Use --enable-armasm=sha512-crypto or define WOLFSSL_ARMASM_CRYPTO_SHA512
to use SHA512 cryptographic instructions.
Checks system register for the feature before using the SHA512
instructions.
Added SHA512 input data alignment test.
Add support for SHA512/224 and SHA512/256 to ARM port.
./configure --disable-rsa --disable-ecc --disable-dsa
--enable-curve25519 --disable-ed25519 --disable-curve448
--disable-ed448 --enable-cryptonly
suites.c, testsuite.c: ensure port is an integer for snprintf.
unit.c: make memFailCount an integer for printf.
aes.c:
Reduce variable scope.
Check aes is not NULL before use in GHASH implementations.
XTS check sz is greater than or equal to a AES_BLOCK_SIZE rather than
0 as another block is processed.
wc_AesXtsEncrypt, wc_AesXtsEncrypt - simplify braces and ifdefs
wc_AesEcbEncrypt - subtracting from sz is unnecessary as is unused
after.
asn.c:
StoreKey, StoreEccKey - compiler doesn't see ret != 0 when publicKey
is NULL.
DecodeAuthInfo - count is not used when after break.
DecodeSubtree - don't use min and max as variables (already macros).
SetEccPublicKey - initialize pubSz and set sz regardless for
compiler's sake.
wc_EncodeName_ex - use unique variable 'namesASN'; ret isn't set after
last check.
SetEccPublicKey - simplify code by using else rather than check ret
wasn't set.
DecodeAsymKey - ret not modified in non-template implementaiton.
SetAsymKeyDer - ret still at initialized value here.
DecodeResponseData - ensure dataASN is freed when single->next->status
failed to allocate.
test.c:
curve255519_der_test() can't be compiled when NO_ASN is defined.
types.h:
cast to the appropriate type in EXIT_TEST
test.h
don't return anything when THREAD_RETURN is void and EXIT_TEST is for
threading with stack size.
configure --disable-shared --enable-opensslextra --enable-dsa
--enable-curve25519 --enable-ed25519 --enable-curve448 --enable-ed448
--enable-ocsp --enable-all --enable-asn=template
GetCertName() sets raw in ASN template code too.
GetBasicDate() not needed for template ASN.
SetAsymKeyDer() ASN template version now returns 0 when output is NULL
too.
./configure '--disable-shared' '--enable-curve25519' '--enable-ed25519'
'--disable-rsa' '--disable-ecc'
SetBitString() is needed now.
Close the file before return in wolfSSL_save_session_cache() and
wolfSSL_restore_session_cache().
When compiling for QEMU, the gethostbyname call doesn't have access to
the OS DNS.
Implemented a lookup of hostname that uses the system command host.
Fix for QEMU Aarch64 where 'char' is unsigned and the -1 return is being
converted to 255 in wolfSSL_OPENSSL_hexchar2int().
Test TLSv1.3 with www.google.com if wolfSSL supports it.
CMAC: cannot cast size_t* to word32* when big-endian.
SP math all: Random prime - munge bits before moving them around for
big-endian.
BIO, no filesystem: Allow BIO_prinf to be used with mem BIO.
fp_submod_ct and fp_addmod_ct need modulus (c) words plus one.
Check that the modulus length is valid for fixed data array size.
Improved fp_submod_ct to only use as many words as necessary.
Added comments to fp_submod_ct and fp_addmod_ct.
* Fix for sniffer to better handle spurious retransmission edge case. ZD 12852
* Fix for sniffer to not send alerts during application data processing.
* Fix for missing semi-colon on XFREE.
* Fix for `bench_stats_print` with stack variable name used in `bench_ecc`. Improve benchmark thread cleanup, CPU count calcuation and stat blocking logic.
* Fix for missing heap hint with RSA PSS and `WOLFSSL_PSS_LONG_SALT`. This fix will only allocate buffer if it exceeds the local buffer. Added `wc_RsaPSS_CheckPadding_ex2` to support heap hint if required. Fixed asn.c build issue with `NO_CERTS`. Fixed several spelling errors in asn.c. ZD12855.
* Improve the dynamic memory NULL checking in `wc_RsaPSS_CheckPadding_ex2` with `WOLFSSL_PSS_LONG_SALT` defined.
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
wolfSSL_Rehandshake(): don't set 'ret' unless HAVE_SESSION_TICKET
defined (otherwise compiler will complain: warning: Value stored to
'ret' is never read)
AES GCM streaming: fix 64-bit word version to compile and pass testing
Use '--enable-aesgcm=word' to get the word32 or word64 implementation
depending on the availabilty of 64-bit type.
- `EVP_PKEY_assign_RSA` should store the private key in DER format, not the
public key.
- The last call to `infoCb` in `wolfSSL_BIO_write` should provide the length of
the data to write.
- We should be able to parse RSA public keys starting with BEGIN RSA PUBLIC KEY
and ending with END RSA PUBLIC KEY.
Prototype is required when internal.h is not included and GetCA is not
defined.
wolfSSL_EVP_CIPHER_CTX_set_iv_length() is called with CBC cipher in
api.c. Function is not specificly for GCM, though not strictly needed
for CBC.
TFM:
Use register or memory for c0, c1, c2 in SQRADD and SQRADD2.
SP:
Use register or memory for vl, vh, vo in SP_ASM_MUL_ADD,
SP_ASM_MUL_ADD2 and SP_ASM_SQR_ADD.
* Adds `--enable-linuxkm-pie` and associated infrastructure, to support FIPS mode in the Linux kernel module.
* Adds `tests/api.c` missing (void) arglist to `test_SSL_CIPHER_get_xxx()`.
