WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
15,671 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

15671 Commits (cea0c0a77433fbb4aadeb97b6e95212490885b51)

Author SHA1 Message Date
Daniel Pouzzner 31f13a7f41 wolfcrypt/test/test.c: when HAVE_FIPS, wrap wc_MakeRsaKey() calls in infinite iteration while ret == PRIME_GEN_E, to inhibit nondeterministic failure mode from FIPS-limited _CheckProbablePrime() iteration. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 490a1238a8 configure.ac: refactor AC_CHECK_FILES brought in by rebase, to fix warning. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner b577984574 rsa.c: fix whitespace. 2021-10-26 20:24:28 -05:00
David Garske 3fcdcbc1f9 Fix for RSA `_ifc_pairwise_consistency_test` to make the async blocking. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner e61d88657d WOLFSSL_ASYNC_CRYPT: in EccSharedSecret(), don't try to wolfSSL_AsyncInit() if there's no priv_key to supply an asyncDev; in RSA _ifc_pairwise_consistency_test(), disable async to force blocking crypto. 2021-10-26 20:24:28 -05:00
David Garske 303aa312a8 Fix the TLS v1.3 async key share support. Added `WOLFSSL_NO_PUBLIC_FFDHE` option to test without public FFDHE API's. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 75e4c0869e DH: move declaration of wc_DhPublicKeyDecode() from dh.h to asn.h (it is defined in asn.c). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 10304c9143 linuxkm: portability fix in aes.c for SAVE_VECTOR_REGISTERS() call ("embedding a directive within macro arguments is not portable"). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner c0778e5ad9 gate access to wc_Sha512.devId on !NO_SHA2_CRYPTO_CB. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 5d796ba06c settings.h: add WOLFSSL_MAKE_FIPS_VERSION(), WOLFSSL_FIPS_VERSION_CODE, and FIPS_VERSION_{LT,LE,EQ,GE,GT} macros; define NO_SHA2_CRYPTO_CB macro if HAVE_FIPS && FIPS_VERSION_LT(5,1); refactor other FIPS version dependencies in settings.h to use new macros. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 0f05a71bfb linuxkm: refactor SAVE_VECTOR_REGISTERS() macro to take a fail clause as an argument, to allow the preprocessor to completely eliminate it in non-kernel builds, and for backward compat with WCv5.0-RC8. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 6160da243d linuxkm: use EXPORT_SYMBOL_NS_GPL() for exports. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner c2c2e5b4f5 tests/api.c: post_auth_version_cb(): add missing gating on !NO_ERROR_QUEUE for wolfSSL_ERR_get_error() test. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner e4d075de20 src/internal.c: FreeX509(): remove redundant free of x509->CRLInfo. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 61df408d70 configure.ac: fix handling of ENABLED_FIPS->REPRODUCIBLE_BUILD_DEFAULT=yes; take JNI back out of from enable-all feature set because it adds -DNO_ERROR_QUEUE to flags; fix typo in FIPS test for --with-max-rsa-bits setup. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 32349749a6 internal.c: SendServerKeyExchange(): check retval from wc_DhGetNamedKeyParamSize(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 361559ca30 settings.h: set HAVE_PUBLIC_FFDHE as in configure.ac (FIPS v2 and SELFTEST) if it isn't already set. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 342e319870 dsa.c: fix up comment spelling/typography in wc_MakeDsaKey(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner a5c03f65e3 tests/api.c: fix test_CryptoCb_Func() to not attempt signing op on ephemeral ECC keys. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 1f6eb4648e configure.ac: remove WOLFSSL_VALIDATE_ECC_IMPORT and WOLFSSL_VALIDATE_ECC_KEYGEN from enable-all and enable-all-crypto feature sets. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 7a4ec22953 pkcs7.c: further smallstack refactor of PKCS7_EncodeSigned(). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner fb49d814c5 configure.ac and autogen.sh: fix warnings in configure.ac, and enable WARNINGS=all,error in autogen.sh. also, remove --verbose to avoid obscuring warning output. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner f60cb94b82 wolfcrypt/src/include.am and src/include.am: don't disrupt modtimes of fips/async source files if they already exist. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner ab4c96292b autogen.sh: disable WARNINGS=all until autotools config is fixed. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner e894340a64 tls13.c: mac2hash(): accommodate scenario where all hashes are gated out of the build (peer review). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 972c6c032e ssl.c: clean up MD5->SHA refactor of wolfSSL_LH_strhash() (peer review). 2021-10-26 20:24:28 -05:00
Daniel Pouzzner e9332c1ce4 autogen.sh: refactor to not disrupt modtimes of fips/async source files if they already exist. also, assert success on any file ops, and properly export WARNINGS to autoreconf. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner 255d2d650f rsa.c: add missing WOLFSSL_ASYNC_CRYPT clauses to _ifc_pairwise_consistency_test(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 87b965c964 include.am: in FIPS clauses, include wolfcrypt/src/aes_gcm_asm.S in src_libwolfssl_la_SOURCES when BUILD_AESNI, regardless of BUILD_INTELASM, as in the corresponding non-FIPS clause. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 0f407b4bfc test.c: fix indirection flubs in _ASYNC_CRYPT parts of ecc_test_sign_vectors(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner f264741aa0 benchmark.c: fix -Wstringop-truncation in _ASYNC_CRYPT bench_stats_add(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 0231446006 configure.ac: don't warn about loading real async files if async.c is present and non-empty. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 3745b1c9db linuxkm: fix clean rules/definitions to not pick up top level Makefile, and to clean up empty object directories. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 8e131620ae .gitignore: add linuxkm/libwolfssl.lds 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 14f39f07a2 fips-check.sh: add linuxv5-ready (--enable-fips=v5-ready). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner f9627e4b14 configure.ac: for --enable-fips, make v5 an alias for v5-RC8 (alias to be updated after newer lab-approved snapshots are tagged), and add v5-ready and a placeholder v5-REL. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 5ef97acbab types.h: add back missing WC_HASH_TYPE_MAX to enum wc_HashType when HAVE_FIPS_VERSION <= 2 (now WC_HASH_TYPE_BLAKE2S, since SHAKE is now excluded from the enum). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 40c32081bb types.h: rename STRINGIFY() macro to WC_STRINGIFY(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner e3989edd39 wolfcrypt/benchmark/benchmark.c: fix typo. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 4a451caf7b src/sniffer.c: fix rebase errors. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 834efe4ff6 fips-check.sh: update to test 140-3 using --enable-fips=v5-RC8 and the WCv5.0-RC8 version tags. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner db26e0a40a Makefile.am: .build_params belongs in DISTCLEANFILES, not CLEANFILES. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 9f36df44a4 wolfssl/wolfcrypt/types.h: define WOLFSSL_NOSHA512_224, WOLFSSL_NOSHA512_256, and WOLFSSL_NO_SHAKE256 in SELFTEST/FIPS<=v2 version of enum wc_HashType definition, to assure synchrony. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 1c27654300 configure.ac and wolfssl/wolfcrypt/types.h: don't change wc_HashType for FIPS <= v2 (reverts commit 56843fbefd as it affected that definition); add -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256 to FIPS v2 and v3. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner aa6ca43e91 api.c: skip test_wolfSSL_EVP_PBE_scrypt() when FIPS 140-3 (test uses impermissibly short HMAC key). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 22f947edd6 configure.ac and wolfssl/wolfcrypt/asn_public.h: add --enable-fips=v5-RC8 for use with WCv5.0-RC8 codebase; add HAVE_FIPS_VERSION_MINOR, and refactor main $ENABLED_FIPS switch to set HAVE_FIPS_VERSION and if applicable HAVE_FIPS_VERSION_MINOR for use in subsequent tests and the main FIPS setup code; in asn_public.h, use HAVE_FIPS_VERSION_MINOR to exclude declaration of wc_RsaKeyToPublicDer() when building FIPS WCv5.0-RC8. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 8c3cbf84f9 add missing gating around WOLFSSL_NO_SHAKE256, WOLFSSL_NOSHA512_224, and WOLFSSL_NOSHA512_256. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 7b40cd6cef configure.ac: fips tweaks: add --enable-fips=disabled to allow non-fips build in a fips tree, for convenient testing; add ENABLED_SHAKE256=no override to fipsv5 setup; don't add an RSA_MAX_SIZE setting to AM_CFLAGS when FIPS, to avoid a conflict with old rsa.h. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 083b97c5a3 tls.c: fix rebase error in TLSX_KeyShare_FreeAll(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner 19b33d5a76 configure.ac: don't include rc2 in enable-all or enable-all-crypto (memory leaks). 2021-10-26 20:24:27 -05:00