mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,643 Commits 5 Branches 162 Tags
Commit Graph

14643 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
73ad0315ce
Merge pull request #4226 from douzzer/valgrind-fixes-20210720 
fixes for valgrind-detected leaks and undefined data accesses
 2021-07-21 08:43:00 -07:00
David Garske
ede738b6e4
Merge pull request #4223 from SparkiDev/mem_usage_fixes_1 
Memory allocation: fixes from memory usage generation
 2021-07-21 08:20:09 -07:00
Sean Parkinson
dc19ba2aa7 Memory allocation: fixes from memory usage generation 
1. Configuration: If not fast math then don't set ALT_ECC_SIZE when
configuring.
2. ECC KeyShare: Key share entry's key was allocated with type
DYNAMIC_TYPE_PRIVATE_KEY, free with same type.
3. Ed25519: free the SHA-512 temporary object. WOLFSSL_SMALL_STACK_CACHE
builds have dynamicaly allocated data.
4. RSA: Don't keep allocating a new hash object in RsaMGF1 when compiled
with WOLFSSL_SMALL_STACK_CACHE.
 2021-07-21 09:54:11 +10:00
Daniel Pouzzner
2014d39254 fixes for valgrind-detected leaks and undefined data accesses: wolfSSL_{SHA*,MD5}_Final (OpenSSL compat wrappers): call wc_*Free() on sha state that otherwise leaks when _SMALL_STACK_CACHE; test_wc_curve25519_shared_secret_ex(): properly initialize public_key. 2021-07-20 18:26:05 -05:00
Sean Parkinson
60288a5083
Merge pull request #4222 from TakayukiMatsuo/tk12625 
SSL APIs: Add sanity check to some APIs
 2021-07-21 09:00:03 +10:00
JacobBarthelmeh
aedd2a33db
Merge pull request #4221 from douzzer/sanitizer-fixes-20210719 
misc sanitizer fixes etc
 2021-07-21 00:40:09 +07:00
David Garske
673becee74
Merge pull request #4210 from JacobBarthelmeh/Testing 
handle edge case of input buffer malloc'd to location immediately aft…
 2021-07-20 09:56:27 -07:00
JacobBarthelmeh
4cdbe0e23e
Merge pull request #4207 from haydenroche5/sblim-sfcb 
Add support for sblim-sfcb port.
 2021-07-20 20:41:46 +07:00
JacobBarthelmeh
38fd577ded
Merge pull request #4218 from SparkiDev/sp_ecc_add_dbl 
SP: ecc proj add point, dbl point fix
 2021-07-20 18:57:48 +07:00
JacobBarthelmeh
35a0258f47
Merge pull request #4220 from SparkiDev/ecc_neg_string 
ECC: where reading strings, check for neg (invalid)
 2021-07-20 18:56:00 +07:00
TakayukiMatsuo
f630fded44 Add sanity check to some APIs 2021-07-20 13:23:16 +09:00
Daniel Pouzzner
a43cc4ebfa openssl/sha.h: enlarge WOLFSSL_SHA384_CTX.holder to accommodate wc_Sha512.{devId,devCtx}. 2021-07-19 21:41:15 -05:00
Daniel Pouzzner
fe94c36a7b configure.ac: fix wrong constructions in environment setup for ENABLED_REPRODUCIBLE_BUILD. 2021-07-19 18:31:13 -05:00
Hayden Roche
5507a07563 Add support for sblim-sfcb port. 2021-07-19 16:28:44 -07:00
Daniel Pouzzner
f8d1befdff autogen.sh: leave .git/hooks/pre-{commit,push} alone unless they don't exist, to allow for local ecosystem-dependent customizations of the hooks. 2021-07-19 16:31:22 -05:00
Daniel Pouzzner
4df6fb74b0 fix sanitizer-detected uninitialized/null data accesses: wc_SrpComputeKey(), XChaCha20Poly1305_test(). 2021-07-19 16:29:43 -05:00
John Safranek
77c9b36b5a
Merge pull request #4181 from dgarske/sniffer_keycb 
Sniffer fixes and new sniffer key callback support
 2021-07-19 13:26:17 -07:00
JacobBarthelmeh
020e23783b
Merge pull request #4180 from kaleb-himes/DEFAULT_CA_BOOL 
Fix basic constraints extension present and CA Boolean not asserted
 2021-07-19 23:08:27 +07:00
Sean Parkinson
5b621cf039 ECC: where reading strings, check for neg (invalid) 2021-07-19 22:58:07 +10:00
Sean Parkinson
d45e78b715 SP: ecc proj add point, dbl point fix 
Set infinity field of points.
 2021-07-19 12:45:52 +10:00
David Garske
bbe47a81b7
Merge pull request #4183 from douzzer/ED-streaming-verify 
add streaming API to the ED verify routines
 2021-07-18 14:12:42 -07:00
Daniel Pouzzner
186ff2b365 make -DNO_ED25519_KEY_{IMPORT,EXPORT} buildable, and fix api.c and suites.c so that -DNO_ED*_KEY_{IMPORT,EXPORT} pass make check. 2021-07-16 23:07:28 -05:00
Daniel Pouzzner
ac92204c15 make -DNO_ED448_KEY_{IMPORT,EXPORT} buildable 2021-07-16 18:21:30 -05:00
Daniel Pouzzner
785a8f83ed evp.c: fixes in wolfSSL_EVP_CIPHER_CTX_ctrl() from peer review. 2021-07-16 17:52:28 -05:00
David Garske
070ca6c34d Fixes to properly support sniffer with secure renegotiation. 2021-07-16 14:48:22 -07:00
Daniel Pouzzner
c97eff6e61 evp.c: add missing checks and logic in wolfSSL_EVP_CIPHER_CTX_ctrl(), and fix api.c:test_IncCtr() to exercise wolfSSL_EVP_CIPHER_CTX_ctrl() with EVP_CTRL_GCM_IV_GEN using an AES cipher, with thanks to Juliusz. 2021-07-16 15:30:23 -05:00
Daniel Pouzzner
05128968f6 fixes for null pointer accesses detected by clang sanitizer. also, gate SuiteTest() on !NO_WOLFSSL_CIPHER_SUITE_TEST in tests/unit.c, greatly reducing time to completion when not debugging cipher suites. 2021-07-16 13:49:47 -05:00
Daniel Pouzzner
5e8da2348f ED: add --enable-ed25519-stream and --enable-ed448-stream to configure.ac, disabled by default, and add them to --enable-all and --enable-all-crypto lists, along with --enable-aesgcm-stream; report AES-GCM and ED* streaming API options in feature summary rendered at end; 
refactor ED routines to pivot on WOLFSSL_ED*_PERSISTENT_SHA and WOLFSSL_ED*_STREAMING_VERIFY macros, with sha state in the key struct only when WOLFSSL_ED*_PERSISTENT_SHA, otherwise on the stack as before;

add ed*_hash_init() and ed*_hash_free() local helpers;

ED* peer review: fix line lengths, remove superfluous retval checks, tweaks for efficiency, and add ED448_PREHASH_SIZE to ed448.h.
 2021-07-16 13:49:47 -05:00
Daniel Pouzzner
9b43e57ccf ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final(); 
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;

track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;

add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;

add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.

add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;

add macro asserts near top of ed*.h to assure the required hash functions are available;

fix {NO,HAVE}_ED*_{SIGN,VERIFY};

wolfcrypt/test/test.c: add missing key initializations in ed*_test();

wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
 2021-07-16 13:49:47 -05:00
David Garske
fe77e29ba0 Fix for SNI refactor handling of return codes. Fix for possible use of NULL on client array. 2021-07-16 11:23:20 -07:00
JacobBarthelmeh
b9c707511b
Merge pull request #4211 from SparkiDev/ocsp_no_check 
OCSP: improve handling of OCSP no check extension
 2021-07-16 16:06:41 +07:00
Sean Parkinson
f93083be72 OCSP: improve handling of OCSP no check extension 2021-07-16 12:19:39 +10:00
Sean Parkinson
af98e64b88
Merge pull request #4208 from dgarske/leaks 
Fixes for possible leaks with ECCSI and DH test
 2021-07-16 08:59:11 +10:00
Jacob Barthelmeh
12a4517d6b handle edge case of input buffer malloc'd to location immediately after output buffer 2021-07-15 22:38:48 +07:00
David Garske
6c3c635be7
Merge pull request #4206 from julek-wolfssl/remove-api 2021-07-15 06:41:00 -07:00
JacobBarthelmeh
6a0809b53b
Merge pull request #4185 from guidovranken/fix-gh-issue-4184 
Fix compilation failure with WOLFSSL_PUBLIC_ECC_ADD_DBL
 2021-07-15 16:19:30 +07:00
JacobBarthelmeh
fc6aa19eb8
Merge pull request #4200 from haydenroche5/tcpdump 
Add support for tcpdump with wolfSSL.
 2021-07-15 14:57:47 +07:00
JacobBarthelmeh
6458a8cedd
Merge pull request #4187 from SparkiDev/sp_math_mod_red_fix 
SP math: montgomery reduction edge case
 2021-07-15 14:33:26 +07:00
David Garske
fbbb290d9e Fixes for possible leaks with HAVE_WOLF_BIGINT used by async in ECCSI and DH test. Fixes for GCC -fsanitize=address with --enable-all. 2021-07-14 14:57:32 -07:00
David Garske
3ff21171cb Fix for secure renegotiation, which was not keeping handshake resources. Added NULL checks for case where handshake resources might be free'd to prevent possible use of NULL. Refactor the SNI client hello processing to not assume TLS header is in prior buffer (not there for decrypted handshake packets). 2021-07-14 10:44:33 -07:00
John Safranek
f82fd01283
Merge pull request #4202 from JacobBarthelmeh/BuildOptions 
fix for build with wpas and disable tls13
 2021-07-14 09:07:08 -07:00
JacobBarthelmeh
b5eef78cdb
Merge pull request #4176 from SparkiDev/sp_math_read_bin_max 
SP math all: allow reading of bin up to max digit size
 2021-07-14 16:03:32 +07:00
JacobBarthelmeh
18399091ce
Merge pull request #4012 from julek-wolfssl/haproxy 
HaProxy 2.4-dev18 support
 2021-07-14 15:46:04 +07:00
Daniel Pouzzner
81f3f417e8
Merge pull request #4190 from SparkiDev/bench_sakke_ecdsa 
ECC bench: can't use SAKKE curve with ECDH/ECDSA
 2021-07-13 15:39:25 -05:00
David Garske
10987a69d7
Merge pull request #4201 from JacobBarthelmeh/Release 
bump version for dev
 2021-07-13 11:41:51 -07:00
JacobBarthelmeh
0d55dcaaa0
Merge pull request #4188 from guidovranken/mp_invmod_slow-check 
Add missing return value check in mp_invmod_slow
 2021-07-14 01:27:10 +07:00
Jacob Barthelmeh
3f22721a86 use version from wolfssl/version.h with driver 2021-07-13 22:39:39 +07:00
Jacob Barthelmeh
2592a04d8a fix for build with wpas and disable tls13 2021-07-13 15:49:40 +07:00
Jacob Barthelmeh
3bebcaaf54 bump version for dev 2021-07-13 04:18:52 +07:00
John Safranek
52b8c7b1fa
Merge pull request #4192 from haydenroche5/ocsp_http_header 
Improve wolfIO_HttpProcessResponse HTTP header checking logic.
 2021-07-12 14:13:07 -07:00