wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 14:12:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,014 Commits 12 Branches 184 Tags
91c131fbd891af0946ea7e0af14a05afcb06264e
Commit Graph

12014 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
91c131fbd8 Curve448: fix 32-bit implementation 
Fix small define check
 2020-08-31 09:05:06 +10:00
Sean Parkinson
d2802f2d15 Merge pull request #3264 from dgarske/iar_sp 
Fix for building SP math with IAR
 2020-08-31 08:40:50 +10:00
Sean Parkinson
f444c63560 Merge pull request #3262 from julek-wolfssl/missing-cipherExtraData-2 
HAVE_SESSION_TICKET can also be defined without TLS 1.2
 2020-08-31 08:34:54 +10:00
David Garske
5692135819 Fix for building SP math with IAR to force noinline. ZD 10839 2020-08-28 11:04:28 -07:00
Juliusz Sosinowicz
c6d1d524fc HAVE_SESSION_TICKET can also be defined without TLS 1.2 2020-08-28 16:05:28 +02:00
Sean Parkinson
015c73686f Merge pull request #3261 from dgarske/zd10848 
Fixes for several implicit cast warnings
 2020-08-28 16:49:03 +10:00
David Garske
94b0dcb7e9 Peer review feedback to add explicit parenthesis on cast. 2020-08-27 16:18:54 -07:00
David Garske
0d2e37cc42 Fixes for several implicit cast warnings. ZD 10848. 2020-08-27 13:51:55 -07:00
toddouska
d077efcbb3 Merge pull request #3237 from SparkiDev/mp_oob_1 
Fix out of bounds read when writing to very long buffer
 2020-08-24 15:28:00 -07:00
toddouska
c5cab6afba Merge pull request #3236 from dgarske/retcheck 
Various fixes and improvements (return codes, build warns and func doc)
 2020-08-24 15:27:04 -07:00
toddouska
7e6100593e Merge pull request #3223 from SparkiDev/fp_gcd_fix 
Check the error return from fp_mod in fp_gcd
 2020-08-24 15:24:20 -07:00
toddouska
cf208901fd Merge pull request #3218 from guidovranken/wc_PKCS12_PBKDF_ex-leak-fix 
In wc_PKCS12_PBKDF_ex, free outer loop variable if inner loop fails
 2020-08-24 15:23:47 -07:00
David Garske
a23b30bc18 Merge pull request #3245 from tmael/ctx_pKey 
Correct a mismatch of directives
 2020-08-24 14:39:43 -07:00
David Garske
749025963e Merge pull request #3239 from SparkiDev/ed448_cast 
Ed448: Fix compiler warning Intel -m32
 2020-08-24 10:13:25 -07:00
David Garske
47cc8d232a Fix in ED448 wc_ed448_check_key function for possible dereference of a null pointer. 2020-08-24 07:31:06 -07:00
Sean Parkinson
4f44df96dc MP: integer OOB write fix 
mp_to_unsigned_bin_len() now checks length passed in is greater than or
equal length to write.
 2020-08-24 22:48:52 +10:00
Sean Parkinson
955a53dce3 Ed448: Fix compiler warning Intel -m32 2020-08-24 16:29:48 +10:00
Sean Parkinson
e30361e186 Fix out of bounds read when writing to very long buffer 
mp_to_unsigned_bin_len() didn't handle buffers longer than maximum MP
size. Fixed tfm and sp_int versions.
 2020-08-24 09:18:07 +10:00
David Garske
7d45e85b03 Add ED448 to the "all" options. 2020-08-21 15:47:02 -07:00
David Garske
083f143c89 Fixes for warnings with minimum ECC build. 2020-08-21 15:47:02 -07:00
David Garske
51c2960407 Added function comment for wolfSSL_i2a_ASN1_OBJECT. Added heap context for wolfSSL_CertManagerCheckOCSP 2020-08-21 15:47:02 -07:00
David Garske
5f059306fd Fix for case with ssl->error not being set. 2020-08-21 15:47:02 -07:00
David Garske
03b7ac559a Fix for example return code checking. 2020-08-21 15:47:02 -07:00
toddouska
44e575b8c4 Merge pull request #3227 from dgarske/release-4.5.0-async 
Release 4.5.0 async
 2020-08-21 15:34:20 -07:00
David Garske
fd2aece058 Fix for building ECC_CACHE_CURVE without WOLFSSL_CUSTOM_CURVES. 2020-08-20 16:16:18 -07:00
David Garske
3fbaccc8a1 Fix for API unit test test_wolfSSL_X509_sign, which can have a varying length depending on if MSB is set. About 1 in 200 tests would fail. 2020-08-20 15:33:28 -07:00
David Garske
dd517fd81c Fixed several compiler warnings with inline variable declaration, deprecated func decl and small stack use of invaid memory (heap). Thanks @douzzer for these. 2020-08-20 15:13:43 -07:00
David Garske
92cf0d7b10 Fix numerous maybe-uninitialized errors in WOLFSSL_SP_SMALL and WOLFSSL_SMALL_STACK cases. 2020-08-20 15:05:20 -07:00
David Garske
25f9d15980 Fix for benchmark example when using the ECC encrypt (--enable-eccencrypt) and timing resistance. New timing resistance RNG requirements for ECC Shared Secret. 2020-08-20 14:25:06 -07:00
David Garske
1d55b2f526 Fixes for several memory leaks related to HAVE_WOLF_BIGINT. 2020-08-20 14:25:06 -07:00
David Garske
79c0fd3f29 Fix for ECC make key test not waiting for async completion. 2020-08-20 14:25:05 -07:00
David Garske
0011b7b376 Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with wc_DhKeyDecode and WOLFSSL_DH_EXTRA. Fix leak in dh_test with new call to DH key import. 2020-08-20 14:25:05 -07:00
toddouska
0fa5af9929 Merge pull request #3224 from ejohnstown/release-update 
Release v4.5.0 Supplement
v4.5.0-stable 		2020-08-20 09:34:58 -07:00
John Safranek
05671d183c update README/ChangeLog 2020-08-19 10:53:26 -07:00
Sean Parkinson
549c47de65 Handle when k is 1 or order + 1 for timing resistant ECC 2020-08-19 10:50:37 -07:00
John Safranek
362e328180 NTRU fixes 
1. When configuring for NTRU, enable static RSA.
2. The echoserver should not try to use NTRU with TLSv1.3.
 2020-08-19 10:46:03 -07:00
David Garske
1f10e77b0f Fix for SP math with WOLFSSL_VALIDATE_ECC_KEYGEN. Fixes logic error on point x/y zero check. 2020-08-19 09:30:32 -07:00
John Safranek
55632a0567 Two more out of order DTLS message fixes. 2020-08-18 17:54:25 -07:00
Sean Parkinson
38b717eb42 Clear MP in ECC to free allocated memory 2020-08-18 17:54:25 -07:00
John Safranek
113753370d Long Test Fixes 
1. Sniffer was trying to log a NULL pointer as a string. Logged a string instead.
2. Few misc fixes in ECC.
 2020-08-18 17:54:25 -07:00
Tesfa Mael
fbe0e04388 Correct mismatch of directives 2020-08-18 16:44:43 -07:00
Sean Parkinson
3a7ad4f03b Check the error return from fp_mod in fp_gcd 
Error can occur when using small stack and memory allocation fails.
 2020-08-19 08:50:27 +10:00
John Safranek
6e49a63e50 fix call to MakeAnyCert from wc_MakeNtruCert(); it was missing the new parameter 2020-08-17 17:12:11 -07:00
John Safranek
c1090cff3f update rpm-spec.in 2020-08-17 14:42:20 -07:00
toddouska
028bddd7ab Merge pull request #3215 from ejohnstown/release-4.5.0 
Release Update
 2020-08-17 13:51:23 -07:00
John Safranek
5c6da52ac1 Update release notes. 2020-08-17 09:20:53 -07:00
Sean Parkinson
cb5d6a5c12 Check ECC scalar before multiplication 
A k with more bits than in order doesn't work in ECC scalar
multiplication.
Check private key length in wc_ecc_check_key()
Check private key length in ecc_make_pub_ex()
 2020-08-17 08:39:39 -07:00
John Safranek
3be7f3ea3a Reject DTLS application data messages in epoch 0 as out of order. 2020-08-14 17:21:39 -07:00
John Safranek
ef5271dd9f fips-check script shouldn't force FIPS-ready build to be v2. 2020-08-14 14:31:50 -07:00
John Safranek
3f6861ee82 FIPS Ready Fix with ECC Timing Resistance 
Commit 6467de5 added some timing resistance to ECC shared secret
agreement. It involved adding an RNG object to the ecc keys so
a random z value can be added to the mix. The older FIPS release
has ECC outside the boundary, so it uses the new ECC code. FIPSv2
has ECC inside the boundary, but all the TLS code checks for that
version of FIPS and leaves out the calls to the new functions as
it is using an older version of ecc.c. FIPS Ready uses the latest
version of ecc.c but compiles as FIPSv2. So, the code outside of
the crypto layer is treating ECC as FIPSv2 and not calling the new
functions, but the crypto layer assumes the RNG should be present,
and errs out on testing.
1. Added a separate option for FIPS Ready to the enable-fips
   configure option. `--enable-fips=ready`. It will treat FIPS
   Ready as the next kind of FIPS release. FIPS Ready will be
   treated like FIPS v3 in the build.
2. Changed the C preprocessor checks for FIPS version 2 to be
   checks for not version 2, with respect to ECC Timing Resistance
   and FIPS builds.
 2020-08-14 10:54:55 -07:00