wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-29 08:43:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,589 Commits 13 Branches 184 Tags
dec8a7fd93a8ea1c96a5ca7685cd4ec8424128ad
Commit Graph

6520 Commits

Author SHA1 Message Date
Hayden Roche fb3c611275 Fix another AES-GCM EVP control command issue. 
With PR 5170, I added logic that requires a EVP_CTRL_GCM_SET_IV_FIXED command be
issued before a EVP_CTRL_GCM_IV_GEN command. This matches OpenSSL's behavior.
However, OpenSSL also clears the flag enabling EVP_CTRL_GCM_IV_GEN after
EVP_CTRL_GCM_SET_IV_FIXED if EVP_CipherInit is called with a NULL key.
Otherwise, the flag retains its value. We didn't mirror this logic, and that
caused problems in OpenSSH unit testing. This commit aligns our logic with
OpenSSL's and adds a regression test to test_evp_cipher_aes_gcm for this case.
 2022-06-02 12:32:59 -07:00
Tesfa Mael cd008aac6a Add support for VxWorks 6.x 
Use rand_r and define SEM_ID_NULL
Fix redefinition of typedef 'SOCKADDR'
 2022-06-02 09:54:27 -07:00
David Garske 56c48b31ad Merge pull request #5105 from tmael/rsa_oaep_nomalloc 
Support RSA OAEP with nomalloc
 2022-06-02 08:45:01 -07:00
Sean Parkinson fb9f90b98b Merge pull request #5200 from dgarske/qat_fsanitize 
Fixes for buffers when testing with Intel QAT hardware
 2022-06-02 08:35:24 +10:00
Juliusz Sosinowicz 9f2e3a2405 Merge pull request #5198 from dgarske/qat_ecc_marker 2022-06-01 21:35:47 +02:00
David Garske 5672e2a885 Fixes for buffers when testing with Intel QAT hardware and fsanitize=address: 
* PKCS7 should use allocated buffer for RSA.
* PKCS7 small stack typo for `keyAlgArray` size in `wc_PKCS7_AddRecipient_KTRI`.
* Fix for use of `free`, which should be `XFREE` in api.c.
* Cleanup old RSA benchmarking MDK5/WINCE code no longer needed with `WC_DECLARE_ARRAY_DYNAMIC_DEC` and `WC_DECLARE_ARRAY_DYNAMIC_EXE`.
 2022-06-01 12:07:57 -07:00
Hayden Roche 8b9d2ad657 Merge pull request #5196 from douzzer/20220601-multi-test-fixes 2022-06-01 11:41:26 -07:00
David Garske 19c51dac45 Fix for QAT ECC to gate use of HW based on marker. Introduced in PR #4997. 2022-06-01 09:36:21 -07:00
Daniel Pouzzner b212853bce evp.c: in EvpCipherAesGCM(), make sure ctx->gcmAuthIn is non-null before clearing it; fix whitespace. 2022-06-01 10:29:40 -05:00
Andrew Hutchings 11a7756527 Fix 64bit postfix for constants 
GCC 4.0.4 PowerPC 32bit cross-compiler complains when `UL` is used
instead of `ULL` for 64bit constants.
 2022-06-01 15:04:29 +01:00
TakayukiMatsuo 13135e72db Add a global variable for heap-hint, mainly in case heap info cannot be referenced by TSIP 2022-06-01 10:24:03 +09:00
Sean Parkinson 3944a8737a WIN64: compiling with __clang__ _udiv128 not defined 2022-06-01 08:54:57 +10:00
Sean Parkinson dd0b9fb871 SP Winx64 ASM: XMM6-15 are non-volatile 
Put the used non-volatile XMM registers on the stack at the start and
get them off again at the end.
 2022-06-01 08:46:27 +10:00
Sean Parkinson 81cd1e652e Merge pull request #5170 from haydenroche5/evp_cipher_aes_gcm 
Fix EVP_CTRL_GCM_IV_GEN with AES-GCM.
 2022-06-01 08:20:33 +10:00
Chris Conlon 0554b02215 Merge pull request #5177 from JacobBarthelmeh/PKCS7 2022-05-31 09:46:14 -06:00
Chris Conlon da91578bc7 Merge pull request #5180 from miyazakh/tsipv_up 2022-05-31 09:41:47 -06:00
Daniel Pouzzner 8c10c3776d wolfcrypt/src/asn.c: in C89 codepath of GetFormattedTime(), add buffer size checks before calls to sprintf(). 2022-05-27 14:20:38 -05:00
Tesfa Mael aca199cb05 Fix to compile with c89 
strncasecmp and snprintf are unavailable in C89
use // static analyzer suppressions
 2022-05-27 14:20:37 -05:00
Sean Parkinson cacf5aeb7e ASN template: properly handle WOLFSSL_CERT_EXT 
Encoding extensions didn't properly handle WOLFSSL_CERT_EXT not being
defined.
 2022-05-26 10:01:59 +10:00
JacobBarthelmeh ad49aea17d fix for setting AES-CCM decrypt nonce with crypto callback 2022-05-25 13:59:56 -07:00
David Garske fa80aa6505 Merge pull request #5132 from JacobBarthelmeh/req 
Add support for additional CSR attributes
 2022-05-25 13:35:46 -07:00
David Garske e8d779ab78 Merge pull request #5077 from gojimmypi/ESP8266_Development 
Add ESP-IDF WOLFSSL_ESP8266 setting for ESP8266 devices
 2022-05-25 12:46:10 -07:00
David Garske 2d8cc055f0 Merge pull request #5179 from SparkiDev/sp_armv6_fix_1 
SP ARM32 ASM: moving large immediate value
 2022-05-25 09:59:47 -07:00
David Garske da1cbfda46 Merge pull request #5178 from cconlon/nounaligned 
Add define to skip SHA-512 unaligned memory test in test.c
 2022-05-25 09:55:29 -07:00
Hayden Roche 3cf636163b Fix EVP_CTRL_GCM_IV_GEN with AES-GCM. 
Discovered the AES-GCM flow using this command didn't work in our OpenSSH port.
This commit makes the behavior match OpenSSL and adds testing using known
OpenSSL-generated test vectors to prevent regressions. This was one of those
problems where two ends of a connection would work fine if they were both using
wolfSSL but not if one was using OpenSSL (i.e. OpenSSH interop with AES-GCM
was broken).
 2022-05-25 07:00:15 -07:00
Hideki Miyazaki 0d59d36a80 update TSIP VER to 1.15 for RX65N and RX72N 
fix -140 error when enabling -O2

fix no_crypto_hash
 2022-05-25 18:31:23 +09:00
Sean Parkinson d2cb0278f6 SP ARM32 ASM: moving large immediate value 
ARMv6 and early doesn't support moving an immediate value larger than 8
bits. Compiler doesn't have enough spare registers to handle it.
 2022-05-25 10:58:32 +10:00
JacobBarthelmeh a1fb385450 free recipent list in error cases 2022-05-24 15:12:39 -07:00
David Garske 5aea58d1e8 Merge pull request #5175 from douzzer/20220524-shellcheck-warnings 
20220524-shellcheck-warnings
 2022-05-24 14:21:49 -07:00
David Garske 74cbd08ff5 Merge pull request #5164 from cconlon/x509date 
Remove WOLFSSL_ALT_NAMES restriction on notBefore/notAfter use in Cert struct
 2022-05-24 12:41:00 -07:00
Chris Conlon 321d404d6b add define to skip unaligned memory tests in test.c 2022-05-24 11:55:21 -06:00
Daniel Pouzzner b66fa1680a fix whitespace. 2022-05-24 12:13:14 -05:00
Chris Conlon 6a26dab73a X.509 cert validity for CertFromX509() and EncodeCert() shouldn't be protected by WOLFSSL_ALT_NAMES 2022-05-24 10:28:46 -06:00
Sean Parkinson fab9e29513 benchmark.c: fix Jenkins failure where byte, word32 not defined 2022-05-24 12:10:01 +10:00
David Garske 6424af120c Merge pull request #5161 from SparkiDev/sp_armv7a 
SP ARM 32: Fixes to get building for armv7-a
 2022-05-23 10:01:49 -07:00
JacobBarthelmeh cdfdefe9af improve checking on UUID getter function 2022-05-22 17:18:20 -07:00
JacobBarthelmeh 9e4de4bfc8 add FASC-N and UUID alt. name support 2022-05-22 17:18:20 -07:00
John Safranek 62cb2b4ca9 ASN.1 Additions for FPKI/CAC 
1. Add some OIDs used in the Federal PKI Policy Authority standard.
2. Added the SubjectDirectoryAttributes extension to certificate
   parsing. (limited to country of citizenship)
3. Rename constant label SUBJECT_INFO_ACCESS to SUBJ_INFO_ACC_OID
4. Added the SubjectInfoAccess extension to certificate parsing.
   (limited to one URL)
5. Add the SSH extended key usage flags.
6. Use some of the template changes on the new certificate items.
 2022-05-22 17:18:20 -07:00
David Garske b5d65b9579 Merge pull request #5159 from kareem-wolfssl/fipsv3HmacMd5 
Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS boundary.
 2022-05-20 18:40:29 -07:00
David Garske 9a74745246 Merge pull request #5163 from haydenroche5/evp_pkey_derive_guard 
Remove unneeded FIPS guard on wolfSSL_EVP_PKEY_derive.
 2022-05-20 17:12:24 -07:00
Chris Conlon ec39ee2cb6 Merge pull request #5070 from miyazakh/crypto_only_flwup 2022-05-20 17:08:29 -06:00
David Garske 04ddd0abe4 Merge pull request #5095 from haydenroche5/decoded_cert_crit_fields 
Make the critical extension flags in DecodedCert always available.
 2022-05-20 15:03:39 -07:00
Hayden Roche a6b948ae59 Remove unneeded FIPS guard on wolfSSL_EVP_PKEY_derive. 2022-05-20 11:29:01 -07:00
René Liebscher a8024a32c5 Remove unused warning in ecc.c 
When WOLFSSL_ECIES_OLD is defined you get an unused warning
in ecc.c / wc_ecc_encrypt_ex().
Just suppress it by "using" the parameter.
 2022-05-20 16:05:10 +02:00
Sean Parkinson bc5262a5d0 SP ARM 32: Fixes to get building for armv7-a 
Change ldrd to either have even first register or change over to ldm
with even first register.
Ensure shift value in ORR instruction has a hash before it.
Don't index loads and stores by 256 or more - make them post-index.
div2 for P521 simplified.
 2022-05-20 12:15:58 +10:00
Kareem 832a7a40a6 Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS boundary. 2022-05-19 12:06:20 -07:00
Daniel Pouzzner f2e9f5349f wolfcrypt/src/asn.c: refactor DecodeBasicOcspResponse() to keep DecodedCert off the stack in WOLFSSL_SMALL_STACK builds. 2022-05-19 11:28:34 -05:00
David Garske 4a3ff40eb3 Merge pull request #5138 from haydenroche5/issuer_names 
Add ability to store issuer name components when parsing a certificate.
 2022-05-18 16:56:55 -07:00
Chris Conlon 1026c7141e Merge pull request #5148 from JacobBarthelmeh/PKCS7 2022-05-18 11:44:20 -06:00
Hideki Miyazaki 54a96cef06 add test case 2022-05-18 11:16:10 +09:00