mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
19,624 Commits 5 Branches 162 Tags
Commit Graph

19624 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JacobBarthelmeh
7e8d027a17
Merge pull request #6217 from douzzer/20230321-fixes 
20230321-fixes
 2023-03-22 10:23:07 -06:00
Radim Smat
e618bb9686 Do not ForceZero the part of the buffer that has not been used. 2023-03-22 14:48:18 +01:00
Daniel Pouzzner
49cd3ff872 wolfssl/internal.h: fixes for -Wpedantic "redefinition of typedef" around typedef ... TLSX and Options; 
src/internal.c: fix for -Wdeclaration-after-statement and clang-diagnostic-unreachable-code-break;

tests/api.c: fix for -Wunused-variable and clang-analyzer-deadcode.DeadStores;

olfcrypt/src/pkcs12.c: fixes for cppcheck uselessAssignmentPtrArg and arrayIndexThenCheck, and clang-tidy clang-analyzer-deadcode.DeadStores and clang-analyzer-core.NonNullParamChecker;

wolfssl/src/tls.c: fix for clang-analyzer-deadcode.DeadStores;

wolfcrypt/src/tfm.c: fix for clang-diagnostic-newline-eof;

src/tls13.c: fix for clang-analyzer-core.NonNullParamChecker.
 2023-03-21 22:52:56 -05:00
JacobBarthelmeh
180a20d535 adjust sanity check for index into URI 2023-03-21 20:19:08 -07:00
JacobBarthelmeh
147395476f
Merge pull request #6213 from SparkiDev/regression_fixes_6 
Regression testing fixes
 2023-03-21 20:17:30 -06:00
Hideki Miyazaki
51040b1f07
reset alt name list to head 2023-03-22 10:31:58 +09:00
Sean Parkinson
9ec742b11f Regression testing fixes 
HAVE_ECH only used by TLS 1.3 add protection around all code.
ssl->options.onlyPskDheKe only available when HAVE_SUPPORTED_CURVES.
CleanupClientTickets() defined when HAVE_SUPPORTED_CURVES.
TLSX_KeyShare_DeriveSecret only defined when HAVE_SUPPORTED_CURVES.
DecodeResponseData - initialize variable single.
New OpenSSL compatibility BN code requires mp_read_radix - turn on in
integer.c, sp_int.c when OPENSSL_EXTRA defined.
rsa.c:_CheckProbablePrime - make sure tmp1 and tmp2 are initialized
before error handling jumps to freeing them.

test_remove_hs_message uses 1024-bit DH key which is not supported when
using SP math with SP.
 2023-03-22 08:57:20 +10:00
Sean Parkinson
1eeb54e981
Merge pull request #6208 from JacobBarthelmeh/fuzzing 
handle failing RNG init when creating PKEY
 2023-03-22 08:55:38 +10:00
JacobBarthelmeh
2af55903c5
Merge pull request #6187 from SparkiDev/tls13_server_id 
Server ID - long id, TLS 1.3 - cache client session for tickets
 2023-03-21 16:48:05 -06:00
JacobBarthelmeh
265a6c824f
Merge pull request #6164 from wolfSSL/gojimmypi-patch-zephyr-link 
Update README link
 2023-03-21 09:10:52 -06:00
Sean Parkinson
17e20b8c36 Server ID - long id, TLS 1.3 - cache client session for tickets 
Long server IDs were being truncated. Hash long IDs instead.
TLS 1.3 session ticket on client side no longer added session to client
cache. Explicit call added.
 2023-03-21 15:29:07 +10:00
John Safranek
74f549a0b4
Merge pull request #6206 from SparkiDev/aesgcm_armv6_asm 
AES ARMASM <ARMV7: fix load order
 2023-03-20 21:21:01 -07:00
TakayukiMatsuo
7d2a9136b6 Add support for TSIP v1.17 2023-03-21 11:28:07 +09:00
Sean Parkinson
4eeb792a05 AES ARMASM <ARMV7: fix load order 
Loading from memory based on register that is overwritten in ldrd.
When ldrd split out for older processors, register overwritten before
second load.
Switch order of loads in this case.
 2023-03-21 10:53:47 +10:00
Sean Parkinson
09dd9a0ca3
Merge pull request #6207 from rizlik/move_alerts_from_get_record_header 
Move alerts from get record header
 2023-03-21 08:20:22 +10:00
Eric Blankenhorn
cc4f6221e1 RIOT-OS does support writev 2023-03-20 16:07:29 -05:00
JacobBarthelmeh
5c7be2fa98
Merge pull request #6202 from philljj/zd15807 
Fix out-of-bounds read in CRL parsing
 2023-03-20 14:19:01 -06:00
Marco Oliverio
e281ef9ea9 wolfcrypt/settings.h: use default realloc on EspressIf 2023-03-20 17:26:46 +00:00
JacobBarthelmeh
72e53ca1a4 handle failing RNG init when creating PKEY 2023-03-20 07:17:25 -07:00
Marco Oliverio
84d8245e58 internal: move SendAlerts outside of GetRecordHeader 
This will give a chance to DTLS logic to ignore an error.
 2023-03-20 10:50:00 +00:00
Marco Oliverio
aabd665e73 SendAlert: propagate return error in non-fatal SendAlert 2023-03-20 10:50:00 +00:00
Sean Parkinson
c3b51af6cd
Merge pull request #6204 from JacobBarthelmeh/name 
Fix for value of givenName and name
 2023-03-20 10:59:47 +10:00
jordan
2fe473cf9f Fix out-of-bounds read in CRL parsing 2023-03-17 22:33:35 -05:00
JacobBarthelmeh
327692b09f
Merge pull request #6200 from kareem-wolfssl/zd15324_2 
Fix IAR warnings.
 2023-03-17 15:04:35 -06:00
JacobBarthelmeh
9e331aa6d5
Merge pull request #6195 from embhorn/zd15836 
Fix type conv error in logging
 2023-03-17 14:46:54 -06:00
JacobBarthelmeh
9c3cfab328
Merge pull request #6196 from bandi13/zd15783 
OCSP_CERT_UNKNOWN
 2023-03-17 14:33:57 -06:00
JacobBarthelmeh
0e431c3eaa add given name test case 2023-03-17 13:07:15 -07:00
JacobBarthelmeh
a917f380bb fix values for givenName and name 2023-03-17 12:56:27 -07:00
Kareem
011385d4d4 Revert logging return code fixes, already fixed in another PR. 2023-03-17 12:39:04 -07:00
JacobBarthelmeh
06d970c999
Merge pull request #6181 from kareem-wolfssl/zd15767 
Fix not ignoring date errors when VERIFY_SKIP_DATE is set
 2023-03-17 10:53:41 -06:00
JacobBarthelmeh
042ceff08e
Merge pull request #6160 from lealem47/indefPKCS12 
Adding support for indefinite length PKCS12
 2023-03-17 10:45:46 -06:00
Kareem
5b08b016af Add client-absolute-urn.pem to renewcerts.sh 2023-03-16 16:14:08 -07:00
Kareem
5126dc87e6 Fix IAR warnings. 2023-03-16 15:46:41 -07:00
Sean Parkinson
459058a645
Merge pull request #6194 from JacobBarthelmeh/string 
cast on input of XISALNUM
 2023-03-17 08:39:21 +10:00
Sean Parkinson
21c5ecc371
Merge pull request #6179 from tim-weller-wolfssl/zd14527-pemtoder-return-size 
zd14527 - Update `PubKey` and `Key` PEM-to-DER APIs to support return of needed DER size
 2023-03-17 08:37:51 +10:00
John Safranek
db166e5e5a
Merge pull request #6198 from kaleb-himes/140-3-iOS-early-stage 
Add a base-line user_settings.h for use with FIPS 140-3 in xCode example app
 2023-03-16 15:20:15 -07:00
Kareem
cc51b2d52e Add additional fix for absolute URN issue from PR #5964 and add test. 2023-03-16 14:56:44 -07:00
Kareem
4c12c334cf Allow alternative absolute URI syntax in certificate general name. 2023-03-16 14:25:42 -07:00
Kareem
28f39f6b3d Fix unit test failure when building OPENSSL_EXTRA without HAVE_EXT_CACHE. 2023-03-16 14:25:42 -07:00
Kareem
2bb8eeae85 Fix not ignoring date errors when VERIFY_SKIP_DATE is set 2023-03-16 14:25:41 -07:00
kaleb-himes
e1d1f0790e Fixup uninitialized warnings detected by xCode 2023-03-16 15:18:00 -06:00
Kaleb Himes
75149f71d2
Implement peer suggestions 2023-03-16 12:59:49 -06:00
JacobBarthelmeh
8ec339d11c
Merge pull request #6175 from tim-weller-wolfssl/zd15722-mem-leak 
zd15722 - Prevent out-of-bound read in ASN parsing logic by erroring out.
 2023-03-16 07:29:26 -06:00
tim-weller-wolfssl
5659bd6036 Prevent out-of-bound read in ASN parsing logic by erroring out. 2023-03-16 06:11:34 -05:00
JacobBarthelmeh
7f6811a731
Merge pull request #6146 from kareem-wolfssl/zd15324 
Fixes various warnings
 2023-03-15 16:59:00 -06:00
JacobBarthelmeh
fb6f2d1790 cast on input of XISALNUM 2023-03-15 15:43:28 -07:00
Kareem
aaad3980a0 Various warning fixes. ESP32S3 include and build fixes. Added optional slot support for STSAFE shared secret using WOLFSSL_STSAFE_TAKES_SLOT. 2023-03-15 13:34:02 -07:00
kaleb-himes
ea06d064b0 Add a base-line user_settings.h for use with FIPS 140-3 in xCode example app 2023-03-15 14:08:32 -06:00
JacobBarthelmeh
0486db8a2e
Merge pull request #6188 from SparkiDev/aes_gcm_streaming_long_nonce 
AES-GCM streaming: fix IV caching
 2023-03-15 11:39:37 -06:00
JacobBarthelmeh
8ba35a5f16
Merge pull request #6180 from julek-wolfssl/openvpn-test 
Add libnl-genl-3-200 as dependency to openvpn test
 2023-03-15 10:11:20 -06:00