Commit Graph

16640 Commits

Author SHA1 Message Date
Sean Parkinson 90f53aed34 ssl.c: move out X509 store APIs to new file 2022-03-23 13:59:54 +10:00
Daniel Pouzzner d864fc9a3f Merge pull request #4972 from julek-wolfssl/asn-time-tz-diff
`mktime` may return a negative due to timezones around the unix epoch
2022-03-22 14:03:59 -05:00
David Garske cf0e4a0e3d Merge pull request #4976 from anhu/kill_tabs
Get rid of tabs I added previously.
2022-03-22 11:35:00 -07:00
Anthony Hu c41bef6486 Get rid of tabs I added previously. 2022-03-22 11:56:15 -04:00
JacobBarthelmeh c377a709e1 Merge pull request #4953 from cconlon/apiVersionDiff
More checks on OPENSSL_VERSION_NUMBER for API prototype differences
2022-03-21 16:59:06 -06:00
Anthony Hu 2babac6cb5 Merge pull request #4875 from dgarske/sniffer_async 2022-03-21 16:47:23 -04:00
David Garske 29c120356e Sniffer asynchronous support.
* Adds stateful handling of DH shared secret computation in `SetupKeys`.
* Improved the decrypt handling to use internal functions and avoid generating alerts on failures.
* Fix for sniffer resume due to missing `sessionIDSz` broken in #4807.
* Fix sniffer test cases to split resume (session_ticket) tests.
* Add `snifftest` list of build features so test script can gate running resume test.
2022-03-21 12:05:08 -07:00
David Garske c213c725d7 Merge pull request #4971 from SparkiDev/fp_div2_mod_ct_oob
TFM fp_div_2_ct: rework to avoid overflow
2022-03-21 09:11:41 -07:00
David Garske 8bf14ba1d3 Merge pull request #4957 from JacobBarthelmeh/Compatibility-Layer
alter return value and add error string
2022-03-21 09:10:04 -07:00
David Garske 08d6474878 Merge pull request #4954 from SparkiDev/rsa_fermat
RSA: check for small difference between p and q
2022-03-21 09:09:38 -07:00
David Garske b90df0a6aa Merge pull request #4951 from ejohnstown/wolfrand
wolfRand for AMD
2022-03-21 09:09:19 -07:00
Juliusz Sosinowicz d7037da0b5 mktime may return a negative due to timezones around the unix epoch 2022-03-21 17:07:13 +01:00
Juliusz Sosinowicz 9763030675 Merge pull request #4845 from cconlon/pkcs7compat 2022-03-21 15:26:37 +01:00
Sean Parkinson 8dbd8b0ad6 RSA: check for small difference between p and q 2022-03-21 10:58:14 +10:00
Sean Parkinson aa14607a6f TFM fp_div_2_ct: rework to avoid overflow
Don't set the overflow word. Instead integrate the div by 2 into the
function so that the overflow word doesn't need to be stored.
2022-03-21 10:43:06 +10:00
Sean Parkinson 2f52d3cd20 Merge pull request #4965 from dgarske/aes_win_clang
Fixes for Windows AESNI with clang
2022-03-21 08:24:21 +10:00
Hayden Roche dcaa218ed8 Merge pull request #4927 from cconlon/upRef 2022-03-18 18:10:36 -07:00
Hayden Roche 7ea6b73c7b Merge pull request #4928 from cconlon/compatCleanups 2022-03-18 16:23:56 -07:00
Hayden Roche 2637e5e361 Merge pull request #4926 from cconlon/namePrintRFC5523 2022-03-18 15:53:07 -07:00
Chris Conlon c491a6c829 EVP_PKEY_copy_parameters: correctly mark inner struct owned 2022-03-18 16:37:45 -06:00
David Garske a79daa5ea8 Merge pull request #4959 from haydenroche5/asn1_time_diff_bug
Fix bug in wolfSSL_ASN1_TIME_diff.
2022-03-18 14:28:23 -07:00
Chris Conlon 582f0d82e4 address review feedback for PKCS7 compat additions 2022-03-18 12:07:44 -06:00
JacobBarthelmeh bfee3dffc6 Merge pull request #4967 from dgarske/pubkey_size
Fix for `wc_EccPublicKeyToDer` incorrectly requiring too much buffer
2022-03-18 09:22:52 -06:00
David Garske bcce015496 Merge pull request #4964 from julek-wolfssl/wolfSSL_get_session-docs
Update `wolfSSL_get_session` docs
2022-03-18 06:51:27 -07:00
David Garske bb27fa4555 Fix for wc_EccPublicKeyToDer incorrectly requiring too much buffer. Merge error included old ASN code and incorrectly excluded ASN template. ZD13904. 2022-03-17 18:51:37 -07:00
Sean Parkinson ef66a12a24 Merge pull request #4961 from dgarske/cust_fixups
Various portability improvements (Time, DTLS epoch size, IV alloc)
2022-03-18 11:38:57 +10:00
Sean Parkinson f117308135 Merge pull request #4921 from dgarske/private_keyid
Added private key id/label support - improve PK callback public key use
2022-03-18 11:36:28 +10:00
David Garske b546b2a5ec Improve logic around private key id/label. Adds WOLF_PRIVATE_KEY_ID. 2022-03-17 14:48:30 -07:00
David Garske f954aef973 Fixes for Windows AESNI with clang. Improve 32-bit support. 2022-03-17 14:05:24 -07:00
David Garske ae25a48509 Improve the build message to not always allocate the IV (16 byte) (use fixed buffer if <= 16 bytes). 2022-03-17 14:01:57 -07:00
David Garske 3fba5d17c3 Various portability improvements:
* Change DTLS epoch size word16.
* Allow override of the `RECORD_SIZE` and `STATIC_BUFFER_LEN`.
* Remove endianness force from game build.
* Add `gmtime_s` option.
* Fix for macro conflict with `MAX_KEY_SIZE`.
* Expose functions `wolfSSL_X509_notBefore`, `wolfSSL_X509_notAfter`, `wolfSSL_X509_version` without `OPENSSL_EXTRA`.
2022-03-17 14:00:55 -07:00
Juliusz Sosinowicz 1fd090d094 Update wolfSSL_get_session docs
Recommend using `wolfSSL_get1_session` and `NO_SESSION_CACHE_REF` for session resumption purposes. `wolfSSL_get_session` should not be used unless to inspect the current session object.
2022-03-17 12:56:28 +01:00
David Garske aa8e5a29d4 Merge pull request #4947 from cconlon/compatSmallStack
Stack/smallstack cleanup for OpenSSL compatibility functions
2022-03-15 16:47:23 -07:00
Chris Conlon a52539c489 Merge pull request #4958 from TakayukiMatsuo/example 2022-03-15 17:39:07 -06:00
David Garske 5b268c0852 Merge pull request #4960 from anhu/stm32_pq_bench
Add Post-quantum KEM benchmark for STM32
2022-03-15 16:36:08 -07:00
John Safranek f80faebfe5 wolfRand for AMD
1. Add configure option to enable AMD's RDSEED.
2. Add seed parameters when building specifically for AMD using RDSEED.
3. Update the wolfCrypt test to play nice with the larger seed size.
2022-03-15 15:20:08 -07:00
Anthony Hu fbfb1fee91 Add Post-quantum KEM benchmark for STM32 2022-03-15 14:49:40 -04:00
Hayden Roche 6e6aa5b0c1 Fix bug in wolfSSL_ASN1_TIME_diff.
This function should not error out if one of the passed in times is the Unix
epoch. This amounts to erroring out when the XMKTIME returns < 0, rather than
<= 0.
2022-03-15 10:52:05 -07:00
JacobBarthelmeh d0e83be596 alter return value and add error string 2022-03-15 10:26:59 -07:00
TakayukiMatsuo 365a4de154 Fix settings and removed warnings 2022-03-16 02:12:45 +09:00
Daniel Pouzzner d531e21f34 Merge pull request #4946 from dgarske/async_earlydata
Fixes for TLS v1.3 early data with async
2022-03-15 12:12:09 -05:00
David Garske 9c29102c43 Merge pull request #4948 from SparkiDev/tls12_pa_failsafe
TLS: add peer authentication failsafe for TLS 1.2 and below
2022-03-15 09:42:56 -07:00
Chris Conlon 6762cd90da add tests for PKCS7_sign(), PKCS7_final(), SMIME_write_PKCS7() 2022-03-15 10:21:22 -06:00
Chris Conlon ce514e6fc5 add PKCS7_sign, PKCS7_final, SMIME_write_PKCS7. add signer cert verify support to PKCS7_verify, support for PKCS7_TEXT, PKCS7_DETACHED, PKCS7_STREAM 2022-03-15 10:21:22 -06:00
Chris Conlon ba4f3379ba remove unimplemented wc_MIME_* prototypes in asn.h 2022-03-15 10:21:22 -06:00
Chris Conlon a7d5e6400d add support for PKCS7_TEXT flag to PKCS7_verify() 2022-03-15 10:21:22 -06:00
David Garske 2febed01a5 Merge pull request #4949 from SparkiDev/ssl_move_conf
ssl.c: move TXT and CONF APIs out into conf.c
2022-03-15 09:02:42 -07:00
Chris Conlon f7c5c9f713 extra checks for OPENSSL_VERSION_NUMBER for API prototype differences 2022-03-15 09:41:51 -06:00
Chris Conlon 7c63dd6245 smallstack reduction for wolfSSL_set_accept_state() 2022-03-15 09:40:51 -06:00
Chris Conlon 062003916c stack/smallstack reduction for wolfssl_x509_make_der(), d2iGenericKey(), PrintPubKeyEC(), wolfSSL_EC_POINT_add() 2022-03-15 09:40:48 -06:00