WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
15,416 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1712 Commits (aa6ca43e91e913ba9ec81dac6fa8a0c6aed3fe6f)

Author SHA1 Message Date
Hideki Miyazaki 6d3b9aec80
fix api compile failure 2021-06-12 09:24:11 +09:00
TakayukiMatsuo ed5cb0a1bd Modified along the revire comments 2021-06-11 21:08:27 +09:00
TakayukiMatsuo 779e3701e6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-06-11 13:56:52 +09:00
Sean Parkinson 36a9cd3010
Merge pull request #3911 from TakayukiMatsuo/tk11851 
Fix SSL_read behaving differently from openSSL after bidirectional shutdown
 2021-06-11 10:25:39 +10:00
Sean Parkinson 3ecb8d5a3e
Merge pull request #4062 from dgarske/dh_key 
DH Key and Params Export cleanups and Apache httpd fixes
 2021-06-10 20:54:32 +10:00
TakayukiMatsuo 4d3f2f92fd Add test cases for SHA(), SHA224(), MD5() and MD5_xxx() to test with null parameters. 2021-06-10 16:40:51 +09:00
David Garske c6c7dfd5db
Merge pull request #4053 from SparkiDev/cppcheck_fixes_6 
cppcheck: fixes from reviewing report
 2021-06-09 12:51:30 -07:00
Sean Parkinson 9580574382
Merge pull request #3999 from dgarske/user_io 
Fixes for building with `WOLFSSL_USER_IO`
 2021-06-09 08:55:36 +10:00
Sean Parkinson 70d2c838bb
Merge pull request #4080 from kaleb-himes/SHAKE_DEFAULT_FIX 
Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag
 2021-06-09 08:52:05 +10:00
David Garske 6db0b42c7f * Refactor of DH key and param exports code (moved into asn.c) enabled with `WOLFSSL_DH_EXTRA`. 
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
 2021-06-08 09:27:26 -07:00
TakayukiMatsuo 0186d19aba Fix some coding style issues. 2021-06-08 16:25:28 +09:00
Sean Parkinson 88322b82a5
Merge pull request #3871 from julek-wolfssl/openvpn-master 
OpenVPN additions and fixes
 2021-06-08 13:54:14 +10:00
Sean Parkinson 8ee1dda2f9
Merge pull request #4001 from dgarske/time_long 
Improve TLS v1.3 time rollover support and fixes for NO_ASN_TIME
 2021-06-08 11:17:55 +10:00
Elms 5c01613acb Add GCC extension to bypass select `-pedantic` warnings 
Add wrapper macro for `__extension__` to suppress pedantic warnings
 2021-06-07 15:38:15 -07:00
David Garske 3e307aa626
Merge pull request #4091 from JacobBarthelmeh/Testing 
add strict check on signature length
 2021-06-07 11:02:02 -07:00
Jacob Barthelmeh f97ca1c1ca adjust test case and add useful comments 2021-06-07 19:44:05 +07:00
Sean Parkinson 898b9d5e24
Merge pull request #4084 from dgarske/sp_math_keygen 
Fix for building SP small math only (no DH) with key generation
 2021-06-07 10:48:01 +10:00
Jacob Barthelmeh c245c4a812 add strict check on signature length 2021-06-05 03:09:33 +07:00
Chris Conlon 961773b384
Merge pull request #4079 from lealem47/PKCS12UnitTest 
Pkcs12 unit test
 2021-06-03 16:07:54 -06:00
David Garske 21060afb80 Fix for building SP math only (small) with key generation. Fix for WOLFSSL_EXTRA. Fix for RSA without PSS. Fix for ed25519 spelling error. 2021-06-03 10:56:54 -07:00
TakayukiMatsuo 195ca2b3f0 Add corner test cases for EVP_EncodeFinal and EVP_DecodeFinal 2021-06-03 20:02:48 +09:00
Chris Conlon 6cfb982740
Merge pull request #3981 from miyazakh/qt_oslext_cnf 
Added compatibility layer API
 2021-06-01 15:25:37 -06:00
Lealem Amedie 72fc7e62b8 Fixed spacing 2021-06-01 14:47:51 -06:00
kaleb-himes 94831eadf1 Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag 2021-06-01 11:38:17 -06:00
Lealem Amedie 03a5395b53 Fixed casting issue 2021-06-01 09:46:30 -06:00
Lealem Amedie 2db233d10e Added wolfssl_PKCS12_verify_mac testing in test_wolfSSL_PKCS12() function in api.c 2021-05-28 16:33:46 -06:00
Elms 7a98c517e4 Fixes for some `-pedantic` errors 
Some of the API with callbacks may not be compatible with pedantic
 2021-05-27 14:46:45 -07:00
TakayukiMatsuo d1e3be1f43 Replace return code from literal to value 2021-05-27 06:20:34 +09:00
David Garske 41af3da0e3
Merge pull request #4057 from SparkiDev/no_tls12_pkcb 
TLS: fix build with no TLSv12 but PK callbacks
 2021-05-25 15:26:40 -07:00
Hideki Miyazaki af67965f65
addressed jenkins failures part1 2021-05-26 06:07:48 +09:00
Hideki Miyazaki 33e91c577f
added unit test cases for cmdline 2021-05-26 06:07:47 +09:00
Hideki Miyazaki 394c0b5cdc
implemented CONF_cmd 2021-05-26 06:07:47 +09:00
Sean Parkinson e1bc0c4447 EVP AES-GCM Streaming: must free Aes 
AES streaming implementation allocates data in Aes objects, when small
stack, that needs to be freed.
Fix memory leaks in streaming test case too.
 2021-05-25 15:57:09 +10:00
Sean Parkinson 6747055d46 TLS: fix build with no TLSv12 but PK callbacks 
./configure '--disable-tlsv12' '-enable-pkcallbacks'
Disable non-TLS13 cipher suite test as well.
 2021-05-21 10:59:23 +10:00
Sean Parkinson 2c6285ccba cppcheck: fixes from reviewing report 2021-05-20 17:55:06 +10:00
TakayukiMatsuo 8c71fb4113 Add test cases for wc_ShaxxxUpdate funcs 2021-05-14 09:46:21 +09:00
Juliusz Sosinowicz 5865dc08dd Code review changes 2021-05-13 15:21:33 +02:00
Chris Conlon c75830e2e8
Merge pull request #4011 from miyazakh/set_verify_depth2 
fix out of bound access when peer's chain is greater than verifyDepth + 1
 2021-05-11 15:38:39 -06:00
David Garske fce9870a64
Merge pull request #4020 from ejohnstown/options-export 
New Option Export/Import
 2021-05-11 09:10:17 -07:00
John Safranek d74b74d156
Also adjust for v3 of export, and update the API test case. 2021-05-10 18:06:31 -07:00
David Garske db7888ceaa Fix for the unmodified check for AesCbc test. 2021-05-10 10:04:50 -07:00
David Garske c88afdef87 Fixes for building with `WOLFSSL_USER_IO` (with no built-in socket support). Related to issue #3998. 2021-05-06 11:07:05 -07:00
Hideki Miyazaki 2a39f1dc5c
fixed memory leak 2021-05-06 16:55:51 +09:00
Hideki Miyazaki 93f04543b0
fixed unit test intermittent failure 2021-05-06 15:40:24 +09:00
Hideki Miyazaki 0539b99c86
fix boundary access when peer's chain is less than verifyDepth + 1 2021-05-06 14:54:16 +09:00
Hayden Roche 822aa92fcc Fix test_wolfSSL_CertManagerCheckOCSPResponse. 
This test broke once we went past the nextUpdate time in the static, raw OCSP
response being used. This change makes it so that response is valid until 2048.
 2021-05-03 15:26:39 -07:00
David Garske 6e0197e171
Merge pull request #4002 from kabuobeid/smime_fixes 
S/MIME: Canonicalize multi-part messages before hashing.  Improve error checking in wc_MIME_parse_headers.
 2021-05-03 09:24:43 -07:00
Kareem Abuobeid effcecf40d S/MIME: Add non-canonicalized test case 2021-04-30 15:07:37 -07:00
David Garske f8ecd4b441 Fixes for building with `NO_ASN_TIME`. If used with TLS user must supply `LowResTimer` and `TimeNowInMilliseconds`. 2021-04-30 15:04:31 -07:00
Chris Conlon 57e03d7e2f
Merge pull request #3961 from miyazakh/qt_oslext_pskss_cb 
added psk session callback compatibility layer API
 2021-04-30 14:26:44 -06:00
TakayukiMatsuo c4782a7a1c Fix macro guard for wolfSSL_CRYPTO_get_ex_new_index and get_ex_new_index. 2021-04-28 10:41:49 +09:00
TakayukiMatsuo 9c0ff73370 Add wolfSSL_CRYPTO_get_ex_new_index 2021-04-28 10:38:53 +09:00
Hideki Miyazaki 0e40293798
added psk session callback 2021-04-28 10:08:21 +09:00
David Garske 385e0bedaa
Merge pull request #3990 from haydenroche5/ocsp_bug 
Fix CompareOcspReqResp.
 2021-04-27 17:07:58 -07:00
Chris Conlon edb0beb9b6
Merge pull request #3969 from TakayukiMatsuo/koyo 
Add wolfSSL_DH_get0_pqg
 2021-04-27 17:52:17 -06:00
Chris Conlon 6fad8c4a57
Merge pull request #3975 from TakayukiMatsuo/resumable 
Add implementation for wolfSSL_SESSION_is_resumable.
 2021-04-27 16:45:34 -06:00
Hayden Roche 73076940af Fix CompareOcspReqResp. 
There was a bug in this function that could cause a match to be reported even
when the OCSP request and response in fact had a mismatch.
 2021-04-27 13:54:43 -07:00
Hideki Miyazaki 6d381a6c7f
do nothing when version is zero 2021-04-27 21:13:19 +09:00
Hideki Miyazaki 3b070e1bd0
add MIN/MAX_PROTO into CTX_ctrl 
add unit test for min/max proto of CTX ctrl
 2021-04-27 21:13:17 +09:00
toddouska 91e90f7a98
Merge pull request #3604 from haydenroche5/stunnel 
Make changes to get latest verison of stunnel (5.57) working with wolfSSL.
 2021-04-23 15:41:22 -07:00
toddouska c3fefc6e27
Merge pull request #3889 from douzzer/network-introspection 
--enable-wolfsentry
 2021-04-23 15:38:01 -07:00
TakayukiMatsuo 2b6f623777 Add implementation for wolfSSL_SESSION_is_resumable. 2021-04-23 11:12:20 +09:00
TakayukiMatsuo c442841e4a Fix some along review. 2021-04-23 10:53:22 +09:00
TakayukiMatsuo d22ed7443b Fix unit test. 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 568c09bcde Add guard to the unit test 2021-04-23 09:47:24 +09:00
TakayukiMatsuo 63826e227b Add wolfSSL_DH_get0_pqg 2021-04-23 09:47:24 +09:00
Chris Conlon 878e0006ad
Merge pull request #3965 from miyazakh/qt_oslext_epk_param_ck 
added wofSSL_EVP_PKEY_param_check for compatibility layer API
 2021-04-22 15:43:47 -06:00
Daniel Pouzzner 89d7f4faf3 tests/api.c: add missing void arglists. 2021-04-21 03:22:10 -05:00
Daniel Pouzzner ba2cc00e5d initial implementation of WOLFSSL_NETWORK_INTROSPECTION: --enable-network-introspection, struct wolfSSL_network_connection, wolfSSL_*_endpoints*(), NetworkFilterCallback_t, wolfSSL_*set_AcceptFilter(). 2021-04-20 23:59:57 -05:00
Hideki Miyazaki d3b41a2fed
addressed review comments p1 2021-04-21 09:10:32 +09:00
Hideki Miyazaki e063984d17
added EVP_PKEY_param_check 2021-04-21 07:53:18 +09:00
Hideki Miyazaki bca3cd1d49
fix jenkins failures 2021-04-21 07:39:12 +09:00
Hideki Miyazaki 89b5b90be6
added compatibility layer API stub for Qt 5.15.2 2021-04-21 07:39:12 +09:00
Chris Conlon f931e67cd7
Merge pull request #3946 from TakayukiMatsuo/tk11899 
Add test cases for EVP_CIPHER_CTX_cleanup and BIO_free
 2021-04-20 10:10:41 -06:00
Chris Conlon c3aee06b23
Merge pull request #3939 from miyazakh/qt_v5p15p2_r1 
added and modified compatibility layer APIs for Qt v5.15.2 part1
 2021-04-20 10:02:27 -06:00
Hideki Miyazaki 5a1d171236
fixed unit test failure 2021-04-14 21:25:50 +09:00
Hideki Miyazaki 03cfc3dc8f
addressed review comments part1 2021-04-14 11:15:23 +09:00
TakayukiMatsuo f245ba0ca1 Merge remote-tracking branch 'upstream/master' into tk11899 
# Conflicts:
#	tests/api.c
 2021-04-14 06:13:46 +09:00
Chris Conlon c129f630e2
Merge pull request #3933 from miyazakh/rand_bytes_regression 
fix retrun code regression on RAND_bytes
 2021-04-13 13:55:04 -06:00
Hayden Roche 4cd3f2e826 Make changes to get latest verison of stunnel (5.57) working with wolfSSL. 2021-04-13 09:18:25 -05:00
David Garske 021c22c038
Merge pull request #3950 from embhorn/zd11850 
Fix build error with NO_PKCS12
 2021-04-12 10:46:45 -07:00
Hideki Miyazaki 501de37cad
fixed memory leak in unit test 2021-04-12 18:34:07 +09:00
Hideki Miyazaki ad6f8e4246
added and modified compatibility layer APIs for Qt v5.15.2 part1 2021-04-12 18:34:07 +09:00
Daniel Pouzzner 04cc48b810
Merge pull request #3935 from miyazakh/x509_store_ex_data 
add X509_STORE_get/set_ex_data
 2021-04-08 21:51:03 -05:00
TakayukiMatsuo 07022eebe7 Add a OPENSSL_EXTRA guard to call SSL_get_early_data_status 2021-04-09 01:10:45 +09:00
TakayukiMatsuo 424d97ca3d Merge remote-tracking branch 'upstream/master' into tk11899 
# Conflicts:
#	src/ssl.c
 2021-04-08 23:59:51 +09:00
TakayukiMatsuo bc7191ca4c Added test cases for NULL-parameter 2021-04-08 23:11:00 +09:00
toddouska de8653be35
Merge pull request #3941 from JacobBarthelmeh/Compatibility-Layer 
add implementation of EC_KEY_set_group
 2021-04-07 16:20:50 -07:00
Eric Blankenhorn ef69a9b458 Fix build error with NO_PKCS12 2021-04-07 15:36:35 -05:00
TakayukiMatsuo 7da85c6f3f Merge remote-tracking branch 'upstream/master' into tk11899 2021-04-07 12:01:39 +09:00
Jacob Barthelmeh 4eb8265c46 add ecc guard on test case 2021-04-06 20:01:15 +07:00
TakayukiMatsuo 0a05acff09 Add test cases for EVP_CIPHER_CTX_cleanup and BIO_free 2021-04-06 14:21:53 +09:00
JacobBarthelmeh 63c96c3585 add implementation of EC_KEY_set_group 2021-04-05 22:22:31 +07:00
Jacob Barthelmeh 9a86f133c8 additional fixes for reports with test cases 2021-04-05 21:26:52 +07:00
Hideki Miyazaki ea0f4580de
add X509_STORE_get/set_ex_data 2021-04-01 17:06:02 +09:00
Hideki Miyazaki b8684f3f7e
fix retrun code regression on RAND_bytes 
fix jenkins fail
 2021-04-01 13:35:50 +09:00
toddouska f7046ca12a
Merge pull request #3906 from douzzer/AES-BAD_ALIGN_E-consistency 
Adds optional AES CBC length checking
 2021-03-30 16:01:29 -07:00
toddouska 4d1ad6acd6
Merge pull request #3885 from JacobBarthelmeh/StaticAnalysisTests 
Static analysis fixes for items listed as high priority
 2021-03-30 16:00:03 -07:00
Chris Conlon 4044b30363
Merge pull request #3915 from TakayukiMatsuo/os_ecdh 
Add unit tests for OpenSSL compat APIs
 2021-03-30 16:18:16 -06:00
Chris Conlon a9ff314840
Merge pull request #3912 from miyazakh/rsa_bits_ 
Added RSA_bits
 2021-03-26 17:00:56 -06:00
Chris Conlon b67f270e3d
Merge pull request #3910 from miyazakh/openssl_ext_unit_test 
Update compatibility layer api unit test
 2021-03-26 16:58:21 -06:00
Daniel Pouzzner 5f6b618e71 configure.ac: add --enable-aescbc-length-checks and add it to --enable-all; api.c: fix expected error code in WOLFSSL_AES_CBC_LENGTH_CHECKS path of test_wc_AesCbcEncryptDecrypt(); aes.c: add explanatory comment on WOLFSSL_AES_CBC_LENGTH_CHECKS to top of file. 2021-03-26 14:04:25 -05:00
Daniel Pouzzner 5d9ee97530 WOLFSSL_AES_CBC_LENGTH_CHECKS: add gated logic to aes.c wc_AesCbc{En,De}crypt() to return BAD_LENGTH_E when input length is not a multiple of AES_BLOCK_SIZE; add gated tests of new functionality in test_wc_AesCbcEncryptDecrypt(); fix first encrypt-decrypt-memcmp in test_wc_AesCbcEncryptDecrypt() to span all of test vector and extend test vector length to be block-multiple; add ungated logic in platform-specific wc_AesCbc{En,De}crypt() routines to return with early success when blocks == 0 (also mitigates buffer overrun on short (less-than-AES_BLOCK_SIZE) input); add BAD_LENGTH_E error code; update documentation. 2021-03-26 13:40:08 -05:00
toddouska 79fa71d600
Merge pull request #3882 from TakayukiMatsuo/tk11899 
Return code differences in wolfSSL_EVP_PKEY_cmp et al.
 2021-03-26 09:36:52 -07:00
TakayukiMatsuo 5456765dca Changed API names to call in unit tests. 2021-03-26 17:05:25 +09:00
TakayukiMatsuo 79837eeb8e Changed the function name to be called in the unit test to the OpeSSL function name. 2021-03-26 04:30:36 +09:00
TakayukiMatsuo dd6db22bc6 Changed the function name to be called in the unit test to the OpenSSL function name. 2021-03-26 04:08:02 +09:00
TakayukiMatsuo 8dcaa8c4b6 Merge remote-tracking branch 'upstream/master' into os_ecdh 
# Conflicts:
#	tests/api.c
 2021-03-25 19:17:22 +09:00
TakayukiMatsuo 952a9b3497 Add unit tests for CONT_modules_xxx, CRYPTO_set_dynlock_xxx, CRYPTO_THREADID_xxx and ENGINE_cleanup. 2021-03-25 19:02:13 +09:00
Hideki Miyazaki c9be50c3a0
added RSA_bits 2021-03-25 13:31:47 +09:00
TakayukiMatsuo 03bad1c056 Added logic to wait for TCP disconnect so that SSL_read behaves the same as OpenSSL after a bidirectional shutdown. 2021-03-25 12:54:05 +09:00
Hideki Miyazaki f7652d18a0
use compatibility layer API when they are enabled 2021-03-25 08:09:06 +09:00
toddouska 6134de6a22
Merge pull request #3855 from miyazakh/openssl_ext_r2 
Compatibility layer API addition
 2021-03-23 14:37:47 -07:00
TakayukiMatsuo a86a638698 Fix for PRB tests. 2021-03-21 08:19:02 +09:00
toddouska 14b7d70ae4
Merge pull request #3846 from kabuobeid/builtinEngsRandMethod 
Add wolfSSL_RAND_set_rand_method() and document ENGINE_load_builtin_engines()
 2021-03-19 14:23:03 -07:00
TakayukiMatsuo 364e35575c Add following modifications to unit-test: 
- Modify reference data in test_wolfSSL_EVP_PKEY_print_public
- Remove test_wc_EccPublicKeyDecode_ex
- Rewrite test_wc_DhPublicKeyDecode to have Assert
 2021-03-19 14:17:26 +09:00
Hideki Miyazaki 300cbf7a5b
fixed NO_WOLFSSL_DIR configuration case 2021-03-19 13:13:03 +09:00
Hideki Miyazaki 7b81ff1bc6
fixed api testing for hash dir 2021-03-19 13:13:01 +09:00
Hideki Miyazaki 84368eed3f
addressed review comment part 2 moving BY_DIR_xxx functions to internal 2021-03-19 13:13:00 +09:00
Hideki Miyazaki 4650aaf4fb
addressed review comments part 1 2021-03-19 13:13:00 +09:00
Hideki Miyazaki 39b0c4eaf8
fixed sanitize errors 2021-03-19 13:12:56 +09:00
Hideki Miyazaki b4a573ca98
Initial implemented X509_LOOKUP_ctrl L_ADD_DIR 2021-03-19 13:12:55 +09:00
Kareem Abuobeid a85e348c0e Change void return from RAND_seed back to int. 2021-03-18 11:20:56 -07:00
Jacob Barthelmeh a64bb8aef7 fix unused variable in test case from Jenkins test 2021-03-18 15:17:08 +07:00
David Garske 7760dcb43b Fixes and cleanups for the openssl compatibility layer `RAND_` functions. For `opensslextra=x509small` don't include the RAND method code. Removed abandonded "ENABLED_SMALL" option in configure.ac. 2021-03-17 15:51:52 -07:00
Kareem Abuobeid 1477af9a22 Add wolfSSL_RAND_set_rand_method() and support for RAND_ callbacks. 2021-03-17 14:29:24 -07:00
Jacob Barthelmeh d439694eb6 sanity check on length in wolfSSL_BN_rand 2021-03-17 13:41:27 +07:00
Jacob Barthelmeh 48d13bbfa5 fix for leak with wolfSSL_a2i_ASN1_INTEGER 2021-03-17 12:24:18 +07:00
TakayukiMatsuo 3bd7127188 Wrap some long lines. 2021-03-17 06:58:51 +09:00
TakayukiMatsuo 07807526c6 Change the following functions to behave the same as opeSSL: 
- EVP_CIPHER_CTX_cleanup
- BIO_free
- EVP_PKEY_cmp
 2021-03-17 05:47:45 +09:00
TakayukiMatsuo 9f6d1fe964 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-03-16 15:55:51 +09:00
Sean Parkinson 35659be06f AES GCM: implement streaming 
Updated EVP layer to use streaming API when enabled.
Assembly for x64 updated to include streaming.
 2021-03-16 16:39:49 +10:00
toddouska 5c4c101ac5
Merge pull request #3863 from JacobBarthelmeh/Testing 
fix for wolfSSL_ASN1_TIME_adj set length
 2021-03-15 17:17:33 -07:00
toddouska 3ac03d3d66
Merge pull request #3805 from JacobBarthelmeh/copyright 
update copyright date to 2021
 2021-03-15 16:16:50 -07:00
toddouska 5fd0950a3a
Merge pull request #3654 from SparkiDev/sakke_eccsi 
ECCSI and SAKKE: add support
 2021-03-15 16:15:59 -07:00
Jacob Barthelmeh 5369c133ad add macro guard around test 2021-03-12 11:44:09 +07:00
Sean Parkinson a55e94cf6f ECCSI and SAKKE: add support 
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
 2021-03-12 09:31:22 +10:00
Daniel Pouzzner 771a7418ea fixes for compat with autoconf 2.70 and gcc-10: update m4/ax_pthread.m4 and m4/ax_tls.m4 from upstream, fix declaration syntax in tests/api.c, add AC_CANONICAL_TARGET in configure.ac, and fix two spots with bad quoting syntax in configure.ac and m4/ax_linuxkm.m4. also fix myriad whitespace flubs in api.c. 2021-03-11 17:29:12 -06:00
elms c091b968a3
Merge pull request #3864 from cconlon/0311 
api.c fix for --enable-opensslall and --enable-debug
 2021-03-11 14:54:40 -08:00
elms 6241d56eec
Merge pull request #3865 from haydenroche5/fix_have_aes_ecb 
Change WOLFSSL_AES_ECB to HAVE_AES_ECB in api.c.
 2021-03-11 14:12:46 -08:00
Hayden Roche 211eefa155 Change WOLFSSL_AES_ECB to HAVE_AES_ECB in api.c. 2021-03-11 14:03:54 -06:00
Chris Conlon e184cf5c29 fix api.c build with --enable-opensslall and --enable-debug 2021-03-11 12:56:13 -07:00
Jacob Barthelmeh eb8b40c64a fix for wolfSSL_ASN1_TIME_adj set length 2021-03-11 20:34:17 +07:00
TakayukiMatsuo b9464befb6 Merge branch 'master' of github.com:wolfSSL/wolfssl into os_keyprint 2021-03-11 16:21:09 +09:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
toddouska 72eebd6e75
Merge pull request #3795 from JacobBarthelmeh/CAAM 
Addition of QNX CAAM driver
 2021-03-10 15:04:21 -08:00
toddouska 44c5ca9d39
Merge pull request #3825 from julek-wolfssl/openssl-key-wrap 
Implement `AES_wrap_key` and `AES_unwrap_key`
 2021-03-10 15:01:51 -08:00
toddouska 0bcde126d9
Merge pull request #3791 from TakayukiMatsuo/ZD11641 
Causes SSL_CTX_load_verify_locations and X509_LOOKUP_load_file to return zero on failure if WOLFSSL_ERR_CODE_OPENSSL is defined
 2021-03-10 14:54:14 -08:00
JacobBarthelmeh 4ad1b52108
Merge pull request #3824 from julek-wolfssl/ssl-bio-use-chain 
WOLFSSL_BIO_SSL BIO should use remaining chain for IO
 2021-03-10 18:21:09 +07:00
JacobBarthelmeh 28ae8e3e11 add include file for getting WOLFSSL_CAAM_DEVID in test case 2021-03-10 17:27:40 +07:00
Juliusz Sosinowicz d7838155e5 WOLFSSL_BIO_SSL BIO should use remaining chain for IO 
This is accomplished by passing the next BIO in the chain in to the `wolfSSL_set_bio` API.
 2021-03-10 10:13:42 +01:00
TakayukiMatsuo 153859f2b2 Merge remote-tracking branch 'upstream/master' into os_ecdh 
# Conflicts:
#	tests/api.c
 2021-03-09 12:00:15 +09:00
Chris Conlon 7b2aa54044
Merge pull request #3801 from TakayukiMatsuo/os_bio 
Add wolfSSL_BIO_tell
 2021-03-08 09:56:01 -07:00
TakayukiMatsuo feeb0ceb96 Change macro name to WS_RETURN_CODE and add more comments. 2021-03-08 11:57:36 +09:00
Hideki Miyazaki 3b768bcb5e
addressed review comments 2021-03-06 10:18:31 +09:00
Hideki Miyazaki 896245cae7
addressed jenkins cavp test failure 2021-03-05 08:19:25 +09:00
Hideki Miyazaki 464f82a575
addressed jenkins failure part4 2021-03-05 08:19:24 +09:00
Hideki Miyazaki 2246ea33cc
addressed sanitize failure 2021-03-05 08:19:23 +09:00
Hideki Miyazaki 302c6dfe11
addressed jenkins failure part3 2021-03-05 08:19:22 +09:00
Hideki Miyazaki 5ddd2710d7
addressed jenkins failure part2 2021-03-05 08:19:21 +09:00
Hideki Miyazaki cd26444e01
addressed jenkins failure part1 2021-03-05 08:19:21 +09:00
Hideki Miyazaki 5fb9aa3f9b
implemented SHA512_Transform and unit test 2021-03-05 08:19:20 +09:00
Hideki Miyazaki 82fb498ed5
Implemented MD5 unit tests 2021-03-05 08:19:19 +09:00
Hideki Miyazaki 502e1458f9
Implemented SHA one shot 
Implemented SHA_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki 95cf3675e9
implemented SHA256_Transform 
WIP SHA512_Transform
 2021-03-05 08:19:17 +09:00
Hideki Miyazaki cb3fa8ff9e
SHA224 implementation 2021-03-05 08:19:16 +09:00
Hideki Miyazaki 44a20c8ce6
add more unit test case for load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki 544ed32893
implemented X509_load_crl_file 2021-03-05 08:19:14 +09:00
Hideki Miyazaki 2e223fb101
implemeted wolfSSL_CTX_get0/set1_param, and corresponding to sub-methods 2021-03-05 08:19:13 +09:00
toddouska 53a7397418
Merge pull request #3828 from elms/test/fix_openssl_ticket_noaes 
test: fix compile with session-ticket without AES-GCM
 2021-03-04 11:15:20 -08:00
toddouska 12d5c6d416
Merge pull request #3783 from haydenroche5/socat 
Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_…
 2021-03-04 11:10:17 -08:00
toddouska 90d45028cc
Merge pull request #3781 from fabiankeil/NO_WOLFSSL_STUB-build-fix 
Fix build with  NO_WOLFSSL_STUB
 2021-03-04 11:07:26 -08:00
Jacob Barthelmeh 69a0b643be removing some magic numbers 2021-03-03 18:45:40 +07:00
TakayukiMatsuo bbf1284112 Replace immediate value "0" with WOLFSSL_FAILURE and add comment to the RETURN_CODE macro 2021-03-03 11:23:11 +09:00
Elms 4ff886dbda test: fix compile with session-ticket without AES-GCM 
EVP compat layer doesn't support poly chacha so test shouldn't be
included to try and test it.
 2021-03-02 08:40:19 -08:00
Juliusz Sosinowicz 39a28eeec2 Add RSA_NO_PADDING to wolfSSL_RSA_private_encrypt 2021-03-01 13:21:26 +01:00
TakayukiMatsuo 42e87fa542 Add DH key initialization 2021-03-01 01:13:25 +09:00
TakayukiMatsuo e72948b018 Fix for PR tests 2021-02-28 10:27:43 +09:00
TakayukiMatsuo 78e2e37fd6 Remove unneccessary local variable initializations and remove local variable declarations in for-loops 2021-02-26 17:17:32 +09:00
TakayukiMatsuo a54e3aadea Fix for PR tests 2021-02-26 12:42:42 +09:00
TakayukiMatsuo ec471af9c5 Add following stub funcs: 
- wolfSSL_THREADID_current
- wolfSSL_THREADID_hash
- wolfSSL_CTX_set_ecdh_auto
 2021-02-26 11:26:10 +09:00
Hayden Roche 10181b7bbf Add support for OpenSSL compatibility function SSL_CTX_get_min_proto_version. 
This is needed by socat-1.7.4.1.
 2021-02-25 17:04:41 -06:00
Juliusz Sosinowicz 2eb253330f Implement `AES_wrap_key` and `AES_unwrap_key` 
Add `wc_AesKeyWrap_ex` and `wc_AesKeyUnWrap_ex` API to accept an `Aes` object to use for the AES operations
 2021-02-25 20:01:51 +01:00
toddouska 94a23c1d48
Merge pull request #3646 from julek-wolfssl/nginx-1.19.6 
Add support for Nginx 1.19.6
 2021-02-24 12:21:51 -08:00
TakayukiMatsuo 2d0207fc60 Fix undeclared identifier errors 2021-02-24 05:38:28 +09:00
toddouska 5eba89c3ca
Merge pull request #3742 from julek-wolfssl/error-queue-per-thread 
Add --enable-error-queue-per-thread
 2021-02-23 12:02:16 -08:00
TakayukiMatsuo 760ea219a8 Fix for "unused variable" warning 2021-02-24 02:33:46 +09:00
Juliusz Sosinowicz d074e7443f Remove default ticket cb as this will be added in another PR 2021-02-23 10:06:11 +01:00
TakayukiMatsuo 9e4dcfb66c Add wolfSSL_BIO_tell 2021-02-23 11:12:12 +09:00
TakayukiMatsuo a7cca8a99b Fix wolfSSL_EVP_PKEY_print_public 2021-02-23 07:57:45 +09:00
TakayukiMatsuo b495e12179 Fix such as "for loop initial declaration" 2021-02-23 02:29:37 +09:00
TakayukiMatsuo e25284c690 Add wolfSSL_EVP_PKEY_print_public 2021-02-22 23:51:27 +09:00
TakayukiMatsuo 49d1b859d4 Add wolfSSL_EVP_Encode/Decode APIs 2021-02-22 17:51:44 +09:00
TakayukiMatsuo 4264a49246 Causes SSL_CTX_load_verify_locations and X509_LOOKUP_load_file to return zero on failure if WOLFSSL_ERR_CODE_OPENSSL is defined 2021-02-22 08:05:11 +09:00
Fabian Keil 2002ae9dca tests/api.c: Fix build with NO_WOLFSSL_STUB defined 2021-02-19 05:45:19 +01:00
Sean Parkinson fa7b5f55ee TLS 1.3: add API to tell if a KeyUpdate response is required 2021-02-19 10:21:08 +10:00
Eric Blankenhorn d31f184c49 Adding tests 2021-02-17 13:34:38 -06:00
Juliusz Sosinowicz b8f841599c Add --enable-error-queue-per-thread 2021-02-16 16:08:13 +01:00
Juliusz Sosinowicz 0ae1a8b8c5 Jenkins fixes 
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 26df833074 Compat layer session tickets 
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
 2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz 9a1e54cfd5 Nginx 1.19.6 Fixes 2021-02-16 14:25:45 +01:00
Sean Parkinson ba1c67843a
Merge pull request #3752 from JacobBarthelmeh/Jenkins 
changes from nightly Jenkins test review
 2021-02-15 16:32:40 +10:00
toddouska fc005f941c
Merge pull request #3750 from embhorn/buffer_conflict 
Fix use of 'buffer' in test
 2021-02-12 13:59:18 -08:00
Jacob Barthelmeh 1c852f60ab fix for g++ build 2021-02-12 23:26:54 +07:00
Jacob Barthelmeh a49c867b38 increase test buffer size for updated pkcs7 bundle 2021-02-12 23:16:04 +07:00
Eric Blankenhorn 2ac826c37e Fix use of 'buffer' in test 2021-02-11 15:58:26 -06:00
toddouska 81dcf0d28b
Merge pull request #3640 from tmael/evp_rsa2 
Remove EVP_PKEY_RSA2
 2021-02-11 13:51:46 -08:00
toddouska 39cb84de25
Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff 
OpenVPN master additions
 2021-02-11 08:56:45 -08:00
toddouska 032cc1645c
Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb 
TLS Session Ticket: default encryption callback
 2021-02-10 16:13:33 -08:00
toddouska 67b1280bbf
Merge pull request #3545 from kabuobeid/smime 
Added support for reading S/MIME messages via SMIME_read_PKCS7.
 2021-02-10 15:59:32 -08:00
Sean Parkinson 0403f5f18d
Merge pull request #3744 from JacobBarthelmeh/Certs 
run renewcerts.sh script
 2021-02-11 09:43:49 +10:00
Jacob Barthelmeh 41e5e547c4 run renewcerts.sh script 2021-02-11 03:12:54 +07:00
Jacob Barthelmeh 3c0563908f openssl x509 small with req cert gen 
add test for build case with x509small and add back in function

adjust macro guard for i2d_X509_NAME implementation

add macro guard on test case
 2021-02-10 21:48:29 +07:00
Sean Parkinson 794cb5c7a9 TLS Session Ticket: default encryption callback 
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
 2021-02-10 14:31:54 +10:00
Chris Conlon 012841bba3
Merge pull request #3738 from embhorn/cmp_layer_high 
Compatibility layer API
 2021-02-09 08:33:41 -07:00
Chris Conlon 71b495c422
Merge pull request #3712 from miyazakh/RND_bytes 
handle size greater than RNG_MAX_BLOCK_LEN
 2021-02-09 08:26:30 -07:00
Kareem Abuobeid a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
toddouska f14f1f37d2
Merge pull request #3673 from elms/ssl_api/get_verify_mode 
SSL: add support for `SSL_get_verify_mode`
 2021-02-08 15:40:19 -08:00
Eric Blankenhorn de47b9d88a Adding X509_VERIFY_PARAM API 2021-02-08 08:25:14 -06:00
Hideki Miyazaki 431e1c8ffe
handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
Juliusz Sosinowicz 542e0d79ec Jenkins Fixes 
- explicit conversions
- not all curves available for wolfSSL_CTX_set1_groups_list
- group funcs depend on HAVE_ECC
- `InitSuites` after `ssl->suites` has been set
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 69dca4fd08 Rebase fixes 
- wolfSSL_CTX_set1_groups_list and wolfSSL_set1_groups_list should use wolfSSL_CTX_set1_groups and wolfSSL_set1_groups respectively because it converts to correct groups representation
- Change to using "SHA1" as main name for SHA1
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz c18701ebe7 Implement RFC 5705: Keying Material Exporters for TLS 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 3494218d98 Implement missing functionality for OpenVPN 2.5 2021-02-02 12:06:11 +01:00
toddouska 6e0e507dad
Merge pull request #3660 from dgarske/sess_ticket_aes_gcm 
Added support for AES GCM session ticket encryption
 2021-01-25 15:00:03 -08:00
toddouska f91dcb950c
Merge pull request #3670 from dgarske/keil 
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
 2021-01-25 14:57:05 -08:00
toddouska cf9e4f0caf
Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2 
Fixes for openssh
 2021-01-25 14:45:56 -08:00
David Garske 05e1ee1694 Cleanup to use fixed sizes from defines for `DECLARE_VAR`. Resolves issue with Visual Studio and using a variable (even const) to declare an array size. 2021-01-25 09:14:12 -08:00
Tesfa Mael d29518ecac Remove duplicate macro 2021-01-22 13:02:30 -08:00
Elms 21ac86adb3 SSL: refactor SSL verify mode to be more compatible 
This follows the bit flag pattern closer. Still doesn't support
`SSL_VERIFY_CLIENT_ONCE` and maybe other flags.
 2021-01-22 12:17:07 -08:00
David Garske 13468d34e3 Apply same VS fixes to api.c as well. 2021-01-22 10:50:18 -08:00
David Garske 9012317f5b Fix copy/paste typo. 2021-01-21 17:41:11 -08:00
David Garske 1ee40ad7bd Fix to always init the variable (not just when from heap). Cleanup of the `DECLARE_` uses to make sure all allocations succeeded. 2021-01-21 17:12:29 -08:00
David Garske 830b3cb676
Merge pull request #3653 from kojo1/fopen_binMode 
binary mode, fopen
 2021-01-21 16:20:07 -08:00
Elms 95d83c9856 SSL: refactor to allow session override or mode 2021-01-21 16:03:02 -08:00
Elms 7112a6dd78 SSL: add test and fix `SSL_get_verify_mode` 2021-01-21 14:20:27 -08:00
David Garske 17f101ef13 Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`. 2021-01-20 16:57:30 -08:00
David Garske 219cbd47eb Added support for AES GCM session ticket encryption. If ChaCha/Poly is disabled it will use AES GCM. Thanks Sean for the code in ZD 11511. 2021-01-19 07:53:36 -08:00
toddouska 279c3f4c1b
Merge pull request #3614 from SparkiDev/aes_test_fix 
AES test: Remove unneeded loop
 2021-01-18 15:22:06 -08:00
toddouska 1e9394d5a8
Merge pull request #3627 from elms/EVP/ofb_rc4_size 
EVP: return proper cipher type and block size
 2021-01-18 15:13:55 -08:00
Takashi Kojo d72f0a50f4 binary mode fopen to avoid auto expand to CR/LF on Widonws 2021-01-15 06:05:55 +09:00
Elms 8fec1de07c EVP: address CTR block size 2021-01-11 12:03:01 -08:00
Elms 3b07f5d8e3 EVP: expand tests for `EVP_CIPHER_block_size` 2021-01-11 12:03:01 -08:00
Elms a6535528f3 EVP: add tests for openssl block size (including RC4) 2021-01-11 12:03:01 -08:00
Juliusz Sosinowicz a745947498 Code review changes 2021-01-08 15:27:30 +01:00
Sean Parkinson fa86c1aa91 Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only options 
configuration: --enable-all --disable-tls13
Post-handshake authentication and HRR cookie are enable with
'--enable-all' but disabling TLS 1.3 caused configure to fail.
Don't enable these TLS 1.3 only options when TLS 1.3 is disabled.

Also fix up tests that don't work without TLS 1.3 enabled.
 2021-01-06 14:19:57 +10:00
Sean Parkinson 68c2e36ad5 AES test: Remove unneeded loop 2021-01-04 12:43:34 +10:00
toddouska 7e5f838f48
Merge pull request #3577 from dgarske/releasefixes_async 
Release fixes for asynchronous crypto
 2020-12-18 14:10:01 -08:00
toddouska cdc0753bfb
Merge pull request #3571 from JacobBarthelmeh/Testing 
Some initial testing and clean up
 2020-12-18 14:05:26 -08:00
David Garske e49409b13a Fix api.c tests using "free()" instead of "XFREE" causing issues with custom allocators. 2020-12-17 16:08:46 -08:00
Chris Conlon 420a040774 fix WOLFSSL_ASYNC_CRYPT usage in test.c, test_wolfSSL_OBJ_ln() in api.c 2020-12-17 11:08:36 -07:00
Juliusz Sosinowicz c03744db61 Refactor wc_CheckPrivateKey 
- Change wc_CheckPrivateKey to wc_CheckPrivateKeyCert and wc_CheckPrivateKey
- wolfSSL_X509_check_private_key no longer needs to decode cert to check key
- Fix scope in api.c
 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz dc266bc524 Call X509_REQ_get_extensions and X509_get_ext_by_NID on a CSR object 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 383df620bf Add CSR test with Extension Request attribute 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 77c730361e Jenkins fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 25f5427bdd Rebase and test fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz b528a1a344 Plug memory leaks 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 7df8f2e2bb Internal unit tests 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 2197748a51 Implement wolfSSL_X509_check_private_key 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 6a635b339c Fixes 
- Fix challengePw copy in ReqCertFromX509
- Proper header length in wolfSSL_PEM_X509_X509_CRL_X509_PKEY_read_bio
- Special case for extended key usage in wolfSSL_OBJ_cmp
- Numerical input in wolfSSL_OBJ_txt2obj can just be encoded with EncodePolicyOID. Searching for the sum can return wrong values since they are not unique.
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 86d2177876 wolfSSL_X509_resign_cert updates x509 der buffer as well 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 2689d499b9 Tests starting to pass 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 42d4f35a98 Implement OpenSSL Compat API: 
- Implement lhash as a stack with hash members
- wolfSSL_lh_retrieve
- wolfSSL_LH_strhash
- IMPLEMENT_LHASH_COMP_FN
- IMPLEMENT_LHASH_HASH_FN
- wolfSSL_sk_CONF_VALUE_new
- wolfSSL_sk_CONF_VALUE_free
- wolfSSL_sk_CONF_VALUE_num
- wolfSSL_sk_CONF_VALUE_value
- wolfSSL_NCONF_new
- wolfSSL_NCONF_get_string
- wolfSSL_NCONF_get_section
- wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve
- wolfSSL_CONF_modules_load
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz be98404b3b Implement wolfSSL_X509_REQ_verify 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 4aa30d0bde Add CSR parsing capabilities to ParseCertRelative and wc_GetPubX509 
- wolfSSL_BIO_get_mem_data now returns the last memory BIO in the chain
- Change wolfSSL_BIO_pending calls to wolfSSL_BIO_get_len calls to get accurate length depending on BIO
- Refactor X509 and X509_REQ functions to reuse similar code
- X509 and X509_REQ i2d functions now generate their DER outputs instead of returning the input DER
- Signature generated by wolfSSL_X509_resign_cert is now saved in the x509->sig buffer and added when calling *i2d
- Add test_wolfSSL_d2i_X509_REQ
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 1e26238f49 Implement/stub the following functions: 
- X509_REQ_sign_ctx
- X509_REQ_get_subject_name
- X509_REQ_set_version
- X509_NAME_print_ex_fp
- X509_STORE_CTX_get0_parent_ctx
- wolfSSL_PKCS7_encode_certs

Add cms.h file to avoid including the OpenSSL version.
 2020-12-17 14:26:30 +01:00
Juliusz Sosinowicz 7bd0b2eb44 Implement ASN1_get_object 2020-12-17 14:26:30 +01:00
Jacob Barthelmeh a948066f86 some infer fixes 2020-12-17 01:49:48 +07:00
Sean Parkinson 75c062a298 cppcheck: fixes 2020-12-16 17:28:20 +10:00
JacobBarthelmeh e0b0c329b3 build fix for --enable-afalg 2020-12-15 10:50:57 -07:00
toddouska 38a11368e0
Merge pull request #3557 from JacobBarthelmeh/Cert-Report2 
Strict alt names check with DIR name constraint
 2020-12-15 08:51:55 -08:00
Sean Parkinson 8b2bd1277a
Merge pull request #3551 from douzzer/fix-unit-test-EVP-arc4-32-bit 
32 bit targets vs test_wolfSSL_EVP_X_STATE_LEN()
 2020-12-11 16:46:10 +10:00
Jacob Barthelmeh 04e22b0747 add restriction to excluded DIR name constraint 2020-12-11 10:00:11 +07:00
Jacob Barthelmeh f00263889b add test case 2020-12-11 08:20:48 +07:00
Chris Conlon 21625ab0c2
Merge pull request #3533 from JacobBarthelmeh/PKCS7 
fix for PKCS7 decompress
 2020-12-09 14:00:42 -07:00
Daniel Pouzzner 181f439028 api.c: in test_wolfSSL_EVP_X_STATE_LEN(), fix assert on size of EVP state to work on 32 bit targets. 2020-12-09 14:04:16 -06:00
toddouska f31b41fcca
Merge pull request #3495 from haydenroche5/httpd 
Add OpenSSL compatibility functions for latest version of Apache httpd
 2020-12-09 09:55:13 -08:00
toddouska 367f28b917
Merge pull request #3443 from SparkiDev/tls13_psk_no_dhe 
TLS 1.3: PSK only
 2020-12-09 09:45:34 -08:00
Jacob Barthelmeh 081cea7405 set optional limit on max decompression buffer size 2020-12-08 20:16:27 +07:00
Hayden Roche 03c7e52f5f Add OpenSSL compatibility functions for Apache httpd's OCSP module. 2020-12-03 11:22:43 -06:00
Jacob Barthelmeh fbf56bcf96 fix for PKCS7 decompress 2020-12-03 18:57:25 +07:00
toddouska 86bbaad7fa
Merge pull request #3505 from kojo1/EVP-gcm 
set tag for zero inl case 2
 2020-11-25 15:43:27 -08:00
toddouska e882159a02
Merge pull request #3516 from cconlon/zd11287 
wc_ecc_rs_to_sig(): move r and s zero check before StoreECC_DSA_Sig()
 2020-11-25 15:36:30 -08:00
JacobBarthelmeh 1668b7060c
Merge pull request #3500 from cconlon/zd11011v2 
PKCS#7: verify extracted public key in wc_PKCS7_InitWithCert
 2020-11-26 02:26:08 +07:00
Chris Conlon 64429693ff add MP_ZERO_E unit tests for wc_ecc_rs_to_sig() 2020-11-19 14:41:02 -07:00
Chris Conlon 1d599272e7 add unit test for wc_PKCS7_InitWithCert() with malformed cert 2020-11-19 14:19:55 -07:00
David Garske d4c59e369e
Merge pull request #3335 from julek-wolfssl/RSA-PSS-padding-in-EVP_Digest-API 
Enable RSA-PSS padding in EVP_Digest* API
 2020-11-19 09:31:12 -08:00
Sean Parkinson 91d23d3f5a Implement all relevant mp functions in sp_int 2020-11-19 11:58:14 +10:00
toddouska dedde4c058
Merge pull request #3456 from JacobBarthelmeh/Certs 
strict certificate version allowed from client
 2020-11-18 15:55:50 -08:00
Sean Parkinson d8b58286d1 TLS 1.3: PSK only 
Support building with only TLS 1.3 and PSK without code for (EC)DHE and
certificates.
Minimise build size for this configuration.
 2020-11-19 09:21:24 +10:00
Chris Conlon fa08930921
Merge pull request #3498 from ethanlooney/30th_branch 
Added unit tests for blake2b
 2020-11-18 13:34:21 -07:00
Ethan Looney 3692c760b9 Changed key to size BLAKE2B_KEYBYTES 2020-11-17 14:03:08 -07:00
Juliusz Sosinowicz b4754d5706 CAVP, Windows, and FIPS tests 2020-11-17 15:06:35 +01:00
Juliusz Sosinowicz 248dd12993 Enable RSA-PSS padding in EVP_Digest* API 2020-11-17 15:04:57 +01:00
Ethan Looney 549c446aaa Removed leftovers from merge conflict 2020-11-16 13:17:49 -07:00
David Garske 4a790cd024 Fixes for building with `--disable-ecc` and `--disable-dh`. 2020-11-16 12:17:27 -08:00
Ethan Looney 48f2d917b9 Added unit tests for blake2b 2020-11-16 13:06:51 -07:00
Chris Conlon 4e37036cba
Merge pull request #3499 from ethanlooney/31st_branch 
Added blake2s unit tests
 2020-11-16 09:37:31 -07:00
Takashi Kojo 10380c6850 (ctx->gcmBuffer != NULL && ctx->gcmBufferLen == 0) 2020-11-16 15:48:39 +09:00
Ethan Looney 0541a59edd Added blake2s unit tests 2020-11-13 14:43:50 -07:00