mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,662 Commits 5 Branches 162 Tags
Commit Graph

14662 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hideki Miyazaki
6a3ff81f2d
use EVP_get_digestbyname 2021-07-22 08:17:55 +09:00
Hideki Miyazaki
b4c61b4df9
add EVP_blake2xyyy 2021-07-22 08:17:54 +09:00
Chris Conlon
ffd69f6426
Merge pull request #4141 from kaleb-himes/FIPS_ANDROID_v454 
Changes to support Android app with wolfCrypt module v4.5.4
 2021-07-21 11:23:42 -06:00
Chris Conlon
c544c19013
Merge pull request #4227 from miyazakh/ERR_lib_error_string 
add ERR_lib_error_string compatibility layer API
 2021-07-21 11:19:29 -06:00
JacobBarthelmeh
83c6688bee
Merge pull request #4135 from dgarske/evp_set1_eckey 
Fixes for handling PKCS8 ECC key with EVP PKEY
 2021-07-22 00:17:11 +07:00
Chris Conlon
49a6c19069
Merge pull request #4216 from dgarske/cube_4.8.0 
Improvements to the ST Cube pack configuration template
 2021-07-21 11:16:33 -06:00
David Garske
2177430b8d
Merge pull request #4224 from JacobBarthelmeh/Release 
update docs for 4.8.1
 2021-07-21 09:00:42 -07:00
David Garske
73ad0315ce
Merge pull request #4226 from douzzer/valgrind-fixes-20210720 
fixes for valgrind-detected leaks and undefined data accesses
 2021-07-21 08:43:00 -07:00
David Garske
ede738b6e4
Merge pull request #4223 from SparkiDev/mem_usage_fixes_1 
Memory allocation: fixes from memory usage generation
 2021-07-21 08:20:09 -07:00
Hideki Miyazaki
b76d44dad9
add ERR_lib_error_string 2021-07-21 10:31:00 +09:00
Sean Parkinson
dc19ba2aa7 Memory allocation: fixes from memory usage generation 
1. Configuration: If not fast math then don't set ALT_ECC_SIZE when
configuring.
2. ECC KeyShare: Key share entry's key was allocated with type
DYNAMIC_TYPE_PRIVATE_KEY, free with same type.
3. Ed25519: free the SHA-512 temporary object. WOLFSSL_SMALL_STACK_CACHE
builds have dynamicaly allocated data.
4. RSA: Don't keep allocating a new hash object in RsaMGF1 when compiled
with WOLFSSL_SMALL_STACK_CACHE.
 2021-07-21 09:54:11 +10:00
Daniel Pouzzner
2014d39254 fixes for valgrind-detected leaks and undefined data accesses: wolfSSL_{SHA*,MD5}_Final (OpenSSL compat wrappers): call wc_*Free() on sha state that otherwise leaks when _SMALL_STACK_CACHE; test_wc_curve25519_shared_secret_ex(): properly initialize public_key. 2021-07-20 18:26:05 -05:00
Sean Parkinson
60288a5083
Merge pull request #4222 from TakayukiMatsuo/tk12625 
SSL APIs: Add sanity check to some APIs
 2021-07-21 09:00:03 +10:00
David Garske
f18344c191 Fix logic error for calculation of PKCS header size in wolfSSL_i2d_PUBKEY. 2021-07-20 15:11:32 -07:00
JacobBarthelmeh
aedd2a33db
Merge pull request #4221 from douzzer/sanitizer-fixes-20210719 
misc sanitizer fixes etc
 2021-07-21 00:40:09 +07:00
David Garske
1a7c8ccbd1 Peer review fixes. 2021-07-20 10:02:16 -07:00
David Garske
762b384be2 Fixes for -pedantic errors. 2021-07-20 10:02:16 -07:00
David Garske
be6fd26f54 Fix for backwards compatibility for i2d_PrivateKey. 2021-07-20 10:02:16 -07:00
David Garske
b344246549 Fix the new PKCS8 header check in wc_CreatePKCS8Key to use the right input buffer. 2021-07-20 10:02:16 -07:00
David Garske
b8ed577e9a Peer review fixes and improvements. Resolves issue with public API compatibility. 2021-07-20 10:02:16 -07:00
David Garske
fd52424dd5 Improvements to PKCS8 handling. 
* Fixes for handling PKCS8 in keys with EVP PKEY. Resolves QT test issues. Replacement to PR #3925.
* Improved code handling for PKCS 8 headers. Change PemToDer to not strip the PKCS8 header.
* Add support in the ECC/RSA/DH key import code to support detection / handling of the PKCS8 header.
* Fix for `wc_RsaKeyToDer` to be exposed with `OPENSSL_EXTRA`.
* Adds EVP PKCS8 test case for RSA and ECC.
* Refactor `test_wolfSSL_OPENSSL_hexstr2buf` to resolve g++ compiler warning.
* Added new `WOLFSSL_TRAP_MALLOC_SZ` build option to trap mallocs that are over a specified size.
 2021-07-20 10:02:16 -07:00
David Garske
673becee74
Merge pull request #4210 from JacobBarthelmeh/Testing 
handle edge case of input buffer malloc'd to location immediately aft…
 2021-07-20 09:56:27 -07:00
Jacob Barthelmeh
932abbb6e6 update docs for 4.8.1 2021-07-20 21:20:15 +07:00
JacobBarthelmeh
4cdbe0e23e
Merge pull request #4207 from haydenroche5/sblim-sfcb 
Add support for sblim-sfcb port.
 2021-07-20 20:41:46 +07:00
JacobBarthelmeh
38fd577ded
Merge pull request #4218 from SparkiDev/sp_ecc_add_dbl 
SP: ecc proj add point, dbl point fix
 2021-07-20 18:57:48 +07:00
JacobBarthelmeh
35a0258f47
Merge pull request #4220 from SparkiDev/ecc_neg_string 
ECC: where reading strings, check for neg (invalid)
 2021-07-20 18:56:00 +07:00
TakayukiMatsuo
f630fded44 Add sanity check to some APIs 2021-07-20 13:23:16 +09:00
Daniel Pouzzner
a43cc4ebfa openssl/sha.h: enlarge WOLFSSL_SHA384_CTX.holder to accommodate wc_Sha512.{devId,devCtx}. 2021-07-19 21:41:15 -05:00
Daniel Pouzzner
fe94c36a7b configure.ac: fix wrong constructions in environment setup for ENABLED_REPRODUCIBLE_BUILD. 2021-07-19 18:31:13 -05:00
Hayden Roche
5507a07563 Add support for sblim-sfcb port. 2021-07-19 16:28:44 -07:00
Daniel Pouzzner
f8d1befdff autogen.sh: leave .git/hooks/pre-{commit,push} alone unless they don't exist, to allow for local ecosystem-dependent customizations of the hooks. 2021-07-19 16:31:22 -05:00
Daniel Pouzzner
4df6fb74b0 fix sanitizer-detected uninitialized/null data accesses: wc_SrpComputeKey(), XChaCha20Poly1305_test(). 2021-07-19 16:29:43 -05:00
John Safranek
77c9b36b5a
Merge pull request #4181 from dgarske/sniffer_keycb 
Sniffer fixes and new sniffer key callback support
 2021-07-19 13:26:17 -07:00
JacobBarthelmeh
020e23783b
Merge pull request #4180 from kaleb-himes/DEFAULT_CA_BOOL 
Fix basic constraints extension present and CA Boolean not asserted
 2021-07-19 23:08:27 +07:00
Sean Parkinson
5b621cf039 ECC: where reading strings, check for neg (invalid) 2021-07-19 22:58:07 +10:00
Sean Parkinson
d45e78b715 SP: ecc proj add point, dbl point fix 
Set infinity field of points.
 2021-07-19 12:45:52 +10:00
David Garske
bbe47a81b7
Merge pull request #4183 from douzzer/ED-streaming-verify 
add streaming API to the ED verify routines
 2021-07-18 14:12:42 -07:00
Daniel Pouzzner
186ff2b365 make -DNO_ED25519_KEY_{IMPORT,EXPORT} buildable, and fix api.c and suites.c so that -DNO_ED*_KEY_{IMPORT,EXPORT} pass make check. 2021-07-16 23:07:28 -05:00
Daniel Pouzzner
ac92204c15 make -DNO_ED448_KEY_{IMPORT,EXPORT} buildable 2021-07-16 18:21:30 -05:00
Daniel Pouzzner
785a8f83ed evp.c: fixes in wolfSSL_EVP_CIPHER_CTX_ctrl() from peer review. 2021-07-16 17:52:28 -05:00
David Garske
070ca6c34d Fixes to properly support sniffer with secure renegotiation. 2021-07-16 14:48:22 -07:00
Daniel Pouzzner
c97eff6e61 evp.c: add missing checks and logic in wolfSSL_EVP_CIPHER_CTX_ctrl(), and fix api.c:test_IncCtr() to exercise wolfSSL_EVP_CIPHER_CTX_ctrl() with EVP_CTRL_GCM_IV_GEN using an AES cipher, with thanks to Juliusz. 2021-07-16 15:30:23 -05:00
Daniel Pouzzner
05128968f6 fixes for null pointer accesses detected by clang sanitizer. also, gate SuiteTest() on !NO_WOLFSSL_CIPHER_SUITE_TEST in tests/unit.c, greatly reducing time to completion when not debugging cipher suites. 2021-07-16 13:49:47 -05:00
Daniel Pouzzner
5e8da2348f ED: add --enable-ed25519-stream and --enable-ed448-stream to configure.ac, disabled by default, and add them to --enable-all and --enable-all-crypto lists, along with --enable-aesgcm-stream; report AES-GCM and ED* streaming API options in feature summary rendered at end; 
refactor ED routines to pivot on WOLFSSL_ED*_PERSISTENT_SHA and WOLFSSL_ED*_STREAMING_VERIFY macros, with sha state in the key struct only when WOLFSSL_ED*_PERSISTENT_SHA, otherwise on the stack as before;

add ed*_hash_init() and ed*_hash_free() local helpers;

ED* peer review: fix line lengths, remove superfluous retval checks, tweaks for efficiency, and add ED448_PREHASH_SIZE to ed448.h.
 2021-07-16 13:49:47 -05:00
Daniel Pouzzner
9b43e57ccf ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final(); 
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;

track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;

add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;

add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.

add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;

add macro asserts near top of ed*.h to assure the required hash functions are available;

fix {NO,HAVE}_ED*_{SIGN,VERIFY};

wolfcrypt/test/test.c: add missing key initializations in ed*_test();

wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
 2021-07-16 13:49:47 -05:00
David Garske
fe77e29ba0 Fix for SNI refactor handling of return codes. Fix for possible use of NULL on client array. 2021-07-16 11:23:20 -07:00
kaleb-himes
f408eeb5bb Implement peer review suggestions 2021-07-16 09:57:11 -06:00
JacobBarthelmeh
b9c707511b
Merge pull request #4211 from SparkiDev/ocsp_no_check 
OCSP: improve handling of OCSP no check extension
 2021-07-16 16:06:41 +07:00
Sean Parkinson
f93083be72 OCSP: improve handling of OCSP no check extension 2021-07-16 12:19:39 +10:00
Sean Parkinson
af98e64b88
Merge pull request #4208 from dgarske/leaks 
Fixes for possible leaks with ECCSI and DH test
 2021-07-16 08:59:11 +10:00