8be2d7690a
add API functions libwolfssl_configure_args() and libwolfssl_global_cflags() to retrieve build parameters at runtime.
2020-10-28 17:28:01 -05:00
931eea30f5
Merge pull request #3397 from cconlon/rc2
...
RC2 ECB/CBC and PKCS#12 Integration
2020-10-28 15:06:47 -07:00
90258b6f34
Fix MSVC compile issue in chacha.c.
...
Use XMEMSET instead of initializing with {}.
2020-10-28 14:57:59 -05:00
112cce8cf2
Merge pull request #3407 from SparkiDev/pkcs11_sign_vfy
...
PKCS #11 : changes for signing and loading RSA public key from private
2020-10-28 12:53:58 -07:00
6a98601895
Merge pull request #3427 from SparkiDev/ecdsa_shamir_precomp
...
ECC Shamir's Trick: infinity in precomp
2020-10-28 12:08:40 -07:00
3a9758f257
Merge pull request #3433 from dgarske/sniffer_sni
...
Fix for Sniffer with SSLv3 where SNI is not supported
2020-10-28 12:06:37 -07:00
a15769b12e
Merge pull request #3435 from ejohnstown/ntf2
...
Nightly Test Fix 2
2020-10-28 06:39:15 -07:00
91f0d8bfef
Fix MSVC compile issue in chacha.c.
...
MSVC generates a syntax error when you initialize
an array with {}. {0} has the same effect and compiles.
2020-10-27 21:14:15 -05:00
4277ec62f9
Merge pull request #3431 from kaleb-himes/NO_FILESYSTEM_FIX
...
Remove file system constraint on wolfSSL_CTX_check_private_key()
2020-10-27 15:25:59 -07:00
6a77a8d8d6
Compatibility Layer
...
When making a AUTHORITY KEY object, if the ASN1 OBJECT fails, the key object is leaked.
2020-10-27 14:51:35 -07:00
a43d239271
Fix for Sniffer with SSLv3 where SNI is not supported. ZD 11169.
2020-10-27 11:26:02 -07:00
76e84e0830
Merge pull request #3423 from ejohnstown/nightly-test-fix
...
Nightly Scan-Build Test Fixes
2020-10-27 08:31:19 -07:00
f934fb03bd
Remove file system constraint on wolfSSL_CTX_check_private_key()
2020-10-27 08:57:46 -06:00
fb2288c46d
RSA-PSS: Handle edge case with encoding message to hash
...
When the key is small relative to the digest (1024-bit key, 64-byte
hash, 61-byte salt length), the internal message to hash is larger than
the output size.
Allocate a buffer for the message when this happens.
2020-10-27 12:39:06 +10:00
7dbd6102d2
Compatibility Layer
...
When wolfSSL_X509_NAME_ENTRY_create_by_txt() needs to make a new ASN.1 object ID, actually store it in the name entry.
2020-10-26 16:10:44 -07:00
2ebb47ec32
Merge pull request #3424 from douzzer/fix-save-vector-registers-gating
...
wc_port.h: improve/fix gating on {SAVE,RESTORE}_VECTOR_REGISTERS()
2020-10-26 15:33:00 -07:00
fd5a309a47
wc_port.h: improve gating on {SAVE,RESTORE}_VECTOR_REGISTERS() to assure no-op fallback definitions in non-autotools builds.
2020-10-26 12:06:18 -05:00
74b834a78c
Merge pull request #3422 from ejohnstown/ecc-name
...
Tautological Name Fix
2020-10-26 10:12:51 +10:00
9c1049f112
Compatibility Layer
...
1. Changed the ASN1_OBJECT member of the X509_NAME_ENTRY to be a pointer
rather than an object. It could lead to a double free on the name
entry.
2. The ASN1_OBJECT allocator should set the dynamic flag, as the
deallocator is the one that uses it.
3. General changes to treat the member as a pointer rather than a
member.
4. In the api test, we were iterating over the name members in the name
checking the NIDs. After the loop we freed the name member object.
This led to a double free error.
2020-10-25 14:38:07 -07:00
f5f883597e
RSA PSS Fix
...
1. Change the utility function in wc_encrypt that returns the size of a
hash to initialize the size to HASH_TYPE_E, like the other utility
functions.
2. When getting the hash size returns an error, RSA-PSS verify inline
should return a BAD_FUNC_ARG error.
2020-10-24 13:06:42 -07:00
3f5620089e
PKCS7: In EncodeEncryptedData, free the attribs and flattenedAttribs if
...
they were allocated, not based on if they should be allocated.
2020-10-24 12:41:10 -07:00
bfccf35eaf
Tautological Name Fix
...
Depending on the build option WOLFSSL_ECC_CURVE_STATIC, the name in the
ecc_set may be a pointer (default) or an array. With the above set with
the CFLAG -Wtautological-pointer-compare you'll get a build error.
Changed the comparison in the for loop with this problem to check the
name's pointer only if appropriate.
2020-10-23 15:23:16 -07:00
277edbb514
fix for --disable-tls13 --enable-sniffer
2020-10-24 07:14:43 +09:00
02536461e6
fix for --enable-opensslall --disable-sha224
2020-10-24 07:06:24 +09:00
685a35e097
Add missing stdint.h reference.
2020-10-23 13:42:25 -07:00
e24ac4211d
Merge pull request #3405 from kojo1/EVP-gcm-zero
...
set tag including if(inl == 0) case
2020-10-23 14:35:47 -06:00
a5f86729f9
Deleted comment
2020-10-23 13:52:06 -06:00
a50e88430f
Add OPENSSL_init_crypto and OPENSSL_init_ssl API's.
2020-10-23 12:13:08 -07:00
6dbc1cb75d
Add support for TLS v1.3 compatibility API SSL_verify_client_post_handshake for the server-side to support rehandshake. Required for Apache v2.4.39 with TLS v1.3.
2020-10-23 12:13:08 -07:00
589057245f
Improvement to ECC wc_ecc_rs_raw_to_sig to reduce memory use (avoid the mp_int). Additional test cases. Fixes for previous function changes.
2020-10-23 11:00:46 -07:00
c27d5f57c4
check PKCS7 content length is not larger than bundle if not using separate header/footer
2020-10-23 09:56:34 -07:00
a7b325f542
Merge pull request #3414 from kabuobeid/wolfrand_build_fix
...
Fix wolfrand build failure.
2020-10-22 22:54:05 -07:00
24af0497b5
PKCS #11 : changes for signing and loading RSA public key from private
2020-10-23 14:02:59 +10:00
ff092c02d2
Merge pull request #3396 from SparkiDev/fips_armasm
...
FIPS ARMASM: get build working
2020-10-22 15:26:24 -07:00
05094460b2
Merge pull request #3353 from douzzer/XChaCha
...
XChaCha
2020-10-22 15:25:56 -07:00
42583b5270
Fix wolfrand build failure, caused by defining NO_ASN without NO_CERTS.
2020-10-22 14:48:37 -07:00
2bd761bb4c
Added a case for logging.c unit test with debug not enabled
2020-10-22 14:51:07 -06:00
0065756efc
Improvement to ECC wc_ecc_sig_to_rs to reduce memory use (avoid the mp_int).
2020-10-22 13:34:19 -07:00
cb8e625e32
Fix to allow import of private key with ATECC. Its okay to load private key material into ecc_key struct.
2020-10-22 13:26:00 -07:00
6265006553
Merge pull request #3403 from elms/cppcheck/cleaup_fixes
...
Address some cppcheck issues
2020-10-22 12:56:19 -07:00
be8e4d1949
Fix to reduce memory use with small stack on ECC key import.
2020-10-22 12:41:49 -07:00
1ced948391
check PKCS7 SignedData private key is valid before using it
2020-10-22 10:37:11 -07:00
df382f382f
fix case in PKCS7_VerifySignedData where pkiMsgSz may not be set correctly
2020-10-22 09:23:32 -07:00
f75dc4727d
Merge pull request #3408 from ejohnstown/opt-fix
...
Example Client OCSP Option Fix
2020-10-22 09:00:04 -07:00
5e78a0107d
check Rc2EcbEncrypt/Decrypt returns during CBC ops
2020-10-22 09:57:34 -06:00
d1f13a6570
rearrange Rc2 struct for optimal alignment
2020-10-22 09:43:40 -06:00
e28303b40a
In DoServerKeyExchange(), when reading the DH key from the server, the
...
client was checking it too strictly. The pubkey value should be checked
as strictly as the generator, for too large. The public key value is
checked mathematically elsewhere.
2020-10-21 21:47:32 -07:00
81849e64b8
scripts/openssl.test: for "-psk" cases, use "-psk key", not "-psk=key", for OpenSSL 1.0.2 compatibility.
2020-10-21 23:30:14 -05:00
ca7161a86f
Example Client OCSP Option Fix
...
1. Before checking to see if the must staple flag is on the 'W' option,
check the length of myoptarg.
2020-10-21 23:23:45 -05:00
d2dac8e4b8
Example Client OCSP Option Fix
...
1. Before checking to see if the must staple flag is on the 'W' option,
check the length of myoptarg.
2020-10-21 13:30:51 -07:00
Daniel Pouzzner
toddouska
Hayden Roche
David Garske
John Safranek
kaleb-himes
Sean Parkinson
Takashi Kojo
Chris Conlon
Ethan Looney
Kareem Abuobeid
tmael