Commit Graph

18463 Commits

Author SHA1 Message Date
Juliusz Sosinowicz 8bbbdfa3f9 Set alt name type to V_ASN1_IA5STRING 2022-10-28 19:58:01 +02:00
JacobBarthelmeh 319901a85c Merge pull request #5743 from SparkiDev/tls_perf_fix_forcezero
TLS performance fix: ForceZero minimization
2022-10-27 13:43:17 -06:00
JacobBarthelmeh 7366a9edbd Merge pull request #5744 from SparkiDev/regression_fixes_4
Regresssion testing fixes
2022-10-27 11:49:52 -06:00
Sean Parkinson fd7544ca19 Regresssion testing fixes
Ed25519 and Ed448 need to enable certs.

If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.

Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.

MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
2022-10-27 17:47:48 +10:00
Sean Parkinson b1e37377a1 TLS performance fix: ForceZero minimization
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.

ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.

Fix SP to zeroize the whole buffer.

Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
2022-10-27 17:00:42 +10:00
JacobBarthelmeh 1c09a67f6a Merge pull request #5735 from SparkiDev/aes_gcm_c_dec_auth
AES GCM decrypt C: don't decrypt when auth tag invalid
2022-10-26 22:41:25 -06:00
Hayden Roche 294a26ba0c Merge pull request #5708 from JacobBarthelmeh/OCSP 2022-10-26 15:43:15 -07:00
JacobBarthelmeh 8f2d35bb84 Merge pull request #5741 from douzzer/20221026-fixes-QUIC-and-ALPN
20221026-fixes-QUIC-and-ALPN
2022-10-26 15:03:28 -06:00
Hayden Roche b477804462 Merge pull request #5725 from julek-wolfssl/rpm-pkg 2022-10-26 13:33:16 -07:00
JacobBarthelmeh d08c204466 remove extra memset 2022-10-26 12:54:17 -07:00
Daniel Pouzzner 1608037c6b Merge pull request #5740 from JacobBarthelmeh/release
minor warning fixes
2022-10-26 14:09:01 -05:00
Eric Blankenhorn 4d36d494b2 Merge pull request #5738 from SKlimaRA/SKlimaRA/fix-backslash-random-c
removed backslash
2022-10-26 12:42:49 -05:00
JacobBarthelmeh 33617588fc fix setting dynamic flag with ocsp and asn template 2022-10-26 10:31:50 -07:00
Jacob Barthelmeh 8d6ee0b26a minor warning fixes 2022-10-26 10:48:51 -06:00
Daniel Pouzzner dfa603e502 fixes for warnings and defects around QUIC and ALPN -- fixes for clang-diagnostic-gnu-zero-variadic-macro-arguments, clang-analyzer-deadcode.DeadStores, clang-analyzer-core.UndefinedBinaryOperatorResult, clang-analyzer-security.insecureAPI.strcpy, and an overrun prevention assert in wolfSSL_ALPN_GetPeerProtocol(). 2022-10-26 11:32:06 -05:00
JacobBarthelmeh a26b89f66b fix leak with multiple entries 2022-10-26 09:29:06 -07:00
Stanislav Klima 6fa43a3d84 removed backslash 2022-10-26 15:03:31 +02:00
Sean Parkinson 2d19f00dd5 Merge pull request #5736 from douzzer/20221025-fixes-wolfsentry-and-armv7a
20221025-fixes-wolfsentry-and-armv7a
2022-10-26 12:38:01 +10:00
Sean Parkinson 8d8371ac5a Merge pull request #5717 from icing/sni-alpn-order
Changing ALPN selection to a deterministic point in the handshake.
2022-10-26 09:47:23 +10:00
JacobBarthelmeh 0f9279ce52 Merge pull request #5684 from SparkiDev/ssl_sess_version_check
SSL session retrieval: check protocol version
2022-10-25 17:29:54 -06:00
Sean Parkinson 55ab33a4a4 AES GCM decrypt C: don't decrypt when auth tag invalid 2022-10-26 09:25:28 +10:00
Daniel Pouzzner baa19c1092 tests/api.c: fix 3 clang-analyzer-deadcode.DeadStores. 2022-10-25 18:17:22 -05:00
JacobBarthelmeh 29a5c04c2e add test case 2022-10-25 15:35:37 -07:00
JacobBarthelmeh 7381846edb fix case of copying over status to existing struct 2022-10-25 15:33:17 -07:00
Daniel Pouzzner 2575047ea2 wolfcrypt/src/port/arm/armv8-aes.c: define FIPS_NO_WRAPPERS, rather than undefine HAVE_FIPS, to fix FIPS builds. 2022-10-25 17:24:34 -05:00
Daniel Pouzzner e464d374c0 fix whitespace. 2022-10-25 17:24:34 -05:00
Daniel Pouzzner 263123e7b4 wolfssl/test.h: add unsigned attribute to type of buffer passed to wolfsentry_config_json_feed() (sync with wolfsentry e22878b666). 2022-10-25 17:24:34 -05:00
Daniel Pouzzner 084fabc733 Merge pull request #5731 from SparkiDev/armv7a_aes_fixup
AES-CBC decrypt ARMv8 no hw crypto: fixes
2022-10-25 17:23:45 -05:00
Hayden Roche 5c3b3e6ede Merge pull request #5733 from ejohnstown/assert-whitespace 2022-10-25 13:45:54 -07:00
John Safranek e803e5916c Assert Consistency
1. Make whitespace in asserts consistent.
2. Added typecasting of the string inputs for AssertStr.
2022-10-25 11:42:51 -07:00
Hayden Roche e7a121325b Merge pull request #5720 from julek-wolfssl/nid-defines 2022-10-25 10:34:59 -07:00
David Garske d052feeff2 Merge pull request #5675 from embhorn/zd14968
Fix coverity issues
2022-10-25 10:08:40 -07:00
Hayden Roche 2b72a50688 Merge pull request #5662 from Uriah-wolfSSL/haproxy-update-2.6.0 2022-10-25 07:47:54 -07:00
Juliusz Sosinowicz 2ae815e2ee Use WOLFSSL_ERROR_MSG for error logs 2022-10-25 13:13:44 +02:00
Juliusz Sosinowicz 55091c6464 Add small test 2022-10-25 13:13:14 +02:00
David Garske 370b9f4d40 Merge pull request #5729 from JacobBarthelmeh/Benchmark
fix for define guards in benchmark app
2022-10-24 19:54:35 -07:00
Sean Parkinson e9a7c36c7b AES-CBC decrypt ARMv8 no hw crypto: fixes
Handle in and out buffer being the same.
2022-10-25 11:32:47 +10:00
Sean Parkinson 9d1ed9c5d1 Merge pull request #5728 from douzzer/20221024-armv7a-enable-all
20221024-armv7a-enable-all
2022-10-25 11:28:31 +10:00
Jacob Barthelmeh 65d7d43497 use a check for if defined rather than value of macro 2022-10-24 16:32:19 -06:00
Daniel Pouzzner 3677253b55 fixes and comments for buildability, warnings, and clarity, re WOLFSSL_ARMASM_NO_HW_CRYPTO, in configure.ac, wolfcrypt/src/port/arm/armv8-aes.c, and wolfcrypt/test/test.c. 2022-10-24 17:31:48 -05:00
Jacob Barthelmeh eb4c3e06eb revert NO_MAIN_DRIVER behavior in benchmark app 2022-10-24 16:27:23 -06:00
Uriah Pollock 19e30b081f Resolved sanitizer issue. 2022-10-24 16:27:18 -05:00
Hayden Roche 010fb64f74 Merge pull request #5718 from kareem-wolfssl/fpMaxBits 2022-10-24 12:27:59 -07:00
Stefan Eissing 879f788bb9 Setting ssl->alpn_peer_requested_length to 0 when freeing ssl->alpn_peer_requested. 2022-10-24 10:27:16 +02:00
Stefan Eissing a1203917c5 Update after review by haydenroche5. 2022-10-24 10:17:29 +02:00
David Garske 53bc10eb76 Merge pull request #5723 from Anthony-Tatowicz/ECC384-benchmark
Add SECP384 and SECP521 to bench
2022-10-22 11:03:26 -07:00
David Garske 3aec9a15ce Merge pull request #5726 from ejohnstown/nucleus-thread
Nucleus Thread Types
2022-10-21 20:22:39 -07:00
Anthony Tatowicz 1f82e90dbf Add SECP384 and SECP521 to bench 2022-10-21 18:50:59 -05:00
Hayden Roche 4859a00c2a Merge pull request #5698 from SparkiDev/aes_arm32_no_hw 2022-10-21 12:34:22 -07:00
Hayden Roche a60a15d544 Merge pull request #5721 from philljj/zd15011 2022-10-21 12:32:03 -07:00