mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,291 Commits 5 Branches 162 Tags
Commit Graph

11291 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sean Parkinson
0295b5ae3b If encryption setup, TLS 1.3 alerts encrypted 2020-05-13 16:14:47 +10:00
toddouska
6c9a0e440e
Merge pull request #2959 from dgarske/wpas_tiny 
Added wpa_supplicant support with reduced code size option
 2020-05-11 08:55:22 -07:00
Sean Parkinson
7c98451f24
Merge pull request #2961 from kaleb-himes/WOLFSSL_EXAMPLES 
Fix failing build for rsa_verify_only example
 2020-05-11 09:31:31 +10:00
JacobBarthelmeh
81dc0ac56f
Merge pull request #2956 from tmael/hkdf 
Check HKDF-Expand length of output <= 255*HashLen
 2020-05-08 16:36:40 -06:00
kaleb-himes
82c86447e7 Fix failing build for rsa_verify_only example 2020-05-08 16:18:30 -06:00
David Garske
51b5f84d00
Merge pull request #2938 from JacobBarthelmeh/Xilinx 
add Xilinx Vitis 2019.2 example and update README
 2020-05-08 15:05:19 -07:00
David Garske
10aa8a4ffc Added support --enable-wpas=small for reduced code size when building against the WPA supplicant with EAP-TLS. This does not use OPENSSL_EXTRA, which helps reduce code size. 2020-05-08 13:38:26 -07:00
toddouska
6b930d996c
Merge pull request #2958 from julek-wolfssl/ASN_IP_TYPE-without-openssl 
Support IP alternative subject name without OpenSSL
 2020-05-08 13:27:27 -07:00
toddouska
4a44b7b781
Merge pull request #2954 from SparkiDev/sp_rsa_pq_len 
Only use SP for RSA private operations if P and Q half bits
 2020-05-08 08:30:30 -07:00
Juliusz Sosinowicz
b5886e0e37 Add option --enable-ip-alt-name 
This commit adds the configure option `--enable-ip-alt-name` that enables support for the IP alternative subject name parsing in `wolfcrypt/src/asn.c:DecodeAltNames`.
 2020-05-08 13:20:24 +02:00
Tesfa Mael
b39e384cfd Review comment 2020-05-07 13:39:53 -07:00
toddouska
cb0fb88e44
Merge pull request #2955 from JacobBarthelmeh/Testing 
fix for scep build without aes
 2020-05-07 08:44:39 -07:00
toddouska
3ef7e588d2
Merge pull request #2932 from kaleb-himes/ZD10223 
Fix building with one-side only tls13/dtls
 2020-05-07 08:43:36 -07:00
David Garske
943f6c4447
Merge pull request #2957 from SparkiDev/sp_c_cr_fix 
SP C: Fix array size for cache resistant modexp
 2020-05-07 06:26:39 -07:00
Juliusz Sosinowicz
9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
Sean Parkinson
b331804c27 SP C: Fix array size for cache resistant modexp 2020-05-07 10:00:14 +10:00
Jacob Barthelmeh
6619db580d fix for scep build without aes 2020-05-06 16:58:54 -06:00
Tesfa Mael
2ab478f8fd Check length of output <= 255*HashLen 2020-05-06 15:47:39 -07:00
Sean Parkinson
c4af5db4b9 Only use SP for RSA private operations if P and Q half bits 2020-05-07 08:46:48 +10:00
JacobBarthelmeh
c962aa4181 add sprj file 2020-05-06 12:13:22 -07:00
toddouska
be3c39ed1c
Merge pull request #2948 from JacobBarthelmeh/SanityChecks 
update armv8 aes gcm sanity checks
 2020-05-06 10:31:09 -07:00
Jacob Barthelmeh
3b6b59cea0 add 2019.2 Xilinx example and update README 
fix to remove xml extension

add missing project file

update project

update dist include

rm prj files
 2020-05-06 09:54:06 -06:00
toddouska
5e45767cc3
Merge pull request #2943 from JacobBarthelmeh/Testing 
check on length of unwrap before memmove
 2020-05-05 11:09:06 -07:00
Jacob Barthelmeh
0f6fef8384 update armv8 aes gcm sanity checks 2020-05-05 09:47:05 -06:00
Sean Parkinson
74040c62af
Merge pull request #2944 from dgarske/sp_cacheres 
Fixes for C32/C64 SP math with `WOLFSSL_SP_CACHE_RESISTANT`
 2020-05-05 10:43:00 +10:00
Sean Parkinson
09bc460c2e
Merge pull request #2946 from dgarske/gcc9 
Fix for GCC9 warning
 2020-05-05 10:29:56 +10:00
David Garske
8161dfe3aa Fix for GCC9 warning. 
```
src/tls.c:201:13: note: in expansion of macro 'XSTRNCMP'
  201 |         if (XSTRNCMP((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0)
      |             ^~~~~~~~
In file included from src/tls.c:33:
./wolfssl/internal.h:4312:19: note: referenced argument declared here
 4312 | static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
      |                   ^~~~~~
```
 2020-05-04 15:07:28 -07:00
David Garske
174b4d5159 Cleanup of SP with small stack. Expand support for WOLFSSL_SP_NO_MALLOC. Fix for evp.c when included directly. 2020-05-04 14:23:32 -07:00
Chris Conlon
df067b6781
Merge pull request #2919 from kaleb-himes/ZD10194 
Fix for Freescale common examples that predated hardening warning
 2020-05-04 13:43:07 -06:00
kaleb-himes
62d67c3da1 Don't need if not using TLS 1.2 2020-05-04 12:54:36 -06:00
toddouska
da01961254
Merge pull request #2939 from JacobBarthelmeh/SanityChecks 
sanity check on PemToDer type
 2020-05-04 11:26:33 -07:00
toddouska
d848495a66
Merge pull request #2937 from dgarske/wolfio_tcpcon_fd 
Fix issue with failed TCP connect using invalid socket file descriptor
 2020-05-04 11:22:54 -07:00
David Garske
8e0f5ef8ce Fixes for WOLFSSL_SP_CACHE_RESISTANT with small stack. 2020-05-04 11:22:12 -07:00
David Garske
c28ad38b16 Fix for cast issue caused by PR #2900. Applies to WOLFSSL_SP_CACHE_RESISTANT and c32/c64 versions only. 2020-05-04 10:49:59 -07:00
Jacob Barthelmeh
082e51d778 check on length of unwrap before memmove 2020-05-04 10:32:05 -06:00
Jacob Barthelmeh
9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
toddouska
3944c8eb73
Merge pull request #2935 from ejohnstown/hush-tfm 
Hush TFM Warnings
 2020-05-01 08:26:42 -07:00
David Garske
31502ec3f9 Fix issue with failed TCP connect using invalid socket file descriptor on close. Fixes #2936 2020-05-01 07:32:00 -07:00
John Safranek
b6bd86d2b1
TFM Warnings 
When building in VS, the MSC will complain about some constants getting
implicitly promoted to 64-bit. Added some type-casts to hush the warnings.
 2020-04-30 19:43:18 -07:00
toddouska
f772bc8d9a
Merge pull request #2923 from dgarske/pic32mz 
Fixes for PIC32MZ crypto hardware cache and large hash
 2020-04-30 16:22:13 -07:00
toddouska
df9dd3012f
Merge pull request #2934 from SparkiDev/tls13_cookie_ks 
TLS13: Prepend the SupportedVersions extension to list
 2020-04-30 14:58:11 -07:00
toddouska
a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks 
check on tag length for AES-CCM
 2020-04-30 14:51:20 -07:00
Sean Parkinson
7879d3762a TLS13: Prepend the SupportedVersions extension to list 
Must have SupportedVersions at start of list for Cookie to be
constructed correctly.
Application can set the key share extension before handshake and
SupportedVersions will be added after. Extensions written in order of
adding to list.
Prepend SupportedVersions so that it will always appear in the correct
place so when reconstructing HelloRetryRequest, the extensions will
always be in the same order.
 2020-04-30 08:46:23 +10:00
Jacob Barthelmeh
505fbed4df fix AES-CCM tag size check on decryption 2020-04-29 15:15:54 -06:00
toddouska
7e267546cb
Merge pull request #2933 from SparkiDev/tls13_rsa8192 
Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA
 2020-04-29 11:24:44 -07:00
Sean Parkinson
390f066028 Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA 2020-04-29 12:37:41 +10:00
Sean Parkinson
e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
Jacob Barthelmeh
b73e52f33f move AES-CCM tag check into a local function 2020-04-28 14:46:06 -06:00
kaleb-himes
951cb4aaf4 Fix building with one-side only tls13/dtls 2020-04-28 14:33:00 -06:00
toddouska
f770d28ff0
Merge pull request #2916 from dgarske/testfixes 
Improvements to ECC key decode and tests
 2020-04-28 09:57:44 -07:00