4b648e7e08
PKCS#11: User PIN can be NULL_PTR
...
Allow TokenInit to store NULL for User Pin.
New APIs to handle not setting User PIN.
2022-10-28 08:52:18 +10:00
822f11d1a1
Fix X509 subject and issuer name_hash mismatch
...
Refactor duplicate code a bit more.
2022-10-27 15:15:55 -05:00
319901a85c
Merge pull request #5743 from SparkiDev/tls_perf_fix_forcezero
...
TLS performance fix: ForceZero minimization
2022-10-27 13:43:17 -06:00
7366a9edbd
Merge pull request #5744 from SparkiDev/regression_fixes_4
...
Regresssion testing fixes
2022-10-27 11:49:52 -06:00
e9d37b9bd1
addressed code review
2022-10-27 16:52:04 +09:00
fd7544ca19
Regresssion testing fixes
...
Ed25519 and Ed448 need to enable certs.
If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.
Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.
MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
2022-10-27 17:47:48 +10:00
b1e37377a1
TLS performance fix: ForceZero minimization
...
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.
ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.
Fix SP to zeroize the whole buffer.
Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
2022-10-27 17:00:42 +10:00
1c09a67f6a
Merge pull request #5735 from SparkiDev/aes_gcm_c_dec_auth
...
AES GCM decrypt C: don't decrypt when auth tag invalid
2022-10-26 22:41:25 -06:00
7a4657c881
Fixes from review 3
2022-10-27 11:25:27 +10:00
8519988d57
SP int: guess 64-bit type
...
When ULLONG_MAX not defined and long is the 32-bit type, speculatively
use long long as the 64-bit type.
2022-10-27 10:19:21 +10:00
294a26ba0c
Merge pull request #5708 from JacobBarthelmeh/OCSP
2022-10-26 15:43:15 -07:00
fe28702891
Fixes for async sniffer handling of packets with multiple TLS messages. Other minor cleanups for spelling and CheckPreRecord SnifferSession deference.
2022-10-26 15:28:02 -07:00
e26d4f84fc
Improvements for AES GCM on STM32. Cleanups for STM32 example.
2022-10-26 14:10:19 -07:00
8f2d35bb84
Merge pull request #5741 from douzzer/20221026-fixes-QUIC-and-ALPN
...
20221026-fixes-QUIC-and-ALPN
2022-10-26 15:03:28 -06:00
b477804462
Merge pull request #5725 from julek-wolfssl/rpm-pkg
2022-10-26 13:33:16 -07:00
b31567e752
Fix X509 subject and issuer name_hash mismatch
...
Refactor duplicate code, and better error messages.
2022-10-26 15:27:15 -05:00
d08c204466
remove extra memset
2022-10-26 12:54:17 -07:00
1608037c6b
Merge pull request #5740 from JacobBarthelmeh/release
...
minor warning fixes
2022-10-26 14:09:01 -05:00
4d36d494b2
Merge pull request #5738 from SKlimaRA/SKlimaRA/fix-backslash-random-c
...
removed backslash
2022-10-26 12:42:49 -05:00
33617588fc
fix setting dynamic flag with ocsp and asn template
2022-10-26 10:31:50 -07:00
8d6ee0b26a
minor warning fixes
2022-10-26 10:48:51 -06:00
0c79ca1de1
Fix for STM32 PKA with coefSign for non 256-bit curves. Don't check point for STM PKA. ZD14928
2022-10-26 09:44:58 -07:00
dfa603e502
fixes for warnings and defects around QUIC and ALPN -- fixes for clang-diagnostic-gnu-zero-variadic-macro-arguments, clang-analyzer-deadcode.DeadStores, clang-analyzer-core.UndefinedBinaryOperatorResult, clang-analyzer-security.insecureAPI.strcpy, and an overrun prevention assert in wolfSSL_ALPN_GetPeerProtocol().
2022-10-26 11:32:06 -05:00
a26b89f66b
fix leak with multiple entries
2022-10-26 09:29:06 -07:00
9486721bb8
Prevent WOLFSSL_NO_MALLOC from breaking RSA certificate verfication
2022-10-26 12:11:55 -04:00
be07401856
Fix X509 subject and issuer name_hash mismatch
...
Use WOLFSSL_ERROR_MSG for errors, don't leak canonName, and better
error handling and comments.
2022-10-26 10:25:05 -05:00
6fa43a3d84
removed backslash
2022-10-26 15:03:31 +02:00
5db2d53d54
Fixes from review part 2
2022-10-26 16:04:05 +10:00
2d19f00dd5
Merge pull request #5736 from douzzer/20221025-fixes-wolfsentry-and-armv7a
...
20221025-fixes-wolfsentry-and-armv7a
2022-10-26 12:38:01 +10:00
e68c7bb74d
Move file and BIO reading out to ssl_misc.c
2022-10-26 10:28:20 +10:00
e477571168
Fixes from review part 1
2022-10-26 10:28:20 +10:00
dad62fc182
pk.c: rework DH API and improve PEM read/write
...
Reorganized the DH APIs into groups.
Reworked all DH APIs.
Improved testing of DH API.
Implemented wolfSSL_PEM_read_RSAPublicKey() and
wolfSSL_PEM_write_RSA_PUBKEY().
Fix public key PEM write implementations to use the correct
header/footer names.
Added support for "RSA PUBLIC KEY" in header and footer in DerToPemEx().
Reworked PEM read/write APIs to be independent. No longer create an EVP
to use common function - common functionality refectored out.
Similarly file APIs don't create a BIO and call the partner APIs.
Improved testing of PEM read/write APIs.
Generic read BIO from memory BIO now returns the buffer instead of
allocating memory and reading.
No longer reading chunks when a file BIO.
Added wolfssl_make_rng() to create or get get global random. All RSA and
DH APIs now use this. DH_generate_parameters() creates a random object
and use global on error rather than just using global random.
Changed implementations to use BIO_new_fp() instead of create a new BIO
and setting file pointer.
2022-10-26 10:28:20 +10:00
8d8371ac5a
Merge pull request #5717 from icing/sni-alpn-order
...
Changing ALPN selection to a deterministic point in the handshake.
2022-10-26 09:47:23 +10:00
0f9279ce52
Merge pull request #5684 from SparkiDev/ssl_sess_version_check
...
SSL session retrieval: check protocol version
2022-10-25 17:29:54 -06:00
55ab33a4a4
AES GCM decrypt C: don't decrypt when auth tag invalid
2022-10-26 09:25:28 +10:00
baa19c1092
tests/api.c: fix 3 clang-analyzer-deadcode.DeadStores.
2022-10-25 18:17:22 -05:00
29a5c04c2e
add test case
2022-10-25 15:35:37 -07:00
7381846edb
fix case of copying over status to existing struct
2022-10-25 15:33:17 -07:00
2575047ea2
wolfcrypt/src/port/arm/armv8-aes.c: define FIPS_NO_WRAPPERS, rather than undefine HAVE_FIPS, to fix FIPS builds.
2022-10-25 17:24:34 -05:00
e464d374c0
fix whitespace.
2022-10-25 17:24:34 -05:00
263123e7b4
wolfssl/test.h: add unsigned attribute to type of buffer passed to wolfsentry_config_json_feed() (sync with wolfsentry e22878b666).
2022-10-25 17:24:34 -05:00
084fabc733
Merge pull request #5731 from SparkiDev/armv7a_aes_fixup
...
AES-CBC decrypt ARMv8 no hw crypto: fixes
2022-10-25 17:23:45 -05:00
5c3b3e6ede
Merge pull request #5733 from ejohnstown/assert-whitespace
2022-10-25 13:45:54 -07:00
e803e5916c
Assert Consistency
...
1. Make whitespace in asserts consistent.
2. Added typecasting of the string inputs for AssertStr.
2022-10-25 11:42:51 -07:00
8b7668f771
Fix X509 subject and issuer name_hash mismatch
...
Fix api test and cleanup.
2022-10-25 13:00:22 -05:00
e7a121325b
Merge pull request #5720 from julek-wolfssl/nid-defines
2022-10-25 10:34:59 -07:00
d052feeff2
Merge pull request #5675 from embhorn/zd14968
...
Fix coverity issues
2022-10-25 10:08:40 -07:00
2b72a50688
Merge pull request #5662 from Uriah-wolfSSL/haproxy-update-2.6.0
2022-10-25 07:47:54 -07:00
2ae815e2ee
Use WOLFSSL_ERROR_MSG for error logs
2022-10-25 13:13:44 +02:00
55091c6464
Add small test
2022-10-25 13:13:14 +02:00
Sean Parkinson
jordan
JacobBarthelmeh
Hideki Miyazaki
Hayden Roche
David Garske
Daniel Pouzzner
Eric Blankenhorn
Anthony Hu
Stanislav Klima
John Safranek
Juliusz Sosinowicz