WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
13,302 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

13302 Commits (7986b37aa5c991d6210ef8d430b3ef532abcb7f2)

Author SHA1 Message Date
Sean Parkinson 7986b37aa5 SP int: fixes for 8-bit digits 
Fix mask type in mp_cond_copy to be at least 16 bits to handle 'used'
being larger than 8-bit but mp_digit being 8-bit.
When large numbers are used with 8-bit words, mul/sqr partial sums will
overflow a word. Fix implementations to handle this.
 2021-02-08 12:24:28 +10:00
Sean Parkinson 2933db8915
Merge pull request #3729 from guidovranken/zd11649 
SHA 256,512: Only write hash if no error has occurred
 2021-02-08 08:47:51 +10:00
Sean Parkinson ea4b3110e8
Merge pull request #3728 from dgarske/zd11624 
Fix for PKCS11 not properly exporting the public key due to a missing key type field
 2021-02-08 08:32:04 +10:00
Guido Vranken 3fd2647383 SHA 256,512: Only write hash if no error has occurred 
ZD 11649
 2021-02-06 08:15:30 +01:00
David Garske 70b382e6cf Fix for PKCS11 not properly exporting the public key due to a missing key type field. This broke due to changes in PR #3687. Also resolved mismatch of enum types for the key type check. 2021-02-05 11:49:31 -08:00
David Garske 714aa97490
Merge pull request #3710 from cconlon/0202 
fix and update README.md markdown
 2021-02-02 16:15:53 -08:00
Chris Conlon 7eb71b1bb1
Merge pull request #3344 from guidovranken/PKCS7_EncodeSigned-leak-fix 
Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned
 2021-02-02 13:53:20 -07:00
Guido Vranken f833d96ba3 Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned 2021-02-02 10:15:00 -08:00
Chris Conlon 30c1c4a4f8 fix and update README.md markdown 2021-02-02 10:38:09 -07:00
David Garske 5577a2215f
Merge pull request #3708 from JacobBarthelmeh/Testing 2021-02-01 10:11:16 -08:00
David Garske ab5f9831ab
Merge pull request #3707 from douzzer/test-openssl-small-stack 
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
 2021-02-01 09:30:04 -08:00
Jacob Barthelmeh a7066a9be2 add stdint to test.c if using non blocking ecc test 2021-02-01 23:07:03 +07:00
Jacob Barthelmeh fd01f79f86 add guard for rsa public only 2021-01-31 23:43:53 +07:00
Daniel Pouzzner d14f4f8451 wolfcrypt/test/test.c: smallstack refactor of openssl test routines. 2021-01-30 00:01:15 -06:00
David Garske f5f19fda42
Merge pull request #3704 from douzzer/aesgcm-table-small-stack 
--enable-aesgcm=table --enable-smallstack
 2021-01-29 19:53:08 -08:00
Daniel Pouzzner d0b20f90d5 wolfcrypt/test/test.c: use HEAP_HINT, not NULL, for XREALLOC() too. 2021-01-29 20:16:51 -06:00
Daniel Pouzzner 8c0100e60e blake2b.c/blake2s.c: refactor so that smallstack code paths match performance of !smallstack path. 2021-01-29 17:19:42 -06:00
Daniel Pouzzner a332cf36b5 add DYNAMIC_TYPE_AES and DYNAMIC_TYPE_CMAC to enum in types.h, and use these where appropriate; 
in test.c: use use HEAP_HINT, not NULL in XMALLOC/XFREE calls;

fix a couple typos in aes_test() re WOLFSSL_ASYNC_CRYPT;

add various missing WOLFSSL_SMALL_STACK_STATIC qualifiers;

and streamline old smallstack refactor on-stack declarations declarations to use the much neater [1] construct.
 2021-01-29 17:17:31 -06:00
David Garske eae4124908
Merge pull request #3705 from lechner/repology-packaging-status 
Show packaging status across Linux distributions in README.md
 2021-01-29 14:48:26 -08:00
Felix Lechner 2033970369 Show packaging status across Linux distributions in README.md (from Repology) 
Repology offers badges for wolfSSL's packaging status across all known
Linux distributions. [1] In Markdown documents, the HTML version with
a right-hand alignment uses up less space. It is added here.

The badge itself provides a hyperlink to more information [2]
including repositories in which wolfSSL is not yet represented.

[1] https://repology.org/project/wolfssl/badges
[2] https://repology.org/project/wolfssl/versions
 2021-01-29 10:40:32 -08:00
Daniel Pouzzner 0f6ae330da wolfcrypt: smallstack refactors of AES code for lkm compatibility with --enable-aesgcm=table. 2021-01-28 22:51:28 -06:00
Sean Parkinson 91299c5abd
Merge pull request #3701 from dgarske/pkcs7_devId 
Fixes for PKCS7 with crypto callback (devId) with RSA and RNG
 2021-01-29 10:56:41 +10:00
David Garske 4f6deb8ae9
Merge pull request #3594 from haydenroche5/zd10911 
Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption i…
 2021-01-28 16:55:04 -08:00
Hayden Roche fc845da9f0 Fix issue with DoHandShakeMsgType/ShrinkInputBuffer when encryption is on (e.g. 
during renegotiation).

This issue was brought to light by ZD 10911. When encryption is on (indicated
by the return value of IsEncryptionOn), DoHandShakeMsgType will finish up by
incrementing the input buffer index past the padding and MAC (if encrypt-then-
mac is enabled). In ProcessReply, if there are more messages to be read, the
index is decremented back before the padding and MAC. The issue arises when
ShrinkInputBuffer is called in between and copies data from the dynamic input
buffer to the static one. That function will get called with the index post-
increment, and thus the padding and MAC won't get copied into the static buffer,
which isn't what we want, since ProcessReply is going to decrement the index
since it thinks the padding and MAC are still there. This commit makes it so
the padding and MAC get included in the call to ShrinkInputBuffer when
encryption is on.
 2021-01-28 15:37:00 -06:00
David Garske 2bd63d27bf Fixes for PKCS7 with crypto callback (deviceId), where it was not being used for RSA and RNG. ZD 11163. 2021-01-28 09:52:13 -08:00
David Garske 311a0d25dd
Merge pull request #3696 from JacobBarthelmeh/Testing 
fix for tested x509 small build
 2021-01-28 06:59:26 -08:00
Jacob Barthelmeh bbcb98a8f7 fix for tested x509 small build 2021-01-27 23:00:24 +07:00
John Safranek a1e083b5b1
Merge pull request #3689 from douzzer/fips-option-check-source 
configure.ac: check compatibility of chosen FIPS option with source
 2021-01-26 12:29:52 -08:00
John Safranek d0e2566ad8
Merge pull request #3679 from julek-wolfssl/dtls-window 
Correct old DTLS msg rcv update
 2021-01-26 12:20:59 -08:00
Juliusz Sosinowicz 3d4f836c00 Correctly insert out of order msgs to queue 2021-01-26 15:12:08 +01:00
Daniel Pouzzner a89087ed2d configure.ac: check compatibility of chosen FIPS option with the source tree, for early prevention of accidental attempts to build FIPS with non-FIPS source, or non-FIPS with FIPS source. 2021-01-25 17:56:28 -06:00
toddouska 6e0e507dad
Merge pull request #3660 from dgarske/sess_ticket_aes_gcm 
Added support for AES GCM session ticket encryption
 2021-01-25 15:00:03 -08:00
toddouska f91dcb950c
Merge pull request #3670 from dgarske/keil 
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
 2021-01-25 14:57:05 -08:00
toddouska 27ef5b9a3d
Merge pull request #3675 from SparkiDev/tls_no_ticket 
TLS Session Ticket: Option to disable for TLS 1.2 and below
 2021-01-25 14:54:10 -08:00
toddouska f35f57c378
Merge pull request #3683 from SparkiDev/sp_int_mont_red_1 
SP math all: fix 1 word Montgomery Reduce
 2021-01-25 14:47:35 -08:00
toddouska d201820e3a
Merge pull request #3687 from guidovranken/x963-export-reject-invalid-keys 
Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export …
 2021-01-25 14:46:59 -08:00
toddouska cf9e4f0caf
Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2 
Fixes for openssh
 2021-01-25 14:45:56 -08:00
David Garske 05e1ee1694 Cleanup to use fixed sizes from defines for `DECLARE_VAR`. Resolves issue with Visual Studio and using a variable (even const) to declare an array size. 2021-01-25 09:14:12 -08:00
Guido Vranken 29f7eebef7 Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export functions 
Additionally, harmonize the failure conditions of wc_ecc_export_x963 and
wc_ecc_export_x963_compressed.
 2021-01-25 16:22:21 +01:00
Sean Parkinson 4f0ed55232 SP math all: fix 1 word Montgomery Reduce 
May have 3 words in partial result before shifting down.
 2021-01-25 10:19:27 +10:00
David Garske fb9836ed28
Merge pull request #3678 from guidovranken/zd11556 
Fix wc_ecc_sign_hash memory leak. ZD 11556.
 2021-01-22 18:06:56 -08:00
David Garske 13468d34e3 Apply same VS fixes to api.c as well. 2021-01-22 10:50:18 -08:00
David Garske 46aee19de3 Fix for Visual Studio issue with non-cost in array declaration. 2021-01-22 10:44:38 -08:00
toddouska 920c443864
Merge pull request #3250 from JacobBarthelmeh/Benchmark 
add brainpool benchmark
 2021-01-22 10:08:21 -08:00
David Garske cd4dae8f09
Merge pull request #3674 from ejohnstown/alerts 
Alerts
 2021-01-22 09:16:56 -08:00
Juliusz Sosinowicz b918fb9efe Correct old DTLS msg rcv update 2021-01-22 14:33:33 +01:00
Jacob Barthelmeh 6fa1556daf guard -ecc-all with HAVE_SELFTEST macro 2021-01-22 16:13:31 +07:00
Guido Vranken 905f0b1f5a Fix wc_ecc_sign_hash memory leak. ZD 11556. 2021-01-22 09:55:30 +01:00
Sean Parkinson a84f1c813a TLS Session Ticket: Option to disable for TLS 1.2 and below 
Customer may want session ticket supported with TLS 1.3 but not TLS 1.2
and below.
 2021-01-22 13:19:29 +10:00
David Garske 9012317f5b Fix copy/paste typo. 2021-01-21 17:41:11 -08:00