WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
12,994 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

12994 Commits (42d4f35a982ee5b88f0739045d99819532345ee7)

Author SHA1 Message Date
David Garske e9f0cb234b
Merge pull request #3425 from haydenroche5/cmake 
CMake improvements
 2020-11-14 08:35:54 -08:00
Chris Conlon c436bc44e6 verify extracted public key in wc_PKCS7_InitWithCert 2020-11-13 17:23:40 -07:00
Ethan Looney 0541a59edd Added blake2s unit tests 2020-11-13 14:43:50 -07:00
Hayden Roche cd61fbd0fe Modify pre-commit.sh to only stash and stash pop if there are modified files not 
added to the index.

Before this change, if there was nothing to stash, the last thing you stashed
would get popped at the end of the script.
 2020-11-13 13:38:58 -06:00
Kareem Abuobeid da06ef8c3f Return long names instead of short names in wolfSSL_OBJ_obj2txt(). 2020-11-13 12:03:26 -07:00
David Garske d4e1340027
Merge pull request #3486 from douzzer/refactor-gccish-macros 
sha256.c/sha512.c: refactor 4 instances of gccism ({}) to WC_INLINE functions
 2020-11-13 09:26:00 -08:00
Hayden Roche 8f6c21d600 CMake improvements. 
- Begin adding options to enable/disable different features.
- Increase minimum CMake version to 3.2.
- Support installation of the built files.
- Add checks for necessary include files, functions etc.
- Generate options.h and config.h.
- Use GNUInstallDirs to support installation, which is designed to be somewhat
  cross-platform.
- Export wolfssl CMake target during installation, so others using CMake can
  link against wolfssl easily.
- Disallow in-source builds.
- Place the generation of BUILD_* flags (controlled with AM_CONDITIONALs
  in configure.ac) in a separate function in functions.cmake,
  generate_build_flags.
- Implement the logic to conditionally add source files from
  src/include.am in a function in functions.cmake, generate_lib_src_list.
- Exclude tls_bench from Windows. Doesn't compile with MSVC. WIP.
- Update INSTALL with latest CMake build instructions.
- Add a cmake/include.am to ensure CMake files get added to the distribution.
 2020-11-13 11:25:04 -06:00
David Garske 7f559b1d1a
Merge pull request #3487 from ejohnstown/sbf 
Scan-Build Fixes
 2020-11-13 09:24:17 -08:00
Hayden Roche 3d5c747ed5 Modify a couple tests to use WANT_WRITE simulation. 2020-11-13 10:35:56 -06:00
Hayden Roche 2fc594d319 Modify example server to be resilient to WANT_WRITE errors. 2020-11-13 10:33:10 -06:00
Hayden Roche e035eb8f8a Add an option to the example client to simulate WANT_WRITE errors. 
- Add this option as "-6."
- Turn on non-blocking mode if WANT_WRITE simulation is enabled.
- Create a send IO callback that gets registered when this option is turned on.
  This callback alternates between letting the TX through and returning a
  WANT_WRITE error.
 2020-11-13 10:30:24 -06:00
John Safranek 28be1d0cb3
Scan-Build Fixes 
1. Fix some potential uninitialized pointer errors in the functions sp_RsaPublic_2048, sp_RsaPublic_3072, and sp_RsaPublic_4096 for small stack builds.

To recreate:
    $ scan-build ./configure --enable-sp=small --enable-smallstack --enable-smallstackcache CPPFLAGS="-DECC_CACHE_CURVE -DHAVE_WOLF_BIGINT"
 2020-11-12 20:58:25 -08:00
John Safranek 1e348b991d
Scan-Build Fixes 
1. Fix a potential dereference of NULL pointer.

To recreate:
    $ scan-build ./configure --enable-sp --enable-sp-asm --enable-sp-math
 2020-11-12 20:58:17 -08:00
Jacob Barthelmeh 3773d33070 pin the C# verify callback 2020-11-13 11:57:20 +07:00
JacobBarthelmeh a8333b09a0 memory cleanup with test case 2020-11-12 20:24:47 -08:00
David Garske f02cc650a2 Fixes for handling TCP `out-of-range sequence number`. 2020-11-12 16:09:09 -08:00
David Garske c7053e9a36 Fix scenario where `FreeHandshakeResources` is called and server hello is recevied and WOLFSSL arrays is NULL. 2020-11-12 16:09:00 -08:00
Chris Conlon 53c6698678
Merge pull request #3445 from kojo1/EVP-gcm 
set tag for zero inl case
 2020-11-12 15:49:45 -07:00
Chris Conlon 735fb19ea9 break out on error parsing PKCS#7 SignedData inner OCTET_STRING 2020-11-12 15:44:25 -07:00
David Garske b931b1bd4d Fix to not allow free for globally cached sessions. Resolves a false-positive scan-build warning. 2020-11-12 12:51:41 -08:00
John Safranek 38867ae2bf
Scan-Build Fixes 
1. Added a check to see if the "d" in sp_div() ended up with a negative used length. Return error if so.

To recreate:
    $ scan-build ./configure --enable-sp --enable-sp-asm --enable-sp-math
 2020-11-12 10:24:11 -08:00
David Garske cdf44f6ff6 Pass static ephemeral keys for TLS v1.2 as well. 2020-11-12 09:18:24 -08:00
John Safranek e996a7d15b
Scan-Build Fixes 
1. Fixed a couple possible 0 byte allocations.
2. Fixed a couple missed frees due to error conditions.
3. Fixed a possible double free.

To recreate:
    $ scan-build ./configure --disable-shared --enable-opensslextra=x509small --disable-memory
    $ scan-build ./configure --disable-shared --enable-opensslextra --disable-memory
 2020-11-12 09:06:59 -08:00
David Garske a6f2081af1 Fixes for key loading errors in snifftest application. 2020-11-12 08:59:11 -08:00
David Garske a53b734c83 Fix for `client_hello` keyshare with multiple entries. Fix for `change_cipher_spec` after `finished`. 2020-11-12 08:59:11 -08:00
David Garske ea21ddf540 Fix to only free existing key in `SetStaticEphemeralKey` if the incoming algorithm type has been specified. 2020-11-12 08:59:11 -08:00
David Garske 5cda549d00 Allow passing multiple keys (comma separated) with the sniffer test tool. This allows setting both DH and ECC static ephemeral keys. Do not fail on resume not found. 2020-11-12 08:59:11 -08:00
David Garske 720919198f Fix for Scan-buld and when building without ECC or DH. 2020-11-12 08:59:11 -08:00
David Garske 71d9f1e9bd Static ephemeral refactor to support loading both DHE and ECDHE keys. Added ability to specify key using snifftest input at run-time. Improved snifftest key loading for named keys and static ephemeral. 2020-11-12 08:59:11 -08:00
David Garske 1c87f3bdc1 Improve sniffer resume logic. 2020-11-12 08:59:10 -08:00
David Garske d208779974 Added test case for TLS v1.3 with HRR (hello_retry_request) 2020-11-12 08:59:10 -08:00
David Garske b74f0fb6b8 Fixes for sniffer with `hello_retry_request`. Fix for TLS v1.3 certificate processing. 2020-11-12 08:59:10 -08:00
David Garske c7bb602a30
Merge pull request #3482 from douzzer/scan-build-fixes-20201110 
scan-build fixes -- 1 null deref, 34 unused results
 2020-11-12 07:45:45 -08:00
Daniel Pouzzner 1cbc2e8608 openssl.test: recognize TLS13-AES128-CCM-8-SHA256 and TLS13-AES128-CCM8-SHA256 as equivalent while iterating through $wolf_ciphers. 2020-11-11 23:23:28 -06:00
Daniel Pouzzner 7850d71ccb add wolfSSL_get_cipher_suite_from_name(); add flags arg to GetCipherSuiteFromName(); fix GetCipherSuiteFromName() to prevent spurious substring matching; add SUITE_ALIAS() macros for use defining CipherSuiteInfo, and add CipherSuiteInfo.flags slot and associated logic, to allow alternative cipher names to be recognized; add "CCM8" cipher name variants wherever applicable, including the unit.test conf files, to recognize and test the OpenSSL variants; add tests in client_test() and server_test() to confirm correct forward and backward mapping of cipher names/aliases. 2020-11-11 22:47:47 -06:00
Daniel Pouzzner 68ebca8573 wolfcrypt/test/test.c: fix typos in aesgcm_test() malloc checks. 2020-11-11 22:47:47 -06:00
toddouska d3e3b21c83
Merge pull request #3393 from dgarske/zd11104 
Fix for TLS ECDH (static DH) with non-standard curves
 2020-11-11 14:22:37 -08:00
toddouska 197c85289b
Merge pull request #3468 from SparkiDev/sp_c_mul_d 
SP C32/64 mul_d: large div needs mul_d to propagate carry
 2020-11-11 14:06:25 -08:00
Daniel Pouzzner f96fbdb7d1 sha256.c/sha512.c: refactor 4 instances of gccism ({}) to WC_INLINE functions. 2020-11-11 13:44:26 -06:00
Daniel Pouzzner 5fe1586688 fix 34 deadcode.DeadStores detected by llvm11 scan-build. 2020-11-11 13:04:14 -06:00
JacobBarthelmeh fe2dcf76fe
Merge pull request #3413 from cconlon/zd11011 
PKCS#7: check PKCS7 SignedData private key is valid before using it
 2020-11-11 22:55:03 +07:00
Jacob Barthelmeh 4705ebde88 add guard on test case for cert gen 2020-11-11 21:53:52 +07:00
Juliusz Sosinowicz d49038ae24 Fix overlapping sequence number error. 
wolfSSL wants to use the same sequence number for the ServerHello as the ClientHello. This is an issue when this sequence number is already taken.
 2020-11-11 15:35:05 +01:00
Jacob Barthelmeh 979216d595 add test case for rejecting version 2 x509 2020-11-11 18:57:09 +07:00
Sean Parkinson 5f0d788bfb TLS PickHashSigAlgo: rework 
Make default to pick lowest hash with RSA and ECC (TLS 1.2 and lower).
WOLFSSL_STRONGEST_HASH_SIG picks the strongest hash.
WOLFSSL_ECDSA_MATCH_HASH will pick the hash to match the ECC curve.
 2020-11-11 10:06:09 +10:00
Sean Parkinson f5561b926c rshb: handle cases of shift amount being multiple of DIGIT_BIT 
tfm.c and integer.c fixed
 2020-11-11 10:04:14 +10:00
Takashi Kojo d7ea8b953b fold long lines 2020-11-11 08:43:16 +09:00
Takashi Kojo eab3bf9ab4 Add a test case for zero len plain text 2020-11-11 08:43:16 +09:00
Takashi Kojo 417ff1b0f2 set tag for zero len case 2020-11-11 08:43:16 +09:00
David Garske 68209f91fb
Merge pull request #3465 from kaleb-himes/DOX_UPDATE_wc_RsaPublicEncrypt 
Address report on issue #3161
 2020-11-10 14:52:20 -08:00