wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 01:35:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,171 Commits 12 Branches 184 Tags
50843b22cd0ba6021bb6a4ce87461425efe93696
Commit Graph

13171 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Blankenhorn
50843b22cd Check method for NULL 2021-01-18 16:18:49 -06:00
toddouska
563e3c6b60 Merge pull request #3628 from SparkiDev/even_mp_test 
RSA/DH test: even number error check fixup
 2021-01-18 13:39:54 -08:00
toddouska
cd78a5dfb2 Merge pull request #3630 from SparkiDev/no_fs_all 
X509 API no file system: hide wolfSSL_X509_NAME_print_ex_fp
 2021-01-18 13:39:21 -08:00
toddouska
d514cc31b3 Merge pull request #3631 from SparkiDev/rsa_vfy_only_sp_fixes 
RSA: verify only build fixes
 2021-01-18 13:38:52 -08:00
toddouska
5a7e79cbfd Merge pull request #3632 from SparkiDev/all_not_tls13_fix 
Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only op…
 2021-01-18 13:37:34 -08:00
toddouska
3bae6e2dc2 Merge pull request #3633 from SparkiDev/ecc_gen_z_fix 
ECC gen z: convert blinding value to Montgomery form before using
 2021-01-18 13:36:13 -08:00
toddouska
fff3c77568 Merge pull request #3644 from dgarske/zd11476 
Fix for sniffer with TLS v1.2 static ECDH ciphers
 2021-01-18 13:32:57 -08:00
toddouska
b1c8825e74 Merge pull request #3647 from dgarske/zd11424 
Fix for TLS v1.3 early data mac digest
 2021-01-18 13:31:44 -08:00
toddouska
67d4f7c37b Merge pull request #3658 from SparkiDev/curve25519_uint64_t 
Curve25519: replace uint64_t with word64
 2021-01-18 13:29:16 -08:00
Sean Parkinson
ac76ef8ee7 Curve25519: replace uint64_t with word64 
Remove usages of stdint.h types
Added a sword type for signed words.
 2021-01-18 17:30:36 +10:00
Sean Parkinson
eda1b52ee2 TLS 1.3 integrity only: initialize HMAC 
Ensure the HMAC object is initialized when allocated.
 2021-01-15 11:27:26 +10:00
John Safranek
0ac43bb095 Merge pull request #3618 from haydenroche5/ocsp_self_signed_issue 
Modify ParseCertRelative to ensure issuerKeyHash gets parsed and copi…
 2021-01-14 14:22:06 -08:00
Sean Parkinson
5a4dfc1a29 Don't set encrypt side if sending early data 
Make check to see if early data has been or is going to be sent.
Last message encrypted with this key is EndOfEarlyData message.
 2021-01-14 09:44:09 +10:00
David Garske
22ce25afba Merge pull request #3648 from douzzer/disable-ecc-enable-dsa 
--disable-ecc --enable-dsa
 2021-01-13 14:00:20 -08:00
Daniel Pouzzner
1e49bc2e82 asn.c/asn.h: fix --disable-ecc --enable-dsa. 2021-01-13 13:55:06 -06:00
David Garske
d7aa8e1795 Fix for issue where mac digest changes between early data and server_hello, which can leave section of response uninitialized. ZD11424 2021-01-13 11:10:12 -08:00
Sean Parkinson
382deb1f86 Merge pull request #3645 from douzzer/sp_copy_pedantic_error_handling 
sp_copy() pedantic error handling
 2021-01-13 10:05:35 +10:00
Daniel Pouzzner
f8013580df sp_int.c: fix 4 instances of "Value stored to 'o' is never read" found by LLVM9 scan-build. 2021-01-12 15:01:28 -06:00
Daniel Pouzzner
fb82114866 sp_int.c: pay attention to the return value from sp_copy(), for general hygiene and to eliminate an inlining-related warning in sp_todecimal(). 2021-01-12 14:58:29 -06:00
David Garske
aaec9832e4 Fix for sniffer with TLS v1.2 static ECDH ciphers. The sniffer will now correctly try using the key for ECC if the RSA key decode fails. ZD 11476. 2021-01-12 09:49:32 -08:00
David Garske
88faef9bd9 Merge pull request #3641 from JacobBarthelmeh/Testing 
add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen …
 2021-01-11 11:00:55 -08:00
Jacob Barthelmeh
e2b411805d add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen script 2021-01-12 00:40:15 +07:00
Chris Conlon
c57fee136a Merge pull request #3568 from miyazakh/espidf_unittest 
fix wolfssl unit test on ESP-IDF
 2021-01-07 09:18:18 -07:00
Sean Parkinson
f955c92008 ECC gen z: convert blinding value to Montgomery form before using 2021-01-07 11:30:58 +10:00
David Garske
209ad82df2 Merge pull request #3629 from ejohnstown/aarch64 
M1 Support
 2021-01-06 14:12:45 -08:00
David Garske
931dc5b29f Merge pull request #3619 from tmael/fuzz_math 
Fix for OSS-Fuzz issue #29103: out-of-bounds read in TLSX_CSR_Parse()
 2021-01-06 14:10:28 -08:00
John Safranek
d4e13796c2 M1 Support 
We separate out 64-bit desktop support based on the Intel check. With
the advent of the new Apple chip, ARM can also be a desktop processor.
Detect it like we do the Intel 64-bit, and treat it similarly with
respect to fast and normal math.
 2021-01-06 09:21:07 -08:00
Sean Parkinson
fa86c1aa91 Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only options 
configuration: --enable-all --disable-tls13
Post-handshake authentication and HRR cookie are enable with
'--enable-all' but disabling TLS 1.3 caused configure to fail.
Don't enable these TLS 1.3 only options when TLS 1.3 is disabled.

Also fix up tests that don't work without TLS 1.3 enabled.
 2021-01-06 14:19:57 +10:00
Sean Parkinson
cd0670cbd7 RSA: verify only build fixes 
configuration: --disable-ecc --disable-dh --disable-aes --disable-aesgcm
--disable-sha512 --disable-sha384 --disable-sha --disable-poly1305
--disable-chacha --disable-md5 --disable-sha3 --enable-cryptonly
--disable-inline --enable-rsavfy --disable-asn --disable-oaep
--disable-rng --disable-filesystem --enable-sp=rsa2048 --enable-sp-math
Fixes to make code build again.
 2021-01-06 11:58:15 +10:00
Sean Parkinson
5accd57c21 X509 API no file system: hide wolfSSL_X509_NAME_print_ex_fp 
configuration: --enable-all --disable-filesystem
wolfSSL_X509_NAME_print_ex_fp has XFILE as a parameter and cannot be
compiled with --disable-filesystem
 2021-01-06 11:05:58 +10:00
Sean Parkinson
10722fba14 RSA/DH test: even number error check fixup 
Configuration: --enable-sp=3072
Test only enabled when SP is used.
Return codes checked are those we expect from SP.
Code, with configuration, is compiled so that 2048-bit operations are
not going to SP and the error returns were not correct.
 2021-01-06 09:39:24 +10:00
Hideki Miyazaki
b8997d0b47 revert test_wolfssl.c changes 
add test.c as src target
 2021-01-05 16:20:42 +09:00
Hideki Miyazaki
99d4a7417a fix wolfssl unit test on ESP-IDF 2021-01-05 16:08:05 +09:00
Tesfa Mael
46e260dd61 Correct unsigned arithmetic 2021-01-04 15:48:27 -08:00
Chris Conlon
54f072fd8d Merge pull request #3607 from douzzer/WOLFSSL_TEST_SUBROUTINE 
test.c: add WOLFSSL_TEST_SUBROUTINE macro to make subtests optionally static
 2021-01-04 10:10:56 -07:00
Hayden Roche
96ece3ac7d Modify ParseCertRelative to ensure issuerKeyHash gets parsed and copied into the 
decoded cert for self-signed CA certs.

The bit of code that does this copy was previously inside a conditional that's
only entered if the certificate is not self-signed. The primary purpose of this
conditional is to set the maxPathLen field. It's possible that the copying of
the issuerKeyHash was mistakenly included in the "else" block here, when it
should be outside.
 2021-01-04 10:34:09 -06:00
Sean Parkinson
413bde9146 Merge pull request #3608 from tmael/sp_squre 
Fix SP integer square
 2021-01-04 16:29:40 +10:00
Sean Parkinson
faf7d307b4 Merge pull request #3606 from dgarske/zd11438 
Fix for possible ECC sign memory leak with custom "k"
 2021-01-04 15:39:53 +10:00
Tesfa Mael
01c27068c1 Correct SP x->used with sp_clamp() 2021-01-03 20:08:06 -08:00
John Safranek
ef56bc09f1 Merge pull request #3596 from julek-wolfssl/dtls-multiple-hellorequest 
Calling wolfSSL_Rehandshake during renegotiation should not be an error
 2020-12-31 13:53:32 -08:00
David Garske
fbb3e9fca3 Merge pull request #3605 from tmael/cm_free 
Free mutex and fix tls13.test script
 2020-12-31 08:40:35 -08:00
David Garske
c9ac64d77d Merge pull request #3609 from douzzer/lkm_kvmalloc 
use kvmalloc()/kvfree() for heap allocations in the linuxkm build
 2020-12-31 08:37:53 -08:00
Daniel Pouzzner
9dc8721032 linuxkm: on kernels >= 4.12, use kvmalloc()/kvfree() and a partial implementation of realloc() leveraging them, rather than kmalloc()/kfree()/krealloc(). this makes large allocations possible and relatively safe. note that the realloc() implementation fails gracefully when the supplied pointer is larger than the page size, but otherwise works normally. 2020-12-31 00:30:35 -06:00
Daniel Pouzzner
a2dec7ce9c test.c: work around toolchain/ecosystem bug on aarch64 linux 4.14.0-xilinx-v2018.3. 2020-12-30 20:03:13 -06:00
Tesfa Mael
9598c03716 Free mutex and fix test script 2020-12-30 17:40:15 -08:00
Daniel Pouzzner
3d88676ff1 test.c: add WOLFSSL_TEST_SUBROUTINE macro to qualify all previously global subtest handlers, defaulting to the empty string. this restores the version<=4.5 test.c namespace allowing end users to call the tests directly piecemeal. --enable-linuxkm[-defaults] sets -DWOLFSSL_TEST_SUBROUTINE=static for extra namespace hygiene. 2020-12-30 16:12:08 -06:00
David Garske
060ebd1ca2 Fix for possible ECC sign memory leak when using WOLFSSL_ECDSA_SET_K and wc_ecc_sign_set_k, where the k is not valid. ZD 11438. 2020-12-30 09:54:54 -08:00
David Garske
7fb2c0f63f Merge pull request #3603 from haydenroche5/zd11434 
Ensure that all leading zeros are skipped in sp_tohex.
 2020-12-30 08:28:52 -08:00
David Garske
1b6a988dc0 Merge pull request #3601 from tmael/mp_rand_p 
Add parameter check in sp_rand_prime()
 2020-12-30 08:20:18 -08:00
Hayden Roche
81f70fba5f Ensure that all leading zeros are skipped in sp_tohex. 2020-12-30 08:32:01 -06:00