wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 10:19:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,674 Commits 12 Branches 184 Tags
fcd73135f5fe60545920d130e54f3a55d5173b96
Commit Graph

4330 Commits

Author SHA1 Message Date
Daniel Pouzzner
4b1a779fcc tests: fix for fips-test -Wunused-variable on "rng" 2020-11-09 11:54:49 -06:00
Kaleb Himes
937a7ce8ce Merge pull request #3448 from dgarske/crypto_cb 
Improve the crypto callback for ASN
 2020-11-06 15:26:11 -07:00
John Safranek
884a9b59ab Merge pull request #3461 from dgarske/fips_ready_wopensslextra 
Fix for FIPS ready with openssl compat
 2020-11-06 13:14:06 -08:00
toddouska
4110297b62 Merge pull request #3473 from embhorn/zd11198 
wc_SetIssuerRaw should copy raw subject to issuer
 2020-11-06 10:48:37 -08:00
toddouska
3f25cda354 Merge pull request #3469 from SparkiDev/cpuid_sp_asm 
cpuid and SP ASM: ensure WOLFSSL_X86_64_BUILD is defined
 2020-11-06 10:34:40 -08:00
toddouska
f9ec7c472a Merge pull request #3440 from ejohnstown/ntf3 
Nightly Test Fix
 2020-11-06 10:15:23 -08:00
kaleb-himes
182a3e6bc2 Also addressing opensslall, pkcs7 and combinations 2020-11-05 17:29:30 -07:00
Eric Blankenhorn
a92e31f6cb Fix from review 2020-11-05 14:47:10 -06:00
David Garske
063fb2cfa0 Merge pull request #3455 from douzzer/linuxkm-install-rules 
add "module", "modules_install", and "clean_module" rules for linuxkm
 2020-11-05 09:09:35 -08:00
Eric Blankenhorn
fa9a0a4b49 Copy raw subject to issuer 2020-11-05 09:06:02 -06:00
Daniel Pouzzner
5751319e00 fix various possibly spurious scan-build null deref reports. 2020-11-04 23:11:42 -06:00
Sean Parkinson
2588fe366e cpuid and SP ASM: ensure WOLFSSL_X86_64_BUILD is defined 
WOLFSSL_X86_64_BUILD is defined only when fast math is enabled.
Define it when SP ASM is enabled and on an x86_64 host.
Undo cpuid code being enabled when WOLFSSL_SP_ASM as it shouldn't for
non-Intel CPUs.
 2020-11-05 11:16:27 +10:00
Daniel Pouzzner
2d149b1bef benchmark.c: backport fixes to bench_dh() DH key size initialization from SparkiDev:sp_math_all. 2020-11-04 15:35:58 -06:00
Daniel Pouzzner
3858bda7e9 add "module", "modules_install", and "clean_module" rules to BUILD_LINUXKM section of Makefile.am, and add working install rule to linuxkm/Makefile, so that "make module" and "make modules_install" now work when --enable-linuxkm; fix "make dist" logic in Makefile.am and scripts/include.am to be unaffected by --enable-linuxkm; don't build wolfcrypt/benchmark or testwolfcrypt when --enable-linuxkm and --enable-crypttests. 2020-11-04 14:13:39 -06:00
David Garske
00dd22adc4 Merge pull request #3464 from SparkiDev/sha512_valgrind_fix 
SHA-512 AVX2: use register for wk other than rsp
 2020-11-04 07:15:04 -08:00
Sean Parkinson
235ea98b90 SHA-512 AVX2: use register for wk other than rsp 
Valgrind thinks that stack values are uninitialised when the stack
pointer is added to.
The asm code was moving rsp around rather than use another register.
Put length to hash onto stack and use that register instead.
 2020-11-04 12:02:34 +10:00
toddouska
b76ac0b842 Merge pull request #3442 from SparkiDev/config_fix_2 
Configuration fixes
 2020-11-03 14:48:49 -08:00
toddouska
e52efc7a8a Merge pull request #3441 from SparkiDev/ecdsa_vfy_safe 
ECDSA verification: handle doubling of infinity
 2020-11-03 14:47:45 -08:00
toddouska
2acef1c114 Merge pull request #3436 from haydenroche5/chacha_msvc_fix 
Fix MSVC compile issue in chacha.c.
 2020-11-03 14:44:43 -08:00
toddouska
63bf5dc56c Merge pull request #3426 from SparkiDev/rsa_pss_fix 
RSA-PSS: Handle edge case with encoding message to hash
 2020-11-03 14:43:56 -08:00
toddouska
3cce86d7a8 Merge pull request #3420 from dgarske/small_pk 
ECC memory reductions with key and signature parsing
 2020-11-03 14:42:43 -08:00
toddouska
9f9901e10e Merge pull request #3417 from douzzer/fix-ipv6-ocsp-tests 
Fix ipv6 ocsp tests
 2020-11-03 14:38:32 -08:00
Sean Parkinson
b3f6c483bf SP C64/32: Fix define check 
WOLFSSL_SP_DH -> WOLFSSL_HAVE_SP_DH
 2020-11-03 08:42:55 +10:00
John Safranek
29c7351fe0 Merge pull request #3383 from kaleb-himes/ACVP_TESTING_UPDATE 
In ACVP testing NIST needs to see failed decryption output
 2020-11-02 10:42:28 -08:00
JacobBarthelmeh
a411dab74f Merge pull request #3410 from cconlon/zd11001 
PKCS#7: Reset variables correctly in VerifySignedData
 2020-11-02 11:33:52 +08:00
John Safranek
d24add10f2 Nightly Test Fix 
When performing a fast_mp_montgomery_reduce(), scan-build didn't like
that the destination buffer was fully zeroed out. We were only zeroing
what was expected to be used. This zeroes only the expected to be used
section of the output buffer.
 2020-11-01 18:58:05 -08:00
David Garske
64b081f3c9 Improve the SHA256 crypto callback for ASN, so a wc_Sha/wcSha256 context exists for certificate hashing. 2020-10-30 12:18:19 -07:00
David Garske
e4f3f8b80a Further tuning of the zero trim / is leading set logic for new ECC signature encoding/decoding API's. 2020-10-29 15:59:51 -07:00
David Garske
95c8a48285 Trim leading zero's first, then check for MSB being set. 2020-10-29 08:38:55 -07:00
Juliusz Sosinowicz
aff14091e0 AAD should be reset on Init call 2020-10-29 12:13:35 +01:00
Sean Parkinson
320afab227 Configuration fixes 
--enable-sp --enable-sp-asm --disable-fastmath:
    cpuid.h - check for WOLFSSL_SP_ASM as well

-enable-curve448 --enable-ed448 --disable-rsa --disable-dh
--enable-tls13 --disable-ecc --enable-certgen --enable-keygen:
    api.c - certificate loaded that was RSA but RSA disabled

--enable-sp --enable-sp-asm --enable-sp-math:
    cpuid.c - check for WOLFSSL_SP_ASM as well

--disable-shared --disable-ecc --disable-dh --enable-cryptonly
--enable-rsavfy --disable-asn --disable-rng --disable-filesystem:
    test.c - rsa_test()

'CC=clang -fsanitize=address' '-enable-distro' '--enable-stacksize':
testsuit.c - echoclient_test_wrapper needs to free ECC FP cache when
it is in a separate thread
 2020-10-29 16:21:06 +10:00
Sean Parkinson
32ea0910de ECDSA verification: handle doubling of infinity 2020-10-29 12:12:01 +10:00
David Garske
ef7a987759 Peer review fixes. 2020-10-28 17:09:15 -07:00
Daniel Pouzzner
7d177e78d7 don't include wolfssl/options.h in logging.c, use AM_CFLAGS (not wolfssl/options.h) to communicate HAVE_WC_INTROSPECTION to the compiler, and use config.h (not wolfssl/options.h) to communicate LIBWOLFSSL_CONFIGURE_ARGS and LIBWOLFSSL_GLOBAL_CFLAGS to the compiler (for logging.c). 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
fda84576b0 name the new introspection routines wolfSSL_configure_args() and wolfSSL_global_cflags() for consistency, and move the prototypes to logging.h. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
a5d96721ac wolfcrypt/src: remove wc_debug.c and move its contents to logging.c. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
1ba0883f4c introspection tweaks: rename wolfcrypt/src/debug.c to wolfcrypt/src/wc_debug.c; restore BUILD_WC_DEBUG gating for autotools inclusion of wc_debug.o and disable opportunistically when ENABLED_LEANTLS, ENABLED_LEANPSK, or ENABLED_LOWRESOURCE; add HAVE_WC_INTROSPECTION gate for libwolfssl_configure_args() and libwolfssl_global_cflags(). 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
f37c25f9c0 wc_XChaCha20Poly1305_crypt_oneshot(): use ForceZero, not XMEMSET(), to safely clear the AEAD state before return. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
b918e1fd4c examples/: add -@ and -# flags to client and server, printing libwolfssl_configure_args() and libwolfssl_global_cflags() respectively. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner
8be2d7690a add API functions libwolfssl_configure_args() and libwolfssl_global_cflags() to retrieve build parameters at runtime. 2020-10-28 17:28:01 -05:00
toddouska
931eea30f5 Merge pull request #3397 from cconlon/rc2 
RC2 ECB/CBC and PKCS#12 Integration
 2020-10-28 15:06:47 -07:00
Hayden Roche
90258b6f34 Fix MSVC compile issue in chacha.c. 
Use XMEMSET instead of initializing with {}.
 2020-10-28 14:57:59 -05:00
toddouska
112cce8cf2 Merge pull request #3407 from SparkiDev/pkcs11_sign_vfy 
PKCS #11: changes for signing and loading RSA public key from private
 2020-10-28 12:53:58 -07:00
toddouska
6a98601895 Merge pull request #3427 from SparkiDev/ecdsa_shamir_precomp 
ECC Shamir's Trick: infinity in precomp
 2020-10-28 12:08:40 -07:00
Hayden Roche
91f0d8bfef Fix MSVC compile issue in chacha.c. 
MSVC generates a syntax error when you initialize
an array with {}. {0} has the same effect and compiles.
 2020-10-27 21:14:15 -05:00
David Garske
76e84e0830 Merge pull request #3423 from ejohnstown/nightly-test-fix 
Nightly Scan-Build Test Fixes
 2020-10-27 08:31:19 -07:00
Sean Parkinson
fb2288c46d RSA-PSS: Handle edge case with encoding message to hash 
When the key is small relative to the digest (1024-bit key, 64-byte
hash, 61-byte salt length), the internal message to hash is larger than
the output size.
Allocate a buffer for the message when this happens.
 2020-10-27 12:39:06 +10:00
John Safranek
f5f883597e RSA PSS Fix 
1. Change the utility function in wc_encrypt that returns the size of a
   hash to initialize the size to HASH_TYPE_E, like the other utility
   functions.
2. When getting the hash size returns an error, RSA-PSS verify inline
   should return a BAD_FUNC_ARG error.
 2020-10-24 13:06:42 -07:00
John Safranek
3f5620089e PKCS7: In EncodeEncryptedData, free the attribs and flattenedAttribs if 
they were allocated, not based on if they should be allocated.
 2020-10-24 12:41:10 -07:00
John Safranek
bfccf35eaf Tautological Name Fix 
Depending on the build option WOLFSSL_ECC_CURVE_STATIC, the name in the
ecc_set may be a pointer (default) or an array. With the above set with
the CFLAG -Wtautological-pointer-compare you'll get a build error.
Changed the comparison in the for loop with this problem to check the
name's pointer only if appropriate.
 2020-10-23 15:23:16 -07:00