WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
15,416 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1712 Commits (aa6ca43e91e913ba9ec81dac6fa8a0c6aed3fe6f)

Author SHA1 Message Date
Daniel Pouzzner 186ff2b365 make -DNO_ED25519_KEY_{IMPORT,EXPORT} buildable, and fix api.c and suites.c so that -DNO_ED*_KEY_{IMPORT,EXPORT} pass make check. 2021-07-16 23:07:28 -05:00
Daniel Pouzzner ac92204c15 make -DNO_ED448_KEY_{IMPORT,EXPORT} buildable 2021-07-16 18:21:30 -05:00
Daniel Pouzzner c97eff6e61 evp.c: add missing checks and logic in wolfSSL_EVP_CIPHER_CTX_ctrl(), and fix api.c:test_IncCtr() to exercise wolfSSL_EVP_CIPHER_CTX_ctrl() with EVP_CTRL_GCM_IV_GEN using an AES cipher, with thanks to Juliusz. 2021-07-16 15:30:23 -05:00
Daniel Pouzzner 9b43e57ccf ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final(); 
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;

track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;

add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;

add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.

add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;

add macro asserts near top of ed*.h to assure the required hash functions are available;

fix {NO,HAVE}_ED*_{SIGN,VERIFY};

wolfcrypt/test/test.c: add missing key initializations in ed*_test();

wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
 2021-07-16 13:49:47 -05:00
Lealem Amedie 73323e694f Addressing possible leaks in ssl.c and api.c 2021-07-16 09:48:06 -06:00
John Safranek f82fd01283
Merge pull request #4202 from JacobBarthelmeh/BuildOptions 
fix for build with wpas and disable tls13
 2021-07-14 09:07:08 -07:00
JacobBarthelmeh 18399091ce
Merge pull request #4012 from julek-wolfssl/haproxy 
HaProxy 2.4-dev18 support
 2021-07-14 15:46:04 +07:00
Jacob Barthelmeh 2592a04d8a fix for build with wpas and disable tls13 2021-07-13 15:49:40 +07:00
JacobBarthelmeh c01a63508a account for testing on big endian system 2021-07-09 08:18:39 -06:00
David Garske e1b487ab9f Fix for `wc_export_int` with `WC_TYPE_HEX_STR`, which was not returning the correct length. 2021-07-08 14:36:36 -07:00
John Safranek b9dac74086
Merge pull request #4193 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis tests
 2021-07-07 14:23:58 -07:00
JacobBarthelmeh 86e5287a14
Merge pull request #4032 from TakayukiMatsuo/tk11968 
Make wolfSSL_CTX_set_timeout reflect to Session-ticket-lifetime-hint
 2021-07-07 22:26:06 +07:00
Juliusz Sosinowicz b7bd3766c7 Fix pedantic errors about macros in macros 2021-07-07 10:54:34 +02:00
JacobBarthelmeh 7b9d6a3f5e
Merge pull request #3792 from TakayukiMatsuo/os_keylog 
Add wolfSSL_CTX_set_keylog_callback
 2021-07-07 15:34:33 +07:00
Juliusz Sosinowicz 1acf906612 Code review changes 2021-07-06 15:39:23 +02:00
Juliusz Sosinowicz 1b6b16c2c3 HaProxy 2.4-dev18 support 
*This patch is dependent on https://github.com/wolfSSL/wolfssl/pull/3871 because proto version selection logic is refactored in that pull request.*
This patch contains the following changes:
- Enable more options with `--enable-haproxy`
- Compatibility layer additions
    - `STACK_TYPE_X509_OBJ`
    - `OCSP_id_cmp`
    - `X509_STORE_get0_objects`
    - `X509V3_EXT_nconf_nid`
    - `X509V3_EXT_nconf`
    - `X509_chain_up_ref`
    - `X509_NAME_hash`
    - `sk_X509_NAME_new_null`
    - `X509_OBJECT_get0_X509`
    - `X509_OBJECT_get0_X509_CRL`
    - `ASN1_OCTET_STRING_free`
    - `X509_LOOKUP_TYPE`
    - `OSSL_HANDSHAKE_STATE`
- New `OPENSSL_COMPATIBLE_DEFAULTS` define will set default behaviour that is compatible with OpenSSL
    - WOLFSSL_CTX
        - Enable all compiled in protocols
        - Allow anonymous ciphers
        - Set message grouping
        - Set verify to SSL_VERIFY_NONE
- In `SetSSL_CTX`, don't change `send` and `recv` callback if currently using `BIO`
- `ssl->peerVerifyRet`
    - Return first that occured
    - Set correct value on date error
    - Set revoked error on OCSP or CRL error
    - Save value in session and restore on resumption
    - Add to session serialization
- With `OPENSSL_EXTRA`, send an alert on invalid downgrade attempt
- Handle sni callback `SSL_TLSEXT_ERR_NOACK`
- Add `WOLFSSL_VERIFY_DEFAULT` option for `wolfSSL_CTX_set_verify` and `wolfSSL_set_verify` to allow resetting to default behaviour
 2021-07-06 15:39:23 +02:00
Jacob Barthelmeh ae00b5acd0 some minor changes for unintialized and null infer reports 2021-07-06 14:13:45 +07:00
TakayukiMatsuo 5df0f7820a Add wolfSSL_CTX_set_keylog_callback 2021-07-03 14:51:23 +09:00
TakayukiMatsuo 567d8ed704 Make wolfSSL_set_session return success on timeout under WOLFSSL_ERROR_CODE_OPENSSL macro definition. 2021-07-02 10:50:00 +09:00
TakayukiMatsuo aef9e560b1 Make wolfSSL_CTX_set_timeout call wolfSSL_CTX_set_TicketHint internally to change session-ticket-lifetime-hint. 2021-07-02 09:15:01 +09:00
David Garske 43f8c5ba1b
Merge pull request #4121 from JacobBarthelmeh/PKCS7 
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
 2021-07-01 17:03:56 -07:00
Chris Conlon 9179071af5
Merge pull request #4153 from JacobBarthelmeh/Testing 
fix for keyid with ktri cms
 2021-06-29 11:40:00 -06:00
David Garske 74b9b5a8cd
Merge pull request #4156 from SparkiDev/regression_fixes_1 
Regression test fixes
 2021-06-25 07:48:02 -07:00
Jacob Barthelmeh 5038a27cda add test cases and set content oid with decode encrypted data 2021-06-25 21:16:01 +07:00
Sean Parkinson dab6724059 Regression fixes: more configurations 
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
 2021-06-25 15:23:51 +10:00
Sean Parkinson 1994811d24
Merge pull request #4144 from haydenroche5/pkcs8 
Make a bunch of PKCS#8 improvements.
 2021-06-25 12:22:11 +10:00
Sean Parkinson 8592053856 Regression test fixes 
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
 2021-06-25 09:18:06 +10:00
Juliusz Sosinowicz 656e49cc3b Expand SHA-3 support 
Add more support in the EVP layer as well as add signing support. The SHA-3 OID's were also added for DER algorithm identifier encoding.
 2021-06-24 19:31:43 +02:00
Hayden Roche b3401bd102 Make a bunch of PKCS#8 improvements. 
- Add doxygen documentation for wc_GetPkcs8TraditionalOffset, wc_CreatePKCS8Key,
wc_EncryptPKCS8Key, and wc_DecryptPKCS8Key.
- Add a new API function, wc_CreateEncryptedPKCS8Key, which handles both
creation of an unencrypted PKCS#8 key and the subsequent encrypting of said key.
This is a wrapper around TraditionalEnc, which does the same thing. This may
become a first-class function at some point (i.e. not a wrapper). TraditionalEnc
is left as is since it is used in the wild.
- Added a unit test which exercises wc_CreateEncryptedPKCS8Key and
wc_DecryptPKCS8Key. Testing wc_CreateEncryptedPKCS8Key inherently also tests
TraditionalEnc, wc_CreatePKCS8Key, and wc_EncryptPKCS8Key.
- Modified wc_EncryptPKCS8Key to be able to return the required output buffer
size via LENGTH_ONLY_E idiom.
- Added parameter checking to wc_EncryptPKCS8Key and wc_DecryptPKCS8Key.
 2021-06-23 08:39:20 -07:00
Sean Parkinson 2923d812bd
Merge pull request #4058 from miyazakh/qt_oslext_cs 
TLS: extend set_cipher_list() compatibility layer API
 2021-06-23 10:12:11 +10:00
Chris Conlon 4b3bd3e384
Merge pull request #4049 from miyazakh/set_verifyDepth_3 
Set verify depth limit
 2021-06-22 10:23:43 -06:00
Chris Conlon 446393bcab
Merge pull request #3793 from TakayukiMatsuo/os_base64 
Add wolfSSL_EVP_Encode/Decode APIs
 2021-06-22 10:19:30 -06:00
Chris Conlon b050463dce
Merge pull request #4059 from miyazakh/qt_unit_test 
fix qt unit test
 2021-06-22 10:12:48 -06:00
Jacob Barthelmeh 647bde671c macro guard on test case 2021-06-22 22:56:35 +07:00
Jacob Barthelmeh 3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
David Garske c4ea64b7fc
Merge pull request #4140 from SparkiDev/set_sig_algs 2021-06-21 19:18:10 -07:00
Sean Parkinson 7224fcd9bc TLS: add support for user setting signature algorithms 2021-06-18 16:19:01 +10:00
Hideki Miyazaki 1ebb4a47f6
addressed jenkins failure 2021-06-18 11:22:20 +09:00
Hideki Miyazaki 4feedb72cc
simulate set_ciphersuites comp. API 2021-06-18 11:22:19 +09:00
Hideki Miyazaki ddf2a0227f
additional fix for set verify depth to be compliant with openssl limit 2021-06-18 11:00:51 +09:00
Hideki Miyazaki 951de64e2c
set PSK at the beginning 2021-06-18 07:59:35 +09:00
Eric Blankenhorn 1307972344 Update use of joi cert and add to renew script. 2021-06-16 13:55:36 -05:00
TakayukiMatsuo 9e02655ac4 Merge remote-tracking branch 'upstream/master' into os_base64 2021-06-16 23:19:52 +09:00
Sean Parkinson b73673a218
Merge pull request #3794 from TakayukiMatsuo/os_keyprint 
Add wolfSSL_EVP_PKEY_print_public
 2021-06-16 08:43:41 +10:00
TakayukiMatsuo c6680d08ba Fix coding issues 2021-06-15 11:16:38 +09:00
David Garske 77df7d8630
Merge pull request #3968 from elms/pedantic_cleanup 
Fixes for some `-pedantic` errors
 2021-06-14 13:46:39 -07:00
David Garske fd6b30ef32
Merge pull request #4111 from elms/silabs/fix_ecc_shared_secret_outlen 
silabs: fix `wc_ecc_shared_secret` to only return x coordinate
 2021-06-14 13:44:00 -07:00
Chris Conlon a8d185cb9e
Merge pull request #4117 from TakayukiMatsuo/tk12403 
Add null-parameters-test cases for SHA(), SHA224(), MD5() and MD5_xxx().
 2021-06-14 13:52:01 -06:00
Elms ed4cf6e91c silabs: fix `wc_ecc_shared_secret` to only return x coordinate 
secure element computes and returns the full coordinate. The wolfSSL
API should only return the x component.
 2021-06-13 21:46:23 -07:00
TakayukiMatsuo ebec2fbd25 Fixed uninitialized parameter for Base16_Encode 2021-06-14 13:45:12 +09:00
Hideki Miyazaki 6d3b9aec80
fix api compile failure 2021-06-12 09:24:11 +09:00
TakayukiMatsuo ed5cb0a1bd Modified along the revire comments 2021-06-11 21:08:27 +09:00
TakayukiMatsuo 779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson 36a9cd3010
Merge pull request #3911 from TakayukiMatsuo/tk11851 
Fix SSL_read behaving differently from openSSL after bidirectional shutdown
 2021-06-11 10:25:39 +10:00
Sean Parkinson 3ecb8d5a3e
Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
TakayukiMatsuo 4d3f2f92fd Add test cases for SHA(), SHA224(), MD5() and MD5_xxx() to test with null parameters. 2021-06-10 16:40:51 +09:00
David Garske c6c7dfd5db
Merge pull request #4053 from SparkiDev/cppcheck_fixes_6 
cppcheck: fixes from reviewing report
 2021-06-09 12:51:30 -07:00
Sean Parkinson 9580574382
Merge pull request #3999 from dgarske/user_io 
Fixes for building with `WOLFSSL_USER_IO`
 2021-06-09 08:55:36 +10:00
Sean Parkinson 70d2c838bb
Merge pull request #4080 from kaleb-himes/SHAKE_DEFAULT_FIX 
Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag
 2021-06-09 08:52:05 +10:00
David Garske 6db0b42c7f * Refactor of DH key and param exports code (moved into asn.c) enabled with `WOLFSSL_DH_EXTRA`. 
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
 2021-06-08 09:27:26 -07:00
TakayukiMatsuo 0186d19aba Fix some coding style issues. 2021-06-08 16:25:28 +09:00
Sean Parkinson 88322b82a5
Merge pull request #3871 from julek-wolfssl/openvpn-master 
OpenVPN additions and fixes
 2021-06-08 13:54:14 +10:00
Sean Parkinson 8ee1dda2f9
Merge pull request #4001 from dgarske/time_long 
Improve TLS v1.3 time rollover support and fixes for NO_ASN_TIME
 2021-06-08 11:17:55 +10:00
Elms 5c01613acb Add GCC extension to bypass select `-pedantic` warnings 
Add wrapper macro for `__extension__` to suppress pedantic warnings
 2021-06-07 15:38:15 -07:00
David Garske 3e307aa626
Merge pull request #4091 from JacobBarthelmeh/Testing 
add strict check on signature length
 2021-06-07 11:02:02 -07:00
Jacob Barthelmeh f97ca1c1ca adjust test case and add useful comments 2021-06-07 19:44:05 +07:00
Sean Parkinson 898b9d5e24
Merge pull request #4084 from dgarske/sp_math_keygen 
Fix for building SP small math only (no DH) with key generation
 2021-06-07 10:48:01 +10:00
Jacob Barthelmeh c245c4a812 add strict check on signature length 2021-06-05 03:09:33 +07:00
Chris Conlon 961773b384
Merge pull request #4079 from lealem47/PKCS12UnitTest 
Pkcs12 unit test
 2021-06-03 16:07:54 -06:00
David Garske 21060afb80 Fix for building SP math only (small) with key generation. Fix for WOLFSSL_EXTRA. Fix for RSA without PSS. Fix for ed25519 spelling error. 2021-06-03 10:56:54 -07:00
TakayukiMatsuo 195ca2b3f0 Add corner test cases for EVP_EncodeFinal and EVP_DecodeFinal 2021-06-03 20:02:48 +09:00
Chris Conlon 6cfb982740
Merge pull request #3981 from miyazakh/qt_oslext_cnf 
Added compatibility layer API
 2021-06-01 15:25:37 -06:00
Lealem Amedie 72fc7e62b8 Fixed spacing 2021-06-01 14:47:51 -06:00
kaleb-himes 94831eadf1 Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag 2021-06-01 11:38:17 -06:00
Lealem Amedie 03a5395b53 Fixed casting issue 2021-06-01 09:46:30 -06:00
Lealem Amedie 2db233d10e Added wolfssl_PKCS12_verify_mac testing in test_wolfSSL_PKCS12() function in api.c 2021-05-28 16:33:46 -06:00
Elms 7a98c517e4 Fixes for some `-pedantic` errors 
Some of the API with callbacks may not be compatible with pedantic
 2021-05-27 14:46:45 -07:00
TakayukiMatsuo d1e3be1f43 Replace return code from literal to value 2021-05-27 06:20:34 +09:00
David Garske 41af3da0e3
Merge pull request #4057 from SparkiDev/no_tls12_pkcb 
TLS: fix build with no TLSv12 but PK callbacks
 2021-05-25 15:26:40 -07:00
Hideki Miyazaki af67965f65
addressed jenkins failures part1 2021-05-26 06:07:48 +09:00
Hideki Miyazaki 33e91c577f
added unit test cases for cmdline 2021-05-26 06:07:47 +09:00
Hideki Miyazaki 394c0b5cdc
implemented CONF_cmd 2021-05-26 06:07:47 +09:00
Sean Parkinson e1bc0c4447 EVP AES-GCM Streaming: must free Aes 
AES streaming implementation allocates data in Aes objects, when small
stack, that needs to be freed.
Fix memory leaks in streaming test case too.
 2021-05-25 15:57:09 +10:00
Sean Parkinson 6747055d46 TLS: fix build with no TLSv12 but PK callbacks 
./configure '--disable-tlsv12' '-enable-pkcallbacks'
Disable non-TLS13 cipher suite test as well.
 2021-05-21 10:59:23 +10:00
Sean Parkinson 2c6285ccba cppcheck: fixes from reviewing report 2021-05-20 17:55:06 +10:00
TakayukiMatsuo 8c71fb4113 Add test cases for wc_ShaxxxUpdate funcs 2021-05-14 09:46:21 +09:00
Juliusz Sosinowicz 5865dc08dd Code review changes 2021-05-13 15:21:33 +02:00
Chris Conlon c75830e2e8
Merge pull request #4011 from miyazakh/set_verify_depth2 
fix out of bound access when peer's chain is greater than verifyDepth + 1
 2021-05-11 15:38:39 -06:00
David Garske fce9870a64
Merge pull request #4020 from ejohnstown/options-export 
New Option Export/Import
 2021-05-11 09:10:17 -07:00
John Safranek d74b74d156
Also adjust for v3 of export, and update the API test case. 2021-05-10 18:06:31 -07:00
David Garske db7888ceaa Fix for the unmodified check for AesCbc test. 2021-05-10 10:04:50 -07:00
David Garske c88afdef87 Fixes for building with `WOLFSSL_USER_IO` (with no built-in socket support). Related to issue #3998. 2021-05-06 11:07:05 -07:00
Hideki Miyazaki 2a39f1dc5c
fixed memory leak 2021-05-06 16:55:51 +09:00
Hideki Miyazaki 93f04543b0
fixed unit test intermittent failure 2021-05-06 15:40:24 +09:00
Hideki Miyazaki 0539b99c86
fix boundary access when peer's chain is less than verifyDepth + 1 2021-05-06 14:54:16 +09:00
Hayden Roche 822aa92fcc Fix test_wolfSSL_CertManagerCheckOCSPResponse. 
This test broke once we went past the nextUpdate time in the static, raw OCSP
response being used. This change makes it so that response is valid until 2048.
 2021-05-03 15:26:39 -07:00
David Garske 6e0197e171
Merge pull request #4002 from kabuobeid/smime_fixes 
S/MIME: Canonicalize multi-part messages before hashing.  Improve error checking in wc_MIME_parse_headers.
 2021-05-03 09:24:43 -07:00
Kareem Abuobeid effcecf40d S/MIME: Add non-canonicalized test case 2021-04-30 15:07:37 -07:00
David Garske f8ecd4b441 Fixes for building with `NO_ASN_TIME`. If used with TLS user must supply `LowResTimer` and `TimeNowInMilliseconds`. 2021-04-30 15:04:31 -07:00
Chris Conlon 57e03d7e2f
Merge pull request #3961 from miyazakh/qt_oslext_pskss_cb 
added psk session callback compatibility layer API
 2021-04-30 14:26:44 -06:00
TakayukiMatsuo c4782a7a1c Fix macro guard for wolfSSL_CRYPTO_get_ex_new_index and get_ex_new_index. 2021-04-28 10:41:49 +09:00
TakayukiMatsuo 9c0ff73370 Add wolfSSL_CRYPTO_get_ex_new_index 2021-04-28 10:38:53 +09:00
Hideki Miyazaki 0e40293798
added psk session callback 2021-04-28 10:08:21 +09:00
David Garske 385e0bedaa
Merge pull request #3990 from haydenroche5/ocsp_bug 
Fix CompareOcspReqResp.
 2021-04-27 17:07:58 -07:00
Chris Conlon edb0beb9b6
Merge pull request #3969 from TakayukiMatsuo/koyo 
Add wolfSSL_DH_get0_pqg
 2021-04-27 17:52:17 -06:00
Chris Conlon 6fad8c4a57
Merge pull request #3975 from TakayukiMatsuo/resumable 
Add implementation for wolfSSL_SESSION_is_resumable.
 2021-04-27 16:45:34 -06:00
Hayden Roche 73076940af Fix CompareOcspReqResp. 
There was a bug in this function that could cause a match to be reported even
when the OCSP request and response in fact had a mismatch.
 2021-04-27 13:54:43 -07:00
Hideki Miyazaki 6d381a6c7f
do nothing when version is zero 2021-04-27 21:13:19 +09:00
Hideki Miyazaki 3b070e1bd0
add MIN/MAX_PROTO into CTX_ctrl 
add unit test for min/max proto of CTX ctrl
 2021-04-27 21:13:17 +09:00
toddouska 91e90f7a98
Merge pull request #3604 from haydenroche5/stunnel 
Make changes to get latest verison of stunnel (5.57) working with wolfSSL.
 2021-04-23 15:41:22 -07:00
toddouska c3fefc6e27
Merge pull request #3889 from douzzer/network-introspection 
--enable-wolfsentry
 2021-04-23 15:38:01 -07:00
TakayukiMatsuo 2b6f623777 Add implementation for wolfSSL_SESSION_is_resumable. 2021-04-23 11:12:20 +09:00
TakayukiMatsuo c442841e4a Fix some along review. 2021-04-23 10:53:22 +09:00
TakayukiMatsuo d22ed7443b Fix unit test. 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 568c09bcde Add guard to the unit test 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 63826e227b Add wolfSSL_DH_get0_pqg 2021-04-23 09:47:24 +09:00
Chris Conlon 878e0006ad
Merge pull request #3965 from miyazakh/qt_oslext_epk_param_ck 
added wofSSL_EVP_PKEY_param_check for compatibility layer API
 2021-04-22 15:43:47 -06:00
Daniel Pouzzner 89d7f4faf3 tests/api.c: add missing void arglists. 2021-04-21 03:22:10 -05:00
Daniel Pouzzner ba2cc00e5d initial implementation of WOLFSSL_NETWORK_INTROSPECTION: --enable-network-introspection, struct wolfSSL_network_connection, wolfSSL_*_endpoints*(), NetworkFilterCallback_t, wolfSSL_*set_AcceptFilter(). 2021-04-20 23:59:57 -05:00
Hideki Miyazaki d3b41a2fed
addressed review comments p1 2021-04-21 09:10:32 +09:00
Hideki Miyazaki e063984d17
added EVP_PKEY_param_check 2021-04-21 07:53:18 +09:00
Hideki Miyazaki bca3cd1d49
fix jenkins failures 2021-04-21 07:39:12 +09:00
Hideki Miyazaki 89b5b90be6
added compatibility layer API stub for Qt 5.15.2 2021-04-21 07:39:12 +09:00
Chris Conlon f931e67cd7
Merge pull request #3946 from TakayukiMatsuo/tk11899 
Add test cases for EVP_CIPHER_CTX_cleanup and BIO_free
 2021-04-20 10:10:41 -06:00
Chris Conlon c3aee06b23
Merge pull request #3939 from miyazakh/qt_v5p15p2_r1 
added and modified compatibility layer APIs for Qt v5.15.2 part1
 2021-04-20 10:02:27 -06:00
Hideki Miyazaki 5a1d171236
fixed unit test failure 2021-04-14 21:25:50 +09:00
Hideki Miyazaki 03cfc3dc8f
addressed review comments part1 2021-04-14 11:15:23 +09:00
TakayukiMatsuo f245ba0ca1 Merge remote-tracking branch 'upstream/master' into tk11899 
# Conflicts:
#	tests/api.c
 2021-04-14 06:13:46 +09:00
Chris Conlon c129f630e2
Merge pull request #3933 from miyazakh/rand_bytes_regression 
fix retrun code regression on RAND_bytes
 2021-04-13 13:55:04 -06:00
Hayden Roche 4cd3f2e826 Make changes to get latest verison of stunnel (5.57) working with wolfSSL. 2021-04-13 09:18:25 -05:00
David Garske 021c22c038
Merge pull request #3950 from embhorn/zd11850 
Fix build error with NO_PKCS12
 2021-04-12 10:46:45 -07:00
Hideki Miyazaki 501de37cad
fixed memory leak in unit test 2021-04-12 18:34:07 +09:00
Hideki Miyazaki ad6f8e4246
added and modified compatibility layer APIs for Qt v5.15.2 part1 2021-04-12 18:34:07 +09:00
Daniel Pouzzner 04cc48b810
Merge pull request #3935 from miyazakh/x509_store_ex_data 
add X509_STORE_get/set_ex_data
 2021-04-08 21:51:03 -05:00
TakayukiMatsuo 07022eebe7 Add a OPENSSL_EXTRA guard to call SSL_get_early_data_status 2021-04-09 01:10:45 +09:00
TakayukiMatsuo 424d97ca3d Merge remote-tracking branch 'upstream/master' into tk11899 
# Conflicts:
#	src/ssl.c
 2021-04-08 23:59:51 +09:00
TakayukiMatsuo bc7191ca4c Added test cases for NULL-parameter 2021-04-08 23:11:00 +09:00
toddouska de8653be35
Merge pull request #3941 from JacobBarthelmeh/Compatibility-Layer 
add implementation of EC_KEY_set_group
 2021-04-07 16:20:50 -07:00
Eric Blankenhorn ef69a9b458 Fix build error with NO_PKCS12 2021-04-07 15:36:35 -05:00
TakayukiMatsuo 7da85c6f3f Merge remote-tracking branch 'upstream/master' into tk11899 2021-04-07 12:01:39 +09:00
Jacob Barthelmeh 4eb8265c46 add ecc guard on test case 2021-04-06 20:01:15 +07:00
TakayukiMatsuo 0a05acff09 Add test cases for EVP_CIPHER_CTX_cleanup and BIO_free 2021-04-06 14:21:53 +09:00
JacobBarthelmeh 63c96c3585 add implementation of EC_KEY_set_group 2021-04-05 22:22:31 +07:00
Jacob Barthelmeh 9a86f133c8 additional fixes for reports with test cases 2021-04-05 21:26:52 +07:00
Hideki Miyazaki ea0f4580de
add X509_STORE_get/set_ex_data 2021-04-01 17:06:02 +09:00
Hideki Miyazaki b8684f3f7e
fix retrun code regression on RAND_bytes 
fix jenkins fail
 2021-04-01 13:35:50 +09:00
toddouska f7046ca12a
Merge pull request #3906 from douzzer/AES-BAD_ALIGN_E-consistency 
Adds optional AES CBC length checking
 2021-03-30 16:01:29 -07:00
toddouska 4d1ad6acd6
Merge pull request #3885 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis fixes for items listed as high priority
 2021-03-30 16:00:03 -07:00
Chris Conlon 4044b30363
Merge pull request #3915 from TakayukiMatsuo/os_ecdh 
Add unit tests for OpenSSL compat APIs
 2021-03-30 16:18:16 -06:00
Chris Conlon a9ff314840
Merge pull request #3912 from miyazakh/rsa_bits_ 
Added RSA_bits
 2021-03-26 17:00:56 -06:00
Chris Conlon b67f270e3d
Merge pull request #3910 from miyazakh/openssl_ext_unit_test 
Update compatibility layer api unit test
 2021-03-26 16:58:21 -06:00
Daniel Pouzzner 5f6b618e71 configure.ac: add --enable-aescbc-length-checks and add it to --enable-all; api.c: fix expected error code in WOLFSSL_AES_CBC_LENGTH_CHECKS path of test_wc_AesCbcEncryptDecrypt(); aes.c: add explanatory comment on WOLFSSL_AES_CBC_LENGTH_CHECKS to top of file. 2021-03-26 14:04:25 -05:00
Daniel Pouzzner 5d9ee97530 WOLFSSL_AES_CBC_LENGTH_CHECKS: add gated logic to aes.c wc_AesCbc{En,De}crypt() to return BAD_LENGTH_E when input length is not a multiple of AES_BLOCK_SIZE; add gated tests of new functionality in test_wc_AesCbcEncryptDecrypt(); fix first encrypt-decrypt-memcmp in test_wc_AesCbcEncryptDecrypt() to span all of test vector and extend test vector length to be block-multiple; add ungated logic in platform-specific wc_AesCbc{En,De}crypt() routines to return with early success when blocks == 0 (also mitigates buffer overrun on short (less-than-AES_BLOCK_SIZE) input); add BAD_LENGTH_E error code; update documentation. 2021-03-26 13:40:08 -05:00
toddouska 79fa71d600
Merge pull request #3882 from TakayukiMatsuo/tk11899 
Return code differences in wolfSSL_EVP_PKEY_cmp et al.
 2021-03-26 09:36:52 -07:00
TakayukiMatsuo 5456765dca Changed API names to call in unit tests. 2021-03-26 17:05:25 +09:00
TakayukiMatsuo 79837eeb8e Changed the function name to be called in the unit test to the OpeSSL function name. 2021-03-26 04:30:36 +09:00
TakayukiMatsuo dd6db22bc6 Changed the function name to be called in the unit test to the OpenSSL function name. 2021-03-26 04:08:02 +09:00
TakayukiMatsuo 8dcaa8c4b6 Merge remote-tracking branch 'upstream/master' into os_ecdh 
# Conflicts:
#	tests/api.c
 2021-03-25 19:17:22 +09:00
TakayukiMatsuo 952a9b3497 Add unit tests for CONT_modules_xxx, CRYPTO_set_dynlock_xxx, CRYPTO_THREADID_xxx and ENGINE_cleanup. 2021-03-25 19:02:13 +09:00
Hideki Miyazaki c9be50c3a0
added RSA_bits 2021-03-25 13:31:47 +09:00
TakayukiMatsuo 03bad1c056 Added logic to wait for TCP disconnect so that SSL_read behaves the same as OpenSSL after a bidirectional shutdown. 2021-03-25 12:54:05 +09:00
Hideki Miyazaki f7652d18a0
use compatibility layer API when they are enabled 2021-03-25 08:09:06 +09:00
toddouska 6134de6a22
Merge pull request #3855 from miyazakh/openssl_ext_r2 
Compatibility layer API addition
 2021-03-23 14:37:47 -07:00
TakayukiMatsuo a86a638698 Fix for PRB tests. 2021-03-21 08:19:02 +09:00
toddouska 14b7d70ae4
Merge pull request #3846 from kabuobeid/builtinEngsRandMethod 
Add wolfSSL_RAND_set_rand_method() and document ENGINE_load_builtin_engines()
 2021-03-19 14:23:03 -07:00
TakayukiMatsuo 364e35575c Add following modifications to unit-test: 
- Modify reference data in test_wolfSSL_EVP_PKEY_print_public
- Remove test_wc_EccPublicKeyDecode_ex
- Rewrite test_wc_DhPublicKeyDecode to have Assert
 2021-03-19 14:17:26 +09:00
Hideki Miyazaki 300cbf7a5b
fixed NO_WOLFSSL_DIR configuration case 2021-03-19 13:13:03 +09:00
Hideki Miyazaki 7b81ff1bc6
fixed api testing for hash dir 2021-03-19 13:13:01 +09:00
Hideki Miyazaki 84368eed3f
addressed review comment part 2 moving BY_DIR_xxx functions to internal 2021-03-19 13:13:00 +09:00
Hideki Miyazaki 4650aaf4fb
addressed review comments part 1 2021-03-19 13:13:00 +09:00
Hideki Miyazaki 39b0c4eaf8
fixed sanitize errors 2021-03-19 13:12:56 +09:00
Hideki Miyazaki b4a573ca98
Initial implemented X509_LOOKUP_ctrl L_ADD_DIR 2021-03-19 13:12:55 +09:00
Kareem Abuobeid a85e348c0e Change void return from RAND_seed back to int. 2021-03-18 11:20:56 -07:00
Jacob Barthelmeh a64bb8aef7 fix unused variable in test case from Jenkins test 2021-03-18 15:17:08 +07:00
David Garske 7760dcb43b Fixes and cleanups for the openssl compatibility layer `RAND_` functions. For `opensslextra=x509small` don't include the RAND method code. Removed abandonded "ENABLED_SMALL" option in configure.ac. 2021-03-17 15:51:52 -07:00
Kareem Abuobeid 1477af9a22 Add wolfSSL_RAND_set_rand_method() and support for RAND_ callbacks. 2021-03-17 14:29:24 -07:00
Jacob Barthelmeh d439694eb6 sanity check on length in wolfSSL_BN_rand 2021-03-17 13:41:27 +07:00
Jacob Barthelmeh 48d13bbfa5 fix for leak with wolfSSL_a2i_ASN1_INTEGER 2021-03-17 12:24:18 +07:00
TakayukiMatsuo 3bd7127188 Wrap some long lines. 2021-03-17 06:58:51 +09:00
TakayukiMatsuo 07807526c6 Change the following functions to behave the same as opeSSL: 
- EVP_CIPHER_CTX_cleanup
- BIO_free
- EVP_PKEY_cmp
 2021-03-17 05:47:45 +09:00
TakayukiMatsuo 9f6d1fe964 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-03-16 15:55:51 +09:00
Sean Parkinson 35659be06f AES GCM: implement streaming 
Updated EVP layer to use streaming API when enabled.
Assembly for x64 updated to include streaming.
 2021-03-16 16:39:49 +10:00
toddouska 5c4c101ac5
Merge pull request #3863 from JacobBarthelmeh/Testing 
fix for wolfSSL_ASN1_TIME_adj set length
 2021-03-15 17:17:33 -07:00
toddouska 3ac03d3d66
Merge pull request #3805 from JacobBarthelmeh/copyright 
update copyright date to 2021
 2021-03-15 16:16:50 -07:00
toddouska 5fd0950a3a
Merge pull request #3654 from SparkiDev/sakke_eccsi 
ECCSI and SAKKE: add support
 2021-03-15 16:15:59 -07:00
Jacob Barthelmeh 5369c133ad add macro guard around test 2021-03-12 11:44:09 +07:00
Sean Parkinson a55e94cf6f ECCSI and SAKKE: add support 
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
 2021-03-12 09:31:22 +10:00
Daniel Pouzzner 771a7418ea fixes for compat with autoconf 2.70 and gcc-10: update m4/ax_pthread.m4 and m4/ax_tls.m4 from upstream, fix declaration syntax in tests/api.c, add AC_CANONICAL_TARGET in configure.ac, and fix two spots with bad quoting syntax in configure.ac and m4/ax_linuxkm.m4. also fix myriad whitespace flubs in api.c. 2021-03-11 17:29:12 -06:00
elms c091b968a3
Merge pull request #3864 from cconlon/0311 
api.c fix for --enable-opensslall and --enable-debug
 2021-03-11 14:54:40 -08:00
elms 6241d56eec
Merge pull request #3865 from haydenroche5/fix_have_aes_ecb 
Change WOLFSSL_AES_ECB to HAVE_AES_ECB in api.c.
 2021-03-11 14:12:46 -08:00
Hayden Roche 211eefa155 Change WOLFSSL_AES_ECB to HAVE_AES_ECB in api.c. 2021-03-11 14:03:54 -06:00
Chris Conlon e184cf5c29 fix api.c build with --enable-opensslall and --enable-debug 2021-03-11 12:56:13 -07:00
Jacob Barthelmeh eb8b40c64a fix for wolfSSL_ASN1_TIME_adj set length 2021-03-11 20:34:17 +07:00
TakayukiMatsuo b9464befb6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-03-11 16:21:09 +09:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
toddouska 72eebd6e75
Merge pull request #3795 from JacobBarthelmeh/CAAM 
Addition of QNX CAAM driver
 2021-03-10 15:04:21 -08:00
toddouska 44c5ca9d39
Merge pull request #3825 from julek-wolfssl/openssl-key-wrap 
Implement `AES_wrap_key` and `AES_unwrap_key`
 2021-03-10 15:01:51 -08:00
toddouska 0bcde126d9
Merge pull request #3791 from TakayukiMatsuo/ZD11641 
Causes SSL_CTX_load_verify_locations and X509_LOOKUP_load_file to return zero on failure if WOLFSSL_ERR_CODE_OPENSSL is defined
 2021-03-10 14:54:14 -08:00
JacobBarthelmeh 4ad1b52108
Merge pull request #3824 from julek-wolfssl/ssl-bio-use-chain 
WOLFSSL_BIO_SSL BIO should use remaining chain for IO
 2021-03-10 18:21:09 +07:00
JacobBarthelmeh 28ae8e3e11 add include file for getting WOLFSSL_CAAM_DEVID in test case 2021-03-10 17:27:40 +07:00
Juliusz Sosinowicz d7838155e5 WOLFSSL_BIO_SSL BIO should use remaining chain for IO 
This is accomplished by passing the next BIO in the chain in to the `wolfSSL_set_bio` API.
 2021-03-10 10:13:42 +01:00
TakayukiMatsuo 153859f2b2 Merge remote-tracking branch 'upstream/master' into os_ecdh 
# Conflicts:
#	tests/api.c
 2021-03-09 12:00:15 +09:00
Chris Conlon 7b2aa54044
Merge pull request #3801 from TakayukiMatsuo/os_bio 
Add wolfSSL_BIO_tell
 2021-03-08 09:56:01 -07:00
TakayukiMatsuo feeb0ceb96 Change macro name to WS_RETURN_CODE and add more comments. 2021-03-08 11:57:36 +09:00
Hideki Miyazaki 3b768bcb5e
addressed review comments 2021-03-06 10:18:31 +09:00
Hideki Miyazaki 896245cae7
addressed jenkins cavp test failure 2021-03-05 08:19:25 +09:00
Hideki Miyazaki 464f82a575
addressed jenkins failure part4 2021-03-05 08:19:24 +09:00
Hideki Miyazaki 2246ea33cc
addressed sanitize failure 2021-03-05 08:19:23 +09:00
Hideki Miyazaki 302c6dfe11
addressed jenkins failure part3 2021-03-05 08:19:22 +09:00
Hideki Miyazaki 5ddd2710d7
addressed jenkins failure part2 2021-03-05 08:19:21 +09:00
Hideki Miyazaki cd26444e01
addressed jenkins failure part1 2021-03-05 08:19:21 +09:00
Hideki Miyazaki 5fb9aa3f9b
implemented SHA512_Transform and unit test 2021-03-05 08:19:20 +09:00
Hideki Miyazaki 82fb498ed5
Implemented MD5 unit tests 2021-03-05 08:19:19 +09:00
Hideki Miyazaki 502e1458f9
Implemented SHA one shot 
Implemented SHA_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki 95cf3675e9
implemented SHA256_Transform 
WIP SHA512_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki cb3fa8ff9e
SHA224 implementation 2021-03-05 08:19:16 +09:00
Hideki Miyazaki 44a20c8ce6
add more unit test case for load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki 544ed32893
implemented X509_load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki 2e223fb101
implemeted wolfSSL_CTX_get0/set1_param, and corresponding to sub-methods 2021-03-05 08:19:13 +09:00
toddouska 53a7397418
Merge pull request #3828 from elms/test/fix_openssl_ticket_noaes 
test: fix compile with session-ticket without AES-GCM
 2021-03-04 11:15:20 -08:00
toddouska 12d5c6d416
Merge pull request #3783 from haydenroche5/socat 
Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_…
 2021-03-04 11:10:17 -08:00
toddouska 90d45028cc
Merge pull request #3781 from fabiankeil/NO_WOLFSSL_STUB-build-fix 
Fix build with  NO_WOLFSSL_STUB
 2021-03-04 11:07:26 -08:00
Jacob Barthelmeh 69a0b643be removing some magic numbers 2021-03-03 18:45:40 +07:00
TakayukiMatsuo bbf1284112 Replace immediate value "0" with WOLFSSL_FAILURE and add comment to the RETURN_CODE macro 2021-03-03 11:23:11 +09:00
Elms 4ff886dbda test: fix compile with session-ticket without AES-GCM 
EVP compat layer doesn't support poly chacha so test shouldn't be
included to try and test it.
 2021-03-02 08:40:19 -08:00
Juliusz Sosinowicz 39a28eeec2 Add RSA_NO_PADDING to wolfSSL_RSA_private_encrypt 2021-03-01 13:21:26 +01:00
TakayukiMatsuo 42e87fa542 Add DH key initialization 2021-03-01 01:13:25 +09:00
TakayukiMatsuo e72948b018 Fix for PR tests 2021-02-28 10:27:43 +09:00
TakayukiMatsuo 78e2e37fd6 Remove unneccessary local variable initializations and remove local variable declarations in for-loops 2021-02-26 17:17:32 +09:00
TakayukiMatsuo a54e3aadea Fix for PR tests 2021-02-26 12:42:42 +09:00
TakayukiMatsuo ec471af9c5 Add following stub funcs: 
- wolfSSL_THREADID_current
- wolfSSL_THREADID_hash
- wolfSSL_CTX_set_ecdh_auto
 2021-02-26 11:26:10 +09:00
Hayden Roche 10181b7bbf Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_version. 
This is needed by socat-1.7.4.1.
 2021-02-25 17:04:41 -06:00
Juliusz Sosinowicz 2eb253330f Implement `AES_wrap_key` and `AES_unwrap_key` 
Add `wc_AesKeyWrap_ex` and `wc_AesKeyUnWrap_ex` API to accept an `Aes` object to use for the AES operations
 2021-02-25 20:01:51 +01:00
toddouska 94a23c1d48
Merge pull request #3646 from julek-wolfssl/nginx-1.19.6 
Add support for Nginx 1.19.6
 2021-02-24 12:21:51 -08:00
TakayukiMatsuo 2d0207fc60 Fix undeclared identifier errors 2021-02-24 05:38:28 +09:00
toddouska 5eba89c3ca
Merge pull request #3742 from julek-wolfssl/error-queue-per-thread 
Add --enable-error-queue-per-thread
 2021-02-23 12:02:16 -08:00
TakayukiMatsuo 760ea219a8 Fix for "unused variable" warning 2021-02-24 02:33:46 +09:00
Juliusz Sosinowicz d074e7443f Remove default ticket cb as this will be added in another PR 2021-02-23 10:06:11 +01:00
TakayukiMatsuo 9e4dcfb66c Add wolfSSL_BIO_tell 2021-02-23 11:12:12 +09:00
TakayukiMatsuo a7cca8a99b Fix wolfSSL_EVP_PKEY_print_public 2021-02-23 07:57:45 +09:00
TakayukiMatsuo b495e12179 Fix such as "for loop initial declaration" 2021-02-23 02:29:37 +09:00
TakayukiMatsuo e25284c690 Add wolfSSL_EVP_PKEY_print_public 2021-02-22 23:51:27 +09:00
TakayukiMatsuo 49d1b859d4 Add wolfSSL_EVP_Encode/Decode APIs 2021-02-22 17:51:44 +09:00
TakayukiMatsuo 4264a49246 Causes SSL_CTX_load_verify_locations and X509_LOOKUP_load_file to return zero on failure if WOLFSSL_ERR_CODE_OPENSSL is defined 2021-02-22 08:05:11 +09:00
Fabian Keil 2002ae9dca tests/api.c: Fix build with NO_WOLFSSL_STUB defined 2021-02-19 05:45:19 +01:00
Sean Parkinson fa7b5f55ee TLS 1.3: add API to tell if a KeyUpdate response is required 2021-02-19 10:21:08 +10:00
Eric Blankenhorn d31f184c49 Adding tests 2021-02-17 13:34:38 -06:00
Juliusz Sosinowicz b8f841599c Add --enable-error-queue-per-thread 2021-02-16 16:08:13 +01:00
Juliusz Sosinowicz 0ae1a8b8c5 Jenkins fixes 
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 26df833074 Compat layer session tickets 
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
 2021-02-16 14:25:45 +01:00