mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,726 Commits 5 Branches 162 Tags
Commit Graph

15726 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
aac1b406df Add support for Nginx 1.21.4 
- Add KEYGEN to Nginx config
- Check for name length in `wolfSSL_X509_get_subject_name`
- Refactor `wolfSSL_CONF_cmd`
- Implement `wolfSSL_CONF_cmd_value_type`
- Don't forecfully overwrite side
- `issuerName` should be `NULL` since the name is empty
 2021-12-01 09:49:52 +01:00
kareem-wolfssl
ae0cefc48d
Merge pull request #4603 from anhu/stop_OPENSSLEXTRA 
Stop needlessly enabling ENABLED_OPENSSLEXTRA when enabling liboqs.
 2021-11-24 13:46:31 -07:00
Anthony Hu
ffe7a84e3d Stop needlessly enabling ENABLED_OPENSSLEXTRA when enabling liboqs. 2021-11-24 14:09:19 -05:00
David Garske
dcc2a2852c
Merge pull request #4590 from JacobBarthelmeh/fuzzing 
sanity check on pem size
 2021-11-22 16:09:13 -08:00
David Garske
f5239cc57e
Merge pull request #4597 from cconlon/removeSwig 
Remove swig wrapper
 2021-11-22 15:31:40 -08:00
David Garske
23e722be27
Merge pull request #4595 from masap/fix-linuxkm 
Fix failure of make distclean when linuxkm is enabled
 2021-11-22 12:01:21 -08:00
Chris Conlon
84be329ffb remove swig wrapper, now that we have dedicated Java and Python wrappers 2021-11-22 11:32:37 -07:00
Masashi Honma
ace5d444a4 Fix failure of make distclean when linuxkm is enabled 
$ make distclean
Making distclean in linuxkm
make[1]: Entering directory '/home/honma/git/wolfssl/linuxkm'
make[1]: *** No rule to make target 'distclean'.  Stop.
make[1]: Leaving directory '/home/honma/git/wolfssl/linuxkm'
make: *** [Makefile:6431: distclean-recursive] Error 1

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-22 05:50:38 +09:00
Masashi Honma
30a01a0758 Fix failure of check at commiting when linuxkm is enabled 
Making check in linuxkm
make[2]: Entering directory '/home/honma/git/wolfssl/linuxkm'
make[2]: warning: -j13 forced in submake: resetting jobserver mode.
make[2]: *** No rule to make target 'check'.  Stop.
make[2]: Leaving directory '/home/honma/git/wolfssl/linuxkm'
make[1]: *** [Makefile:6431: check-recursive] Error 1
make[1]: Leaving directory '/home/honma/git/wolfssl'
make: *** [Makefile:6901: check] Error 2

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-22 05:50:38 +09:00
David Garske
5182e2a8c8
Merge pull request #4580 from kareem-wolfssl/minor_fixes 
Check ssl->arrays in SendClientHello to avoid null dereference.  Allow building with fallthrough defined.
 2021-11-19 16:55:01 -08:00
David Garske
f6c48bf7dc
Merge pull request #4560 from kaleb-himes/OE30-OE31-non-fips-changes 
OE30 and OE31 changes external to FIPS module for NetBSD builds
 2021-11-19 15:49:30 -08:00
David Garske
34346bab4f
Merge pull request #4579 from JacobBarthelmeh/PKCS7 
BER size adjustment with PKCS7
 2021-11-19 14:49:03 -08:00
Kareem
8de281c1d4 Fix minimum clang version for FALL_THROUGH. Not working properly before clang 11. 2021-11-19 15:16:56 -07:00
David Garske
617668b9aa
Merge pull request #4585 from kareem-wolfssl/encryptMacFix 
Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined.
 2021-11-19 13:45:16 -08:00
Kareem
fd6d479888 Rework ssl and ssl->arrays NULL checks, and add to SendTls13ClientHello as well. 2021-11-19 14:19:27 -07:00
Kareem
72d4dcce0f Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace. 2021-11-19 14:13:02 -07:00
Kareem
0772635972 Rework FALL_THROUGH definition to use fallthrough if defined. 2021-11-19 14:06:54 -07:00
Kareem
930e1ac473 Check ssl->arrays in SendClientHello to avoid null dereference. Allow building with fallthrough defined. 2021-11-19 14:06:54 -07:00
Jacob Barthelmeh
5d49847147 sanity check on pem size 2021-11-19 13:55:03 -07:00
Chris Conlon
c3500fa24e
Merge pull request #4581 from miyazakh/max_earlydata 
add get_max_eraly_data
 2021-11-19 09:42:01 -07:00
Sean Parkinson
7e81372131
Merge pull request #4583 from dgarske/zd13242 
Improve `ret` handling in the `ProcessPeerCerts` verify step.
 2021-11-19 10:22:08 +10:00
Kareem
757f3b8105 Fix building Import/ExportOptions with HAVE_ENCRYPT_THEN_MAC undefined. 2021-11-18 16:06:22 -07:00
David Garske
3054f20c6a Improve ret handling in the ProcessPeerCerts verify step. 2021-11-18 14:51:09 -08:00
David Garske
2841b5c93b
Merge pull request #3010 from kaleb-himes/ZD10203 
Consistency in PP checking on use of WOLFSSL_CRYPTO_EX_DATA
 2021-11-18 14:47:25 -08:00
Hideki Miyazaki
9bc159a5ec
addressed review comment 2021-11-19 07:24:46 +09:00
kaleb-himes
4324cf8f0a Correct cast from uint to uchar 2021-11-18 10:18:25 -07:00
David Garske
e33156d0dc
Merge pull request #4578 from kaleb-himes/OE33_NON_FIPS_CHANGES 
OE33: Fix issues found by XCODE and add user_settings.h
 2021-11-18 06:59:43 -08:00
David Garske
d02e819e4c
Merge pull request #4575 from SparkiDev/dh_enc_fix_2 
ASN: DH private key encoding
 2021-11-18 06:57:40 -08:00
Sean Parkinson
618b9619c5
Merge pull request #4571 from anhu/init_sig_algs 
Uninitialized var.
 2021-11-18 22:46:37 +10:00
Sean Parkinson
db3c0f7829
Merge pull request #4574 from masap/fix-asn1-integer-get 
Fix invalid return value of ASN1_INTEGER_get()
 2021-11-18 17:20:15 +10:00
Hideki Miyazaki
483be08b1f
add definition for early_data_status compat 2021-11-18 14:21:47 +09:00
Daniel Pouzzner
6ba00f66cd
Merge pull request #4573 from ejohnstown/fips-check-fix 
Fix FIPS Check Script
 2021-11-17 21:30:45 -06:00
Hideki Miyazaki
7da0d524ff
add get_max_eraly_data 
support set/get_max_eraly_data compatibility layer
 2021-11-18 09:07:32 +09:00
Sean Parkinson
370570d19b ASN: DH private key encoding 
Proper fix for sequence length when small keys.
 2021-11-18 08:28:49 +10:00
Masashi Honma
4800db1f9d Enable max/min int test even when non 64bit platform 
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-18 06:58:21 +09:00
Masashi Honma
cb3fc0c7ce Fix invalid return value of ASN1_INTEGER_get() 
When DIGIT_BIT is less than SIZEOF_LONG * CHAR_BIT, ASN1_INTEGER_get() can
return invalid value. For example, with trailing program, ASN1_INTEGER_get()
unexpectedly returns -268435449 (0xf0000007) on i386.

On the i386 platform (DIGIT_BIT=28), the input value 0x7fffffff is separated
into 0xfffffff and 0x7 and stored in the dp array of mp_int. Previously,
wolfSSL_BN_get_word_1() returned 0xfffffff shifted by 28 bits plus 0x7, so this
patch fixed it to return 0xfffffff plus 0x7 shifted by 28 bits.

int main(void)
{
    ASN1_INTEGER *a;
    long val;
    int ret;

    a = ASN1_INTEGER_new();
    val = 0x7fffffff;
    ret = ASN1_INTEGER_set(a, val);
    if (ret != 1) {
        printf("ret=%d\n", ret);
    }

    if (ASN1_INTEGER_get(a) != val) {
        printf("ASN1_INTEGER_get=%ld\n", ASN1_INTEGER_get(a));
    }

    ASN1_INTEGER_free(a);

    return 0;
}

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
 2021-11-18 06:58:21 +09:00
Anthony Hu
ab0654bb64 remove something that slipped in 2021-11-17 16:38:30 -05:00
Anthony Hu
39edf8d206 pulled up a line. 2021-11-17 16:38:30 -05:00
Anthony Hu
49c7abb875 Changes suggested by SparkiDev. 2021-11-17 16:38:30 -05:00
Anthony Hu
5c48e74c7f 0xFF 2021-11-17 16:38:30 -05:00
Anthony Hu
0ae0b31509 The following config: 
./configure --with-liboqs --enable-all --disable-psk --enable-intelasm --enable-aesni --enable-sp-math-all --enable-sp-asm CFLAGS="-O3"

Yeilds the following erorr:

src/internal.c: In function ‘DoServerKeyExchange’:
src/internal.c:24487:28: error: ‘sigAlgo’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
24487 |                         if (sigAlgo == ed448_sa_algo &&
      |                            ^

This fixes it.
 2021-11-17 16:38:30 -05:00
kaleb-himes
38ec0bb31f Merge branch 'master' of github.com:wolfssl/wolfssl into OE33_NON_FIPS_CHANGES 2021-11-17 14:02:56 -07:00
David Garske
995ef60ff1
Merge pull request #4577 from kaleb-himes/WINDOWS_AES_OFB_ON 
Turn on AES-OFB mode in windows for FIPS=v5
 2021-11-17 12:20:19 -08:00
kaleb-himes
37db5a9ab3 Add include.am(s) for new file(s) 2021-11-17 12:05:05 -07:00
Jacob Barthelmeh
ddf06b8161 BER size adjustment with PKCS7 2021-11-17 12:03:32 -07:00
kaleb-himes
f638df3575 Fix issues found by XCODE and add user_settings.h 
Disable internal test settings by default
 2021-11-17 11:00:56 -07:00
John Safranek
ef62fab4ea
Update 
1. WIN10 FIPS build should use version 5,2 now.
2. Update the v5-ready build ot use version 5,2.
3. Remove eol-whitespace from the benchmark source.
 2021-11-17 09:19:34 -08:00
Kaleb Himes
c7c682ba2a
Move up to avoid breaking the patch applied for windows 2021-11-17 09:37:26 -07:00
kaleb-himes
dc6ec2b849 Turn on AES-OFB mode in windows for FIPS=v5 2021-11-17 09:22:58 -07:00
John Safranek
158ebcaa0a
Add v5-RC10 to the list of allowed versions 2021-11-16 16:36:38 -08:00