3494218d98
Implement missing functionality for OpenVPN 2.5
2021-02-02 12:06:11 +01:00
5577a2215f
Merge pull request #3708 from JacobBarthelmeh/Testing
2021-02-01 10:11:16 -08:00
ab5f9831ab
Merge pull request #3707 from douzzer/test-openssl-small-stack
...
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
2021-02-01 09:30:04 -08:00
a7066a9be2
add stdint to test.c if using non blocking ecc test
2021-02-01 23:07:03 +07:00
fd01f79f86
add guard for rsa public only
2021-01-31 23:43:53 +07:00
d14f4f8451
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
2021-01-30 00:01:15 -06:00
f5f19fda42
Merge pull request #3704 from douzzer/aesgcm-table-small-stack
...
--enable-aesgcm=table --enable-smallstack
2021-01-29 19:53:08 -08:00
d0b20f90d5
wolfcrypt/test/test.c: use HEAP_HINT, not NULL, for XREALLOC() too.
2021-01-29 20:16:51 -06:00
8c0100e60e
blake2b.c/blake2s.c: refactor so that smallstack code paths match performance of !smallstack path.
2021-01-29 17:19:42 -06:00
a332cf36b5
add DYNAMIC_TYPE_AES and DYNAMIC_TYPE_CMAC to enum in types.h, and use these where appropriate;
...
in test.c: use use HEAP_HINT, not NULL in XMALLOC/XFREE calls;
fix a couple typos in aes_test() re WOLFSSL_ASYNC_CRYPT;
add various missing WOLFSSL_SMALL_STACK_STATIC qualifiers;
and streamline old smallstack refactor on-stack declarations declarations to use the much neater [1] construct.
2021-01-29 17:17:31 -06:00
eae4124908
Merge pull request #3705 from lechner/repology-packaging-status
...
Show packaging status across Linux distributions in README.md
2021-01-29 14:48:26 -08:00
2033970369
Show packaging status across Linux distributions in README.md (from Repology)
...
Repology offers badges for wolfSSL's packaging status across all known
Linux distributions. [1] In Markdown documents, the HTML version with
a right-hand alignment uses up less space. It is added here.
The badge itself provides a hyperlink to more information [2]
including repositories in which wolfSSL is not yet represented.
[1] https://repology.org/project/wolfssl/badges
[2] https://repology.org/project/wolfssl/versions
2021-01-29 10:40:32 -08:00
0f6ae330da
wolfcrypt: smallstack refactors of AES code for lkm compatibility with --enable-aesgcm=table.
2021-01-28 22:51:28 -06:00
91299c5abd
Merge pull request #3701 from dgarske/pkcs7_devId
...
Fixes for PKCS7 with crypto callback (devId) with RSA and RNG
2021-01-29 10:56:41 +10:00
4f6deb8ae9
Merge pull request #3594 from haydenroche5/zd10911
...
Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption i…
2021-01-28 16:55:04 -08:00
fc845da9f0
Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption is on (e.g.
...
during renegotiation).
This issue was brought to light by ZD 10911. When encryption is on (indicated
by the return value of IsEncryptionOn), DoHandShakeMsgType will finish up by
incrementing the input buffer index past the padding and MAC (if encrypt-then-
mac is enabled). In ProcessReply, if there are more messages to be read, the
index is decremented back before the padding and MAC. The issue arises when
ShrinkInputBuffer is called in between and copies data from the dynamic input
buffer to the static one. That function will get called with the index post-
increment, and thus the padding and MAC won't get copied into the static buffer,
which isn't what we want, since ProcessReply is going to decrement the index
since it thinks the padding and MAC are still there. This commit makes it so
the padding and MAC get included in the call to ShrinkInputBuffer when
encryption is on.
2021-01-28 15:37:00 -06:00
3da6b8364e
Prevent dangling pointer in TLSX_Cookie_Use
...
ZD 11603
2021-01-28 18:53:35 +01:00
2bd63d27bf
Fixes for PKCS7 with crypto callback (deviceId), where it was not being used for RSA and RNG. ZD 11163.
2021-01-28 09:52:13 -08:00
311a0d25dd
Merge pull request #3696 from JacobBarthelmeh/Testing
...
fix for tested x509 small build
2021-01-28 06:59:26 -08:00
590597a0e2
SP ECC verify: check point for z=0 and set to infinity
2021-01-28 14:43:51 +10:00
0ccb0d5fce
SP math: fix one word Montgomery Reduction for non-asm
...
Set the word size for x86.
2021-01-28 09:54:58 +10:00
bbcb98a8f7
fix for tested x509 small build
2021-01-27 23:00:24 +07:00
7486cad291
Curve448 PPC64: 'char' is not always signed - use type 'sword8'
...
Ensure type 'sword8' is signed.
2021-01-27 18:16:25 +10:00
c739b4d474
ECDSA sign: cleanup comments and variables
...
Remove mod at end as mulmod does this.
Change mp_add to mp_addmod_ct to keep the size of numbers to less than
order for mp_mulmod.
2021-01-27 09:39:11 +10:00
a1e083b5b1
Merge pull request #3689 from douzzer/fips-option-check-source
...
configure.ac: check compatibility of chosen FIPS option with source
2021-01-26 12:29:52 -08:00
d0e2566ad8
Merge pull request #3679 from julek-wolfssl/dtls-window
...
Correct old DTLS msg rcv update
2021-01-26 12:20:59 -08:00
3d4f836c00
Correctly insert out of order msgs to queue
2021-01-26 15:12:08 +01:00
4da9ade290
Use wolfSSL_X509_free to free ourCert
2021-01-26 11:32:05 +01:00
a89087ed2d
configure.ac: check compatibility of chosen FIPS option with the source tree, for early prevention of accidental attempts to build FIPS with non-FIPS source, or non-FIPS with FIPS source.
2021-01-25 17:56:28 -06:00
6e0e507dad
Merge pull request #3660 from dgarske/sess_ticket_aes_gcm
...
Added support for AES GCM session ticket encryption
2021-01-25 15:00:03 -08:00
f91dcb950c
Merge pull request #3670 from dgarske/keil
...
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
2021-01-25 14:57:05 -08:00
27ef5b9a3d
Merge pull request #3675 from SparkiDev/tls_no_ticket
...
TLS Session Ticket: Option to disable for TLS 1.2 and below
2021-01-25 14:54:10 -08:00
f35f57c378
Merge pull request #3683 from SparkiDev/sp_int_mont_red_1
...
SP math all: fix 1 word Montgomery Reduce
2021-01-25 14:47:35 -08:00
d201820e3a
Merge pull request #3687 from guidovranken/x963-export-reject-invalid-keys
...
Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export …
2021-01-25 14:46:59 -08:00
cf9e4f0caf
Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2
...
Fixes for openssh
2021-01-25 14:45:56 -08:00
234bf0c209
SSL: add const for *get_verify_mode to match openSSL
2021-01-25 10:37:50 -08:00
a2917ae29c
SSL: cleanup verify_mode coding style
2021-01-25 10:29:36 -08:00
05e1ee1694
Cleanup to use fixed sizes from defines for DECLARE_VAR. Resolves issue with Visual Studio and using a variable (even const) to declare an array size.
2021-01-25 09:14:12 -08:00
29f7eebef7
Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export functions
...
Additionally, harmonize the failure conditions of wc_ecc_export_x963 and
wc_ecc_export_x963_compressed.
2021-01-25 16:22:21 +01:00
f7408560c6
Fix Free/SafeRTOS with XMALLOC_USER
2021-01-25 09:10:15 -06:00
4f0ed55232
SP math all: fix 1 word Montgomery Reduce
...
May have 3 words in partial result before shifting down.
2021-01-25 10:19:27 +10:00
fb9836ed28
Merge pull request #3678 from guidovranken/zd11556
...
Fix wc_ecc_sign_hash memory leak. ZD 11556.
2021-01-22 18:06:56 -08:00
d29518ecac
Remove duplicate macro
2021-01-22 13:02:30 -08:00
21ac86adb3
SSL: refactor SSL verify mode to be more compatible
...
This follows the bit flag pattern closer. Still doesn't support
`SSL_VERIFY_CLIENT_ONCE` and maybe other flags.
2021-01-22 12:17:07 -08:00
13468d34e3
Apply same VS fixes to api.c as well.
2021-01-22 10:50:18 -08:00
46aee19de3
Fix for Visual Studio issue with non-cost in array declaration.
2021-01-22 10:44:38 -08:00
920c443864
Merge pull request #3250 from JacobBarthelmeh/Benchmark
...
add brainpool benchmark
2021-01-22 10:08:21 -08:00
cd4dae8f09
Merge pull request #3674 from ejohnstown/alerts
...
Alerts
2021-01-22 09:16:56 -08:00
b918fb9efe
Correct old DTLS msg rcv update
2021-01-22 14:33:33 +01:00
6fa1556daf
guard -ecc-all with HAVE_SELFTEST macro
2021-01-22 16:13:31 +07:00
Juliusz Sosinowicz
David Garske
Jacob Barthelmeh
Daniel Pouzzner
Felix Lechner
Sean Parkinson
Hayden Roche
Guido Vranken
John Safranek
toddouska
Elms
Eric Blankenhorn
Tesfa Mael