WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
12,961 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1193 Commits (75c062a2984f70d15f675086c29cd8037cc24d7d)

Author SHA1 Message Date
Ethan Looney ef71099225 Removed duplicate semicolon and deleted unneeded initrng 2020-07-17 10:34:38 -07:00
Ethan Looney 93c6e99aef Added a ret check 2020-07-17 08:45:39 -07:00
Ethan Looney 96e59118fc Changed the if defined order and to include fips and selftest 2020-07-16 15:50:03 -07:00
Ethan Looney 2275b89654 Removed unnecessary comments and added HashInit's and checked that they returned errors when they should 2020-07-16 12:38:55 -07:00
toddouska 9137794cb4
Merge pull request #3105 from embhorn/zd10457_a 
Adding wolfSSL_X509_check_ip_asc
 2020-07-16 10:53:27 -07:00
toddouska fbe0c8cba7
Merge pull request #3122 from JacobBarthelmeh/Compatibility-Layer 
fix X509 multiple OU's and refactor
 2020-07-15 15:06:22 -07:00
Ethan Looney d54a51cd20 Added if not defined wc_no_rng 2020-07-15 13:56:12 -07:00
Ethan Looney 7a642e2b78 Added unit tests for Random.c 2020-07-15 12:55:19 -07:00
Ethan Looney 6be76e84ec Fixed formatting for Shake256Hash 2020-07-15 12:52:17 -07:00
Ethan Looney 9a07df9631 Changed hash size to 144 for Shake256Hash 2020-07-15 12:52:17 -07:00
Ethan Looney 379212acec Initialized variable data 2020-07-15 12:52:17 -07:00
Ethan Looney aaa6e892da Added unit tests for hash.c 2020-07-15 12:52:17 -07:00
Eric Blankenhorn 525a3cb9c3 Move API out of OPENSSL_EXTRA 2020-07-15 10:48:11 -05:00
Eric Blankenhorn d1a82589f9 Adding wolfSSL_X509_check_ip_asc 2020-07-15 10:48:11 -05:00
Chris Conlon 4938baa892
Merge pull request #3121 from ethanlooney/12th_branch 
Added unit tests for Sha3.c
 2020-07-13 17:29:45 -06:00
Ethan Looney c5b8181005 Added a free call for shake256_copy 2020-07-13 09:58:00 -07:00
Chris Conlon ed9648770d
Merge pull request #3120 from ethanlooney/11th_branch 
Added unit tests for Sha512.c
 2020-07-10 17:12:23 -06:00
Jacob Barthelmeh 2aaeb2a2df fix X509 multiple OU's and refactor 2020-07-10 17:12:20 -06:00
Ethan Looney 84aa7d746a Added unit tests for Sha3 2020-07-10 15:43:08 -07:00
Ethan Looney 295aa4ac55 Added tests for Sha512.c 2020-07-10 10:15:32 -07:00
Tesfa Mael 890500c1b1 Fix Coverity 2020-07-08 08:20:43 -07:00
TakayukiMatsuo 1e94f0478c Added resetting size info output-buffer before calling export APIs 
Added resetting size into output-buffer before calling export APIs
 2020-07-08 08:20:43 -07:00
toddouska c8dcd59565
Merge pull request #3082 from JacobBarthelmeh/Testing 
restrict the cert version allowed
 2020-07-07 15:37:01 -07:00
Ethan Looney 296b562113 Fixed formatting and forgotten curly bracket 2020-07-06 12:33:06 -07:00
Ethan Looney 1b7a96627c Changed formatting 2020-07-06 12:05:55 -07:00
Ethan Looney dfde73620c Added if defined cases for tests using hashes 2020-07-06 08:07:03 -07:00
Ethan Looney 5f3a287a6a Added tests to sha256.c for sha224 and sha256. 2020-07-02 14:30:30 -07:00
Ethan Looney 3242fa3669 Fixed formatting, redundant if's and added a comment explaining why a value was chosen. 2020-07-01 16:01:50 -07:00
Juliusz Sosinowicz fd79ebfe8d TLS 1.3 requires chacha and poly1305 for myTicketEncCb 2020-07-01 20:24:50 +02:00
Ethan Looney f526a11126 Added additional tests for curve25519 and fixed a print format error from previous tests 2020-07-01 10:19:40 -07:00
Ethan Looney a59560a1d5 Added tests to curve25519.c and fixed a print error from previous curve25519 tests 2020-07-01 09:32:03 -07:00
Ethan Looney 4ad904909c Added a return check 2020-06-30 12:40:20 -07:00
Ethan Looney 78efb48acf Added two more tests to hit xmemset lines 2020-06-30 12:40:20 -07:00
Ethan Looney b7e682e677 Added more tests to api.c for curve448 2020-06-30 12:40:20 -07:00
Chris Conlon 94654c7a46
Merge pull request #3062 from TakayukiMatsuo/branch-2 
Added testcases for wc_curve25519_export_key_xx
 2020-06-30 14:27:24 -05:00
Juliusz Sosinowicz e63a80f1af Use `NO_SESSION_CACHE` as well in preproc checks 2020-06-30 21:21:43 +02:00
Juliusz Sosinowicz b57cf802eb Expose session serialization outside of `OPENSSL_EXTRA` 
Use `./configure CFLAGS='-DHAVE_EXT_CACHE'` to enable session serialization without `OPENSSL_EXTRA`.
 2020-06-30 20:17:21 +02:00
Chris Conlon b6aaedd3b4
Merge pull request #3080 from ethanlooney/second_branch 
Added additional tests to curve448.c through api.c
 2020-06-29 11:21:15 -05:00
Jacob Barthelmeh 14d0b4e7d6 adjust test case 2020-06-26 10:25:50 -06:00
Ethan Looney 1c1ddaa6c2 Added checks to initial returns and free rng 2020-06-25 16:40:38 -07:00
Sean Parkinson f6d26b4e81
Merge pull request #3072 from kaleb-himes/SANITY_CHECKS 
ed25519 and ed448 check sigLen against expected
 2020-06-26 08:31:55 +10:00
Jacob Barthelmeh 0c7b851bd3 restrict the cert version allowed 2020-06-25 15:45:18 -06:00
David Garske e2afbae6aa
Merge pull request #3054 from JacobBarthelmeh/CRL 
fix for x509 store add crl
 2020-06-25 09:52:12 -07:00
kaleb-himes 17466727b2 Implement peer review feedback 2020-06-25 09:43:22 -06:00
Ethan Looney fe7d9ea7c1 changed RNG to WC_RNG 2020-06-24 15:40:58 -07:00
Ethan Looney 79981e3cf7 Added additonal tests to curve448.c 2020-06-24 15:40:38 -07:00
Ethan Looney 86b7f18502 Added additional tests to curve448.c through api.c 2020-06-24 15:40:22 -07:00
toddouska 9cd6f92d19
Merge pull request #3058 from JacobBarthelmeh/Certs 
Fix and test case for malformed name constraint
 2020-06-24 10:15:08 -07:00
kaleb-himes 722961f55c ed25519 and ed448 check sigLen against expected 2020-06-23 17:32:00 -06:00
Sean Parkinson 582240a84d
Merge pull request #3051 from embhorn/zd10451 
Sanity check wc_ecc_import_raw x, y, and key
 2020-06-24 08:52:10 +10:00
Jacob Barthelmeh 8511d07698 store chain is free'd when store is free'd 2020-06-23 15:42:32 -06:00
Jacob Barthelmeh ae90119af4 remove double free in test case 2020-06-23 14:45:31 -06:00
Eric Blankenhorn 7cc64377d0 Sanity check wc_ecc_import_raw x, y, and key 2020-06-23 08:54:47 -05:00
toddouska 93bd0dbfe1
Merge pull request #2980 from dgarske/psoc6 
Fix for `WOLFSSL_ALT_CERT_CHAINS` with long chain
 2020-06-22 13:36:35 -07:00
JacobBarthelmeh b88342eeaf memory handling fixes 2020-06-19 10:08:42 -07:00
TakayukiMatsuo 771d60c085 Replaced some hard-tabs with spaces in wc_curve25519_export_key_raw_ex() 2020-06-19 13:40:16 +09:00
toddouska 248b8c9b62
Merge pull request #3057 from kaleb-himes/FIPSv2_plus_OPENSSLALL 
Resolve issues with FIPSv2 when opensslall set
 2020-06-18 10:12:06 -07:00
toddouska 48cd6f36ff
Merge pull request #2967 from dgarske/ecc_null 
Fixes for ECC key import
 2020-06-18 10:10:49 -07:00
Jacob Barthelmeh 1e431e1ade add test case and fixes from review 2020-06-18 10:57:25 -06:00
David Garske 667d9ca896 Fix to catch the issue in this PR with alt cert chains, which only happens if the verify callback is used and the chain is long enough. Cleanup of the myVerify callback to allow specific actions. Fix the suites.c to not crash if no newline at end of file. Added helpful debug message to show that a CA was found. 2020-06-18 09:26:50 -07:00
TakayukiMatsuo 28819bd45e Made two lines wrap around in test_wc_curve25519_export_key_raw_ex() 2020-06-18 12:25:21 +09:00
TakayukiMatsuo a855d6355e Added cleanup to test_wc_curve25519_export_key_raw_ex 2020-06-18 12:25:21 +09:00
TakayukiMatsuo 1d98c960cf Added resetting size info output-buffer before calling export APIs 
Added resetting size into output-buffer before calling export APIs
 2020-06-18 12:24:03 +09:00
David Garske 0fd5eda5af Fix for `test_wolfSSL_DTLS_either_side`, which was not properly free'ing in error case. Improves the test shared context logic to make it explicit. 2020-06-17 17:08:09 -07:00
Jacob Barthelmeh dafd35e4c1 remove unused variable 2020-06-17 15:55:08 -06:00
Jacob Barthelmeh f75659641a test on malformed name constraint 2020-06-17 14:33:10 -06:00
kaleb-himes e2fb4c55b8 Resolve issues with FIPSv2 when opensslall set 2020-06-17 14:03:02 -06:00
Sean Parkinson 6bb73fb25d Fix ED448 calls to use context and correct variable name 
Added basic test of OpenSSL compatability APIs:
  - wolfSSL_ED25519_generate_key
  - wolfSSL_ED25519_sign
  - wolfSSL_ED25519_verify
  - wolfSSL_ED2448_generate_key
  - wolfSSL_ED448_sign
  - wolfSSL_ED448_verify
 2020-06-17 10:05:50 +10:00
toddouska 4c2dee77d8
Merge pull request #3028 from julek-wolfssl/CRYPTO_memcmp 
Implement CRYPTO_memcmp
 2020-06-12 11:16:18 -07:00
toddouska 29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
toddouska e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska c023efb2aa
Merge pull request #3025 from JacobBarthelmeh/Compatibility-Layer 
fix macro to match *_FLAGS_*
 2020-06-09 13:19:29 -07:00
toddouska 7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
David Garske 3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in `AddSession`. 2020-06-05 13:33:03 -07:00
Juliusz Sosinowicz a75f83c9f2 Implement CRYPTO_memcmp 2020-06-05 16:44:12 +02:00
David Garske ca9dc7d509 Fix for `wc_ecc_import_unsigned` failing if first private key byte is zero (Fixes #2950). Fix `wc_ecc_is_point` to return better code `IS_POINT_E` on failure (was returning -1). Improved ECC import API unit tests. Added `WOLFSSL_VALIDATE_ECC_IMPORT` and `WOLFSSL_VALIDATE_ECC_KEYGEN` to `--enable-all`. 2020-06-04 15:25:56 -07:00
toddouska 3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
toddouska 23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
Jacob Barthelmeh c8b87eab5f fix macro to match *_FLAGS_* 2020-06-04 11:53:46 -06:00
kaleb-himes 5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00
Chris Conlon 0b9d06e529 return value from FailTestCallBack to prevent NetBSD noreturn warning 2020-06-03 14:45:31 -06:00
Chris Conlon 504b887851 fix NetBSD warnings in ASN1_INTEGER_set() tests around int max/min 2020-06-03 14:14:43 -06:00
Tesfa Mael d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
kaleb-himes 6217118ee4 Account for unmodifiable FIPS module files when adding new OpenSSL functionality 2020-06-01 16:28:32 -06:00
Chris Conlon 896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
kaleb-himes 53d2a17b43 Fix a seg fault when cert not loaded prior to key check 2020-05-22 15:03:11 -06:00
Juliusz Sosinowicz a67e1fc2ad Fix implicit conversions 2020-05-21 13:20:42 +02:00
Juliusz Sosinowicz 5f7832909b BIO_new_mem_buf with negative len should take strlen of buf as len 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 4a85bf8108 Additional OpenSSL compat layer stuff 
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 3d2cbdd3e8 Fix LUT cache implementation 
- Make sure that the cache is actually set (and not just depend on the LRU_count)
- test_wolfSSL_EC should also be run without ECC_SHAMIR
 2020-05-12 13:48:59 +02:00
Juliusz Sosinowicz b5886e0e37 Add option `--enable-ip-alt-name` 
This commit adds the configure option `--enable-ip-alt-name` that enables support for the IP alternative subject name parsing in `wolfcrypt/src/asn.c:DecodeAltNames`.
 2020-05-08 13:20:24 +02:00
Juliusz Sosinowicz 9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
Jacob Barthelmeh 9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
Sean Parkinson e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
toddouska cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++ 
Fixes for G++ and enable-all
 2020-04-28 09:51:34 -07:00
Juliusz Sosinowicz 01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL 
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
 2020-04-27 15:52:01 +02:00
David Garske 6d025f8c0f Refactor of the EVP `macType` to use `enum wc_HashType` to resolve issues with invalid casting. 2020-04-24 07:43:44 -07:00
TakayukiMatsuo 922ab1e944 Merge remote-tracking branch 'upstream/master' into branch-1 2020-04-24 18:00:29 +09:00
TakayukiMatsuo bcc408442b Added test cases for wc_curve25519_key_export_xx 2020-04-24 17:50:17 +09:00
David Garske b07dfa425d Fixes for `./configure CC="g++" --enable-all && make`. Resolves issues with implicit casts and use of reserved `template` keyword. 2020-04-23 15:26:04 -07:00
toddouska 7318121d3a
Merge pull request #2915 from dgarske/async_v4.4.0 
Fixes for async release v4.4.0
 2020-04-23 09:26:08 -07:00
David Garske 88d04e5eeb Fix for NULL == NULL test case in `test_wolfSSL_EC_get_builtin_curves`. 2020-04-22 10:15:52 -07:00
John Safranek bf680b4a92
Fix for QAT with Shake256. Fix for XFREE missing semicolon. 2020-04-21 10:38:27 -07:00
JacobBarthelmeh 0cfde0794b
Merge pull request #2848 from julek-wolfssl/wpa-supplicant-openssl-compat 
Added partial support for wpa_supplicant, hostapd, and cjose:
 2020-04-20 12:17:55 -06:00
Eric Blankenhorn 6b3642db36 Fix forbidden iv length 0 with AES-GCM 2020-04-16 13:48:56 -05:00
Juliusz Sosinowicz 36403c1dad Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat 2020-04-15 16:55:03 +02:00
toddouska 06c6e583c8
Merge pull request #2891 from julek-wolfssl/refactor-evp-functions 
Move EVP functions to evp.c
 2020-04-14 09:22:51 -07:00
Juliusz Sosinowicz dad0bc0159 Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions 2020-04-14 12:52:23 +02:00
Juliusz Sosinowicz 0b3a331265 Revert wc_OBJ_sn2nid 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz dbe4e778d3 Test fixes 
- Add `parameter` to `WOLFSSL_X509_ALGOR`
- Implement `wolfSSL_ASN1_TYPE_new`, `wolfSSL_ASN1_TYPE_free`, and `wolfSSL_ASN1_TYPE_set`
- Fix leak where `pval` in `wolfSSL_X509_ALGOR_set0` was lost if `aobj` was provided
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 18093a6b0b Code review changes 
- Don't include `ENABLED_OPENSSLALL` with `ENABLED_WPAS`
- Return length in `wolfSSL_i2d_DHparams`
- Implement `wolfSSL_EC_POINT_mul` with independent multiplication and addition if `ECC_SHAMIR` not defined
- Implment `ASN1_SIMPLE` without `offsetof` by using a dummy struct
- Style fixes
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 9722082372 Fix `nid2*` and `*2nid` functions 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz eb549f7095 Test fixes 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz ef5eefac91 Test fixes 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz b4d9007a48 Test fixes 
Config fixes
Fix windows FIPS
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 9ced70edc1 Test fixes 
Free `x509->key.pkey` in `FreeX509
Fix type conversions
Fix memory leaks and use of uninitialized memory
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 73b4d78d5b Added partial support for wpa_supplicant, hostapd, and cjose: 
- Moved `SetECKeyInternal` and `SetECKeyExternal` to `internal.h` to allow usage outside of `ssl.c`
- Added `asn1t.h`
- Implemented the `IMPLEMENT_ASN1_FUNCTIONS` macro for a small subset of ASN1 tags
-- So far only `X509_ALGOR` and `ASN1_BIT_STRING` are supported
- Implemented `BN_mod_add` function
- Allow for setting of `EC_KEY` export form through EC_KEY_set_conv_form
- Implemented `i2o_ECPublicKey`
- Implemented `EC_POINT_copy`
- Implemented deriving DH and ECDH keys in `EVP_PKEY_CTX`. Functions added:
-- `EVP_PKEY_derive_init`
-- `EVP_PKEY_derive_set_peer`
-- `EVP_PKEY_derive`
- Implemented `EVP_PKEY_get0_DH`
- Implemented `X509_ALGOR_new`
- Implemented `X509_ALGOR_free`
- Implemented `X509_ALGOR_set0`
- Implemented `X509_PUBKEY_new`
- Implemented `X509_PUBKEY_free`
- Implemented `X509_PUBKEY_set`
- Implemented `RSA_padding_add_PKCS1_PSS`
- Implemented `RSA_verify_PKCS1_PSS`
- Changed second parameter of `wolfSSL_d2i_PUBKEY` to be constant
- Corrected long names in `asn.h`
- Added `wc_ecc_get_generator` as a way to get the generator point of a curve
- Added `wc_ecc_export_point_der_ex` to export an ECC point in compressed or uncompressed format with one API
- Added `wc_ecc_export_point_der_compressed` to export a point in an `ecc_point` structure in compressed DER format
- Added 'wc_RsaSSL_Verify_ex` which adds the option to choose a padding type
- Added `wc_RsaPad_ex` and `wc_RsaUnPad_ex` to `rsa.h` as `WOLFSSL_LOCAL` functions
- `CopyDecodedToX509` now fills `x509->key` and `x509->algor` when populating x509
- `wolfSSL_EVP_CipherInit` now uses `wc_AesGcmSetExtIV` to set the IV so that it is copied to `ctx->iv` by `wolfSSL_StoreExternalIV`
- Added error checking to `wolfSSL_EVP_PKEY_get_der`
- `wolfSSL_X509_ALGOR_get0` now attempts to return something in all parameters
- Refactored `wolfSSL_EC_KEY_new` to use `*_new` functions when available
- Added `setupPoint` to set the internal point if not yet set
- Always set external point in `wolfSSL_ECPoint_d2i`
- Added compressed point support to `wolfSSL_EC_POINT_point2oct`
- Fix `wolfSSL_EC_POINT_mul` so that it will calculate the full `generator * n + q * m` then OpenSSL does
- Added `WOLFSSL_RSA_GetRNG` helper function to get a `WC_RNG` from `WOLFSSL_RSA`
- Correct short names in `wolfssl_object_info`
- Added all currently supported curves to `wolfssl_object_info`
- Added `oidCurveType` to `oid2nid`
- Add more padding types to `wolfSSL_RSA_public_decrypt`
- Fix `keysize` in `wc_ecc_import_point_der`
- Added tests for new additions
 2020-04-14 11:45:32 +02:00
toddouska 4748254b60
Merge pull request #2896 from embhorn/zd9916 
Fix wc_KeyPemToDer with PKCS1 and empty key
 2020-04-10 15:38:07 -07:00
Eric Blankenhorn c3e0575914 Fix from review 2020-04-09 12:52:32 -05:00
Juliusz Sosinowicz 9cbbd164e0 Fix test errors 2020-04-09 14:54:09 +02:00
Eric Blankenhorn 4d6e33b1dd Fix wc_KeyPemToDer with PKCS1 and empty key 2020-04-08 11:34:24 -05:00
Sean Parkinson 411aee6e05 Fixes from cppcheck 
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
 2020-04-08 09:46:22 +10:00
Juliusz Sosinowicz 4c0ea10e45 Move EVP functions to evp.c 2020-04-07 22:36:50 +02:00
toddouska 16fa1a4747
Merge pull request #2855 from JacobBarthelmeh/PKCS12 
maintenance to PKCS12 create for outputting encrypted bundles
 2020-03-26 10:41:04 -07:00
Jacob Barthelmeh 2116c20f5d add test case for PKCS12 to DER and back 2020-03-25 10:38:18 -06:00
Jacob Barthelmeh dde1c3bc08 Fix for clang warning with ARM assembly build 2020-03-23 15:08:28 -06:00
toddouska 49f01450de
Merge pull request #2853 from SparkiDev/dtls_mtu 
Allow setting of MTU in DTLS
 2020-03-19 16:23:39 -07:00
toddouska f4a8430115
Merge pull request #2851 from JacobBarthelmeh/SanityChecks 
add space for null terminator and check on header pointer
 2020-03-19 16:00:57 -07:00
Sean Parkinson e17e064ce2 Allow setting of MTU in DTLS 2020-03-18 12:36:11 +10:00
toddouska eb6f44e491
Merge pull request #2847 from tmael/memLeak 
Fix memory leak
 2020-03-17 13:31:10 -07:00
JacobBarthelmeh aff80ab0d3 adjust test case for no ECC 2020-03-17 08:56:55 -07:00
JacobBarthelmeh 74781a3d45
Merge pull request #2829 from cconlon/pkcs7multioctets 
PKCS7/CMS EnvelopedData support for fragmented encrypted content
 2020-03-16 13:12:23 -06:00
toddouska 464631f920
Merge pull request #2841 from JacobBarthelmeh/Certs 
add function wolfSSL_X509_NAME_ENTRY_create_by_txt
 2020-03-13 10:17:52 -07:00
Tesfa Mael 452b4c03a6 Fix memory leak 2020-03-12 23:24:44 -07:00
Jacob Barthelmeh 0be0cf44e4 fix for returning NULL when text not found and add test case 2020-03-10 09:54:31 -06:00
toddouska ab8bfc241d
Merge pull request #2833 from JacobBarthelmeh/Compatibility-Layer 
compile for NO_WOLFSSL_STUB
 2020-03-06 11:04:36 -08:00
Jacob Barthelmeh 1035d73a05 add function wolfSSL_X509_NAME_ENTRY_create_by_txt 2020-03-05 16:29:55 -07:00
Jacob Barthelmeh bb76495233 compile for NO_WOLFSSL_STUB 2020-03-03 14:03:11 -07:00
David Garske 92114fef75 Fixes for building NO_ASN_TIME with OPENSSL_EXTRA. Fixes #2820. 
* `./configure --enable-opensslextra CFLAGS="-DNO_ASN_TIME"`
 2020-02-28 09:35:17 -08:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
Chris Conlon d21e370822 add support for PKCS7/CMS EnvelopedData with fragmented encrypted content 2020-02-27 14:42:57 -07:00
Eric Blankenhorn 6eda4e7b46 Fix in test 2020-02-20 17:28:34 -06:00
Eric Blankenhorn 95f973a5be Adding test and dox for ERR_print_errors_cb 2020-02-20 17:28:34 -06:00
Jacob Barthelmeh 51d55ed1c8 account for different peer certificate in test case, g++ build fix, static memory size increase 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh a9accb6c39 add more macro guards for builds 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh 76eec8884b clean up memory after test and don't leak x509 with get session peer 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 018f313cca Fix clang warning 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 5a87dbe094 Adding tests for EVP_CIPHER_CTX_reset 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh 49def96998 add test for get0 session peer certificate 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 65732c2269 add bio retry and set close tests 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 3137312911 update to implementation of BIO_MD type 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 8f7af875a4 add BIO_f_md and BIO_get_md_ctx tests 2020-02-20 17:28:32 -06:00
Juliusz Sosinowicz 1512485926 Fix user-rsa tests 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz f55cfd7ba7 Fix missing wolfSSL_i2d_RSAPrivateKey references 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 3fcec191a4 Refactor wolfSSL_RSA_To_Der 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz eedbce7c0a Null-check keyFormat 
Zero all of WOLFSSL_DH struct
Fix macros for self-test
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 97a4889bb3 Undo some stuff 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz f765b711bf More macro preproc stuff 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz b58f26945d Different configuration fixes 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 9a0d3ba369 Check boundaries in B64 decode 
ERR_get_error will always return a positive error code
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 58c239a49f Fix stuff after rebase 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 6e72a299d7 Don't undef HAVE_GETADDRINFO as it disables defines in projects using wolfSSL 
Change test_wolfssl_EVP_aes_gcm so that changing the tag will fail the authentication check
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 84a2ca7a4e Map the Jacobian point back to affine space in wolfSSL_EC_POINT_get_affine_coordinates_GFp 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz aea95232d1 WIP 
Add EC_POINT conversion to BIGNUM (EC_POINT_point2bn)
Add setting affine coordinates for EC_POINT (EC_POINT_set_affine_coordinates_GFp)
Add bit clearing for BIGNUM (BN_clear_bit)
Add supporting unit tests in api.c
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 89e35e2547 openssh 8.1 compiles 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz b5c52d7c70 openssh WIP and some light refactoring 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 41de1bb156 WIP 2020-02-18 21:36:26 +01:00
toddouska 2566986d41
Merge pull request #2632 from SparkiDev/sp_p384 
Add support for P384 curve into SP
 2020-02-17 11:46:09 -08:00
Sean Parkinson 8972bf6278 Add support for P384 curve into SP 2020-02-17 15:46:34 +10:00
Jacob Barthelmeh 8e1adb125c free existing cert store when setting a new one 2020-02-12 15:45:44 -07:00
Tesfa Mael e664a4f206 Review comments 2020-02-04 08:55:37 -08:00
Tesfa Mael b67fd249e2 Fix for cppcheck 2020-02-04 08:55:37 -08:00
Chris Conlon b29fe41a35
Merge pull request #2738 from SparkiDev/cppcheck_fixes_3 
Changes to clear issues raised by cppcheck
 2020-02-03 17:02:40 -07:00
toddouska 4ee022f788
Merge pull request #2776 from julek-wolfssl/set_curve_groups_list 
Add SSL_CTX_set1_groups_list and SSL_set1_groups_list APIs
 2020-02-03 11:11:59 -08:00
Juliusz Sosinowicz e13d9f7f1b Add SSL_CTX_set1_groups_list and SSL_set1_groups_list APIs 2020-01-31 06:38:38 +01:00
Sean Parkinson 55ea2facdd Changes to clear issues raised by cppcheck 2020-01-30 14:24:32 +10:00
David Garske e183d95c86 Fix for moved file. 2020-01-29 07:22:07 -08:00
David Garske 0489cc97a8 Fix for `ProcessBuffer` with PEM private keys, where `PemToDer` call was only setting `eccKey`. Cleanup to use "keyFormat" OID sum. 2020-01-20 20:49:55 -08:00
David Garske 77426e78e1 Added test case for PKCS8 ED25519 encrypted private key. 2020-01-20 20:47:47 -08:00
toddouska 66daac4c94
Merge pull request #2709 from JacobBarthelmeh/Testing 
set chacha20 similar to aes-ctr when handling leftover stream and add…
 2020-01-17 15:05:24 -08:00
toddouska 204ef9543a
Merge pull request #2728 from ejohnstown/maint-x509 
Maintenance: X509
 2020-01-17 13:51:02 -08:00
David Garske 22f49d8597 Fixes for building with ECC sign/verify only. 2020-01-13 15:35:08 -08:00
John Safranek 8d1b20706c
Maintenance: X509 
1. Add a test for the new alt name handling.
2. Added an API to set altnames in a WOLFSSL_X509 struct. Just adds
DNS_entries.
3. Removed the "static" from a bunch of constant byte arrays used inside
some of the ASN.1 code.
 2020-01-10 20:26:35 -08:00
JacobBarthelmeh 6b4551c012
Merge pull request #2654 from cariepointer/qt-512-513 
Add Qt 5.12 and 5.13 support
 2020-01-10 17:34:23 -07:00
Jacob Barthelmeh 99d657af4f adjust test cases 2020-01-10 10:31:56 -07:00
Jacob Barthelmeh 0c25588ad1 adjust TEST_SMALL_CHACHA_CHUNKS size and add more tests 2020-01-09 17:13:57 -07:00
Jacob Barthelmeh 8e24bf6c2c add macro guard for optimized versions 2020-01-09 16:39:48 -07:00
JacobBarthelmeh 0ec7b311d8 set chacha20 similar to aes-ctr when handling leftover stream and add test case 2020-01-09 16:39:48 -07:00
Carie Pointer 47040f1dae EC_KEY_dup fixes 2020-01-09 14:35:57 -07:00
Carie Pointer b9c99709f7 Fixes from review 2020-01-08 12:48:01 -07:00
toddouska d257003341
Merge pull request #2711 from cconlon/copyright2020 
update copyright to 2020
 2020-01-07 08:40:15 -08:00
JacobBarthelmeh ce0475a8e0
Merge pull request #2689 from tmael/pkey_freeMutex 
Free EVP ctx pkey
 2020-01-06 23:15:00 +07:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
toddouska abc96f20fb
Merge pull request #2696 from embhorn/cert_vfy_CB 
CertManager verify callback
 2019-12-30 11:57:44 -08:00
Tesfa Mael 4004963c6a test pkey references count 2019-12-30 09:31:23 -08:00
toddouska 78fa84be00
Merge pull request #2649 from SparkiDev/rsa_pubonly 
Fix RSA public key only builds
 2019-12-27 12:55:34 -08:00
toddouska dd28f26c44
Merge pull request #2699 from JacobBarthelmeh/Testing 
big endian changes
 2019-12-27 12:52:30 -08:00
Eric Blankenhorn 8580bd9937 CertManager verify callback 
Execute verify callback from wolfSSL_CertManagerLoadCA
 2019-12-26 09:29:03 -06:00
JacobBarthelmeh ac0acb3c37 fix for test case with big endian 2019-12-26 05:57:26 -07:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
Jacob Barthelmeh e1433867ce fix for expected nightly config test report 2019-12-20 09:46:12 -07:00
toddouska 3342a19e29
Merge pull request #2578 from cariepointer/ZD-9478-and-9479 
Add sanity checks for parameters in wc_scrypt and wc_Arc4SetKey
 2019-12-19 10:59:05 -08:00
toddouska 6922d7031c
Merge pull request #2685 from embhorn/coverity_fixes 
Coverity fixes
 2019-12-18 14:06:48 -08:00
Eric Blankenhorn 52893877d7 Fixes from review 2019-12-18 13:25:25 -06:00
toddouska f81ce71c25
Merge pull request #2660 from JacobBarthelmeh/Compatibility-Layer 
add --disable-errorqueue option
 2019-12-17 16:37:02 -08:00
Carie Pointer 5711d12364 Remove SSL_library_init() calls in unit tests to fix valgrind issues 2019-12-17 15:54:10 -07:00
Eric Blankenhorn 774a758f59 Fixes in test and example code 2019-12-17 15:56:40 -06:00
Tesfa Mael 88188b79e2 Fix mem leak 2019-12-16 18:03:11 -08:00
Jacob Barthelmeh 2e5258fe15 add --disable-errorqueue option 2019-12-11 11:19:58 -07:00
Carie Pointer 4511557f01 More jenkins test fixes 2019-12-09 15:57:53 -07:00
Carie Pointer 9ad970d8a4 Fixes for jenkins test failures 2019-12-09 14:04:52 -07:00
JacobBarthelmeh 05e672428d
Merge pull request #2645 from cconlon/cmsrsacb 
CMS SignedData RSA sign callback for raw digest
 2019-12-06 17:13:32 -07:00
Carie Pointer ee13dfd878 Add Qt 5.12 and 5.13 support 
Co-Authored-By: aaronjense <aaron@wolfssl.com>
Co-Authored-By: MJSPollard <mpollard@wolfssl.com>
Co-Authored-By: Quinn Miller <quinnmiller1997@users.noreply.github.com>
Co-Authored-By: Tim Parrish <timparrish@users.noreply.github.com>
 2019-12-06 14:27:01 -07:00
Chris Conlon 6081bdaad6 free PKCS7 before creating new in API test 2019-12-06 12:00:33 -07:00
Sean Parkinson 2528121925 Fix RSA public key only builds 
Client side only and no client auth
 2019-12-06 20:42:27 +10:00
toddouska 312d5c98b3
Merge pull request #2535 from julek-wolfssl/nginx-1.15 
Nginx 1.15.0 & 1.16.1
 2019-12-05 14:40:45 -08:00
toddouska a13ebf5258
Merge pull request #2543 from embhorn/zd5706 
Update DoVerifyCallback to check verify param hostName and ipasc
 2019-12-05 14:38:47 -08:00
Chris Conlon be97444d24 add api test for wc_PKCS7_SetRsaSignRawDigestCb() 2019-12-05 10:33:49 -07:00
Juliusz Sosinowicz 29a8262ea4 Only test X509_NAME_print_ex when defines enabled 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 944d5e1045 Don't count null char in better way 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 5f39e12b21 Fix leak in SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 8dde06bbca Fix compile errors 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz dd07344499 SSL_SESSION_dup 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz b71758895e Add support for SSL_CTX_set0_chain 2019-11-27 17:46:15 +01:00
toddouska 9b7cd6bdfd
Merge pull request #2613 from tmael/evp_aes_gcm 
Set default IV length for EVP aes gcm
 2019-11-26 15:18:27 -08:00
toddouska 9ecafa7afe
Merge pull request #2557 from tmael/cert_store_ls_x509 
Retrieve a stack of X509 certs
 2019-11-26 15:16:09 -08:00
Tesfa Mael 6c732725b0 Test evp aes gcm with default IV length 2019-11-20 16:37:15 -08:00
Tesfa Mael 520a032b71 Add show x509 test 2019-11-15 13:23:08 -08:00
Tesfa Mael 6ca12787ae retrieve a stack of X509 certs in a cert manager and a store ctx 2019-11-15 13:23:08 -08:00
David Garske 961f9c4ecc Cleanup for invalid use of `NO_SHA512` in api.c unit test. 2019-11-15 12:08:50 -08:00
David Garske 546442c130 Fix for CAVP test issue trying to use `AES_128_KEY_SIZE` and `AES_IV_SIZE`. 2019-11-12 09:43:09 -08:00
David Garske d17748b1ad Fix for `EC_GROUP_order_bits` and added unit test. 2019-11-11 14:58:23 -08:00
David Garske 2bae1d27a1 wolfSSL Compatibility support for OpenVPN 
* Adds compatibility API's for:
	* `sk_ASN1_OBJECT_free`
	* `sk_ASN1_OBJECT_num`
	* `sk_ASN1_OBJECT_value`
	* `sk_X509_OBJECT_num`
	* `sk_X509_OBJECT_value`
	* `sk_X509_OBJECT_delete`
	* `sk_X509_NAME_find`
	* `sk_X509_INFO_free`
	* `BIO_get_len`
	* `BIO_set_ssl`
	* `BIO_should_retry` (stub)
	* `X509_OBJECT_free`
	* `X509_NAME_get_index_by_OBJ`
	* `X509_INFO_free`
	* `X509_STORE_get0_objects`
	* `X509_check_purpose` (stub)
	* `PEM_read_bio_X509_CRL`
	* `PEM_X509_INFO_read_bio`
	* `ASN1_BIT_STRING_new`
	* `ASN1_BIT_STRING_free`
	* `ASN1_BIT_STRING_get_bit`
	* `ASN1_BIT_STRING_set_bit`
	* `DES_check_key_parity`
	* `EC_GROUP_order_bits`
	* `EC_get_builtin_curves`
	* `EVP_CIPHER_CTX_cipher`
	* `EVP_PKEY_get0_EC_KEY`
	* `EVP_PKEY_get0_RSA`
	* `EVP_PKEY_get0_DSA` (stub)
	* `HMAC_CTX_new`
	* `HMAC_CTX_free`
	* `HMAC_CTX_reset`
	* `HMAC_size`
	* `OBJ_txt2obj`
	* `RSA_meth_new`
	* `RSA_meth_free`
	* `RSA_meth_set_pub_enc`
	* `RSA_meth_set_pub_dec`
	* `RSA_meth_set_priv_enc`
	* `RSA_meth_set_priv_dec`
	* `RSA_meth_set_init`
	* `RSA_meth_set_finish`
	* `RSA_meth_set0_app_data`
	* `RSA_get_method_data`
	* `RSA_set_method`
	* `RSA_get0_key`
	* `RSA_set0_key`
	* `RSA_flags`
	* `RSA_set_flags`
	* `RSA_bits`
	* `SSL_CTX_set_ciphersuites`
	* `SSL_CTX_set_security_level` (stub)
	* `SSL_export_keying_material` (stub)
	* `DSA_bits` (stub)
* Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505.
* Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`.
* Cleanup of "sk" compatibility.
 2019-11-11 14:58:23 -08:00
Carie Pointer a2cdb87067 Add check for if length is <= 0 in wc_Arc4SetKey 2019-11-08 14:54:39 -07:00
Sean Parkinson c06efb6c1f Ensure space for name string. Reset policy count. 
Only set the name string in one place, keeping a length of the name type
to copy. Also only move cert data index once.
Reset certificate extension policy number/count in case of malicious
cert with multiple policy extensions.
 2019-11-07 13:51:50 +10:00
toddouska ba34b0d09f
Merge pull request #2547 from SparkiDev/rsa_pss_salt_len 
Compile options for larger salt lengths in RSA-PSS
 2019-11-06 13:03:15 -08:00
Eric Blankenhorn 16899b55b2 Fix for ARM platforms 2019-11-04 11:54:36 -06:00
Sean Parkinson 35ec2bc6d4 Compile options for larger salt lengths in RSA-PSS 
Salt length larger than the hash size allowed in RSA-PSS.
Passing -2 to PSS pad function uses maximum salt length.
Passing -2 to PSS un-pad function makes it discover salt length.
 2019-11-04 14:27:02 +10:00
Eric Blankenhorn 58d800fbb7 Adding support for IP address verification 2019-10-31 09:15:22 -05:00
toddouska 51e8abf126
Merge pull request #2531 from SparkiDev/nginx_unittest 
Fix unittest to pass when compiling for NGINX
 2019-10-28 11:27:22 -07:00
toddouska 28cc7daa68
Merge pull request #2511 from tmael/BN_bn2hex 
Fix for hex digits with fastmath and normal integer
 2019-10-23 15:10:40 -07:00
Sean Parkinson a3c09f6794 Fix unittest to pass when compiling for NGINX 2019-10-22 08:47:49 +10:00
Jacob Barthelmeh 497818525a check on keygen for make rsa key function 2019-10-21 14:54:17 -06:00
Jacob Barthelmeh 09a0859865 fix for fortress and no sha build with encrypted keys 2019-10-21 09:37:24 -06:00
Jacob Barthelmeh ea45da5fa8 change add_all_* to be evp table init and fix valgrind report 2019-10-20 01:13:43 -06:00
David Garske 0e73af8b88
Merge pull request #2515 from JacobBarthelmeh/Testing 
Initial pass on test cycle
 2019-10-17 16:02:17 -07:00
Jacob Barthelmeh b7d4c9f839 fix build with no server and enable all 2019-10-16 14:19:50 -06:00
Jacob Barthelmeh b4a3ad6e2d fix test case for enckeys + des3 with md5 disabled 2019-10-15 17:07:05 -06:00
Tesfa Mael 1267987c31 Review comment 2019-10-15 12:24:57 -07:00
Tesfa Mael 1a18e3bba8 Add leading zero padding for odd hex ASCII digits 2019-10-15 11:54:58 -07:00