WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
18,623 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

18623 Commits (7310eb102f300f3232cada852d814b2e94fe9bc6)

Author SHA1 Message Date
David Garske 59774ae576 Fixes for building with use of heap hint and compatibility layer. Fix for invalid OSSL callback function errors. 2022-11-07 11:33:39 -08:00
kaleb-himes b052ef46ba Add new setting per peer review feedback 2022-11-07 11:25:01 -07:00
kaleb-himes 0a97aa83b6 Update azsphere support to prevent compilation of file included inline 2022-11-07 10:36:24 -07:00
Sean Parkinson b845c8bfc8 SP int: support mingw64 again 
Check for _MSC_VER to determine that we are compiling for MSVC.
 2022-11-07 16:34:26 +10:00
David Garske 1ee3a78e4a Fixes for various tests that do not properly handle `WC_PENDING_E`. 2022-11-04 14:56:40 -07:00
Hayden Roche d0f33f62f4 Fix missing config.h include in some ARMv8 files. 2022-11-04 13:53:22 -07:00
Hayden Roche d7cbd8cd17 Improve logic for enabling system CA certs on Apple devices. 
In configure.ac and CMakeLists.txt, check for the header
Security/SecTrustSettings.h. If this header is found, enable the feature. If
it isn't, disable it. For non-configure/non-CMake builds, require the user to
explicitly define HAVE_SECURITY_SECTRUSTSETTINGS_H if they want to use system
CA certs (handled in settings.h).
 2022-11-04 13:52:45 -07:00
Hayden Roche 5d70f3efce
Merge pull request #5730 from philljj/zd15040 2022-11-04 13:32:48 -07:00
Hayden Roche 4a917219f7
Merge pull request #5608 from SparkiDev/pk_c_rework_2 2022-11-04 13:32:36 -07:00
Hayden Roche 1ce5951f0d
Merge pull request #5722 from dgarske/stm32 2022-11-04 13:32:11 -07:00
Hayden Roche 7cc2336af7
Merge pull request #5737 from SparkiDev/ecc_cofactor 2022-11-04 13:31:24 -07:00
Hayden Roche e3621d5bb1
Merge pull request #5771 from dgarske/revert-5622-sniffer_sequence 2022-11-04 13:25:48 -07:00
Chris Conlon dce1fc4766
Merge pull request #5703 from miyazakh/renesas_rx72n_simple 2022-11-04 11:43:08 -06:00
John Safranek 5f4cf53d87
Merge pull request #5772 from JacobBarthelmeh/OCSP 2022-11-04 09:46:42 -07:00
JacobBarthelmeh 8225d3642b save next status with OCSP response verify 2022-11-03 22:39:47 -07:00
Hayden Roche cbbe6fec94
Merge pull request #5763 from douzzer/20221031-benchmark-determinism 2022-11-03 14:52:59 -07:00
David Garske f610df59a9 Whitespace cleanups. 2022-11-03 14:38:43 -07:00
Hayden Roche fbc4af8701
Merge pull request #5739 from anhu/no_WOLFSSL_DYN_CERT 2022-11-03 14:24:34 -07:00
Hayden Roche 7414dd7ea5
Merge pull request #5768 from kareem-wolfssl/maxCertpolSz 2022-11-03 14:23:17 -07:00
Kareem 48bddc6d07 Update max Cert Policy size based on RFC 5280. 2022-11-03 11:49:15 -07:00
Daniel Pouzzner b140abd1fd wolfcrypt/benchmark/benchmark.c: add check_for_excessive_stime() and remove double declaration of base_rusage and cur_rusage. 2022-11-03 13:48:51 -05:00
David Garske 1adc06d181 Fix for Intel QAT handling of sign R when cofactor is not 1. ZD 15017 2022-11-03 10:00:07 -07:00
Sean Parkinson 4766a978cf ECC cofactor: fix check scalar bits 
For shared secrets, when a curve has a cofactor, the private key (in
range of order) is multiplied by the cofactor before use.

If there is a cofactor involved, check bit size of scalar against
modulus instead of order.
 2022-11-03 10:00:07 -07:00
David Garske 1ec2b14922 Revert "Fix for sniffer to decode out of order packets" 2022-11-03 09:50:15 -07:00
Sean Parkinson 336bef666a ASN X509 subject directory attribute: fix ASN template parsing 
Support multiple attributes.
When Country of Citizenship, pull out PRINTABLE_STRING explicitly.
Each type of attribute has a different format.
 2022-11-03 09:24:59 +10:00
David Garske a7635da9e6
Merge pull request #5765 from JacobBarthelmeh/release 
update for version 5.5.3
 2022-11-02 15:46:10 -07:00
JacobBarthelmeh 9b895b74bf update for version 5.5.3 2022-11-02 13:58:37 -07:00
Sean Parkinson ae22babf8b PKCS#11: compile time check in finding keys 
When WC_PKCS11_FIND_WITH_ID_ONLY defined, don't add key class and
type to attributes of search for by Id.
 2022-11-01 17:38:46 +10:00
Daniel Pouzzner 4ab41caf40 make static flags sym_header_printed, asym_header_printed, and pqasym_header_printed, local to the routines that use them (fixes an -Wunused-variable in -UBENCH_ASYM builds). 2022-11-01 01:12:17 -05:00
Daniel Pouzzner 89182b829f wolfcrypt/benchmark/benchmark.c: add GENERATE_MACHINE_PARSEABLE_REPORT and LINUX_RUSAGE_UTIME codepaths; 
fflush stdout after each scenario for line-buffered pipelining;

refactor csv_header_count into sym_header_printed, asym_header_printed, and pqasym_header_printed;

move SAKKE tests to precede PQ tests;

rename bench_stats_sym_check() to bench_stats_check();

add bench_stats_asym_finish_ex() accepting a "desc_extra" arg, and use it to disambiguate otherwise-homonymous SAKKE runs;

fix bench_aesecb_internal() to not check time (syscall) for every 3 blocks processed.
 2022-11-01 00:15:37 -05:00
JacobBarthelmeh 502a395723
Merge pull request #5757 from SparkiDev/enc_err_forcezero_fix 
ForceZero fix: encryption fail and not EtM
 2022-10-31 11:43:48 -06:00
Per Allansson 0a88bb9779
Allow DTLS 1.3 to compile when FIPS is enabled 2022-10-31 08:42:13 +01:00
Sean Parkinson 4efba8f437 ForceZero fix: encryption fail and not EtM 
Zeroizing of plaintext on encryption failure will use wrong size when
not using Encrypt-then-MAC. Size may go negative and cast to unsigned.
 2022-10-31 09:14:16 +10:00
Juliusz Sosinowicz 8bbbdfa3f9 Set alt name type to V_ASN1_IA5STRING 2022-10-28 19:58:01 +02:00
Anthony Hu 0158c82487 Keep WOLFSSL_DYN_CERT 2022-10-28 13:37:55 -04:00
David Garske 0ea0b887a5
Merge pull request #5749 from JacobBarthelmeh/release 
update version to 5.5.2
 2022-10-28 09:22:50 -07:00
JacobBarthelmeh 8fd5a4061c
Merge pull request #5748 from SparkiDev/arm32_asm_lr_fixup 
ARM32 ASM: fix asm saving and restoring of registers
 2022-10-28 07:37:02 -06:00
JacobBarthelmeh eb52083afd update version to 5.5.2 2022-10-28 06:25:33 -07:00
jordan c4e758dda5 Fix X509 subject and issuer name_hash mismatch 
Fix logging message and g++ invalid conversion error.
 2022-10-27 19:31:30 -05:00
Sean Parkinson 7bd8ced7af ARM32 ASM: fix asm saving and restoring of registers 
Fix push and pop generated at beginning and end of function.
 2022-10-28 09:51:32 +10:00
Sean Parkinson 4b648e7e08 PKCS#11: User PIN can be NULL_PTR 
Allow TokenInit to store NULL for User Pin.
New APIs to handle not setting User PIN.
 2022-10-28 08:52:18 +10:00
jordan 822f11d1a1 Fix X509 subject and issuer name_hash mismatch 
Refactor duplicate code a bit more.
 2022-10-27 15:15:55 -05:00
JacobBarthelmeh 319901a85c
Merge pull request #5743 from SparkiDev/tls_perf_fix_forcezero 
TLS performance fix: ForceZero minimization
 2022-10-27 13:43:17 -06:00
JacobBarthelmeh 7366a9edbd
Merge pull request #5744 from SparkiDev/regression_fixes_4 
Regresssion testing fixes
 2022-10-27 11:49:52 -06:00
Hideki Miyazaki e9d37b9bd1
addressed code review 2022-10-27 16:52:04 +09:00
Sean Parkinson fd7544ca19 Regresssion testing fixes 
Ed25519 and Ed448 need to enable certs.

If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.

Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.

MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
 2022-10-27 17:47:48 +10:00
Sean Parkinson b1e37377a1 TLS performance fix: ForceZero minimization 
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.

ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.

Fix SP to zeroize the whole buffer.

Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
 2022-10-27 17:00:42 +10:00
JacobBarthelmeh 1c09a67f6a
Merge pull request #5735 from SparkiDev/aes_gcm_c_dec_auth 
AES GCM decrypt C: don't decrypt when auth tag invalid
 2022-10-26 22:41:25 -06:00
Sean Parkinson 7a4657c881 Fixes from review 3 2022-10-27 11:25:27 +10:00
Sean Parkinson 8519988d57 SP int: guess 64-bit type 
When ULLONG_MAX not defined and long is the 32-bit type, speculatively
use long long as the 64-bit type.
 2022-10-27 10:19:21 +10:00