WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
13,503 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

13503 Commits (7a71ec4692f4c29e436f57e64496395ac1b159dc)

Author SHA1 Message Date
Eric Blankenhorn 47b9c5b054 Adding X509_STORE_CTX API 2021-02-08 08:25:14 -06:00
Eric Blankenhorn de47b9d88a Adding X509_VERIFY_PARAM API 2021-02-08 08:25:14 -06:00
Jacob Barthelmeh 812b44d58e guard check on prime with macro WOLFSSL_VALIDATE_ECC_IMPORT 2021-02-08 20:25:01 +07:00
Sean Parkinson 36d124ed2f
Merge pull request #3730 from guidovranken/zd11650 
SP math: Better error propagation
 2021-02-08 14:17:43 +10:00
Sean Parkinson c3cc36c55f SP int SP_WORD_SIZE=32: cast down explicitly 2021-02-08 13:20:12 +10:00
Sean Parkinson 7986b37aa5 SP int: fixes for 8-bit digits 
Fix mask type in mp_cond_copy to be at least 16 bits to handle 'used'
being larger than 8-bit but mp_digit being 8-bit.
When large numbers are used with 8-bit words, mul/sqr partial sums will
overflow a word. Fix implementations to handle this.
 2021-02-08 12:24:28 +10:00
Hideki Miyazaki f13186827a
issue callback when exceeding depth limit rather than error out 2021-02-08 11:01:45 +09:00
Sean Parkinson aefddaf2b8 SP int: mont_red - check size of a relative to m 2021-02-08 10:07:15 +10:00
Jacob Barthelmeh cced2038b8 conditional compile and check on idx 2021-02-08 06:10:04 +07:00
Guido Vranken 358dbd5090 _sp_exptmod_base_2: Break out of loops on error 2021-02-08 00:09:29 +01:00
Sean Parkinson 2933db8915
Merge pull request #3729 from guidovranken/zd11649 
SHA 256,512: Only write hash if no error has occurred
 2021-02-08 08:47:51 +10:00
Sean Parkinson ea4b3110e8
Merge pull request #3728 from dgarske/zd11624 
Fix for PKCS11 not properly exporting the public key due to a missing key type field
 2021-02-08 08:32:04 +10:00
Guido Vranken bc707d67c3 SP math: Better error propagation 
ZD 11650
 2021-02-06 09:09:41 +01:00
Guido Vranken 3fd2647383 SHA 256,512: Only write hash if no error has occurred 
ZD 11649
 2021-02-06 08:15:30 +01:00
Jacob Barthelmeh 644636e0f8 only check prime value with custom curves 2021-02-06 05:46:19 +07:00
Elms e26f1529c0 build: revert change so `make` generates `testsuite.test` 
A change to `include.am` caused `make check` to generate, but `make`
without arguments to not generate it.`
 2021-02-05 14:39:07 -08:00
Elms c17597a4fb build: arbitrary path for `make check` 
To support builds in other directories, unit.test and wolfcrypt test
must be aware of the source and build directory.
 2021-02-05 12:10:32 -08:00
David Garske 70b382e6cf Fix for PKCS11 not properly exporting the public key due to a missing key type field. This broke due to changes in PR #3687. Also resolved mismatch of enum types for the key type check. 2021-02-05 11:49:31 -08:00
Jacob Barthelmeh c2be5dbe2b check prime is prime with ecc compressed keys 2021-02-06 01:54:25 +07:00
Elms 93ea355217 build: fix `make distcheck` 
Need to check if `unit.test` was run from make process and set
different path to run unit test executable.

Writing files in the dist is not allowed during distcheck so write
files to subdirectory used build during distmake
 2021-02-05 07:25:07 -08:00
Eric Blankenhorn e4d79bf49e Move var declaration to top 2021-02-05 08:41:42 -06:00
Sean Parkinson c4afce76f7 test.c: don't check key NULL when not small stack 2021-02-05 14:57:00 +10:00
kaleb-himes 4ade6eb802 XSTRNCASECMP for OE11 ACVP (CMSIS RTOS) 2021-02-03 16:03:20 -07:00
kaleb-himes 776964f7c7 OE10 and OE13 ACVP updates for armv8 PAA 2021-02-03 15:38:08 -07:00
Hideki Miyazaki 431e1c8ffe
handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
David Garske 714aa97490
Merge pull request #3710 from cconlon/0202 
fix and update README.md markdown
 2021-02-02 16:15:53 -08:00
David Garske 72a8a1069a Fix to only set missing RNG if needed. Resolves unit test, which already sets the RNG on the private key and the incoming context is not provided (use local). 2021-02-02 14:16:21 -08:00
David Garske 04e7fa3657 Fix for `--enable-eccencrypt` with timing resistance enabled. The ECC shared secret was missing the RNG. Fixes https://github.com/wolfSSL/wolfssl-examples/issues/243 2021-02-02 13:55:42 -08:00
Chris Conlon 7eb71b1bb1
Merge pull request #3344 from guidovranken/PKCS7_EncodeSigned-leak-fix 
Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned
 2021-02-02 13:53:20 -07:00
Guido Vranken f833d96ba3 Check the right size before freeing flatSignedAttribs in PKCS7_EncodeSigned 2021-02-02 10:15:00 -08:00
Chris Conlon 30c1c4a4f8 fix and update README.md markdown 2021-02-02 10:38:09 -07:00
Juliusz Sosinowicz 542e0d79ec Jenkins Fixes 
- explicit conversions
- not all curves available for wolfSSL_CTX_set1_groups_list
- group funcs depend on HAVE_ECC
- `InitSuites` after `ssl->suites` has been set
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 8a669615f8 Generate correct GCM tag 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 921fd34876 Detect version even if not compiled in 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 69dca4fd08 Rebase fixes 
- wolfSSL_CTX_set1_groups_list and wolfSSL_set1_groups_list should use wolfSSL_CTX_set1_groups and wolfSSL_set1_groups respectively because it converts to correct groups representation
- Change to using "SHA1" as main name for SHA1
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 46821196ab Fix call to wolfSSL_connect when in wolfSSL_connect_TLSv13 
If a client is:
- TLS 1.3 capable
- calls connect with wolfSSL_connect_TLSv13
- on an WOLFSSL object that allows downgrading
then the call to wolfSSL_connect should happen before changing state to HELLO_AGAIN. Otherwise wolfSSL_connect will assume that messages up to ServerHelloDone have been read (when in reality only ServerHello had been read).

Enable keying material for OpenVPN
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz ff43d39015 GCC complains about empty if 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz f5cf24dbdc SHA1 should not be called SHA. Leave alias for compatibility. 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 5d5d2e1f02 Check that curves in set_groups functions are valid 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz c18701ebe7 Implement RFC 5705: Keying Material Exporters for TLS 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz fdde2337a4 Add static buffer to wolfSSL_ERR_error_string 
Add ED448 and ED25519 to wolfssl_object_info
Add more error messages
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 6ed45a23d9 Fix getting cipher suites in compat layer 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 294e46e21a Set options when creating SSL 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 3494218d98 Implement missing functionality for OpenVPN 2.5 2021-02-02 12:06:11 +01:00
David Garske 5577a2215f
Merge pull request #3708 from JacobBarthelmeh/Testing 2021-02-01 10:11:16 -08:00
David Garske ab5f9831ab
Merge pull request #3707 from douzzer/test-openssl-small-stack 
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
 2021-02-01 09:30:04 -08:00
Jacob Barthelmeh a7066a9be2 add stdint to test.c if using non blocking ecc test 2021-02-01 23:07:03 +07:00
Jacob Barthelmeh fd01f79f86 add guard for rsa public only 2021-01-31 23:43:53 +07:00
Daniel Pouzzner d14f4f8451 wolfcrypt/test/test.c: smallstack refactor of openssl test routines. 2021-01-30 00:01:15 -06:00
David Garske f5f19fda42
Merge pull request #3704 from douzzer/aesgcm-table-small-stack 
--enable-aesgcm=table --enable-smallstack
 2021-01-29 19:53:08 -08:00