mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,370 Commits 5 Branches 162 Tags 807 MiB
cafcaa4181
Commit Graph

11370 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toddouska
5e45767cc3
Merge pull request #2943 from JacobBarthelmeh/Testing 
check on length of unwrap before memmove
 2020-05-05 11:09:06 -07:00
Jacob Barthelmeh
0f6fef8384 update armv8 aes gcm sanity checks 2020-05-05 09:47:05 -06:00
Sean Parkinson
74040c62af
Merge pull request #2944 from dgarske/sp_cacheres 
Fixes for C32/C64 SP math with `WOLFSSL_SP_CACHE_RESISTANT`
 2020-05-05 10:43:00 +10:00
Sean Parkinson
09bc460c2e
Merge pull request #2946 from dgarske/gcc9 
Fix for GCC9 warning
 2020-05-05 10:29:56 +10:00
David Garske
8161dfe3aa Fix for GCC9 warning. 
```
src/tls.c:201:13: note: in expansion of macro 'XSTRNCMP'
  201 |         if (XSTRNCMP((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0)
      |             ^~~~~~~~
In file included from src/tls.c:33:
./wolfssl/internal.h:4312:19: note: referenced argument declared here
 4312 | static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
      |                   ^~~~~~
```
 2020-05-04 15:07:28 -07:00
David Garske
174b4d5159 Cleanup of SP with small stack. Expand support for WOLFSSL_SP_NO_MALLOC. Fix for evp.c when included directly. 2020-05-04 14:23:32 -07:00
Chris Conlon
df067b6781
Merge pull request #2919 from kaleb-himes/ZD10194 
Fix for Freescale common examples that predated hardening warning
 2020-05-04 13:43:07 -06:00
kaleb-himes
62d67c3da1 Don't need if not using TLS 1.2 2020-05-04 12:54:36 -06:00
toddouska
da01961254
Merge pull request #2939 from JacobBarthelmeh/SanityChecks 
sanity check on PemToDer type
 2020-05-04 11:26:33 -07:00
toddouska
d848495a66
Merge pull request #2937 from dgarske/wolfio_tcpcon_fd 
Fix issue with failed TCP connect using invalid socket file descriptor
 2020-05-04 11:22:54 -07:00
David Garske
8e0f5ef8ce Fixes for WOLFSSL_SP_CACHE_RESISTANT with small stack. 2020-05-04 11:22:12 -07:00
David Garske
c28ad38b16 Fix for cast issue caused by PR #2900. Applies to WOLFSSL_SP_CACHE_RESISTANT and c32/c64 versions only. 2020-05-04 10:49:59 -07:00
Jacob Barthelmeh
082e51d778 check on length of unwrap before memmove 2020-05-04 10:32:05 -06:00
Jacob Barthelmeh
9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
toddouska
3944c8eb73
Merge pull request #2935 from ejohnstown/hush-tfm 
Hush TFM Warnings
 2020-05-01 08:26:42 -07:00
David Garske
31502ec3f9 Fix issue with failed TCP connect using invalid socket file descriptor on close. Fixes #2936 2020-05-01 07:32:00 -07:00
John Safranek
b6bd86d2b1
TFM Warnings 
When building in VS, the MSC will complain about some constants getting
implicitly promoted to 64-bit. Added some type-casts to hush the warnings.
 2020-04-30 19:43:18 -07:00
toddouska
f772bc8d9a
Merge pull request #2923 from dgarske/pic32mz 
Fixes for PIC32MZ crypto hardware cache and large hash
 2020-04-30 16:22:13 -07:00
toddouska
df9dd3012f
Merge pull request #2934 from SparkiDev/tls13_cookie_ks 
TLS13: Prepend the SupportedVersions extension to list
 2020-04-30 14:58:11 -07:00
toddouska
a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks 
check on tag length for AES-CCM
 2020-04-30 14:51:20 -07:00
Sean Parkinson
7879d3762a TLS13: Prepend the SupportedVersions extension to list 
Must have SupportedVersions at start of list for Cookie to be
constructed correctly.
Application can set the key share extension before handshake and
SupportedVersions will be added after. Extensions written in order of
adding to list.
Prepend SupportedVersions so that it will always appear in the correct
place so when reconstructing HelloRetryRequest, the extensions will
always be in the same order.
 2020-04-30 08:46:23 +10:00
Jacob Barthelmeh
505fbed4df fix AES-CCM tag size check on decryption 2020-04-29 15:15:54 -06:00
toddouska
7e267546cb
Merge pull request #2933 from SparkiDev/tls13_rsa8192 
Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA
 2020-04-29 11:24:44 -07:00
Sean Parkinson
390f066028 Allow TLS 1.3 CertificateVerify to handle 8192-bit RSA 2020-04-29 12:37:41 +10:00
Sean Parkinson
e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
Jacob Barthelmeh
b73e52f33f move AES-CCM tag check into a local function 2020-04-28 14:46:06 -06:00
kaleb-himes
951cb4aaf4 Fix building with one-side only tls13/dtls 2020-04-28 14:33:00 -06:00
toddouska
f770d28ff0
Merge pull request #2916 from dgarske/testfixes 
Improvements to ECC key decode and tests
 2020-04-28 09:57:44 -07:00
toddouska
a585e4115e
Merge pull request #2927 from SparkiDev/tls13_ccs 
In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row
 2020-04-28 09:52:46 -07:00
toddouska
cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++ 
Fixes for G++ and enable-all
 2020-04-28 09:51:34 -07:00
Juliusz Sosinowicz
c02c408409 Only 80 characters a line 2020-04-28 12:38:02 +02:00
Sean Parkinson
a104caef13
Merge pull request #2929 from dgarske/sp_rsalowmem 
Fix for SP math with `RSA_LOW_MEM` (ARM only)
 2020-04-28 08:43:31 +10:00
Jacob Barthelmeh
c85a53c631 add macro guard for fips and selftest builds 2020-04-27 15:36:53 -06:00
David Garske
6185e0f477 Remove execute bit on files. 2020-04-27 11:16:02 -07:00
David Garske
327cdefc24 Fix for SP math with RSA_LOW_MEM, which was broken in PR #2892. 2020-04-27 08:59:54 -07:00
Juliusz Sosinowicz
01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL 
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
 2020-04-27 15:52:01 +02:00
David Garske
1e726e19a4 Fix for XMALLOC cast. 2020-04-27 06:48:41 -07:00
Sean Parkinson
c153873337 Fail when WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT set in TLS1.3 2020-04-27 16:17:03 +10:00
Sean Parkinson
df1b7f34f1 In TLS 1.3, don't allow multiple ChangeCipherSpecs in a row 2020-04-27 15:27:02 +10:00
David Garske
3c93a7b757 Fix Value stored to 'ret' is never read. 2020-04-24 11:31:12 -07:00
David Garske
a4caa42793 Improve the Base64 line size for NO_ASN case. Fix report of unread ret. 2020-04-24 11:26:55 -07:00
David Garske
589712f870 PIC32MZ Fix for cache coherency to enable write-through (no write allocation) to resolve descriptor corruption. ZD 10212. 2020-04-24 09:13:28 -07:00
David Garske
0f11369680 PIC32MZ Fix for WOLFSSL_PIC32MZ_LARGE_HASH: Only submit to hardware if update data provided matches expected. ZD 10211. 2020-04-24 09:01:51 -07:00
David Garske
cfc0aeb857 Fix for RSA and KeyGen only in test.c. 2020-04-24 08:56:31 -07:00
David Garske
41fc208195 Fixes for isHMAC checks. 2020-04-24 08:51:56 -07:00
David Garske
5fa7bb5b9f Fix possible unused args. 2020-04-24 07:48:41 -07:00
David Garske
6d025f8c0f Refactor of the EVP macType to use enum wc_HashType to resolve issues with invalid casting. 2020-04-24 07:43:44 -07:00
David Garske
28b686a8ca * Exposed useful sizes MAX_X509_HEADER_SZ and PEM_LINE_SZ 
* Refactor the PEM saving code in `test.c`, so its not using large 4K buffer and calculates based on DER.
* Enable ECC key generation test even without `WOLFSSL_KEY_GEN`.
* Added `ECC_KEYGEN_SIZE` macro for ECC key generation testing.
* Refactor ECC DER key generation to use `ECC_BUFSIZE`.
 2020-04-23 16:11:54 -07:00
David Garske
81f959336b Added support for important private key DER using wc_EccPublicKeyDecode. Added ECC key generation and decode test case. 2020-04-23 16:07:43 -07:00
David Garske
b07dfa425d Fixes for ./configure CC="g++" --enable-all && make. Resolves issues with implicit casts and use of reserved template keyword. 2020-04-23 15:26:04 -07:00