wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 02:52:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,692 Commits 12 Branches 184 Tags
d10e72bc9802c90372c8d519552fd321a29b416b
Commit Graph

5428 Commits

Author SHA1 Message Date
David Garske
d10e72bc98 Fix for KCAPI AES with WOLFSSL_NO_KCAPI_AES_CBC. 2022-03-29 12:50:28 -07:00
David Garske
1abcd4b035 Reduce KCAPI ECC page memory allocation sizes. 2022-03-28 15:40:07 -07:00
David Garske
05f377011b Fix for building with KCAPI AES enabled. 2022-03-28 15:05:58 -07:00
David Garske
12349f39e6 Merge pull request #4974 from kareem-wolfssl/iotsafe 
IOTSafe workarounds
 2022-03-28 13:49:44 -07:00
Kareem
be938ed197 IoTSafe Workarounds: Address code review feedback. 2022-03-25 16:17:53 -07:00
JacobBarthelmeh
25d5a624d2 Merge pull request #4975 from cconlon/smallStack 
smallstack cleanup for OpenSSL Compatibility Functions
 2022-03-25 17:06:59 -06:00
John Safranek
0ee01f08bc Merge pull request #4984 from douzzer/20220325-multi-test-cleanup 
20220325 multi-test fixes
 2022-03-25 15:06:34 -07:00
David Garske
3af3274dcd Merge pull request #4982 from SparkiDev/sp_x64_improvements 
SP ASM improvements
 2022-03-25 13:04:01 -07:00
Daniel Pouzzner
008c8509c6 multi-test fixes: whitespace in wolfcrypt/src/random.c and wolfcrypt/test/test.c, bugprone-macro-parentheses and -Wenum-compare in WS_RETURN_CODE() (wolfssl/ssl.h), and clang-analyzer-deadcode.DeadStores in api.c. 2022-03-25 13:26:41 -05:00
Sean Parkinson
7eb95674ee Merge pull request #4966 from dgarske/kcapi 
Fixes for KCAPI AES GCM and ECC
 2022-03-25 10:18:16 +10:00
Sean Parkinson
fd66f6bcec SP ASM improvements 
Change Karatsuba implementations for x86_64.
Fix ECC code to better handle corner cases.
Add 'lower' versions of functions wehn an input is known to be less than m.
Add mont_add/dbl/tpl/sub for P384.
Change ECC point add to be cache-attack resistant.
Change mod_exp to be cache-attack resistant.
 2022-03-25 10:04:25 +10:00
Sean Parkinson
feb58a8455 Merge pull request #4956 from julek-wolfssl/bind-9.18.0 
bind 9.18.0 fixes
 2022-03-25 08:27:34 +10:00
Anthony Hu
ceae169a34 Merge pull request #4969 from dgarske/pk_pubkey 2022-03-24 12:40:03 -04:00
Juliusz Sosinowicz
29c0c9bf48 Rebase fixes 2022-03-24 13:41:50 +01:00
Juliusz Sosinowicz
ae9b01c5b8 bind 9.18.0 fixes 
- return `1` from `wolfSSL_BIO_set_mem_eof_return` instead of `0` for success
- bind requires ALPN
- `OPENSSL_COMPATIBLE_DEFAULT` defined for bind
- `WOLFSSL_ERROR_CODE_OPENSSL` defined when using compatibility layer
- return `bio->eof` on no pending data to read in memory BIO (defaults to `WOLFSSL_BIO_ERROR`)
- `flags` is no longer an input parameter in `wolfSSL_ERR_get_error_line_data`
- allow lazy parameter loading in `wolfSSL_DH_set0_key`
- implement reference counter in `WOLFSSL_EC_KEY`
- load serial number from `x509->serialNumber` if `x509->serial` is empty
 2022-03-24 12:16:59 +01:00
David Garske
6e550c8d75 Fix for KCAPI ECC KeyGen. Disable ECC consistency checks with KCAPI. Allow public AddSignature (used to be public). Fix KCAPI ECC SharedSecret output size. 2022-03-23 09:37:50 -07:00
David Garske
8bafa7f601 Fix for KCAPI ECC sign (was not returning the signature, since ret always 0). 2022-03-23 09:37:50 -07:00
David Garske
c9e3094cb0 Fixes for KCAPI ECC verify. Cleanup of the pubkey_raw. Fix KCAPI AES possible used uninitialized. 2022-03-23 09:37:50 -07:00
David Garske
8d695f97c9 Fix for KCAPI KcapiEcc_LoadKey parameter to kcapi_kpp_keygen. Added option to release handle on load. Fixes for KCAPI sign output length. Added additional argument checking. 2022-03-23 09:37:50 -07:00
David Garske
318350f63b Fix for ecc_check_privkey_gen with KCAPI. Fix KCAPI ECDSA to ensure we don't leak handle for multiple sign/verify calls. 2022-03-23 09:37:50 -07:00
David Garske
9f2dc408a0 Fixes for KCAPI AES GCM. Add guards for algorithm macros on KCAPI. 2022-03-23 09:37:50 -07:00
David Garske
1b0e5f4806 Allow disabling DRBG with KCAPI. Add KCAPI /dev/hwrng support. 2022-03-23 09:37:50 -07:00
Chris Conlon
210eb6283c smallstack reduction for wc_ecc_import_x963_ex, mp_jacobi 2022-03-21 14:43:43 -06:00
Chris Conlon
851ff9e661 smallstack reduction for PrintPubKeyRSA, PrintPubKeyDSA, PrintPubKeyDH 2022-03-21 14:43:43 -06:00
Chris Conlon
339e44bd87 smallstack reduction for wc_ecc_import_point_der_ex() 2022-03-21 14:43:43 -06:00
David Garske
59665a44b5 Fixes for allowing server to have a public key set when using external key with PK callbacks. 2022-03-21 13:14:24 -07:00
David Garske
29c120356e Sniffer asynchronous support. 
* Adds stateful handling of DH shared secret computation in `SetupKeys`.
* Improved the decrypt handling to use internal functions and avoid generating alerts on failures.
* Fix for sniffer resume due to missing `sessionIDSz` broken in #4807.
* Fix sniffer test cases to split resume (session_ticket) tests.
* Add `snifftest` list of build features so test script can gate running resume test.
 2022-03-21 12:05:08 -07:00
Kareem
af70edb99d Strip trailing zeroes from cert buffer when using IOTSAFE_NO_GETDATA. 2022-03-21 10:53:36 -07:00
David Garske
c213c725d7 Merge pull request #4971 from SparkiDev/fp_div2_mod_ct_oob 
TFM fp_div_2_ct: rework to avoid overflow
 2022-03-21 09:11:41 -07:00
David Garske
08d6474878 Merge pull request #4954 from SparkiDev/rsa_fermat 
RSA: check for small difference between p and q
 2022-03-21 09:09:38 -07:00
David Garske
b90df0a6aa Merge pull request #4951 from ejohnstown/wolfrand 
wolfRand for AMD
 2022-03-21 09:09:19 -07:00
Juliusz Sosinowicz
9763030675 Merge pull request #4845 from cconlon/pkcs7compat 2022-03-21 15:26:37 +01:00
Sean Parkinson
8dbd8b0ad6 RSA: check for small difference between p and q 2022-03-21 10:58:14 +10:00
Sean Parkinson
aa14607a6f TFM fp_div_2_ct: rework to avoid overflow 
Don't set the overflow word. Instead integrate the div by 2 into the
function so that the overflow word doesn't need to be stored.
 2022-03-21 10:43:06 +10:00
Sean Parkinson
2f52d3cd20 Merge pull request #4965 from dgarske/aes_win_clang 
Fixes for Windows AESNI with clang
 2022-03-21 08:24:21 +10:00
Hayden Roche
dcaa218ed8 Merge pull request #4927 from cconlon/upRef 2022-03-18 18:10:36 -07:00
Chris Conlon
c491a6c829 EVP_PKEY_copy_parameters: correctly mark inner struct owned 2022-03-18 16:37:45 -06:00
Chris Conlon
582f0d82e4 address review feedback for PKCS7 compat additions 2022-03-18 12:07:44 -06:00
JacobBarthelmeh
bfee3dffc6 Merge pull request #4967 from dgarske/pubkey_size 
Fix for `wc_EccPublicKeyToDer` incorrectly requiring too much buffer
 2022-03-18 09:22:52 -06:00
David Garske
bb27fa4555 Fix for wc_EccPublicKeyToDer incorrectly requiring too much buffer. Merge error included old ASN code and incorrectly excluded ASN template. ZD13904. 2022-03-17 18:51:37 -07:00
Sean Parkinson
ef66a12a24 Merge pull request #4961 from dgarske/cust_fixups 
Various portability improvements (Time, DTLS epoch size, IV alloc)
 2022-03-18 11:38:57 +10:00
David Garske
b546b2a5ec Improve logic around private key id/label. Adds WOLF_PRIVATE_KEY_ID. 2022-03-17 14:48:30 -07:00
David Garske
f954aef973 Fixes for Windows AESNI with clang. Improve 32-bit support. 2022-03-17 14:05:24 -07:00
David Garske
3fba5d17c3 Various portability improvements: 
* Change DTLS epoch size word16.
* Allow override of the `RECORD_SIZE` and `STATIC_BUFFER_LEN`.
* Remove endianness force from game build.
* Add `gmtime_s` option.
* Fix for macro conflict with `MAX_KEY_SIZE`.
* Expose functions `wolfSSL_X509_notBefore`, `wolfSSL_X509_notAfter`, `wolfSSL_X509_version` without `OPENSSL_EXTRA`.
 2022-03-17 14:00:55 -07:00
David Garske
aa8e5a29d4 Merge pull request #4947 from cconlon/compatSmallStack 
Stack/smallstack cleanup for OpenSSL compatibility functions
 2022-03-15 16:47:23 -07:00
Chris Conlon
a52539c489 Merge pull request #4958 from TakayukiMatsuo/example 2022-03-15 17:39:07 -06:00
John Safranek
f80faebfe5 wolfRand for AMD 
1. Add configure option to enable AMD's RDSEED.
2. Add seed parameters when building specifically for AMD using RDSEED.
3. Update the wolfCrypt test to play nice with the larger seed size.
 2022-03-15 15:20:08 -07:00
TakayukiMatsuo
365a4de154 Fix settings and removed warnings 2022-03-16 02:12:45 +09:00
Chris Conlon
ce514e6fc5 add PKCS7_sign, PKCS7_final, SMIME_write_PKCS7. add signer cert verify support to PKCS7_verify, support for PKCS7_TEXT, PKCS7_DETACHED, PKCS7_STREAM 2022-03-15 10:21:22 -06:00
David Garske
2febed01a5 Merge pull request #4949 from SparkiDev/ssl_move_conf 
ssl.c: move TXT and CONF APIs out into conf.c
 2022-03-15 09:02:42 -07:00