wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 09:42:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,555 Commits 12 Branches 184 Tags
f37c25f9c0ce41e503eb09ba2949652fb32005db
Commit Graph

12555 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Pouzzner
f37c25f9c0 wc_XChaCha20Poly1305_crypt_oneshot(): use ForceZero, not XMEMSET(), to safely clear the AEAD state before return. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
7a5cbaa9bc fix scripts/ocsp-stapling*.test to accommodate IPv6 examples/ client/server build. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
b918e1fd4c examples/: add -@ and -# flags to client and server, printing libwolfssl_configure_args() and libwolfssl_global_cflags() respectively. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
8be2d7690a add API functions libwolfssl_configure_args() and libwolfssl_global_cflags() to retrieve build parameters at runtime. 2020-10-28 17:28:01 -05:00
toddouska
931eea30f5 Merge pull request #3397 from cconlon/rc2 
RC2 ECB/CBC and PKCS#12 Integration
 2020-10-28 15:06:47 -07:00
toddouska
112cce8cf2 Merge pull request #3407 from SparkiDev/pkcs11_sign_vfy 
PKCS #11: changes for signing and loading RSA public key from private
 2020-10-28 12:53:58 -07:00
toddouska
6a98601895 Merge pull request #3427 from SparkiDev/ecdsa_shamir_precomp 
ECC Shamir's Trick: infinity in precomp
 2020-10-28 12:08:40 -07:00
toddouska
3a9758f257 Merge pull request #3433 from dgarske/sniffer_sni 
Fix for Sniffer with SSLv3 where SNI is not supported
 2020-10-28 12:06:37 -07:00
David Garske
a15769b12e Merge pull request #3435 from ejohnstown/ntf2 
Nightly Test Fix 2
 2020-10-28 06:39:15 -07:00
David Garske
4277ec62f9 Merge pull request #3431 from kaleb-himes/NO_FILESYSTEM_FIX 
Remove file system constraint on wolfSSL_CTX_check_private_key()
 2020-10-27 15:25:59 -07:00
John Safranek
6a77a8d8d6 Compatibility Layer 
When making a AUTHORITY KEY object, if the ASN1 OBJECT fails, the key object is leaked.
 2020-10-27 14:51:35 -07:00
David Garske
a43d239271 Fix for Sniffer with SSLv3 where SNI is not supported. ZD 11169. 2020-10-27 11:26:02 -07:00
David Garske
76e84e0830 Merge pull request #3423 from ejohnstown/nightly-test-fix 
Nightly Scan-Build Test Fixes
 2020-10-27 08:31:19 -07:00
kaleb-himes
f934fb03bd Remove file system constraint on wolfSSL_CTX_check_private_key() 2020-10-27 08:57:46 -06:00
John Safranek
7dbd6102d2 Compatibility Layer 
When wolfSSL_X509_NAME_ENTRY_create_by_txt() needs to make a new ASN.1 object ID, actually store it in the name entry.
 2020-10-26 16:10:44 -07:00
David Garske
2ebb47ec32 Merge pull request #3424 from douzzer/fix-save-vector-registers-gating 
wc_port.h: improve/fix gating on {SAVE,RESTORE}_VECTOR_REGISTERS()
 2020-10-26 15:33:00 -07:00
Daniel Pouzzner
fd5a309a47 wc_port.h: improve gating on {SAVE,RESTORE}_VECTOR_REGISTERS() to assure no-op fallback definitions in non-autotools builds. 2020-10-26 12:06:18 -05:00
Sean Parkinson
74b834a78c Merge pull request #3422 from ejohnstown/ecc-name 
Tautological Name Fix
 2020-10-26 10:12:51 +10:00
John Safranek
9c1049f112 Compatibility Layer 
1. Changed the ASN1_OBJECT member of the X509_NAME_ENTRY to be a pointer
   rather than an object. It could lead to a double free on the name
   entry.
2. The ASN1_OBJECT allocator should set the dynamic flag, as the
   deallocator is the one that uses it.
3. General changes to treat the member as a pointer rather than a
   member.
4. In the api test, we were iterating over the name members in the name
   checking the NIDs. After the loop we freed the name member object.
   This led to a double free error.
 2020-10-25 14:38:07 -07:00
John Safranek
f5f883597e RSA PSS Fix 
1. Change the utility function in wc_encrypt that returns the size of a
   hash to initialize the size to HASH_TYPE_E, like the other utility
   functions.
2. When getting the hash size returns an error, RSA-PSS verify inline
   should return a BAD_FUNC_ARG error.
 2020-10-24 13:06:42 -07:00
John Safranek
3f5620089e PKCS7: In EncodeEncryptedData, free the attribs and flattenedAttribs if 
they were allocated, not based on if they should be allocated.
 2020-10-24 12:41:10 -07:00
John Safranek
bfccf35eaf Tautological Name Fix 
Depending on the build option WOLFSSL_ECC_CURVE_STATIC, the name in the
ecc_set may be a pointer (default) or an array. With the above set with
the CFLAG -Wtautological-pointer-compare you'll get a build error.
Changed the comparison in the for loop with this problem to check the
name's pointer only if appropriate.
 2020-10-23 15:23:16 -07:00
Chris Conlon
e24ac4211d Merge pull request #3405 from kojo1/EVP-gcm-zero 
set tag including if(inl == 0) case
 2020-10-23 14:35:47 -06:00
John Safranek
a7b325f542 Merge pull request #3414 from kabuobeid/wolfrand_build_fix 
Fix wolfrand build failure.
 2020-10-22 22:54:05 -07:00
Sean Parkinson
24af0497b5 PKCS #11: changes for signing and loading RSA public key from private 2020-10-23 14:02:59 +10:00
David Garske
ff092c02d2 Merge pull request #3396 from SparkiDev/fips_armasm 
FIPS ARMASM: get build working
 2020-10-22 15:26:24 -07:00
David Garske
05094460b2 Merge pull request #3353 from douzzer/XChaCha 
XChaCha
 2020-10-22 15:25:56 -07:00
Kareem Abuobeid
42583b5270 Fix wolfrand build failure, caused by defining NO_ASN without NO_CERTS. 2020-10-22 14:48:37 -07:00
tmael
6265006553 Merge pull request #3403 from elms/cppcheck/cleaup_fixes 
Address some cppcheck issues
 2020-10-22 12:56:19 -07:00
David Garske
f75dc4727d Merge pull request #3408 from ejohnstown/opt-fix 
Example Client OCSP Option Fix
 2020-10-22 09:00:04 -07:00
Chris Conlon
5e78a0107d check Rc2EcbEncrypt/Decrypt returns during CBC ops 2020-10-22 09:57:34 -06:00
Chris Conlon
d1f13a6570 rearrange Rc2 struct for optimal alignment 2020-10-22 09:43:40 -06:00
John Safranek
e28303b40a In DoServerKeyExchange(), when reading the DH key from the server, the 
client was checking it too strictly. The pubkey value should be checked
as strictly as the generator, for too large. The public key value is
checked mathematically elsewhere.
 2020-10-21 21:47:32 -07:00
Daniel Pouzzner
81849e64b8 scripts/openssl.test: for "-psk" cases, use "-psk key", not "-psk=key", for OpenSSL 1.0.2 compatibility. 2020-10-21 23:30:14 -05:00
John Safranek
ca7161a86f Example Client OCSP Option Fix 
1. Before checking to see if the must staple flag is on the 'W' option,
   check the length of myoptarg.
 2020-10-21 23:23:45 -05:00
John Safranek
d2dac8e4b8 Example Client OCSP Option Fix 
1. Before checking to see if the must staple flag is on the 'W' option,
   check the length of myoptarg.
 2020-10-21 13:30:51 -07:00
Daniel Pouzzner
b468ea77ea linuxkm: use EXPORT_SYMBOL_NS(x, WOLFSSL) if available, else fall back to EXPORT_SYMBOL(x). 2020-10-21 14:37:43 -05:00
Daniel Pouzzner
c910c94824 rename API wc_XChaCha20Poly1305_{encrypt,decrypt}_oneshot to wc_XChaCha20Poly1305_{Encrypt,Decrypt} for consistency; remove stray debugging printf in XChaCha20Poly1305_test(). 2020-10-21 14:36:46 -05:00
Daniel Pouzzner
299e88a993 minor fixes and commentary. 2020-10-21 14:08:41 -05:00
Daniel Pouzzner
99b76241bd wolfcrypt/test/test.c: remove debugging printf in XChaCha20Poly1305_test(). 2020-10-21 14:08:41 -05:00
Daniel Pouzzner
e1d3f2c7b4 chacha20_poly1305.c: add _SMALL_STACK code in wc_XChaCha20Poly1305_crypt_oneshot(). 2020-10-21 14:08:41 -05:00
Daniel Pouzzner
1949378d61 wc_Chacha_purge_current_block(): init "scratch" buffer to zeros, to avoid "garbage value" warnings. 2020-10-21 14:08:41 -05:00
Daniel Pouzzner
f65947ae09 rename wc_XChaCha_init() to wc_XChacha_SetKey() for consistency, and add a counter argument to provide for future random access scenarios; refactor wc_Chacha_purge_current_block() to use a dummy wc_Chacha_Process() call for intrinsically correct counter dynamics. 2020-10-21 14:08:41 -05:00
Daniel Pouzzner
6142c22948 add wc_XChaCha_init(), wc_XChaCha20Poly1305_Init(), wc_XChaCha20Poly1305_encrypt_oneshot(), wc_XChaCha20Poly1305_decrypt_oneshot(), and wc_Poly1305_EncodeSizes64(). also, remove redundant arg check (typo) in wc_Poly1305Update(). 2020-10-21 14:08:41 -05:00
Elms
c3dba3f9af Add additional checks to sp_ecc_point_new 2020-10-21 09:59:39 -07:00
Sean Parkinson
00ee24b998 ECC Shamir's Trick: infinity in precomp 
Code now handles generating and having infinity in the precomp.
 2020-10-21 11:58:31 +10:00
toddouska
e4eda3e125 Merge pull request #3384 from SparkiDev/tls13_sess_tick_compat 
TLS session tickets: cannot share between TLS 1.3 and TLS 1.2
 2020-10-20 15:56:03 -07:00
toddouska
7aae784a53 Merge pull request #3399 from dgarske/zd11128 
Fix for TLS sniffer with non-standard curves
 2020-10-20 15:14:53 -07:00
toddouska
7c38be407c Merge pull request #3398 from dgarske/async_test 
Fixes for `--enable-asynccrypt` tests
 2020-10-20 15:13:51 -07:00
toddouska
a1afc6ca4f Merge pull request #3389 from tmael/ocsp_status 
Process multiple OCSP responses
 2020-10-20 15:11:42 -07:00