cdaa4d8aa0
Add proper gating on !NO_WOLFSSL_SERVER
...
Found with the following configuration:
--enable-dtls --enable-dtls13 --enable-dtls-mtu CFLAGS="-DNO_WOLFSSL_SERVER"
2022-12-08 14:20:17 -05:00
9cb19e36fe
Merge pull request #5867 from anhu/dont_make_broken_key
...
For compatibility `EC_KEY_new_by_curve_name` check that we found curve
2022-12-08 11:09:56 -08:00
937d247c7d
Don't create a key if we don't support the curve.
...
Found with the following configuration:
./configure --enable-tls13 --disable-oldtls --enable-static --enable-singlethreaded --enable-dtls --enable-dtls13 --enable-dtls-mtu --enable-sp=yes,4096 --disable-shared --disable-sha3 --disable-dh --enable-curve25519 --enable-secure-renegotiation --enable-debug --enable-opensslextra 'CFLAGS=-DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -DFP_MAX_BITS=8192 -fomit-frame-pointer'
2022-12-08 12:13:12 -05:00
eb69ccb22c
Merge pull request #5856 from icing/errq-improvements
...
Improvements in OpenSSL Compat ERR Queue handling.
2022-12-08 09:28:05 -07:00
02094ebb2e
Updates after review by JacobBarthelmeh.
...
- fix err/ret rename leftover for python builds
- add documenetation to thread-local functions
- move generic queue functions up
2022-12-08 09:53:05 +01:00
bdadbefb4c
Merge pull request #5862 from JacobBarthelmeh/Compatibility-Layer
...
map SSL_CTX_get_session_cache_mode compat API
2022-12-07 14:50:31 -08:00
1f607ee560
Merge pull request #5860 from tmael/entropy_memuse
...
Increase RNG_SECURITY_STRENGTH for FIPS
2022-12-08 08:26:07 +10:00
099135b2f9
Merge pull request #5861 from kosmas-valianos/FixTypo
...
Fix wrong function name in wolfSSL_X509_get_name_oneline()
2022-12-07 13:03:54 -08:00
94212e68e5
map SSL_CTX_get_session_cache_mode compat API
2022-12-07 11:35:48 -07:00
45f9ef5dd9
Improvements in OpenSSL Compat ERR Queue handling.
...
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
be used as before to explicitly en-/disable the feature.
Implementation:
- with thread-local-storage, error queue is realized in one struct without
allocations. Queue size is restricted to 16 entries (per thread), which
is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
functions to allow locked queue iterations/manipulations.
2022-12-07 18:14:45 +01:00
11f9bd85ee
Fix wrong function name in wolfSSL_X509_get_name_oneline()
2022-12-07 16:00:05 +01:00
1e0886180b
Adjust ENTROPY_SCALE_FACTOR for FIPS
2022-12-06 23:01:13 -08:00
f6cb13b11b
Merge pull request #5851 from SparkiDev/sp_enable_asm_fix
...
SP: --enable-sp-asm now enables SP if not set
2022-12-06 17:37:15 -08:00
1de30c6b67
SP: --enable-sp-asm now enables SP if not set
...
Enabling SP with ASM didn't enable SP or error out when SP wasn't
configured. Now enables SP when '' and errors when 'no'.
SAKKE modinv used large amounts of stack. Change to have more temporary
memory allocated increased to cover the usage.
ECC, SAKKE: sp_<bits>_ecc_mulmod_<cpu><words>() used large amounts of
stack. Allocate when WOLFSSL_SMALL_STACK.
wc_DhCheckKeyPair() not available when HAVE_SELFTEST.
Wasn't compiled in before as WOLFSSL_HAVE_SP_DH wasn't defined.
2022-12-07 09:01:53 +10:00
e5d03cf5ad
Merge pull request #5848 from philljj/fix_mingw64_build
...
Fix mingw-w64 build issues on windows.
2022-12-07 08:57:07 +10:00
5c020c6ad4
Increase RNG_SECURITY_STRENGTH for FIPS
2022-12-06 14:16:29 -08:00
ec11c22fb7
Merge pull request #5859 from anhu/ws
...
whitespace
2022-12-06 14:08:10 -08:00
246ce8dbe1
Cleanup spaces.
2022-12-06 15:24:34 -06:00
754440e0f2
whitespace
2022-12-06 15:12:44 -05:00
6bde6af973
Merge pull request #5858 from anhu/dtls13_fixups
...
Fixups for problems discovered while testing for DTLS 1.3
2022-12-06 10:44:26 -08:00
9e181e8ecb
Merge pull request #5857 from gojimmypi/GitIgnore
...
gitignore old cmake, VisualGDB working & Espressif sdkconfig files
2022-12-06 10:44:05 -08:00
824c280d12
Merge pull request #5807 from lealem47/sniffer_error
...
Improvement for sniffer error messages
2022-12-06 09:40:07 -08:00
44a1ffa56e
Merge pull request #5855 from ejohnstown/rdrand-ok
...
DRBG OK
2022-12-06 08:53:07 -08:00
a5f9e5c3c8
Merge pull request #5820 from SparkiDev/entropy_memuse
...
MemUse Entropy: enabled with HAVE_ENTROPY_MEMUSE
2022-12-06 08:52:45 -08:00
7935a11b3e
Fixups for problems discovered while testing for DTLS 1.3
2022-12-06 11:30:23 -05:00
ef63a5287a
Ignore old cmake, VisualGDB working & Espressif sdkconfig files
2022-12-06 08:10:14 -08:00
a6c98a11d9
Merge pull request #5845 from anhu/re-sign
...
Don't regenerate in wolfSSL_PEM_write_bio_X509().
2022-12-06 06:35:13 -08:00
1f6a9d442b
MemUse Entropy: enabled with HAVE_ENTROPY_MEMUSE
...
--enable-entropy-memuse enables the software base entropy gatherer.
The entropy source uses difference in timing to read/write cache lines.
Random indeces into a buffer are updated with the high resolution timer
value which is fed into a hash to produce further random indeces.
The current time is added to the entropy samples at time of
conditioning.
2022-12-06 14:01:16 +10:00
47b8caa0b7
Merge pull request #5849 from SparkiDev/sp_int_sp_ecc_fix
...
SP int: fix when ECC specific size code included
2022-12-05 17:15:04 -08:00
3891cd65d8
DRBG OK
...
When initializing the RNG and are using RDRAND, or one of the other
replacement random number generators that could fall back to the
Hash_DRBG if unavailable, set the status to DRBG_OK. This would fix a
problem if someone assumes the DRBG status is meaningful.
2022-12-05 16:09:45 -08:00
6db2ea0672
SP int: fix when ECC specific size code included
...
Was enabled when !SP and HAVE_ECC
Now enabled when !WOLFSSL_SP_MATH and HAVE_ECC
2022-12-06 09:44:05 +10:00
f38c7303eb
Merge pull request #5853 from douzzer/20221205-sp-int-bugprone-macro-parentheses
...
20221205-sp-int-bugprone-macro-parentheses
2022-12-06 09:18:40 +10:00
595f8a30d6
wolfcrypt/src/sp_int.c: fix bugprone-macro-parentheses in ALLOC_SP_INT() and ALLOC_SP_INT_ARRAY() introduced in aeca8cb17a.
2022-12-05 15:21:17 -06:00
9d9549fbd3
Merge pull request #5836 from anhu/kyber_cleanup
...
Remove kyber-90s and route all kyber through wolfcrypt.
2022-12-05 13:18:44 -08:00
312b488582
Remove double free
2022-12-05 15:39:14 -05:00
d3441545ef
Merge pull request #5852 from SparkiDev/sp_c_perf_2
...
SP C, SP int: improve performance
2022-12-05 11:51:28 -08:00
5dee15d074
Merge pull request #5850 from SparkiDev/sp_exptmod_nct_err_fix
...
SP int: fix check of err in _sp_exptmod_nct
2022-12-05 11:24:12 -08:00
304f287a7e
Merge pull request #5828 from SparkiDev/sp_int_static_size
...
SP int: check size required when using sp_int on stack
2022-12-05 11:23:25 -08:00
65a5ea7cae
Make sure certs are identical in tests.
2022-12-05 13:57:53 -05:00
22141faf16
SP C, SP int: improve performance
...
In SP C: Improve performance of large digit mul and sqr.
In SP int: include optimized 16 digit mul and sqr when compiling SAKKE.
2022-12-05 14:17:09 +10:00
4601a57ff2
SP int: fix check of err in _sp_exptmod_nct
2022-12-05 09:36:28 +10:00
87113cc88d
Fix mingw-w64 build issues on windows.
2022-12-03 17:00:44 -06:00
b99f5e5041
Merge pull request #5847 from douzzer/20221203-sp-int-missing-const
...
20221203-sp-int-missing-const
2022-12-03 12:39:33 -08:00
cd1a61288b
wolfcrypt/src/sp_int.c: in _sp_mont_red(), add missing const in SP_WORD_SIZE == 32 codepath.
2022-12-03 10:14:15 -06:00
ea2d79338c
Merge pull request #5846 from douzzer/20221202-dtls-crypt-only-gating
...
20221202-dtls-crypt-only-gating
2022-12-03 07:21:55 -08:00
57a5c9701d
Missed a free of der
2022-12-02 17:23:47 -05:00
42c37b6831
eliminate need for --enable-kyber
2022-12-02 17:16:41 -05:00
f58f3bd986
Don't regenerate in test_wolfSSL_PEM_write_bio_X509(). We don't have the private key.
2022-12-02 16:41:24 -05:00
c506812cf0
Improvement for some sniffer error messages
2022-12-02 13:27:29 -08:00
3ea8dd2f67
src/dtls.c: add WOLFCRYPT_ONLY gating.
2022-12-02 15:13:31 -06:00
Anthony Hu
David Garske
JacobBarthelmeh
Stefan Eissing
Sean Parkinson
Kosmas Valianos
Tesfa Mael
jordan
gojimmypi
John Safranek
Daniel Pouzzner
Lealem Amedie