On any failure, return `WOLFSSL_FAILURE`
If there was a failure and a successful processing of certs from the
same directory, the return value depended on the last cert processed
which not guarenteed to be the same order. If the last cert load
failed, it would return the specific wolfSSL error code. If it
succeeded, then WOLFSSL_FAILURE would be returned as a generic failure
due to a previous cert error.
When compiling for QEMU, the gethostbyname call doesn't have access to
the OS DNS.
Implemented a lookup of hostname that uses the system command host.
Fix for QEMU Aarch64 where 'char' is unsigned and the -1 return is being
converted to 255 in wolfSSL_OPENSSL_hexchar2int().
Test TLSv1.3 with www.google.com if wolfSSL supports it.
CMAC: cannot cast size_t* to word32* when big-endian.
SP math all: Random prime - munge bits before moving them around for
big-endian.
BIO, no filesystem: Allow BIO_prinf to be used with mem BIO.
fp_submod_ct and fp_addmod_ct need modulus (c) words plus one.
Check that the modulus length is valid for fixed data array size.
Improved fp_submod_ct to only use as many words as necessary.
Added comments to fp_submod_ct and fp_addmod_ct.
* Fix for sniffer to better handle spurious retransmission edge case. ZD 12852
* Fix for sniffer to not send alerts during application data processing.
* Fix for missing semi-colon on XFREE.
* Fix for `bench_stats_print` with stack variable name used in `bench_ecc`. Improve benchmark thread cleanup, CPU count calcuation and stat blocking logic.
* Fix for missing heap hint with RSA PSS and `WOLFSSL_PSS_LONG_SALT`. This fix will only allocate buffer if it exceeds the local buffer. Added `wc_RsaPSS_CheckPadding_ex2` to support heap hint if required. Fixed asn.c build issue with `NO_CERTS`. Fixed several spelling errors in asn.c. ZD12855.
* Improve the dynamic memory NULL checking in `wc_RsaPSS_CheckPadding_ex2` with `WOLFSSL_PSS_LONG_SALT` defined.
For example, if a user does
```
cmake -DCMAKE_C_FLAGS="-DWOLFSSL_AESGCM_STREAM -DFP_MAX_BITS=16384" ..
```
definitions for `WOLFSSL_AESGCM_STREAM` and `FP_MAX_BITS 16384` should wind up
in options.h (same as the autotools build).
- `HAVE_SECRET_CALLBACK` needs to have `wolfSSL_SSL_CTX_get_timeout` and `wolfSSL_SSL_get_timeout` available
- Call `wolfSSL_KeepArrays` for `HAVE_SECRET_CALLBACK`
- Increase the default `DTLS_MTU_ADDITIONAL_READ_BUFFER` and make it adjustable by the user
- Don't truncate application data returned to user in `wolfSSL_read_internal`
* copy missing files from wolfssl/wolfcrypt/benchmark
* instead of GitHub copy, update setup to perform the copy of ESP-IDF benchmark files; add --verbose option
* update setup to perform the copy of ESP-IDF benchmark files; add --verbose option
* copy benchmark.c / benchmark.h at setup time
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
Sean Parkinson
Eric Blankenhorn
elms
JacobBarthelmeh
David Garske
Hideki Miyazaki
Hayden Roche
Anthony Hu
TakayukiMatsuo
John Safranek
Kaleb Himes
Juliusz Sosinowicz
gojimmypi
Daniel Pouzzner