cc452adff1
Merge pull request #2465 from JacobBarthelmeh/Fuzzer
...
sanity check on length before read
2019-09-19 13:34:42 -07:00
523b1801ed
Cleanup of the wc_ecc_sign_hash function to separate the async logic. This improves the ECC r/s local case to appease static analyzers. Fixes https://github.com/wolfSSL/wolfssl/issues/2342 .
2019-09-19 13:33:02 -07:00
ab86e78cbe
Merge pull request #2458 from JacobBarthelmeh/Certs
...
macro guards for re-defines
2019-09-19 12:54:26 -07:00
6aecdf59c1
Fixes for async build and tests.
2019-09-19 12:30:05 -07:00
ae25027135
Fix for TLS v1.3 and PK callbacks.
2019-09-19 12:07:14 -07:00
1493b94b27
Eliminate async NUMA allocation for wc_ecc_gen_k. Additional DECLARE_VAR checks. Improve mp_rand to avoid alloc in async case.
2019-09-19 11:34:59 -07:00
f532143094
adjust CheckASNTag to be GetASNTag
2019-09-19 02:09:51 -06:00
5c5aa45a5e
addressed review comments
...
tsip_usable() reconstruction
2019-09-19 14:35:23 +09:00
a37b604da9
addressed review comments
2019-09-19 11:18:52 +09:00
63d61c490d
addressed review comments
2019-09-19 11:18:52 +09:00
a6b2d1621b
Free memory for a msg buffer when calling wc_ShaxxxFree()
2019-09-19 11:18:52 +09:00
778a2065ab
Replaced key information by dummy data
2019-09-19 11:18:52 +09:00
cb0184fe98
update Readme, added file header etc
2019-09-19 11:18:52 +09:00
a292e69d3f
update readme
2019-09-19 11:18:52 +09:00
5c6f6fdb7d
Renesas TSIP Support
...
merged from private repo
removed unneccessary #include
make line as 80 characters
added simple tls server
Disable TLS-linked API use when being SERVER SIDE, still use certificate verify API
Added utility tools, generate signature arrays etc
added vars to store tsip hmac keys
fix build failure when disabling dc_printf
2019-09-19 11:18:52 +09:00
0bc16d47e2
Add support for prime checking to sp_int.c
...
This allows SP to support:
- DH parameter checking
- DH parameter generation
- RSA key generation
Improved performance of sp_mod operation.
Reworked some functions to have one exit point (return statement).
Fixed sp_sub_d().
Changed tests to perform 2048-bit RSA key generation only when using SP
math.
Fixed Intel x86_64 C file to not have DH specific functions available
unless WOLFSSL_HAVE_SP_DH is defined.
Fixed tfm to return an error when t is not the correct size in
fp_isprime_ex().
2019-09-19 09:08:15 +10:00
bdbe0943cf
Add function to print network interface and IP Address
2019-09-18 19:57:19 +01:00
4ef8f53c9e
PR Review Changes
...
1. Add more documentation
2. Add cleanup functions for client and server before return
3. Add the ability for client to use a hostname for SERVER_IP
2019-09-17 14:59:43 -06:00
946a0f593f
Merge pull request #2472 from SparkiDev/enc_then_mac_fix
...
Enc-Then-MAC: when message size is less than digest size return error
2019-09-17 08:57:26 -07:00
f0e774d1e1
Merge pull request #2420 from kojo1/KDS-proj
...
add KDS sample project
2019-09-17 11:53:04 -04:00
bdad0fa53f
Merge pull request #2443 from miyazakh/fix_esp_examples
...
Fixed examples for esp-idf
2019-09-17 11:47:39 -04:00
0e5de0c076
Fix to only AddCA when its CA type and veryNone is not set.
2019-09-17 07:56:02 -07:00
2c2907c2a5
Enc-Then-MAC: when message size is less than digest size return error
2019-09-17 11:23:43 +10:00
b7c08988dc
Fix for verify callback override of intermediate CA provided by peer not being added to trusted CA list.
...
Feature: Added support for testing date override at build-time using `TEST_BEFORE_DATE`.
```
./examples/server/server -H overrideDateErr -A ./certs/ca-cert.pem -k ./certs/server-key.pem -c ./certs/intermediate/server-chain.pem &
./examples/client/client -D -A ./certs/ca-cert.pem -k ./certs/client-key.pem -c ./certs/intermediate/client-chain.pem
```
2019-09-16 14:47:55 -07:00
708556d5c7
adjust sha3 typedef
2019-09-16 10:40:56 -06:00
3b7b81fea7
add local CheckASNTag function
2019-09-15 23:06:11 -06:00
326f02d76d
Fix for buffer overrun check logic.
2019-09-15 23:04:13 -06:00
e6c48327c1
sanity check on length before read
2019-09-15 23:04:13 -06:00
000fc64f27
Fixes from overnight build failures
...
ssl.c: Certificate store fields freed without being NULLed and then
freed again.
integer.c: Compiler complained that a->dp may be NULL in mp_set_bit when
setting bit.
pkcs12.c: ret is zero after GetLength and this is an error but data is
freed only when ret != 0.
pkcs7.c: derArr was not zeroized for full allocated size.
2019-09-16 10:21:08 +10:00
9d69f17f17
Merge pull request #2468 from tmael/RSA_inline
...
Fix for RSA inline
2019-09-13 13:46:33 -07:00
9d3d170411
Merge pull request #2456 from dgarske/freedom_unleashed
...
Support for SiFive HiFive Unleashed board
2019-09-13 11:58:11 -07:00
40fc86dfd2
Merge pull request #2464 from SparkiDev/rshift_neg
...
Use constant time comparison in MaskMac with scanStart and macStart
2019-09-13 11:56:12 -07:00
a2d3da2831
Merge pull request #2463 from ejohnstown/maintenance-dtls
...
Maintenance DTLS
2019-09-13 11:53:20 -07:00
6894dde4e9
Merge pull request #2460 from dgarske/debug_buffer
...
Improvements to `WOLFSSL_BUFFER` function
2019-09-13 11:49:20 -07:00
b70f22e21a
1. Use the session deallocator on the deserialized session in the client.
...
2. Free the flatten session if the size check fails.
2019-09-12 16:04:34 -07:00
09541082d6
Merge pull request #2416 from kojo1/OCSP-error
...
Detail error code
2019-09-12 16:51:34 -04:00
4e62d1f509
Fix for RSA inline
2019-09-11 22:57:54 -07:00
c27a4b3865
TLS Maintenance
...
When serializing the WOLFSSL_SESSION, serialize everything.
2019-09-11 16:44:54 -07:00
852d50adcf
DTLS Maintenance
...
To go with the fix for the functions wolfSSL_(i2d|d2i)_SSL_SESSION,
modify the example client to use a serialized session record for
resumption instead of the direct reference into the session cache. This
change only happens when OPENSSL_EXTRA and HAVE_EXT_CACHE are defined.
2019-09-11 15:29:57 -07:00
2a1a9f36cc
Use constant time comparison in MaskMac with scanStart and macStart
...
Right shift of a negative value is undefined.
Add an 'int' return version of constant time greater than equal.
Change equal and not equal to be constant time in more situations.
2019-09-11 10:57:23 +10:00
ed06f34f55
Updated benchmarks running at 1.5GHz (default is 1 GHz).
2019-09-10 16:09:18 -07:00
22c398494e
DTLS Maintenance
...
The options to switch on and off the code to serialize/deserialize items
in the struct need to match the options for the struct.
(ZD5130, ZD5590)
2019-09-10 16:01:48 -07:00
e93e3b60da
DTLS Maintenance
...
Allow the DTLS server to retransmit a stored flight of messages in an additional acccept state.
(ZD5644)
2019-09-10 11:51:38 -07:00
def36ddfe8
Added instructions for installing Debian on Unleashed board.
2019-09-10 09:16:35 -07:00
66b76a4420
Improvements to WOLFSSL_BUFFER function to eliminate recursive call and use snprintf for string safety. Adds support for build-time change of LINE_LEN.
2019-09-10 08:57:35 -07:00
645f8ddd31
Update RISC 64-bit detection to use __riscv_xlen.
2019-09-10 07:47:28 -07:00
eb2aa3dce1
macro guards for re-defines
2019-09-09 19:24:45 -06:00
99252cc936
Merge pull request #2399 from dgarske/ovs
...
Compatibility changes for OpenVSwitch
2019-09-09 16:02:27 -07:00
95d3289fa2
Merge pull request #2437 from kaleb-himes/ZD_5546_IAR_CC_CHECK
...
Fix failing IAR builds, thanks to Joseph C. for the report
2019-09-09 11:42:19 -07:00
88036db223
Visual Studio Solution for Azure Sphere Devices
2019-09-09 10:50:56 -06:00
toddouska
David Garske
John Safranek
Jacob Barthelmeh
Hideki Miyazaki
Sean Parkinson
Aaron Jense
Chris Conlon
Tesfa Mael