2021-11-08 11:42:05 -07:00
Anthony Hu
a28e44730c Fix capitalization. 2021-11-08 11:45:49 -05:00
David Garske
3a9be7373f Merge pull request #4532 from embhorn/zd13139 
Fix mem leak in HandleTlsResumption
 2021-11-08 08:39:45 -08:00
John Safranek
d46b140250 Merge pull request #4544 from dgarske/hmachash 2021-11-05 15:11:07 -07:00
David Garske
3941eea626 Fixes for peer review feedback. Improve the ECC key bit calculation. Improve the signature RS unsigned bin creation. 2021-11-05 14:53:20 -07:00
Kaleb Himes
ba291b519d Merge pull request #4543 from julek-wolfssl/server-echo-return 
Check correct var for `server.c` echo return.
 2021-11-05 11:26:15 -06:00
Eric Blankenhorn
d6264059ac Fix mem leak in HandleTlsResumption 2021-11-05 11:40:40 -05:00
David Garske
e9aa76b34e Merge pull request #4542 from SparkiDev/dh_enc_fix 
DH encoding: use correct length for inner sequence
 2021-11-05 08:50:43 -07:00
David Garske
4fe17cc143 Merge pull request #4527 from julek-wolfssl/zd13097 
Fix a heap buffer overflow with mismatched PEM structure ZD13097
 2021-11-05 08:50:28 -07:00
David Garske
7fca031346 Remove duplicate code in wc_HmacFree (looks like past merge error). 2021-11-05 08:20:39 -07:00
Juliusz Sosinowicz
6d89de4f11 Check correct var for server.c echo return. 2021-11-05 16:10:17 +01:00
Sean Parkinson
d01f0d7a4c DH encoding: use correct length for inner sequence 
Only affect small DH keys (like 512 bits).
 2021-11-05 15:02:14 +10:00
Sean Parkinson
dc911b94e7 SP, TFM: fixes 
HexCharToByte must be cast to a signed char as a char is unsigned on
some platforms.
Redefine the __asm__ and __volatile__ for ICC and KEIL in sp_int.c
mp_test: don't use large bit lengths if unsupported.
 2021-11-05 11:49:24 +10:00
Chris Conlon
ae84a2a326 Merge pull request #4293 from TakayukiMatsuo/set_min_proto 
Add support for value zero as version parameter for SSL_CTX_set_min/max_proto_version
 2021-11-04 14:59:34 -06:00
David Garske
74a32e92eb Rename the internal "Hash" structure used by Hmac as it is too generic. 2021-11-04 11:56:00 -07:00
David Garske
d8faa22194 Fix for ecc_def_curve_test test changes. 2021-11-04 11:54:09 -07:00
David Garske
16afe7ff87 Merge pull request #4540 from anhu/forLealem 
Changes suggest by Lealem after he tried the instructions.
 2021-11-04 11:44:18 -07:00