mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,931 Commits 5 Branches 162 Tags
Commit Graph

15931 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
TakayukiMatsuo
cd96330f2a Integrate Renesas TSIP specific code into Renesas common logics 2021-12-22 13:18:32 +09:00
David Garske
a6a071771b
Merge pull request #4681 from SparkiDev/sp_arm64_p384_mr 
SP ARM64: P-384 prime specific Montogmery Reduction
 2021-12-21 13:50:33 -08:00
Sean Parkinson
9f2419246e SP ARM64: P-384 prime specific Montogmery Reduction 
Improves performance
 2021-12-21 10:18:12 +10:00
David Garske
6b47954d58
Merge pull request #4670 from julek-wolfssl/krb5-missing-api 
Missing config for krb5 1.16.1
 2021-12-20 15:54:41 -08:00
David Garske
3644d97dd8
Merge pull request #4613 from SparkiDev/sp_div_max 
SP math all: div handling of length of dividend
 2021-12-20 15:10:35 -08:00
David Garske
360a513696
Merge pull request #4553 from SparkiDev/sp_mont_inv_order_fix 
SP: fix when mont_mul_order is defined
 2021-12-20 15:09:08 -08:00
Sean Parkinson
463d050d3d
Merge pull request #4678 from dgarske/nightly 
Nightly fixes: PK with no AES and OCSP test with DTLS
 2021-12-21 09:00:22 +10:00
David Garske
0ce9703768
Merge pull request #4666 from SparkiDev/ecc_enc_mem 
ECC: better protection when using encrypted memory
 2021-12-20 14:48:13 -08:00
Sean Parkinson
bb306d14b7
Merge pull request #4643 from kareem-wolfssl/zd13328 
Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined.
 2021-12-21 08:02:17 +10:00
David Garske
d588437504
Merge pull request #4677 from anhu/oqs_to_pqc 
--with-liboqs now defines HAVE_LIBOQS and HAVE_PQC
 2021-12-20 13:00:30 -08:00
David Garske
d8b58b8b05 Put both DigiCert Global Root CA and GlobalSign Root CA into the Google CA list. Fixes --enable-dtls --enable-ocsp ./scripts/ocsp.test`. 2021-12-20 11:47:34 -08:00
David Garske
ebc64db7d0 Fix for --enable-pkcallbacks --disable-aes --disable-aesgcm. 2021-12-20 10:17:50 -08:00
David Garske
b290e8089c
Merge pull request #4672 from SparkiDev/sp_c_mont_red 
SP C: specific Montgomery reduction code for P256 and P384
 2021-12-20 09:50:54 -08:00
Anthony Hu
79f6301521 Add error for case of user defining HAVE_PQC without HAVE_LIBOQS. 2021-12-20 12:42:09 -05:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00
Sean Parkinson
6d2da74c21
Merge pull request #4625 from dgarske/zd13208 
Fix for PKCS7 verify to handle content type OID with indef BER encoding
 2021-12-20 14:49:59 +10:00
David Garske
ce4f436d0f
Merge pull request #4587 from SparkiDev/dis_algs_fix_1 
Disable algorithms: fixes
 2021-12-19 20:12:30 -08:00
David Garske
2477574a69 Fix for PKCS7 verify to handle pkcs7-data content type OID with indef BER encoding. ZD13208 2021-12-17 14:24:35 -08:00
David Garske
ab9eda636a
Merge pull request #4671 from lealem47/remove-n 
Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER
 2021-12-17 14:04:42 -08:00
David Garske
97830b81d6
Merge pull request #4674 from anhu/uninitialized 
Fix unitialized usage
 2021-12-17 10:51:43 -08:00
John Safranek
771647615a
Merge pull request #4669 from douzzer/rehab-configure-fips 
FIPS configure cleanup
 2021-12-17 08:58:44 -08:00
Anthony Hu
9cc1624023 Fix unitialized usage 2021-12-17 11:55:08 -05:00
Kaleb Himes
2f0b451545
Merge pull request #4673 from julek-wolfssl/should-retry-fix 
Fix `test_wolfSSL_BIO_should_retry` test
 2021-12-17 08:16:16 -07:00
Juliusz Sosinowicz
21a5a571e8 Fix test_wolfSSL_BIO_should_retry test 
When `OPENSSL_COMPATIBLE_DEFAULTS` is defined then `SSL_MODE_AUTO_RETRY` is set on context creation. For this test we need to clear this mode so that the `WOLFSSL_CBIO_ERR_WANT_READ` can propagate up to the user.
 2021-12-17 12:32:25 +01:00
David Garske
bd515cd3a6
Merge pull request #4637 from SparkiDev/sp_c32_rsa 
SP C RSA: normalize tmpa after conditionally adding p
 2021-12-16 18:54:28 -08:00
Sean Parkinson
6cac0ea5a9 SP C: specific Montgomery reduction code for P256 and P384 
Improves performance of 32-bit and 64-bit SP C code.
 2021-12-17 12:00:16 +10:00
Daniel Pouzzner
5c6bd8c2c9 configure.ac: in fips v5 setup, consider HAVE_AES{CCM,CTR,GCM,OFB}_PORT when auto-setting -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB; refactor KCAPI options for readability and correctness. 2021-12-16 17:03:01 -06:00
Sean Parkinson
0b2b218de7 ECC: better protection when using encrypted memory 
Added new ECC scalar multiplication implementation.
 2021-12-17 08:30:45 +10:00
Lealem Amedie
a79440b95a Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER 2021-12-16 13:30:43 -07:00
Daniel Pouzzner
f889916fae ssl.c: fix C++ invalid conversion in wolfSSL_sk_X509_INFO_value(). 2021-12-16 13:29:17 -06:00
Daniel Pouzzner
e35c3c0d71 wolfcrypt/src/wc_port.c: fix whitespace. 2021-12-16 13:01:01 -06:00
Daniel Pouzzner
cf16480c85 configure.ac: fix hard tabs, and fix fips "v5-ready" that should have been "v5-dev". 2021-12-16 13:00:10 -06:00
Daniel Pouzzner
b7307e0ca5 ecc.c: small stack refactor for mp_int on the stack in wc_ecc_gen_deterministic_k(). 2021-12-16 13:00:10 -06:00
Daniel Pouzzner
fed5eb1d94 ecc.c: fix a deadcode.DeadStores warning in wc_ecc_gen_deterministic_k(). 2021-12-16 13:00:10 -06:00
Daniel Pouzzner
b6b12fe946 configure.ac: fips cleanup: drop flavor keys "v5-REL" (confusing); drop "v3" aka "v3-ready" (no longer buildable); add flavor "v5-dev" aka "dev"; refactor the "v5*" case of the FIPS setup switch to impose feature locks for v5 and v5-ready, but allow feature overrides with the new v5-dev; fix a debugging echo in the v2 case added in 1c27654300. 2021-12-16 13:00:10 -06:00
David Garske
dec78169bf
Merge pull request #4658 from julek-wolfssl/apache-2.4.51 
Add Apache 2.4.51 support
 2021-12-16 08:52:10 -08:00
David Garske
ea2245c4d1
Merge pull request #4656 from JacobBarthelmeh/SanityChecks 
sanity check before reading policy constraint
 2021-12-16 08:42:19 -08:00
David Garske
424bd2d73d
Merge pull request #4599 from julek-wolfssl/issue-4593 
Add WOLFSSL_FORCE_AUTO_RETRY option: force retrying of network reads
 2021-12-16 08:42:07 -08:00
Chris Conlon
3bd737b9ef
Merge pull request #4665 from miyazakh/sce_fsp_update_v3p5 2021-12-16 09:39:13 -07:00
David Garske
7699d92935
Merge pull request #4664 from anhu/Fix_ENCRYPT_LEN 
Do not let anything override HAVE_LIBOQS when setting ENCRYPT_LEN
 2021-12-16 07:51:32 -08:00
Juliusz Sosinowicz
afa6237f56 Add WOLFSSL_FORCE_AUTO_RETRY option: force retrying of network reads 2021-12-16 15:33:30 +01:00
Juliusz Sosinowicz
d5783d1eaa Missing config for krb5 1.16.1 2021-12-16 14:35:39 +01:00
Juliusz Sosinowicz
017d6cf464 Simplify error queue macros 2021-12-16 12:39:58 +01:00
Juliusz Sosinowicz
e78f7f734e Add Apache 2.4.51 support 
- Define `OPENSSL_COMPATIBLE_DEFAULTS` and `WOLFSSL_NO_OCSP_ISSUER_CHECK` for Apache config
- Fix `SSL_set_timeout` to match OpenSSL signature
- Implement `pkey` in `X509_INFO`
- Detect attempt to connect with plain HTTP
- Implement `wolfSSL_OCSP_request_add1_nonce`
- Set `ssl->cipher.bits` when calling `wolfSSL_get_current_cipher`
- Use custom flush method in `wolfSSL_BIO_flush` when set in BIO method
- Set the TLS version options in the `ssl->options` at the end of ClientHello parsing
- Don't modify the `ssl->version` when in a handshake (`ssl->msgsReceived.got_client_hello` is set)
- `wolfSSL_get_shutdown` returns a full bidirectional return when the SSL object is cleared. `wolfSSL_get_shutdown` calls `wolfSSL_clear` on a successful shutdown so if we detect a cleared SSL object, assume full shutdown was performed.
 2021-12-16 12:39:38 +01:00
Marco Oliverio
fa913f797a
Merge pull request #4657 from SparkiDev/sakke_cond_add 
SAKKE: fixup cond add to use all words
 2021-12-16 07:40:13 +01:00
Hideki Miyazaki
63ade421c1
fix redundat #ifdef 2021-12-16 09:30:21 +09:00
Sean Parkinson
bd7e19b8fe
Merge pull request #4639 from JacobBarthelmeh/ECC 
deterministic ECC sign edge case fix and add variant
 2021-12-16 08:48:37 +10:00
David Garske
abe8696852
Merge pull request #4642 from cconlon/pubKeyDerFromX509 
Add wc_GetPubKeyDerFromCert()
 2021-12-15 14:30:58 -08:00
Anthony Hu
7975ead1af Do not let anything override HAVE_LIBOQS when setting ENCRYPT_LEN because oqs wants biggest value. 2021-12-15 14:48:50 -05:00
John Safranek
e1cee463b6
Merge pull request #4662 from douzzer/20211214-fixits 
20211214 fixits
 2021-12-15 10:47:50 -08:00