wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 08:39:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,352 Commits 12 Branches 184 Tags
cca6cc0495c3577e0ea78447767bae384fd71767
Commit Graph

7982 Commits

Author SHA1 Message Date
David Garske
0d057099af Fix line lengths. 2023-12-27 10:12:52 -08:00
David Garske
b86dfffdbe Improve the TLS v1.3 expand key label warning for possible use of uninitialized "hash". 2023-12-27 09:52:56 -08:00
David Garske
d9ac8b5422 Peer review fixes. Fix issues with Tls13HKDFExpandKeyLabel. Fix crypto callback line lengths. 2023-12-22 14:16:59 -08:00
David Garske
fb5eab8f79 Fix one shot hash routines to attempt offloading to crypto callbacks. Fix random.c health test to use devId. Fix FIPS unused "ssl". 2023-12-19 11:20:56 -08:00
David Garske
2001d1c74b Fixes for TLS v1.3 with crypto callbacks not offloading DeriveKeyMsg, KDF HMAC and ECH. 2023-12-19 08:15:58 -08:00
David Garske
90748b5f61 Remove the SHA1-/SHA2-256 auto devId selection devId = wc_CryptoCb_GetDevIdAtIndex(0); 2023-12-18 17:14:58 -08:00
David Garske
8b203719d3 Add support for using devId with one-shot hash functions. 2023-12-18 17:14:43 -08:00
David Garske
d5e83310b6 Fix typo with HMAC determination of update/final. 2023-12-18 17:11:33 -08:00
David Garske
205403ebb2 Add more information in the DEBUG_CRYPTOCB. 2023-12-18 17:11:16 -08:00
Daniel Pouzzner
ef14176b7f SRTP fixes: 
* in wolfssl/ssl.h, add missing arg names to wolfSSL_CTX_set_tlsext_use_srtp(), wolfSSL_set_tlsext_use_srtp(), and wolfSSL_export_dtls_srtp_keying_material();
* in wolfcrypt/src/kdf.c, call wc_AesFree if and only if wc_AesInit() succeeded;
* in src/ssl.c:DtlsSrtpSelProfiles(), fix bugprone-inc-dec-in-conditions;
* in tests/suites.c:execute_test_case(), fix several -Wdeclaration-after-statement and -Wmissing-field-initializers;
* in wolfcrypt/test/test.c, fix a shiftTooManyBitsSigned warning in srtpkdf_test(), and fix a typo (kaSz/ksSz).
 2023-12-15 14:06:36 -06:00
Chris Conlon
27c6ee4d05 Merge pull request #7068 from SparkiDev/srtp_kdf_label 
SRTP/SRTCP KDF: add APIs that derives one key from a label
 2023-12-14 14:54:58 -07:00
Chris Conlon
fb6b022f42 Merge pull request #7020 from SparkiDev/ecc_gen_k_by_reject 
ECC: generate values in range of order by rejection
 2023-12-14 14:54:39 -07:00
David Garske
1cf87ce0c9 Spelling fix. 2023-12-14 12:14:30 -08:00
Chris Conlon
f6ef58dbc2 Merge pull request #7064 from philljj/fix_infer_issues 
Fix issues from infer diff report.
 2023-12-14 12:27:34 -07:00
Chris Conlon
1b76f6d56b Merge pull request #7065 from miyazakh/fix_ra6m3 
fix benchmark compile error
 2023-12-14 09:15:32 -07:00
Sean Parkinson
659a245b27 SRTP/SRTCP KDF: add APIs that derives one key from a label 
Added more generic APIs that derive a single key with a label.
Added defines for label values and index lengths.
 2023-12-14 14:45:35 +10:00
Hideki Miyazaki
3af91c265b remove tab 2023-12-14 11:16:36 +09:00
Chris Conlon
d36538c40a Merge pull request #7063 from embhorn/13dec2023_cov_fixes 
Fixes for release
 2023-12-13 16:19:13 -07:00
jordan
a1b44b6214 Fix issues from infer diff report: init mp_digit to 0. 2023-12-13 17:17:49 -06:00
Hideki Miyazaki
f209120218 fix benchmark compile error 2023-12-14 07:35:32 +09:00
Chris Conlon
a66137d2fe Merge pull request #7062 from lealem47/leaks 
Cleanup leaks in api.c and benchmark.c
 2023-12-13 14:09:23 -07:00
Eric Blankenhorn
1d7fd42aa8 Fixes for release 2023-12-13 14:47:02 -06:00
Lealem Amedie
5fd0470f76 Cleanup leaks in api.c and benchmark.c 2023-12-13 13:00:52 -07:00
Chris Conlon
3d959b96c9 Merge pull request #7060 from dgarske/various_20231212 
Fix for benchmark without filesystem unused globals
 2023-12-13 11:29:28 -07:00
Sean Parkinson
b7b20ededd Merge pull request #7058 from lealem47/zd17174 
Check buffer length before XMEMCMP in GetOID
 2023-12-13 14:36:23 +10:00
Lealem Amedie
2724edc257 Check buffer length before XMEMCMP in GetOID 2023-12-12 15:13:42 -07:00
Sean Parkinson
ce74a34154 Merge pull request #7019 from dgarske/armasm_mmcau 
Patch to support NXP Kinetis MMCAU SHA2-256 with ARM ASM
 2023-12-13 07:26:11 +10:00
David Garske
3750ff5205 Fix for benchmark without filesystem and unused hash_input and cipher_input. 2023-12-12 13:22:17 -08:00
Sean Parkinson
21f53f37a1 ECC: generate values in range of order by rejection 
When generating private key and nonce for ECDSA, use rejection sampling.
Note: SP uses this algorithm
 2023-12-12 14:55:56 +10:00
Daniel Pouzzner
c1b5135918 wolfcrypt/src/evp.c and wolfcrypt/test/test.c: in FIPS builds <5.3, gate out AES-XTS functionality that depends on new APIs added in #7031 (b14aba48af and 931ac4e568) (AES-XTS is non-FIPS in FIPS <5.3). 2023-12-11 12:14:29 -06:00
Daniel Pouzzner
9c17d5d2fa support ASN ShortInts up to 4 bytes (2^32-1): 
* parameterize MAX_LENGTH_SZ using overrideable WOLFSSL_ASN_MAX_LENGTH_SZ, default value 5 (raised from 4).
* refactor other Misc_ASN constants to refer to MAX_LENGTH_SZ as appropriate.
* tweak BytePrecision() appropriately.
* refactor SetShortInt() to use BytePrecision() and include a length assert against MAX_SHORT_SZ to assure no buffer overruns with reduced WOLFSSL_ASN_MAX_LENGTH_SZ.
 2023-12-11 12:14:29 -06:00
David Garske
b5eb8995c9 Fix possible unused variable warning. 2023-12-11 09:22:47 -08:00
JacobBarthelmeh
ac447d1afb Merge pull request #7031 from douzzer/20231201-openssl-compat-fixes 
20231201-openssl-compat-fixes
 2023-12-08 17:25:53 -07:00
JacobBarthelmeh
f708d42ef7 Merge pull request #7046 from dgarske/crl_cleanups 
Various cleanups - CRL and comments - 20231207
 2023-12-08 17:15:01 -07:00
David Garske
8a5a467543 Patch to support NXP Kinetis MMCAU SHA2-256 (FREESCALE_MMCAU_CLASSIC_SHA) with --enable-armasm. 2023-12-08 15:56:20 -08:00
gojimmypi
62c0910e15 sync w/upstream; resolve merge conflict 2023-12-08 09:06:10 -08:00
JacobBarthelmeh
448b83697a Merge pull request #7035 from gojimmypi/PR-Espressif-wolfcrypt 
Espressif wolfcrypt updates
 2023-12-08 09:07:46 -07:00
David Garske
434526c345 Expand WOLFSSL_NO_CRL_DATE_CHECK to the process cert CRL next date check. Fix typo for DEBUG_CRYPTOCB. Add comments for wc_ValidateDate arguments. Improve linker script example for FIPS to put stdlib before FIPS and not force KEEP. 2023-12-07 14:45:16 -08:00
Sean Parkinson
61b0efce4f Merge pull request #7039 from embhorn/zd17127 
Check for neg size in fp_read_unsigned_bin
 2023-12-08 07:44:09 +10:00
gojimmypi
5e5286d30d Merge branch 'master' of https://github.com/wolfSSL/wolfssl into PR-Expressif-Benchmark 2023-12-07 13:26:20 -08:00
Eric Blankenhorn
27e93276de Check for neg size in fp_read_unsigned_bin 2023-12-07 14:26:12 -06:00
JacobBarthelmeh
5caa71ec6a Merge pull request #7038 from SparkiDev/heapmath_mp_add_d 
Heapmath mp_add_d: fix for when a and c same pointer
 2023-12-07 10:04:13 -07:00
JacobBarthelmeh
9d0bb4c2bf Merge pull request #7040 from dgarske/win_vs 
Fixes for building wolfSSL in Visual Studio
 2023-12-07 10:02:33 -07:00
Daniel Pouzzner
931ac4e568 add documentation for wc_AesXtsInit(), wc_AesXtsSetKeyNoInit(), wc_CmacFinalNoFree(), and wc_CmacFree(); 
rename wc_AesXtsSetKey_NoInit() to wc_AesXtsSetKeyNoInit() for morphological consistency;

refactor wc_AesXtsSetKey() to call wc_AesXtsSetKeyNoInit() and clean up on failure;

readability tweak in wolfSSL_EVP_CipherFinal().
 2023-12-06 19:26:46 -06:00
Daniel Pouzzner
b14aba48af wolfcrypt/src/cmac.c: add wc_CmacFree(), revert wc_CmacFinal(), rename wc_CmacFinal() as wc_CmacFinalNoFree() removing its deallocation clauses, and add new wc_CmacFinal() that calls wc_CmacFinalNoFree() then calls wc_CmacFree() unconditionally, for compatibility with legacy client code (some of which may have previously leaked). 
tests/api.c: modify test_wc_CmacFinal() to use wc_CmacFinalNoFree() except for the final call.

wolfcrypt/src/aes.c:
* fix wc_AesEaxEncryptAuth() and wc_AesEaxDecryptAuth() to call wc_AesEaxFree() only if wc_AesEaxInit() succeeded.
* fix wc_AesEaxInit() to free all resources on failure.
* revert wc_AesEaxEncryptFinal() and wc_AesEaxDecryptFinal() changes, then change wc_CmacFinal() calls in them to wc_CmacFinalNoFree() calls.
* wc_AesEaxFree(): add wc_CmacFree() calls.
 2023-12-06 16:55:57 -06:00
Sean Parkinson
226c631feb Heapmath mp_add_d: fix for when a and c same pointer 
When parameters a and c to mp_add_d are the same pointer, c->sign was
being set to zero/positive and then a->sign was being checked.
Set the c->sign at end as it will always be zero/positive through the
code and the sign of the result isn't otherwise used.
 2023-12-07 07:51:43 +10:00
gojimmypi
f3a9d4a56e Espressif Benchmark ESP-IDF 4.4 fixes 2023-12-06 13:23:14 -08:00
David Garske
db14914951 Fixes for building wolfSSL in Visual Studio. Adds missing files. Fix for type cast warnings. 2023-12-06 13:20:27 -08:00
gojimmypi
4bd78e5e31 Espressif benchmark update 2023-12-06 12:43:42 -08:00
gojimmypi
ca1eba0919 Espressif wolfcrypt updates 2023-12-06 10:05:31 -08:00