wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 16:02:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,890 Commits 12 Branches 184 Tags
dec78169bfb27ed2281d7cdb3dac3effbfc4fe1c
Commit Graph

5773 Commits

Author SHA1 Message Date
David Garske
dec78169bf Merge pull request #4658 from julek-wolfssl/apache-2.4.51 
Add Apache 2.4.51 support
 2021-12-16 08:52:10 -08:00
David Garske
ea2245c4d1 Merge pull request #4656 from JacobBarthelmeh/SanityChecks 
sanity check before reading policy constraint
 2021-12-16 08:42:19 -08:00
Chris Conlon
3bd737b9ef Merge pull request #4665 from miyazakh/sce_fsp_update_v3p5 2021-12-16 09:39:13 -07:00
Juliusz Sosinowicz
017d6cf464 Simplify error queue macros 2021-12-16 12:39:58 +01:00
Juliusz Sosinowicz
e78f7f734e Add Apache 2.4.51 support 
- Define `OPENSSL_COMPATIBLE_DEFAULTS` and `WOLFSSL_NO_OCSP_ISSUER_CHECK` for Apache config
- Fix `SSL_set_timeout` to match OpenSSL signature
- Implement `pkey` in `X509_INFO`
- Detect attempt to connect with plain HTTP
- Implement `wolfSSL_OCSP_request_add1_nonce`
- Set `ssl->cipher.bits` when calling `wolfSSL_get_current_cipher`
- Use custom flush method in `wolfSSL_BIO_flush` when set in BIO method
- Set the TLS version options in the `ssl->options` at the end of ClientHello parsing
- Don't modify the `ssl->version` when in a handshake (`ssl->msgsReceived.got_client_hello` is set)
- `wolfSSL_get_shutdown` returns a full bidirectional return when the SSL object is cleared. `wolfSSL_get_shutdown` calls `wolfSSL_clear` on a successful shutdown so if we detect a cleared SSL object, assume full shutdown was performed.
 2021-12-16 12:39:38 +01:00
Marco Oliverio
fa913f797a Merge pull request #4657 from SparkiDev/sakke_cond_add 
SAKKE: fixup cond add to use all words
 2021-12-16 07:40:13 +01:00
Hideki Miyazaki
63ade421c1 fix redundat #ifdef 2021-12-16 09:30:21 +09:00
Sean Parkinson
bd7e19b8fe Merge pull request #4639 from JacobBarthelmeh/ECC 
deterministic ECC sign edge case fix and add variant
 2021-12-16 08:48:37 +10:00
David Garske
abe8696852 Merge pull request #4642 from cconlon/pubKeyDerFromX509 
Add wc_GetPubKeyDerFromCert()
 2021-12-15 14:30:58 -08:00
Chris Conlon
5172130287 add wc_GetPubKeyDerFromCert(), get pub key DER from DecodedCert 2021-12-15 11:04:52 -07:00
Daniel Pouzzner
a773cdfd5d pkcs12.c wc_d2i_PKCS12_fp(): mollify Visual Studio (false positives C4701 and C4703). 2021-12-14 18:33:24 -06:00
Daniel Pouzzner
242eb2dcf1 wolfcrypt/src/pkcs12.c: fix scan-build deadcode.DeadStores gripe. 2021-12-14 18:08:54 -06:00
David Garske
a6c7d56c32 Merge pull request #4655 from haydenroche5/wc_pkcs12_from_file 
Add wc_d2i_PKCS12_fp to parse a PKCS #12 file directly in wolfCrypt.
 2021-12-14 08:58:57 -08:00
Sean Parkinson
994e370db3 SAKKE: fixup cond add to use all words 2021-12-14 12:02:59 +10:00
John Safranek
2359045b28 Merge pull request #4649 from kaleb-himes/KCAPI_FIPS_READY 
The minimal changes needed to add KCAPI support with fips-ready
 2021-12-13 17:33:03 -08:00
Hayden Roche
92d207a1cd Add wc_d2i_PKCS12_fp to parse a PKCS #12 file directly in wolfCrypt. 2021-12-13 15:28:34 -08:00
JacobBarthelmeh
a2cf234100 sanity check before reading policy constraint 2021-12-13 14:32:46 -08:00
Sean Parkinson
f5cd61e4f9 Merge pull request #4654 from embhorn/zd13375 
Fix _sp_exptmod_base_2 to init vars.
 2021-12-14 07:38:20 +10:00
kareem-wolfssl
638d00f593 Merge pull request #4634 from danielinux/iotsafe-16bit-id 
IoT-SAFE module: improvements and bug fixes
 2021-12-13 11:33:19 -07:00
Eric Blankenhorn
53eb5d2e5a Fix _sp_exptmod_base_2 to init vars. 2021-12-13 10:16:55 -06:00
Daniel Pouzzner
355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Daniel Pouzzner
2193df1d62 add WOLFSSL_ECC_NO_SMALL_STACK. 2021-12-10 23:57:14 -06:00
David Garske
41d4aafa3f Merge pull request #4645 from haydenroche5/parse_cert_public 
Make wolfCrypt ASN cert parsing functionality public.
 2021-12-10 18:27:18 -08:00
kaleb-himes
7cccaa98b7 The minimal changes needed to add KCAPI support with fips-ready 2021-12-10 14:44:20 -07:00
Hayden Roche
6764e7c15f Make wolfCrypt ASN cert parsing functionality public. 
Currently, the `ParseCert` function is only available if `WOLFSSL_ASN_API` is
defined to `WOLFSSL_API`. The only way to achieve this without enabling the
compatibility layer is to define `WOLFSSL_TEST_CERT`. There are users defining
this so that they can parse certs with wolfCrypt, even though this doesn't seem
to be the original intent of the define. This commit adds the function
`wc_ParseCert` to the public wolfCrypt API. It's simply a wrapper around
`ParseCert`. Similarly, this commit adds `wc_InitDecodedCert` and
`wc_FreeDecodedCert` to the public API, which are wrappers around
`InitDecodedCert` and `FreeDecodedCert`, respectively.
 2021-12-10 10:43:28 -08:00
David Garske
65a0b71994 Merge pull request #4641 from anhu/priv_key_check 
Actually do a private/public key check for FALCON.
 2021-12-10 06:53:35 -08:00
Anthony Hu
6b5fa9d0ae remove consistency check; let it fail elsewhere. 2021-12-09 17:12:42 -05:00
David Garske
dd0e3d6ebf Merge pull request #4644 from kareem-wolfssl/iotsafe_class 
Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'.
 2021-12-09 09:10:24 -08:00
Anthony Hu
494abde3eb Better casting. 2021-12-09 09:45:28 -05:00
Daniele Lacamera
f02763b088 Fixes after review comments 2021-12-09 11:23:44 +01:00
Sean Parkinson
6da0cc1ced Merge pull request #4600 from dgarske/cust_oid 
Support for Custom OID in subject and CSR request extension
 2021-12-09 11:24:30 +10:00
Kareem
4200cf1b4d Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'. 2021-12-08 17:17:58 -07:00
Anthony Hu
7022eb6f89 Actually do a private/public key check for FALCON. 2021-12-08 18:04:11 -05:00
Anthony Hu
74442605fa Pass in pointer to a local size_t var, not word32 var to prevent stack corruption. 2021-12-08 16:01:52 -05:00
Jacob Barthelmeh
dfce101b5b deterministic ECC sign edge case fix and add variant 2021-12-08 09:54:47 -07:00
Hideki Miyazaki
081d28f556 better handling for global index 
fix function proto type definition
 2021-12-08 11:42:23 +09:00
Juliusz Sosinowicz
223f25149b Return early on failed key init 2021-12-07 18:11:19 +01:00
Kaleb Himes
96daf2bede Merge pull request #4632 from julek-wolfssl/PrintPubKeyEC-leak 
`a` and `key` were not being freed => leak in `PrintPubKeyEC`
 2021-12-07 07:20:05 -07:00
Daniele Lacamera
1cb8b34fba IoT-SAFE: minor fixes + doxygen for new API calls 2021-12-07 14:11:14 +01:00
Daniele Lacamera
9e73c324a4 iot-safe: Fixed debug printf, updated slot number for 16-bit demo 2021-12-07 14:11:14 +01:00
Daniele Lacamera
23982e4fb3 Fixed wolfIoT_ecc_keygen when key is stored during generation 2021-12-07 14:11:14 +01:00
Daniele Lacamera
b23d51ab78 Avoid looping on uart read after applet initialization fails 2021-12-07 14:11:14 +01:00
Daniele Lacamera
5da89c6275 Clear meaning for the return value of iotsafe_gen_keypair 2021-12-07 14:11:14 +01:00
Kareem
4d483b0a28 iotsafe: allow init to continue with empty response 2021-12-07 14:11:13 +01:00
Daniele Lacamera
e551f439f4 Reworked expect_tok to fix NULL dereferences 2021-12-07 14:11:13 +01:00
Daniele Lacamera
0c0f36d67d IoT-SAFE: Minor fixes 
- reverted length change in put public operation
- Loading CA from IoT-SAFE file slot in 16bit demo
 2021-12-07 14:11:13 +01:00
Daniele Lacamera
2646747f2a Fixed 8bit variable overflow/useless code 2021-12-07 14:11:13 +01:00
Daniele Lacamera
0621ba061b Multiple fixes for IoT-SAFE 
- Tested with a different SIM:
  - 16bit IDs
  - Directly retrieving public key from keygen function
  - larger response buffers (up to 256 bytes in ReadFile)
  - Fixed hardcoded length in ID buffers
 2021-12-07 14:11:13 +01:00
Daniele Lacamera
2f17a7e626 Support longer-than-8bit IDs for IoTSAFE key/file slots 2021-12-07 14:11:13 +01:00
Juliusz Sosinowicz
574d171357 Fix leak when mp_int = 0 in integer.c 2021-12-07 12:46:24 +01:00