wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 11:42:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,539 Commits 12 Branches 184 Tags
dfa997a6fd9569ca9bd588e51c56e9580ba07590
Commit Graph

6084 Commits

Author SHA1 Message Date
Eric Blankenhorn
4b30f47e9b Fix casts in evp.c and build issue in ParseCRL 2022-11-08 10:59:18 -06:00
Sean Parkinson
bd83345c02 Merge pull request #5773 from dgarske/async_v5.5.3 
Fixes for various tests that do not properly handle `WC_PENDING_E`
 2022-11-08 14:47:23 +10:00
David Garske
826dfd8a23 Merge pull request #5766 from SparkiDev/x509_subj_dir_attr_fix 
ASN X509 subject directory attribute: fix ASN template parsing
 2022-11-07 17:41:27 -08:00
David Garske
44e66fd7c7 Merge pull request #5762 from SparkiDev/pkcs11_find_no_class_type 
PKCS#11: compile time check in finding keys
 2022-11-07 17:40:50 -08:00
David Garske
9c645cf5ce Merge pull request #5747 from SparkiDev/pkcs11_nullptr_user_pin 
PKCS#11: User PIN can be NULL_PTR
 2022-11-07 17:40:38 -08:00
David Garske
887b4bd9f0 Merge pull request #5767 from haydenroche5/load_system_root_certs 
Improve logic for enabling system CA certs on Apple devices.
 2022-11-07 15:15:13 -08:00
Sean Parkinson
b845c8bfc8 SP int: support mingw64 again 
Check for _MSC_VER to determine that we are compiling for MSVC.
 2022-11-07 16:34:26 +10:00
David Garske
1ee3a78e4a Fixes for various tests that do not properly handle WC_PENDING_E. 2022-11-04 14:56:40 -07:00
Hayden Roche
d0f33f62f4 Fix missing config.h include in some ARMv8 files. 2022-11-04 13:53:22 -07:00
Hayden Roche
4a917219f7 Merge pull request #5608 from SparkiDev/pk_c_rework_2 2022-11-04 13:32:36 -07:00
Hayden Roche
1ce5951f0d Merge pull request #5722 from dgarske/stm32 2022-11-04 13:32:11 -07:00
Hayden Roche
7cc2336af7 Merge pull request #5737 from SparkiDev/ecc_cofactor 2022-11-04 13:31:24 -07:00
Hayden Roche
fbc4af8701 Merge pull request #5739 from anhu/no_WOLFSSL_DYN_CERT 2022-11-03 14:24:34 -07:00
David Garske
1adc06d181 Fix for Intel QAT handling of sign R when cofactor is not 1. ZD 15017 2022-11-03 10:00:07 -07:00
Sean Parkinson
4766a978cf ECC cofactor: fix check scalar bits 
For shared secrets, when a curve has a cofactor, the private key (in
range of order) is multiplied by the cofactor before use.

If there is a cofactor involved, check bit size of scalar against
modulus instead of order.
 2022-11-03 10:00:07 -07:00
Sean Parkinson
336bef666a ASN X509 subject directory attribute: fix ASN template parsing 
Support multiple attributes.
When Country of Citizenship, pull out PRINTABLE_STRING explicitly.
Each type of attribute has a different format.
 2022-11-03 09:24:59 +10:00
Sean Parkinson
ae22babf8b PKCS#11: compile time check in finding keys 
When WC_PKCS11_FIND_WITH_ID_ONLY defined, don't add key class and
type to attributes of search for by Id.
 2022-11-01 17:38:46 +10:00
Anthony Hu
0158c82487 Keep WOLFSSL_DYN_CERT 2022-10-28 13:37:55 -04:00
Sean Parkinson
7bd8ced7af ARM32 ASM: fix asm saving and restoring of registers 
Fix push and pop generated at beginning and end of function.
 2022-10-28 09:51:32 +10:00
Sean Parkinson
4b648e7e08 PKCS#11: User PIN can be NULL_PTR 
Allow TokenInit to store NULL for User Pin.
New APIs to handle not setting User PIN.
 2022-10-28 08:52:18 +10:00
JacobBarthelmeh
319901a85c Merge pull request #5743 from SparkiDev/tls_perf_fix_forcezero 
TLS performance fix: ForceZero minimization
 2022-10-27 13:43:17 -06:00
JacobBarthelmeh
7366a9edbd Merge pull request #5744 from SparkiDev/regression_fixes_4 
Regresssion testing fixes
 2022-10-27 11:49:52 -06:00
Sean Parkinson
fd7544ca19 Regresssion testing fixes 
Ed25519 and Ed448 need to enable certs.

If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.

Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.

MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
 2022-10-27 17:47:48 +10:00
Sean Parkinson
b1e37377a1 TLS performance fix: ForceZero minimization 
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.

ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.

Fix SP to zeroize the whole buffer.

Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
 2022-10-27 17:00:42 +10:00
JacobBarthelmeh
1c09a67f6a Merge pull request #5735 from SparkiDev/aes_gcm_c_dec_auth 
AES GCM decrypt C: don't decrypt when auth tag invalid
 2022-10-26 22:41:25 -06:00
Hayden Roche
294a26ba0c Merge pull request #5708 from JacobBarthelmeh/OCSP 2022-10-26 15:43:15 -07:00
David Garske
e26d4f84fc Improvements for AES GCM on STM32. Cleanups for STM32 example. 2022-10-26 14:10:19 -07:00
JacobBarthelmeh
33617588fc fix setting dynamic flag with ocsp and asn template 2022-10-26 10:31:50 -07:00
David Garske
0c79ca1de1 Fix for STM32 PKA with coefSign for non 256-bit curves. Don't check point for STM PKA. ZD14928 2022-10-26 09:44:58 -07:00
JacobBarthelmeh
a26b89f66b fix leak with multiple entries 2022-10-26 09:29:06 -07:00
Anthony Hu
9486721bb8 Prevent WOLFSSL_NO_MALLOC from breaking RSA certificate verfication 2022-10-26 12:11:55 -04:00
Stanislav Klima
6fa43a3d84 removed backslash 2022-10-26 15:03:31 +02:00
Sean Parkinson
dad62fc182 pk.c: rework DH API and improve PEM read/write 
Reorganized the DH APIs into groups.
Reworked all DH APIs.
Improved testing of DH API.

Implemented wolfSSL_PEM_read_RSAPublicKey() and
wolfSSL_PEM_write_RSA_PUBKEY().
Fix public key PEM write implementations to use the correct
header/footer names.
Added support for "RSA PUBLIC KEY" in header and footer in DerToPemEx().

Reworked PEM read/write APIs to be independent. No longer create an EVP
to use common function - common functionality refectored out.
Similarly file APIs don't create a BIO and call the partner APIs.

Improved testing of PEM read/write APIs.

Generic read BIO from memory BIO now returns the buffer instead of
allocating memory and reading.
No longer reading chunks when a file BIO.

Added wolfssl_make_rng() to create or get get global random. All RSA and
DH APIs now use this. DH_generate_parameters() creates a random object
and use global on error rather than just using global random.

Changed implementations to use BIO_new_fp() instead of create a new BIO
and setting file pointer.
 2022-10-26 10:28:20 +10:00
Sean Parkinson
55ab33a4a4 AES GCM decrypt C: don't decrypt when auth tag invalid 2022-10-26 09:25:28 +10:00
Daniel Pouzzner
2575047ea2 wolfcrypt/src/port/arm/armv8-aes.c: define FIPS_NO_WRAPPERS, rather than undefine HAVE_FIPS, to fix FIPS builds. 2022-10-25 17:24:34 -05:00
Daniel Pouzzner
084fabc733 Merge pull request #5731 from SparkiDev/armv7a_aes_fixup 
AES-CBC decrypt ARMv8 no hw crypto: fixes
 2022-10-25 17:23:45 -05:00
Hayden Roche
e7a121325b Merge pull request #5720 from julek-wolfssl/nid-defines 2022-10-25 10:34:59 -07:00
David Garske
d052feeff2 Merge pull request #5675 from embhorn/zd14968 
Fix coverity issues
 2022-10-25 10:08:40 -07:00
Juliusz Sosinowicz
2ae815e2ee Use WOLFSSL_ERROR_MSG for error logs 2022-10-25 13:13:44 +02:00
Sean Parkinson
e9a7c36c7b AES-CBC decrypt ARMv8 no hw crypto: fixes 
Handle in and out buffer being the same.
 2022-10-25 11:32:47 +10:00
Daniel Pouzzner
3677253b55 fixes and comments for buildability, warnings, and clarity, re WOLFSSL_ARMASM_NO_HW_CRYPTO, in configure.ac, wolfcrypt/src/port/arm/armv8-aes.c, and wolfcrypt/test/test.c. 2022-10-24 17:31:48 -05:00
Hayden Roche
4859a00c2a Merge pull request #5698 from SparkiDev/aes_arm32_no_hw 2022-10-21 12:34:22 -07:00
Hayden Roche
1bde7b3d47 Merge pull request #5665 from SparkiDev/sp_msvc_x64_asm_fix 2022-10-20 15:09:29 -07:00
Juliusz Sosinowicz
3339443260 Change NID_* from enum to #define 2022-10-20 17:07:32 +02:00
Hayden Roche
86605c92ce Merge pull request #5714 from ejohnstown/inline-guard 2022-10-19 08:33:07 -07:00
John Safranek
353a8a0275 Inline Function Guard 
Fixed an inline function aes.c that was included, but never used. Added
similar preprocessor guard around it as when it is used.
 2022-10-18 10:51:51 -07:00
Hayden Roche
e3ced9f9ae Make some improvements to user_settings_asm.h. 
For the CMake and autotools flows, enabling user_settings.h will define the
macro WOLFSSL_USER_SETTINGS_ASM. This will cause the generated
user_settings_asm.h to be included in the .S assembly files. If the user is
building without autotools or CMake, these files will include user_settings.h
directly, unless WOLFSSL_USER_SETTINGS_ASM is defined.
 2022-10-18 09:20:06 -07:00
Sean Parkinson
591101fd8b AES for ARM32 without using crypto hardware instructions 
AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-CCM
Fix ldrd and strd to use even first first register and have
second register be next after first.
 2022-10-18 08:31:53 +10:00
Lealem Amedie
327b66d3ed Miscellaneous fixes from scan-build and KDF refactor & small build fixes 2022-10-17 14:34:08 -07:00
JacobBarthelmeh
6f1db6c03a Merge pull request #5697 from cconlon/pkcs7SignedCertSet 
PKCS#7: Fix SignedData verification when signer cert is not first in SET
 2022-10-14 16:05:40 -06:00