WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
12,961 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1193 Commits (75c062a2984f70d15f675086c29cd8037cc24d7d)

Author SHA1 Message Date
Jacob Barthelmeh b599dc2b9d update wolfSSL_i2d_RSAPrivateKey function 2019-03-28 14:15:57 -06:00
John Safranek 9ea2dbea95
Merge pull request #2172 from dgarske/atecc 
Fixes for ATECC support
 2019-03-28 10:36:54 -07:00
JacobBarthelmeh 8c6316eb9c
Merge pull request #2179 from kojo1/X509_STORE_CTX 
X509_STORE_CTX_free compatibility
 2019-03-27 17:17:26 -06:00
John Safranek f493ff859c
Merge pull request #2178 from JacobBarthelmeh/Testing 
add guard on test case for pkcs7 with no aes
 2019-03-25 09:42:54 -07:00
JacobBarthelmeh 6b325929e5
Merge pull request #2175 from kojo1/BN_init 
add BN_init
 2019-03-25 09:04:36 -06:00
Takashi Kojo 3e42c6edcd remove sk_X509_free for compatibility 2019-03-24 16:57:08 +09:00
Jacob Barthelmeh 3d747f7c87 add guard on test case for pkcs7 with no aes 2019-03-22 15:56:05 -06:00
David Garske f66aa60385 Fix for build warning with x/y always true when not building with ALT_ECC_SIZE. Fix for build error with undefined `wc_ecc_sign_hash_ex` when building ATECC and `WOLFSSL_PUBLIC_MP`. 2019-03-21 09:13:39 -07:00
Takashi Kojo 384b240ea2 minor fix in test_wolfSSL_BN(), api.c 2019-03-17 13:37:17 +09:00
Takashi Kojo 6a3eccd344 add BN_init, working with tfm, only. 2019-03-17 13:28:04 +09:00
John Safranek 1ac74b0061 Release Fixes 
1. Added some typecasting for g++ v8 permissive pointer use errors with void*.
 2019-03-15 16:26:11 -07:00
John Safranek 246c444b93 Updates for v4.0.0 
Update the copyright dates on all the source files to the current year.
 2019-03-15 10:37:36 -07:00
John Safranek 0ef4b7e933
Merge pull request #2164 from JacobBarthelmeh/PKCS7 
adjust location of where PKCS7 content is saved
 2019-03-15 09:40:17 -07:00
Jacob Barthelmeh 45b6a3b67d adjust location of where PKCS7 content is saved 2019-03-14 16:48:08 -06:00
David Garske 6ff2039b1f
Merge pull request #2163 from ejohnstown/config-fixes 
Configuration Fixes
 2019-03-14 15:21:41 -07:00
John Safranek 3e3f746f3b Configure Fixes 
When enable-all and disable-rsa is configured, some of the tests needed
for all don't work because they only use RSA keys or certificates.
Disabled those test cases in that build combination.
 2019-03-14 10:37:40 -07:00
Jacob Barthelmeh e08b36ea9c handle pkcs7 bundle with signed envelope and no certs list 2019-03-14 09:51:58 -06:00
John Safranek 27ea9d9bce Configure Fixes 
1. The combination enable-all and disable-rsa breaks some of the
testing. Added the NO_RSA guards as appropriate.
2. Disabled the OCSP stapling and CRL tests when RSA is disabled as they
use test certificates with RSA keys.
 2019-03-13 17:54:33 -07:00
toddouska 4c42630f2b
Merge pull request #2158 from JacobBarthelmeh/PKCS7 
PKCS7 BER decode enveloped content
 2019-03-13 11:33:52 -07:00
Jacob Barthelmeh 68c576e0d9 add macro guard around test case 2019-03-13 10:31:32 -06:00
Jacob Barthelmeh effca6c081 add test case for BER encoded PKCS7 content decoding 2019-03-13 08:53:15 -06:00
toddouska 70490a4db6
Merge pull request #1855 from ejohnstown/trust-ca 
Trusted CA Key Indication Extension
 2019-03-12 13:52:27 -07:00
John Safranek 8a4e8067f6 1. In the trusted CA extension code, add guards for NO_SHA around the cases that use SHA-1. 
2. Check the trusted CA id pointer for NULL before copying.
3. Updated the api test for the NO_SHA change.
4. Remove the TCA options member as redundant.
 2019-03-11 12:42:13 -07:00
John Safranek 2342ea15eb Remove the CTX versions of the UseTrustedCA functions. A session needs 
to be able to set a flag in the extension and that isn't allowed in the
CTX extensions.
 2019-03-11 12:36:58 -07:00
John Safranek b7663a940e Trusted CA Key Indication Extension 
Added an API for enabling the Trusted CA Key Indication extension from
RFC6066 section 6. If the server doesn't have a match for the client,
the client will abandon the session.
 2019-03-11 12:35:12 -07:00
Sean Parkinson a364874b48 Implement check for Ed25519 private matching public 
Add test SSL test that uses the Ed25519 private key only
 2019-03-05 08:19:33 +10:00
David Garske a3af2fc960 Fix for single threaded case with double free on suites. 2019-02-26 11:03:02 -08:00
toddouska efc1ab8c42
Merge pull request #2111 from SparkiDev/ed25519_fixes_1 
Various improvements for testing
 2019-02-25 13:55:28 -08:00
Sean Parkinson 8bb4e23f8d Various improvements for testing 
Fix wc_ecc_fp_free() to be called when using HAVE_STACK_SIZE.
Increase size of replyin client.c so all HTTP reply is displayed.
Fix api.c to support only Ed25519 (not RSA and ECC)
Fix suites.c to detect when CA for client won't work (Ed25519 only)
For Static Memory add debugging and small profile.
Also allow realloc to be called with NULL.
Add more Ed25519 certs and keys.
Fix names of Ed25519 filenames for client and server.
Do NOT turn on ECC_SHAMIR by default with lowresource.
Enable WOLFSSL_STATIC_MEMORY_SMALL if low resource and no RSA.
 2019-02-22 17:14:19 +10:00
David Garske 289f51a77d Fixes for various spelling errors. 2019-02-21 13:29:44 -08:00
Chris Conlon 08bcef7c0c adjust wolfSSL_PKCS7_verify API test 2019-02-12 14:48:49 -07:00
toddouska 4f4d16d9e5
Merge pull request #2068 from dgarske/pkcs7_verify_degenerate 
Fixes to handle degenerate PKCS 7 with BER encoding
 2019-02-07 15:00:21 -08:00
Jacob Barthelmeh ec28376e7f add PKCS7 BER verify test and fix for streaming 2019-02-06 11:05:15 -07:00
toddouska 8fc1780688
Merge pull request #2065 from SparkiDev/ossl_fix1 
Changes to make symbols available for OpenSSL compat
 2019-02-01 10:04:41 -08:00
David Garske 3a0afc3506 Fixes to handle degenerate PKCS 7 with BER encoding in `PKCS7_VerifySignedData`. Fix for PKCS7 API unit test with SHA512 disabled. ZD 4757. 2019-01-31 14:36:46 -08:00
Chris Conlon 0b2bbc33bd
Merge pull request #2059 from miyazakh/openssl_bksize_digest 
Added EVP_MD_CTX_block_size and exposed EVP_Digest()
 2019-01-28 15:17:26 -07:00
John Safranek 1288036dbe
Merge pull request #2047 from kojo1/freeCRL 
wolfSSL_CertManagerFreeCRL: exposing FreeCRL
 2019-01-25 16:08:31 -08:00
Hideki Miyazaki e4abcc0a15 fixed api unit test 2019-01-25 09:38:19 +09:00
Hideki Miyazaki 53adb93ae4 Added EVP_MD_CTX_block_size and publicized EVP_Digest() 2019-01-25 09:05:36 +09:00
Sean Parkinson 4ef6841465 Changes to make symbols available for OpenSSL compat 2019-01-24 08:38:05 +10:00
Takashi Kojo 5539b0eb38 wolfSSL_CertManagerFreeCRL: exporsing FreeCRL 2019-01-20 10:11:19 +09:00
Jacob Barthelmeh f0a3045d62 af_alg sha3 addition 
hardware acceleration with RSA

add AES-GCM hardware acceleration

refactor setting RSA IV flag

check and set AF_ALG flags

fix for default AF_ALG use

set buffer alignment with Xilinx RSA

macro guard after rebase

use ALIGN64

clean up test cases
 2019-01-18 16:25:24 -07:00
toddouska d02f7a75b9
Merge pull request #2019 from dgarske/arduino 
Improvements to Arduino sketch
 2019-01-18 08:54:42 -08:00
David Garske 809fed8f05 Fix to resolve unit test error with `WOLFSSL_CIPHER_INTERNALNAME` or `NO_ERROR_STRINGS` defined. 2019-01-13 11:06:04 -08:00
David Garske cfc66dab47 Fix compiler complaints when using Curve25519. 2019-01-11 21:16:13 -08:00
David Garske 45cd80b4b7 Fix define check of `NO_CERT` to be `NO_CERTS`. 2019-01-11 21:10:07 -08:00
David Garske bcc177b23d Fixes for build warnings. 2019-01-11 21:07:23 -08:00
Jacob Barthelmeh 164a762088 fix afalg/cryptodev + opensslextra build 2018-12-20 10:52:17 -07:00
Jacob Barthelmeh 92d59c7df4 fix for cryptonly + rsavfy build 2018-12-19 14:36:32 -07:00
Eric Blankenhorn 195b995bc4 Fixes from review 2018-12-11 12:19:45 -06:00
Eric Blankenhorn dc104985c3 Fixes from review 2018-12-11 11:41:39 -06:00
Eric Blankenhorn 59bfead3c8 Fixes from review 2018-12-11 11:30:13 -06:00
Eric Blankenhorn 1c0fa6fb58 Code coverage tests and fixes - default config 2018-12-11 08:56:21 -06:00
kaleb-himes 7048efb5fa Test adjustments for testing with nginx in FIPS mode 2018-12-06 13:02:58 -07:00
Chris Conlon 28dc1cbb67 fix unit test for PKCS#7 with AES disabled 2018-12-03 12:00:04 -07:00
Chris Conlon a5e3b18252 exclude wolfSSL_EC_POINT_point2hex() in CAVP selftest build 2018-11-27 09:12:55 -08:00
toddouska f11809aa62
Merge pull request #1923 from JacobBarthelmeh/Testing 
cast to resolve warning, check size of time_t, and check for null tes…
 2018-11-21 10:17:23 -08:00
Sean Parkinson 95bd340de5 Add support for more OpenSSL APIs 
Add support for PEM_read and PEM_write
Add OpenSSL PKCS#7 signed data support
Add OpenSSL PKCS#8 Private key APIs
Add X509_REQ OpenSSL APIs
 2018-11-20 07:54:24 +10:00
Jacob Barthelmeh ee30b2b476 better name for time_t size macro guard 2018-11-16 15:51:38 -07:00
Jacob Barthelmeh c307fd7af4 additional macro guards for disabling aescbc with opensslextra 2018-11-15 13:40:04 -07:00
Jacob Barthelmeh 0f4a06594e cast to resolve warning, check size of time_t, and check for null test case 2018-11-12 16:02:33 -07:00
toddouska f7f6506a54
Merge pull request #1898 from cconlon/cmsupdates 
wolfCrypt PKCS#7/CMS Expansion
 2018-11-07 08:36:02 -08:00
Jacob Barthelmeh 27db083733 make degenerate test structure dynamic to set the uninitialized dynamic flag 2018-11-06 18:35:13 -08:00
Chris Conlon 9bef9bad8e PKCS7/CMS build fixes when disabling individual AES sizes 2018-11-06 18:35:13 -08:00
Jacob Barthelmeh 62a2847d75 make internal stream buffer dynamic 
formating and build without stream api
 2018-11-06 18:35:12 -08:00
Jacob Barthelmeh 98efc1e9de testing with verify signed stream function 2018-11-06 18:35:12 -08:00
Jacob Barthelmeh 5525f59852 first addition of verify sign stream data 2018-11-06 18:35:12 -08:00
Jacob Barthelmeh 02df920269 use fall through and update api tests to use wc_PKCS7_New 2018-11-06 18:35:12 -08:00
Jacob Barthelmeh 83a150c4df stream of PKCS7 decode encrypted 2018-11-06 18:35:12 -08:00
Chris Conlon 06a6f8400b add CMS AuthEnvelopedData support for authAttrs 2018-11-06 18:35:12 -08:00
Chris Conlon 0b3930e24f save and set PKCS7 isDynamic flag in wc_PKCS7_Init 2018-11-06 18:35:12 -08:00
David Garske efb1efcc0d Fixes and additional tests for compatibility function `BN_bn2hex`. In the DEBUG_WOLFSSL case it was returning a `(char*)""`, which was trying to be free'd. We cannot return `const char*` here, since its assumed to be an allocated pointer. Fix the dynamic type for XMALLOC/XFREE to match, since `OPENSSL_free` is used to free returned value. Fix to add room for null term. Added missing API unit test for `BN_print_fp`. Exposed these functions for `OPENSSL_EXTRA`. 2018-11-06 05:55:25 -08:00
JacobBarthelmeh 1ffc1108a6
Merge pull request #1906 from cconlon/selftest-fixes 
fixes for CAVP selftest build errors
 2018-11-01 11:31:39 -06:00
Jacob Barthelmeh 6dd4fba888 fix for clang warning 2018-10-30 17:41:03 -06:00
Jacob Barthelmeh cc3ccbaf0c add test for degenerate case and allow degenerate case by default 2018-10-30 17:04:33 -06:00
Chris Conlon def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske 86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects `HAVE_PK_CALLBACKS` on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API `wc_RsaPublicKeyDecode_ex` for parsing an RSA public key for the modulus and exponent. Changed `wolfSSL_CTX_SetTmpEC_DHE_Sz` to support a `size == 0` for using the long-term private key's size. Changed `ECDHE_SIZE` so it can be overridden and build-time. Added tests for `wolfSSL_CTX_SetTmpEC_DHE_Sz` and `wolfSSL_SetTmpEC_DHE_Sz`. 2018-10-25 09:15:23 -07:00
toddouska 878b5925fc
Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
David Garske 7ce236f3af Fix for new `test_wolfSSL_PKCS8` changes to init/free the ecc_key. 2018-10-19 16:04:02 -07:00
David Garske 095337b1cf
Merge pull request #1878 from kaleb-himes/TEST_COVERAGE_3 
Test coverage 3
 2018-10-17 13:47:10 -07:00
toddouska dcb105deff
Merge pull request #1876 from dgarske/max_frag_256 
Added new 256-byte max fragment option `WOLFSSL_MFL_2_8`
 2018-10-17 13:21:57 -07:00
David Garske 8b529d3d57 Add test for ECC private key with PKCS 8 encoding (no crypt) and `-----BEGIN EC PRIVATE KEY-----` header. 2018-10-17 10:01:29 -07:00
kaleb-himes 5ca822b1e9 Peer review changes requested 2018-10-17 10:46:45 -06:00
kaleb-himes 2aa6f91144 Reset IV after update via call to encrypt 2018-10-16 18:31:16 -06:00
David Garske ab61cefa58 Fix max frag error case tests to use min/max. 2018-10-16 08:58:46 -07:00
David Garske 4adaeb8585 Added new 256-byte max fragment option `WOLFSSL_MFL_2_8`. 2018-10-15 17:06:21 -07:00
David Garske d67cb9e875 Added new build option for Microchip CryptoAuthLib (--enable-cryptoauthlib). Build fixes with WOLFSSL_ATECC508A enabled. 2018-10-15 14:17:43 -07:00
toddouska 0b78b75530
Merge pull request #1860 from dgarske/tls_either_side 
Methods cleanup and new DTLS "either" side methods
 2018-10-12 07:35:17 -07:00
kaleb-himes f9ff151ee7 wolfSSL_AES_cbc_encrypt unit test refactor, TODO: Decrypt 2018-10-10 16:16:57 -04:00
kaleb-himes 23797ab4cb wolfSSL_AES_cbc_encrypt unit tests, TODO: Decrypt 2018-10-10 15:59:10 -04:00
Tesfa Mael 5d047cc4d9 Added test_wc_curve25519_size to increase code coverage 2018-10-10 12:46:25 -07:00
Tesfa Mael 8f1ad656c2 Improving code coverage 2018-10-09 16:13:26 -07:00
Kaleb Himes c6e3e34ff7
Remove unused macro 2018-10-08 09:35:37 -06:00
kaleb-himes 66420db07c Initializing coverage for CRL APIs 2018-10-05 15:05:03 -06:00
David Garske bbdb17975c Adds build option `WOLFSSL_EITHER_SIDE` for deferring the "side" of the TLS session until first connect or accept. Added the DTLS generic v1.0 and v1.2 methods for "either" side. Added "either" methods unit tests. Added "either" -v e support to example client/server. Fix to expose `wolfSSL_use_certificate_file` and `wolfSSL_use_PrivateKey_file` without `OPENSSL_EXTRA`. Cleanup of the methods for (void)heap and log messages. Spelling fixes. 2018-10-04 15:47:50 -07:00
kaleb-himes 08654ce71d Start hitting up the stubs, more to come 2018-10-03 17:01:12 -06:00
kaleb-himes 1f643800a6 Add more coverage cases to unit tests 2018-09-28 15:32:16 -06:00
Chris Conlon d30c45a79c
Merge pull request #1637 from ghoso/openssl_compat201805 
OpenSSL Compatibility APIs 2018/06
 2018-09-26 14:54:14 -06:00
David Garske 6e629a51f8 Added test case for scenario where error is pushed, cleared then try to get current. Without fix to clear `wc_current_node` in `wc_ClearErrorNodes` this causes access to invalid/free'd memory. 2018-09-26 08:16:58 -07:00
Go Hosohara 52b5fe569b restore PR#1819 to pass Jenkins tests. 2018-09-25 18:04:27 +09:00
Go Hosohara cfa99c567b merge PR #1820 Porting aid 2018-09-25 15:39:56 +09:00
Go Hosohara ca9f62713d fix test_wolfSSL_CTX_load_verify_locations() build error 2018-09-25 15:39:56 +09:00
Takashi Kojo cf5377ec5b Revert "fix api.c error code to fit into" 
This reverts commit 9eddc2ed3598dbede3c6a3aa1e0b50e111369d63.
 2018-09-25 15:39:56 +09:00
Takashi Kojo 921992e689 fix api.c error code to fit into 2018-09-25 15:39:55 +09:00
Takashi Kojo c28e981b9b avoid shadow 2018-09-25 15:39:55 +09:00
Takashi Kojo 93e1221894 WOLFSSL_KEEP_STORE_CERTS for X509_STOREmake 2018-09-25 15:39:55 +09:00
Takashi Kojo 9ea88b5181 wc_PKCS12_free, EVP_PKEY_free for PKCS12 in test_wolfSSL_OBJ 2018-09-25 15:39:55 +09:00
Takashi Kojo 9ae3ccb3ba OBJ_sn2nid with OPENSSL_EXTRA_X509_SMALL 2018-09-25 15:39:55 +09:00
Takashi Kojo 094141b4ea initiallizing asn1Name 2018-09-25 15:39:55 +09:00
Takashi Kojo 7d2a03f8c9 OBJ_obj2nid memory leak 2018-09-25 15:39:55 +09:00
Go Hosohara 2669b80943 Fix crashed issue if you call X509_free() after X509_STOER_CTX_free() 2018-09-25 15:39:55 +09:00
Go Hosohara 5de7a34fd4 Add memory free to prevent from leaking 2018-09-25 15:39:55 +09:00
Go Hosohara 1c627430c7 increase wolfcrypt test program memory size along to WOLFSSL structure modificaiton. 
rebase with master branch
 2018-09-25 15:39:55 +09:00
Go Hosohara 1d1f4df8cb Fix XBADFILE typo 2018-09-25 15:39:55 +09:00
Takashi Kojo 7af43b6cf0 test_wolfSSL_OBJ with NO_DES3, NO_RSA 2018-09-25 15:39:55 +09:00
Takashi Kojo c673884cbb #ifdef HAVE_ECC to OBJ_nid2obj, and its test in api.c 2018-09-25 15:39:55 +09:00
Takashi Kojo 4d03b55fef XBADFILE in bio.c 2018-09-25 15:39:55 +09:00
Go Hosohara fd01659baa Obj_obj2nid 2018-09-25 15:39:55 +09:00
Go Hosohara 3f993c280c Change buffer variable name for preventing from conflict with debug option. 2018-09-25 15:39:54 +09:00
Go Hosohara 3f82fb62a0 SSL_get_peer_cert_chain() count value check in api.c 2018-09-25 15:39:54 +09:00
Takashi Kojo 1e87eae3b7 i2d_RSAPublicKey(rsa, NULL) 2018-09-25 15:39:54 +09:00
Takashi Kojo e6612b34f7 use XFILE, BADFILE, XFxxxx 2018-09-25 15:39:54 +09:00
Go Hosohara 3bf776baf4 wolfSSL_ASN1_TIME_get_data() changed 2018-09-25 15:39:54 +09:00
Go Hosohara 29d3303995 Add tests for d2i_PKCS12_fp,i2d_RSAPublicKey,RSA_verify and X509_print 2018-09-25 15:39:54 +09:00
Go Hosohara b588e6ab29 ERR_peek_last_error() and SSL_get_SSL_CTX reference error on opensslextra. 
Implemented wolfSSL_X509_get_version().
 2018-09-25 15:39:54 +09:00
Go Hosohara e79cdefcde X509_NAME_ENTRY_get_object 2018-09-25 15:39:54 +09:00
Go Hosohara 2922a93bf7 PEM_read_X509_CRL 2018-09-25 15:39:54 +09:00
Go Hosohara 050fa2f8f8 wolfSSL_X509_CA_num() 2018-09-25 15:39:54 +09:00
Go Hosohara aaa26f3f41 wolfSSL_ASN1_TIME_get_data() 2018-09-25 15:39:54 +09:00
Go Hosohara a002a6715f wolfSSL_ASN1_TIME_get_length() 2018-09-25 15:39:54 +09:00
Jacob Barthelmeh 2e88151cfd crypto only sha256 cryptodev 
formating and refactoring

update configure for devcrypto

add AES algorithms to cyrptodev port

increase structure size for compatibility AES with cryptodev

add wc_devcrypto.h to install path
 2018-09-19 10:41:29 -06:00
Chris Conlon 085daa78cd
Merge pull request #1833 from dgarske/norng_fixes 
Fixes for building without RNG enabled
 2018-09-18 14:52:21 -06:00
David Garske 9e305a01b4 More fixes for building with `./configure --disable-rng`. 2018-09-18 11:17:39 -07:00
David Garske 77cd361bca Fixes for building with `WC_NO_RNG`. 2018-09-13 13:23:55 -07:00
toddouska e071f1ca7e
Merge pull request #1825 from SparkiDev/compat_apis_1 
Add more compatability APIs.
 2018-09-13 13:13:12 -07:00
Chris Conlon 8a6a9e7620
Merge pull request #1820 from kojo1/portingAid 
Porting aid
 2018-09-13 11:06:55 -06:00
Sean Parkinson 0275366fb6 Fixes from code review 
Document how length of ECDSA signature calculated.
Check parameter not NULL before use.
Formatting fix.
Also, disable RSA test of EVP_DigestSign/Verify* when HAVE_USER_RSA.
 2018-09-13 08:47:09 +10:00
toddouska 324235f698
Merge pull request #1823 from dgarske/cert_ext_only 
Fix for build with cert extensions and openssl extra only
 2018-09-12 13:03:37 -07:00
Sean Parkinson df20daa1ae Support RSA and ECC in wolfSSL_DigestSign/Verify* 2018-09-12 16:31:39 +10:00
Takashi Kojo 7ddc756d15 eliminate double semi-colon 2018-09-12 10:13:30 +09:00
Sean Parkinson 330a7048c7 Add more compatability APIs. 
d2i_ECDSA_SIG, i2d_ECDSA_SIG, EVP_DigestVerifyInit,
EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_PKEY_id,
PEM_read_bio_PUBKEY
 2018-09-11 09:28:03 +10:00
David Garske 238f45d89d Fix for build with `./configure --enable-certext --enable-opensslextra`. 2018-09-10 08:22:17 -07:00
David Garske f48e2067ae Added new API `wolfSSL_CTX_load_verify_chain_buffer_format` for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
Sean Parkinson f8ac5b5f71
Merge pull request #1819 from dgarske/fix_load_loc 
Fix for load location test to handle multiple failure codes
 2018-09-10 08:36:19 +10:00
Takashi Kojo 0d44252608 error pass though build flag WOLFSSL_PASSTHRU_ERR 2018-09-08 10:19:31 +09:00
Takashi Kojo 902008f5ea refer unit_PassThrough flag at least once 2018-09-08 09:17:52 +09:00
Eric Blankenhorn 412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798) 
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
 2018-09-07 16:22:23 -07:00
David Garske 575382e5a9 Fix for load location test to handle multiple failure codes (failure may return ProcessFile error code or WOLFSSL_FAILURE). Moved expired certs and setup load location test for expired certs. 2018-09-07 15:30:30 -07:00
Takashi Kojo e677c32714 test file access functions 2018-09-08 07:27:33 +09:00
Daniele Lacamera 27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
David Garske ae3d8d3779 * Fixed `wolfSSL_CTX_load_verify_locations` to continue loading if there is an error (ZD 4265). 
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
 2018-09-06 12:51:22 -07:00
Sean Parkinson 17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
toddouska 7f324d2c3b
Merge pull request #1781 from JacobBarthelmeh/Compatibility-Layer 
fix for IV of DES_ncbc function
 2018-08-24 10:16:21 -07:00
Jacob Barthelmeh f23eb37ade fix for IV of DES_ncbc function 2018-08-23 09:03:09 -06:00
David Garske d0d28c82cd Added new PKCS7 ex API's for supporting signing and validation of large data blobs. New API's are `wc_PKCS7_EncodeSignedData_ex` and `wc_PKCS7_VerifySignedData_ex`. Includes header docx and unit tests for new API's. Cleanup for the PKCS7 small stack and const oid's. 2018-08-22 15:46:37 -07:00
Takashi Kojo 08c2d94011 return value check of XFSEEK 2018-08-22 10:46:46 +09:00
David Garske b12386fbb1 Fixes for building with TLS v1.3 only (`./configure --disable-tlsv12 --enable-tls13 --disable-aescbc --enable-ed25519 --enable-curve25519`) 2018-08-20 15:49:03 -07:00
toddouska 0f539616be
Merge pull request #1766 from JacobBarthelmeh/UnitTests 
cleanup with test cases and access to FP_MAX_BITS
 2018-08-20 09:19:14 -07:00
toddouska 555714afa3
Merge pull request #1764 from SparkiDev/tls13_psk_cb 
Separate PSK callback for TLS 1.3
 2018-08-20 09:17:01 -07:00
Jacob Barthelmeh cc10c971cd make sure that even if wolfSSL_Init has been called multiple times that wolfSSL_Cleanup gets called in tests 2018-08-17 11:04:21 -06:00
Sean Parkinson f1222c3f9f Separate PSK callback for TLS 1.3 
It is highly recommended that the PSK be different for each protocol.
Example callback already returns a different key for TLS 1.3.
New callback includes the ciphersuite, as a string, to use with the key.
 2018-08-17 10:18:28 +10:00
Sean Parkinson f487b0d96a Config option to disable AES-CBC 
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
 2018-08-16 08:25:13 +10:00
Eric Blankenhorn 2420af3cf2
Merge pull request #1758 from dgarske/certext 
Fix for building certext without certgen
 2018-08-14 17:00:51 -05:00
David Garske d1e13a973c Fix for building `WOLFSSL_CERT_EXT` without `WOLFSSL_CERT_GEN` due to missing `CTC_MAX_EKU_OID_SZ`. Change to allow --enable-certext without certgen. 2018-08-14 15:00:56 -06:00
David Garske c073aee87c Added new ECC export API's to support export as hex string. New API's are `wc_ecc_export_ex` and `wc_ecc_export_int`. For hex string use `ECC_TYPE_HEX_STR` as `encType` arg. Refactor to reduce duplicate code. Build fixes for `NO_ECC_KEY_EXPORT`. 2018-08-14 12:05:22 -06:00
toddouska d4f908c372
Merge pull request #1728 from JacobBarthelmeh/HardwareAcc 
Add build for AF_ALG
 2018-08-13 16:27:51 -07:00
Eric Blankenhorn bb574d28b2 Support for more cert subject OIDs and raw subject access (#1734) 
* Add businessCategory OID
* Raw subject support methods
* Support for jurisdiction OIDs
* Wrap in WOLFSSL_CERT_EXT
* Adding tests
 2018-08-12 12:53:29 -07:00
David Garske a43d4d16ba
Merge pull request #1719 from MJSPollard/OpenSSLAllFix 
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
 2018-08-02 15:20:27 -07:00
JacobBarthelmeh cb756397b3 inital AES-CBC with af_alg 
progress on AES-GCM with AF_ALG and add SHA256

add aes-gcm test cases and finish logic of aes-gcm with AF_ALG

formating of tabs and white space

add files to dist

adding ecb and ctr mode with af_alg

make length of buffers for ctr be AES_BLOCK_SIZE

formating and add support for sha256 copy/gethash

sanity checks on arguments

cast return values and valgrind tests

make it easier to use sha256 with af_alg

remove hard tabs

add endif for after rebase
 2018-08-01 08:54:20 -06:00
David Garske 4eff7b641b First pass at bugs found with `./scripts/memtest.sh`. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in `wolfSSL_PEM_read_X509_CRL`. 2018-07-30 13:53:54 -07:00
David Garske 6ed6876b1f Enhanced the `--enable-memtrack` option to keep list of pointers allocated and reports leaked memory at end. Cleanup of the wolfCrypt_Init and wolfCrypt_Cleanup calls in unit.test and SrpTest memory tracking feature. 2018-07-30 13:53:54 -07:00
David Garske 2c3475c1d6 Added new build option `--enable-memtest` or `WOLFSSL_FORCE_MALLOC_FAIL_TEST` which enables random malloc failures for testing. This test supresses the `abort()` calls to detect seg faults. A new script `./scripts/memtest.sh` starts the test. If an issue is found it can be reviewed with the `./scripts/memtest.txt` log and reproduced using the seed printed at top of unit test as `--- RNG MALLOC FAIL AT 295---` and rerun using `./tests/unit.test 295`. 2018-07-30 13:53:35 -07:00
toddouska 62cb69ded6
Merge pull request #1724 from dgarske/pemtoder 
Added API's to expose alloc/free of DerBuffer and new unit tests
 2018-07-30 13:50:19 -07:00
toddouska 335f467b8c
Merge pull request #1714 from dgarske/pic32hashleak 
Fixes for PIC32MZ hash memory leak
 2018-07-30 13:48:59 -07:00
David Garske 309d7a9d0d Added API's to expose alloc/free of DerBuffer using `wc_AllocDer` and `wc_FreeDer`. Added unit tests for new API's and missing ones for `wc_PemToDer` and `wc_CertPemToDer`. ZD 4185. 2018-07-30 11:19:59 -07:00
MJSPollard 543cac65d8 Added boost define and openssl bug fix with WOLFSSL_KEY_GEN 2018-07-27 12:42:09 -06:00
David Garske efbabbfb29 Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using `NO_PIC32MZ_HASH`, `NO_PIC32MZ_RNG` and `NO_PIC32MZ_CRYPT`. 2018-07-26 14:41:30 -07:00
toddouska 84c1b633fb
Merge pull request #1713 from JacobBarthelmeh/UnitTests 
fix buffer types for ARC4 test
 2018-07-25 14:17:10 -07:00
David Garske 92cb8f06ea Fixes to make sure hash free is always called (resolves memory leaks with PIC32MZ hashing hardware). Only print Alloc/Free messages with track memory when `WOLFSSL_DEBUG_MEMORY_PRINT` is defined. Added test for ForceZero with 0 length. 2018-07-25 11:22:03 -07:00
Jacob Barthelmeh 003b7b28f4 fix buffer types for ARC4 test 2018-07-24 17:37:39 -06:00
toddouska e618f34c2f
Merge pull request #1707 from kaleb-himes/ARM_GCC_EX_FIXES 
Fixes for building without DRBG and ForceZero test
 2018-07-23 16:14:43 -07:00
toddouska ab3ffaa26a
Merge pull request #1706 from SparkiDev/sha384_not_sha512 
Allow SHA384 to be compiled in without SHA512
 2018-07-23 09:47:49 -07:00
kaleb-himes 887e3deee8 Move ForceZero test to api.c and turn on tests when inline disabled 2018-07-20 13:30:06 -06:00
Sean Parkinson 9433fcb820 Allow SHA384 to be compiled in without SHA512 2018-07-20 09:42:01 +10:00
MJSPollard db8939c578 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-18 11:10:35 -06:00
toddouska 436e774729
Merge pull request #1685 from SparkiDev/dh_max 
Add support for maximum DH key size
 2018-07-18 09:33:43 -07:00
toddouska 1337f7ddec
Merge pull request #1674 from dgarske/derchainsz 
Fix for max cert chain size calculation
 2018-07-13 13:53:35 -07:00
David Garske 0a19dc0940 Don't run new cert chain test if RSA is disabled (test chain contains RSA certs). 2018-07-13 11:41:06 -07:00
Eric Blankenhorn 9bc0e0c4fc Static analysis fixes (#1658) 
* Static analysis fixes
* Fixes for zd4071, zd4074, zd4093-zd4094, zd4096, zd4097-zd4104.
* Add test cases.
 2018-07-13 09:02:09 -07:00
Sean Parkinson ffc6cf4eb8 Add support for maximum DH key size 2018-07-13 17:36:42 +10:00
David Garske 0ce6cbd4c4 Added API unit test for `wolfSSL_CTX_use_certificate_chain_file_format`. 2018-07-12 13:22:21 -07:00
MJSPollard d8dff3e4de Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-12 11:57:34 -06:00
Jacob Barthelmeh 58478c50af check that fp max bits is large enough before test 2018-07-10 15:09:47 -06:00
MJSPollard 3fc7424e03 implemented requested changes 2018-07-10 11:52:41 -06:00
MJSPollard ac0b31dee8 refactored and added defines for wolfSSL/Asio Compat 2018-07-03 11:07:15 -06:00
David Garske 2bd4fb110c Fix additional cases for use of unititlized PKCS isDynmaic in unit test. 2018-07-02 10:24:41 -07:00
MJSPollard e319987579 Added wolfSSl compatability for Asio C++ library 2018-07-02 10:48:02 -06:00
David Garske fb3d3dce0e Fix for use of unititlized `PKCS7.isDynamic` case in unit test. Added return code checks for `wc_PKCS7_Init`. 2018-07-02 09:38:14 -07:00
David Garske 07401d909c Added support for dynamic allocation of PKCS7 structure using `wc_PKCS7_New` and `wc_PKCS7_Free`. Updated the test examples to use the dynamic method. Add API unit test for `wc_PKCS7_New`. 2018-06-29 15:04:28 -07:00
toddouska 5d767aa004
Merge pull request #1641 from ejohnstown/rename-inline 
Rename INLINE
 2018-06-27 09:34:41 -07:00
John Safranek 586874b997 Rename INLINE 
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
 2018-06-26 15:17:46 -07:00
toddouska d9b5948947
Merge pull request #1605 from dgarske/asyncfsanitize 
Fixes for async to resolve runtime fsanitize issues
 2018-06-26 14:27:07 -07:00
John Safranek e6c7952f50 Merge master into fipsv2. Resolved a conflict in api.c. 2018-06-22 09:52:26 -07:00
David Garske 522f365279 Fix one more issue with PKCS7 and async, which is not supported. 2018-06-22 09:30:25 -07:00
Jacob Barthelmeh a1295b3148 memory management with test cases 2018-06-15 15:43:42 -06:00
toddouska 0d0aa74444
Merge pull request #1623 from dgarske/fix_atecc508a 
Fixes for build with `WOLFSSL_ATECC508A` defined
 2018-06-15 11:06:33 -07:00
Jacob Barthelmeh c03c10e1d4 move location of wolfSSL_d2i_RSA_PublicKey to fix x509 small build 2018-06-14 14:38:15 -06:00
David Garske 5b2bb44bc8 Fixes for build with `WOLFSSL_ATECC508A` defined. 2018-06-13 20:10:01 -07:00
Sean Parkinson a03c15e598 Allow NO_WOLFSSL_CLIENT/SERVER to compile and pass tests 2018-06-13 11:42:16 +10:00
David Garske dac5f84f61 Fix build error with missing `bio`. Fix for `pkey` not being reset to NULL for `d2i_PrivateKey` failure case test. 2018-06-12 09:38:18 -07:00
David Garske 292e9535ae Fix for `wolfSSL_ERR_clear_error` to call `wc_ClearErrorNodes` when its available (mismatched macros), which was incorrectly causing `test_wolfSSL_ERR_put_error` to fail. Added `test_wolfSSL_PEM_PrivateKey` test for ECC based key. Refactored the RNG test to only run the reseed test if `TEST_RESEED_INTERVAL` is defined. This is the test that was causing the tests/api.c to take so long to complete. Will add this macro to the enable options test. 2018-06-12 09:38:18 -07:00
David Garske 9cbd2b00d4 Added test for `PEM_read_bio_PrivateKey` using BIO loaded using `BIO_new_mem_buf`. 2018-06-12 09:38:18 -07:00
David Garske e1890a4b0e Added some bad argument checks on compatibility functions `BIO_new_mem_buf` and `PEM_read_bio_PrivateKey`. 2018-06-12 09:38:18 -07:00
David Garske ad0a10441d Fixes for building with openssl compatibility enabled and no TLS client/server. 
Resolves issues building with:
`./configure --enable-opensslextra --disable-rsa --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`
`./configure --enable-opensslextra --disable-ecc --disable-supportedcurves CFLAGS="-DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER" --disable-examples`

Ticket 3872
 2018-06-12 09:38:18 -07:00
John Safranek df6fe0b07c FIPS Revalidation (acceptance fixes) 
1. Update the fips-check script to pull the FIPSv2 code from the main repositories.
2. Script cleanup.
3. Disable the api.test check of wc_ecc_mulmod() when WOLFSSL_VALIDATE_ECC_IMPORT is enabled.
 2018-06-08 10:36:28 -07:00
John Safranek 234228e5af FIPS Revalidation (acceptance fixes) 
1. Fixed some whitespace in api.c.
 2018-06-06 17:50:55 -07:00
John Safranek 7e9a32fffd FIPS Revalidation 
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
 2018-06-06 12:43:15 -07:00
toddouska c43a84547a
Merge pull request #1572 from dgarske/cryptodev 
Added crypto device framework
 2018-05-31 10:28:58 -07:00
Jacob Barthelmeh 5849e9f1a1 update macro name in test case 2018-05-30 17:42:07 -06:00
toddouska 999663fae1
Merge pull request #1498 from JacobBarthelmeh/Certs 
update before/after dates with certificates
 2018-05-30 10:09:49 -07:00
Go Hosohara 8cd357aa3a d2i_PKCS12_fp 2018-05-30 12:10:41 +09:00
Go Hosohara c715bb5ade X509_check_ca 2018-05-30 12:08:27 +09:00
Go Hosohara 3f6b7c8833 Merge with openSSL-Compat-CRL-STORE on kojo1/wolfssl 2018-05-30 12:08:27 +09:00
Go Hosohara 0fb446ad36 i2c_ASN1_INTEGER 2018-05-30 12:03:58 +09:00
Go Hosohara d7e4bbf1cf ASN1_STRING_print_ex 2018-05-30 11:56:43 +09:00
Go Hosohara 5c11e1440f ASN1_TIME_to_generalizedtime 2018-05-30 11:56:43 +09:00
Go Hosohara 5ff460bb7f OPENSSL_add_all_algorightms_noconf 2018-05-30 11:53:18 +09:00
Go Hosohara 005284a127 ASN1_GENERALIZEDTIME_free 2018-05-30 11:53:17 +09:00
Go Hosohara 24ff55b085 RAND_poll 2018-05-30 11:53:17 +09:00
toddouska 2cf853d1f1
Merge pull request #1582 from SparkiDev/tls13_only 
Allow TLS 1.2 to be compiled out.
 2018-05-29 13:26:54 -07:00
Chris Conlon 16738f1449
Merge pull request #1569 from kojo1/openSSL-Compat-CRL-STORE 
openSSL compatibility APIs: X509_CRL, STORE
 2018-05-29 09:47:22 -06:00
Takashi Kojo 3939eadf9c get derLen by RsaPublicKeyDerSize 2018-05-26 10:55:17 +09:00
Chris Conlon af471a360d
Merge pull request #1574 from cariepointer/test/wolfcrypt 
Add unit test for wc_SignatureGetSize
 2018-05-25 11:29:58 -06:00
Carie Pointer 12dc346058 Change return value to 0 for null key when HAVE_USER_RSA is defined 2018-05-25 09:25:25 -06:00
Sean Parkinson ba8e441e53 Allow TLS 1.2 to be compiled out. 2018-05-25 11:00:00 +10:00
Carie Pointer 65014248f9 Fix typos, update ret for if HAVE_USER_RSA defined 2018-05-24 16:32:27 -06:00
Carie Pointer 005a0d4dff Define devId if RSA is enabled 2018-05-23 20:17:11 -06:00
toddouska d38a0039ed
Merge pull request #1549 from JacobBarthelmeh/Cert-Report1 
fix for relative URI detection
 2018-05-23 17:05:35 -07:00
cariepointer 4eeb9c8c56
Merge branch 'master' into test/wolfcrypt 2018-05-23 16:35:10 -06:00
David Garske 72d168028e Fixes to better handle PKCS7 error cases. 2018-05-23 15:29:33 -07:00
David Garske 9a75e5cf68 Fixes in PKCS7 for handling hardware based devId and no private key. Fix to handle scenario where `kari->decoded` is allocated, but not initalized (was causing use of unitliaized in `FreeDecodedCert`). Fix to handle hardware base RSA key size. 2018-05-23 14:48:10 -07:00
Chris Conlon 555efe0345
Merge pull request #1577 from TimParrish/firstUnitTest 
First unit test
 2018-05-23 15:24:56 -06:00
Carie Pointer a18f220a5a Remove trailing whitespaces 2018-05-23 14:39:36 -06:00
Carie Pointer 8bd41629ae Split wc_SignatureGetSize test into wc_SignatureGetSize_ecc and wc_SignatureGetSize_rsa tests 2018-05-23 14:26:35 -06:00
Tim 4fd85853c5 I think I now understand the trailing white space... 2018-05-23 11:57:12 -06:00
Tim 124f45d449 re-upload 2018-05-22 17:45:04 -06:00
Tim 83e67a4197 additional changes made 2018-05-22 17:25:22 -06:00
Tim 58ac951471 Changes made- Thank you 2018-05-22 16:00:40 -06:00
Tim b308fa9a39 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into firstUnitTest 2018-05-22 13:26:45 -06:00
Carie Pointer 6321008ef4 Modify wc_SignatureGetSize test for ECC and RSA specific API 2018-05-22 13:24:36 -06:00
Tim d6809c029d First unit test 2018-05-22 13:21:37 -06:00
Quinn Miller f2ce8dcbca Added unit test for Blake2 2018-05-22 10:47:44 -06:00
Carie Pointer df24bc6096 Update unit test 2018-05-22 09:22:01 -06:00
Carie Pointer 6cc84d2301 Add initial test_wc_SignatureGetSize() method 2018-05-21 17:11:21 -06:00
Chris Conlon be9ae9a3c4
Merge pull request #1570 from MJSPollard/MikePollardBranch 
added Poly1305SetKey Unit Test
 2018-05-21 16:35:15 -06:00
toddouska 2021bcb188
Merge pull request #1560 from dgarske/ciphernamecleanup 
Refactor of the cipher suite names to use single array
 2018-05-21 14:24:53 -06:00
MJSPollard 2b49f69f1b updated unit test 2018-05-21 12:44:59 -06:00
Aaron Jense f214dbc3dd Removed unneeded call on test_wc_curve25519_init 2018-05-21 11:50:52 -06:00
Aaron Jense 8197d9ec36 Added unit-test for wc_curve25519_init and wc_curve25519_free in tests/api.c 2018-05-21 10:59:02 -06:00
MJSPollard f447fe22b0 added Poly1305SetKey Unit Test 2018-05-21 10:55:56 -06:00
Takashi Kojo 874022d938 fix #if conditions and others 2018-05-20 13:55:47 +09:00
Takashi Kojo 153bcb5297 d2i_X509_fp 2018-05-20 13:55:47 +09:00
Takashi Kojo 460becf739 SHA256, SHA384, SHA512 2018-05-20 13:55:47 +09:00
Takashi Kojo c275dfc5ab X509_STORE_add_crl 2018-05-20 13:55:46 +09:00
Takashi Kojo 4efe8740ad Eliminate d2i_RSAPublicKey test when HAVE_FAST_RSA is enabled 2018-05-20 13:55:46 +09:00
Takashi Kojo 03d68812a9 Fix #if condition for test 2018-05-20 13:55:45 +09:00
Takashi Kojo ad71f44f3c suppress i2d_RSAPublicKey with HAVE_FAST_RSA 2018-05-20 13:55:45 +09:00
Takashi Kojo 5d4c0c582e skip d2i_X509_CRL_fp test. Done locally. 2018-05-20 13:55:44 +09:00
Takashi Kojo 03846b2d2d d2i_RSAPublicKey, d2i_X509_CRL, d2i_X509_CRL_fp, X509_CRL_free, PEM_read_X509_CRL 2018-05-20 13:55:43 +09:00
John Safranek dd0489db8c 1. Added the pair-wise consistency test to the RSA Key Gen. 
2. Modified an RSA key size test case so it didn't try to make a key that was too big.
 2018-05-17 17:41:34 -07:00
David Garske b973d6e8b1 Fix to handle `NO_ERROR_STRINGS` case in unit test. The IANA names are disabled when `NO_ERROR_STRINGS` is defined. 2018-05-17 10:24:02 -07:00
David Garske 8163225180 Refactor of the cipher suite names to use single array, which contains internal name, IANA name and cipher suite bytes. 2018-05-16 15:29:27 -07:00
John Safranek 3685b7b176 Test Fixes 
1. AesGcmEncrypt_ex requires the RNG, remove function if RNG disabled.
2. Fix a couple function name changes in the example server.
3. Removed the old FIPS wrapping added to dh.h, was redundant.
4. Move include of random.h in the aes.h file.
5. Fix where ecc.c was being left out of old FIPS builds.
6. Exclude the AES-GCM internal IV test case when building without the RNG.
7. Fix api test where AES-GCM Encrypt was called with a too-long IV in old FIPS mode. Non-FIPS and new FIPS are allowed longer IVs.
 2018-05-16 15:47:12 -04:00
John Safranek f6fe3744a7 FIPS Update 
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
 2018-05-16 15:47:12 -04:00
Jacob Barthelmeh a6ad6b94d1 account for IGNORE_NAME_CONSTRAINTS when testing the parsing of a relative URI 2018-05-14 16:03:51 -06:00
Jacob Barthelmeh 63a0e872c5 add test for fail case when parsing relative URI path 2018-05-14 14:27:02 -06:00
Jacob Barthelmeh bb979980ca add test case for parsing URI from certificate 2018-05-08 16:24:41 -06:00
toddouska 107290b552
Merge pull request #1515 from dgarske/buildfixes 
Fixes for various build configurations
 2018-04-25 10:23:27 -07:00
toddouska 5c61810d4d
Merge pull request #1497 from SparkiDev/tls13_draft28 
Tls13 draft28
 2018-04-25 10:17:37 -07:00
David Garske 3c684886ad Fixes to resolve building `--enable-tls13 --disable-ecc --enable-curve25519 --enable-ed25519`. 2018-04-25 07:54:53 -07:00
toddouska 1ddccf63dc
Merge pull request #1496 from JacobBarthelmeh/Compatibility-Layer 
Compatibility layer
 2018-04-24 13:33:33 -07:00
Sean Parkinson 94157634e1 TLS 1.3 fixes/improvements 
Support Draft 28: able to compile code to return BAD_BINDER if no PSKs
match and certificates not to be used.
Change key share implementation to use server preference - server now
checks each client key share's group is in supported_groups extension.
Client and server examples modified to support server preference.
Application can set client's and server's supported groups by rank.
Server's supported groups is sent back in encrypted_extensions if
preferred group is not in client's list - able to be turned off at
compile time.
Application can query server's preferred group from client.
Able to compile using 0x0304 as version instead of draft version.
Fix state machine in TLS 1.3 to support unexpected hello_retry_request.
Also fixes non-blocking.
Fix resumption to use the named group from session.
Fix named group in session structure to be a 2-byte field.
Better detection of errors in message flow.
Fix DoTls13ClientHello when downgrading - don't do TLS 1.3 things.
Not downgrading on client fixed.
Downgrade protocol version from TLS 1.3 when not TLS 1.3 ciphersuite.
Get downgrading from TLS 1.3 and resumption working.
Change earlyData value to an enum.
Support no extensions data (as opposed to zero length extension data) in
TLS 1.3 ClientHello.
Check PSK cipher suite is available to both client and server before
using.
Check first PSK identity chosen when server says it is using early data
at client.
Check PSK extension is last in client_hello on server.
Check the PSK cipher suite to use is supported on client.
Check the returned cipher suite for pre-shared keys is the same as
client expects.
Send alert decrypt_error when verification fails in certificate_verify
or finished message doesn't match calculated value.
Fail when certificate messages recieved in handshake when using PSK.
Validate on the server that EndOfEarlyData message has been recieved
before finished message when server sent EarlyData extension.
 2018-04-20 09:44:02 +10:00
Takashi Kojo bf950198f2 api.c: option conditions 2018-04-18 13:02:40 +09:00
Takashi Kojo 56af3a5b36 add HMAC SHA2 2018-04-18 08:47:39 +09:00
toddouska 09706a4ed2
Merge pull request #1488 from SparkiDev/tls13_perf 
Changes for interop and performance
 2018-04-16 09:16:13 -07:00
Jacob Barthelmeh e895bacbba update before/after dates with certificates 2018-04-13 09:31:32 -06:00
Jacob Barthelmeh f9eda5d790 free test certificate after use 2018-04-13 09:16:22 -06:00
Eric Blankenhorn a0d8327320 Coverity fixes 2 (#1493) 
* Coverity fixes for wolfcrypt folder
* Fixes for remaining issues
* Fixes for test files
 2018-04-13 05:35:18 -07:00
Sean Parkinson 0b47811c46 Changes for interop and performance 
Changes made to test.h to allow interop of PSK with OpenSSL.
Changes to allow server to pre-generate key share and perform other
operations at later time.
Fix ChaCha20 code header to have bigger state to support assembly code
for AVX1.
Fix Curve25519 code to use define instead.
Change Curve25519 to memset all object data on init.
Change Poly1305 to put both sizes into one buffer to avoid a second call
to wc_Poly1305Update().
Added WOLFSSL_START and WOLFSSL_END API and calls to show time of
protocol message function enter and leave to analyse performance
differences.
Moved Curve25519 code in KeyShare extension out of general ECC code.
 2018-04-13 12:01:20 +10:00
Jacob Barthelmeh cfaed48f90 adjust GetInt call with ASN1 integer to big number 2018-04-12 14:40:20 -06:00
Jacob Barthelmeh df06707496 Handle larger values with ASN1 INTEGER structure 2018-04-12 14:07:29 -06:00
David Garske ce6728951f Added a new `--enable-opensslall` option, which ensures all openssl features are enabled. Documented and tested building the various open source defines we support in our build. 2018-04-11 13:54:07 -07:00
David Garske a38576146e * Added support for disabling PEM to DER functionality using `WOLFSSL_PEM_TO_DER`. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests. 
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
 2018-04-09 13:28:15 -07:00
David Garske 6de8348918 Fixes for various build configurations. Added `--enable-enckeys` option to enable support for encrypted PEM private keys using password callback without having to use opensslextra. Moved ASN `CryptKey` function to wc_encrypt.c as `wc_CryptKey`. Fixup some missing heap args on XMALLOC/XFREE in asn.c. 2018-04-09 13:28:15 -07:00
David Garske c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
David Garske 21833e245f Fix TLS 1.3 with ECC disabled and CURVE25519 enabled. Resolves issue with using `./configure --disable-ecc --enable-curve25519 --enable-ed25519 --enable-tls13`. Refactor `TLSX_KeyShare_GenEccKey` to support either ECC or CURVE25519. Fix for `PemToDer` to handle ED25519 without ECC enabled. 2018-04-09 10:10:08 -07:00
David Garske c288d0815d Added support for building and using PKCS7 without RSA (assuming ECC is enabled). 2018-04-03 09:26:57 -07:00
jrblixt 1cd6075b9d Nightly build fix. 2018-03-27 16:54:14 -06:00
Chris Conlon c08f5b86cf
Merge pull request #1444 from jrblixt/unitTest_api_addPkcs-PR03162018 
Unit test functions for PKCS#7.
 2018-03-23 10:00:33 -06:00
jrblixt 316a2b9fb4 Review changes: Chris. 2018-03-22 15:35:25 -06:00
Jacob Barthelmeh df6ea54cd5 add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build 2018-03-20 15:06:35 -06:00
jrblixt 2788183e79 Known config. tests fix. 2018-03-20 14:35:26 -06:00
jrblixt 1aba6e9b44 Prepare for PR. 2018-03-16 17:07:28 -06:00
Jacob Barthelmeh e0afec0600 fix RSA macro, tickets without server, and add test case 2018-03-08 14:36:43 -07:00
toddouska 442430d39e
Merge pull request #1392 from ejohnstown/rsa-decrypt-check 
RSA Decrypt Bounds Checking
 2018-02-26 12:19:37 -08:00
John Safranek a49553df6a RSA Decrypt Bounds Checking 
1. Added some bounds checking on the ciphertext passed into the RSA decrypt function. NIST SP 800-56B specifies that the ciphertext shouldn't be a number larger than the modulus.
2. Added an API test to check that the direct RSA decrypt function returns an error with a "bad" message.
3. Added an ifndef guard to disable the bounds check. Default is to keep the bounds check.
4. RSA Decrypt bounds check only checked the first time into wc_RsaFunction().
 2018-02-23 17:04:05 -08:00
JacobBarthelmeh 89390180a0
Merge branch 'master' into Compatibility-Layer 2018-02-22 15:24:31 -07:00
Jacob Barthelmeh fd7ffc992f fix for unused variables 2018-02-21 11:19:49 -07:00
Jacob Barthelmeh 2a15b3912b revert pkcs7 attrib structure for scep and add more macro guards for AES key size 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh c9525d9c1d add opensslextra=x509small build option 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh f569645212 add wolfSSL_SHA256 function 2018-02-16 16:57:45 -07:00
Jacob Barthelmeh a651b08afa add wolfSSL_AES_ecb_encrypt function 2018-02-16 15:08:31 -07:00
JacobBarthelmeh 223edab6d9
Merge pull request #1378 from dgarske/evp_gcc7_async_test 
Fixes a few build errors with EVP/wolfCrypt test and async API test hang
 2018-02-16 13:11:36 -07:00
David Garske ae5dac8994 Fixes for GCC 7 build errors with evp.c and switch fall through. General EVP code formatting cleanup. Fix for wolfCrypt test un-used var when `HAVE_AES_CBC` not defined. Fix for async in `test_wolfSSL_SESSION` with `err` not being initialized. 2018-02-16 09:32:40 -08:00
Jacob Barthelmeh 488a795747 add wolfSSL_PEM_read_bio_RSAPrivateKey function 2018-02-15 22:34:50 -07:00
John Safranek d8eff923f1
Merge pull request #1372 from JacobBarthelmeh/UnitTests 
clear error node queue after test case and initialize logging buffer
 2018-02-15 08:40:45 -08:00
David Garske 9ff97997a6
Merge pull request #1360 from SparkiDev/sp_math 
Minimal implementation of MP when using SP.
 2018-02-14 15:49:23 -08:00
Jacob Barthelmeh c1b1fbaf7e clear error node queue after test case 2018-02-14 13:55:43 -07:00
Jacob Barthelmeh c09e55c749 add check for having ECC enabled when testing with ECC certificate 2018-02-12 09:59:35 -07:00
toddouska d827e93af9
Merge pull request #1329 from JacobBarthelmeh/PKCS12 
PKCS12 reverse order that certificates are compared for keypair
 2018-02-09 13:15:07 -08:00
Sean Parkinson a3a4f2d59c Minimal implementation of MP when using SP. 
--enable-sp-math to include minimal implementation of MP (only with
--enable-sp.)
Add futher functionality for ECC (conditionally compiled):
- check key
- is point on curve
- API to add and double projective points
- API to map from project to affine
- Uncompress point (including sqrt)
Some configuration options will not work with SP math - configure.ac
detects this and errors out.
Change test code to better support SP sizes only.
 2018-02-08 15:50:17 +10:00
Jacob Barthelmeh 62b8c0c3fd add test case for order of certificates with PKCS12 parse 2018-02-07 16:52:39 -07:00
toddouska d63373066b
Merge pull request #1331 from JacobBarthelmeh/Compatibility-Layer 
add comments and better error checking for PKCS8 strip
 2018-02-02 10:50:29 -08:00
Takashi Kojo 162326dfcb fix shadow global 2018-01-22 01:19:45 +09:00
Jacob Barthelmeh 1428934ad5 add comments and better error checking for PKCS8 strip 2018-01-19 16:53:12 -07:00
toddouska 2efe7f6d96
Merge pull request #1319 from JacobBarthelmeh/Compatibility-Layer-Part5 
Compatibility layer part4
 2018-01-19 14:49:12 -08:00
John Safranek 9654f19075 RSA Key Gen Test Fix 
A recent change to the RSA key generation process is capping the number of attempts of finding a probable prime to a multiple of the prime's size, in FIPS builds. This means it might fail once in a while. (It could also fail for a couple other reasons but this is the most likely.) The API is changed to retry key generation until it succeeds. Non-FIPS builds keep trying until they find a prime.
 2018-01-18 12:20:25 -08:00
Jacob Barthelmeh 19288ea127 casting values, update names, g++ build 2018-01-17 12:18:00 -07:00
Jacob Barthelmeh 676e2f1f63 add comments and remove 2999 bit rsa key test for now 2018-01-17 11:19:21 -07:00
Jacob Barthelmeh bf57da1914 static analysis fixes, free buffer return in test case, fips build 2018-01-17 09:28:25 -07:00
Takashi Kojo 56efe657fc save iPad, oPad. test long key 2018-01-16 14:57:53 -07:00
Takashi Kojo 30e6ec5396 HMAC_CTX_copy, copy save_len, save_key 2018-01-16 14:54:44 -07:00
Takashi Kojo c80cadb25f DES_set_odd_parity to MLB 2018-01-16 14:12:43 -07:00
Jacob Barthelmeh a643ae1907 return code of sk num, X509 store peer chain, and get text by NID fix 2018-01-16 13:49:58 -07:00
Jacob Barthelmeh 19244fc0c9 fix memory management 2018-01-16 13:44:53 -07:00
Jacob Barthelmeh 01cd58cc43 fix wolfSSL_DH_1536_prime 2018-01-16 13:44:53 -07:00
Jacob Barthelmeh 479b7e5ca8 SHA1 implementation and test 2018-01-16 10:39:22 -07:00
Jacob Barthelmeh 7cc7de9d4a add set msg callback tests 2018-01-16 10:39:21 -07:00
Jacob Barthelmeh 990e1f3ddf implement wolfSSL set msg callback function 2018-01-16 10:39:20 -07:00
Jacob Barthelmeh 01e6feb060 add hmac ctx copy testing to unit tests 2018-01-16 09:27:39 -07:00
Jacob Barthelmeh b9001d3c4d implement X509 store ctx set error function 2018-01-16 09:12:02 -07:00
Jacob Barthelmeh 86112a574f implement X509 store ctx get ssl idx 2018-01-16 02:29:51 -07:00
Jacob Barthelmeh c8381afdc1 implement asn1 object to nid function 2018-01-16 02:17:43 -07:00
Jacob Barthelmeh 189a4d74c0 implement get error line data function 2018-01-16 02:17:42 -07:00
Jacob Barthelmeh f393eb9176 implement ssl set session id context 2018-01-16 02:17:42 -07:00
Jacob Barthelmeh ede8127569 implement function for setting CTX verify depth 2018-01-16 02:17:40 -07:00
Jacob Barthelmeh 762b7144e0 implement WOLFSSL get app data and set app data functions 2018-01-16 02:13:16 -07:00
Jacob Barthelmeh 3089fa2d27 group sk x509 functions together and implement sk x509 pop free 2018-01-16 02:10:15 -07:00
Jacob Barthelmeh b369112ed3 implement CTX check private key function 2018-01-16 01:53:05 -07:00
Jacob Barthelmeh 86deb23d2f put a macro guard on stub functions and implement quick ones, alo update macro guards on recent BN and RSA tests 2018-01-16 01:51:00 -07:00
Jacob Barthelmeh 266132521c implement RSA key generation compatibility function and BN get word 2018-01-16 01:50:58 -07:00
Jacob Barthelmeh 47f234dce2 add wolfSSL_EVP_md4 function 2018-01-16 01:22:48 -07:00
Jacob Barthelmeh ad6cc6be2e fix clang build warnings and change return type 2018-01-16 01:12:11 -07:00
Jacob Barthelmeh db3badb73a add GENERAL NAME stack functions and fix WOLFSSL_BIO free with files 2018-01-16 01:12:09 -07:00
Takashi Kojo 32ca91cd2f fix return value type of fread 2018-01-16 00:16:34 -07:00
Jacob Barthelmeh d1c05c1883 fix DER to internal private key function 2018-01-16 00:14:08 -07:00
Jacob Barthelmeh 46a0cedb08 return value for printing asn1 time 2018-01-15 23:17:03 -07:00
Jacob Barthelmeh 32bf163633 update base64 WOLFSSL_BIO encoding and checking session context ID 2018-01-15 17:54:46 -07:00
Jacob Barthelmeh b5ab505d1e testing with WOLFSSL_BIO write 2018-01-15 17:40:51 -07:00
Jacob Barthelmeh dc4159546b refactor WOLFSSL_BIO read/write to bio.c and update read and write for base64 formating 2018-01-15 17:22:54 -07:00
Jacob Barthelmeh 52a89349dd resolves redefinition warnings with clang builds 2018-01-15 16:13:45 -07:00
Jacob Barthelmeh 930930ebc4 update DER to internal function with private RSA key 2018-01-15 13:46:18 -07:00
Jacob Barthelmeh e9f3d7f898 add the function ERR remove state and test for it 2018-01-15 10:56:54 -07:00
toddouska 2e6f97621a
Merge pull request #764 from JacobBarthelmeh/Compatibility-Layer-Part3 
Compatibility layer part3
 2018-01-13 09:57:14 -08:00
Jacob Barthelmeh 2945213871 update to d2i_PUBKEY function 2018-01-12 16:01:23 -07:00
toddouska 0590f2493e
Merge pull request #1314 from dgarske/cleanups 
Minor fixes and cleanups for hash digest/block size
 2018-01-12 13:00:53 -08:00
dgarske 3f8ecb4e70
Merge pull request #1313 from JacobBarthelmeh/Testing 
DHE suite with test case and set server/client method
 2018-01-12 10:03:03 -08:00
Jacob Barthelmeh d04775ecfb Add check for AES with using AES cipher suite 2018-01-12 09:10:55 -07:00
Jacob Barthelmeh 064a54f552 static analysis and windows fix 2018-01-11 14:08:22 -07:00
Jacob Barthelmeh 4a9f5f3a7e add DES cksum and DES set odd parity 2018-01-11 11:32:00 -07:00
David Garske 481f4765eb Cleanup to remove duplicate MAX_DIGEST_SIZE in hmac.h and refactor to use WC_MAX_DIGEST_SIZE. Cleanup for HMAC to include hash.h and refactor HMAC_BLOCK_SIZE to WC_HMAC_BLOCK_SIZE. Fix build warning in benchmark.c with unused variable if features are disabled. 2018-01-11 09:52:49 -08:00
Jacob Barthelmeh e442f8dccf DHE suite with test case and set server/client method 2018-01-11 10:24:48 -07:00
toddouska bb52b0a7b9
Merge pull request #724 from JacobBarthelmeh/Compatibility-Layer-Part2 
Compatibility layer part2
 2018-01-11 08:28:54 -08:00
toddouska 2cdcd560a2
Merge pull request #1307 from JacobBarthelmeh/Testing 
fix check key pair match with ECC
 2018-01-11 08:26:25 -08:00
toddouska df3c775f1d
Merge pull request #1304 from cconlon/dsa1864 
DSA 186-4 Key Generation, raw params and key import/export
 2018-01-11 08:25:27 -08:00
Chris Conlon d78a6cebd8 allow DSA raw export functions to return buffer sizes 2018-01-10 10:21:58 -07:00
Jacob Barthelmeh e9432005d4 build for no old names and fix valgrind report 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 23b271da84 clean up after rebase 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh ab0bc32d4c resolve rebase by adding an error node pull function 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 00670233af account for fast rsa when testing get rsa size 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh c8233177c3 fix bio gets and enhance x509 get public key 2018-01-10 09:28:56 -07:00
Takashi Kojo 150481699f add BIO_new_file: ssl.c, tests/api.c 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 1765246cf7 bio gets test, certificate buffer tests, and increase max static memory bucket size with sessioncerts 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 79ea6b78bb add name entry and fix build without RSA 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 54246053de WOLFSSL_RSA in EVP_PKEY structure and fixes for PKCS12 build 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 7252a138e0 ASN1 object functions 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 35ad1269a8 expand compatibility layer, hmac, dsa gen, pubkey from bio, pseudo rand 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh e391931711 error put function 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 704d765501 adjust compat. layer to not include wolfSSL headers where possible, add d2i for X509's, clang-3.3 build 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh e213e60471 PKCS 8 info function 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh 03b0a07adb add BN pseudo random function 2018-01-10 09:28:56 -07:00
Jacob Barthelmeh c552de77f4 PKCS12 create function 2018-01-10 09:28:56 -07:00
David Garske aac050369a Added API unit tests for new BUF_MEM. Fixed wolfSSL_BUF_MEM_grow handling of negative “len” input. Added GPLv2 header to new buffer.h. 2018-01-10 09:28:30 -07:00
Jacob Barthelmeh 921eb03a01 add PEM read bio private key function and update reading a memory bio 2018-01-10 09:26:58 -07:00
Takashi Kojo f9eb8f8f6d missing rename SSL_check_private_key, DSA_dup_DH 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh 9290b2e464 RAND cleanup and no-op functions for compatibility -- brackets added to ssl.c if statements for gcc-6 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh 54af9fb884 compatibility mapping for STORE_CTX functions and added test case 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh f0c19ba9b2 add internal to DER X509 function 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh 7da0f50457 tests for added DES functions and fix check on DES key 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh 2b75d0faf3 asn1 string compatibility 2018-01-10 09:26:58 -07:00
Jacob Barthelmeh 0bfa399b6c fix check key pair match with ECC 2018-01-09 16:13:46 -07:00
Chris Conlon e42fea8710 add unit tests for DSA raw key and param import/export functions 2018-01-08 13:36:06 -07:00
Jacob Barthelmeh b22ae9de4c add DH callback to example server and client 2018-01-05 11:56:59 -07:00
Jacob Barthelmeh 915f628bc7 add DH Agree callback 2018-01-03 16:47:15 -07:00
jrblixt 6c76a89785 Add ECC unit test functions. 
Change per David RE: WOLFSSL_ATECC508A
Jenkins fix.
Changes per Chris.
 2017-12-29 13:03:45 -07:00
jrblixt 8a51df9fd8 Spacing issue per Chris. 2017-12-29 09:48:35 -07:00
jrblixt 555551b745 Added Ed25519 to unit test functions. 2017-12-28 09:42:51 -07:00
Chris Conlon 83cb000958
Merge pull request #1289 from jrblixt/unitTest_api_addCmac-PR08162017 
AES_CMAC unit test functions added.
 2017-12-27 15:54:32 -07:00
Chris Conlon 0c709a9088
Merge pull request #1098 from jrblixt/unitTest_api_addSha3-PR08112017 
Sha3 unit test functions.
 2017-12-27 15:23:14 -07:00
Chris Conlon 2660ff0b93
Merge pull request #1251 from kojo1/openSSL-Compat-201711 
openSSL compatibility 201711
 2017-12-21 16:25:46 -07:00
jrblixt 4552c8a4a7 AES_CMAC unit test functions added. 2017-12-20 15:44:44 -07:00
Chris Conlon adc8ca0f16 api.c fix for fast-rsa 2017-12-20 15:13:13 -07:00
jrblixt 98603d9e74 Sha3 unit test functions. 
Code review changes per Chris.
 2017-12-20 10:49:24 -07:00
Go Hosohara bfed9f28d3 Modification for compliling application with libsignal-protocol-c. 2017-12-19 13:19:05 +09:00
David Garske 57c0b5d4ac Adjustment to fix for --enable-32bit where time_t is not long. 2017-12-18 14:34:40 -08:00
David Garske bbd27b491e Fix for building with --enable-32bit where test assumes time_t is long. 2017-12-18 11:04:40 -08:00
Takashi Kojo 98235f9e36 fix hard tabs 2017-11-30 09:08:59 +09:00
Takashi Kojo b664a1187b fix hard tabs, new line 2017-11-29 07:03:00 +09:00
Takashi Kojo 64caf325f8 add ctx == NULL checks, fix spacing 2017-11-28 10:16:24 +09:00
Takashi Kojo 8f31d36bcd gurde SSL_get_peer_cert_chain->count check by macro option 2017-11-25 06:25:15 +09:00
Takashi Kojo eb85accea9 Fix 'buffer' shadows a global (2) 2017-11-25 03:59:35 +09:00
Takashi Kojo 79b648c006 Fix ‘buffer’ shadows a global 2017-11-24 18:21:32 +09:00
Takashi Kojo a320ca92fb fix rebase miss 2017-11-24 08:21:27 +09:00
Takashi Kojo fce1b90b63 SSL_get_peer_cert_chain(ssl)->count value check in api.c 2017-11-24 08:09:41 +09:00
Takashi Kojo 803bd7c612 Review feedbacks: refactor test_SSL_set_options and add SSL_clear_option 2017-11-24 08:07:32 +09:00
Takashi Kojo dace30cfac Missing X509_STORE_CTX_free(ctx); 2017-11-24 06:27:36 +09:00
Takashi Kojo 196bcf6f51 remove unused velues 2017-11-24 06:27:36 +09:00
Takashi Kojo 279f12cc7d fix test_wolfSSL_msgCb 2017-11-24 06:27:35 +09:00
Takashi Kojo 527c94c06b add test_wolfSSL_msgCb 2017-11-24 06:02:01 +09:00
Takashi Kojo a9cbb0ee10 add api tests 2017-11-24 05:52:25 +09:00
Takashi Kojo d967129581 add BN_mod_mul 2017-11-24 05:38:24 +09:00
toddouska 947fceda6d
Merge pull request #1232 from dgarske/disable_oldtls_v1_0 
Disable TLS v1.0 by default
 2017-11-16 13:49:03 -08:00
David Garske d5cc3ca198 Disable TLS v1.0 by default. Added new `--enable-tlsv10` option to force enable (only works if --enable-oldtls is set, which is on by default). 2017-11-14 14:01:31 -08:00
Moisés Guimarães a23b65751d enables wolfSSL_SNI_GetRequest() at client side. 2017-11-13 13:58:14 -02:00
David Garske e591576cdf Cleanup of the RSA exponent hard coded value. 2017-11-06 10:23:06 -08:00
David Garske 231ebeea0e Add unit test for BN_bn2hex. Cleanup math radix constants. 2017-11-06 09:16:37 -08:00
David Garske 57ea7ba319 Various fixes from nightly Jenkins builds. Fix for new `test_wolfSSL_ASN1_TIME_adj` API unit test to skip generalized time test when on PowerPC (which has time_t as int). Fix for building with AES disabled and PKCS7 enabled. Fix for building without openssl_extra when time_t is not present. 2017-11-03 10:16:45 -07:00
dgarske 1d1e904acb
Merge pull request #942 from ghoso/dev201705 
New openssl compatibility functions for: `BN_mod_inverse`, `PKCS5_PBKDF2_HMAC_SHA1` and 
`SSL_set_tlsext_status_type`.
 2017-11-02 10:47:14 -07:00
David Garske cc7a5fd490 Fix for bug in `wolfSSL_EC_POINT_free` not freeing the internal ECC point. Unit test fixup for `test_wolfSSL_EVP_PKEY_new_mac_key` with malloc and size 0. Cleanup the EC_POINT unit test to not set `Gxy->inSet`, since its already 0. 2017-11-01 09:44:19 -07:00
Go Hosohara 9c9978ce9f OpenSSL Compatibility functions on PR#942. 2017-11-01 13:00:47 +09:00
David Garske 72a33136f5 Fix for `EC_POINT_mul` population of result. Add NULL arg checks for a few compatability functions. Added unit tests for compatability layer API's `EC_POINT_` and `EC_GROUP_` in `test_wolfSSL_EC`. Cleanup of the `EC_POINT_dump`. 2017-10-31 16:09:39 -07:00
dgarske 2037a6c9ea
Merge pull request #1199 from JacobBarthelmeh/fast-rsa 
increase test buffer size to account for edge case
 2017-10-27 15:48:14 -07:00
Jacob Barthelmeh 016f7357d2 increase test buffer size to account for edge case 2017-10-26 16:19:56 -06:00
Sean Parkinson 323db1a95d Fix no ECC builds with TLS13 code. 
Fix tests so that having ECC disabled works as well.
Fix define protection for Draft 18 and HRR Cookie.
 2017-10-24 09:11:24 -07:00
toddouska 8a01d725da Merge pull request #1177 from dgarske/certreq_tests 
Testing improvements for cert gen and TLS cert validation
 2017-10-24 08:21:37 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske 024c8725ad Testing improvements for cert gen and TLS cert validation: 
* Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled.
* Added new ECC CA for 384-bit tests.
* Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem)
* Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL.
* Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`.
* Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function.
* Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack).
* Cleanup to combine all certificate subject information into global `certDefaultName`.
* Updated cert request info to use wolfSSL instead of Yassl.
* Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`.
* Re-number error codes in rsa_test.
* Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.
 2017-10-19 16:17:51 -07:00
David Garske c9558ee27b Updated a few more old names. Added PR for new configs to Jenkins. 2017-10-18 10:38:27 -07:00
toddouska b79b816276 Merge pull request #1168 from dgarske/ctx_get_cm 
Add method to get WOLFSSL_CTX certificate manager
 2017-10-13 09:13:54 -07:00
David Garske 6021c37ec7 Refactor `WOLF_SSL_` to `WOLFSSL_` (much better). 2017-10-11 09:10:43 -07:00
David Garske 6707be2b0e Added new `--disable-oldnames` option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add `--enable-opensslcoexist` which makes sure `oldnames` is disabled. Refactor of `SSL_` to `WOLF_SSL_`. Refactor of `SHA`, `MD5`, `SHA224`, `SHA256`, `SHA512` and `SHA384` to `WC_` naming. 2017-10-11 09:10:42 -07:00
David Garske 19ea4716f3 Add unit tests for `wolfSSL_CTX_GetCertManager`, `wolfSSL_CTX_UnloadCAs`, `wolfSSL_CertManagerUnloadCAs` and `wolfSSL_CTX_get_cert_cache_memsize`. Fixed comment typo `PERSISTE_CERT_CACHE`. 2017-10-03 10:00:20 -07:00
Jacob Barthelmeh 8cd0b7dfc7 fix for wolfSSL_ASN1_TIME_print function 2017-09-28 15:30:46 -06:00
Koichi Tsujino b172585fc3 Resolved conflicts 2017-09-26 09:01:23 +09:00
Koichi Tsujino e8f95b9252 add EVP_get_cipherbynid 2017-09-26 08:58:36 +09:00
dgarske 2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
Jacob Barthelmeh 80333979a9 fix for wolfSSL_X509_NAME_get_text_by_NID 2017-09-20 17:31:53 -06:00
kaleb-himes 5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
kaleb-himes 60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
John Safranek 2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
David Garske a5eaecaa0e Fix unit API test call to `wolfSSL_CertManagerLoadCA` when building without file system. 2017-09-11 06:51:27 -07:00
Jacob Barthelmeh 61ff3e136a fix memory management in unit test with --disable-fastmath 2017-08-28 16:23:44 -06:00
Chris Conlon 73b8be8fcc Merge pull request #1039 from jrblixt/unitTest_api_addDsa-PR07192017 
Add Dsa unit test functions.
 2017-08-22 15:46:46 -06:00
David Garske 84a396b7dc Additional init fixes for unit tests based on async valgrind report. 2017-08-17 12:41:18 -07:00
David Garske c06e672eb7 Added missing AES/DES3/HMAC init functions for helping with valgrind reports on unitialized use for async markers. 2017-08-17 09:58:46 -07:00
jrblixt 9909c8428c Code review changes per Chris. 2017-08-16 16:08:50 -06:00
David Garske 1f80fb952f Fix issue with using wrong asyncDev in ConfirmSignature. Fix un-initialized Hmac in API unit tests. 2017-08-15 21:20:32 -07:00
jrblixt dd5430d188 Code review changes, Chris. 2017-08-14 16:09:35 -06:00
jrblixt 3c1140d90e Re-order hash functions in unit test. 2017-08-09 15:23:01 -06:00
toddouska e77e93ef2e Merge pull request #1065 from JacobBarthelmeh/Testing 
update DTLS export session version and tests
 2017-08-02 11:40:38 -07:00
Jacob Barthelmeh af0514704f place macro guard on test of RSA-OAEP with SHA1 dependency 2017-08-01 11:46:49 -06:00
Jacob Barthelmeh e1ccc5acad update DTLS export session version and tests 2017-07-28 14:27:24 -06:00
jrblixt 3560eed52b Add Dsa unit test functions. 2017-07-26 09:01:36 -06:00
Jacob Barthelmeh 4fead493e7 add to return values checked 2017-07-25 14:44:40 -06:00
Jacob Barthelmeh 4438b8e92d update unit test case with DES3 and FIPS 2017-07-25 14:42:17 -06:00
Jacob Barthelmeh 5b0022fba0 HMAC key size when testing with FIPS 2017-07-25 14:42:17 -06:00
Jacob Barthelmeh 1b80e5a75f check return values with new unit tests 2017-07-25 14:42:17 -06:00
toddouska ef98e96767 Merge pull request #1058 from jrblixt/fix-AesFipsSanityCheck 
Unit test GCM sanity check Fips change.
 2017-07-25 13:30:35 -07:00
toddouska a076a2f0d8 Merge pull request #1055 from JacobBarthelmeh/Memory 
fix memory management with --enable-fast-rsa make key and free RSA ke…
 2017-07-25 11:03:16 -07:00
jrblixt f8e2f596d6 Unit test GCM sanity check Fips change. 2017-07-25 09:23:19 -06:00
Chris Conlon e9f87b9f33 Merge pull request #1054 from jrblixt/fix-RsaSetRng 
Fix rsa set rng
 2017-07-25 09:16:14 -06:00
Jacob Barthelmeh 1040bbde16 fix memory management with --enable-fast-rsa make key and free RSA key before calling make key function 2017-07-24 16:20:27 -06:00
toddouska be61d7fca3 Merge pull request #1044 from ejohnstown/dtls-multicast 
DTLS Multicast
 2017-07-24 14:20:26 -07:00
jrblixt 6df9bc07a4 RSA Fips harness fix. 2017-07-24 13:21:06 -06:00
jrblixt e68ceb3d2c Guard against WC_RSA_BLINDING in api.c unit test. 2017-07-24 09:51:50 -06:00
John Safranek 96c25b2caa DTLS Multicast 
1. Separated the peer ID from the array index into the peer sequence
   list. This allows peer IDs to range from 0..255, and to have an
   arbitrary size for the sequence list.
2. Add API to add and remove peer IDs from the sequence number list.
 2017-07-19 13:33:58 -07:00
jrblixt f83a593f27 Added Free functions to hash unit test. 2017-07-19 14:28:41 -06:00
John Safranek b616b8df02 Multicast DTLS 
1. Update API
2. Update unit test
3. Partially implemented wolfSSL_set_secret().
 2017-07-19 13:26:23 -07:00
John Safranek 0838a3828b Multicast DTLS 
1. Added new cipher suite for use with Multicast DTLS,
   WDM_WITH_NULL_SHA256. (It should be a private suite.)
2. Update the API test to use the new suite.
 2017-07-19 13:26:23 -07:00
John Safranek 5154584576 Multicast DTLS 
1. Add DTLS-multicast to the enable options.
2. Reorg DTLS related enable options together.
3. Update a couple enable option texts to use the AS_HELP_STRING() macro.
4. Add three new APIs for managing a DTLS Multicast session.
5. Add test code for new APIs.
6. Add stub code for the new APIs.
 2017-07-19 13:26:23 -07:00
jrblixt 5c19b7bfe0 Changes per Chris. 2017-07-19 11:24:56 -06:00
jrblixt d2245b9614 Unit test functions for HC128. 2017-07-19 09:18:48 -06:00
Chris Conlon 5f17598d47 Merge pull request #1035 from jrblixt/Api_c-Fix 
api.c fix.
 2017-07-18 15:46:12 -07:00
jrblixt e68f1b2cec api.c fix. 2017-07-18 11:02:19 -06:00
jrblixt 5671a4cb49 Added unit test functions for AES-CCM. 2017-07-17 15:58:11 -06:00
Chris Conlon 808f4692c7 Merge pull request #993 from jrblixt/unitTest_api_addRsa-PR06222017 
Add RSA to unit test.
 2017-07-17 13:42:42 -07:00
jrblixt fdb371e82e Changes per Chris. 2017-07-17 10:43:36 -06:00
Jacob Barthelmeh ba48221c41 adjust size of test buffer 2017-07-13 13:21:09 -06:00
jrblixt 00724c95a9 Add RSA to unit test. 2017-07-11 09:57:33 -06:00
Chris Conlon f8c0a52170 Merge pull request #996 from jrblixt/unitTest_api_addAes-PR06152017 
Unit test api add AES.
 2017-07-11 08:36:13 -07:00
jrblixt ced45ced41 Changes requested by Chris. 2017-07-06 13:42:54 -06:00
Sean Parkinson d2ce95955d Improvements to TLS v1.3 code 
Reset list of supported sig algorithms before sending certificate
request on server.
Refactored setting of ticket for both TLS13 and earlier.
Remember the type of key for deciding which sig alg to use with TLS13
CertificateVerify.
RSA PKCS #1.5 not allowed in TLS13 for CertificateVerify.
Remove all remaining DTLS code as spec barely started.
Turn off SHA512 code where decision based on cipher suite hash.
Fix fragment handling to work with encrypted messages.
Test public APIS.
 2017-06-29 09:00:44 +10:00
David Garske 47cc3ffdbc Fix build with either `NO_WOLFSSL_SERVER` or `NO_WOLFSSL_CLIENT` defined. 2017-06-26 23:05:32 -07:00
jrblixt a3b21f0394 Aes unit test functions. 2017-06-26 15:16:51 -06:00
jrblixt 1aee054902 Add Arc4 to unit test. 2017-06-21 17:03:27 -06:00
Chris Conlon c183e03802 Merge pull request #986 from jrblixt/unitTest_api_addRabbit-PR06192017 
Add Rabbit unit test functions.
 2017-06-21 10:45:41 -06:00
Kaleb Himes 97906bfdb2 Merge pull request #982 from JacobBarthelmeh/Testing 
set return code to TEST_SUCCESS on successful connection
 2017-06-20 16:21:50 -06:00
jrblixt c14e2d5888 Add Rabbit unit test functions. 2017-06-20 15:16:12 -06:00
Jacob Barthelmeh c118146803 set return code to TEST_SUCCESS on successful connection 2017-06-19 09:26:16 -06:00
jrblixt 6a2824f199 Add Camellia unit test functions.. 2017-06-16 16:27:03 -06:00
jrblixt 43d6b7a145 Add ChaCha unit test functions. 2017-06-16 13:00:17 -06:00
jrblixt d5a43af751 Code review changes. Reviewer: Chris. 2017-06-15 11:12:01 -06:00
jrblixt 25ce52cd0c Add IDEA unit test functions. 2017-06-14 23:43:00 -06:00
jrblixt 0ef1129f18 Changes WRT small stack. 2017-06-13 13:44:06 -06:00
jrblixt e345471b21 Logical error fix. 2017-05-26 13:27:27 -06:00
jrblixt 1c0006882a Remove AssertIntEq from within function. 2017-05-26 09:44:12 -06:00
jrblixt edddd05226 Changes per Chris. 2017-05-24 11:50:18 -06:00
jrblixt b47fca5760 Patched and Clean up for PR. 2017-05-24 11:50:13 -06:00
jrblixt fc5a37ac02 Changes per Chris. 2017-05-23 10:01:31 -06:00
David Garske 4edcbc79c1 RipeMd and Sha224 added to unit test. 2017-05-18 09:32:11 -06:00
Jacob Barthelmeh f06a392764 COMPAT. LAYER : DES set key and malloc/free 2016-11-07 13:21:05 -07:00
Jacob Barthelmeh b686deecbe PKCS12 : Add PKCS12 parsing 2016-10-29 13:12:26 -06:00
John Safranek b994244011 Revising the Extended Master Secret support. Removing the dynamic 
TLSX support for the extention and treating it like the Signature
and Hash algorithms extension. It is to be enabled by default and
the user can turn it off at run time or build time.
 2016-09-11 18:05:44 -07:00
Chris Conlon 88fab67804 add extended master unit tests 2016-09-01 15:15:17 -06:00
John Safranek 46e92e0211 DTLS-SCTP example client and server 
1. Update the example client and server to test DTLS-SCTP.
2. Modify the test.h functions for setting up connections to allow
for a SCTP option.
3. Update other examples to use the new test.h functions.
4. Removed some prototypes in the client header file were some functions
that should have been static to the client.c file and made them static.
 2016-08-26 19:58:36 -07:00
toddouska 78ca9e7716 Merge pull request #482 from dgarske/async 
Asynchronous wolfCrypt RSA and TLS client support
 2016-08-25 10:06:18 -07:00
John Blixt a9935cbc28 Made changes found by Jenkins. 2016-08-19 10:23:55 -06:00
John Blixt 813a9b05b5 Clean up and Chris check added the changes. 2016-08-18 15:07:07 -06:00
John Blixt f61c045e65 Changes to the Assert Macros used and added wolfSSL_CTX_use_certificate_buffer() 2016-08-18 10:03:33 -06:00
John Blixt b068eec96d added wolfSSL_CTX_SetMinVersion 2016-08-17 14:41:37 -06:00
John Blixt cddc771829 Added wolfSSL_SetMinVersion 2016-08-17 14:05:37 -06:00
John Blixt 584733b138 Chris looked at functions added for correctness. 2016-08-17 11:27:14 -06:00
John Blixt 65b2b14a0f added test functions for wolfCrypt_Init and OCSP stapling v1 and v2 2016-08-17 10:32:03 -06:00
David Garske 17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
David Garske 5b3a72d482 Cleanup of stdlib function calls in the wolfSSL library to use our cross-platform "X*" style macros in types.h. 2016-06-29 11:11:25 -07:00
toddouska ac6635593b Revert "Bio" 2016-06-27 10:53:34 -07:00
Jacob Barthelmeh ea71814518 Merge https://github.com/wolfSSL/wolfssl 2016-06-17 13:58:53 -06:00
Jacob Barthelmeh 8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh 2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Ludovic FLAMENT 5d67bb881e fix memory leaks 2016-05-25 17:44:31 +02:00
Ludovic FLAMENT 99b5aa587f Fix errors (jenkins) 2016-05-23 11:11:57 +02:00
Ludovic FLAMENT ed4f67058a Merge branch 'master' of https://github.com/wolfssl/wolfssl 2016-05-20 21:51:13 +02:00
Ludovic FLAMENT 9fe6ca3130 remove XSNPRINTF 
add a full BIO client/server test
 2016-05-17 17:49:30 +02:00
Jacob Barthelmeh 1b278edfd0 fix unused functions, make WOLFSSL first parameter, add comments 2016-05-16 23:48:26 -06:00
Ludovic FLAMENT 4017e0f8dd fix BIO issues : 
- remove unrequited tests
- fix compilations for lighty, stunned, openssh
- wc_BioGetAcceptSocket IPv4 / IPv6 support
- remove <stdio.h> from bio.h
- add NO_STDIO_FILESYSTEM for BIO_printf
- memset -> XMEMSET
- strlen -> XSTRLEN
 2016-05-15 20:22:19 +02:00
Jacob Barthelmeh c8576566cc add public wolfSSL_dtls_export and api tests 2016-05-14 12:49:09 -06:00
Jacob Barthelmeh 8c45cb1938 add DTLS session export option 2016-05-10 13:27:45 -06:00
Ludovic FLAMENT 5d1de3bb33 One file for all BIO functions in wolfcrypt 
move required functions from wolfssl to wolfcrypt
add client/server tests for BIO
 2016-05-05 12:58:21 +02:00
Jacob Barthelmeh 05e56b75f6 scan-build, valgrind issues and fix issue with ExtractDate, struct tm 2016-05-03 09:22:16 -06:00
Jacob Barthelmeh f19541ffe5 update to MYSQL compatibility 2016-05-03 09:22:15 -06:00
David Garske 993972162e MinGW fixes, server port assigning cleanup and ping test cleanup. Fixes issue with visibility detection with MinGW. The visibility.m4 script was not actually trying to call the hidden function, which caused MinGW to detect improperly that visibility was supported. Fix for bogusFile on Windows build. Fixes to build warnings for unused variable 'res' and signed/unsigned comparison for sizeof min(). Cleanup of the server side port assignment to allow use with Windows/MinGW/Cygwin. If Windows uses new GetRandomPort() function in test.h to get port in in the 49152 - 65535 range. If *nix then uses the tcp_listen returned port. Otherwise uses the default wolfSSLPort. Refactor of the ping test code to use common file and properly handle ping count differences (Windows "-c" vs. *Nix style "-n"). Workaround for MinGW and cyassl/options.h getting file permissions error. Added non-fatal compile warning if using MinGW that "strtok_s" might be missing along with a link to public domain source that can be used. 2016-04-08 11:48:14 -06:00
Jacob Barthelmeh 696169634e check return value of wolfSSL_set_fd 2016-03-25 13:59:04 -06:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
Jacob Barthelmeh 267dc48d95 fixs after testing : hash table, using NO_SKID, sanity check, and freeing dCert 2016-03-02 15:23:50 -07:00
Jacob Barthelmeh 05d2cec7c1 addition to api tests and refactor location of trusted peer cert check 2016-03-02 11:35:03 -07:00
Jacob Barthelmeh d0f8132cdc forcing sensitive memory to be all zeros when done with it 2016-02-01 10:45:09 -07:00
toddouska 157486ce0d fix hint types for misuse of in_buffer and out_buffer 2015-12-29 16:13:09 -08:00
Chris Conlon d2a80ba1bc remove extra NULL check in SetTmpDH_buffer/file_wrapper, fix API tests 2015-11-30 10:25:55 -07:00
Chris Conlon 9c6b52876a add SetTmpDH file/buffer functions to API tests 2015-11-20 13:32:44 -07:00
Ludovic FLAMENT 9ef43910ed Merge branch 'master' of https://github.com/wolfssl/wolfssl 2015-10-16 07:46:51 +02:00
Ludovic FLAMENT d4f3419758 ALPN : add function to get in a server the list of supported protocols sent by the client. 2015-10-15 14:59:35 +02:00
Ludovic FLAMENT 10f5154389 ALPN : add option to continue in case of client/server protocol mismatch (like OpenSSL) 2015-10-13 09:38:40 +02:00
Ludovic FLAMENT bf3b0a228d add support for Application-Layer Protocol Name (RFC 7301) in the TLS extensions 2015-10-09 15:18:41 +02:00
toddouska 46e7e9acf9 disable SSLv3 by default 2015-08-12 16:39:13 -07:00
Moisés Guimarães ca01cebd28 adds SNI abort option to turn SNI mandatory for WebSocket (RFC6455 page 17). 
@see WOLFSSL_SNI_ABORT_ON_ABSENCE and the xxxSNI_SetOptions() functions for further details.
 2015-07-01 19:21:18 -03:00
Moisés Guimarães 61c50b26d0 makes wolfSSL_SNI_GetFromBuffer() return SNI_UNSUPPORTED instead of BUFFER_ERROR for SSL v2.0 client hello buffers. 2015-06-25 12:48:11 -03:00
toddouska 86f2b9a98f turn off DTLSv1 functions for disable old tls 2015-04-08 13:29:25 -07:00
toddouska f7c99cec3e obey user ecc choices at TLS layer 2015-03-18 14:12:23 -07:00
toddouska ac979d49ab fix sni yassl tests 2015-02-25 20:34:50 -08:00
toddouska 473a120ba2 remove more stale cyassl headers 2015-02-25 13:34:29 -08:00
kaleb-himes a389620a29 Copyright (C) updates 2015-01-08 09:39:04 -07:00
kaleb-himes ce65bef5a8 enable-fpecc enable-ecc 2015-01-06 13:42:02 -07:00
kaleb-himes 1c75a6e74f tests/api.c updated 2014-12-30 12:41:26 -07:00
kaleb-himes adfa2348ba cleanup 2014-12-29 17:06:45 -07:00
kaleb-himes 64d06580c1 examples not seeing WOLFSSL_API 2014-12-29 16:30:26 -07:00
Kaleb Himes 53057f0b0d name changes kaleb push 2014-12-17 10:00:17 -07:00
Moisés Guimarães 513ea4d38a add SNI_UNSUPPORTED for better handling SSL 3.0 buffers on CyaSSL_SNI_GetFromBuffer() 2014-12-08 17:31:37 -03:00
toddouska 1f8d84553c add server_ready file to externally monitor example server for ready to accept, -r option 2014-11-26 12:13:47 -08:00
toddouska 6175a2a20c cleanup fp cache on examples with thread local storage 2014-09-09 10:14:32 -07:00
toddouska 2c595139db fix tirtos merge 2014-09-08 19:40:03 -07:00
Moisés Guimarães ffd7dd3555 fix github issue #126 
api tests refectory with ifdef and prototypes cleaning + use of asserts. Now, if the tests fails, it will point the line error and expected behavior like this:

ERROR - tests/api.c line 715 failed with:

    test:   server_args.return_code is true

    result: server_args.return_code => FALSE
 2014-09-04 14:17:55 -03:00
toddouska 61e989ed99 Merge branch 'master' into ti 2014-07-03 11:34:15 -07:00
toddouska 2d63c559cc dh now disabled by default but can be enabled w/o opensslextra 2014-07-03 11:32:24 -07:00
toddouska 00abb2d90e Merge branch 'master' into ti 2014-06-17 09:17:17 -07:00
Moisés Guimarães 8eae068000 fix error codes checking to use enum value from error-ssl.h 2014-06-16 17:57:47 -03:00
toddouska 9a180b0ec8 Merge branch 'master' into ti 2014-06-16 11:05:20 -07:00
Moisés Guimarães a3687a200a fix tests based on Wolfcrypt error codes. 2014-06-13 15:30:30 -03:00
toddouska 8237319d80 merge with master 2014-06-10 15:19:45 -07:00
Moisés Guimarães 9c905b6519 fix on TLSX_SNI_GetFromBuffer - > should be >= so extensions of length 0 get inside the while. 
added test to cover case.
 2014-06-10 16:56:45 -03:00
Moisés Guimarães ba36c24fc1 fix on TLSX_SNI_GetFromBuffer - undo last fix and return 0 when there is no SNI extension. Now the return is the same when there is no extensions at all. 2014-06-10 15:28:29 -03:00
Moisés Guimarães 064483035c fix on TLSX_SNI_GetFromBuffer - set inOutSz value to zero when there is no SNI extension in the client hello buffer. 2014-06-09 17:31:32 -03:00
toddouska 34f2e51415 remove extra spaces from ti cyassl proper files 2014-05-09 11:55:59 -07:00
Vikram Adiga f643ca5f48 Added TI-RTOS support for CyaSSL tests 2014-05-08 15:52:20 -07:00
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek ceb4a8f568 port 0 hack for the API unit test 2014-03-09 15:08:18 -07:00
toddouska 1fd6245600 fix all clang warnings except Wpadded (diagnostic), Wconversion which inludes Wsign-conversion (implicit conversions part of standard) 2014-03-03 13:27:52 -08:00
John Safranek b6d4f10222 Reenabled examples when building single-threaded. 
Changed testsuite and unit tests to leave out tests cases
that require threading.
 2014-02-11 18:59:20 -08:00
Moisés Guimarães 36b5bf0df1 Renaming Elliptic Curves to Supported Curves for better extension representation and avoid confusion. 2014-02-03 16:14:35 -03:00
Moisés Guimarães 5616450a4b fixed return codes 
added protection for missing HAVE_TLS_EXTENSIONS
 2014-01-31 16:52:15 -03:00
Moisés Guimarães 179836ad43 added api tests for Elliptic Curves Extensions. 2014-01-31 16:52:13 -03:00