Sean Parkinson
7b9c214b3c
Merge pull request #4985 from kareem-wolfssl/iarWarningsFix
...
Fix compilation warnings from IAR.
2022-07-04 08:23:26 +10:00
Kareem
96aedc2f47
Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx.
2022-07-01 13:18:33 -07:00
David Garske
bd75e1d6a4
Merge pull request #5307 from kareem-wolfssl/miscfixes2
...
Fix a couple of STM32 bugs, and add some missing mutex frees.
2022-07-01 09:46:22 -07:00
David Garske
0459e83a59
Merge pull request #5310 from SparkiDev/memusage_fix_1
...
TLS memusage: reduce usage
2022-07-01 09:13:05 -07:00
Sean Parkinson
7d58dc5678
TLS memusage: reduce usage
...
Reduce the amount allocated to reduce maximum overall dynamic memory
usage.
Rework ServerKeyExchange by extracting the handling of the signed data.
2022-07-01 14:24:59 +10:00
Kareem
b2e7f4a8eb
Fix cast spacing. Don't cast in wolfSSL_X509_set_version, check is valid as is.
2022-06-30 16:26:43 -07:00
Kareem
7555cd0685
Fix a couple of STM32 bugs, and add some missing mutex frees.
2022-06-30 16:11:16 -07:00
Daniel Pouzzner
2bdcbcc8be
src/tls13.c: fix whitespace.
2022-06-30 17:17:50 -05:00
Daniel Pouzzner
4f6527353b
src/{pk.c,x509.c}: style/clarity cleanups from dgarske.
2022-06-30 17:07:35 -05:00
Daniel Pouzzner
1a9388b935
src/pk.c: fix misuses around snprintf().
2022-06-30 17:07:35 -05:00
Daniel Pouzzner
28213ad198
src/x509.c: fix wolfSSL_X509_signature_print() to print raw signature algorithm as hex digits, not as an (unprintable) string; fix printed-null bug in wolfSSL_X509_NAME_print_ex() (relates particularly to calls from wolfSSL_X509_NAME_print_ex_fp()).
2022-06-30 17:07:35 -05:00
Daniel Pouzzner
5bd8288b37
fix printed-null bug in wolfssl_print_number().
2022-06-30 17:07:35 -05:00
Chris Conlon
867a1f7afa
Merge pull request #5289 from TakayukiMatsuo/tls13
2022-06-30 15:49:53 -06:00
Kareem
e09bbb1989
Fix compilation warnings from IAR.
2022-06-30 14:30:06 -07:00
TakayukiMatsuo
ba19737627
Add support for TLS1.3
2022-06-30 23:00:05 +09:00
Sean Parkinson
1ba9ea9759
Fix mismatched dynamic types
2022-06-30 13:00:57 +10:00
Sean Parkinson
f2acaa8ee9
Merge pull request #5242 from SKlimaRA/SKlimaRA/strict-verification
...
zd14249
2022-06-30 08:19:42 +10:00
Kaleb Himes
2257030792
Merge pull request #5296 from dgarske/sniffer
...
Sniffer fixes (async TLS v1.3, async removal of `WC_HW_WAIT_E` and sanitize leak)
2022-06-29 09:16:54 -07:00
David Garske
d76c46a96f
Fix for sniffer async issue with TLS v1.3.
2022-06-28 16:01:06 -07:00
Sean Parkinson
092b37f709
Merge pull request #5287 from haydenroche5/aes_ctr_clear_left_on_iv_set
...
Clear the leftover byte count in Aes struct when setting IV.
2022-06-29 08:30:01 +10:00
David Garske
e49f07694e
Fix for sniffer possible malloc of zero size causing a -fsanitize=address leak report.
2022-06-28 12:54:25 -07:00
David Garske
5ade360d9e
Fix to avoid using WC_HW_WAIT_E for sniffer. ZD14398
2022-06-28 12:38:57 -07:00
David Garske
b84b808b1b
Merge pull request #5167 from ejohnstown/cac-ext
...
Add support for some FPKI certificate cases, UUID, FASC-N, PIV extension
2022-06-27 09:06:15 -07:00
Hayden Roche
10dfd8d129
Clear the leftover byte count in Aes struct when setting IV.
...
Setting the key already does this. The same needs to be done when setting the
IV.
2022-06-26 15:56:05 +04:00
Daniel Pouzzner
047c662af8
fix math errors unmasked by change to sp-math-all as default math back end.
2022-06-24 15:56:54 -05:00
JacobBarthelmeh
8dfcc76f50
Merge pull request #5279 from embhorn/gh5273
...
Fix config with WOLFSSL_WPAS_SMALL
2022-06-24 11:22:58 -06:00
Stanislav Klima
ce977e8c0b
requested review changes 2
2022-06-24 15:37:10 +02:00
David Garske
00b82888bc
Merge pull request #4759 from dgarske/sp_math_default
...
Enable wolfSSL SP Math all (sp_int.c) by default
2022-06-23 16:14:54 -07:00
Eric Blankenhorn
1cdc81546d
Fix config with WOLFSSL_WPAS_SMALL
2022-06-23 09:19:14 -05:00
Chris Conlon
7dbf1a5154
Merge pull request #5262 from miyazakh/qt_unit_failure
2022-06-21 16:35:37 -06:00
Anthony Hu
099afe4419
errant if
2022-06-21 11:33:08 -04:00
Anthony Hu
beddc777d4
milliseconds not only for DTLS13
2022-06-21 11:07:19 -04:00
Anthony Hu
f05bcb30e0
div by 4 in milliseconds
2022-06-21 10:48:48 -04:00
Anthony Hu
ff4eabb17f
same fix to MicriumReceive
2022-06-21 10:42:20 -04:00
Anthony Hu
1e84d1eb67
Change inspired by Rizlik review comments.
2022-06-21 10:22:44 -04:00
Anthony Hu
73435389ed
Fix missing WOLFSSL_DTLS in Micrium build
2022-06-20 16:33:04 -04:00
Stanislav Klima
7c827d3a82
requested review changes
2022-06-20 11:27:09 +02:00
Sean Parkinson
fab05f2527
DH: Fix names wolSSL_* -> wolfSSL_*
2022-06-20 08:58:35 +10:00
Hideki Miyazaki
b5cac49be9
fix qt_unit_test_failure
...
add/remove spaces and line-feed to be the same as before
2022-06-18 10:04:10 +09:00
David Garske
390908bccc
Merge pull request #5236 from SparkiDev/mem_zero
...
Check memory is zeroized
2022-06-17 12:01:34 -07:00
Sean Parkinson
6a0682d422
i2d AIPs move pointer on when a pointer to a buffer is passed in
...
Restore behaviour to be compatible with OpenSSL.
Replace comparison of DER data using AsserStrEQ to use memcmp.
2022-06-17 12:36:06 +10:00
Sean Parkinson
4fc709d2af
Merge pull request #5256 from dgarske/cert_chain_der
...
Fixes for loading a DER/ASN.1 certificate chain
2022-06-17 11:55:49 +10:00
David Garske
128ebf54e9
Fix for loading certificate DER chain longer than 2 deep. Fix to properly trap BUFFER_E in ProcessUserChain. ZD14048.
2022-06-16 16:19:37 -07:00
Sean Parkinson
2834c22ce0
Merge pull request #5204 from lealem47/basicConst
...
Encoding the X509 Basic Constraint when CA:FALSE
2022-06-17 08:33:57 +10:00
Lealem Amedie
911f361285
Call RSA_To_Der instead of RSA_To_Der_ex in i2d_RSA key funcs
2022-06-16 12:26:47 -07:00
John Safranek
8f7db87f01
Merge pull request #5249 from dgarske/rsa_ifc
...
Cleanup the RSA consistency check
2022-06-16 09:14:08 -07:00
Lealem Amedie
5e63740c6c
Ensuring that X509 Basic Constraint is set when CA:FALSE
2022-06-16 08:46:52 -07:00
Marco Oliverio
6a0c6049ce
dtls: abide deadstore static analyzer warnings
2022-06-16 14:02:09 +02:00
David Garske
6d2a41b9fd
Enable wolfSSL SP Math all (sp_int.c) by default. If --enable-fastmath or USE_FAST_MATH is set the older tfm.c fast math will be used. To use the old integer.c heap math use --enable-heapmath or USE_INTEGER_HEAP_MATH.
2022-06-16 10:57:30 +10:00
Sean Parkinson
1b29f7353a
Check memory is zeroized
...
Add a define WOLFSSL_CHECK_MEM_ZERO to turn on code that checks that
memory that must be zeroized before going out of use is zero.
Everytime sensitive data is put into a allocated buffer or stack buffer;
the address, its length and a name is stored to be checked later.
Where the stack buffer is about to go out of use, a call is added to
check that the required parts are zero.
wc_MemZero_Add() adds an address with length and name to a table of
addressed to be checked later.
wc_MemZero_Check() checks that the memory associated with the address is
zeroized where required.
mp_memzero_add() adds mp_int's data pointer with length and name to
table.
mp_memzero_check() checks that the data pointer is zeroized where
required.
Freeing memory will check the address. The length was prepended on
allocation.
Realloction was changed for WOLFSSL_CHECK_MEM_ZERO to perform an
allocate, check, copy, free.
2022-06-16 10:22:32 +10:00