mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
16,169 Commits 5 Branches 162 Tags
Commit Graph

16169 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
d728a7f0e6
Merge pull request #4777 from SparkiDev/sp_modinv_even_fix 
SP int: fix rework of sp_invmod
 2022-01-19 20:32:48 -08:00
David Garske
95efdccd7f
Merge pull request #4751 from SparkiDev/sp_int_thumb_asm 
SP int: ARM Thumb asm snippets
 2022-01-19 18:52:02 -08:00
David Garske
609d6442b1
Merge pull request #4753 from SparkiDev/siphash 
Add SipHash algorithm
 2022-01-19 18:51:44 -08:00
David Garske
fcce4f7a92
Merge pull request #4765 from haydenroche5/aes_siv 
Add AES-SIV (RFC 5297).
 2022-01-19 18:51:12 -08:00
Sean Parkinson
b767857abb SP int: fix rework of sp_invmod 
Simplify code and check for m mod a == 0 which means there is no
inverse.
 2022-01-20 10:37:31 +10:00
Sean Parkinson
a6485a228d Add SipHash algorithm 2022-01-20 09:41:18 +10:00
Sean Parkinson
a1185adf2c SP int: ARM Thumb asm snippets 2022-01-20 09:16:45 +10:00
Hayden Roche
62b07d8806 Add AES-SIV (RFC 5297). 
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
 2022-01-19 14:32:33 -08:00
David Garske
d668037541
Merge pull request #4746 from elms/gh/templates 
github: Initial templates
 2022-01-19 14:04:21 -08:00
David Garske
7adbf59f22
Merge pull request #4767 from anhu/kill_hc128 
Get rid of HC-128
 2022-01-19 12:20:18 -08:00
David Garske
c5d3581ac2
Merge pull request #4771 from SparkiDev/sp_c_mont_red 
SP C: fix corner case of P256 and P384 mont red
 2022-01-19 11:32:49 -08:00
David Garske
0175013604
Merge pull request #4770 from anhu/cve 
CVE-2022-23408
 2022-01-19 11:31:24 -08:00
elms
0f50ffb2ef github: Initial templates 2022-01-19 10:36:01 -08:00
Anthony Hu
af71aec77e Mention removal of HC-128 in README.md 2022-01-19 09:49:25 -05:00
Sean Parkinson
c06ba390cd SP C: fix corner case of P256 and P384 mont red 2022-01-19 14:22:04 +10:00
Chris Conlon
4c05d35452
Merge pull request #4743 from miyazakh/tls_bench_onlymode 2022-01-18 15:41:48 -07:00
Daniel Pouzzner
2984cb5abf
Merge pull request #4768 from SparkiDev/sp_invmod_nr 
SP math: sp_invmod changed to not call itself
 2022-01-18 16:20:37 -06:00
David Garske
65d1d32972
Merge pull request #4769 from SparkiDev/sp_mont_red_neg 
SP math neg: Mont Reduce fix
 2022-01-18 14:12:09 -08:00
Anthony Hu
884b8634af CVE-2022-23408 2022-01-18 16:06:08 -05:00
Anthony Hu
e6466f92b7 Counting properly 2022-01-18 15:41:16 -05:00
Anthony Hu
ff128c07a1 Remove extra references to Guid no longer required. Note that other count gaps exist so this should be fine. 2022-01-18 15:23:08 -05:00
Sean Parkinson
e745de657f
Merge pull request #4761 from haydenroche5/time_cb 
Add time callback functionality.
 2022-01-18 16:49:19 +10:00
Sean Parkinson
53a4903e2f SP math neg: Mont Reduce fix 
Compare the absolute value for negatives.
 2022-01-18 16:22:38 +10:00
JacobBarthelmeh
e11d484746
Merge pull request #4752 from LinuxJedi/fix-ber-der 
Fix buffer overflows in BERtoDER
 2022-01-17 21:05:39 -07:00
JacobBarthelmeh
84b06ac1b6
Merge pull request #4730 from embhorn/zd13475 
Document wc_AesCfbEncrypt and wc_AesCfbDecrypt
 2022-01-17 19:45:45 -07:00
Hayden Roche
1b0926a3b8 Add time callback functionality. 
This commit adds `wolfSSL_SetTimeCb` and `wolfSSL_time`. The former allows the
user to override the function wolfSSL uses to get the current time,
`wolfSSL_time`. If set, `wolfSSL_time` uses that function. If not set,
`wolfSSL_time` uses the `XTIME` macro by default. This functionality is needed
for the port of chrony to wolfSSL. chrony is an NTP implementation that uses
GnuTLS by default. For TLS, chrony uses the time it computes in place of the
default system time function.
 2022-01-17 17:49:51 -08:00
Sean Parkinson
fc861f3d6d SP math: sp_invmod changed to not call itself 
When the modulus is even, calculate m^-1 mod a instead and fixup after.
Don't call self to do inverse.
 2022-01-18 10:45:57 +10:00
Anthony Hu
c2860cb311 Get rid of HC-128 2022-01-17 18:11:54 -05:00
David Garske
ec44747029
Merge pull request #4764 from SparkiDev/evp_cbn_casecmp 
wolfSSL_EVP_get_cipherbyname: case compare
 2022-01-17 14:11:07 -08:00
David Garske
d38c5003d0
Merge pull request #4762 from ejohnstown/old-gcc 
Old Compiler Warning Cleanup (GCC 4.0.2)
 2022-01-17 09:44:44 -08:00
Chris Conlon
989a4f096e
Merge pull request #4728 from miyazakh/sce_aes128_cryonly 2022-01-17 10:28:57 -07:00
Chris Conlon
e953707258
Merge pull request #4754 from miyazakh/update_espidfport 2022-01-17 10:27:28 -07:00
Eric Blankenhorn
6197853f37 Document wc_AesCfbEncrypt and wc_AesCfbDecrypt 2022-01-17 11:27:19 -06:00
John Safranek
d06cf97d73
Old Compiler Warning Cleanup (GCC 4.0.2) 
test.c:
1. Removed pragma disabling the warning for unused functions.
2. Fixed the guards around the function that wasn't getting removed from
   the build. And matched the guards to the call of the function. The
   issue is a test that fails only in a cert 3389 build using Arm
   assembly single-precision public keys.
3. Fixed the guards around a couple other functions.
 2022-01-16 22:08:35 -08:00
Sean Parkinson
1b5d0c75b8 wolfSSL_EVP_get_cipherbyname: case compare 
Accept any case alternatives to name or alias.
Remove case only different aliases.
Tidy up formatting in function.
 2022-01-17 09:39:16 +10:00
John Safranek
b68b14b499
Merge pull request #4724 from embhorn/zd13462 
Improve param checks of enc
 2022-01-16 15:35:54 -08:00
John Safranek
815527be6b
Merge pull request #4745 from SparkiDev/m1_sha512 
Aarch64 SHA512: fixup to work on Apple M1
 2022-01-16 15:29:01 -08:00
Sean Parkinson
15f501358d
Merge pull request #4716 from julek-wolfssl/issue-4592 
Verification: Domain check should only be performed on leaf certs
 2022-01-17 08:40:14 +10:00
John Safranek
001469589b
Old Compiler Warning Cleanup (GCC 4.0.2) 
Fixed a lot of shadowed global values. Some were prototype and function
declaration parameter name conflicts. Some conflicted with typenames.
Some conflicted with globals in libc.
 2022-01-14 17:43:21 -08:00
John Safranek
5ddf4392df
Old Compiler Warning Cleanup (GCC 4.0.2) 
pwdbased.c: Simplified some arithmetic to fix a variable promotion
warning.
 2022-01-14 17:36:12 -08:00
John Safranek
2cf21a3f69
Old Compiler Warning Cleanup (GCC 4.0.2) 
ecc.c,api.c: Initialize some variables to fix warning for possible
uninitialized variable use.
 2022-01-14 17:33:49 -08:00
John Safranek
e724622506
Old Compiler Warning Cleanup (GCC 4.0.2) 
ge_operations.c: Added the keyword `inline` to several function
prototypes for functions declared `inline`.
 2022-01-14 17:19:01 -08:00
John Safranek
2085624a29
Old Compiler Warning Cleanup (GCC 4.0.2) 
1. Removed pragma disabling the warning for non-literal format strings
on `printf()`.
2. Switched the `printf()` into two printf calls.
 2022-01-14 17:11:55 -08:00
John Safranek
153b9abc31
Old Compiler Warning Cleanup (GCC 4.0.2) 
ssl.c: Fix a couple of checks on hashType enum that were using a `< 0`
for the lower bound on an unsigned.
 2022-01-14 16:32:18 -08:00
Juliusz Sosinowicz
31e84d82b8 Domain check should only be performed on leaf certs 
- Refactor `*_set_verify` functions into common logic
- NULL protect `wolfSSL_X509_VERIFY_PARAM_set1_host` and add debug info
 2022-01-14 18:16:42 +01:00
Hideki Miyazaki
a33d901409
update ESP-IDF port to fix failure 2022-01-14 15:35:28 +09:00
David Garske
f81e15f342
Merge pull request #4750 from SparkiDev/etm-disable 
TLS EncryptThenMac; fix when extension response sent
 2022-01-13 13:33:57 -08:00
David Garske
8d7059497e
Merge pull request #4742 from elms/fix/secure_renegotiate_compat 
TLS: Default secure renegotiation compatibility
 2022-01-13 10:23:27 -08:00
Andrew Hutchings
1a4bc322f7 Fix buffer overflow in PKCS7_VerifySignedData 
wc_PKCS7_AddDataToStream() was called the first time prior to BERtoDER
conversion, subsequent times afterwards which meant the stream idx
pointer was incorrect. This patch restarts the stream after conversion.

Fixes ZD13476
 2022-01-13 14:49:31 +00:00
Andrew Hutchings
92d01611ff Fix buffer overflow in GetOID 
When converting BER to DER we switched the pointer for pkiMsg to the DER
but not the size which could cause buffer overflow.

Fixes ZD13471
 2022-01-13 13:26:32 +00:00