Commit Graph

15234 Commits

Author SHA1 Message Date
Sean Parkinson ac3612bbef Merge pull request #4469 from dgarske/android_keystore
Support for Android KeyStore compatibility API's
2021-10-21 08:30:08 +10:00
Sean Parkinson a9f467a6b0 Merge pull request #4457 from dgarske/zd13036
Fix for sniffer to trap negative size calculation
2021-10-21 08:17:52 +10:00
John Safranek ff8e7609f5 Merge pull request #4458 from kosmas-valianos/SkipCRLnoCDP 2021-10-20 13:45:58 -07:00
John Safranek e572c6b9d7 Merge pull request #4486 from dgarske/set_secret 2021-10-20 10:54:13 -07:00
David Garske 1d6c7b542d Update the user_settings.h template for Android, based on final testing. 2021-10-20 10:10:15 -07:00
David Garske 6d2a5fab9b Added test cases for EVP_PKCS82PKEY and EVP_PKEY2PKCS8. 2021-10-20 09:18:13 -07:00
David Garske e5caf5124c Merge pull request #4477 from luizluca/zero-terminate-constraints
ASN: zero-terminate name constraints strings
2021-10-19 21:16:46 -07:00
David Garske 892685ac59 Merge pull request #4472 from utzig/ksdk-port-koblitz
nxp: ksdk: add support for Koblitz curves
2021-10-19 21:14:38 -07:00
David Garske a145f3107d Merge pull request #4481 from SparkiDev/mod_exp_even
SP int: handle even modulus with exponentiation
2021-10-19 21:09:15 -07:00
David Garske 4e7ce45a8c Allow loading public key with PK callbacks also. 2021-10-19 17:04:18 -07:00
David Garske de8798f4be Fix API unit tests where DH 3072-bit is not enabled. 2021-10-19 17:04:18 -07:00
David Garske a03ed32380 Support for Android KeyStore compatibility API's:
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
David Garske 00bdc69284 Fix for wolfSSL_set_secret with DTLS where TLS v1.3 is not defined. Function assumed ssl->arrays->preMasterSecret was allocated. 2021-10-19 16:22:39 -07:00
Sean Parkinson f04380d624 Merge pull request #4475 from douzzer/fix-scan-build-UnreachableCode
scan-build LLVM-13 fixes and expanded coverage
2021-10-20 08:30:46 +10:00
Sean Parkinson d880403207 SP int: handle even modulus with exponentiation
Fix testing of mp_int to only call when implementation included.
2021-10-20 08:21:26 +10:00
Sean Parkinson 7f5a3a4e74 Merge pull request #4484 from dgarske/memtest
Fix for openssl test with --enable-memtest (also DH test build edge case)
2021-10-20 08:19:30 +10:00
Sean Parkinson 41eecd37e5 Merge pull request #4471 from embhorn/zd11886
Fix build errors with NO_BIO config
2021-10-20 08:06:42 +10:00
Sean Parkinson 93f033823c Merge pull request #4482 from miyazakh/mindowngarde_staticrsa
TLS 1.3: ServerHello downgrade with no extensions fix
2021-10-20 07:58:34 +10:00
David Garske d297a06c25 Fix for wolfCrypt test with custom curves without Brainpool. Tested all changes on NXP K82 LTC. 2021-10-19 13:12:12 -07:00
David Garske 498884eadb Fix for missing dhKeyFile and dhKeyPubFile with file system enabled, WOLFSSL_DH_EXTRA and USE_CERT_BUFFERS_2048 set. 2021-10-19 13:06:37 -07:00
David Garske dcb2ebba39 Fix for openssl.test extraction of version and cipher suites. Fix mem tracking to use stderr. Fix client version print to use single printf with newline. 2021-10-19 13:00:25 -07:00
Eric Blankenhorn c0b592ef82 Fix build error with WOLFSSL_USER_IO 2021-10-19 08:27:43 -05:00
Hideki Miyazaki 91cd2b1731 TLS 1.3 ServerHello additional fix for PR4439 in Static RSA case 2021-10-19 17:51:00 +09:00
Daniel Pouzzner 768496be4a scan-build LLVM-13 fixes: in examples/echoclient/echoclient.c, remove frivolous "break;", avoiding need to pragma-ignore clang -Wunreachable-code-break. 2021-10-18 21:46:10 -05:00
Daniel Pouzzner e341291d99 scan-build LLVM-13 fixes: tests/api.c: fix -Wunused-but-set-variable for drive_len in test_wolfSSL_EVP_Cipher_extra() by removing the unused drive_len code. 2021-10-18 21:46:10 -05:00
Daniel Pouzzner 69bc801c13 scan-build LLVM-13 fixes: src/ssl.c: work around deadcode.DeadStores warning in wolfSSL_X509_REQ_sign() in a different way, avoiding WC_MAYBE_UNUSED. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner 76332069ea examples/client/client.c: remove frivolous break to avoid need for PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\""). 2021-10-18 21:46:09 -05:00
Daniel Pouzzner a5006d580c scan-build LLVM-13 fixes: sp_int.c: drop "&& defined(SP_DEBUG_VERBOSE)" from preprocessor gates around debugging printfs. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner 007f01e7ec scan-build LLVM-13 fixes: in src/tls.c TLSX_PopulateExtensions(), avoid -Wunreachable-code-return by refactoring iteration to use an array terminator (a new "WOLFSSL_NAMED_GROUP_INVALID" with value 0) rather than a compile-time-calculated constant of iteration. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner 816527e826 scan-build fixes: back out all "#ifndef __clang_analyzer__" wrappers added to suppress false and frivolous positives from alpha.deadcode.UnreachableCode, and rename new macro WC_UNUSED to WC_MAYBE_UNUSED to make its meaning more precisely apparent. build is still clean with -Wunreachable-code-break -Wunreachable-code-return under scan-build-13. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner f621a93081 more scan-build LLVM-13 fixes and expanded coverage: deadcode.DeadStores in client.c and server.c (no functional changes). 2021-10-18 21:46:09 -05:00
Daniel Pouzzner 62822be6ce scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all. 2021-10-18 21:46:09 -05:00
Sean Parkinson 7447a567e1 Merge pull request #4480 from JacobBarthelmeh/fuzzing
sanity check on q value with DSA sign
2021-10-19 11:10:51 +10:00
Sean Parkinson 84b845c65b Merge pull request #4478 from maximevince/zephyr-user-settings-override
Zephyr: Rename leftover CONFIG_WOLFSSL_OPTIONS_FILE
2021-10-19 09:51:15 +10:00
David Garske a50d1f4870 Merge pull request #4301 from julek-wolfssl/issue-4298
`mem_buf` only used with memory BIO
2021-10-18 10:29:55 -07:00
Jacob Barthelmeh c07a7deec2 sanity check on q value with DSA sign 2021-10-18 10:17:49 -06:00
Maxime Vincent 77895ac964 Rename leftover CONFIG_WOLFSSL_OPTIONS_FILE to CONFIG_WOLFSSL_SETTINGS_FILE
Signed-off-by: Maxime Vincent <maxime@veemax.be>
2021-10-16 15:43:21 +02:00
Luiz Angelo Daros de Luca 0e3218dcd0 ASN: zero-terminate name constraints strings
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2021-10-15 20:19:05 -03:00
David Garske b2c003d7d4 Fix for sniffer to trap negative sslBytes. Revert logic from PR 3493 blocking out of range sequence numbers. Fix ack sequence rollover logic. ZD13036 2021-10-15 11:31:53 -07:00
Daniel Pouzzner 60adf22ce1 Merge pull request #4468 from SparkiDev/sp_fixes_6
SP: regenerated SP code
2021-10-15 02:27:19 -05:00
Sean Parkinson b2b39f01b7 Merge pull request #4474 from cconlon/includekds
include IDE/KDS in make dist archive
2021-10-15 08:33:23 +10:00
Chris Conlon 7bd92e606b Merge pull request #4473 from JacobBarthelmeh/dks7g2
Update DK-S7G2 README.md
2021-10-14 16:29:08 -06:00
Eric Blankenhorn 17e0249a26 Fixing NO_BIO and OPENSSL_ALL errrors 2021-10-14 16:03:52 -05:00
Chris Conlon 228f1e233a include IDE/KDS in make dist archive 2021-10-14 14:01:19 -06:00
Jacob Barthelmeh 82a1c4b9f1 Update DK-S7G2 README.md 2021-10-14 13:09:42 -06:00
David Garske 2aa2ef84b2 Merge pull request #4470 from LinuxJedi/md-cleanups
Cleanup markdown documentation
2021-10-14 11:04:48 -07:00
Fabio Utzig ed243b3327 nxp: ksdk: add support for Koblitz curves
The Kinetis port implementation currently only supports SECP random
curves. This commit expands it to also support the accepted SECP
koblitz curves, based on user settings. The implementation also makes
it easy to add Brainpool curves.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2021-10-14 12:33:30 -03:00
Eric Blankenhorn 61bab6f68b Fix test build errors with NO_BIO 2021-10-14 09:37:01 -05:00
Eric Blankenhorn 1396c46281 Fix build errors with NO_BIO config 2021-10-14 09:06:54 -05:00
Sean Parkinson 4c70ac73f1 Merge pull request #4467 from dgarske/smtp
Example client: fix for SMTP temp buffer size
2021-10-14 08:16:42 +10:00