wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 19:59:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,709 Commits 12 Branches 184 Tags
4200cf1b4df3435c8aaf535ca92f8aef35dd23f7
Commit Graph

15709 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kareem
4200cf1b4d Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'. 2021-12-08 17:17:58 -07:00
Kareem
8de281c1d4 Fix minimum clang version for FALL_THROUGH. Not working properly before clang 11. 2021-11-19 15:16:56 -07:00
Kareem
fd6d479888 Rework ssl and ssl->arrays NULL checks, and add to SendTls13ClientHello as well. 2021-11-19 14:19:27 -07:00
Kareem
72d4dcce0f Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace. 2021-11-19 14:13:02 -07:00
Kareem
0772635972 Rework FALL_THROUGH definition to use fallthrough if defined. 2021-11-19 14:06:54 -07:00
Kareem
930e1ac473 Check ssl->arrays in SendClientHello to avoid null dereference. Allow building with fallthrough defined. 2021-11-19 14:06:54 -07:00
Chris Conlon
c3500fa24e Merge pull request #4581 from miyazakh/max_earlydata 
add get_max_eraly_data
 2021-11-19 09:42:01 -07:00
Sean Parkinson
7e81372131 Merge pull request #4583 from dgarske/zd13242 
Improve `ret` handling in the `ProcessPeerCerts` verify step.
 2021-11-19 10:22:08 +10:00
David Garske
3054f20c6a Improve ret handling in the ProcessPeerCerts verify step. 2021-11-18 14:51:09 -08:00
David Garske
2841b5c93b Merge pull request #3010 from kaleb-himes/ZD10203 
Consistency in PP checking on use of WOLFSSL_CRYPTO_EX_DATA
 2021-11-18 14:47:25 -08:00
Hideki Miyazaki
9bc159a5ec addressed review comment 2021-11-19 07:24:46 +09:00
David Garske
e33156d0dc Merge pull request #4578 from kaleb-himes/OE33_NON_FIPS_CHANGES 
OE33: Fix issues found by XCODE and add user_settings.h
 2021-11-18 06:59:43 -08:00
David Garske
d02e819e4c Merge pull request #4575 from SparkiDev/dh_enc_fix_2 
ASN: DH private key encoding
 2021-11-18 06:57:40 -08:00
Sean Parkinson
618b9619c5 Merge pull request #4571 from anhu/init_sig_algs 
Uninitialized var.
 2021-11-18 22:46:37 +10:00
Sean Parkinson
db3c0f7829 Merge pull request #4574 from masap/fix-asn1-integer-get 
Fix invalid return value of ASN1_INTEGER_get()
 2021-11-18 17:20:15 +10:00
Hideki Miyazaki
483be08b1f add definition for early_data_status compat 2021-11-18 14:21:47 +09:00
Daniel Pouzzner
6ba00f66cd Merge pull request #4573 from ejohnstown/fips-check-fix 
Fix FIPS Check Script
 2021-11-17 21:30:45 -06:00
Hideki Miyazaki
7da0d524ff add get_max_eraly_data 
support set/get_max_eraly_data compatibility layer
 2021-11-18 09:07:32 +09:00
Sean Parkinson
370570d19b ASN: DH private key encoding 
Proper fix for sequence length when small keys.
 2021-11-18 08:28:49 +10:00
Masashi Honma
4800db1f9d Enable max/min int test even when non 64bit platform 
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-18 06:58:21 +09:00
Masashi Honma
cb3fc0c7ce Fix invalid return value of ASN1_INTEGER_get() 
When DIGIT_BIT is less than SIZEOF_LONG * CHAR_BIT, ASN1_INTEGER_get() can
return invalid value. For example, with trailing program, ASN1_INTEGER_get()
unexpectedly returns -268435449 (0xf0000007) on i386.

On the i386 platform (DIGIT_BIT=28), the input value 0x7fffffff is separated
into 0xfffffff and 0x7 and stored in the dp array of mp_int. Previously,
wolfSSL_BN_get_word_1() returned 0xfffffff shifted by 28 bits plus 0x7, so this
patch fixed it to return 0xfffffff plus 0x7 shifted by 28 bits.

int main(void)
{
    ASN1_INTEGER *a;
    long val;
    int ret;

    a = ASN1_INTEGER_new();
    val = 0x7fffffff;
    ret = ASN1_INTEGER_set(a, val);
    if (ret != 1) {
        printf("ret=%d\n", ret);
    }

    if (ASN1_INTEGER_get(a) != val) {
        printf("ASN1_INTEGER_get=%ld\n", ASN1_INTEGER_get(a));
    }

    ASN1_INTEGER_free(a);

    return 0;
}

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-18 06:58:21 +09:00
Anthony Hu
ab0654bb64 remove something that slipped in 2021-11-17 16:38:30 -05:00
Anthony Hu
39edf8d206 pulled up a line. 2021-11-17 16:38:30 -05:00
Anthony Hu
49c7abb875 Changes suggested by SparkiDev. 2021-11-17 16:38:30 -05:00
Anthony Hu
5c48e74c7f 0xFF 2021-11-17 16:38:30 -05:00
Anthony Hu
0ae0b31509 The following config: 
./configure --with-liboqs --enable-all --disable-psk --enable-intelasm --enable-aesni --enable-sp-math-all --enable-sp-asm CFLAGS="-O3"

Yeilds the following erorr:

src/internal.c: In function ‘DoServerKeyExchange’:
src/internal.c:24487:28: error: ‘sigAlgo’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
24487 |                         if (sigAlgo == ed448_sa_algo &&
      |                            ^

This fixes it.
 2021-11-17 16:38:30 -05:00
kaleb-himes
38ec0bb31f Merge branch 'master' of github.com:wolfssl/wolfssl into OE33_NON_FIPS_CHANGES 2021-11-17 14:02:56 -07:00
David Garske
995ef60ff1 Merge pull request #4577 from kaleb-himes/WINDOWS_AES_OFB_ON 
Turn on AES-OFB mode in windows for FIPS=v5
 2021-11-17 12:20:19 -08:00
kaleb-himes
37db5a9ab3 Add include.am(s) for new file(s) 2021-11-17 12:05:05 -07:00
kaleb-himes
f638df3575 Fix issues found by XCODE and add user_settings.h 
Disable internal test settings by default
 2021-11-17 11:00:56 -07:00
John Safranek
ef62fab4ea Update 
1. WIN10 FIPS build should use version 5,2 now.
2. Update the v5-ready build ot use version 5,2.
3. Remove eol-whitespace from the benchmark source.
 2021-11-17 09:19:34 -08:00
Kaleb Himes
c7c682ba2a Move up to avoid breaking the patch applied for windows 2021-11-17 09:37:26 -07:00
kaleb-himes
dc6ec2b849 Turn on AES-OFB mode in windows for FIPS=v5 2021-11-17 09:22:58 -07:00
John Safranek
158ebcaa0a Add v5-RC10 to the list of allowed versions 2021-11-16 16:36:38 -08:00
Sean Parkinson
a5e581506e Merge pull request #4570 from dgarske/android_keystore 
Fixes for building wolfSSL with Android WPA Supplicant and KeyStore
 2021-11-17 08:30:01 +10:00
David Garske
e8e0bc0d49 Merge pull request #4552 from SparkiDev/sp_mod_exp_zero 
SP: mod_exp with exponent of 0 is invalid
 2021-11-16 08:29:13 -08:00
David Garske
2b3ab855dd Fixes for building wolfSSL with Android WPA Supplicant and KeyStore. 2021-11-16 08:27:30 -08:00
Sean Parkinson
33a6b8c779 Merge pull request #4531 from dgarske/cryptocb_aesccm 
Added crypto callback support for AES CCM
 2021-11-16 22:45:11 +10:00
Daniel Pouzzner
ceae7d56fa Merge pull request #4551 from ejohnstown/aes-ofb 
Add AES-OFB to FIPS boundary
WCv5.0-RC12 WCv5.0-RC11 WCv5.0-RC10 		2021-11-15 22:56:43 -06:00
Daniel Pouzzner
cae3fcb9ce Merge pull request #4569 from masap/i386-segfault 
dsa.c: fix error-path mp_clear()s on uninitialized mp_ints in wc_DsaSign() and wc_DsaVerify().
 2021-11-15 22:51:23 -06:00
Sean Parkinson
8606788198 SP: mod_exp with exponent of 0 is invalid 
Don't allow exponenetiation by 0 as it is cryptographically invalid and
not supported by the implementation.
Also check for even modulus in mod_exp.
 2021-11-16 11:27:26 +10:00
Masashi Honma
6086728968 Fix possible segfault occurs when mp_clear() is executed for uninitialized mp_int 
If NULL is passed as the digest argument of wc_DsaSign(), mp_clear() will be
called before mp_init() is called. This can cause segmentation fault.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-16 09:57:02 +09:00
Masashi Honma
f621defefe Fix the segfault occurs when mp_clear() is executed for uninitialized mp_int on i386 
test_wc_DsaSignVerify() passes the tests but causes an error.

free(): invalid pointer

If NULL is passed as the digest argument of wc_DsaVerify(), mp_clear() will be
called before mp_init() is called. On qemu-i386, the dp field of the mp_int
structure is non-null by default, which causes a segmentation fault when calling
mp_clear(). However, if WOLFSSL_SMALL_STACK is enabled, this problem does not
occur.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-16 09:56:56 +09:00
David Garske
1559e92dca Add crypto callback AES CCM test case. 2021-11-15 16:22:10 -08:00
Sean Parkinson
64407bbd7d Merge pull request #4564 from rizlik/unused_ret_value_fix 
woflcrypt/src/rsa.c: check memory allocation return value
 2021-11-16 08:56:47 +10:00
Daniel Pouzzner
c80e63a822 Merge pull request #4566 from ejohnstown/fips-check 
fips-check script update
 2021-11-15 13:23:54 -06:00
John Safranek
13871cf547 Set RC10 to be the default v5 FIPS build. 2021-11-15 10:03:50 -08:00
John Safranek
0d465cf42f Add AES-OFB to FIPSv5 build as v5-RC10 (5,2) 2021-11-15 10:03:49 -08:00
David Garske
ab74bbcfee Merge pull request #4567 from SparkiDev/sp_scripts_sync_1 
SP sync: Missing update
 2021-11-15 07:04:08 -08:00
Sean Parkinson
79f18c7585 SP sync: Missing update 2021-11-15 08:33:14 +10:00