wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 15:12:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,395 Commits 12 Branches 184 Tags
b84086a4829720628362c537dc3752e8b5ba3b9b
Commit Graph

16395 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
b84086a482 Merge pull request #4883 from SparkiDev/ssl_bio_move 
BIO: move APIs out of ssl.c
 2022-02-23 09:38:54 -08:00
David Garske
0afc5e2cf1 Merge pull request #4881 from SparkiDev/sp_asm_shift_fix 
SP asm: fix for modexp corner case
 2022-02-23 09:37:25 -08:00
David Garske
8623b0c089 Merge pull request #4849 from SparkiDev/sp_p521 
SP: Add support for P521
 2022-02-23 09:33:49 -08:00
David Garske
3a34a4cd1d Merge pull request #4882 from SparkiDev/even_mod_check 
RSA/DH: check for even modulus
 2022-02-23 09:33:12 -08:00
Sean Parkinson
2eb044dc60 SP: Add support for P521 2022-02-23 14:51:47 +10:00
Sean Parkinson
d33b787993 BIO: move APIs out of ssl.c 
Get configuration working: --enable-all CFLAGS=-DNO_BIO
 2022-02-23 14:11:30 +10:00
Sean Parkinson
b5ed5c9b99 RSA/DH: check for even modulus 2022-02-23 09:51:15 +10:00
Sean Parkinson
5b6130889e SP asm: fix for modexp corner case 
When exponent bit length is a multiple of the window size and the top
word has only window bits in it, then n is shifted down by an undefined
value (size of a word). The n value is not used after this.
Check for this condition and don't attempt to shift n.
 2022-02-23 09:17:08 +10:00
David Garske
fef8a57eb2 Merge pull request #4880 from julek-wolfssl/plain-alert 
Detect if we are processing a plaintext alert
 2022-02-22 10:11:08 -08:00
David Garske
e8c9a413ca Merge pull request #4878 from SparkiDev/sp_x64_oob_write_fix_1 
ECC with SP math: OOB write
 2022-02-22 09:53:32 -08:00
David Garske
b40226099d Merge pull request #4877 from SparkiDev/sp_x64_asm_fix_1 
SP asm: fix map function to use p not point
 2022-02-22 09:50:53 -08:00
Sean Parkinson
d10900e124 ECC with SP math: OOB write 
Don't let input points ordinates be greater than modulus in length.
 2022-02-22 17:00:23 +10:00
Sean Parkinson
78f116b27f SP asm: fix map function to use p not point 2022-02-22 16:33:24 +10:00
Sean Parkinson
2a750acf03 Merge pull request #4873 from dgarske/async_v5.2.0 
Asynchronous Release v5.2.0: TLS 1.3 HelloRetryRequest
 2022-02-22 10:35:17 +10:00
David Garske
250a06f759 Merge pull request #4865 from SparkiDev/sp_int_mont_red 
SP int: Montgomery Reduction
 2022-02-21 16:20:17 -08:00
David Garske
31abc99f6f Fix for async handling of TLS v1.3 hello retry broken in #4863. 2022-02-21 14:14:20 -08:00
David Garske
6a81cc976e Merge pull request #4872 from SparkiDev/tls13_empty_cert_cli 
TLS 1.3: fail immediately if server sends empty certificate message
 2022-02-21 14:10:40 -08:00
David Garske
38d4da56ab Merge pull request #4857 from julek-wolfssl/ZD13631 
Reported in ZD13631
 2022-02-21 14:01:51 -08:00
David Garske
d834c50c85 Merge pull request #4858 from julek-wolfssl/ZD13611 
Reported in ZD13611
 2022-02-21 14:01:42 -08:00
David Garske
e6c07a296d Merge pull request #4866 from ejohnstown/release 
Prepare for release 5.2.0
v5.2.0-stable 		2022-02-21 09:09:58 -08:00
Sean Parkinson
9263e6ead3 TLS 1.3: fail immediately if server sends empty certificate message 2022-02-21 21:34:13 +10:00
John Safranek
ad8bf40b5e Update readme for release. 2022-02-20 13:05:04 -08:00
John Safranek
bb8af1cac5 Prepare for release 5.2.0 
1. Update versions as appropriate.
2. Modify FreeAtomicUser() to only free the Aes data in the callback
   contexts if the contexts exist.
 2022-02-18 13:55:22 -08:00
David Garske
ffb4ae07df Merge pull request #4871 from wolfSSL/small-leak 
Fix Small Memory Leaks
 2022-02-18 13:53:56 -08:00
John Safranek
041d300b2b Fix Small Memory Leaks 
Found with the configuration running the unit test through valgrind.

    % ./configure CFLAGS=-DNO_WOLFSSL_CIPHER_SUITE_TEST \
      --enable-all --disable-fastmath --enable-debug --disable-shared

1. ssl.c: In wolfSSL_DSA_generate_key(), we initialize (and allocate)
   all the parameters in the key (p, q, g, x, y), and then we generate a
   key, initializes (and allocates) x and y, again. mp_clear them
   first.
2. evp.c: When printing public keys, the temporary mp_int wasn't getting
   correctly freed.
3. evp.c: When printing public keys, modified the utility functions to
   return once with a do-while-0 loop.
 2022-02-18 10:01:49 -08:00
John Safranek
4b0c8c07f4 Merge pull request #4870 from elms/fix/tls13_renegotiation_info_ext 
tls13: fix not including RENEGOTIATION_INFO ext
 2022-02-17 13:09:02 -08:00
elms
208c457348 tls13: fix to not send RENEGOTIATION_INFO ext 
Introduced in PR #4742 to enable sending of extension in TLS1.2
without fully supporting secure renegotiation in accordance with
RFC 5746 4.3 https://datatracker.ietf.org/doc/html/rfc5746#section-4.3
 2022-02-17 11:22:17 -08:00
David Garske
95ae242550 Merge pull request #4869 from wolfSSL/silabs-aes 
SILABS port: fix sizeof
 2022-02-17 10:45:47 -08:00
David Garske
b343c2691b Merge pull request #4867 from maximevince/master 
Fix WOLFSSL_NO_TLS12 for Async dev
 2022-02-17 10:18:18 -08:00
John Safranek
4361d1bdd2 SILABS port: fix sizeof 
A sizeof wasn't dereferencing a pointer using the sizeof the pointer and
not the actual struct. This is limited to setting the key for an AES
operation only when using SILABS SE2 acceleration.
 2022-02-17 08:52:46 -08:00
Maxime Vincent
111ae9da84 Fix WOLFSSL_NO_TLS12 for Async dev 2022-02-17 08:10:19 +01:00
Juliusz Sosinowicz
c5875cfc5a Detect if we are processing a plaintext alert 2022-02-16 10:50:44 +01:00
David Garske
df0b516c68 Merge pull request #4863 from SparkiDev/tls13_auth 
TLS 1.3: improved checks on received message type
 2022-02-15 11:33:34 -08:00
Juliusz Sosinowicz
15d0dd258a Add cert test for UID name component 2022-02-15 14:05:46 +01:00
Sean Parkinson
ea5785f6fd SP int: Montgomery Reduction 
Improve performance for ECC curves when all bits in words are used (mask
is 0).
On 64-bit platforms, improves performance for 256 and 384 bit curves.
On 32-bit platforms, improves performance for 224, 256, 384 bit curves.
 2022-02-15 17:19:57 +10:00
Sean Parkinson
94c03a77f5 TLS 1.3: improved checks on received message type 
pskNegotiated field added to indicate Session Ticket or PSK negotiated.

peerAuthGood field added to indicate that any require peer
authentication (certificate, if required, or PSK) have been performed.
 2022-02-15 13:25:16 +10:00
Sean Parkinson
9906c9c55e Merge pull request #4862 from dgarske/no_server 
Fix typo for no server
 2022-02-15 10:31:12 +10:00
David Garske
07045083a9 Merge pull request #4859 from SparkiDev/sp_int_thumb_small 
SP int: fixup ARM Thumb asm for small builds
 2022-02-14 16:07:50 -08:00
Sean Parkinson
6571151d17 SP int: fixup ARM Thumb asm for small builds 
Small builds or arm Thumb can't use r7.
 2022-02-15 08:34:21 +10:00
David Garske
c992ddbfc0 Merge pull request #4853 from SparkiDev/curve448_128bit_perf 
Curve448: inline Karatsuba in sqr and mul for 128-bit impl
 2022-02-14 12:04:57 -08:00
David Garske
16566f329e Fix typo for no server. Should be NO_WOLFSSL_SERVER. 2022-02-14 10:37:34 -08:00
David Garske
ff4ee20f05 Merge pull request #4860 from SparkiDev/disable_hmac 
Configure HMAC: define NO_HMAC when HMAC disabled
 2022-02-14 10:08:32 -08:00
Juliusz Sosinowicz
445ed2f234 Reported in ZD13631 
`ssl->peerVerifyRet` wasn't being cleared when retrying with an alternative cert chain
 2022-02-14 11:01:59 +01:00
Sean Parkinson
f02296a4e6 Configure HMAC: define NO_HMAC when HMAC disabled 2022-02-14 17:22:10 +10:00
Sean Parkinson
38653510eb Curve448: inline Karatsuba in sqr and mul for 128-bit impl 2022-02-14 09:09:57 +10:00
Juliusz Sosinowicz
4e5380668c Reported in ZD13611 
The `UID` name component could not be parsed if it appears in a subject or issuer name
 2022-02-12 00:36:07 +01:00
David Garske
2fa542eb28 Merge pull request #4846 from haydenroche5/fips_mode_compat 
Implement FIPS_mode and FIPS_mode_set in the compat layer.
 2022-02-11 12:50:30 -08:00
David Garske
88f202aa22 Merge pull request #4855 from julek-wolfssl/issue-4854 
wolfSSL_get_error may return SSL_ERROR_NONE on ret <= 0
 2022-02-11 09:01:16 -08:00
Juliusz Sosinowicz
4f8ffc4586 wolfSSL_get_error may return SSL_ERROR_NONE on ret <= 0 
Fix docs mismatch reported in https://github.com/wolfSSL/wolfssl/issues/4854
 2022-02-11 12:37:12 +01:00
Daniel Pouzzner
34b6102816 Merge pull request #4847 from douzzer/20220209_clang-Os 
fixes for clang -Os on clang >= 12.0.0
 2022-02-10 21:31:01 -06:00