wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 14:42:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,814 Commits 12 Branches 184 Tags
9e73c324a4095e647a48d0bd4ea3d2e4c2d2f4bb
Commit Graph

5780 Commits

Author SHA1 Message Date
Sean Parkinson
9f6aa36866 Merge pull request #4629 from dgarske/zd13337 
Additional checking for side on TLS messages
 2021-12-07 10:13:44 +10:00
Sean Parkinson
d5c27fca7d Merge pull request #4626 from JacobBarthelmeh/certs 
add human readable string of IP
 2021-12-07 08:23:31 +10:00
Chris Conlon
e45c33a771 Merge pull request #4624 from miyazakh/jenkins_qt_failure 2021-12-06 09:53:34 -07:00
David Garske
54c3e0ac73 Additional checking for side on TLS messages. ZD13337 2021-12-03 11:49:08 -08:00
Jacob Barthelmeh
1ec86ee4cc add human readable string of IP 2021-12-02 16:04:58 -07:00
David Garske
b4c6140b64 Merge pull request #4442 from julek-wolfssl/kerberos 
Add Kerberos 5 support
 2021-12-02 09:07:34 -08:00
Hideki Miyazaki
a5bd6cde8d fix nigtly jenkins Qt Job failure 2021-12-02 16:37:48 +09:00
David Garske
9f611e8b80 Merge pull request #4589 from JacobBarthelmeh/native-lwip 
Native LwIP support update
 2021-12-01 10:37:13 -08:00
Sean Parkinson
d06ada2ccc Merge pull request #4610 from julek-wolfssl/nginx-1.21.4 
Add support for Nginx 1.21.4
 2021-12-01 22:27:12 +10:00
Juliusz Sosinowicz
aac1b406df Add support for Nginx 1.21.4 
- Add KEYGEN to Nginx config
- Check for name length in `wolfSSL_X509_get_subject_name`
- Refactor `wolfSSL_CONF_cmd`
- Implement `wolfSSL_CONF_cmd_value_type`
- Don't forecfully overwrite side
- `issuerName` should be `NULL` since the name is empty
 2021-12-01 09:49:52 +01:00
David Garske
a0300f7ab0 Fixes for ECDSA_Size. If group is unknown set to -1, otherwise defaults to first ECC index. Fix the signature size calculation to use our existing enum and calculation logic. ZD13303 2021-11-30 12:33:49 -08:00
David Garske
29517fd617 Merge pull request #4609 from danielinux/tls13_hkdf_callback 
TLS 1.3: Add HKDF extract callback
 2021-11-30 10:59:44 -08:00
Daniele Lacamera
c3b1d9f9e7 Cosmetic and prototypes changes after reviewer's comments 2021-11-30 10:06:54 +01:00
Daniel Pouzzner
a33ae21801 whitespace cleanups and portability/pedantic fixes 2021-11-29 23:58:39 -06:00
Jacob Barthelmeh
f7c34d22e6 add calls to user callback and adjust formating 2021-11-29 15:56:00 -07:00
Chris Conlon
7221e06ff7 Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio 2021-11-29 15:32:48 -07:00
Daniele Lacamera
57fb5453cb Support for HKDF Extract callback 2021-11-29 14:51:13 +01:00
Hideki Miyazaki
fb4e39f00a addressed review comments prt1 2021-11-26 16:03:42 +09:00
David Garske
dcc2a2852c Merge pull request #4590 from JacobBarthelmeh/fuzzing 
sanity check on pem size
 2021-11-22 16:09:13 -08:00
Juliusz Sosinowicz
0de4136ad6 Rebase fixes 2021-11-22 13:10:55 +01:00
Juliusz Sosinowicz
5fc2dadde1 Fix issue in wolfSSL_BN_rand_range causing random errors 2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
1d7b2de074 Code review changes 2021-11-22 11:48:31 +01:00
Juliusz Sosinowicz
3da810cb1b Implement OpenSSL API's 
- `OBJ_DUP`
- `i2d_PKCS7`
- `BN_rshift1
- `BN_rshift` testing
- Add `--enable-krb`
 2021-11-22 11:47:58 +01:00
Juliusz Sosinowicz
e7c5f137be Implement BN_rand_range 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
82a9f74476 Compat updates 
- implement `wolfSSL_PEM_X509_INFO_read`
- `wolfSSL_EVP_CipherUpdate` no-ops on `NULL` input
- add md4 support to `wolfSSL_EVP_MD_block_size` and `wolfSSL_EVP_MD_size`
 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
ccbe184434 Implement CTS 
Ciphertext stealing on top of CBC is implemented with `wolfSSL_CRYPTO_cts128_encrypt` and `wolfSSL_CRYPTO_cts128_decrypt` APIs
 2021-11-22 11:45:27 +01:00
Juliusz Sosinowicz
fa662c2ab1 AES_cbc_encrypt enc parameter flipped. 1 = encrypt 0 = decrypt 
This change makes the `enc` parameter of `AES_cbc_encrypt` consistent with OpenSSL. This commit flips the meaning of this parameter now.
 2021-11-22 11:45:27 +01:00
Hideki Miyazaki
82eb23b300 addressed jenkins failures 2021-11-20 10:15:57 +09:00
David Garske
5182e2a8c8 Merge pull request #4580 from kareem-wolfssl/minor_fixes 
Check ssl->arrays in SendClientHello to avoid null dereference.  Allow building with fallthrough defined.
 2021-11-19 16:55:01 -08:00
Hideki Miyazaki
d00c7641ae addressed jenkins failure 2021-11-20 09:14:21 +09:00
David Garske
617668b9aa Merge pull request #4585 from kareem-wolfssl/encryptMacFix 
Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined.
 2021-11-19 13:45:16 -08:00
Kareem
fd6d479888 Rework ssl and ssl->arrays NULL checks, and add to SendTls13ClientHello as well. 2021-11-19 14:19:27 -07:00
Kareem
72d4dcce0f Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace. 2021-11-19 14:13:02 -07:00
Kareem
930e1ac473 Check ssl->arrays in SendClientHello to avoid null dereference. Allow building with fallthrough defined. 2021-11-19 14:06:54 -07:00
Jacob Barthelmeh
5d49847147 sanity check on pem size 2021-11-19 13:55:03 -07:00
Chris Conlon
c3500fa24e Merge pull request #4581 from miyazakh/max_earlydata 
add get_max_eraly_data
 2021-11-19 09:42:01 -07:00
JacobBarthelmeh
7e2fab6f4a warning with keil build and native lwip want read case 2021-11-18 22:58:50 -07:00
Hideki Miyazaki
f50fcd918e support Renesas RA SCE protect mode on RA6M4 evaluation board 2021-11-19 14:22:16 +09:00
Sean Parkinson
7e81372131 Merge pull request #4583 from dgarske/zd13242 
Improve `ret` handling in the `ProcessPeerCerts` verify step.
 2021-11-19 10:22:08 +10:00
Kareem
757f3b8105 Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined. 2021-11-18 16:06:22 -07:00
David Garske
3054f20c6a Improve ret handling in the ProcessPeerCerts verify step. 2021-11-18 14:51:09 -08:00
David Garske
2841b5c93b Merge pull request #3010 from kaleb-himes/ZD10203 
Consistency in PP checking on use of WOLFSSL_CRYPTO_EX_DATA
 2021-11-18 14:47:25 -08:00
Hideki Miyazaki
9bc159a5ec addressed review comment 2021-11-19 07:24:46 +09:00
David Garske
e33156d0dc Merge pull request #4578 from kaleb-himes/OE33_NON_FIPS_CHANGES 
OE33: Fix issues found by XCODE and add user_settings.h
 2021-11-18 06:59:43 -08:00
Sean Parkinson
618b9619c5 Merge pull request #4571 from anhu/init_sig_algs 
Uninitialized var.
 2021-11-18 22:46:37 +10:00
JacobBarthelmeh
b42a0d9712 native lwip update 2021-11-17 17:36:44 -07:00
Hideki Miyazaki
7da0d524ff add get_max_eraly_data 
support set/get_max_eraly_data compatibility layer
 2021-11-18 09:07:32 +09:00
Masashi Honma
cb3fc0c7ce Fix invalid return value of ASN1_INTEGER_get() 
When DIGIT_BIT is less than SIZEOF_LONG * CHAR_BIT, ASN1_INTEGER_get() can
return invalid value. For example, with trailing program, ASN1_INTEGER_get()
unexpectedly returns -268435449 (0xf0000007) on i386.

On the i386 platform (DIGIT_BIT=28), the input value 0x7fffffff is separated
into 0xfffffff and 0x7 and stored in the dp array of mp_int. Previously,
wolfSSL_BN_get_word_1() returned 0xfffffff shifted by 28 bits plus 0x7, so this
patch fixed it to return 0xfffffff plus 0x7 shifted by 28 bits.

int main(void)
{
    ASN1_INTEGER *a;
    long val;
    int ret;

    a = ASN1_INTEGER_new();
    val = 0x7fffffff;
    ret = ASN1_INTEGER_set(a, val);
    if (ret != 1) {
        printf("ret=%d\n", ret);
    }

    if (ASN1_INTEGER_get(a) != val) {
        printf("ASN1_INTEGER_get=%ld\n", ASN1_INTEGER_get(a));
    }

    ASN1_INTEGER_free(a);

    return 0;
}

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-18 06:58:21 +09:00
Anthony Hu
39edf8d206 pulled up a line. 2021-11-17 16:38:30 -05:00
Anthony Hu
49c7abb875 Changes suggested by SparkiDev. 2021-11-17 16:38:30 -05:00