mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,962 Commits 5 Branches 162 Tags
Commit Graph

15962 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
569c066fab Improve TLS client side session cache references to provide option for not returning an internal session cache pointer. Now use wolfSSL_get1_sesson for reference logic, that requires calling wolfSSL_SESSION_free. To disable this feature use NO_SESSION_CACHE_REF. 2021-12-23 14:25:45 -08:00
David Garske
57d2555ac8
Merge pull request #4695 from douzzer/20211222-fips-config-update-and-fix-test_RsaDecryptBoundsCheck 
fips config update and test-driven cleanup
 2021-12-23 10:38:36 -08:00
David Garske
a8605309c6
Merge pull request #4692 from haydenroche5/wolfssl_init_fipsv5 
Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init.
 2021-12-23 09:28:36 -08:00
Chris Conlon
9892f1f2d5
Merge pull request #4679 from dgarske/fips_ecc_pct 2021-12-23 10:27:51 -07:00
David Garske
40d5bd052f
Merge pull request #4693 from embhorn/zd13433 
Fix to init ctx in wc_Des3_SetKey
 2021-12-23 07:41:13 -08:00
Sean Parkinson
86e51b97e9
Merge pull request #4689 from haydenroche5/wolfengine_compression_fix 
Fix usage of SSL_OP_NO_COMPRESSION that was breaking wolfEngine.
 2021-12-23 10:47:30 +10:00
Daniel Pouzzner
a5b3daf216 fix whitespace. 2021-12-22 17:34:06 -06:00
Daniel Pouzzner
951eb72ecb fips-check.sh: update+streamline flavors -- add linuxv5-dev (checks out fips master same as old linuxv5-ready) , drop linuxv5-RC8, linuxv5-RC9, linuxv5-RC10, and the desupported/unbuildable fips-v3-ready; update linuxv5 and linuxv5-ready to use WCv5.0-RC11; use the term "flavor" consistently for the fips key (versus "version" or "platform"); cleanup to satisfy shellcheck. 2021-12-22 17:32:36 -06:00
Daniel Pouzzner
a6ed5dc92d configure.ac: update fips with RC11. 2021-12-22 17:32:36 -06:00
Daniel Pouzzner
b0a5b16068 api.c: fix logic in test_RsaDecryptBoundsCheck(). 2021-12-22 17:32:36 -06:00
Eric Blankenhorn
29c18a110b Fix to init ctx in wc_Des3_SetKey 2021-12-22 17:05:58 -06:00
David Garske
11e8d729c2
Merge pull request #4685 from SparkiDev/sp_gen_fix_1 
SP gen: Regenerate
 2021-12-22 15:02:03 -08:00
Hayden Roche
52754123d9 Call wc_SetSeed_Cb and wolfCrypt_SetPrivateKeyReadEnable_fips in wolfSSL_Init. 
Additionally, remove wc_SetSeed_Cb calls applications (e.g. example client and
server), since they are now redundant.
 2021-12-22 14:21:06 -08:00
Chris Conlon
8670e33baf
Merge pull request #4651 from TakayukiMatsuo/tsip_sce 2021-12-22 15:00:32 -07:00
Hayden Roche
646ceb259a Fix usage of SSL_OP_NO_COMPRESSION that was breaking wolfEngine. 
Replace instances of SSL_OP_NO_COMPRESSION with WOLFSSL_OP_NO_COMPRESSION in
ssl.c. Only define SSL_OP_NO_COMPRESSION when using the compatibility layer.
Before these changes, wolfEngine builds were failing due to
SSL_OP_NO_COMPRESSION being defined in both wolfSSL and OpenSSL headers.
 2021-12-22 10:23:51 -08:00
David Garske
38214bd083 Disable the FIPS consistency checks in ECC and DH for key generation by default. 2021-12-22 10:06:19 -08:00
David Garske
8d4c22abda
Merge pull request #4687 from julek-wolfssl/asn-template-var-init 
`items` needs to be initialized as the compiler complains
 2021-12-22 08:58:54 -08:00
David Garske
9d137668c7
Merge pull request #4675 from julek-wolfssl/openssh-8.8 
Fix macro name conflicts with openssh
 2021-12-22 08:31:36 -08:00
Juliusz Sosinowicz
8435eb4644 Add WC_ namespace to variable handling defines 2021-12-22 12:16:02 +01:00
Juliusz Sosinowicz
618599656f items needs to be initialized as the compiler complains 2021-12-22 10:42:48 +01:00
David Garske
ea432f45cd
Merge pull request #4686 from SparkiDev/fe448_cast 
Curve448: add casts for Windows
 2021-12-21 22:21:25 -08:00
TakayukiMatsuo
cd96330f2a Integrate Renesas TSIP specific code into Renesas common logics 2021-12-22 13:18:32 +09:00
Sean Parkinson
80e291fcd1 Curve448: add casts for Windows 2021-12-22 12:57:15 +10:00
Juliusz Sosinowicz
dd9b1afb72
Remove magic numbers from WOLFSSL_ASN_TEMPLATE code (#4582) 
* pkcs8KeyASN and other misc asn fixes

- Test fixes for testing with `USE_CERT_BUFFERS_1024`

* intASN

* bitStringASN

* objectIdASN

* algoIdASN

* rsaKeyASN

* pbes2ParamsASN

* pbes1ParamsASN

* pkcs8DecASN

* p8EncPbes1ASN

* rsaPublicKeyASN

* dhParamASN

* dhKeyPkcs8ASN

* dsaKeyASN

* dsaPubKeyASN

- Add `wc_SetDsaPublicKey` without header testing

* dsaKeyOctASN

* rsaCertKeyASN

* eccCertKeyASN

* rdnASN

* certNameASN

* digestInfoASN

* otherNameASN

* altNameASN

* basicConsASN

* crlDistASN

* accessDescASN

* authKeyIdASN

* keyUsageASN

* keyPurposeIdASN

* subTreeASN

* nameConstraintsASN

* policyInfoASN

* certExtHdrASN

* certExtASN

* x509CertASN

* reqAttrASN

* strAttrASN

* certReqASN

* eccPublicKeyASN

* edPubKeyASN

* ekuASN

* nameASN

* certExtsASN

* sigASN

* certReqBodyASN_IDX_EXT_BODY

* dsaSigASN

* eccSpecifiedASN

* eccKeyASN

* edKeyASN

* singleResponseASN

* respExtHdrASN

* ocspRespDataASN

* ocspBasicRespASN

* ocspResponseASN

* ocspNonceExtASN

* ocspRequestASN

* revokedASN

* crlASN

* pivASN

* pivCertASN

* dateASN

* `wc_SetDsaPublicKey` was not including `y` in the sequence length

* All index names changed to uppercase

* Shorten names in comments

* Make sure extensions have sequence header when in cert gen

* Fix/refactor size calc in `SetNameEx`

* Pad blocks for encryption

* Add casting for increased enum portability

* Use stack for small ASN types
 2021-12-22 11:28:01 +10:00
David Garske
af0bcef0ef
Merge pull request #4648 from embhorn/zd13365 
Fix - wolfSSL_init should cleanup on failure of a component
 2021-12-21 17:17:16 -08:00
David Garske
bf612c075b
Merge pull request #4668 from ejohnstown/kcapi-ecdsa 
KCAPI ECDSA Memory
 2021-12-21 15:32:33 -08:00
Sean Parkinson
bf37845e2d
Merge pull request #4680 from JacobBarthelmeh/certs 
update certificate expiration dates and fix autorenew
 2021-12-22 08:48:35 +10:00
Sean Parkinson
395c5815bd SP gen: Regenerate 
Put back in fix for SAKKE.
 2021-12-22 08:24:33 +10:00
David Garske
a6a071771b
Merge pull request #4681 from SparkiDev/sp_arm64_p384_mr 
SP ARM64: P-384 prime specific Montogmery Reduction
 2021-12-21 13:50:33 -08:00
JacobBarthelmeh
d28cb70735 fix for ed25519 client cert generation 2021-12-21 09:03:54 -08:00
Sean Parkinson
9f2419246e SP ARM64: P-384 prime specific Montogmery Reduction 
Improves performance
 2021-12-21 10:18:12 +10:00
JacobBarthelmeh
c0f8fd5f5d update certificate dates and fix autorenew 2021-12-20 16:04:05 -08:00
David Garske
6b47954d58
Merge pull request #4670 from julek-wolfssl/krb5-missing-api 
Missing config for krb5 1.16.1
 2021-12-20 15:54:41 -08:00
David Garske
3644d97dd8
Merge pull request #4613 from SparkiDev/sp_div_max 
SP math all: div handling of length of dividend
 2021-12-20 15:10:35 -08:00
David Garske
360a513696
Merge pull request #4553 from SparkiDev/sp_mont_inv_order_fix 
SP: fix when mont_mul_order is defined
 2021-12-20 15:09:08 -08:00
Sean Parkinson
463d050d3d
Merge pull request #4678 from dgarske/nightly 
Nightly fixes: PK with no AES and OCSP test with DTLS
 2021-12-21 09:00:22 +10:00
David Garske
0ce9703768
Merge pull request #4666 from SparkiDev/ecc_enc_mem 
ECC: better protection when using encrypted memory
 2021-12-20 14:48:13 -08:00
Sean Parkinson
bb306d14b7
Merge pull request #4643 from kareem-wolfssl/zd13328 
Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined.
 2021-12-21 08:02:17 +10:00
David Garske
d588437504
Merge pull request #4677 from anhu/oqs_to_pqc 
--with-liboqs now defines HAVE_LIBOQS and HAVE_PQC
 2021-12-20 13:00:30 -08:00
David Garske
d8b58b8b05 Put both DigiCert Global Root CA and GlobalSign Root CA into the Google CA list. Fixes --enable-dtls --enable-ocsp ./scripts/ocsp.test`. 2021-12-20 11:47:34 -08:00
David Garske
ebc64db7d0 Fix for --enable-pkcallbacks --disable-aes --disable-aesgcm. 2021-12-20 10:17:50 -08:00
David Garske
b290e8089c
Merge pull request #4672 from SparkiDev/sp_c_mont_red 
SP C: specific Montgomery reduction code for P256 and P384
 2021-12-20 09:50:54 -08:00
Anthony Hu
79f6301521 Add error for case of user defining HAVE_PQC without HAVE_LIBOQS. 2021-12-20 12:42:09 -05:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00
Sean Parkinson
6d2da74c21
Merge pull request #4625 from dgarske/zd13208 
Fix for PKCS7 verify to handle content type OID with indef BER encoding
 2021-12-20 14:49:59 +10:00
David Garske
ce4f436d0f
Merge pull request #4587 from SparkiDev/dis_algs_fix_1 
Disable algorithms: fixes
 2021-12-19 20:12:30 -08:00
David Garske
2477574a69 Fix for PKCS7 verify to handle pkcs7-data content type OID with indef BER encoding. ZD13208 2021-12-17 14:24:35 -08:00
David Garske
ab9eda636a
Merge pull request #4671 from lealem47/remove-n 
Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER
 2021-12-17 14:04:42 -08:00
John Safranek
b45f1ed761
KCAPI ECDSA Memory 
Use page aligned memory when using ECDSA signing and verify.
 2021-12-17 11:11:16 -08:00
David Garske
97830b81d6
Merge pull request #4674 from anhu/uninitialized 
Fix unitialized usage
 2021-12-17 10:51:43 -08:00