Merge pull request #1916 from JacobBarthelmeh/Release

Prepare for release v3.15.5

ChangeLog.md

@@ -1,3 +1,78 @@
+# wolfSSL Release 3.15.5 (11/07/2018)
+
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:
+
+* Fixes for GCC-8 warnings with strings
+* Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+* Fixes for OCSP use with NGINX port
+* Renamed the macro INLINE to WC_INLINE for inline functions
+* Doxygen updates and formatting for documentation generation
+* Added support for the STM32L4 with AES/SHA hardware acceleration
+* Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+* Added public key callbacks to ConfirmSignature function to expand public key callback support
+* Added ECC and Curve25519 key generation callback support
+* Fix for memory management with wolfSSL_BN_hex2bn function
+* Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+* Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+* OCSP stapling in TLS 1.3 additions
+* Port for ASIO added with --enable-asio configure flag
+* Contiki port added with macro WOLFSSL_CONTIKI
+* Memory free optimizations with adding in earlier free’s where possible
+* Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+* Certificate validation time generation updated
+* Fixes for MQX classic 4.0 with IAR-EWARM
+* Fix for assembly optimized version of Curve25519
+* Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+* Relocate compatibility layer functions for OpenSSH port update
+* Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+* Updates to Nucleus version supported
+* Stack size reduction with smallstack build
+* Updates to Rowley-Crossworks settings for CMSIS 4
+* Added reference STSAFE-A100 public key callbacks for TLS support
+* Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+* Updated support for latest CryptoAuthLib (10/25/2018)
+* Added a wolfSSL static library project for Atollic TrueSTUDIO
+* Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+* AF_ALG and cryptodev-linux crypto support added
+* Update to IO callbacks with use of WOLFSSL_BIO
+* Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+* Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+* Updates to XCODE build with wolfSSL
+* Fix for guard on when to include sys/time.h header
+* Updates and enhancements to the GCC-ARM example
+* Fix for PKCS8 padding with encryption
+* Updates for wolfcrypt JNI wrapper
+* ALT_ECC_SIZE use with SP math
+* PIC32MZ hardware acceleration buffer alignment fixes
+* Renesas e2studio project files added
+* Renesas RX example project added
+* Fix for DH algorithm when using SP math with ARM assembly
+* Fixes and enhancements for NXP K82 support
+* Benchmark enhancements to print in CSV format and in Japanese
+* Support for PKCS#11 added with --enable-pkcs11
+* Fixes for asynchronous crypto use with TLS 1.3
+* TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+* Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+* Added --enable-asn=nocrypt for certificate only parsing support
+* Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+* Added APIs to support GZIP
+* Updates to support Lighttpd
+* Version resource added for Windows DLL builds
+* Increased code coverage with additional testing
+* Added support for constructed OCTET_STRING with PKCS#7 signed data
+* Added DTLS either (server/client) side initialization setting
+* Minor fixes for building with MINGW32 compiler
+* Added support for generic ECC PEM header/footer with PKCS8 parsing
+* Added Japanese output to example server and client with “-1 1” flag
+* Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+* Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+* Streaming capability for PKCS#7 decoding and sign verify added
+
+
+See INSTALL file for build instructions.
+More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
+
+
 # wolfSSL Release 3.15.3 (6/20/2018)
 
 Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:

README

@@ -73,46 +73,81 @@ should be used for the enum name.
 *** end Notes ***
 
 
-********* wolfSSL Release 3.15.3 (6/20/2018)
+********* wolfSSL Release 3.15.5 (11/07/2018)
 
-Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:
-
-- ECDSA blinding added for hardening against side channel attacks
-- Fix for compatibility layer build with no server and no client defined
-- Use of optimized Intel assembly instructions on compatible AMD processor
-- wolfCrypt Nucleus port additions
-- Fix added for MatchDomainName and additional tests added
-- Fixes for building with ‘WOLFSSL_ATECC508A’ defined
-- Fix for verifying a PKCS7 file in BER format with indefinite size
-
-
-This release of wolfSSL fixes 2 security vulnerability fixes.
-
-Medium level fix for PRIME + PROBE attack combined with a variant of Lucky 13.
-Constant time hardening was done to avoid potential cache-based side channel
-attacks when verifying the MAC on a TLS packet. CBC cipher suites are
-susceptible on systems where an attacker could gain access and run a parallel
-program for inspecting caching. Only wolfSSL users that are using TLS/DTLS CBC
-cipher suites need to update. Users that have only AEAD and stream cipher suites
-set, or have built with WOLFSSL_MAX_STRENGTH (--enable-maxstrength), are not
-vulnerable. Thanks to Eyal Ronen, Kenny Paterson, and Adi Shamir for the report.
-
-Medium level fix for a ECDSA side channel attack. wolfSSL is one of over a dozen
-vendors mentioned in the recent Technical Advisory “ROHNP” by author Ryan
-Keegan. Only wolfSSL users with long term ECDSA private keys using our fastmath
-or normal math libraries on systems where attackers can get access to the
-machine using the ECDSA key need to update.  An attacker gaining access to the
-system could mount a memory cache side channel attack that could recover the key
-within a few thousand signatures. wolfSSL users that are not using ECDSA private
-keys, that are using the single precision math library, or that are using ECDSA
-offloading do not need to update. (blog with more information
-https://www.wolfssl.com/wolfssh-and-rohnp/)
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:
 
+- Fixes for GCC-8 warnings with strings
+- Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+- Fixes for OCSP use with NGINX port
+- Renamed the macro INLINE to WC_INLINE for inline functions
+- Doxygen updates and formatting for documentation generation
+- Added support for the STM32L4 with AES/SHA hardware acceleration
+- Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+- Added public key callbacks to ConfirmSignature function to expand public key callback support
+- Added ECC and Curve25519 key generation callback support
+- Fix for memory management with wolfSSL_BN_hex2bn function
+- Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+- Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+- OCSP stapling in TLS 1.3 additions
+- Port for ASIO added with --enable-asio configure flag
+- Contiki port added with macro WOLFSSL_CONTIKI
+- Memory free optimizations with adding in earlier free’s where possible
+- Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+- Certificate validation time generation updated
+- Fixes for MQX classic 4.0 with IAR-EWARM
+- Fix for assembly optimized version of Curve25519
+- Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+- Relocate compatibility layer functions for OpenSSH port update
+- Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+- Updates to Nucleus version supported
+- Stack size reduction with smallstack build
+- Updates to Rowley-Crossworks settings for CMSIS 4
+- Added reference STSAFE-A100 public key callbacks for TLS support
+- Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+- Updated support for latest CryptoAuthLib (10/25/2018)
+- Added a wolfSSL static library project for Atollic TrueSTUDIO
+- Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+- AF_ALG and cryptodev-linux crypto support added
+- Update to IO callbacks with use of WOLFSSL_BIO
+- Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+- Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+- Updates to XCODE build with wolfSSL
+- Fix for guard on when to include sys/time.h header
+- Updates and enhancements to the GCC-ARM example
+- Fix for PKCS8 padding with encryption
+- Updates for wolfcrypt JNI wrapper
+- ALT_ECC_SIZE use with SP math
+- PIC32MZ hardware acceleration buffer alignment fixes
+- Renesas e2studio project files added
+- Renesas RX example project added
+- Fix for DH algorithm when using SP math with ARM assembly
+- Fixes and enhancements for NXP K82 support
+- Benchmark enhancements to print in CSV format and in Japanese
+- Support for PKCS#11 added with --enable-pkcs11
+- Fixes for asynchronous crypto use with TLS 1.3
+- TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+- Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+- Added --enable-asn=nocrypt for certificate only parsing support
+- Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+- Added APIs to support GZIP
+- Updates to support Lighttpd
+- Version resource added for Windows DLL builds
+- Increased code coverage with additional testing
+- Added support for constructed OCTET_STRING with PKCS#7 signed data
+- Added DTLS either (server/client) side initialization setting
+- Minor fixes for building with MINGW32 compiler
+- Added support for generic ECC PEM header/footer with PKCS8 parsing
+- Added Japanese output to example server and client with “-1 1” flag
+- Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+- Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+- Streaming capability for PKCS#7 decoding and sign verify added
 
 
 See INSTALL file for build instructions.
 More info can be found on-line at http://wolfssl.com/wolfSSL/Docs.html
 
+
 *** Resources ***
 
 

README.md

@@ -58,24 +58,75 @@ hash function. Instead the name WC_SHA, WC_SHA256, WC_SHA384 and WC_SHA512
 should be used for the enum name.
 ```
 
-# wolfSSL Release 3.15.3 (6/20/2018)
+# wolfSSL Release 3.15.5 (11/07/2018)
 
-Release 3.15.3 of wolfSSL embedded TLS has bug fixes and new features including:
+Release 3.15.5 of wolfSSL embedded TLS has bug fixes and new features including:
 
-* ECDSA blinding added for hardening against side channel attacks
-* Fix for compatibility layer build with no server and no client defined
-* Use of optimized Intel assembly instructions on compatible AMD processor
-* wolfCrypt Nucleus port additions
-* Fix added for MatchDomainName and additional tests added
-* Fixes for building with ‘WOLFSSL_ATECC508A’ defined
-* Fix for verifying a PKCS7 file in BER format with indefinite size
-
-
-This release of wolfSSL fixes 2 security vulnerability fixes.
-
-Medium level fix for PRIME + PROBE attack combined with a variant of Lucky 13. Constant time hardening was done to avoid potential cache-based side channel attacks when verifying the MAC on a TLS packet. CBC cipher suites are susceptible on systems where an attacker could gain access and run a parallel program for inspecting caching. Only wolfSSL users that are using TLS/DTLS CBC cipher suites need to update. Users that have only AEAD and stream cipher suites set, or have built with WOLFSSL_MAX_STRENGTH (--enable-maxstrength), are not vulnerable. Thanks to Eyal Ronen, Kenny Paterson, and Adi Shamir for the report.
-
-Medium level fix for a ECDSA side channel attack. wolfSSL is one of over a dozen vendors mentioned in the recent Technical Advisory “ROHNP” by author Ryan Keegan. Only wolfSSL users with long term ECDSA private keys using our fastmath or normal math libraries on systems where attackers can get access to the machine using the ECDSA key need to update.  An attacker gaining access to the system could mount a memory cache side channel attack that could recover the key within a few thousand signatures. wolfSSL users that are not using ECDSA private keys, that are using the single precision math library, or that are using ECDSA offloading do not need to update. (blog with more information https://www.wolfssl.com/wolfssh-and-rohnp/)
+* Fixes for GCC-8 warnings with strings
+* Additional compatibility API’s added, including functions like wolfSSL_X509_CA_num and wolfSSL_PEM_read_X509_CRL
+* Fixes for OCSP use with NGINX port
+* Renamed the macro INLINE to WC_INLINE for inline functions
+* Doxygen updates and formatting for documentation generation
+* Added support for the STM32L4 with AES/SHA hardware acceleration
+* Adds checking for critical extension with certificate Auth ID and the macro WOLFSSL_ALLOW_CRIT_SKID to override the check
+* Added public key callbacks to ConfirmSignature function to expand public key callback support
+* Added ECC and Curve25519 key generation callback support
+* Fix for memory management with wolfSSL_BN_hex2bn function
+* Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free
+* Port to apache mynewt added in the directory wolfssl-3.15.5/IDE/mynewt/*
+* OCSP stapling in TLS 1.3 additions
+* Port for ASIO added with --enable-asio configure flag
+* Contiki port added with macro WOLFSSL_CONTIKI
+* Memory free optimizations with adding in earlier free’s where possible
+* Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes
+* Certificate validation time generation updated
+* Fixes for MQX classic 4.0 with IAR-EWARM
+* Fix for assembly optimized version of Curve25519
+* Make SOCKET_PEER_CLOSED_E consistent between read and write cases
+* Relocate compatibility layer functions for OpenSSH port update
+* Update to Intel® SGX port, files included by Windows version and macros defined when using WOLFSSL_SGX
+* Updates to Nucleus version supported
+* Stack size reduction with smallstack build
+* Updates to Rowley-Crossworks settings for CMSIS 4
+* Added reference STSAFE-A100 public key callbacks for TLS support
+* Added reference ATECC508A/ATECC608A public key callbacks for TLS support
+* Updated support for latest CryptoAuthLib (10/25/2018)
+* Added a wolfSSL static library project for Atollic TrueSTUDIO
+* Flag to disable AES-CBC and have only AEAD cipher suites with TLS
+* AF_ALG and cryptodev-linux crypto support added
+* Update to IO callbacks with use of WOLFSSL_BIO
+* Additional support for parsing certificate subject OIDs (businessCategory, jurisdiction of incorporation country, and jurisdiction of incorporation state)
+* Added  wc_ecc_ecport_ex and wc_export_inti API's for ECC hex string exporting
+* Updates to XCODE build with wolfSSL
+* Fix for guard on when to include sys/time.h header
+* Updates and enhancements to the GCC-ARM example
+* Fix for PKCS8 padding with encryption
+* Updates for wolfcrypt JNI wrapper
+* ALT_ECC_SIZE use with SP math
+* PIC32MZ hardware acceleration buffer alignment fixes
+* Renesas e2studio project files added
+* Renesas RX example project added
+* Fix for DH algorithm when using SP math with ARM assembly
+* Fixes and enhancements for NXP K82 support
+* Benchmark enhancements to print in CSV format and in Japanese
+* Support for PKCS#11 added with --enable-pkcs11
+* Fixes for asynchronous crypto use with TLS 1.3
+* TLS 1.3 only build, allows for disabling TLS 1.2 and earlier protocols
+* Fix for GCC warnings in function wolfSSL_ASN1_TIME_adj
+* Added --enable-asn=nocrypt for certificate only parsing support
+* Added support for parsing PIV format certificates with the function wc_ParseCertPIV and macro WOLFSSL_CERT_PIV
+* Added APIs to support GZIP
+* Updates to support Lighttpd
+* Version resource added for Windows DLL builds
+* Increased code coverage with additional testing
+* Added support for constructed OCTET_STRING with PKCS#7 signed data
+* Added DTLS either (server/client) side initialization setting
+* Minor fixes for building with MINGW32 compiler
+* Added support for generic ECC PEM header/footer with PKCS8 parsing
+* Added Japanese output to example server and client with “-1 1” flag
+* Added USE_ECDSA_KEYSZ_HASH_ALGO macro for building to use digest sizes that match ephemeral key size
+* Expand PKCS#7 CMS support with KEKRI, PWRI and ORI
+* Streaming capability for PKCS#7 decoding and sign verify added
 
 
 See INSTALL file for build instructions.

configure.ac

@@ -7,7 +7,7 @@
 #
 AC_COPYRIGHT([Copyright (C) 2006-2018 wolfSSL Inc.])
 AC_PREREQ([2.63])
-AC_INIT([wolfssl],[3.15.3],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
+AC_INIT([wolfssl],[3.15.5],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
 AC_CONFIG_AUX_DIR([build-aux])
 
 # The following sets CFLAGS and CXXFLAGS to empty if unset on command line.
@@ -34,7 +34,7 @@ LT_PREREQ([2.2])
 LT_INIT([disable-static win32-dll])
 
 #shared library versioning
-WOLFSSL_LIBRARY_VERSION=18:0:0
+WOLFSSL_LIBRARY_VERSION=19:0:0
 #                        | | |
 #                 +------+ | +---+
 #                 |        |     |

examples/server/server.c

@@ -832,7 +832,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     (void)updateKeysIVs;
     (void)postHandAuth;
     (void)mcastID;
-    (void)useX25519;
     (void)loadCertKeyIntoSSLObj;
 
 #ifdef WOLFSSL_TIRTOS
@@ -2052,6 +2051,7 @@ exit:
     (void) useNtruKey;
     (void) ourDhParam;
     (void) ourCert;
+    (void) useX25519;
 #ifndef WOLFSSL_TIRTOS
     return 0;
 #endif

rpm/spec.in

@@ -73,8 +73,8 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_docdir}/wolfssl/README.txt
 %{_libdir}/libwolfssl.la
 %{_libdir}/libwolfssl.so
-%{_libdir}/libwolfssl.so.18
-%{_libdir}/libwolfssl.so.18.0.0
+%{_libdir}/libwolfssl.so.19
+%{_libdir}/libwolfssl.so.19.0.0
 
 %files devel
 %defattr(-,root,root,-)

wolfcrypt/src/aes.c

@@ -8779,7 +8779,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
                      const byte* authIn, word32 authInSz)
 {
 #ifdef WOLFSSL_AESNI
-    int res;
+    int res = AES_GCM_AUTH_E;
 #endif
 
     /* argument checks */

wolfcrypt/src/asn.c

@@ -4982,7 +4982,7 @@ int GetAsnTimeString(void* currTime, byte* buf, word32 len)
     if (buf == NULL || len == 0)
         return BAD_FUNC_ARG;
 
-    ts = (struct tm *)XGMTIME(currTime, tmpTime);
+    ts = (struct tm *)XGMTIME((time_t*)currTime, tmpTime);
     if (ts == NULL){
         WOLFSSL_MSG("failed to get time data.");
         return ASN_TIME_E;

wolfcrypt/src/pkcs7.c

@@ -51,6 +51,11 @@
     #include <wolfcrypt/src/misc.c>
 #endif
 
+#ifdef HAVE_SELFTEST
+enum {
+    GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
+};
+#endif
 
 /* direction for processing, encoding or decoding */
 typedef enum {

wolfssl/version.h

@@ -28,8 +28,8 @@
 extern "C" {
 #endif
 
-#define LIBWOLFSSL_VERSION_STRING "3.15.3"
-#define LIBWOLFSSL_VERSION_HEX 0x03015003
+#define LIBWOLFSSL_VERSION_STRING "3.15.5"
+#define LIBWOLFSSL_VERSION_HEX 0x03015005
 
 #ifdef __cplusplus
 }