wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 20:32:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,490 Commits 12 Branches 184 Tags
ded3f4e9b6508ea5116ca511cd85b1cc842a95ff
Commit Graph

6484 Commits

Author SHA1 Message Date
John Safranek
ded3f4e9b6 Merge pull request #5284 from julek-wolfssl/dtls-good-ch-cb 
DTLS 1.3: additions for event driven server in wolfssl-examples
 2022-07-05 10:14:59 -07:00
David Garske
1c009e8f91 Merge pull request #5311 from SparkiDev/ed_check_pubkey 
Ed25519/Ed448: assume public key is not trusted
 2022-07-05 09:25:50 -07:00
Juliusz Sosinowicz
4caffee590 ForceZero the private key on import error 2022-07-05 13:44:31 +02:00
Sean Parkinson
4a962b7fb2 Ed25519/448: improvements 
Check lengths of buffers in import functions.
priv/pub key set flag set on success only.
 2022-07-05 09:02:05 +10:00
Andrew Hutchings
f8c67345d6 Use the correct mutex type for embOS 
OS_MUTEX_Lock() is acutally a non-blocking mutex lock, for
wc_LockMutex() we need a blocking mutex. Switch to this.
 2022-07-04 15:59:36 +01:00
Juliusz Sosinowicz
c6aa4fc526 DTLS 1.3: allow the server to operate without maintaining state 2022-07-04 11:08:39 +02:00
Daniel Pouzzner
b16c2a2aef fix clang-analyzer-deadcode.DeadStores in sp_div(). 2022-07-01 23:49:58 -05:00
Daniel Pouzzner
5819332f89 Merge pull request #5312 from dgarske/fips_v5dev 
FIPS in core hash using SHA2-256 and SHA2-384
 2022-07-01 23:25:52 -05:00
David Garske
b9be5c2c24 Update to FIPS v5-ready will use latest master. Support for FIPS in core hash using SHA2-256 and SHA2-384 in fips_test.h. Fixes for MATH_INT_T. Fix error: ‘tls13_kdf_test’ declared ‘static’ but never defined. 2022-07-01 15:40:21 -07:00
David Garske
bb68766bda For ED255219 and ED448 if importing private only and public key is already set then check it. 2022-07-01 14:13:45 -07:00
Kareem
90749b7f88 Don't declare tls13_kdf_test if TLS 1.3 is not enabled, to avoid unused function warning. 2022-07-01 13:22:16 -07:00
Kareem
96aedc2f47 Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx. 2022-07-01 13:18:33 -07:00
Kareem
7a7d8d170d Pass in and check output length in SetCurve. 2022-07-01 13:18:33 -07:00
David Garske
bd75e1d6a4 Merge pull request #5307 from kareem-wolfssl/miscfixes2 
Fix a couple of STM32 bugs, and add some missing mutex frees.
 2022-07-01 09:46:22 -07:00
David Garske
0459e83a59 Merge pull request #5310 from SparkiDev/memusage_fix_1 
TLS memusage: reduce usage
 2022-07-01 09:13:05 -07:00
Sean Parkinson
2c943282f0 Ed25519/Ed448: assume public key is not trusted 
In defense against attack, assume the imported public key is not trusted
and check it matches the private key if set.
Added APIs that allow application to explicitly trust public key.
Original APIs default to not trusting public key.
 2022-07-01 09:05:43 -07:00
Sean Parkinson
b9a8f18a97 Merge pull request #5300 from douzzer/20220629-multi-test-fixes 
20220629-multi-test-fixes
 2022-07-01 16:22:05 +10:00
Sean Parkinson
7d58dc5678 TLS memusage: reduce usage 
Reduce the amount allocated to reduce maximum overall dynamic memory
usage.
Rework ServerKeyExchange by extracting the handling of the signed data.
 2022-07-01 14:24:59 +10:00
Kareem
7555cd0685 Fix a couple of STM32 bugs, and add some missing mutex frees. 2022-06-30 16:11:16 -07:00
David Garske
402a4dafd4 Merge pull request #5306 from kareem-wolfssl/ltc_ed235519 
Fix missing return checks in KSDK ED25519 code.
 2022-06-30 16:06:45 -07:00
Daniel Pouzzner
b7ec529f61 wolfcrypt/src/siphash.c: in wc_SipHash(), use FALL_THROUGH macro, not /* fall-through */. 2022-06-30 17:07:35 -05:00
Chris Conlon
867a1f7afa Merge pull request #5289 from TakayukiMatsuo/tls13 2022-06-30 15:49:53 -06:00
Kareem
13beadbfc3 Fix missing return checks in KSDK ED25519 code. 2022-06-30 13:35:00 -07:00
TakayukiMatsuo
ba19737627 Add support for TLS1.3 2022-06-30 23:00:05 +09:00
David Garske
e8e35c9a92 Merge pull request #5301 from SparkiDev/aes_gcm_word_ct 
AES-GCM: make word implementation of GMULT constant time
 2022-06-29 20:26:33 -07:00
Sean Parkinson
8b93d4510d AES-GCM: make word implementation of GMULT constant time 
If performance is impacted then define: AES_GCM_GMULT_NCT
 2022-06-30 09:29:04 +10:00
Sean Parkinson
0159f17692 SP int math; submod fix 
Fix for sp_submod() to reduce by modulus when a or b are equal to
modulus as well as when greater.
 2022-06-30 08:53:25 +10:00
Daniel Pouzzner
5adf7e4eb7 wolfcrypt/src/asn.c wc_BuildEccKeyDer(): fix for clang-analyzer-deadcode.DeadStores. 2022-06-28 19:14:58 -05:00
Daniel Pouzzner
90aaeb283e wolfcrypt/src/siphash.c: add missing !WOLFSSL_NO_ASM clause in gate around inline asm. 2022-06-28 18:19:58 -05:00
Daniel Pouzzner
ce61653a9a wolfcrypt/src/asn.c: fixes for ARM portability (GetASN_Items()), unintended fallthrough (OidFromId()), and uninitialized variable (DecodeSubjInfoAcc()). 2022-06-28 18:18:42 -05:00
David Garske
f51c29d3ca Merge pull request #5293 from SparkiDev/asnt_setecc 
ASN template: Handle HAVE_OID_ENCODING
 2022-06-28 15:45:13 -07:00
Sean Parkinson
092b37f709 Merge pull request #5287 from haydenroche5/aes_ctr_clear_left_on_iv_set 
Clear the leftover byte count in Aes struct when setting IV.
 2022-06-29 08:30:01 +10:00
David Garske
741393e84f Merge pull request #5291 from kaleb-himes/FRDM-K64-Fixes 
Add necessary includes for cross-builds
 2022-06-28 09:35:06 -07:00
David Garske
d4d7e2e5f2 Merge pull request #5294 from SparkiDev/sp_math_all_no_128bit 
SP math all: don't use sp_int_word when SQR_MUL_ASM available
 2022-06-28 07:38:42 -07:00
Sean Parkinson
22336d30e5 SP math all: don't use sp_int_word when SQR_MUL_ASM available 
1. _WIN64 doesn't have 128-bit type but now can use 64-bit sp_int_digit
when assembly code snippets are being used.
2. Fix sp_div() to support values closer to maximum size.
3. Fix builds to work for more configurations.
4. Have ECC uncompressed code keep intermediate values in range of
maximum (x^3 calculation fixed).
5. Fix configuation.ac's check of FIPS for using signed SP Math All.
Default now not signed as intended.
 2022-06-28 15:51:53 +10:00
Sean Parkinson
3c3a90c988 ASN template: Handle HAVE_OID_ENCODING 
When HAVE_OID_ENCODING is defined, the named curve OID is encoded rather
than the full OID.
Use SetCurve to get the OID encoding in ASN template implemenation.
 2022-06-28 09:04:42 +10:00
kaleb-himes
9d11e9092f Add necessary includes for cross-builds 2022-06-27 13:50:27 -06:00
David Garske
94e7eacc5f Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer 
add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
 2022-06-27 12:34:00 -07:00
David Garske
456e463640 Merge pull request #5283 from SparkiDev/sp_arm32_asm_rework 
SP ASM ARM32: reworked generation using common asm ruby code
 2022-06-27 09:17:20 -07:00
David Garske
b84b808b1b Merge pull request #5167 from ejohnstown/cac-ext 
Add support for some FPKI certificate cases, UUID, FASC-N, PIV extension
 2022-06-27 09:06:15 -07:00
Sean Parkinson
999fa8394e SP ASM ARM32: reworked generation using common asm ruby code 
Add support for ARMv6 and ARMv3.
 2022-06-27 11:19:50 +10:00
Hayden Roche
10dfd8d129 Clear the leftover byte count in Aes struct when setting IV. 
Setting the key already does this. The same needs to be done when setting the
IV.
 2022-06-26 15:56:05 +04:00
Daniel Pouzzner
9211825121 sp_int.c: fix refactor of undefined-semantics shift in _sp_mul(). 2022-06-24 18:04:51 -05:00
Jacob Barthelmeh
49740c5543 initialize variables 2022-06-24 15:21:20 -06:00
Daniel Pouzzner
047c662af8 fix math errors unmasked by change to sp-math-all as default math back end. 2022-06-24 15:56:54 -05:00
Jacob Barthelmeh
1977a13754 improve comment for FPKI additions 2022-06-24 12:04:26 -06:00
David Garske
00b82888bc Merge pull request #4759 from dgarske/sp_math_default 
Enable wolfSSL SP Math all (sp_int.c) by default
 2022-06-23 16:14:54 -07:00
JacobBarthelmeh
4de90efbe2 clear out PKEY when setting new key 2022-06-23 14:21:53 -07:00
Jacob Barthelmeh
79ea30a957 memory free on failure, spelling, better function name 2022-06-23 13:40:45 -06:00
David Garske
78d3284c3c Fix for FIPS 140-2 and older ACVP math selection. Fix for building with "--disable-sp-math-all --disable-fastmath". Fix for building SAKKE with HAVE_WOLF_BIGINT. 2022-06-23 11:10:44 -07:00