mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,879 Commits 5 Branches 162 Tags
Commit Graph

18879 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
52c6710783 Fix test_wc_ecc_import_raw to handle ECC_INF_E or MP_VAL on point failures. SP math returns MP_VAL in sp_256_ecc_is_point_4. 2022-12-09 10:32:46 -08:00
gojimmypi
9d98cd6e50 Merge branch 'BenchmarkEnhancements' of https://github.com/gojimmypi/wolfssl into BenchmarkEnhancements 2022-12-09 10:10:04 -08:00
gojimmypi
6c3e301006 Benchmark Consolidated Enhancements and Code Cleanup 2022-12-09 10:09:56 -08:00
Tesfa Mael
85dc7a61c5 Detect SIZEOF_LONG in armclang and diab 2022-12-09 09:29:25 +01:00
Sean Parkinson
c959d22b98
Merge pull request #5868 from dgarske/ecc_pub_math 
Expose more ECC math functions and improve async shared secret
 2022-12-09 08:37:26 +10:00
David Garske
f8484fb5f3
Merge pull request #5869 from anhu/NO_SERVER_fix 
Add proper gating on !NO_WOLFSSL_SERVER
 2022-12-08 14:30:23 -08:00
Sean Parkinson
5d9532b0ee
Merge pull request #5865 from dgarske/fix_-5864 
Fix for implicit conversion with 32-bit in SP math
 2022-12-09 08:24:04 +10:00
JacobBarthelmeh
ab6233a01b
Merge pull request #5870 from anhu/fix_sgx_stdout 
stdout is undeclared
 2022-12-08 15:22:30 -07:00
gojimmypi
374d6d368e Benchmark Consolidated Enhancements and Code Cleanup 2022-12-08 13:38:06 -08:00
Anthony Hu
3aa74e3c8c stdout is undeclared 2022-12-08 15:29:48 -05:00
Anthony Hu
cdaa4d8aa0 Add proper gating on !NO_WOLFSSL_SERVER 
Found with the following configuration:

--enable-dtls --enable-dtls13 --enable-dtls-mtu CFLAGS="-DNO_WOLFSSL_SERVER"
 2022-12-08 14:20:17 -05:00
David Garske
9cb19e36fe
Merge pull request #5867 from anhu/dont_make_broken_key 
For compatibility `EC_KEY_new_by_curve_name` check that we found curve
 2022-12-08 11:09:56 -08:00
David Garske
9ad4e3f9ba Expose the safe version of point double/add and mulmod_ex with WOLFSSL_PUBLIC_ECC_ADD_DBL. Eliminate int wc_ecc_shared_secret_gen used by async/nb and improve async use of curve spec allocations. 2022-12-08 10:43:03 -08:00
Anthony Hu
937d247c7d Don't create a key if we don't support the curve. 
Found with the following configuration:

./configure --enable-tls13 --disable-oldtls --enable-static --enable-singlethreaded --enable-dtls --enable-dtls13 --enable-dtls-mtu --enable-sp=yes,4096 --disable-shared --disable-sha3 --disable-dh --enable-curve25519 --enable-secure-renegotiation --enable-debug --enable-opensslextra 'CFLAGS=-DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -DFP_MAX_BITS=8192 -fomit-frame-pointer'
 2022-12-08 12:13:12 -05:00
David Garske
d264cbc899 Fix for implicit conversion with 32-bit in SP math. 
Fixes `error: implicit conversion loses integer precision: sp_int64' (aka long long) to sp_digit (aka int)` building with `./configure CC="clang -m32" --enable-sp && make`
 2022-12-08 08:31:02 -08:00
JacobBarthelmeh
eb69ccb22c
Merge pull request #5856 from icing/errq-improvements 
Improvements in OpenSSL Compat ERR Queue handling.
 2022-12-08 09:28:05 -07:00
Stefan Eissing
02094ebb2e Updates after review by JacobBarthelmeh. 
- fix err/ret rename leftover for python builds
- add documenetation to thread-local functions
- move generic queue functions up
 2022-12-08 09:53:05 +01:00
David Garske
bdadbefb4c
Merge pull request #5862 from JacobBarthelmeh/Compatibility-Layer 
map SSL_CTX_get_session_cache_mode compat API
 2022-12-07 14:50:31 -08:00
Sean Parkinson
1f607ee560
Merge pull request #5860 from tmael/entropy_memuse 
Increase RNG_SECURITY_STRENGTH for FIPS
 2022-12-08 08:26:07 +10:00
David Garske
099135b2f9
Merge pull request #5861 from kosmas-valianos/FixTypo 
Fix wrong function name in wolfSSL_X509_get_name_oneline()
 2022-12-07 13:03:54 -08:00
Jacob Barthelmeh
94212e68e5 map SSL_CTX_get_session_cache_mode compat API 2022-12-07 11:35:48 -07:00
Stefan Eissing
45f9ef5dd9 Improvements in OpenSSL Compat ERR Queue handling. 
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
  be used as before to explicitly en-/disable the feature.

Implementation:
- with thread-local-storage, error queue is realized in one struct without
  allocations. Queue size is restricted to 16 entries (per thread), which
  is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
  functions to allow locked queue iterations/manipulations.
 2022-12-07 18:14:45 +01:00
Kosmas Valianos
11f9bd85ee
Fix wrong function name in wolfSSL_X509_get_name_oneline() 2022-12-07 16:00:05 +01:00
Tesfa Mael
1e0886180b Adjust ENTROPY_SCALE_FACTOR for FIPS 2022-12-06 23:01:13 -08:00
David Garske
f6cb13b11b
Merge pull request #5851 from SparkiDev/sp_enable_asm_fix 
SP: --enable-sp-asm now enables SP if not set
 2022-12-06 17:37:15 -08:00
Sean Parkinson
1de30c6b67 SP: --enable-sp-asm now enables SP if not set 
Enabling SP with ASM didn't enable SP or error out when SP wasn't
configured. Now enables SP when '' and errors when 'no'.

SAKKE modinv used large amounts of stack. Change to have more temporary
memory allocated increased to cover the usage.
ECC, SAKKE: sp_<bits>_ecc_mulmod_<cpu><words>() used large amounts of
stack. Allocate when WOLFSSL_SMALL_STACK.

wc_DhCheckKeyPair() not available when HAVE_SELFTEST.
Wasn't compiled in before as WOLFSSL_HAVE_SP_DH wasn't defined.
 2022-12-07 09:01:53 +10:00
Sean Parkinson
e5d03cf5ad
Merge pull request #5848 from philljj/fix_mingw64_build 
Fix mingw-w64 build issues on windows.
 2022-12-07 08:57:07 +10:00
Tesfa Mael
5c020c6ad4 Increase RNG_SECURITY_STRENGTH for FIPS 2022-12-06 14:16:29 -08:00
David Garske
ec11c22fb7
Merge pull request #5859 from anhu/ws 
whitespace
 2022-12-06 14:08:10 -08:00
jordan
246ce8dbe1 Cleanup spaces. 2022-12-06 15:24:34 -06:00
Anthony Hu
754440e0f2 whitespace 2022-12-06 15:12:44 -05:00
David Garske
6bde6af973
Merge pull request #5858 from anhu/dtls13_fixups 
Fixups for problems discovered while testing for DTLS 1.3
 2022-12-06 10:44:26 -08:00
David Garske
9e181e8ecb
Merge pull request #5857 from gojimmypi/GitIgnore 
gitignore old cmake, VisualGDB working & Espressif sdkconfig files
 2022-12-06 10:44:05 -08:00
David Garske
824c280d12
Merge pull request #5807 from lealem47/sniffer_error 
Improvement for sniffer error messages
 2022-12-06 09:40:07 -08:00
David Garske
44a1ffa56e
Merge pull request #5855 from ejohnstown/rdrand-ok 
DRBG OK
 2022-12-06 08:53:07 -08:00
David Garske
a5f9e5c3c8
Merge pull request #5820 from SparkiDev/entropy_memuse 
MemUse Entropy: enabled with HAVE_ENTROPY_MEMUSE
 2022-12-06 08:52:45 -08:00
Anthony Hu
7935a11b3e Fixups for problems discovered while testing for DTLS 1.3 2022-12-06 11:30:23 -05:00
gojimmypi
ef63a5287a Ignore old cmake, VisualGDB working & Espressif sdkconfig files 2022-12-06 08:10:14 -08:00
David Garske
a6c98a11d9
Merge pull request #5845 from anhu/re-sign 
Don't regenerate in wolfSSL_PEM_write_bio_X509().
 2022-12-06 06:35:13 -08:00
Sean Parkinson
1f6a9d442b MemUse Entropy: enabled with HAVE_ENTROPY_MEMUSE 
--enable-entropy-memuse enables the software base entropy gatherer.

The entropy source uses difference in timing to read/write cache lines.
Random indeces into a buffer are updated with the high resolution timer
value which is fed into a hash to produce further random indeces.

The current time is added to the entropy samples at time of
conditioning.
 2022-12-06 14:01:16 +10:00
David Garske
47b8caa0b7
Merge pull request #5849 from SparkiDev/sp_int_sp_ecc_fix 
SP int: fix when ECC specific size code included
 2022-12-05 17:15:04 -08:00
John Safranek
3891cd65d8
DRBG OK 
When initializing the RNG and are using RDRAND, or one of the other
replacement random number generators that could fall back to the
Hash_DRBG if unavailable, set the status to DRBG_OK. This would fix a
problem if someone assumes the DRBG status is meaningful.
 2022-12-05 16:09:45 -08:00
JacobBarthelmeh
f1daa2d356 fix other name san parsing and add RID cert to test parsing 2022-12-05 15:51:33 -08:00
Sean Parkinson
6db2ea0672 SP int: fix when ECC specific size code included 
Was enabled when !SP and HAVE_ECC
Now enabled when !WOLFSSL_SP_MATH and HAVE_ECC
 2022-12-06 09:44:05 +10:00
Sean Parkinson
f38c7303eb
Merge pull request #5853 from douzzer/20221205-sp-int-bugprone-macro-parentheses 
20221205-sp-int-bugprone-macro-parentheses
 2022-12-06 09:18:40 +10:00
Daniel Pouzzner
595f8a30d6 wolfcrypt/src/sp_int.c: fix bugprone-macro-parentheses in ALLOC_SP_INT() and ALLOC_SP_INT_ARRAY() introduced in aeca8cb17a. 2022-12-05 15:21:17 -06:00
David Garske
9d9549fbd3
Merge pull request #5836 from anhu/kyber_cleanup 
Remove kyber-90s and route all kyber through wolfcrypt.
 2022-12-05 13:18:44 -08:00
Anthony Hu
312b488582 Remove double free 2022-12-05 15:39:14 -05:00
David Garske
d3441545ef
Merge pull request #5852 from SparkiDev/sp_c_perf_2 
SP C, SP int: improve performance
 2022-12-05 11:51:28 -08:00
David Garske
5dee15d074
Merge pull request #5850 from SparkiDev/sp_exptmod_nct_err_fix 
SP int: fix check of err in _sp_exptmod_nct
 2022-12-05 11:24:12 -08:00