Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,516 Commits 12 Branches 184 Tags
56d879f4224b6d9c414a566a009cf566ddd8d7e6
Commit Graph

14516 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Elms
56d879f422 address scan-build issues for clang 6 and 10 2021-06-30 21:58:30 -07:00
Elms
c9597ea735 sha3: align data for Sha3Update 2021-06-30 21:58:30 -07:00
Elms
dc7beab784 address errors with -fsanitize=undefined 
- fix null dereferences or undefined `memcpy` calls
 - fix alignment in `myCryptoDevCb`
 - fix default dtls context assignment
 - add align configure option to force data alignment

TESTED:
 `./configure CFLAGS=-fsanitize=undefined\ -DWOLFSSL_GENERAL_ALIGNMENT=1 --enable-all`
 2021-06-30 21:58:30 -07:00
David Garske
c820b5679a Merge pull request #4173 from SparkiDev/sp_int_mingw64 2021-06-30 06:57:58 -07:00
Sean Parkinson
36d534034c SP math: cast number to sp_digit rather than declare as long 2021-06-30 09:28:51 +10:00
David Garske
ae68de060a Merge pull request #4171 from SparkiDev/sp_small_fast_modexp 
SP: allow fast mod_exp to be compiled for small C code
 2021-06-29 13:32:55 -07:00
David Garske
0d1672dfee Merge pull request #4170 from SparkiDev/sp_mingw64 
SP: Don't cast number to sp_digit rather than declare as long
 2021-06-29 13:32:28 -07:00
Chris Conlon
9179071af5 Merge pull request #4153 from JacobBarthelmeh/Testing 
fix for keyid with ktri cms
 2021-06-29 11:40:00 -06:00
David Garske
e59cc79a1f Document new WOLFSSL_SP_FAST_MODEXP option. 2021-06-29 09:16:27 -07:00
David Garske
a748b5264e Fix for wolfcrypt/src/sp_int.c:2720:34: error: left shift count >= width of type with mingw64. 2021-06-29 09:13:32 -07:00
David Garske
b0e9531f26 Merge pull request #4169 from SparkiDev/dh_anon_tls12 
TLS: Get DH anon working TLS 1.2 and below
 2021-06-29 08:53:44 -07:00
Sean Parkinson
303f944935 SP: allow fast mod_exp to be compiled for small C code 2021-06-29 12:51:21 +10:00
Sean Parkinson
08e560e0a7 SP: Don't cast number to sp_digit rather than declare as long 
mingw64 has numbers as 32-bit type when declarted long.
Fixup some line lengths.
 2021-06-29 11:07:47 +10:00
Sean Parkinson
f56bf3d8ee TLS: Get DH anon working TLS 1.2 and below 
Send the server DH parameters in ServerKeyExchange.
./configure '--enable-anon' '--disable-rsa' '--enable-oldtls'
 2021-06-29 10:29:39 +10:00
David Garske
0bb66f3023 Merge pull request #4167 from danielinux/pka_readme 
port/st: added mention of the PKA support in README
 2021-06-28 10:35:32 -07:00
Eric Blankenhorn
33174cec5c Merge pull request #4161 from dgarske/ssl_doxy 
Added inline documentation for `wolfSSL_CTX_load_verify_buffer_ex`
 2021-06-28 12:35:11 -05:00
Daniele Lacamera
15080317ce port/st: added mention of the PKA support in README 2021-06-28 14:39:58 +02:00
David Garske
80480e5d1f Merge pull request #4163 from lealem47/rsa-test 
Rsa test
 2021-06-25 13:12:58 -07:00
David Garske
5adbcfb3be Merge pull request #4151 from SparkiDev/sp_math_all_base10 
SP math all: fix read radix 10
 2021-06-25 09:37:05 -07:00
David Garske
63ad5d58a2 Merge pull request #4162 from ejohnstown/abi-update 
ABI Update
 2021-06-25 08:36:07 -07:00
John Safranek
5437883da7 Merge pull request #4164 from dgarske/async_frag 
Fix for async with fragmented packets
 2021-06-25 08:33:50 -07:00
David Garske
74b9b5a8cd Merge pull request #4156 from SparkiDev/regression_fixes_1 
Regression test fixes
 2021-06-25 07:48:02 -07:00
Lealem Amedie
729fea6b71 unused variable fix in rsa_oaep_padding_test fix 2021-06-25 08:39:44 -06:00
Sean Parkinson
fbe086534a SP math all: fix read radix 10 
Ensure first digit is 0 when zeroing a number.
Check size of output in _sp_mul_d() - only place to be sure of overflow.
Modify callers of _sp_mul_d() to check return.
 2021-06-25 15:55:32 +10:00
Sean Parkinson
dab6724059 Regression fixes: more configurations 
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
 2021-06-25 15:23:51 +10:00
Lealem Amedie
873f10b0cf Simplifying rsa_test() by extracting sections as separate functions 2021-06-24 20:47:14 -06:00
Sean Parkinson
1994811d24 Merge pull request #4144 from haydenroche5/pkcs8 
Make a bunch of PKCS#8 improvements.
 2021-06-25 12:22:11 +10:00
Sean Parkinson
dae6683803 Merge pull request #4030 from julek-wolfssl/ZD12235 
Expand SHA-3 support
 2021-06-25 12:18:03 +10:00
Sean Parkinson
8592053856 Regression test fixes 
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
 2021-06-25 09:18:06 +10:00
David Garske
45ef68d5c7 Fix for async with fragmented packets where inline crypto could be overwritten on reprocessing fragment. FIxes unit tests with --enable-all --enable-asynccrypt. Minor cleanup for line length and free verify RSA buffer sooner. 
Reproducible with:

```
./examples/server/server -v 3 -l ECDHE-ECDSA-AES256-GCM-SHA384 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem -2
./examples/client/client -v 3 -l ECDHE-ECDSA-AES256-GCM-SHA384 -A ./certs/ca-ecc-cert.pem -F 6 -2
```
 2021-06-24 16:03:12 -07:00
John Safranek
66c29ef1ca ABI Update 
Add wolfSSL_CTX_set_verify to the ABI list.
 2021-06-24 14:08:28 -07:00
David Garske
4ef3c5d75c Added inline documentation for wolfSSL_CTX_load_verify_buffer_ex. 2021-06-24 10:38:34 -07:00
Juliusz Sosinowicz
656e49cc3b Expand SHA-3 support 
Add more support in the EVP layer as well as add signing support. The SHA-3 OID's were also added for DER algorithm identifier encoding.
 2021-06-24 19:31:43 +02:00
David Garske
c59d1f2e8d Merge pull request #4155 from SparkiDev/ssl_reorg_3 
Reorg of ssl.c: standard C wrappers, EX_DATA, BUF_MEM, TXT_DB
 2021-06-24 09:53:53 -07:00
David Garske
1ec212be81 Merge pull request #4159 from SparkiDev/sakke_eccsi_fix_1 
SAKKE: fix configurations
 2021-06-24 09:48:14 -07:00
David Garske
97ab1bb013 Merge pull request #4154 from SparkiDev/hmac_update_ct 
TLS hmac: handle truncated mac in Hmac_UpdateFinal_CT()
 2021-06-24 09:28:22 -07:00
Sean Parkinson
2fb6a9eacf SAKKE: fix configurations 
Fix position of sp_1024_norm_18 now that div requires it:
./configure --disable-shared --enable-sakke --disable-eccsi
--enable-sp
Fix missing '{' in sp_mulmod_table_1024:
./configure --disable-shared --enable-sakke --enable-eccsi
--enable-smallstack  --enable-sp
 2021-06-24 14:01:27 +10:00
Sean Parkinson
92a4e30b69 Merge pull request #4158 from dgarske/nxp_ltc_rsa2 
Fixes for NXP LTC with RSA and Blinding
 2021-06-24 12:14:04 +10:00
David Garske
73c90369c6 Fix for int neg being defined mid code. Fix limit check for mp_mulmod using hardware vs software. Resolves issue when using WC_RSA_BLINDING. 2021-06-23 14:45:52 -07:00
David Garske
2d1b113f51 Fix for missing wolfcrypt_mp_prime_is_prime_ex def. 2021-06-23 14:45:52 -07:00
John Safranek
ae2f2b246e Merge pull request #4148 from BrianAker/master 
Fix for make distcheck, maintainer-clean, to allow distribution builds.
 2021-06-23 10:33:06 -07:00
David Garske
81daf9172b Merge pull request #3872 from ejohnstown/pcExt 
Policy Constraints Extension
 2021-06-23 09:40:15 -07:00
Hayden Roche
b3401bd102 Make a bunch of PKCS#8 improvements. 
- Add doxygen documentation for wc_GetPkcs8TraditionalOffset, wc_CreatePKCS8Key,
wc_EncryptPKCS8Key, and wc_DecryptPKCS8Key.
- Add a new API function, wc_CreateEncryptedPKCS8Key, which handles both
creation of an unencrypted PKCS#8 key and the subsequent encrypting of said key.
This is a wrapper around TraditionalEnc, which does the same thing. This may
become a first-class function at some point (i.e. not a wrapper). TraditionalEnc
is left as is since it is used in the wild.
- Added a unit test which exercises wc_CreateEncryptedPKCS8Key and
wc_DecryptPKCS8Key. Testing wc_CreateEncryptedPKCS8Key inherently also tests
TraditionalEnc, wc_CreatePKCS8Key, and wc_EncryptPKCS8Key.
- Modified wc_EncryptPKCS8Key to be able to return the required output buffer
size via LENGTH_ONLY_E idiom.
- Added parameter checking to wc_EncryptPKCS8Key and wc_DecryptPKCS8Key.
 2021-06-23 08:39:20 -07:00
John Safranek
f762672a12 Merge pull request #4157 from julek-wolfssl/app-data-reason 
Add a reason text for APP_DATA_READY
 2021-06-23 08:30:19 -07:00
Juliusz Sosinowicz
4eff3ff3dd Add a reason text for APP_DATA_READY 2021-06-23 13:43:56 +02:00
Sean Parkinson
945acb4c2f Reorg of ssl.c: standard C wrappers, EX_DATA, BUF_MEM, TXT_DB 2021-06-23 11:28:38 +10:00
Sean Parkinson
2923d812bd Merge pull request #4058 from miyazakh/qt_oslext_cs 
TLS: extend set_cipher_list() compatibility layer API
 2021-06-23 10:12:11 +10:00
Sean Parkinson
5cf7e17820 TLS hmac: handle truncated mac in Hmac_UpdateFinal_CT() 2021-06-23 09:54:41 +10:00
John Safranek
a5852fe440 Merge pull request #4119 from julek-wolfssl/dtls-seq-num-refactor 
Refactor `dtls_expected_peer_handshake_number` handling
 2021-06-22 16:29:45 -07:00
Sean Parkinson
eccfb4f632 Merge pull request #4125 from dgarske/sniffer_etsi 
TLS: Fixes for sniffer and static ephemeral keys
 2021-06-23 09:17:13 +10:00