mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,962 Commits 5 Branches 162 Tags
Commit Graph

15962 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Blankenhorn
53eb5d2e5a Fix _sp_exptmod_base_2 to init vars. 2021-12-13 10:16:55 -06:00
Daniel Pouzzner
355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Daniel Pouzzner
2193df1d62 add WOLFSSL_ECC_NO_SMALL_STACK. 2021-12-10 23:57:14 -06:00
David Garske
41d4aafa3f
Merge pull request #4645 from haydenroche5/parse_cert_public 
Make wolfCrypt ASN cert parsing functionality public.
 2021-12-10 18:27:18 -08:00
Anthony Hu
eec9649049 Mention falcon in the changelog 2021-12-10 16:54:13 -05:00
kaleb-himes
7cccaa98b7 The minimal changes needed to add KCAPI support with fips-ready 2021-12-10 14:44:20 -07:00
Anthony Hu
4c12f0be95 Only one call to wc_falcon_init() and comment on 300. 2021-12-10 16:40:41 -05:00
Anthony Hu
1d8ff70900 In d2iGenericKey(), if a falcon key is encountered, make a dummy pkey. 
This allows apache-httpd to work without PQ-specific patch along with a previous
pull request.
 2021-12-10 14:18:42 -05:00
Hayden Roche
6764e7c15f Make wolfCrypt ASN cert parsing functionality public. 
Currently, the `ParseCert` function is only available if `WOLFSSL_ASN_API` is
defined to `WOLFSSL_API`. The only way to achieve this without enabling the
compatibility layer is to define `WOLFSSL_TEST_CERT`. There are users defining
this so that they can parse certs with wolfCrypt, even though this doesn't seem
to be the original intent of the define. This commit adds the function
`wc_ParseCert` to the public wolfCrypt API. It's simply a wrapper around
`ParseCert`. Similarly, this commit adds `wc_InitDecodedCert` and
`wc_FreeDecodedCert` to the public API, which are wrappers around
`InitDecodedCert` and `FreeDecodedCert`, respectively.
 2021-12-10 10:43:28 -08:00
David Garske
dde8cd9039
Merge pull request #4646 from julek-wolfssl/SSL_OP_NO_COMPRESSION-redef-error 
Fix redefinition error of `WOLFSSL_OP_NO_COMPRESSION`
 2021-12-10 08:46:43 -08:00
David Garske
65a0b71994
Merge pull request #4641 from anhu/priv_key_check 
Actually do a private/public key check for FALCON.
 2021-12-10 06:53:35 -08:00
Juliusz Sosinowicz
e40ba00ece Fix redefinition error of WOLFSSL_OP_NO_COMPRESSION 2021-12-10 15:11:11 +01:00
Anthony Hu
6b5fa9d0ae remove consistency check; let it fail elsewhere. 2021-12-09 17:12:42 -05:00
David Garske
b921161309
Merge pull request #4633 from SparkiDev/tls13_expired 
TLS13: Skip if expired rather than turning off resuming
 2021-12-09 14:10:42 -08:00
David Garske
dd0e3d6ebf
Merge pull request #4644 from kareem-wolfssl/iotsafe_class 
Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'.
 2021-12-09 09:10:24 -08:00
Anthony Hu
494abde3eb Better casting. 2021-12-09 09:45:28 -05:00
Daniele Lacamera
f02763b088 Fixes after review comments 2021-12-09 11:23:44 +01:00
David Garske
4764c4d6fa
Merge pull request #4636 from JacobBarthelmeh/client 
print out PEM of peer cert with example client
 2021-12-08 20:04:57 -08:00
Sean Parkinson
32014c69fd TLS 13 session ticket timeout: fixup checks 
Check difference between now and ticket seen from encrypted ticket
against timeout.
 2021-12-09 12:43:30 +10:00
Sean Parkinson
6da0cc1ced
Merge pull request #4600 from dgarske/cust_oid 
Support for Custom OID in subject and CSR request extension
 2021-12-09 11:24:30 +10:00
Kareem
4200cf1b4d Fix compiling Iotsafe with C++ by avoiding reserved keyword 'class'. 2021-12-08 17:17:58 -07:00
Kareem
376be0f66a Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined. 2021-12-08 16:51:51 -07:00
Anthony Hu
7022eb6f89 Actually do a private/public key check for FALCON. 2021-12-08 18:04:11 -05:00
David Garske
dac0c21989
Merge pull request #4640 from anhu/prevent_stack_corruption 
Pass in pointer to a local size_t var, not word32 var to prevent stack corruption
 2021-12-08 14:44:07 -08:00
Sean Parkinson
cf0d3263ac
Merge pull request #4628 from julek-wolfssl/issue-4623 
Handle an `EPIPE` error from the socket
 2021-12-09 08:08:56 +10:00
Anthony Hu
74442605fa Pass in pointer to a local size_t var, not word32 var to prevent stack corruption. 2021-12-08 16:01:52 -05:00
Jacob Barthelmeh
ad078a7358 adjust macro guard in example client 2021-12-08 13:45:37 -07:00
Jacob Barthelmeh
0446d93285 add deterministic k variant for ECC to enable all 2021-12-08 10:49:17 -07:00
Jacob Barthelmeh
dfce101b5b deterministic ECC sign edge case fix and add variant 2021-12-08 09:54:47 -07:00
Chris Conlon
dd0e1226b7
Merge pull request #4638 from miyazakh/sce_protect_iar_compiler 2021-12-08 09:50:16 -07:00
Hideki Miyazaki
081d28f556
better handling for global index 
fix function proto type definition
 2021-12-08 11:42:23 +09:00
Sean Parkinson
3b65a4876f SP C RSA: normalize tmpa after conditionally adding p 
Numbers in a word get too big for fast mul implementation when not
normalized.
Only affects RSA keys where p < q.
 2021-12-08 11:25:20 +10:00
Jacob Barthelmeh
9a07b3af9b print out PEM of peer cert with example client 2021-12-07 14:07:47 -07:00
Kaleb Himes
8609d98122
Merge pull request #4635 from julek-wolfssl/PrintPubKeyEC-wrong-free 
Return early on failed `key` init
 2021-12-07 13:28:53 -07:00
Juliusz Sosinowicz
223f25149b Return early on failed key init 2021-12-07 18:11:19 +01:00
Kaleb Himes
96daf2bede
Merge pull request #4632 from julek-wolfssl/PrintPubKeyEC-leak 
`a` and `key` were not being freed => leak in `PrintPubKeyEC`
 2021-12-07 07:20:05 -07:00
Daniele Lacamera
1cb8b34fba IoT-SAFE: minor fixes + doxygen for new API calls 2021-12-07 14:11:14 +01:00
Daniele Lacamera
9e73c324a4 iot-safe: Fixed debug printf, updated slot number for 16-bit demo 2021-12-07 14:11:14 +01:00
Daniele Lacamera
23982e4fb3 Fixed wolfIoT_ecc_keygen when key is stored during generation 2021-12-07 14:11:14 +01:00
Daniele Lacamera
b23d51ab78 Avoid looping on uart read after applet initialization fails 2021-12-07 14:11:14 +01:00
Daniele Lacamera
5da89c6275 Clear meaning for the return value of iotsafe_gen_keypair 2021-12-07 14:11:14 +01:00
Kareem
4d483b0a28 iotsafe: allow init to continue with empty response 2021-12-07 14:11:13 +01:00
Daniele Lacamera
29e20eeadc Fix to rebase branch on current master 2021-12-07 14:11:13 +01:00
Daniele Lacamera
e551f439f4 Reworked expect_tok to fix NULL dereferences 2021-12-07 14:11:13 +01:00
Daniele Lacamera
0c0f36d67d IoT-SAFE: Minor fixes 
- reverted length change in put public operation
- Loading CA from IoT-SAFE file slot in 16bit demo
 2021-12-07 14:11:13 +01:00
Daniele Lacamera
2646747f2a Fixed 8bit variable overflow/useless code 2021-12-07 14:11:13 +01:00
Daniele Lacamera
0621ba061b Multiple fixes for IoT-SAFE 
- Tested with a different SIM:
  - 16bit IDs
  - Directly retrieving public key from keygen function
  - larger response buffers (up to 256 bytes in ReadFile)
  - Fixed hardcoded length in ID buffers
 2021-12-07 14:11:13 +01:00
Daniele Lacamera
2f17a7e626 Support longer-than-8bit IDs for IoTSAFE key/file slots 2021-12-07 14:11:13 +01:00
Juliusz Sosinowicz
574d171357 Fix leak when mp_int = 0 in integer.c 2021-12-07 12:46:24 +01:00
Sean Parkinson
85ec6054c6 TLS13: Skip if expired rather than turning off resuming 2021-12-07 13:58:38 +10:00