Brett Nicholas
5277065c3c
fix typo in WOLFSSL_ENTER function name
2023-10-26 13:01:05 -06:00
JacobBarthelmeh
45ba778692
Merge pull request #6911 from douzzer/20231025-sp_to_unsigned_bin_len_ct-Wconversion-cast
...
20231025-sp_to_unsigned_bin_len_ct-Wconversion-cast
2023-10-26 10:33:50 -06:00
Daniel Pouzzner
7821c48e65
wolfcrypt/src/sp_int.c: add cast in sp_to_unsigned_bin_len_ct() to mollify -Wconversion.
2023-10-25 23:40:21 -05:00
David Garske
fc858ec33b
Merge pull request #6908 from JacobBarthelmeh/static-analysis
...
minor warning fixes from static analysis tests
2023-10-25 17:28:54 -07:00
Brett
89d445a5a5
added --sys-ca-certs client connection to external test
2023-10-25 15:13:08 -06:00
Brett
60f75ea5a8
simplified apple header detection used in code
2023-10-25 15:13:06 -06:00
JacobBarthelmeh
6538ed1c39
coverity fix for CID 327268
2023-10-25 09:52:35 -06:00
JacobBarthelmeh
b46545315c
fix for possible null dereference warning
2023-10-25 08:44:11 -06:00
JacobBarthelmeh
d801dc1c85
Merge pull request #6906 from SparkiDev/pkcs8_info_free_fix
...
ProcessBuffer: fix free call
2023-10-25 08:38:56 -06:00
JacobBarthelmeh
6d8136c63e
Merge pull request #6896 from SparkiDev/rsa_to_bin_len_ct
...
RSA: convert to bin with length in constant time
2023-10-25 08:34:37 -06:00
Sean Parkinson
d87cd2cc05
ProcessBuffer: fix free call
...
'info' was freed before use when OPENSSL_EXTRA is defined.
2023-10-25 17:23:04 +10:00
András Fekete
5da7efacc9
Merge pull request #6894 from julek-wolfssl/fix-possible-hang
...
Fix static analyzer possible leak
2023-10-24 09:13:58 -04:00
András Fekete
a74228b5b0
Merge pull request #6904 from julek-wolfssl/suites-allocation
...
Don't try to allocate 0 size suites copy. Fixes `--enable-trackmemory --enable-smallstack CFLAGS="-DALT_ECC_SIZE" --enable-opensslextra` errors.
2023-10-24 09:07:42 -04:00
Juliusz Sosinowicz
dc5a246fdd
Do NULL check in FreeCRL
2023-10-24 10:31:17 +02:00
Juliusz Sosinowicz
8f60fb0053
Advance pointer in wolfSSL_i2d_X509
2023-10-24 10:25:06 +02:00
Juliusz Sosinowicz
4aad7589d6
Don't try to allocate 0 size suites copy
2023-10-24 10:10:08 +02:00
Sean Parkinson
13cadbbe55
Merge pull request #6903 from douzzer/20231021-fix-null-derefs
...
20231021-fix-null-derefs
2023-10-24 13:12:09 +10:00
JacobBarthelmeh
1de048826e
Merge pull request #6895 from bigbrett/ios-ca-api
...
Fix WOLFSSL_SYS_CA_CERTS bug on Apple devices
2023-10-23 07:57:08 -06:00
Juliusz Sosinowicz
3c5d3c0fa9
bwrap ocsp renew script
2023-10-23 15:53:42 +02:00
gojimmypi
1a113c5429
Espressif add TLS Client/Server local user_settings.h
2023-10-22 16:59:54 +02:00
gojimmypi
8eaf09d7a0
Update Espressif TLS Client/Server CMakeLists.txt
2023-10-22 16:53:56 +02:00
gojimmypi
9fe071fe73
Espressif remove pre-existing /include/user_settings.h during compile all.
2023-10-22 16:21:06 +02:00
Daniel Pouzzner
501299bc31
fix null pointer derefs in examples/pem/pem.c:pemApp_ReadFile() and tests/api.c:LoadPKCS7SignedDataCerts() detected by clang-tidy.
2023-10-21 13:34:04 -05:00
David Garske
cf1dcdf402
Fix for adding signature where OID is not found. Currently our AddSignature function will add without OID, which is invalid. For example RSA is disabled and CSR tries to use CTC_SHA256wRSA. The wc_SignCert_ex will succeed and report success, but the CSR/Cert will be invalid (missing sigType OID).
2023-10-20 16:29:59 -07:00
David Garske
6887281361
Fix for ./configure --enable-pkcs7 --disable-rsa && make check.
2023-10-20 16:27:54 -07:00
JacobBarthelmeh
9db828a099
Merge pull request #6898 from SparkiDev/ed25519_g++
...
Ed25519: add missing C++ directives for C functions
2023-10-20 15:52:12 -06:00
JacobBarthelmeh
5018d6c2bb
Merge pull request #6897 from SparkiDev/tls13_psk_one_id_var_decl
...
TLS 1.3: compiling with WOLFSSL_PSK_ONE_ID fix
2023-10-20 15:48:59 -06:00
JacobBarthelmeh
ca2a6d7daa
Merge pull request #6878 from SparkiDev/sha256_armv7a_vmov_fix
...
ARMv7a SHA256: explicit size on vmov
2023-10-20 15:46:58 -06:00
Brett
2387579880
added FIPS warning for Apple native cert validation
2023-10-20 15:40:49 -06:00
Brett
dd12e5a39e
Fix WOLFSSL_SYS_CA_CERTS bug that accepted intermediate CA certs with invalid
...
signatures. Also adds --sys-ca-certs to client in unit.test to detect
regressions
2023-10-20 15:40:44 -06:00
Andras Fekete
0925f8ab18
Use 'unsigned char'
2023-10-20 16:16:48 -04:00
Andras Fekete
ec0a2f2683
Fix 'negative character value'
...
In a number of libc implementations, isalpha()/isalnum() is implemented using lookup tables (arrays): passing in a negative value can result in a read underrun.
2023-10-20 16:16:48 -04:00
Juliusz Sosinowicz
8cd6cd175d
EVP_EncodeBlock should not append a newline
2023-10-20 13:20:11 +02:00
Sean Parkinson
fcf1406675
RSA: convert to bin with length in constant time
...
Add mp_to_unsigned_bin_len_ct() which puts a number into a buffer with
padding in constant time.
Call mp_to_unsigned_bin_len_ct() in RSA when encoding result of
exponentiation.
2023-10-20 14:04:36 +10:00
Sean Parkinson
c88dcac80e
Ed25519: add missing C++ directives for C functions
...
Assembly code has C function names.
Need to tell C++ that these are C function and not to mangle names.
2023-10-20 12:02:51 +10:00
Sean Parkinson
ce1e44d5e8
TLS 1.3: compiling with WOLFSSL_PSK_ONE_ID fix
...
Move use of 'suites' into non-WOLFSSL_PSK_ONE_ID path as variable
declared and used only in that case.
2023-10-20 10:32:45 +10:00
Sean Parkinson
4ac795961b
ARMv7a SHA256: explicit size on vmov
...
For SHA256 using NEON on ARM32, change vmov instruction that is moving
from scalar to general-purpose register to have explicit size (32 bits).
May be needed by some compilers.
2023-10-20 10:21:57 +10:00
JacobBarthelmeh
1abaa94120
Merge pull request #6889 from SparkiDev/sm2_priv_import_range
...
ECC SM2 import private key: check less than order-1
2023-10-19 17:12:07 -06:00
JacobBarthelmeh
22be42a161
Merge pull request #6885 from bigbrett/aes-eax
...
Move AesEax definition to aes.h
2023-10-19 16:49:10 -06:00
Juliusz Sosinowicz
d13d446c2e
Add missing guard
2023-10-19 20:05:59 +02:00
Juliusz Sosinowicz
2ccbdd3a7e
Log correct message
2023-10-19 19:07:45 +02:00
Juliusz Sosinowicz
cecc5f6b19
Call wc_UnLockRwLock only once
2023-10-19 17:04:41 +02:00
Juliusz Sosinowicz
8a8acbd55f
Add log about allocation failure
2023-10-19 17:00:49 +02:00
Juliusz Sosinowicz
2dd8e713f2
Fix static analyzer possible leak
...
crl would never be null there but clean up code to make sure newcrl->crlLock gets free'd
2023-10-19 16:58:28 +02:00
Eric Blankenhorn
962e35aa24
Add error reporting to loadX509orX509REQFromBuffer
2023-10-19 09:31:30 -05:00
Sean Parkinson
abd7bb3ac3
ECC SM2 import private key: check less than order-1
...
SM2 curves must have private key less than order-1 instead of order.
2023-10-19 17:29:25 +10:00
Juliusz Sosinowicz
1ae248018f
Implement untrusted certs in wolfSSL_X509_STORE_CTX_init
2023-10-18 22:24:19 +02:00
JacobBarthelmeh
a3bf7a66a4
Merge pull request #6886 from julek-wolfssl/openvpn-master-fix
...
Define SSL_get_peer_tmp_key
2023-10-18 13:17:15 -06:00
David Garske
22ab21749c
Merge pull request #6869 from bigbrett/ios-ca-api
...
Add support for new Apple trust APIs with WOLFSSL_SYS_CA_CERTS
2023-10-18 10:29:41 -07:00
Juliusz Sosinowicz
f99c7cbb21
Define SSL_get_peer_tmp_key
2023-10-18 19:24:11 +02:00