mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,676 Commits 5 Branches 162 Tags
Commit Graph

15676 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Pouzzner
bc91187063 tls.c:TLSX_KeyShare_GenDhKey(): fix typo. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
aca43cfe52 linuxkm/Kbuild: include -fno-omit-frame-pointer in HOST_EXTRACFLAGS, in case the target kernel has profiling enabled; remove the "always := $(hostprogs)" rule, as it doesn't work and causes warnings on kernel 5.10. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
8bdae98a93 fips-check.sh: temporarily arrange for "linuxv5" to be an alias of "linuxv5-ready", to arrange for Jenkins testing of wolfcrypt code in the PR in FIPS mode. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
a3435ca062 fips-check.sh: exit (fatal error) if git fails. 2021-10-26 20:24:28 -05:00
John Safranek
f1d43f6891 Add error code for the private key read lockout. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
31f13a7f41 wolfcrypt/test/test.c: when HAVE_FIPS, wrap wc_MakeRsaKey() calls in infinite iteration while ret == PRIME_GEN_E, to inhibit nondeterministic failure mode from FIPS-limited _CheckProbablePrime() iteration. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
490a1238a8 configure.ac: refactor AC_CHECK_FILES brought in by rebase, to fix warning. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
b577984574 rsa.c: fix whitespace. 2021-10-26 20:24:28 -05:00
David Garske
3fcdcbc1f9 Fix for RSA _ifc_pairwise_consistency_test to make the async blocking. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
e61d88657d WOLFSSL_ASYNC_CRYPT: in EccSharedSecret(), don't try to wolfSSL_AsyncInit() if there's no priv_key to supply an asyncDev; in RSA _ifc_pairwise_consistency_test(), disable async to force blocking crypto. 2021-10-26 20:24:28 -05:00
David Garske
303aa312a8 Fix the TLS v1.3 async key share support. Added WOLFSSL_NO_PUBLIC_FFDHE option to test without public FFDHE API's. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
75e4c0869e DH: move declaration of wc_DhPublicKeyDecode() from dh.h to asn.h (it is defined in asn.c). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
10304c9143 linuxkm: portability fix in aes.c for SAVE_VECTOR_REGISTERS() call ("embedding a directive within macro arguments is not portable"). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
c0778e5ad9 gate access to wc_Sha512.devId on !NO_SHA2_CRYPTO_CB. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
5d796ba06c settings.h: add WOLFSSL_MAKE_FIPS_VERSION(), WOLFSSL_FIPS_VERSION_CODE, and FIPS_VERSION_{LT,LE,EQ,GE,GT} macros; define NO_SHA2_CRYPTO_CB macro if HAVE_FIPS && FIPS_VERSION_LT(5,1); refactor other FIPS version dependencies in settings.h to use new macros. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
0f05a71bfb linuxkm: refactor SAVE_VECTOR_REGISTERS() macro to take a fail clause as an argument, to allow the preprocessor to completely eliminate it in non-kernel builds, and for backward compat with WCv5.0-RC8. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
6160da243d linuxkm: use EXPORT_SYMBOL_NS_GPL() for exports. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
c2c2e5b4f5 tests/api.c: post_auth_version_cb(): add missing gating on !NO_ERROR_QUEUE for wolfSSL_ERR_get_error() test. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
e4d075de20 src/internal.c: FreeX509(): remove redundant free of x509->CRLInfo. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
61df408d70 configure.ac: fix handling of ENABLED_FIPS->REPRODUCIBLE_BUILD_DEFAULT=yes; take JNI back out of from enable-all feature set because it adds -DNO_ERROR_QUEUE to flags; fix typo in FIPS test for --with-max-rsa-bits setup. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
32349749a6 internal.c: SendServerKeyExchange(): check retval from wc_DhGetNamedKeyParamSize(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
361559ca30 settings.h: set HAVE_PUBLIC_FFDHE as in configure.ac (FIPS v2 and SELFTEST) if it isn't already set. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
342e319870 dsa.c: fix up comment spelling/typography in wc_MakeDsaKey(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
a5c03f65e3 tests/api.c: fix test_CryptoCb_Func() to not attempt signing op on ephemeral ECC keys. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
1f6eb4648e configure.ac: remove WOLFSSL_VALIDATE_ECC_IMPORT and WOLFSSL_VALIDATE_ECC_KEYGEN from enable-all and enable-all-crypto feature sets. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
7a4ec22953 pkcs7.c: further smallstack refactor of PKCS7_EncodeSigned(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
fb49d814c5 configure.ac and autogen.sh: fix warnings in configure.ac, and enable WARNINGS=all,error in autogen.sh. also, remove --verbose to avoid obscuring warning output. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
f60cb94b82 wolfcrypt/src/include.am and src/include.am: don't disrupt modtimes of fips/async source files if they already exist. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
ab4c96292b autogen.sh: disable WARNINGS=all until autotools config is fixed. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
e894340a64 tls13.c: mac2hash(): accommodate scenario where all hashes are gated out of the build (peer review). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
972c6c032e ssl.c: clean up MD5->SHA refactor of wolfSSL_LH_strhash() (peer review). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
e9332c1ce4 autogen.sh: refactor to not disrupt modtimes of fips/async source files if they already exist. also, assert success on any file ops, and properly export WARNINGS to autoreconf. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
255d2d650f rsa.c: add missing WOLFSSL_ASYNC_CRYPT clauses to _ifc_pairwise_consistency_test(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
87b965c964 include.am: in FIPS clauses, include wolfcrypt/src/aes_gcm_asm.S in src_libwolfssl_la_SOURCES when BUILD_AESNI, regardless of BUILD_INTELASM, as in the corresponding non-FIPS clause. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
0f407b4bfc test.c: fix indirection flubs in _ASYNC_CRYPT parts of ecc_test_sign_vectors(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
f264741aa0 benchmark.c: fix -Wstringop-truncation in _ASYNC_CRYPT bench_stats_add(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
0231446006 configure.ac: don't warn about loading real async files if async.c is present and non-empty. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
3745b1c9db linuxkm: fix clean rules/definitions to not pick up top level Makefile, and to clean up empty object directories. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
8e131620ae .gitignore: add linuxkm/libwolfssl.lds 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
14f39f07a2 fips-check.sh: add linuxv5-ready (--enable-fips=v5-ready). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
f9627e4b14 configure.ac: for --enable-fips, make v5 an alias for v5-RC8 (alias to be updated after newer lab-approved snapshots are tagged), and add v5-ready and a placeholder v5-REL. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
5ef97acbab types.h: add back missing WC_HASH_TYPE_MAX to enum wc_HashType when HAVE_FIPS_VERSION <= 2 (now WC_HASH_TYPE_BLAKE2S, since SHAKE is now excluded from the enum). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
40c32081bb types.h: rename STRINGIFY() macro to WC_STRINGIFY(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
e3989edd39 wolfcrypt/benchmark/benchmark.c: fix typo. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
4a451caf7b src/sniffer.c: fix rebase errors. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
834efe4ff6 fips-check.sh: update to test 140-3 using --enable-fips=v5-RC8 and the WCv5.0-RC8 version tags. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
db26e0a40a Makefile.am: .build_params belongs in DISTCLEANFILES, not CLEANFILES. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
9f36df44a4 wolfssl/wolfcrypt/types.h: define WOLFSSL_NOSHA512_224, WOLFSSL_NOSHA512_256, and WOLFSSL_NO_SHAKE256 in SELFTEST/FIPS<=v2 version of enum wc_HashType definition, to assure synchrony. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
1c27654300 configure.ac and wolfssl/wolfcrypt/types.h: don't change wc_HashType for FIPS <= v2 (reverts commit 56843fbefd as it affected that definition); add -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256 to FIPS v2 and v3. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
aa6ca43e91 api.c: skip test_wolfSSL_EVP_PBE_scrypt() when FIPS 140-3 (test uses impermissibly short HMAC key). 2021-10-26 20:24:27 -05:00