wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-29 03:03:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
20,087 Commits 13 Branches 184 Tags
47350fa95caed78e1599cbcc7cf48f2b34310384
Commit Graph

20087 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske 5a59807733 Merge pull request #6431 from douzzer/20230521-wolfsentry-mt-usage-fixes 
20230521-wolfsentry-mt-usage-fixes
 2023-05-22 10:05:52 -07:00
Marco Oliverio 5182fe3f7d wolfio: cleaning: use WOLFSSL_IP6 define instead of AF_INET6 2023-05-22 15:33:06 +00:00
Marco Oliverio f21c34b08d tests: EmbedRecvFrom/EmbedSendTo error if ipv6 w/o ipv6 compiled in 2023-05-22 15:33:06 +00:00
Marco Oliverio 640f9cf967 wolfio: EmbedRecvFrom: check ipv6 peer on non-ipv6 version 2023-05-22 15:33:05 +00:00
Marco Oliverio b4542ed270 tests: add dtls ignoring different peer test 2023-05-22 15:32:57 +00:00
Marco Oliverio 73f502e189 wolfio: dtls: retry instead of returning WANT_READ on different peer 
If EmbedReceiveFrom() returns WANT_READ, a blocking socket will not know how to
deal with the error. Retry the recvfrom instead adjusting the timeout.
 2023-05-22 15:31:58 +00:00
Marco Oliverio 5f293bf736 tests: add test_wolfssl_client_server_no_fail(_ex) to set client cb 2023-05-22 15:31:58 +00:00
Marco Oliverio cff580b4f0 tests: api: error out on read error in test_server_nofail 2023-05-22 15:31:58 +00:00
Sean Parkinson 98a717e1d5 Memory usage: reduce stack usage 
AES C impl: don't align to 32 bytes, align to 16 as buffer is 16 bytes
long.
SP int: Don't call _sp_mulmod but call sp_mul and _sp_div to do mod
operation. For RSA, fewer calls for mod operation means less stack used
at deepest point.
 2023-05-22 16:57:07 +10:00
Sean Parkinson 403acadf1a X509 NAME ENTRY create: ensure existing object is not lost 
wolfSSL_X509_NAME_ENTRY_create_by_txt and
wolfSSL_X509_NAME_ENTRY_create_by_NID:
 - object field was being reused if it existed but lost on error
 - extracted common code
 - store object only on success, ie object is not NULL
 2023-05-22 10:52:51 +10:00
Sean Parkinson d8e4c78960 Merge pull request #6426 from jpbland1/invariant-mp-size 
add check to sp_invmod_mont_ct to make sure the
 2023-05-22 08:14:39 +10:00
Daniel Pouzzner 3e14b34bdc wolfssl/test.h: in wolfsentry_setup(), add lock-unlock wrap before wolfsentry_route_get_main_table() (enforced by wolfSentry 1.3+, and was always required for thread safety). 2023-05-21 10:51:24 -05:00
Eric Blankenhorn 3e95ad9549 Allow wolfSSL_RAND_Init to pass if already initialized 2023-05-19 17:08:44 -05:00
JacobBarthelmeh a06bd777c0 Merge pull request #6423 from cconlon/pkcs7NoStream 
Fix PKCS#7 build with NO_PKCS7_STREAM
 2023-05-19 10:32:49 -06:00
JacobBarthelmeh 235dc95b27 Merge pull request #6420 from julek-wolfssl/atomic-use-macro 
Implement atomic operations interface
 2023-05-19 10:29:04 -06:00
David Garske 8b9e13865a Merge pull request #6383 from philljj/zd16072 
Fix session ticket leak in wolfSSL_Cleanup
 2023-05-19 09:14:07 -07:00
JacobBarthelmeh 8f4524efa0 Merge pull request #6298 from rizlik/dtls13-null-cipher 
dtls13: support Authentication and Integrity-Only Cipher Suites
 2023-05-19 10:13:44 -06:00
David Garske 10b6105505 Merge pull request #6424 from SparkiDev/coverity_2 
Coverity scan fixes
 2023-05-19 09:13:26 -07:00
John Bland 7e3aafb60c Fix for FIPS ECC integrity check with crypto callback set (#6425) 
Skip ECC private key check when the TPM is used to generate the key, since it doesn't release the private part. this option needs to be used with a FIPS approved TPM for the end result to be FIPS approved
 2023-05-19 09:12:44 -07:00
John Bland 344c3338a9 add check to sp_invmod_mont_ct to make sure the 
result integer can hold the range of the modulus
 2023-05-19 10:49:42 -04:00
András Fekete f3b66a3e26 Merge pull request #6427 from SparkiDev/scan-build_fixes_1 
scan-build fixes
 2023-05-19 10:46:00 -04:00
Marco Oliverio 35185e1a59 tests: add dtls13 null cipher test 2023-05-19 08:10:26 +00:00
Sean Parkinson 45503972f8 scan-build fixes 
sp_mulmod
 - scan-build getting confused with size of result
 - don't check result size as checked already
 - split out implementation of sp_mulmod from check

StoreEccKey
 - ensure pubKey is not NULL even though all uses will not be

GetCertKey
 - ensure source is not NULL
 - cert->source may be NULL in incorrect usages of APIs
 2023-05-19 12:17:41 +10:00
Sean Parkinson 2c34210efb Coverity scan fixes 
DecodeRsaPssParams() assumed params is never NULL. Should never be
called with NULL but check saves a NULL dereference.

PrintObjectIdText() didn't check return of call to GetObjectId. 'oid'
will retain -1 value on error and work as normal on error return.
Cleaner to check for ASN_PARSE_E and handle - other error,
ASN_UNKNOWN_OID_E, is OK for printing.
 2023-05-19 09:15:16 +10:00
Chris Conlon 6ef580ca59 fix PKCS#7 build when using NO_PKCS7_STREAM 2023-05-18 14:50:03 -06:00
JacobBarthelmeh a595f10549 Merge pull request #6421 from ejohnstown/bp-conf-desc-fix 
Configure Typo
 2023-05-18 14:07:58 -06:00
John Safranek f9dcab956e Configure Typo 
1. The description text for the brainpool enable option in configure was
   using a shell variable that ended up in the output. Switched to the
   description pattern used in other options.
 2023-05-18 10:51:04 -07:00
Juliusz Sosinowicz 466636214f Add MSVC atomics 2023-05-18 12:06:54 +02:00
Marco Oliverio 31ed2a2bbb dtls13: support Authentication and Integrity-Only Cipher Suites 
See RFC 9150. To enable the feature use HAVE_NULL_CIPHER compilation flag.
 2023-05-18 10:03:03 +00:00
Sean Parkinson 5f1ce09dce Merge pull request #6412 from JacobBarthelmeh/tls13 
add tls extension sanity check
 2023-05-18 09:33:49 +10:00
David Garske 0530ee774f Merge pull request #6418 from douzzer/20230517-linuxkm-benchmarks 
20230517-linuxkm-benchmarks
 2023-05-17 15:00:49 -07:00
oltolm 90b858492f CMake: improve build scripts (#6331) 
* make wolfssl compile with Mingw-w64

* cmake: CMAKE_SYSTEM_PROCESSOR is AMD64 on Windows

* cmake: use target_compile_definitions instead of add_definitions

* cmake: change default value of WOLFSSL_BUILD_OUT_OF_TREE_DEFAULT to ON

* cmake: link crypt32.lib on Windows

* cmake: export wolfssl

* move Config.cmake.in to cmake directory

* revert changes to .gitignore

* add Config.cmake.in to include.am
 2023-05-17 15:26:46 -06:00
jordan 9d05a4f2ed Don't orphan ticBuff pointer in wolfSSL_DupSessionEx 2023-05-17 16:25:27 -04:00
JacobBarthelmeh 2bb3ade4ac Merge pull request #6416 from embhorn/gh6413 
Fix valgrind issue with memcpy
 2023-05-17 13:46:49 -06:00
JacobBarthelmeh a5106ecda0 Merge pull request #6417 from kareem-wolfssl/docUpdates 
Update AES and Chacha documentation.
 2023-05-17 13:43:15 -06:00
Daniel Pouzzner fffff657de cleanups: line length, WOLFSSL_SMALL_STACK_STATIC, and SAVE_VECTOR_REGISTERS() failure trap in benchmark.c, proper path to benchmark.c in linuxkm/module_hooks.c, and proper casting in aes.c. also harmonized semantics and prototype of bench_ripemd(). 2023-05-17 13:00:46 -05:00
Juliusz Sosinowicz dd9edfee24 Implement atomic operations interface 2023-05-17 16:33:11 +02:00
Daniel Pouzzner 37b716192b wolfcrypt/benchmark/benchmark.c: fix typo in bench_stats_start(). 2023-05-17 02:27:04 -05:00
Daniel Pouzzner 4f4842fce6 linuxkm/linuxkm_memory.c: refactor SAVE/RESTORE_VECTOR_REGISTERS() to be per-process rather than per-CPU, and add migrate_disable/enable() to kernel_fpu_begin/end() because preempt_disable() is just a barrier on _PREEMPT_VOLUNTARY kernels; 
linuxkm/linuxkm_wc_port.h: activate SAVE/RESTORE_VECTOR_REGISTERS() whenever defined(WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS) for benchmark.c support, independent of vector crypto features;

fix and optimize various alignment issues with stack and heap allocations;

fix macro definitions for XMALLOC/XREALLOC/XFREE to correctly use kvmalloc and friends when defined(HAVE_KVMALLOC), and to use wolfSSL_Malloc() and friends when defined(WOLFSSL_TRACK_MEMORY);

purge stale LINUXKM_SIMD_IRQ code.
 2023-05-17 01:44:36 -05:00
Daniel Pouzzner fc589d664e wolfssl/wolfcrypt/mem_track.h: refactor for linuxkm compatibility, mainly by supporting NO_STDIO_FILESYSTEM. 2023-05-17 01:13:36 -05:00
Daniel Pouzzner cc1ec8ace5 wolfssl/wolfcrypt/types.h: add missing do-while-0 nonstatments to WC_FREE_VAR() and WC_FREE_ARRAY() for pedantic semicolon swallowing. 2023-05-17 01:11:01 -05:00
Daniel Pouzzner a18dc7f10a wolfcrypt/src/aes.c: in wc_AesSetKeyLocal(), add an alignment check in the haveAESNI path for WOLFSSL_LINUXKM, because the failure mode is module crash. 2023-05-17 01:07:47 -05:00
Daniel Pouzzner 40b598289f src/ssl_asn1.c: in wolfssl_asn1_time_to_tm(), initialize localTm with memset, not the zero initializer, for C++ compatibility. 2023-05-17 01:06:17 -05:00
Daniel Pouzzner 85e0bf337b fix for benign sign clash in wc_RNG_GenerateBlock(). 2023-05-17 01:05:33 -05:00
Daniel Pouzzner 5aceae1d1c src/internal.c: fix for typo (identicalInnerCondition) in DoClientHello(). 2023-05-17 01:05:14 -05:00
Daniel Pouzzner 3ad7e39dc4 refactor benchmark.c for linux kernel compatibility -- WOLFSSL_SMALL_STACK and WOLFSSL_NO_FLOAT_FMT codepaths, SAVE/RESTORE_VECTOR_REGISTERS, refactor of several stack array initializations that broke in the kernel, and replacement of an fputs() call with printf(). 2023-05-17 01:04:40 -05:00
Daniel Pouzzner 42cce9d8e5 add --enable-linuxkm-benchmarks; add check for async.{c,h} when --enable-asynccrypt; update failure message for the opensslextra AC_CHECK_HEADER() test. 2023-05-17 01:03:26 -05:00
Kareem 6cb2c84f12 Update AES documentation to clarify block size requirement. Fix parameter ordering in wc_ChaCha20Poly1305_Decrypt documentation. 2023-05-16 14:31:51 -07:00
Eric Blankenhorn 0a5a5a65a2 Fix valgrind issue with memcpy 2023-05-16 14:38:51 -05:00
JacobBarthelmeh 5194a296e0 Merge pull request #6414 from embhorn/zd16166 
Documentation for wolfSSL_CertManagerFreeCRL
 2023-05-16 10:08:51 -06:00