WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
5,200 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

5200 Commits (2d612da9f400f68b555c40284881d31b0389cba0)

Author SHA1 Message Date
Jacob Barthelmeh 6a6e61f1d8 wolfCrypt cleanup in test.c moved and add wolfSSL init to testsuite with single threaded 2017-02-08 18:52:16 -07:00
Jacob Barthelmeh b6b3021def gcc-6 uninitialized warning with srp build 2017-02-08 16:49:58 -07:00
Jacob Barthelmeh b0728645c9 static analysis fixes for memory management and possible null derefrence 2017-02-08 16:29:54 -07:00
toddouska ef38ab8fc5 Merge pull request #701 from JacobBarthelmeh/mutex 
better compatibility with printing errors to a file
 2017-02-08 11:12:17 -08:00
Jacob Barthelmeh c02f35c128 change pem_password_cb typedef for compatibility 2017-02-08 11:48:50 -07:00
John Safranek 868e704b82 Merge pull request #732 from kaleb-himes/openrtos-3.9.2-checkout 
fips checkout for OpenRTOS v9.0.0 w/ wolfCrypt v3.9.2 on Atmels ATSAM…
 2017-02-07 21:19:43 -08:00
dgarske c074ab273f Merge pull request #740 from toddouska/ocsp 
Fix OCSP signature leading zero, certdecode free on parse failure. Add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted. Add user clock skew defines for date skew before checks (WOLFSSL_AFTER_DATE_CLOCK_SKEW=# and WOLFSSL_BEFORE_DATE_CLOCK_SKEW=#).
 2017-02-07 18:46:31 -08:00
Jacob Barthelmeh 993a604124 remove extern variables and use error queue instead 2017-02-07 17:16:22 -07:00
toddouska 6fc81652b7 Merge pull request #738 from JacobBarthelmeh/Testing 
align compatibility layer sha256 and sha224 structs
 2017-02-07 13:59:34 -08:00
David Garske 8f1c2965af Fix build warning in asn.c with “potentially uninitialized local variable 'length' used”. 2017-02-07 13:34:27 -08:00
toddouska 468df109b6 add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted 2017-02-07 13:31:59 -08:00
David Garske 19204ab1ac Fix comment. 2017-02-07 11:07:48 -08:00
David Garske a2984553d7 Fixes for build with user-crypto RSA (--enable-fast-rsa). 2017-02-07 11:03:17 -08:00
David Garske 3a1921e107 Fixes to ASN GetLength changes. Additional GetLength checks in PKCS7 and PKCS12. 2017-02-07 10:59:34 -08:00
David Garske 0286d157a7 First pass at cleanup of the GetLength function handling of 0 length value. Added some asn.c build option comments. 2017-02-06 20:05:04 -08:00
toddouska 7ddeb1afd9 add user clock skew defines for date skew before checks 2017-02-06 16:30:48 -08:00
toddouska f938a75780 fix OCSP signature leading zero, certdecode free on parse failure 2017-02-06 14:10:38 -08:00
Jacob Barthelmeh 53bebb4785 add error code for wolfCrypt_Cleanup 2017-02-06 14:51:55 -07:00
toddouska 1f7976a587 Merge pull request #739 from JacobBarthelmeh/Memory 
reduction of mp_jacobi stack usage
 2017-02-06 11:59:52 -08:00
Jacob Barthelmeh 0f91542cf4 add peek error node function to make use of debug mutex 2017-02-03 11:52:36 -07:00
Jacob Barthelmeh e8110e773e reduction of mp_jacobi stack usage 2017-02-02 17:13:26 -07:00
Jacob Barthelmeh b1522e0c59 pack Sha256 struct 2017-02-02 14:55:51 -07:00
Jacob Barthelmeh e722459df3 align compatibility layer sha256 and sha224 structs 2017-02-02 11:57:29 -07:00
Moisés Guimarães 895bf8dfbc Merge pull request #728 from embray/patch-1 
Fixes a serious bug in Random.byte
 2017-02-01 21:07:20 -03:00
dgarske 16698db48f Merge pull request #733 from kaleb-himes/tirtos-updates 
updates for TIRTOS build following release 3.10.0
 2017-02-01 14:47:12 -08:00
Kaleb Himes fde6700d89 fix typo 2017-01-31 15:10:49 -07:00
Kaleb Himes af355f7472 updates for TIRTOS build following release 3.10.0 2017-01-31 13:15:45 -08:00
kaleb-himes b2e4a50bf4 fips checkout for OpenRTOS v9.0.0 w/ wolfCrypt v3.9.2 on Atmels ATSAM4L CPU 2017-01-30 15:32:59 -07:00
Moisés Guimarães 29f52ec735 Merge pull request #730 from toddouska/ocsp 
Better CheckOcspRequest error detection on retry
 2017-01-30 12:59:58 -03:00
toddouska ea96fa95b3 add new OCSP response validated debug message and remove redundant ret set 2017-01-28 11:11:25 -08:00
Erik Bray a094a36fa8 Update random.py 
Realized that `ffi.string()` could truncate the output on null bytes.
 2017-01-28 15:55:42 +01:00
toddouska a10d464126 fix scan-build warning and simplify CheckOcspRequest validation 2017-01-27 17:07:31 -08:00
toddouska f44bbe9ba3 Better CheckOcspRequest error detection on retry 2017-01-27 15:42:00 -08:00
John Safranek 1108ea0303 Merge pull request #729 from JacobBarthelmeh/staticmemory 
account for unaligned memory when computing optimum size and update s…
 2017-01-27 15:00:18 -08:00
Jacob Barthelmeh 0b8730f0b6 check bounds of buffer and get file buffer size 2017-01-27 15:14:25 -07:00
Jacob Barthelmeh fc899029fb account for unaligned memory when computing optimum size and update static memory tests 2017-01-27 10:50:47 -07:00
Erik Bray e96a720f04 Fixes a serious bug in Random.byte 
Python's bytecode compiler has a peephole optimizer which, among other things, can recognize constant expressions and replace them with a constant.

In `Random.byte` the expression `t2b('\0')` is recognized as a constant and is replaced with a single constant compiled into the function's bytecode.

This means that every time you run `Random.byte`, rather than creating a new `str` object (or `bytes` in Python 3) it's reusing the same one each time, and `wc_RNG_GenerateByte` is writing right into that constant object's buffer; hence the following behavior:

```
In [55]: rng = Random()

In [56]: a = rng.byte()

In [57]: a
Out[57]: "'"

In [58]: rng.byte()
Out[58]: '\x11'

In [59]: a
Out[59]: '\x11'

In [60]: rng.byte()
Out[60]: '\x16'

In [61]: a
Out[61]: '\x16'

In [62]: rng.byte.__func__.__code__.co_consts
Out[62]:
('\n        Generate and return a random byte.\n        ',
 '\x16',
 0,
 'RNG generate byte error (%d)')

In [63]: rng.byte()
Out[63]: '\xad'

In [64]: rng.byte.__func__.__code__.co_consts
Out[64]:
('\n        Generate and return a random byte.\n        ',
 '\xad',
 0,
 'RNG generate byte error (%d)')
```

`Random.bytes` does not necessarily have this problem since its result buffer is not a constant expression, though I feel like it could also in principle be affected if the string were interned (though I couldn't produce such a result). Nevertheless, it doesn't seem like a good idea to be updating `str` objects' buffers directly.
 2017-01-26 20:48:15 +01:00
dgarske d22bc5d347 Merge pull request #727 from ejohnstown/minor-cleanups 
Minor Cleanups
 2017-01-26 08:50:28 -08:00
John Safranek d93f856081 Minor Cleanups 
1. Removed the execute bit from a few C source files.
2. Changed a couple letters in Moises's name in tfm.h to
   the non-extended/accented versions of "e" and "a".
 2017-01-25 14:17:17 -08:00
dgarske 1e02d00f61 Merge pull request #725 from toddouska/psk 
add PSK test support to openssl script interop
 2017-01-24 13:52:23 -08:00
JacobBarthelmeh d60d0b4e3f Merge pull request #726 from ejohnstown/static-memory-fix 
Allow Static Memory...
 2017-01-24 09:38:08 -07:00
John Safranek 13d0908b09 Allow static memory option when not using fast math or not using 
slow math for anything.
 2017-01-23 16:38:29 -08:00
toddouska a9a0cdfe71 add PSK test support to openssl script interop 2017-01-23 16:10:01 -08:00
toddouska 52bc606ef9 Merge pull request #723 from dgarske/fix_ecc_noshamir_wstaticmem 
Fix issue with wc_ecc_verify_hash_ex when not using SHAMIR and using static memory
 2017-01-23 14:00:43 -08:00
toddouska a1b79abedb Merge pull request #717 from wolfSSL/auto_ecc_sup_curves 
Added code to automatically populate supported ECC curve information
 2017-01-23 13:57:56 -08:00
David Garske b7c3a340c1 Fix issue with wc_ecc_verify_hash_ex when not using SHAMIR and using static memory. Fixes issue #722. 2017-01-23 09:12:03 -08:00
dgarske 008a69f185 Merge pull request #721 from ejohnstown/cleanups-for-multicast 
Small Fixes for Multicast
 2017-01-22 13:19:10 -08:00
Chris Conlon 8e0affb4a3 Merge pull request #692 from moisesguimaraes/fixes-ocsp-stapling-parser 
Fixes certificate status parsing, adds behavior for unknown status type
 2017-01-20 16:41:28 -07:00
John Safranek ac0181d527 In benchmark, change the calls to InitRNG to the explicit 
heap versions like all the other crypt calls so it works
with static memory. Plays nice with FIPS mode if available.
 2017-01-20 15:36:08 -08:00
Chris Conlon 4d83ef1c23 Merge pull request #712 from moisesguimaraes/fixes-ocsp-lookup 
fixes CA matching when using NO_SKID
 2017-01-20 16:15:12 -07:00