wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 11:49:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,328 Commits 12 Branches 184 Tags
71b495c4222f81f90bb870ca2b0517f80cf5eb17
Commit Graph

13328 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Conlon
71b495c422 Merge pull request #3712 from miyazakh/RND_bytes 
handle size greater than RNG_MAX_BLOCK_LEN
 2021-02-09 08:26:30 -07:00
Sean Parkinson
5818923762 Merge pull request #3723 from douzzer/AesCcmEncrypt-zero-inSz-null-in 
AES-CCM null payload buffers with inSz zero
 2021-02-09 17:22:03 +10:00
Daniel Pouzzner
bdd4ceb445 aes.c: fix overwide code text in wc_AesCcmEncrypt(). 2021-02-08 21:50:29 -06:00
toddouska
0d499a28e5 Merge pull request #3725 from elms/build/fix_distcheck 
build: fix `make distcheck`
 2021-02-08 15:57:04 -08:00
Sean Parkinson
3217c7afae Merge pull request #3732 from miyazakh/setverifydepth 
issue callback when exceeding depth limit rather than error out
 2021-02-09 09:51:45 +10:00
toddouska
f14f1f37d2 Merge pull request #3673 from elms/ssl_api/get_verify_mode 
SSL: add support for `SSL_get_verify_mode`
 2021-02-08 15:40:19 -08:00
toddouska
58f9b6ec01 Merge pull request #3676 from SparkiDev/tls13_blank_cert 
TLS 1.3: ensure key for signature in CertificateVerify
 2021-02-08 15:27:05 -08:00
Daniel Pouzzner
7a583d5b4b aesccm_test(): test for (and require) BAD_FUNC_ARG when in or out pointer to wc_AesCcm{En,De}crypt() is null and inSz > 0. 2021-02-08 16:43:38 -06:00
Daniel Pouzzner
b8a019dedd AES-CCM: allow null payload buffers in wc_AesCcmEncrypt() and wc_AesCcmDecrypt() when inSz is zero, and add to aesccm_test() a test for this, tolerating early BAD_FUNC_ARG (for FIPS and arch-specific 3rd party code), and a test for the zero-length string, that must succeed. 2021-02-08 16:34:09 -06:00
David Garske
dda4c3b3c4 Merge pull request #3724 from embhorn/zd11646 
Move var declaration to top
 2021-02-08 11:09:28 -08:00
Elms
12eddee104 scripts: fix tests for out of tree distcheck 
Copying or using certs from directory relative to scripts source directory.
 2021-02-08 10:43:31 -08:00
Sean Parkinson
36d124ed2f Merge pull request #3730 from guidovranken/zd11650 
SP math: Better error propagation
 2021-02-08 14:17:43 +10:00
Hideki Miyazaki
f13186827a issue callback when exceeding depth limit rather than error out 2021-02-08 11:01:45 +09:00
Guido Vranken
358dbd5090 _sp_exptmod_base_2: Break out of loops on error 2021-02-08 00:09:29 +01:00
Sean Parkinson
2933db8915 Merge pull request #3729 from guidovranken/zd11649 
SHA 256,512: Only write hash if no error has occurred
 2021-02-08 08:47:51 +10:00
Sean Parkinson
ea4b3110e8 Merge pull request #3728 from dgarske/zd11624 
Fix for PKCS11 not properly exporting the public key due to a missing key type field
 2021-02-08 08:32:04 +10:00
Guido Vranken
bc707d67c3 SP math: Better error propagation 
ZD 11650
 2021-02-06 09:09:41 +01:00
Guido Vranken
3fd2647383 SHA 256,512: Only write hash if no error has occurred 
ZD 11649
 2021-02-06 08:15:30 +01:00
Elms
e26f1529c0 build: revert change so make generates testsuite.test 
A change to `include.am` caused `make check` to generate, but `make`
without arguments to not generate it.`
 2021-02-05 14:39:07 -08:00
Elms
c17597a4fb build: arbitrary path for make check 
To support builds in other directories, unit.test and wolfcrypt test
must be aware of the source and build directory.
 2021-02-05 12:10:32 -08:00
David Garske
70b382e6cf Fix for PKCS11 not properly exporting the public key due to a missing key type field. This broke due to changes in PR #3687. Also resolved mismatch of enum types for the key type check. 2021-02-05 11:49:31 -08:00
Elms
93ea355217 build: fix make distcheck 
Need to check if `unit.test` was run from make process and set
different path to run unit test executable.

Writing files in the dist is not allowed during distcheck so write
files to subdirectory used build during distmake
 2021-02-05 07:25:07 -08:00
Eric Blankenhorn
e4d79bf49e Move var declaration to top 2021-02-05 08:41:42 -06:00
Hideki Miyazaki
431e1c8ffe handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
David Garske
714aa97490 Merge pull request #3710 from cconlon/0202 
fix and update README.md markdown
 2021-02-02 16:15:53 -08:00
Chris Conlon
7eb71b1bb1 Merge pull request #3344 from guidovranken/PKCS7_EncodeSigned-leak-fix 
Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned
 2021-02-02 13:53:20 -07:00
Guido Vranken
f833d96ba3 Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned 2021-02-02 10:15:00 -08:00
Chris Conlon
30c1c4a4f8 fix and update README.md markdown 2021-02-02 10:38:09 -07:00
David Garske
5577a2215f Merge pull request #3708 from JacobBarthelmeh/Testing 2021-02-01 10:11:16 -08:00
David Garske
ab5f9831ab Merge pull request #3707 from douzzer/test-openssl-small-stack 
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
 2021-02-01 09:30:04 -08:00
Jacob Barthelmeh
a7066a9be2 add stdint to test.c if using non blocking ecc test 2021-02-01 23:07:03 +07:00
Jacob Barthelmeh
fd01f79f86 add guard for rsa public only 2021-01-31 23:43:53 +07:00
Daniel Pouzzner
d14f4f8451 wolfcrypt/test/test.c: smallstack refactor of openssl test routines. 2021-01-30 00:01:15 -06:00
David Garske
f5f19fda42 Merge pull request #3704 from douzzer/aesgcm-table-small-stack 
--enable-aesgcm=table --enable-smallstack
 2021-01-29 19:53:08 -08:00
Daniel Pouzzner
d0b20f90d5 wolfcrypt/test/test.c: use HEAP_HINT, not NULL, for XREALLOC() too. 2021-01-29 20:16:51 -06:00
Daniel Pouzzner
8c0100e60e blake2b.c/blake2s.c: refactor so that smallstack code paths match performance of !smallstack path. 2021-01-29 17:19:42 -06:00
Daniel Pouzzner
a332cf36b5 add DYNAMIC_TYPE_AES and DYNAMIC_TYPE_CMAC to enum in types.h, and use these where appropriate; 
in test.c: use use HEAP_HINT, not NULL in XMALLOC/XFREE calls;

fix a couple typos in aes_test() re WOLFSSL_ASYNC_CRYPT;

add various missing WOLFSSL_SMALL_STACK_STATIC qualifiers;

and streamline old smallstack refactor on-stack declarations declarations to use the much neater [1] construct.
 2021-01-29 17:17:31 -06:00
David Garske
eae4124908 Merge pull request #3705 from lechner/repology-packaging-status 
Show packaging status across Linux distributions in README.md
 2021-01-29 14:48:26 -08:00
Felix Lechner
2033970369 Show packaging status across Linux distributions in README.md (from Repology) 
Repology offers badges for wolfSSL's packaging status across all known
Linux distributions. [1] In Markdown documents, the HTML version with
a right-hand alignment uses up less space. It is added here.

The badge itself provides a hyperlink to more information [2]
including repositories in which wolfSSL is not yet represented.

[1] https://repology.org/project/wolfssl/badges
[2] https://repology.org/project/wolfssl/versions
 2021-01-29 10:40:32 -08:00
Daniel Pouzzner
0f6ae330da wolfcrypt: smallstack refactors of AES code for lkm compatibility with --enable-aesgcm=table. 2021-01-28 22:51:28 -06:00
Sean Parkinson
91299c5abd Merge pull request #3701 from dgarske/pkcs7_devId 
Fixes for PKCS7 with crypto callback (devId) with RSA and RNG
 2021-01-29 10:56:41 +10:00
David Garske
4f6deb8ae9 Merge pull request #3594 from haydenroche5/zd10911 
Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption i…
 2021-01-28 16:55:04 -08:00
Hayden Roche
fc845da9f0 Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption is on (e.g. 
during renegotiation).

This issue was brought to light by ZD 10911. When encryption is on (indicated
by the return value of IsEncryptionOn), DoHandShakeMsgType will finish up by
incrementing the input buffer index past the padding and MAC (if encrypt-then-
mac is enabled). In ProcessReply, if there are more messages to be read, the
index is decremented back before the padding and MAC. The issue arises when
ShrinkInputBuffer is called in between and copies data from the dynamic input
buffer to the static one. That function will get called with the index post-
increment, and thus the padding and MAC won't get copied into the static buffer,
which isn't what we want, since ProcessReply is going to decrement the index
since it thinks the padding and MAC are still there. This commit makes it so
the padding and MAC get included in the call to ShrinkInputBuffer when
encryption is on.
 2021-01-28 15:37:00 -06:00
David Garske
2bd63d27bf Fixes for PKCS7 with crypto callback (deviceId), where it was not being used for RSA and RNG. ZD 11163. 2021-01-28 09:52:13 -08:00
David Garske
311a0d25dd Merge pull request #3696 from JacobBarthelmeh/Testing 
fix for tested x509 small build
 2021-01-28 06:59:26 -08:00
Jacob Barthelmeh
bbcb98a8f7 fix for tested x509 small build 2021-01-27 23:00:24 +07:00
John Safranek
a1e083b5b1 Merge pull request #3689 from douzzer/fips-option-check-source 
configure.ac: check compatibility of chosen FIPS option with source
 2021-01-26 12:29:52 -08:00
John Safranek
d0e2566ad8 Merge pull request #3679 from julek-wolfssl/dtls-window 
Correct old DTLS msg rcv update
 2021-01-26 12:20:59 -08:00
Juliusz Sosinowicz
3d4f836c00 Correctly insert out of order msgs to queue 2021-01-26 15:12:08 +01:00
Daniel Pouzzner
a89087ed2d configure.ac: check compatibility of chosen FIPS option with the source tree, for early prevention of accidental attempts to build FIPS with non-FIPS source, or non-FIPS with FIPS source. 2021-01-25 17:56:28 -06:00