mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,244 Commits 5 Branches 162 Tags
Commit Graph

15244 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juliusz Sosinowicz
e97e8bc7d0 #59 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
5bacc0c9ab In first |= op r always equals 0 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
8e6759384c #40 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
344a07051e #39 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
74cf332a8b #37 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
e82ae7b072 #17 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
79682fd30a #15 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
97c89dd072 #9 2021-10-21 14:22:54 +02:00
Sean Parkinson
817cd2f2a6
Merge pull request #4487 from haydenroche5/openssh 
Make several changes to support OpenSSH 8.5p1.
 2021-10-21 08:59:38 +10:00
Sean Parkinson
ac3612bbef
Merge pull request #4469 from dgarske/android_keystore 
Support for Android KeyStore compatibility API's
 2021-10-21 08:30:08 +10:00
Sean Parkinson
a9f467a6b0
Merge pull request #4457 from dgarske/zd13036 
Fix for sniffer to trap negative size calculation
 2021-10-21 08:17:52 +10:00
John Safranek
ff8e7609f5
Merge pull request #4458 from kosmas-valianos/SkipCRLnoCDP 2021-10-20 13:45:58 -07:00
Hayden Roche
864f913454 Make several changes to support OpenSSH 8.5p1. 
- Permit more wolfSSL_EC_POINT_* functions for FIPS builds. This requires one
workaround in wolfSSL_EC_POINT_mul where wc_ecc_get_generator isn't available.
- Permit more AES-GCM code in EVP code for FIPS v2 builds. It's unclear why this
code wasn't already available.
- Add EVP_CIPHER_CTX_get_iv to the compatibility layer.
- Clear any existing AAD in the EVP_CIPHER_CTX for AES-GCM when we receive the
EVP_CTRL_GCM_IV_GEN control command. OpenSSL does this, and OpenSSH is relying
on this behavior to use AES-GCM correctly.
- Modify ecc_point_test in testwolfcrypt so that it doesn't fail when doing a
FIPS build with HAVE_COMP_KEY defined.
 2021-10-20 11:00:42 -07:00
John Safranek
e572c6b9d7
Merge pull request #4486 from dgarske/set_secret 2021-10-20 10:54:13 -07:00
David Garske
1d6c7b542d Update the user_settings.h template for Android, based on final testing. 2021-10-20 10:10:15 -07:00
David Garske
6d2a5fab9b Added test cases for EVP_PKCS82PKEY and EVP_PKEY2PKCS8. 2021-10-20 09:18:13 -07:00
David Garske
e5caf5124c
Merge pull request #4477 from luizluca/zero-terminate-constraints 
ASN: zero-terminate name constraints strings
 2021-10-19 21:16:46 -07:00
David Garske
892685ac59
Merge pull request #4472 from utzig/ksdk-port-koblitz 
nxp: ksdk: add support for Koblitz curves
 2021-10-19 21:14:38 -07:00
David Garske
a145f3107d
Merge pull request #4481 from SparkiDev/mod_exp_even 
SP int: handle even modulus with exponentiation
 2021-10-19 21:09:15 -07:00
David Garske
4e7ce45a8c Allow loading public key with PK callbacks also. 2021-10-19 17:04:18 -07:00
David Garske
de8798f4be Fix API unit tests where DH 3072-bit is not enabled. 2021-10-19 17:04:18 -07:00
David Garske
a03ed32380 Support for Android KeyStore compatibility API's: 
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
 2021-10-19 17:04:18 -07:00
David Garske
00bdc69284 Fix for wolfSSL_set_secret with DTLS where TLS v1.3 is not defined. Function assumed ssl->arrays->preMasterSecret was allocated. 2021-10-19 16:22:39 -07:00
Sean Parkinson
f04380d624
Merge pull request #4475 from douzzer/fix-scan-build-UnreachableCode 
scan-build LLVM-13 fixes and expanded coverage
 2021-10-20 08:30:46 +10:00
Sean Parkinson
d880403207 SP int: handle even modulus with exponentiation 
Fix testing of mp_int to only call when implementation included.
 2021-10-20 08:21:26 +10:00
Sean Parkinson
7f5a3a4e74
Merge pull request #4484 from dgarske/memtest 
Fix for openssl test with --enable-memtest (also DH test build edge case)
 2021-10-20 08:19:30 +10:00
Sean Parkinson
41eecd37e5
Merge pull request #4471 from embhorn/zd11886 
Fix build errors with NO_BIO config
 2021-10-20 08:06:42 +10:00
Sean Parkinson
93f033823c
Merge pull request #4482 from miyazakh/mindowngarde_staticrsa 
TLS 1.3: ServerHello downgrade with no extensions fix
 2021-10-20 07:58:34 +10:00
David Garske
d297a06c25 Fix for wolfCrypt test with custom curves without Brainpool. Tested all changes on NXP K82 LTC. 2021-10-19 13:12:12 -07:00
David Garske
498884eadb Fix for missing dhKeyFile and dhKeyPubFile with file system enabled, WOLFSSL_DH_EXTRA and USE_CERT_BUFFERS_2048 set. 2021-10-19 13:06:37 -07:00
David Garske
dcb2ebba39 Fix for openssl.test extraction of version and cipher suites. Fix mem tracking to use stderr. Fix client version print to use single printf with newline. 2021-10-19 13:00:25 -07:00
Eric Blankenhorn
c0b592ef82 Fix build error with WOLFSSL_USER_IO 2021-10-19 08:27:43 -05:00
Hideki Miyazaki
91cd2b1731
TLS 1.3 ServerHello additional fix for PR4439 in Static RSA case 2021-10-19 17:51:00 +09:00
Daniel Pouzzner
768496be4a scan-build LLVM-13 fixes: in examples/echoclient/echoclient.c, remove frivolous "break;", avoiding need to pragma-ignore clang -Wunreachable-code-break. 2021-10-18 21:46:10 -05:00
Daniel Pouzzner
e341291d99 scan-build LLVM-13 fixes: tests/api.c: fix -Wunused-but-set-variable for drive_len in test_wolfSSL_EVP_Cipher_extra() by removing the unused drive_len code. 2021-10-18 21:46:10 -05:00
Daniel Pouzzner
69bc801c13 scan-build LLVM-13 fixes: src/ssl.c: work around deadcode.DeadStores warning in wolfSSL_X509_REQ_sign() in a different way, avoiding WC_MAYBE_UNUSED. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
76332069ea examples/client/client.c: remove frivolous break to avoid need for PRAGMA_CLANG("clang diagnostic ignored \"-Wunreachable-code-break\""). 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
a5006d580c scan-build LLVM-13 fixes: sp_int.c: drop "&& defined(SP_DEBUG_VERBOSE)" from preprocessor gates around debugging printfs. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
007f01e7ec scan-build LLVM-13 fixes: in src/tls.c TLSX_PopulateExtensions(), avoid -Wunreachable-code-return by refactoring iteration to use an array terminator (a new "WOLFSSL_NAMED_GROUP_INVALID" with value 0) rather than a compile-time-calculated constant of iteration. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
816527e826 scan-build fixes: back out all "#ifndef __clang_analyzer__" wrappers added to suppress false and frivolous positives from alpha.deadcode.UnreachableCode, and rename new macro WC_UNUSED to WC_MAYBE_UNUSED to make its meaning more precisely apparent. build is still clean with -Wunreachable-code-break -Wunreachable-code-return under scan-build-13. 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
f621a93081 more scan-build LLVM-13 fixes and expanded coverage: deadcode.DeadStores in client.c and server.c (no functional changes). 2021-10-18 21:46:09 -05:00
Daniel Pouzzner
62822be6ce scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all. 2021-10-18 21:46:09 -05:00
Sean Parkinson
7447a567e1
Merge pull request #4480 from JacobBarthelmeh/fuzzing 
sanity check on q value with DSA sign
 2021-10-19 11:10:51 +10:00
Sean Parkinson
84b845c65b
Merge pull request #4478 from maximevince/zephyr-user-settings-override 
Zephyr: Rename leftover CONFIG_WOLFSSL_OPTIONS_FILE
 2021-10-19 09:51:15 +10:00
David Garske
a50d1f4870
Merge pull request #4301 from julek-wolfssl/issue-4298 
`mem_buf` only used with memory BIO
 2021-10-18 10:29:55 -07:00
Jacob Barthelmeh
c07a7deec2 sanity check on q value with DSA sign 2021-10-18 10:17:49 -06:00
Maxime Vincent
77895ac964 Rename leftover CONFIG_WOLFSSL_OPTIONS_FILE to CONFIG_WOLFSSL_SETTINGS_FILE 
Signed-off-by: Maxime Vincent <maxime@veemax.be>
 2021-10-16 15:43:21 +02:00
Luiz Angelo Daros de Luca
0e3218dcd0 ASN: zero-terminate name constraints strings 
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
 2021-10-15 20:19:05 -03:00
David Garske
b2c003d7d4 Fix for sniffer to trap negative sslBytes. Revert logic from PR 3493 blocking out of range sequence numbers. Fix ack sequence rollover logic. ZD13036 2021-10-15 11:31:53 -07:00
Daniel Pouzzner
60adf22ce1
Merge pull request #4468 from SparkiDev/sp_fixes_6 
SP: regenerated SP code
 2021-10-15 02:27:19 -05:00