wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 16:02:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,163 Commits 12 Branches 184 Tags
fcce4f7a92ef843fec91c700db769b0b395d9665
Commit Graph

16163 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
fcce4f7a92 Merge pull request #4765 from haydenroche5/aes_siv 
Add AES-SIV (RFC 5297).
 2022-01-19 18:51:12 -08:00
Hayden Roche
62b07d8806 Add AES-SIV (RFC 5297). 
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
 2022-01-19 14:32:33 -08:00
David Garske
d668037541 Merge pull request #4746 from elms/gh/templates 
github: Initial templates
 2022-01-19 14:04:21 -08:00
David Garske
7adbf59f22 Merge pull request #4767 from anhu/kill_hc128 
Get rid of HC-128
 2022-01-19 12:20:18 -08:00
David Garske
c5d3581ac2 Merge pull request #4771 from SparkiDev/sp_c_mont_red 
SP C: fix corner case of P256 and P384 mont red
 2022-01-19 11:32:49 -08:00
David Garske
0175013604 Merge pull request #4770 from anhu/cve 
CVE-2022-23408
 2022-01-19 11:31:24 -08:00
elms
0f50ffb2ef github: Initial templates 2022-01-19 10:36:01 -08:00
Anthony Hu
af71aec77e Mention removal of HC-128 in README.md 2022-01-19 09:49:25 -05:00
Sean Parkinson
c06ba390cd SP C: fix corner case of P256 and P384 mont red 2022-01-19 14:22:04 +10:00
Chris Conlon
4c05d35452 Merge pull request #4743 from miyazakh/tls_bench_onlymode 2022-01-18 15:41:48 -07:00
Daniel Pouzzner
2984cb5abf Merge pull request #4768 from SparkiDev/sp_invmod_nr 
SP math: sp_invmod changed to not call itself
 2022-01-18 16:20:37 -06:00
David Garske
65d1d32972 Merge pull request #4769 from SparkiDev/sp_mont_red_neg 
SP math neg: Mont Reduce fix
 2022-01-18 14:12:09 -08:00
Anthony Hu
884b8634af CVE-2022-23408 2022-01-18 16:06:08 -05:00
Anthony Hu
e6466f92b7 Counting properly 2022-01-18 15:41:16 -05:00
Anthony Hu
ff128c07a1 Remove extra references to Guid no longer required. Note that other count gaps exist so this should be fine. 2022-01-18 15:23:08 -05:00
Sean Parkinson
e745de657f Merge pull request #4761 from haydenroche5/time_cb 
Add time callback functionality.
 2022-01-18 16:49:19 +10:00
Sean Parkinson
53a4903e2f SP math neg: Mont Reduce fix 
Compare the absolute value for negatives.
 2022-01-18 16:22:38 +10:00
JacobBarthelmeh
e11d484746 Merge pull request #4752 from LinuxJedi/fix-ber-der 
Fix buffer overflows in BERtoDER
 2022-01-17 21:05:39 -07:00
JacobBarthelmeh
84b06ac1b6 Merge pull request #4730 from embhorn/zd13475 
Document wc_AesCfbEncrypt and wc_AesCfbDecrypt
 2022-01-17 19:45:45 -07:00
Hayden Roche
1b0926a3b8 Add time callback functionality. 
This commit adds `wolfSSL_SetTimeCb` and `wolfSSL_time`. The former allows the
user to override the function wolfSSL uses to get the current time,
`wolfSSL_time`. If set, `wolfSSL_time` uses that function. If not set,
`wolfSSL_time` uses the `XTIME` macro by default. This functionality is needed
for the port of chrony to wolfSSL. chrony is an NTP implementation that uses
GnuTLS by default. For TLS, chrony uses the time it computes in place of the
default system time function.
 2022-01-17 17:49:51 -08:00
Sean Parkinson
fc861f3d6d SP math: sp_invmod changed to not call itself 
When the modulus is even, calculate m^-1 mod a instead and fixup after.
Don't call self to do inverse.
 2022-01-18 10:45:57 +10:00
Anthony Hu
c2860cb311 Get rid of HC-128 2022-01-17 18:11:54 -05:00
David Garske
ec44747029 Merge pull request #4764 from SparkiDev/evp_cbn_casecmp 
wolfSSL_EVP_get_cipherbyname: case compare
 2022-01-17 14:11:07 -08:00
David Garske
d38c5003d0 Merge pull request #4762 from ejohnstown/old-gcc 
Old Compiler Warning Cleanup (GCC 4.0.2)
 2022-01-17 09:44:44 -08:00
Chris Conlon
989a4f096e Merge pull request #4728 from miyazakh/sce_aes128_cryonly 2022-01-17 10:28:57 -07:00
Chris Conlon
e953707258 Merge pull request #4754 from miyazakh/update_espidfport 2022-01-17 10:27:28 -07:00
Eric Blankenhorn
6197853f37 Document wc_AesCfbEncrypt and wc_AesCfbDecrypt 2022-01-17 11:27:19 -06:00
John Safranek
d06cf97d73 Old Compiler Warning Cleanup (GCC 4.0.2) 
test.c:
1. Removed pragma disabling the warning for unused functions.
2. Fixed the guards around the function that wasn't getting removed from
   the build. And matched the guards to the call of the function. The
   issue is a test that fails only in a cert 3389 build using Arm
   assembly single-precision public keys.
3. Fixed the guards around a couple other functions.
 2022-01-16 22:08:35 -08:00
Sean Parkinson
1b5d0c75b8 wolfSSL_EVP_get_cipherbyname: case compare 
Accept any case alternatives to name or alias.
Remove case only different aliases.
Tidy up formatting in function.
 2022-01-17 09:39:16 +10:00
John Safranek
b68b14b499 Merge pull request #4724 from embhorn/zd13462 
Improve param checks of enc
 2022-01-16 15:35:54 -08:00
John Safranek
815527be6b Merge pull request #4745 from SparkiDev/m1_sha512 
Aarch64 SHA512: fixup to work on Apple M1
 2022-01-16 15:29:01 -08:00
Sean Parkinson
15f501358d Merge pull request #4716 from julek-wolfssl/issue-4592 
Verification: Domain check should only be performed on leaf certs
 2022-01-17 08:40:14 +10:00
John Safranek
001469589b Old Compiler Warning Cleanup (GCC 4.0.2) 
Fixed a lot of shadowed global values. Some were prototype and function
declaration parameter name conflicts. Some conflicted with typenames.
Some conflicted with globals in libc.
 2022-01-14 17:43:21 -08:00
John Safranek
5ddf4392df Old Compiler Warning Cleanup (GCC 4.0.2) 
pwdbased.c: Simplified some arithmetic to fix a variable promotion
warning.
 2022-01-14 17:36:12 -08:00
John Safranek
2cf21a3f69 Old Compiler Warning Cleanup (GCC 4.0.2) 
ecc.c,api.c: Initialize some variables to fix warning for possible
uninitialized variable use.
 2022-01-14 17:33:49 -08:00
John Safranek
e724622506 Old Compiler Warning Cleanup (GCC 4.0.2) 
ge_operations.c: Added the keyword `inline` to several function
prototypes for functions declared `inline`.
 2022-01-14 17:19:01 -08:00
John Safranek
2085624a29 Old Compiler Warning Cleanup (GCC 4.0.2) 
1. Removed pragma disabling the warning for non-literal format strings
on `printf()`.
2. Switched the `printf()` into two printf calls.
 2022-01-14 17:11:55 -08:00
John Safranek
153b9abc31 Old Compiler Warning Cleanup (GCC 4.0.2) 
ssl.c: Fix a couple of checks on hashType enum that were using a `< 0`
for the lower bound on an unsigned.
 2022-01-14 16:32:18 -08:00
Juliusz Sosinowicz
31e84d82b8 Domain check should only be performed on leaf certs 
- Refactor `*_set_verify` functions into common logic
- NULL protect `wolfSSL_X509_VERIFY_PARAM_set1_host` and add debug info
 2022-01-14 18:16:42 +01:00
Hideki Miyazaki
a33d901409 update ESP-IDF port to fix failure 2022-01-14 15:35:28 +09:00
David Garske
f81e15f342 Merge pull request #4750 from SparkiDev/etm-disable 
TLS EncryptThenMac; fix when extension response sent
 2022-01-13 13:33:57 -08:00
David Garske
8d7059497e Merge pull request #4742 from elms/fix/secure_renegotiate_compat 
TLS: Default secure renegotiation compatibility
 2022-01-13 10:23:27 -08:00
Andrew Hutchings
1a4bc322f7 Fix buffer overflow in PKCS7_VerifySignedData 
wc_PKCS7_AddDataToStream() was called the first time prior to BERtoDER
conversion, subsequent times afterwards which meant the stream idx
pointer was incorrect. This patch restarts the stream after conversion.

Fixes ZD13476
 2022-01-13 14:49:31 +00:00
Andrew Hutchings
92d01611ff Fix buffer overflow in GetOID 
When converting BER to DER we switched the pointer for pkiMsg to the DER
but not the size which could cause buffer overflow.

Fixes ZD13471
 2022-01-13 13:26:32 +00:00
Sean Parkinson
70b169e3f2 TLS EncryptThenMac; fix when extension response sent 
Only respond with the extension when negotiated a block cipher.
 2022-01-13 12:46:21 +10:00
elms
ba579753ba Merge pull request #4749 from ejohnstown/vpath-fix 2022-01-12 17:06:37 -08:00
John Safranek
15c5ac880e PKCS7 Test Output 
When running the test with PKCS7 enabled, there's an additional option
that will save to disk the generated PKCS7 blobs for by-hand review.
(PKCS7_OUTPUT_TEST_BUNDLES) Fixed a couple compile errors that were
missed with that option enabled.
 2022-01-12 14:51:11 -08:00
John Safranek
33f0e2eda5 In the wolfCrypt test, fix a few filenames to use the VPATH versions. 2022-01-12 14:50:43 -08:00
Sean Parkinson
0acf8d0e75 Merge pull request #4732 from embhorn/zd13375 
SP int, TFM: Init vars for static analysis
 2022-01-13 07:06:19 +10:00
Sean Parkinson
3ddfb0f189 Aarch64 SHA512: fixup to work on Apple M1 
Directive needed on Apple to indicate SHA3 extensions available.
Fixup C file as well - remove unused constants not avaiable and
prototype function that is extern elsewhere.
 2022-01-12 12:56:39 +10:00