Commit Graph

16507 Commits

Author SHA1 Message Date
Chris Conlon 76014260f6 add EC_KEY_up_ref() and unit test 2022-03-07 16:31:09 -07:00
Hayden Roche a9cc1ca877 Merge pull request #4924 from dgarske/coexist_fixes 2022-03-07 13:00:22 -08:00
John Safranek 0e0ac14bbf Merge pull request #4901 from SparkiDev/kcapi_ecdh_fixes
Fixes for KCAPI ECDH/DH and page alignment
2022-03-07 11:01:16 -08:00
David Garske e7041d2315 Merge pull request #4929 from SparkiDev/siphash_clang
SipHash: Replace gcc specific ASM instruction with generic
2022-03-07 10:34:13 -08:00
Sean Parkinson 3b4ba669d4 Merge pull request #4922 from dgarske/async_disable_fixes
Fixes for async disables around the DevCopy calls
2022-03-07 13:51:09 +10:00
Sean Parkinson d5989dc15e SipHash: Replace gcc specific ASM instruction with generic
clang would not compile movxzb.
Replaced with movzbq.
2022-03-07 08:49:28 +10:00
Sean Parkinson a68261cd82 Merge pull request #4757 from kareem-wolfssl/xstatstruct
Add separate "struct stat" definition XSTAT_TYPE to make overriding XSTAT easier.
2022-03-07 08:32:05 +10:00
Sean Parkinson 7006efe97f Merge pull request #4861 from JacobBarthelmeh/ECC
Deterministic ECDSA: fix for larger curve sizes
2022-03-07 08:26:35 +10:00
Sean Parkinson 84beb5ed7b Merge pull request #4918 from miyazakh/enableall_earlydata
enable early data when specifying `--enable-all` option
2022-03-07 08:05:36 +10:00
Daniel Pouzzner 9be0633ce3 Merge pull request #4824 from dgarske/fips_ready_user
User settings template for FIPS v5 ready
2022-03-05 07:52:03 -06:00
Chris Conlon 2fc47fedee Merge pull request #4900 from miyazakh/esp_waituntil
Fix wait-until-done in rsa hw primitive acceleration of ESP-IDF port
2022-03-04 17:32:06 -07:00
David Garske 0c3b9c733f Fixes for KCAPI ECDH/DH and page alignment. ZD 13763 2022-03-04 15:06:16 -08:00
Kareem 719ed213d5 Add separate "struct stat" definition XSTAT_TYPE to make overriding XSTAT easier. 2022-03-04 14:54:56 -07:00
David Garske 3839b0e675 Fixes for building wolfSSL along side openssl. 2022-03-04 12:06:24 -08:00
David Garske ce8ef8f7c6 Merge pull request #4913 from kareem-wolfssl/makeClean
Allow disabling forced 'make clean' at the end of ./configure.
2022-03-04 12:02:08 -08:00
Chris Conlon e1829e614d Merge pull request #4820 from haydenroche5/evp_pkey_paramgen
Add wolfSSL_EVP_PKEY_paramgen to the compatibility layer.
2022-03-04 11:49:21 -07:00
Jacob Barthelmeh a4a4bdc20f fix typo, add macro guard, remove dead code path 2022-03-04 10:49:11 -07:00
Hideki Miyazaki 90355df4b0 disable early data for --enable-distro
addressed jenkins failure
2022-03-04 17:00:29 +09:00
David Garske e91f0f173b Fixes for async disables around the DevCopy calls. ZD13824 2022-03-03 16:33:18 -08:00
Kareem 09e7b7150f Allow overriding make command used for make clean with make. 2022-03-03 15:51:26 -07:00
Hayden Roche 9ec30f02a6 Merge pull request #4898 from kaleb-himes/140-2-ready 2022-03-03 14:43:02 -08:00
Kaleb Himes 0e8066dda0 Fix typo 2022-03-03 11:45:42 -07:00
Jacob Barthelmeh d1212f9247 add P521 test case and fix for k generation 2022-03-03 10:44:24 -07:00
David Garske 2567cd5e5a Merge pull request #4912 from julek-wolfssl/ZD13742
Check `input` size in `DecodeNsCertType`
2022-03-03 08:22:49 -08:00
David Garske 3a5f78b55a Merge pull request #4919 from julek-wolfssl/ZD13737
Reported in ZD13737
2022-03-03 08:22:11 -08:00
Sean Parkinson 63e4ba5854 Merge pull request #4906 from julek-wolfssl/ZD13606-master
Fix issues reported in ZD13606
2022-03-03 21:27:22 +10:00
Juliusz Sosinowicz bdb7399398 Reported in ZD13737
Implement `wolfSSL_BIO_eof` support for most available BIO's
2022-03-03 10:25:09 +01:00
Juliusz Sosinowicz c7c3ee00bb Address code review
- Use functions instead of accessing `BIO` members
- Add `wolfSSL_BIO_method_type`
2022-03-03 10:09:41 +01:00
Hideki Miyazaki b45bbdc078 enable early data when enabled all 2022-03-03 16:36:03 +09:00
David Garske dad2332a95 Merge pull request #4917 from kaleb-himes/TIRTOS_KDF_ADD
Add the new kdf.c file to the TIRTOS build
2022-03-02 17:02:47 -08:00
Jacob Barthelmeh 56de8cd622 add check on hash size passed in 2022-03-02 16:52:04 -07:00
David Garske 5d0614c630 Merge pull request #4911 from SparkiDev/enc_pem_cbc_padding
ASN PemToDer: remove padding when AES_CBC encrypted
2022-03-02 14:32:45 -08:00
Sean Parkinson 59970d94f5 Merge pull request #4908 from dgarske/tick_pad
Fix for padding in session tickets
2022-03-03 08:20:35 +10:00
kaleb-himes 25556dea8d Add the new kdf.c file to the TIRTOS build 2022-03-02 14:56:46 -07:00
David Garske d86122a5e7 Merge pull request #4909 from JacobBarthelmeh/PKCS12
refactor PKCS12 parse key creation
2022-03-02 12:37:06 -08:00
Kareem deea6261e9 Allow disabling forced 'make clean' at the end of ./configure. 2022-03-02 13:20:22 -07:00
Jacob Barthelmeh aa18209c99 free buffer since pkey struct makes its own copy 2022-03-02 09:59:21 -07:00
Juliusz Sosinowicz f846aceee2 Check input size in DecodeNsCertType 2022-03-02 17:17:17 +01:00
Sean Parkinson 8b24be04e8 ASN PemToDer: remove padding when AES_CBC encrypted 2022-03-02 11:33:44 +10:00
David Garske 119f2d2651 Fix for padding in session tickets. Adds padding based on WOLFSSL_GENERAL_ALIGNMENT. Increases enc_len to 32-bit. Related to PR #4887 2022-03-01 15:40:57 -08:00
Sean Parkinson d1ba82d5e5 Merge pull request #4903 from julek-wolfssl/psk-resuming-certs
OpenSSL considers PSK resuming
2022-03-02 08:57:40 +10:00
Jacob Barthelmeh b03233a35e handle free'ing up items in fail case 2022-03-01 15:24:53 -07:00
Hideki Miyazaki c3e7ff0e61 addressed code review 2022-03-02 07:09:33 +09:00
Jacob Barthelmeh 45ff8af026 refactor PKCS12 parse key creation 2022-03-01 14:49:59 -07:00
David Garske b21036947c Merge pull request #4894 from SparkiDev/sp_p521_hashlen_fix
SP P521: hash len needs special attention when 521 bits
2022-03-01 12:04:51 -08:00
David Garske 71056f6591 Merge pull request #4902 from SparkiDev/tlsx_usc_leak
TLSX: supported groups in temporary not always freed
2022-03-01 12:04:35 -08:00
Juliusz Sosinowicz a104cf887e Ticket failure should result in a regular handshake 2022-03-01 10:34:43 +01:00
Juliusz Sosinowicz 645f385031 Fix BioReceive for closed connection
The pending check was forcing a `WOLFSSL_CBIO_ERR_WANT_WRITE` return even though the underlying socket was closed and `WOLFSSL_BIO_FLAG_READ|WOLFSSL_BIO_FLAG_RETRY` was not set. The `wolfSSL_BIO_ctrl_pending(ssl->biord) == 0` is old and I can't find a reason to keep checking it. I left it just in the case where there is output data pending.
2022-03-01 10:34:20 +01:00
Juliusz Sosinowicz 5aef687414 OpenSSL considers PSK resuming
- `SSL_VERIFY_FAIL_IF_NO_PEER_CERT` check passes on a TLS 1.3 PSK connection that isn't a ticket
2022-03-01 10:09:24 +01:00
Sean Parkinson 605d701113 SP P521: hash len needs special attention when 521 bits
Need to right shift number down when hash is more than 521 bits.
Previously handled at a byte level and now at bit level.
Always return err from sp_*_ecc_mulmod_add_only_*().
When ECC add and double points are public and only have SP
implementation, check that the point ordinates are the right size.
2022-03-01 09:56:22 +10:00