wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 21:39:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,743 Commits 12 Branches 184 Tags
e5e280b175a0c19c8cc2fd9762b5b6e20637a66c
Commit Graph

5014 Commits

Author SHA1 Message Date
Sean Parkinson
e5e280b175 SP math all: fix exponent bit count 
Only when using non-constant time implementation and modulus even.
 2021-11-30 10:28:42 +10:00
Chris Conlon
7221e06ff7 Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio 2021-11-29 15:32:48 -07:00
David Garske
80c16745c4 Merge pull request #4602 from embhorn/zd13296 
Initialize global in TSIP port
 2021-11-29 13:01:03 -08:00
David Garske
c104ab2206 Merge pull request #4572 from SparkiDev/ecc_pub_decode 
mp_sqrt: TonelliShanks algorithm doesn't handle zero
 2021-11-29 12:27:36 -08:00
Hideki Miyazaki
fb4e39f00a addressed review comments prt1 2021-11-26 16:03:42 +09:00
Tesfa Mael
b2c0bacb06 Fix Cryptocell ecc 2021-11-24 19:22:40 -08:00
Eric Blankenhorn
6d7e50d2ae Initialize global in TSIP port 2021-11-24 09:22:14 -06:00
Hideki Miyazaki
89ed811e23 fix compile error when disabled SCEPROTECT 2021-11-22 21:36:02 +09:00
David Garske
5182e2a8c8 Merge pull request #4580 from kareem-wolfssl/minor_fixes 
Check ssl->arrays in SendClientHello to avoid null dereference.  Allow building with fallthrough defined.
 2021-11-19 16:55:01 -08:00
David Garske
f6c48bf7dc Merge pull request #4560 from kaleb-himes/OE30-OE31-non-fips-changes 
OE30 and OE31 changes external to FIPS module for NetBSD builds
 2021-11-19 15:49:30 -08:00
David Garske
34346bab4f Merge pull request #4579 from JacobBarthelmeh/PKCS7 
BER size adjustment with PKCS7
 2021-11-19 14:49:03 -08:00
Kareem
72d4dcce0f Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace. 2021-11-19 14:13:02 -07:00
Hideki Miyazaki
f50fcd918e support Renesas RA SCE protect mode on RA6M4 evaluation board 2021-11-19 14:22:16 +09:00
Sean Parkinson
7e81372131 Merge pull request #4583 from dgarske/zd13242 
Improve `ret` handling in the `ProcessPeerCerts` verify step.
 2021-11-19 10:22:08 +10:00
David Garske
3054f20c6a Improve ret handling in the ProcessPeerCerts verify step. 2021-11-18 14:51:09 -08:00
kaleb-himes
4324cf8f0a Correct cast from uint to uchar 2021-11-18 10:18:25 -07:00
David Garske
e33156d0dc Merge pull request #4578 from kaleb-himes/OE33_NON_FIPS_CHANGES 
OE33: Fix issues found by XCODE and add user_settings.h
 2021-11-18 06:59:43 -08:00
Sean Parkinson
370570d19b ASN: DH private key encoding 
Proper fix for sequence length when small keys.
 2021-11-18 08:28:49 +10:00
Jacob Barthelmeh
ddf06b8161 BER size adjustment with PKCS7 2021-11-17 12:03:32 -07:00
kaleb-himes
f638df3575 Fix issues found by XCODE and add user_settings.h 
Disable internal test settings by default
 2021-11-17 11:00:56 -07:00
David Garske
e8e0bc0d49 Merge pull request #4552 from SparkiDev/sp_mod_exp_zero 
SP: mod_exp with exponent of 0 is invalid
 2021-11-16 08:29:13 -08:00
Sean Parkinson
33a6b8c779 Merge pull request #4531 from dgarske/cryptocb_aesccm 
Added crypto callback support for AES CCM
 2021-11-16 22:45:11 +10:00
Sean Parkinson
8606788198 SP: mod_exp with exponent of 0 is invalid 
Don't allow exponenetiation by 0 as it is cryptographically invalid and
not supported by the implementation.
Also check for even modulus in mod_exp.
 2021-11-16 11:27:26 +10:00
Masashi Honma
6086728968 Fix possible segfault occurs when mp_clear() is executed for uninitialized mp_int 
If NULL is passed as the digest argument of wc_DsaSign(), mp_clear() will be
called before mp_init() is called. This can cause segmentation fault.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-16 09:57:02 +09:00
Masashi Honma
f621defefe Fix the segfault occurs when mp_clear() is executed for uninitialized mp_int on i386 
test_wc_DsaSignVerify() passes the tests but causes an error.

free(): invalid pointer

If NULL is passed as the digest argument of wc_DsaVerify(), mp_clear() will be
called before mp_init() is called. On qemu-i386, the dp field of the mp_int
structure is non-null by default, which causes a segmentation fault when calling
mp_clear(). However, if WOLFSSL_SMALL_STACK is enabled, this problem does not
occur.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-16 09:56:56 +09:00
Sean Parkinson
d3fc8c229a mp_sqrt: TonelliShanks algorithm doesn't handle zero 
(0 * 0) mod p = 0.
Modular reduce n and shortcut when 0.
 2021-11-16 09:23:07 +10:00
Sean Parkinson
64407bbd7d Merge pull request #4564 from rizlik/unused_ret_value_fix 
woflcrypt/src/rsa.c: check memory allocation return value
 2021-11-16 08:56:47 +10:00
Sean Parkinson
79f18c7585 SP sync: Missing update 2021-11-15 08:33:14 +10:00
David Garske
a626a4fb02 Fixes for spelling errors. 2021-11-12 10:27:49 -08:00
John Safranek
4e20b93e72 Merge pull request #4556 from douzzer/updateFipsHash 2021-11-11 14:23:01 -08:00
John Safranek
c702dab988 Merge pull request #4561 from haydenroche5/wc_prf_fix 2021-11-11 13:03:58 -08:00
Marco Oliverio
3ea4e35737 woflcrypt/src/rsa.c: check memory allocation return value 2021-11-11 16:25:03 +01:00
Hayden Roche
2f29ca1092 Make fixes/improvements to TLS PRF code. 
Make `wc_PRF` return an error if it doesn't find a corresponding hash for the
passed in hash type. Currently, if `wc_PRF_TLS` is called with `NO_OLD_TLS`
defined, it will do nothing but still return success. Make it return an error
instead. These problems were uncovered when running the wolfEngine unit tests
with wolfSSL 5.0.0 FIPS Ready, which defines `NO_MD5` and `NO_OLD_TLS`.
 2021-11-10 15:19:43 -08:00
kaleb-himes
6bb86cf4da OE30 and OE31 changes external to FIPS module for NetBSD builds 2021-11-10 15:16:21 -07:00
Daniel Pouzzner
ed0418c2a8 fix whitespace. 2021-11-09 22:17:38 -06:00
Sean Parkinson
8e0fdc64be Merge pull request #4522 from dgarske/static_eph 
Fixes and refactor for static ephemeral key support
 2021-11-10 08:22:51 +10:00
David Garske
9a83842c29 Merge pull request #4536 from luizluca/refactor_nameconstraints-permit 
ASN: refactor name constraints checks
 2021-11-09 10:44:17 -08:00
David Garske
df82b01e68 Added x448 static ephemeral support. 2021-11-09 08:27:42 -08:00
David Garske
5dac25f470 Eliminate EIGHTK_BUF use in asn. Cleanup uses of 0 in set_verify for callback. 2021-11-09 08:23:19 -08:00
Daniel Pouzzner
f8565f26e2 fixes for --disable-harden. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
Luiz Angelo Daros de Luca
01335e2e1c ASN: refactor name constraints checks 
Use the same logic for any type of name constraint.

It could be even cleaner if there were a altNamesByType[],
permittedNamesByType[] and excludedNamesByType[] in cert.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2021-11-08 20:29:18 -03:00
Sean Parkinson
dd833807d8 Merge pull request #4523 from dgarske/nxp_se050_fixes 
Fixes for NXP SE050 ECC create and key store id
 2021-11-09 08:56:03 +10:00
David Garske
5a4577eb6c Merge pull request #4541 from SparkiDev/mp_hexchar_asm 
SP, TFM: fixes
 2021-11-08 14:49:02 -08:00
Sean Parkinson
49024b131e Merge pull request #4534 from JacobBarthelmeh/fuzzing 
check size of values with sp_gcd
 2021-11-09 08:40:21 +10:00
David Garske
67a11df15b Merge pull request #4548 from anhu/TlS 
Fix capitalization.
 2021-11-08 11:07:00 -08:00
Anthony Hu
a28e44730c Fix capitalization. 2021-11-08 11:45:49 -05:00
John Safranek
d46b140250 Merge pull request #4544 from dgarske/hmachash 2021-11-05 15:11:07 -07:00
David Garske
3941eea626 Fixes for peer review feedback. Improve the ECC key bit calculation. Improve the signature RS unsigned bin creation. 2021-11-05 14:53:20 -07:00
David Garske
7fca031346 Remove duplicate code in wc_HmacFree (looks like past merge error). 2021-11-05 08:20:39 -07:00