mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14,725 Commits 5 Branches 162 Tags
Commit Graph

14725 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacob Barthelmeh
263e03748e fix issue of handling partially streamed PKCS7 input 2021-07-08 15:25:40 +07:00
JacobBarthelmeh
a250e1f23a
Merge pull request #4194 from ejohnstown/to-fix 
Timeout Fix
 2021-07-08 14:34:42 +07:00
John Safranek
c9aa23ac7a
Merge pull request #4191 from dgarske/htons 
Fix for missing `XHTONS` with `WOLFSSL_USER_IO` and session tickets
 2021-07-07 16:21:59 -07:00
John Safranek
00cab36b36
Timeout Fix 
The macros setting up the timeout for the select used to timeout just
multiplied the ms by 1000 to make us. The BSD select used on macOS
doesn't like the us to be greater than 999999. Modified to carry the
excess us over into the seconds.
 2021-07-07 16:14:48 -07:00
Sean Parkinson
849020660f
Merge pull request #4182 from JacobBarthelmeh/CAAM 
check return of DSA decode
 2021-07-08 08:16:46 +10:00
John Safranek
b9dac74086
Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh
86e5287a14
Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
Juliusz Sosinowicz
b7bd3766c7 Fix pedantic errors about macros in macros 2021-07-07 10:54:34 +02:00
JacobBarthelmeh
7b9d6a3f5e
Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Hayden Roche
7422f07fb5 Improve wolfIO_HttpProcessResponse HTTP header checking logic. 
Modify this function to just ensure that the response header starts with "HTTP
1.x 200" (where x is 0, 1, etc.).
 2021-07-06 15:18:26 -07:00
David Garske
41ac17cdc6 Improve support for XHTONS with WOLFSSL_USER_IO and session tickets with default encryption implementation !WOLFSSL_NO_DEF_TICKET_ENC_CB. 2021-07-06 13:13:35 -07:00
Jacob Barthelmeh
b1a6d88af6 fix for memory leak 2021-07-06 23:37:35 +07:00
Juliusz Sosinowicz
fc7533fe5e Code review changes 2021-07-06 16:14:25 +02:00
Juliusz Sosinowicz
1acf906612 Code review changes 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
6dfc702364 Correct serverDH_Pub length on renegotiation 
On a renegotiation the serverDH_Pub buffer may be too short. The previous DhGenKeyPair call may have generated a key that has a shorter binary representation (usually by one byte). Calling DhGenKeyPair with this shorter buffer results in a WC_KEY_SIZE_E error.
 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz
1b6b16c2c3 HaProxy 2.4-dev18 support 
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
    - `STACK_TYPE_X509_OBJ`
    - `OCSP_id_cmp`
    - `X509_STORE_get0_objects`
    - `X509V3_EXT_nconf_nid`
    - `X509V3_EXT_nconf`
    - `X509_chain_up_ref`
    - `X509_NAME_hash`
    - `sk_X509_NAME_new_null`
    - `X509_OBJECT_get0_X509`
    - `X509_OBJECT_get0_X509_CRL`
    - `ASN1_OCTET_STRING_free`
    - `X509_LOOKUP_TYPE`
    - `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
    - WOLFSSL_CTX
        - Enable all compiled in protocols
        - Allow anonymous ciphers
        - Set message grouping
        - Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
    - Return first that occured
    - Set correct value on date error
    - Set revoked error on OCSP or CRL error
    - Save value in session and restore on resumption
    - Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
 2021-07-06 15:39:23 +02:00
Jacob Barthelmeh
a6ce91f3bb fix for gcc-11 build with blake2 2021-07-06 14:53:39 +07:00
Jacob Barthelmeh
ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
Sean Parkinson
34528eb6c9 ECC bench: can't use SAKKE curve with ECDH/ECDSA 
Skip curve benchmarking when all curves are being benchmarked.
 2021-07-06 12:19:50 +10:00
Guido Vranken
e0f268e522 Simplify mp_invmod_slow fix 2021-07-06 02:29:31 +02:00
Guido Vranken
9783d64f7e Add missing return value check in mp_invmod_slow 2021-07-06 02:13:42 +02:00
Sean Parkinson
08ebd34f31 SP math: montgomery reduction edge case 
4 and 6 word specific implementations now handle rare overflow correctly
in last mul-add of loop.
 2021-07-06 10:03:24 +10:00
Guido Vranken
460b513594 Fix compilation failure with WOLFSSL_PUBLIC_ECC_ADD_DBL 
Fixes https://github.com/wolfSSL/wolfssl/issues/4184
 2021-07-03 19:31:29 +02:00
TakayukiMatsuo
5df0f7820a Add wolfSSL_CTX_set_keylog_callback 2021-07-03 14:51:23 +09:00
Jacob Barthelmeh
89866846d6 check return of DSA decode 2021-07-03 03:41:40 +07:00
David Garske
26789ef877 Fix variable declaration mid-code. 2021-07-02 13:24:25 -07:00
David Garske
2dd169f9a1 Added new sniffer API for callback for key use ssl_SetKeyCallback. Support indicated by WOLFSSL_SNIFFER_KEY_CALLBACK. Trace cleanup for custom error. 2021-07-02 12:18:56 -07:00
kaleb-himes
93a8f36530 Fix basic constraints extension present and CA Boolean not asserted 2021-07-02 12:16:16 -06:00
TakayukiMatsuo
567d8ed704 Make wolfSSL_set_session return success on timeout under WOLFSSL_ERROR_CODE_OPENSSL macro definition. 2021-07-02 10:50:00 +09:00
TakayukiMatsuo
aef9e560b1 Make wolfSSL_CTX_set_timeout call wolfSSL_CTX_set_TicketHint internally to change session-ticket-lifetime-hint. 2021-07-02 09:15:01 +09:00
David Garske
197b959916
Merge pull request #4177 from SparkiDev/ecc_exp_point_size 
ECC: validate ordinate length before export
 2021-07-01 17:07:35 -07:00
David Garske
d16e374972
Merge pull request #4160 from JacobBarthelmeh/fuzzing 
better checking on length of streaming buffer
 2021-07-01 17:04:49 -07:00
David Garske
43f8c5ba1b
Merge pull request #4121 from JacobBarthelmeh/PKCS7 
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
 2021-07-01 17:03:56 -07:00
JacobBarthelmeh
9b8142c1ff
Merge pull request #4174 from SparkiDev/zephyr_2_6_99 
Zephyr Project: update port to work with latest
 2021-07-02 03:23:10 +07:00
Daniel Pouzzner
e9e41d3344
Merge pull request #4070 from elms/fsanitize/undefined_fixes 
address errors with `-fsanitize=undefined`
 2021-07-01 13:00:06 -05:00
JacobBarthelmeh
45486ac904
Merge pull request #4166 from miyazakh/supportedversion_ex_mindowngrade 
not include smaller versions than minimum downgrade
 2021-07-01 21:00:20 +07:00
JacobBarthelmeh
7a42096643
Merge pull request #4175 from SparkiDev/sp_thumb_clang 
SP: Thumb implementaton that works with clang
 2021-07-01 20:39:06 +07:00
Sean Parkinson
a992480f91 ECC: validate ordinate length before export 2021-07-01 15:50:04 +10:00
Elms
75e807abc6 Fixes for gcc-10 and -fsanitize=undefined for rabbit.c 
* One introduced in #4156
* One from previous commit in this PR
 2021-06-30 22:20:17 -07:00
Sean Parkinson
6694775d4b Changes to compile without XTREAM_ALIGN 
Use macro to load 32 bits from input parameters key in hc128.c and input
in rabbit.c
Also fix warning about string copy.
 2021-06-30 21:58:30 -07:00
Elms
56d879f422 address scan-build issues for clang 6 and 10 2021-06-30 21:58:30 -07:00
Elms
c9597ea735 sha3: align data for Sha3Update 2021-06-30 21:58:30 -07:00
Elms
dc7beab784 address errors with -fsanitize=undefined 
- fix null dereferences or undefined `memcpy` calls
 - fix alignment in `myCryptoDevCb`
 - fix default dtls context assignment
 - add align configure option to force data alignment

TESTED:
 `./configure CFLAGS=-fsanitize=undefined\ -DWOLFSSL_GENERAL_ALIGNMENT=1 --enable-all`
 2021-06-30 21:58:30 -07:00
Sean Parkinson
4cff893c5f SP math all: allow reading of bin up to max digit size 2021-07-01 14:29:58 +10:00
David Garske
f9cd83743a Fix include.am typo. 2021-06-30 08:42:15 -07:00
David Garske
23b573c70a Autoconf Include.am fixes, spelling and copyright. 2021-06-30 08:38:17 -07:00
David Garske
c820b5679a
Merge pull request #4173 from SparkiDev/sp_int_mingw64 2021-06-30 06:57:58 -07:00
Jacob Barthelmeh
893b71e8c1 remove dead code 2021-06-30 19:54:25 +07:00
Juliusz Sosinowicz
0277fa6d7c Remove unused wolfSSL_StartSecureRenegotiation 2021-06-30 13:51:11 +02:00
Jacob Barthelmeh
23eededc36 simplify and fix max stream buffer length 2021-06-30 15:26:44 +07:00