wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 03:52:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,569 Commits 12 Branches 184 Tags
f80faebfe5638dacfe92eae96478caa089a34ce1
Commit Graph

16569 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Safranek
f80faebfe5 wolfRand for AMD 
1. Add configure option to enable AMD's RDSEED.
2. Add seed parameters when building specifically for AMD using RDSEED.
3. Update the wolfCrypt test to play nice with the larger seed size.
 2022-03-15 15:20:08 -07:00
Daniel Pouzzner
4966eb7897 Merge pull request #4944 from douzzer/20220310-asn-template-EncodeExtensions-overrun 
wolfcrypt/src/asn.c: fix buffer underrun in EncodeExtensions() and leak in ParseCRL_Extensions()
 2022-03-13 21:21:07 -05:00
Sean Parkinson
cdb45b12c5 Merge pull request #4884 from haydenroche5/i2d_x509_name_fix 
Improve wolfSSL_i2d_X509_name.
 2022-03-14 11:57:07 +10:00
Sean Parkinson
20562b3f78 DecodeNameConstraints (ASN Template): free ASNGetData 2022-03-14 09:14:19 +10:00
David Garske
a816f329cc Merge pull request #4856 from anhu/stm32u5 
Enable support for STM32U585 and PQC for STM32
 2022-03-11 14:49:46 -08:00
Daniel Pouzzner
fb0c9b2a66 ssl.c: use InitHandshakeHashes(), not FreeHandshakeHashes(), to reset ssl->hsHashes. 2022-03-11 16:26:24 -06:00
Daniel Pouzzner
830431ccdf scripts/tls13.test: fix whitespace. 2022-03-11 13:54:50 -06:00
Daniel Pouzzner
82ab7bf32c ssl.c: fix hash state memory leaks in wolfSSL_clear() and wolfSSL_TicketKeyCb(). 2022-03-11 13:40:01 -06:00
Anthony Hu
8cba961bac Comment fixups, bad braces, and stray &. 2022-03-11 12:14:02 -05:00
Daniel Pouzzner
385ece92d8 ECCSI and SAKKE: fix smallstackcache memory leaks in library, and blue-moon undefined behavior bugs in test.c eccsi_test(() and sakke_test(). 2022-03-11 10:06:18 -06:00
Daniel Pouzzner
64953299cf scripts/tls13.test: retries (up to 10) for early data scenarios, to mitigate race noted in #4918 . 2022-03-11 08:18:14 -06:00
Daniel Pouzzner
7602eef98f src/ssl.c: use strlcpy(), not strncpy(), to make string_fortified happy (else "error: ‘__builtin_strncpy’ specified bound 46 equals destination size"). 2022-03-11 08:15:44 -06:00
Daniel Pouzzner
b2ae7f4230 wolfssl/openssl/asn1.h: in ASN1_SIMPLE(), use OFFSETOF() macro. 2022-03-11 07:59:08 -06:00
Sean Parkinson
c3eab0dcdd Fixes from sanitizer build 
Fix OID index in SetNameRdnItems for multi attributes.
Stop warning about strncpy to small.
Fix casting in ASN1_SIMPLE to use consistent type.
 2022-03-11 14:27:50 +10:00
David Garske
cf030de48a Merge pull request #4930 from SparkiDev/tfm_alloc_fails 
TFM: handle more alloc failure cases gracefully
 2022-03-10 15:42:21 -08:00
David Garske
570daa6a7f Enable support for STM32U585 and PQ on M4 2022-03-10 14:19:01 -05:00
Daniel Pouzzner
c78bfa4db8 scripts/tls13.test: when $early_data = yes, print the matching line counts. 2022-03-10 11:56:20 -06:00
Daniel Pouzzner
227804f034 wolfcrypt/src/asn.c: in ParseCRL_Extensions(), add missing FREE_ASNGETDATA(). 2022-03-10 11:45:37 -06:00
Daniel Pouzzner
170b125b39 wolfcrypt/src/asn.c: fix buffer underrun in EncodeExtensions(), due to faulty iteration limit calculation, when smallstack build. 2022-03-10 09:38:19 -06:00
Sean Parkinson
6b7f0d4ee7 Merge pull request #4905 from anhu/custom_ext_parse 
Injection and parsing of custom extensions in X.509 certificates.
 2022-03-10 10:39:05 +10:00
David Garske
b30ada1608 Merge pull request #4940 from ejohnstown/wolfrand 
Fix wolfRand Build
 2022-03-09 15:42:19 -08:00
Sean Parkinson
47895fe78d Merge pull request #4942 from dgarske/sp_math_opensslextra 
Fixes to support building opensslextra with SP math
 2022-03-10 08:53:21 +10:00
Sean Parkinson
b4df909df0 Merge pull request #4934 from haydenroche5/x509_v_err_sync 
Sync up X509_V_ERR codes with OpenSSL.
 2022-03-10 08:37:10 +10:00
Anthony Hu
98f733767b Use MAX_OID_SZ 2022-03-09 17:20:50 -05:00
David Garske
141cf822f2 Merge pull request #4941 from douzzer/20220309-script-cleanup 
20220309 script cleanup
 2022-03-09 13:30:50 -08:00
Chris Conlon
bcfe8bf2e2 Merge pull request #4933 from haydenroche5/x509_set_ext_ext_key_usage 2022-03-09 13:22:49 -07:00
David Garske
3a62857dbd Fixes to support building opensslextra with SP math. Disables some of the compatibility layer BN and ECC point handling. 2022-03-09 11:53:56 -08:00
Anthony Hu
b043225dbd Fixes inspired by review by SparkiDev. 2022-03-09 13:39:53 -05:00
John Safranek
d6fb454063 Fix wolfRand Build 
1. Remove the v3 FIPS build from configure and automake. This was for
   the old FIPS Ready build, which is now fixed to the certificate 3389
   configuration.
2. Remove AES-GCM, PKCS12, and SHA-3 from wolfRand build. They were
   getting reenabled later in the configure.
 2022-03-09 10:35:39 -08:00
Daniel Pouzzner
abfc788389 script cleanup: use #!/bin/bash on all scripts that use "echo -e" (/bin/sh is sometimes a non-Bourne/non-POSIX shell, e.g. dash/ash, with no support for "echo -e"); fix whitespace. 2022-03-09 12:28:22 -06:00
Daniel Pouzzner
67cc8ed482 tests/api.c: fix test_wolfSSL_BIO_Qt_usecase() "function declaration isn’t a prototype". 2022-03-09 12:27:19 -06:00
David Garske
4ff82e22e6 Merge pull request #4938 from douzzer/20220308-shellcheck-errors 
fixes for shell script errors detected by shellcheck --severity=error.
 2022-03-08 12:51:11 -08:00
Chris Conlon
70857f7b3c Merge pull request #4923 from miyazakh/set_bio 
Set bio read/write flag obviously
 2022-03-08 13:08:33 -07:00
David Garske
c256d8ca92 Merge pull request #4936 from julek-wolfssl/no-force-ecc-ca 
Don't force a ECC CA when a custom CA is passed with `-A`
 2022-03-08 10:58:35 -08:00
Daniel Pouzzner
c9a7393923 fixes for shell script errors detected by shellcheck --severity=error. 2022-03-08 12:51:48 -06:00
David Garske
a4229c6cf8 Merge pull request #4932 from SparkiDev/tls_hmac_fix 
TLS HMAC: fix number of blocks to not process
 2022-03-08 10:06:11 -08:00
David Garske
4a912f29d1 Merge pull request #4843 from tmael/sp_diab 
Support (no)inline with Wind River Diab compiler
 2022-03-08 10:00:16 -08:00
Juliusz Sosinowicz
3c64731c4f Don't force a ECC CA when a custom CA is passed with -A 
The following config would fail `../configure --enable-opensslall CFLAGS="-DOPENSSL_COMPATIBLE_DEFAULTS" && make -j check`. This is because `test-fails.conf` `ECC no signer error` test expects a failure while the ECC CA was being added as a trusted cert due to  `OPENSSL_COMPATIBLE_DEFAULTS`.
 2022-03-08 15:02:43 +01:00
Daniel Pouzzner
031c97f835 Merge pull request #4931 from douzzer/20220307-early-data-and-c99-fixes 
enable-earlydata vs enable-fips/enable-asynccrypt
 2022-03-08 07:34:58 -06:00
Hideki Miyazaki
f71be0546c addressed review comments 2022-03-08 18:20:30 +09:00
Hayden Roche
31736307fd Sync up X509_V_ERR codes with OpenSSL. 
We defined these codes to values that didn't match those in OpenSSL. This is a
problem if a user is porting code from OpenSSL to wolfSSL that uses hardcoded
versions of these values. While the user's code should be fixed to not use
hardcoded values, we can make the port smoother by syncing the values up.
 2022-03-07 15:58:46 -08:00
Anthony Hu
2cbe28fcf9 Sequences are constructed 2022-03-07 18:50:38 -05:00
David Garske
872ed28882 Merge pull request #4925 from kareem-wolfssl/nullSslMethod 
Add SSL_R_NULL_SSL_METHOD_PASSED.
 2022-03-07 15:36:56 -08:00
David Garske
9b808bde20 Fixes for building with HAVE_EX_DATA no compat layer. 2022-03-07 17:20:58 -06:00
Hayden Roche
39d975a3c3 Add extended key usage support to wolfSSL_X509_set_ext. 2022-03-07 15:20:01 -08:00
Daniel Pouzzner
0231304607 fixes for make check with --enable-all (now including --enable-earlydata) with fips or asynccrypt: 
in scripts/tls13.test, use fips-compatible server-side cipher suite for "TLS v1.3 cipher suite mismatch" test, and modernize some syntax;

in configure.ac, omit earlydata from enable-all when asynccrypt, pending fix;

also in configure.ac, fix AC_CHECK_DECLS()-overriding-AC_CHECK_FUNCS() kludge, to fix CPPFLAGS=-std=c99 builds.
 2022-03-07 17:19:31 -06:00
Sean Parkinson
0a91d42f2c TLS HMAC: fix number of blocks to not process 
Change made to line for static analysis.
Change was made incorrectly due to bracketting.
This fixes it.
 2022-03-08 08:10:52 +10:00
Hayden Roche
a9cc1ca877 Merge pull request #4924 from dgarske/coexist_fixes 2022-03-07 13:00:22 -08:00
Anthony Hu
d77d9b93dc This fixes a make check error. 
The flags activated code that didn't account for the new oid encoding. This
code fixes that.
 2022-03-07 15:47:47 -05:00
John Safranek
0e0ac14bbf Merge pull request #4901 from SparkiDev/kcapi_ecdh_fixes 
Fixes for KCAPI ECDH/DH and page alignment
 2022-03-07 11:01:16 -08:00