wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 22:02:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,458 Commits 12 Branches 184 Tags
f0d400a506edd85cacc0e9388d6525ee1eff3f6d
Commit Graph

12458 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
f0d400a506 Merge pull request #3401 from kojo1/EVPcipher_tbl 
cipher_tbl for EVP_get_cipherbyname
 2020-10-19 14:28:59 +10:00
Takashi Kojo
a87f7c9185 cipher_tbl for EVP_get_cipherbyname 2020-10-19 06:17:15 +09:00
David Garske
ab88ab160c Merge pull request #3395 from douzzer/misc-fixes-20201015 
misc fixes for coverage and buildability
 2020-10-16 07:28:48 -07:00
Sean Parkinson
a595e3cc48 Merge pull request #3394 from ejohnstown/wolfssh-update 
wolfSSH Update
 2020-10-16 09:08:37 +10:00
David Garske
9793414d78 Merge pull request #3381 from SparkiDev/ecc_ct_fix 
ECC mulmod: some curves can't do order-1
 2020-10-15 14:46:46 -07:00
Daniel Pouzzner
eb7a79aa5e misc fixes for coverage and buildability: add MD2 to --enable-all*; fix spelling of "Sno" to "no" for $ENABLED_BLAKE2S default; when ENABLED_QSH add -DWOLFSSL_STATIC_DH -DWOLFSSL_STATIC_PSK (relates to ZD11073); add missing gating for !defined(WOLFSSL_DEVCRYPTO) in api.c:test_wc_Sha256FinalRaw(); fix tests/api.c:IsValidCipherSuite() to build under gcc10 (relates to ZD11073). 2020-10-15 15:05:29 -05:00
John Safranek
69ac13c2e9 wolfSSH Update 
Originally, wolfSSH required some algorithms to be enabled in wolfCrypt
to work correctly. wolfSSH is now more flexible with how wolfCrypt is
configured, and these combinations do not have to be restricted.
 2020-10-15 11:37:31 -07:00
David Garske
49b3fb21c8 Merge pull request #3391 from ejohnstown/autoconf-fix 
Automake Fixes
 2020-10-15 10:12:27 -07:00
John Safranek
c2bb359eb4 Automake Fixes 
1. A couple cert scripts don't need to be included in the makefile or the distribution.
 2020-10-14 17:23:58 -07:00
toddouska
f69fa13e02 Merge pull request #3357 from guidovranken/StoreECC_DSA_Sig-fix 
Improve StoreECC_DSA_Sig bounds checking
 2020-10-14 16:53:46 -07:00
toddouska
026ba4e750 Merge pull request #3368 from dgarske/zd11057 
Fix for possible malformed encrypted key with DES3 causing negative length
 2020-10-14 15:32:48 -07:00
toddouska
1c4b15d427 Merge pull request #3369 from dgarske/sniffer_ccm 
Add AES CCM support to sniffer
 2020-10-14 14:31:57 -07:00
toddouska
8898abcc99 Merge pull request #3378 from dgarske/zd11085 
Fixes SSLv3 use of ECDH in sniffer
 2020-10-14 14:30:15 -07:00
toddouska
3f4bf9144b Merge pull request #3366 from SparkiDev/pkcs11_lookup 
PKCS #11: improve key lookup
 2020-10-14 14:22:56 -07:00
David Garske
232028d03b Merge pull request #3386 from ejohnstown/dh-maint 
Fuzz Fix
 2020-10-13 15:47:11 -07:00
David Garske
b68828d3c9 Merge pull request #3361 from tmael/ocsp-nocheck 
Add support for id-pkix-ocsp-nocheck
 2020-10-13 15:46:02 -07:00
David Garske
048a3a8d5b Merge pull request #3374 from JacobBarthelmeh/Testing 
NO_FILESYSTEM build on Windows
 2020-10-13 13:26:46 -07:00
John Safranek
422683f4c3 Fuzz Fix 
GetPublicDhKey() assumes the ssl session owns the DH public key parts, and
tries to free them. They belong to the CTX initially, so it shouldn't be
freeing them, necessarily.

1. Add a check for weOwnDh first, then free the buffers if needed.
2. If there is a problem reading the keys, free the new buffers before exiting.
3. Set weOwnDh once the buffers and values have been stored
   successfully.
 2020-10-13 10:15:58 -07:00
Jacob Barthelmeh
6aa0eacc62 use correct key buffer for example private key 2020-10-13 09:26:54 -06:00
Sean Parkinson
f0db2c177e ECC mulmod: some curves can't do order-1 
Change implementation of timing resistant scalar multiplication to use
Joye double-add ladder.
No longer have fake operations being performed therefore can remove the
order adding operations.
Still need to check for boundary condition: order-1 wil not work with
SECP256K1 as it results in an add of order/2 and (order/2)+1 times base
point which are the negatives of each other. The sum is infinity and not
handled by maths.
Added mp_cond_swap_t - Conditionally swap in constant time.
 2020-10-13 09:55:35 +10:00
David Garske
0d685e4f28 Merge pull request #3358 from douzzer/wolfSSL_get_ocsp_producedDate 
add wolfSSL_get_ocsp_producedDate().
 2020-10-12 15:21:10 -07:00
David Garske
de6164df5a Merge pull request #3382 from ejohnstown/aes-clear 
AES Clear Temp
 2020-10-12 15:17:00 -07:00
David Garske
4396e10500 Merge pull request #3379 from ejohnstown/mfix 
Maintenance Fixes
 2020-10-12 14:53:56 -07:00
Chris Conlon
1f78297c5c Merge pull request #3372 from miyazakh/Renesas_APRA6M 
added set up guide for APRA6M board
 2020-10-12 14:23:06 -06:00
Chris Conlon
2a1efda140 Merge pull request #3380 from kojo1/mqx 
minor fix for MQX, Kinetis
 2020-10-12 14:03:20 -06:00
John Safranek
5ead4386b3 AES Clear Temp 
ForceZero()'ed a couple local variables that have keying material at some point.
 2020-10-12 10:30:34 -07:00
John Safranek
0ca202f389 Rename SKIP_SUITE to something more descriptive. Add some comments. 2020-10-12 09:49:02 -07:00
Tesfa Mael
a4bfa0dec7 Add support for id-pkix-ocsp-nocheck 2020-10-11 19:47:50 -07:00
Takashi Kojo
ce97eadae1 fix for MQX 2020-10-11 06:57:33 +09:00
Daniel Pouzzner
9de5eea1d9 configure.ac: supplement AC_CHECK_FUNCS() (function link test) with AC_CHECK_DECLS() (function declaration test) to avoid false positives. fixes various build failure modes. 2020-10-09 22:18:51 -05:00
Hideki Miyazaki
bf59d169dd Update include.am to include new README files 2020-10-10 09:57:05 +09:00
John Safranek
a05a305d70 Fix unused parameters in SKIP_SUITE. 2020-10-09 15:59:14 -07:00
John Safranek
6cfb038d11 Fix a bad ifdef. 2020-10-09 15:54:44 -07:00
John Safranek
2d85061c47 Maintenance Fixes 
Improve the reporting of the NTRU based cipher suites with the function
wolfSSL_sk_CIPHER_description().
 2020-10-09 15:01:39 -07:00
John Safranek
d8299e2764 Maintenance Fixes 
When building the list of ciphers with wolfSSL_get_ciphers_compat(),
skip the fake indicator ciphers like the renegotiation indication
and the quantum-safe hybrid since they do not have encryption or mac
algorithms associated to them.
 2020-10-09 15:01:38 -07:00
John Safranek
aeeeb666a7 Maintenance Fixes 
1. The test_wolfSSL_X509V3_EXT_print() test was using stderr for output,
   changed to stdout.
2. A call to XFREAD wasn't typecasting its output to the size of the
   variable getting the output in decodedCertCache_test().
 2020-10-09 15:01:32 -07:00
John Safranek
724eb96047 Merge pull request #3377 from douzzer/PR3371 
fix pkcs7compressed_test() (test gated on HAVE_LIBZ), broken by PR#3244.
 2020-10-09 15:00:15 -07:00
David Garske
f3fbb921c0 Fixes SSLv3 use of ECDH. The public key length byte needs to be skipped for import with SSLv3 and TLS (not TLS v1.3). ZD 11085 2020-10-09 12:01:41 -07:00
Daniel Pouzzner
29d4de6307 fix pkcs7compressed_test() (test gated on HAVE_LIBZ), broken by PR#3244. 2020-10-09 12:42:14 -05:00
JacobBarthelmeh
bfb10ddfb5 NO_FILESYSTEM build on Windows 2020-10-09 09:45:00 -07:00
David Garske
3e69318ac7 Merge pull request #3373 from danielinux/imx-rt1060-shaonly-fix 
Fixed SHA256 support for IMX-RT1060
 2020-10-09 09:30:11 -07:00
Daniele Lacamera
9cb2c9f1ac Fixed SHA256 support for IMX-RT1060 2020-10-09 13:36:53 +02:00
Hideki Miyazaki
1765eeddb2 added set up guide for APRA6M board 
added TLS 1.3 settings into user_settings.h
 2020-10-09 19:52:20 +09:00
Daniel Pouzzner
570f55a0e3 wolfSSL_get_ocsp_producedDate*(): gate on !defined(NO_ASN_TIME), and in client_test(), gate call to strftime() on HAVE_STRFTIME and add fallback code; add HAVE_STRFTIME test to configure.ac. 2020-10-08 23:26:28 -05:00
Daniel Pouzzner
7a77b6d990 rename wolfSSL_get_ocsp_producedDate(WOLFSSL *, struct tm *) to wolfSSL_get_ocsp_producedDate_tm(), and add wolfSSL_get_ocsp_producedDate() accessing the raw ASN.1 producedDate; fix location of prototypes in ssl.h to obtain proper conditionalization; omit frivolous nullness test on ssl->ocspProducedDate (always true). 2020-10-08 22:47:16 -05:00
Daniel Pouzzner
e162d0f889 add wolfSSL_get_ocsp_producedDate(). 2020-10-08 22:47:16 -05:00
toddouska
4d11e3c83b Merge pull request #3365 from SparkiDev/ticket_align 
SSL session ticket: decrypted ticket access aligned
 2020-10-08 15:01:41 -07:00
toddouska
8bc3d33c4e Merge pull request #3360 from SparkiDev/ecc_safe_add 
ECC add points: more cases where add point is a double or infinity
 2020-10-08 14:55:04 -07:00
toddouska
f0c5fb76bb Merge pull request #3359 from ejohnstown/tfm-read-radix-16 
TFM Read Radix 16 OOB Read
 2020-10-08 14:52:42 -07:00
toddouska
c69e9927fa Merge pull request #3354 from SparkiDev/mac_arm_asm_2 
ARM ASM ChaCha20: Fix calc of left over bytes
 2020-10-08 14:49:33 -07:00