WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
14,742 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1547 Commits (dc7ae37f7a39cde7b38467148ce5a3788adc2e11)

Author SHA1 Message Date
Chris Conlon 71b495c422
Merge pull request #3712 from miyazakh/RND_bytes 
handle size greater than RNG_MAX_BLOCK_LEN
 2021-02-09 08:26:30 -07:00
Kareem Abuobeid a4e819c60a Added support for reading S/MIME messages via SMIME_read_PKCS7. 2021-02-08 17:14:37 -07:00
toddouska f14f1f37d2
Merge pull request #3673 from elms/ssl_api/get_verify_mode 
SSL: add support for `SSL_get_verify_mode`
 2021-02-08 15:40:19 -08:00
Eric Blankenhorn de47b9d88a Adding X509_VERIFY_PARAM API 2021-02-08 08:25:14 -06:00
Hideki Miyazaki 431e1c8ffe
handle size greater than RNG_MAX_BLOCK_LEN 2021-02-03 12:23:36 +09:00
Juliusz Sosinowicz 542e0d79ec Jenkins Fixes 
- explicit conversions
- not all curves available for wolfSSL_CTX_set1_groups_list
- group funcs depend on HAVE_ECC
- `InitSuites` after `ssl->suites` has been set
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 69dca4fd08 Rebase fixes 
- wolfSSL_CTX_set1_groups_list and wolfSSL_set1_groups_list should use wolfSSL_CTX_set1_groups and wolfSSL_set1_groups respectively because it converts to correct groups representation
- Change to using "SHA1" as main name for SHA1
 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz c18701ebe7 Implement RFC 5705: Keying Material Exporters for TLS 2021-02-02 12:06:11 +01:00
Juliusz Sosinowicz 3494218d98 Implement missing functionality for OpenVPN 2.5 2021-02-02 12:06:11 +01:00
toddouska 6e0e507dad
Merge pull request #3660 from dgarske/sess_ticket_aes_gcm 
Added support for AES GCM session ticket encryption
 2021-01-25 15:00:03 -08:00
toddouska f91dcb950c
Merge pull request #3670 from dgarske/keil 
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
 2021-01-25 14:57:05 -08:00
toddouska cf9e4f0caf
Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2 
Fixes for openssh
 2021-01-25 14:45:56 -08:00
David Garske 05e1ee1694 Cleanup to use fixed sizes from defines for `DECLARE_VAR`. Resolves issue with Visual Studio and using a variable (even const) to declare an array size. 2021-01-25 09:14:12 -08:00
Tesfa Mael d29518ecac Remove duplicate macro 2021-01-22 13:02:30 -08:00
Elms 21ac86adb3 SSL: refactor SSL verify mode to be more compatible 
This follows the bit flag pattern closer. Still doesn't support
`SSL_VERIFY_CLIENT_ONCE` and maybe other flags.
 2021-01-22 12:17:07 -08:00
David Garske 13468d34e3 Apply same VS fixes to api.c as well. 2021-01-22 10:50:18 -08:00
David Garske 9012317f5b Fix copy/paste typo. 2021-01-21 17:41:11 -08:00
David Garske 1ee40ad7bd Fix to always init the variable (not just when from heap). Cleanup of the `DECLARE_` uses to make sure all allocations succeeded. 2021-01-21 17:12:29 -08:00
David Garske 830b3cb676
Merge pull request #3653 from kojo1/fopen_binMode 
binary mode, fopen
 2021-01-21 16:20:07 -08:00
Elms 95d83c9856 SSL: refactor to allow session override or mode 2021-01-21 16:03:02 -08:00
Elms 7112a6dd78 SSL: add test and fix `SSL_get_verify_mode` 2021-01-21 14:20:27 -08:00
David Garske 17f101ef13 Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`. 2021-01-20 16:57:30 -08:00
David Garske 219cbd47eb Added support for AES GCM session ticket encryption. If ChaCha/Poly is disabled it will use AES GCM. Thanks Sean for the code in ZD 11511. 2021-01-19 07:53:36 -08:00
toddouska 279c3f4c1b
Merge pull request #3614 from SparkiDev/aes_test_fix 
AES test: Remove unneeded loop
 2021-01-18 15:22:06 -08:00
toddouska 1e9394d5a8
Merge pull request #3627 from elms/EVP/ofb_rc4_size 
EVP: return proper cipher type and block size
 2021-01-18 15:13:55 -08:00
Takashi Kojo d72f0a50f4 binary mode fopen to avoid auto expand to CR/LF on Widonws 2021-01-15 06:05:55 +09:00
Elms 8fec1de07c EVP: address CTR block size 2021-01-11 12:03:01 -08:00
Elms 3b07f5d8e3 EVP: expand tests for `EVP_CIPHER_block_size` 2021-01-11 12:03:01 -08:00
Elms a6535528f3 EVP: add tests for openssl block size (including RC4) 2021-01-11 12:03:01 -08:00
Juliusz Sosinowicz a745947498 Code review changes 2021-01-08 15:27:30 +01:00
Sean Parkinson fa86c1aa91 Configuration: enable all, disable TLS 1.3 - turn off TLS 1.3 only options 
configuration: --enable-all --disable-tls13
Post-handshake authentication and HRR cookie are enable with
'--enable-all' but disabling TLS 1.3 caused configure to fail.
Don't enable these TLS 1.3 only options when TLS 1.3 is disabled.

Also fix up tests that don't work without TLS 1.3 enabled.
 2021-01-06 14:19:57 +10:00
Sean Parkinson 68c2e36ad5 AES test: Remove unneeded loop 2021-01-04 12:43:34 +10:00
toddouska 7e5f838f48
Merge pull request #3577 from dgarske/releasefixes_async 
Release fixes for asynchronous crypto
 2020-12-18 14:10:01 -08:00
toddouska cdc0753bfb
Merge pull request #3571 from JacobBarthelmeh/Testing 
Some initial testing and clean up
 2020-12-18 14:05:26 -08:00
David Garske e49409b13a Fix api.c tests using "free()" instead of "XFREE" causing issues with custom allocators. 2020-12-17 16:08:46 -08:00
Chris Conlon 420a040774 fix WOLFSSL_ASYNC_CRYPT usage in test.c, test_wolfSSL_OBJ_ln() in api.c 2020-12-17 11:08:36 -07:00
Juliusz Sosinowicz c03744db61 Refactor wc_CheckPrivateKey 
- Change wc_CheckPrivateKey to wc_CheckPrivateKeyCert and wc_CheckPrivateKey
- wolfSSL_X509_check_private_key no longer needs to decode cert to check key
- Fix scope in api.c
 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz dc266bc524 Call X509_REQ_get_extensions and X509_get_ext_by_NID on a CSR object 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 383df620bf Add CSR test with Extension Request attribute 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 77c730361e Jenkins fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz 25f5427bdd Rebase and test fixes 2020-12-17 14:27:46 +01:00
Juliusz Sosinowicz b528a1a344 Plug memory leaks 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 7df8f2e2bb Internal unit tests 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 2197748a51 Implement wolfSSL_X509_check_private_key 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 6a635b339c Fixes 
- Fix challengePw copy in ReqCertFromX509
- Proper header length in wolfSSL_PEM_X509_X509_CRL_X509_PKEY_read_bio
- Special case for extended key usage in wolfSSL_OBJ_cmp
- Numerical input in wolfSSL_OBJ_txt2obj can just be encoded with EncodePolicyOID. Searching for the sum can return wrong values since they are not unique.
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 86d2177876 wolfSSL_X509_resign_cert updates x509 der buffer as well 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 2689d499b9 Tests starting to pass 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 42d4f35a98 Implement OpenSSL Compat API: 
- Implement lhash as a stack with hash members
- wolfSSL_lh_retrieve
- wolfSSL_LH_strhash
- IMPLEMENT_LHASH_COMP_FN
- IMPLEMENT_LHASH_HASH_FN
- wolfSSL_sk_CONF_VALUE_new
- wolfSSL_sk_CONF_VALUE_free
- wolfSSL_sk_CONF_VALUE_num
- wolfSSL_sk_CONF_VALUE_value
- wolfSSL_NCONF_new
- wolfSSL_NCONF_get_string
- wolfSSL_NCONF_get_section
- wolfSSL_lh_WOLFSSL_CONF_VALUE_retrieve
- wolfSSL_CONF_modules_load
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz be98404b3b Implement wolfSSL_X509_REQ_verify 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 4aa30d0bde Add CSR parsing capabilities to ParseCertRelative and wc_GetPubX509 
- wolfSSL_BIO_get_mem_data now returns the last memory BIO in the chain
- Change wolfSSL_BIO_pending calls to wolfSSL_BIO_get_len calls to get accurate length depending on BIO
- Refactor X509 and X509_REQ functions to reuse similar code
- X509 and X509_REQ i2d functions now generate their DER outputs instead of returning the input DER
- Signature generated by wolfSSL_X509_resign_cert is now saved in the x509->sig buffer and added when calling *i2d
- Add test_wolfSSL_d2i_X509_REQ
 2020-12-17 14:26:49 +01:00
Juliusz Sosinowicz 1e26238f49 Implement/stub the following functions: 
- X509_REQ_sign_ctx
- X509_REQ_get_subject_name
- X509_REQ_set_version
- X509_NAME_print_ex_fp
- X509_STORE_CTX_get0_parent_ctx
- wolfSSL_PKCS7_encode_certs

Add cms.h file to avoid including the OpenSSL version.
 2020-12-17 14:26:30 +01:00
Juliusz Sosinowicz 7bd0b2eb44 Implement ASN1_get_object 2020-12-17 14:26:30 +01:00
Jacob Barthelmeh a948066f86 some infer fixes 2020-12-17 01:49:48 +07:00
Sean Parkinson 75c062a298 cppcheck: fixes 2020-12-16 17:28:20 +10:00
JacobBarthelmeh e0b0c329b3 build fix for --enable-afalg 2020-12-15 10:50:57 -07:00
toddouska 38a11368e0
Merge pull request #3557 from JacobBarthelmeh/Cert-Report2 
Strict alt names check with DIR name constraint
 2020-12-15 08:51:55 -08:00
Sean Parkinson 8b2bd1277a
Merge pull request #3551 from douzzer/fix-unit-test-EVP-arc4-32-bit 
32 bit targets vs test_wolfSSL_EVP_X_STATE_LEN()
 2020-12-11 16:46:10 +10:00
Jacob Barthelmeh 04e22b0747 add restriction to excluded DIR name constraint 2020-12-11 10:00:11 +07:00
Jacob Barthelmeh f00263889b add test case 2020-12-11 08:20:48 +07:00
Chris Conlon 21625ab0c2
Merge pull request #3533 from JacobBarthelmeh/PKCS7 
fix for PKCS7 decompress
 2020-12-09 14:00:42 -07:00
Daniel Pouzzner 181f439028 api.c: in test_wolfSSL_EVP_X_STATE_LEN(), fix assert on size of EVP state to work on 32 bit targets. 2020-12-09 14:04:16 -06:00
toddouska f31b41fcca
Merge pull request #3495 from haydenroche5/httpd 
Add OpenSSL compatibility functions for latest version of Apache httpd
 2020-12-09 09:55:13 -08:00
toddouska 367f28b917
Merge pull request #3443 from SparkiDev/tls13_psk_no_dhe 
TLS 1.3: PSK only
 2020-12-09 09:45:34 -08:00
Jacob Barthelmeh 081cea7405 set optional limit on max decompression buffer size 2020-12-08 20:16:27 +07:00
Hayden Roche 03c7e52f5f Add OpenSSL compatibility functions for Apache httpd's OCSP module. 2020-12-03 11:22:43 -06:00
Jacob Barthelmeh fbf56bcf96 fix for PKCS7 decompress 2020-12-03 18:57:25 +07:00
toddouska 86bbaad7fa
Merge pull request #3505 from kojo1/EVP-gcm 
set tag for zero inl case 2
 2020-11-25 15:43:27 -08:00
toddouska e882159a02
Merge pull request #3516 from cconlon/zd11287 
wc_ecc_rs_to_sig(): move r and s zero check before StoreECC_DSA_Sig()
 2020-11-25 15:36:30 -08:00
JacobBarthelmeh 1668b7060c
Merge pull request #3500 from cconlon/zd11011v2 
PKCS#7: verify extracted public key in wc_PKCS7_InitWithCert
 2020-11-26 02:26:08 +07:00
Chris Conlon 64429693ff add MP_ZERO_E unit tests for wc_ecc_rs_to_sig() 2020-11-19 14:41:02 -07:00
Chris Conlon 1d599272e7 add unit test for wc_PKCS7_InitWithCert() with malformed cert 2020-11-19 14:19:55 -07:00
David Garske d4c59e369e
Merge pull request #3335 from julek-wolfssl/RSA-PSS-padding-in-EVP_Digest-API 
Enable RSA-PSS padding in EVP_Digest* API
 2020-11-19 09:31:12 -08:00
Sean Parkinson 91d23d3f5a Implement all relevant mp functions in sp_int 2020-11-19 11:58:14 +10:00
toddouska dedde4c058
Merge pull request #3456 from JacobBarthelmeh/Certs 
strict certificate version allowed from client
 2020-11-18 15:55:50 -08:00
Sean Parkinson d8b58286d1 TLS 1.3: PSK only 
Support building with only TLS 1.3 and PSK without code for (EC)DHE and
certificates.
Minimise build size for this configuration.
 2020-11-19 09:21:24 +10:00
Chris Conlon fa08930921
Merge pull request #3498 from ethanlooney/30th_branch 
Added unit tests for blake2b
 2020-11-18 13:34:21 -07:00
Ethan Looney 3692c760b9 Changed key to size BLAKE2B_KEYBYTES 2020-11-17 14:03:08 -07:00
Juliusz Sosinowicz b4754d5706 CAVP, Windows, and FIPS tests 2020-11-17 15:06:35 +01:00
Juliusz Sosinowicz 248dd12993 Enable RSA-PSS padding in EVP_Digest* API 2020-11-17 15:04:57 +01:00
Ethan Looney 549c446aaa Removed leftovers from merge conflict 2020-11-16 13:17:49 -07:00
David Garske 4a790cd024 Fixes for building with `--disable-ecc` and `--disable-dh`. 2020-11-16 12:17:27 -08:00
Ethan Looney 48f2d917b9 Added unit tests for blake2b 2020-11-16 13:06:51 -07:00
Chris Conlon 4e37036cba
Merge pull request #3499 from ethanlooney/31st_branch 
Added blake2s unit tests
 2020-11-16 09:37:31 -07:00
Takashi Kojo 10380c6850 (ctx->gcmBuffer != NULL && ctx->gcmBufferLen == 0) 2020-11-16 15:48:39 +09:00
Ethan Looney 0541a59edd Added blake2s unit tests 2020-11-13 14:43:50 -07:00
JacobBarthelmeh a8333b09a0 memory cleanup with test case 2020-11-12 20:24:47 -08:00
Chris Conlon 53c6698678
Merge pull request #3445 from kojo1/EVP-gcm 
set tag for zero inl case
 2020-11-12 15:49:45 -07:00
toddouska d3e3b21c83
Merge pull request #3393 from dgarske/zd11104 
Fix for TLS ECDH (static DH) with non-standard curves
 2020-11-11 14:22:37 -08:00
Jacob Barthelmeh 4705ebde88 add guard on test case for cert gen 2020-11-11 21:53:52 +07:00
Jacob Barthelmeh 979216d595 add test case for rejecting version 2 x509 2020-11-11 18:57:09 +07:00
Takashi Kojo d7ea8b953b fold long lines 2020-11-11 08:43:16 +09:00
Takashi Kojo eab3bf9ab4 Add a test case for zero len plain text 2020-11-11 08:43:16 +09:00
Chris Conlon 7b50cddf8c
Merge pull request #3387 from ethanlooney/27th_branch 
Added unit test for evp.c
 2020-11-10 13:27:33 -07:00
David Garske 1d531fe13b Peer review fixes. 2020-11-10 09:47:37 -08:00
David Garske 5de80d8e41 Further refactor the minimum ECC key size. Adds `--with-eccminsz=BITS` option. Fix for FIPSv2 which includes 192-bit support. If `WOLFSSL_MIN_ECC_BITS` is defined that will be used. 2020-11-10 09:47:37 -08:00
David Garske b13848e568 Fix tests to handle ECC < 224 not enabled. 2020-11-10 09:47:37 -08:00
David Garske bfb6138fc5
Merge pull request #3480 from douzzer/fix-sniffer-printf-null-Wformat-overflow 
TraceSetNamedServer() null arg default vals; FIPS wc_MakeRsaKey() PRIME_GEN_E retries; external.test config dependencies
 2020-11-10 09:37:36 -08:00
Daniel Pouzzner 4b1a779fcc tests: fix for fips-test -Wunused-variable on "rng" 2020-11-09 11:54:49 -06:00
David Garske 7e3efa3792
Merge pull request #3474 from douzzer/lighttpd-update-1.4.56 
lighttpd support update for v1.4.56
 2020-11-09 09:24:58 -08:00
Ethan Looney a6e0d3eb29 Changed hardcoded values to variables, changed where some variables were defined, etc 2020-11-06 14:04:27 -07:00
Chris Conlon ac4c8a0112
Merge pull request #3419 from ethanlooney/29th_branch 
Added case for Logging.c unit test
 2020-11-06 13:10:24 -07:00
Daniel Pouzzner dcff103c84 tests/api.c: fixes for compilability re NO_BIO 2020-11-05 22:19:16 -06:00
Glenn Strauss 92c3296e13 preprocessor -DNO_BIO to omit OpenSSL BIO API 2020-11-05 20:40:43 -06:00
Ethan Looney 232ac03bbe Changed it to only the inverse 2020-11-05 14:38:23 -07:00
Ethan Looney 0aee4b78cd Changed md5 to sha256 in DigestFinal_ex function 2020-11-05 14:36:42 -07:00
Ethan Looney 06f1a1870d Added inverse case 2020-11-05 13:05:15 -07:00
toddouska b76ac0b842
Merge pull request #3442 from SparkiDev/config_fix_2 
Configuration fixes
 2020-11-03 14:48:49 -08:00
Ethan Looney 813a94ab9a Added bad and good case to EVP_DigestFinal_ex test 2020-11-03 14:57:30 -07:00
Ethan Looney 48073fb678 Removed unnecessary test 2020-11-02 14:22:01 -07:00
Ethan Looney cf05a060f7 Removed cases that caused fips test to fail 2020-11-02 14:16:02 -07:00
Ethan Looney 05d01dcccd Added if defined checks for rc4 and fips 2020-11-02 14:11:07 -07:00
Ethan Looney 251f3e15d4 Added fips check for specific size 2020-11-02 14:11:07 -07:00
Ethan Looney 7412374496 Changed from hardcoded values, changed types and deleted comments 2020-11-02 14:11:07 -07:00
Ethan Looney 8122c031bf Added ifdef's, changed key sizes to relevant sizes 2020-11-02 14:11:07 -07:00
Ethan Looney b46f87ffe6 Added unit test for evp.c 2020-11-02 14:11:07 -07:00
Ethan Looney 8728eaf93f Removed duplicate return check and added return check 2020-10-30 13:19:12 -06:00
Juliusz Sosinowicz aff14091e0 AAD should be reset on Init call 2020-10-29 12:13:35 +01:00
Sean Parkinson 320afab227 Configuration fixes 
--enable-sp --enable-sp-asm --disable-fastmath:
    cpuid.h - check for WOLFSSL_SP_ASM as well

-enable-curve448 --enable-ed448 --disable-rsa --disable-dh
--enable-tls13 --disable-ecc --enable-certgen --enable-keygen:
    api.c - certificate loaded that was RSA but RSA disabled

--enable-sp --enable-sp-asm --enable-sp-math:
    cpuid.c - check for WOLFSSL_SP_ASM as well

--disable-shared --disable-ecc --disable-dh --enable-cryptonly
--enable-rsavfy --disable-asn --disable-rng --disable-filesystem:
    test.c - rsa_test()

'CC=clang -fsanitize=address' '-enable-distro' '--enable-stacksize':
testsuit.c - echoclient_test_wrapper needs to free ECC FP cache when
it is in a separate thread
 2020-10-29 16:21:06 +10:00
toddouska 931eea30f5
Merge pull request #3397 from cconlon/rc2 
RC2 ECB/CBC and PKCS#12 Integration
 2020-10-28 15:06:47 -07:00
John Safranek 9c1049f112
Compatibility Layer 
1. Changed the ASN1_OBJECT member of the X509_NAME_ENTRY to be a pointer
   rather than an object. It could lead to a double free on the name
   entry.
2. The ASN1_OBJECT allocator should set the dynamic flag, as the
   deallocator is the one that uses it.
3. General changes to treat the member as a pointer rather than a
   member.
4. In the api test, we were iterating over the name members in the name
   checking the NIDs. After the loop we freed the name member object.
   This led to a double free error.
 2020-10-25 14:38:07 -07:00
Ethan Looney a5f86729f9 Deleted comment 2020-10-23 13:52:06 -06:00
Ethan Looney 2bd761bb4c Added a case for logging.c unit test with debug not enabled 2020-10-22 14:51:07 -06:00
toddouska 1e43d65d2a
Merge pull request #3392 from SparkiDev/ocsp_must_staple 
TLS OCSP Stapling: MUST staple option
 2020-10-20 15:07:08 -07:00
Chris Conlon d4bbe529fb switch RC2 struct name to Rc2 for consistent camel case across algorithms 2020-10-16 15:19:47 -06:00
Chris Conlon 062df01737 add PKCS12 RC2 test case, example p12 bundle 2020-10-16 12:02:20 -06:00
Chris Conlon 0854efe168 add API unit tests for RC2 2020-10-16 12:02:20 -06:00
Sean Parkinson 60b0b0170b TLS OCSP Stapling: MUST staple option 
Can enable OCSP Must Staple option to mean that if the client sends a
request for an OCSP Staple then it must receive a response.
 2020-10-16 09:03:27 +10:00
Daniel Pouzzner eb7a79aa5e misc fixes for coverage and buildability: add MD2 to --enable-all*; fix spelling of "Sno" to "no" for $ENABLED_BLAKE2S default; when ENABLED_QSH add -DWOLFSSL_STATIC_DH -DWOLFSSL_STATIC_PSK (relates to ZD11073); add missing gating for !defined(WOLFSSL_DEVCRYPTO) in api.c:test_wc_Sha256FinalRaw(); fix tests/api.c:IsValidCipherSuite() to build under gcc10 (relates to ZD11073). 2020-10-15 15:05:29 -05:00
John Safranek aeeeb666a7
Maintenance Fixes 
1. The test_wolfSSL_X509V3_EXT_print() test was using stderr for output,
   changed to stdout.
2. A call to XFREAD wasn't typecasting its output to the size of the
   variable getting the output in decodedCertCache_test().
 2020-10-09 15:01:32 -07:00
Daniel Pouzzner 1c492dc0b6 cosmetic cleanups. 2020-10-06 22:14:08 -05:00
Daniel Pouzzner a3185310ca tests/api.c: clean up and parameterize key/buffers sizes in test_wc_CheckProbablePrime(). 2020-10-01 14:38:26 -05:00
Daniel Pouzzner 3ef242e889 tests/api.c: change RSA keysize from 1024 to 2048 for sp-math compatibility, in test_wc_CheckProbablePrime(), test_wc_CheckProbablePrime(), test_wc_RsaPSS_Verify(), test_wc_RsaPSS_VerifyCheck(), test_wc_RsaPSS_VerifyCheck(), test_wc_RsaPSS_VerifyCheckInline(), and test_wolfSSL_DC_cert(). 2020-10-01 14:38:26 -05:00
Kareem Abuobeid d59784e646 Fix issues found by -fsanitize=thread. 2020-09-30 14:24:20 -07:00
toddouska fc988ad3e7
Merge pull request #3325 from julek-wolfssl/openssl-compat-aes-gcm-2-part-aad 
Buffer AAD in wolfSSL_EVP_CipherUpdate_GCM  so that whole value is hashed
 2020-09-29 13:46:44 -07:00
Juliusz Sosinowicz 78e003e7de Plug leak 2020-09-29 12:24:59 +02:00
Chris Conlon d143015059
Merge pull request #3336 from ethanlooney/26th_branch 
Added unit test for Des3
 2020-09-28 10:14:31 -06:00
Juliusz Sosinowicz 942168c62d Add decrypt tests 2020-09-28 15:59:50 +02:00
Ethan Looney e49505fbb8 Added key free 2020-09-25 13:42:19 -06:00
toddouska 2d97acadc9
Merge pull request #3331 from dgarske/armasm 
Fixes for ARM ASM and API unit test bad build macros
 2020-09-25 12:41:30 -07:00
Juliusz Sosinowicz 7e38b6bee6 Test 2 part GCM data and EVP context re-use 2020-09-25 11:03:58 +02:00
Ethan Looney 4662690fdc Added unit test for Des3 2020-09-24 14:05:14 -06:00
toddouska 1668f6f626
Merge pull request #3244 from douzzer/20200820-linuxkm 
Linux Kernel Module support
 2020-09-24 12:57:22 -07:00
toddouska d75d3108b0
Merge pull request #3314 from SparkiDev/evp_hmac_sha3 
Test wolfSSL_HMAC with SHA-3
 2020-09-24 12:48:40 -07:00
Chris Conlon b3fc5eb254
Merge pull request #3326 from ethanlooney/25th_branch 
Added unit tests for PKCS7
 2020-09-24 13:33:57 -06:00
Chris Conlon 6780e5eb0b
Merge pull request #3290 from ethanlooney/22nd_branch 
Added unit tests for RSA.c
 2020-09-24 09:54:11 -06:00
Daniel Pouzzner fc592e8434 tests/api.c: in test_wc_PKCS7_BER(), provide for !NO_DES3 && !NO_RSA && WOLFSSL_SP_MATH case. 2020-09-23 18:32:16 -05:00
David Garske 8d2c8b0c89 And the CAVP self test. 2020-09-23 16:23:55 -07:00
David Garske f77157bfea Looks like FinalRaw was added post FIPS v2. 2020-09-23 16:06:21 -07:00
David Garske 5e1c0f886f Fix for FIPS and raw hash API's. 2020-09-23 15:59:35 -07:00
David Garske 3c28fe3640 Fixes for bad build options around new hash unit tests. Cleanup indent and newlines. 2020-09-23 15:45:31 -07:00
Ethan Looney 95995d2272 Removed forgotten comment 2020-09-23 13:42:33 -06:00
Ethan Looney 59294708a8 Changed test function call, uses internal AssertIntEQ instead of single call 2020-09-23 13:22:59 -06:00
toddouska cee99de6e1
Merge pull request #3324 from JacobBarthelmeh/Testing 
fix WOLFSSL_X509_NAME parse of empty field and add test case
 2020-09-23 09:15:24 -07:00
Ethan Looney 1d4e7d8278 Added unit tests for PKCS7 2020-09-22 14:50:08 -06:00
Juliusz Sosinowicz 77969ae042 Buffer AAD in wolfSSL_EVP_CipherUpdate_GCM so that whole value is hashed 2020-09-22 21:58:57 +02:00
Ethan Looney 53b82fccdb Fixed valgrind issues -2 2020-09-22 13:26:52 -06:00
Jacob Barthelmeh cb3338bd57 fix WOLFSSL_X509_NAME parse of empty feild and add test case 2020-09-21 18:44:13 -06:00
Sean Parkinson f4db9c8986 Test wolfSSL_HMAC with SHA-3 
Add more support for HMAC with SHA-3.
 2020-09-22 09:39:09 +10:00
Takashi Kojo 83cdd1c314 fix NO_DH guard 2020-09-22 07:30:21 +09:00
Daniel Pouzzner a1d231b4dc tests/api.c:test_wolfSSL_ERR_print_errors(): add missing gating on !defined(NO_ERROR_STRINGS). 2020-09-17 12:03:44 -05:00
Daniel Pouzzner cc1d016d1e configure.ac: define BUILD_TESTS as ENABLED_EXAMPLES, rather than ENABLED_EXAMPLES && !ENABLED_LEANTLS; add missing preprocessor gating in tests/api.c test_wolfSSL_EVP_Digest() and test_wolfSSL_i2d_PrivateKey(). 2020-09-17 12:03:44 -05:00
toddouska a3fca7f593
Merge pull request #3247 from JacobBarthelmeh/Compatibility-Layer 
Compatiblity Layer Fixes for serial number / ASN1 time / and order of name components
 2020-09-16 14:53:51 -07:00
Ethan Looney da4478bdf1 Fixed valgrind issues 2020-09-15 12:58:52 -06:00
Ethan Looney a466a57f1d Added fips check and cast variable to word32 2020-09-11 14:28:10 -06:00
Ethan Looney 7dce2e7f2c Added unit tests for RSA.c 2020-09-10 14:47:51 -06:00
toddouska 7fd51cf9d9
Merge pull request #3267 from SparkiDev/no_client_auth 
Get builds with WOLFSSL_NO_CLIENT_AUTH compiling and testing
 2020-09-03 15:55:38 -07:00
toddouska db805524de
Merge pull request #3248 from SparkiDev/aes_cbc_oob 
AES-CBC check for input size of 0
 2020-09-03 13:40:34 -07:00
Jacob Barthelmeh 682b1468b8 free test certificate when test is done 2020-09-02 16:05:05 -06:00
toddouska b3acd57de5
Merge pull request #3254 from dgarske/leaks 
Fixes valgrind leak reports (related to small stack cache)
 2020-09-02 10:44:49 -07:00
toddouska 9268de229a
Merge pull request #3266 from dgarske/unit_test 
Fix for DH compute key compatibility function failure
 2020-09-02 10:23:23 -07:00
JacobBarthelmeh 914905f1bc
Merge pull request #3193 from embhorn/zd10457_b 
Fix CheckHostName matching
 2020-09-02 10:36:02 -06:00
Jacob Barthelmeh fd2074da00 fix for order of components in issuer when using compatiblity layer api to generate cert 2020-09-01 09:27:45 -06:00
Sean Parkinson 89b9a77eca Get builds with WOLFSSL_NO_CLIENT_AUTH compiling and testing 
Fix build for no client or server and no client auth.
Fix tests to detect when no client auth compiled and test is trying to
do client auth.
 2020-09-01 15:27:46 +10:00
David Garske c587ff72d2 Fix for occasional unit.test failure in `test_wolfSSL_EVP_PKEY_derive`. 2020-08-31 14:04:51 -07:00
Ethan Looney 568184f53f Changed len from hardcoded value to sizeof oid 2020-08-31 13:42:23 -06:00
Ethan Looney c8d93d4d5e Added ecc.c unit tests to api.c 2020-08-31 13:42:23 -06:00
Eric Blankenhorn ea5c290d60 Fix CheckHostName matching 2020-08-26 14:03:17 -05:00
David Garske 1b2b3de2c9 Fixes for missing free calls on hash tests. 2020-08-26 09:48:46 -07:00
David Garske 6d5731b8e9 Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with `WOLFSSL_SMALL_STACK_CACHE`. Added return code checking and cleanup for `openssl_test`. 2020-08-26 09:45:26 -07:00
Jacob Barthelmeh bc58dde700 fix for serial number containing 0's and for RNG fail case 2020-08-26 00:03:39 -06:00
Sean Parkinson 3a25faea60 AES-CBC check for input size of 0 
Don't need to do anything when size is 0.
 2020-08-25 13:36:45 +10:00
Jacob Barthelmeh c7136498ec add test case 2020-08-24 17:19:03 -06:00
David Garske 3fbaccc8a1 Fix for API unit test `test_wolfSSL_X509_sign`, which can have a varying length depending on if MSB is set. About 1 in 200 tests would fail. 2020-08-20 15:33:28 -07:00
David Garske 1d55b2f526 Fixes for several memory leaks related to `HAVE_WOLF_BIGINT`. 2020-08-20 14:25:06 -07:00
toddouska 028bddd7ab
Merge pull request #3215 from ejohnstown/release-4.5.0 
Release Update
 2020-08-17 13:51:23 -07:00
John Safranek 3f6861ee82
FIPS Ready Fix with ECC Timing Resistance 
Commit 6467de5 added some timing resistance to ECC shared secret
agreement. It involved adding an RNG object to the ecc keys so
a random z value can be added to the mix. The older FIPS release
has ECC outside the boundary, so it uses the new ECC code. FIPSv2
has ECC inside the boundary, but all the TLS code checks for that
version of FIPS and leaves out the calls to the new functions as
it is using an older version of ecc.c. FIPS Ready uses the latest
version of ecc.c but compiles as FIPSv2. So, the code outside of
the crypto layer is treating ECC as FIPSv2 and not calling the new
functions, but the crypto layer assumes the RNG should be present,
and errs out on testing.
1. Added a separate option for FIPS Ready to the enable-fips
   configure option. `--enable-fips=ready`. It will treat FIPS
   Ready as the next kind of FIPS release. FIPS Ready will be
   treated like FIPS v3 in the build.
2. Changed the C preprocessor checks for FIPS version 2 to be
   checks for not version 2, with respect to ECC Timing Resistance
   and FIPS builds.
 2020-08-14 10:54:55 -07:00
Sean Parkinson bc74bfebdd Fixes from C++ and address access checking 
Fix access of table for cache resistance.
Don't name variable public or private.
Cast from void*
 2020-08-13 15:19:49 +10:00
toddouska fa146870bd
Merge pull request #3155 from julek-wolfssl/openssh-fixes-cherry-picked 
Additional OpenSSL compat stuff for OpenSSH
 2020-08-11 16:32:31 -07:00
toddouska 532c2f50e8
Merge pull request #3083 from julek-wolfssl/openssl-compat-X509V3_EXT_i2d 
Implement more OpenSSL compatibility functions
 2020-08-11 15:01:41 -07:00
Sean Parkinson 6467de5a88 Randomize z ordinates in scalar mult when timing resistant 
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
 2020-08-11 16:12:47 +10:00
Juliusz Sosinowicz 55d4817956 Jenkins fixes 2020-08-10 12:39:16 +02:00
Sean Parkinson 7bb2a69161 Fix memory leak in api.c 
When testing wc_ecc_import_raw(), the mp_int's in the ecc object are
initialized.
For small math, this throws away the allocated buffer.
Must free the object before importing.
 2020-08-10 12:42:46 +10:00
Sean Parkinson 920c97963c Fix Jenikins failure - ToTraditional not declared 
./configure --disable-asn --disable-ecc -disable-rsa --enable-psk
--enable-testcert
 2020-08-10 10:57:07 +10:00
David Garske c0a664a8e5
Merge pull request #3200 from douzzer/20200805 
Add an error-checking wc_curve25519_make_pub() routine to the API for use by Wireguard
 2020-08-07 16:32:52 -07:00
toddouska 1724347f7a
Merge pull request #3091 from julek-wolfssl/sess-serialization 
Expose session serialization outside of `OPENSSL_EXTRA`
 2020-08-07 15:41:27 -07:00
toddouska 17cc941b29
Merge pull request #3195 from SparkiDev/sp_ecc_cache 
SP ECC Cache Resitance
 2020-08-07 15:35:06 -07:00
JacobBarthelmeh dd6238fb77
Merge pull request #3174 from embhorn/zd10655 
Fix CheckAltNames to handle IP type
 2020-08-07 16:04:56 -06:00
Chris Conlon b03e1dd2a9
Merge pull request #3197 from ethanlooney/19th_branch 
Added asn.c unit tests
 2020-08-07 09:25:50 -06:00
Eric Blankenhorn 064bfa583d Fix CheckAltNames to handle IP type 2020-08-07 10:12:56 -05:00
Daniel Pouzzner f6acbd5f97 test_wc_curve25519_make_pub(): fix order of args to wc_curve25519_make_pub(). 2020-08-06 18:37:00 -05:00
toddouska 82d927d40f
Merge pull request #3199 from dgarske/openssl_sha 
Fix for building openssl compat without SHA-1
 2020-08-06 15:59:26 -07:00
Daniel Pouzzner 0f59e632e1 tests/api.c: add test_wc_curve25519_make_pub(); fix some old stray tabs; remove weird extra string-terminating null in test_wolfSSL_sk_CIPHER_description(). 2020-08-06 17:52:48 -05:00
toddouska 4e9d49556e
Merge pull request #3194 from SparkiDev/unit_fix_1 
Fix unit.test to not fail randomly
 2020-08-06 10:51:12 -07:00
Ethan Looney 77bb300409 Removed unnecessary pointers, matched Xfree arugments and checked the return values of generated keys 2020-08-06 09:21:41 -07:00
Ethan Looney afcb40724e Added proper ifdef's to EccPrivateKeyToDer 2020-08-06 08:06:06 -07:00
Juliusz Sosinowicz 139a192185 Implement wolfSSL_d2i_X509_NAME 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz ca3a608408 Implement functions 
- `wolfSSL_d2i_ECPrivateKey`
- `wolfSSL_EC_POINT_add`
- `wolfSSL_EC_POINT_invert`
 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz 2529ce21b0 Implement wolfSSL_EC_GROUP_dup 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz ea8dd31de0 Implement wolfSSL_i2d_PUBKEY and refactor wolfSSL_i2d_PrivateKey 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz 1f0d6d5f31 New functions implemented 
- `EC_POINT_is_on_curve`
- `i2d_EC_PUBKEY`
- `i2d_ECPrivateKey`
- `wc_ecc_point_is_on_curve`
 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz e131d6be5b group->curve_nid is now set to the real NID of the curve 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz c28b7b59c3 Fix jenkins leaks 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz ad2e710563 Fix missing free 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz a6651a21f8 Fix segfault 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz 229c5e9563 wolfSSL_X509V3_EXT_i2d cont. 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz fe1f815761 wolfSSL_X509V3_EXT_i2d: NID_ext_key_usage 2020-08-06 13:45:36 +02:00
Juliusz Sosinowicz 3621af9996 Implement new OpenSSL API 
- i2d_PKCS8PrivateKey_bio
- X509V3_EXT_i2d
- SSL_renegotiate_pending
 2020-08-06 13:45:36 +02:00
David Garske 4a167c0f2c
Merge pull request #3119 from tmael/do178-fix 
DO-178 fix
 2020-08-05 16:30:00 -07:00
Sean Parkinson 8afd629a30 Fix unit.test to not fail randomly 
Get the serial number from the certificate to calculate the encoding size.
Fix making of the certificate to copy serial number out if not already set.
 2020-08-06 08:52:21 +10:00
Ethan Looney 9671901de6 Added a free call to SetSubjectBuffer 2020-08-05 15:52:09 -07:00
Sean Parkinson 83caf39caa SP ECC Cache Resitance 
SP ECC improved cache attack resistant implementation.
On by defualt and turn off with WC_NO_CACHE_RESISTANT.
 2020-08-06 08:21:08 +10:00
David Garske c421445ba9 Added no SHA-1 hash support for OPENSSL compatibility. Fix for `./configure --enable-opensslextra --disable-sha`. This allows using SHA2-256 for the hashing including the derived `issuerHash` and `subjectHash`. Adds issuer hash openssl compatibility function `X509_issuer_name_hash`. 2020-08-05 14:43:24 -07:00
Ethan Looney 49e5d8efea Added additional ifdef's to Ed25519 functions and cast derSz to word32 2020-08-05 12:31:50 -07:00
Ethan Looney 633e950942 Added asn.c unit tests 2020-08-05 10:57:32 -07:00
Ethan Looney 42856287ee Added check for wolfmath.c for digits == 0 and test for api.c 2020-08-04 13:25:10 -07:00
Chris Conlon 5641e2ae50
Merge pull request #3173 from ethanlooney/18th_branch 
Added unit tests for wolfmath.c
 2020-08-04 09:10:21 -06:00
Ethan Looney 7f381275b1 Removed comment and changed len equal to variables instead of numbers 2020-08-03 13:31:11 -07:00
David Garske 776b1a2d17 Fix for ED25519 with user_settings.h. Fixes for build warnings. Fix spelling error. Added template for wolfBoot key/sign tools. 2020-07-31 15:17:53 -07:00
Ethan Looney b627610cde Added bad test cases for get_digit and corrected comment formatting 2020-07-31 09:44:10 -07:00
Ethan Looney c52930bb8a Added freerng to 'test_mp_rand' 2020-07-30 09:37:05 -07:00
Tesfa Mael d03971e233 Add comment to clarify errno in test 2020-07-30 09:18:45 -07:00
Tesfa Mael cebb283822 DO-178 changes 2020-07-30 09:18:45 -07:00
Ethan Looney 3381eb2094 Added tests for Sha512.c 2020-07-30 09:18:45 -07:00
Chris Conlon 1168bdd05b
Merge pull request #3165 from ethanlooney/17th_branch 
Added unit tests for wc_port.c
 2020-07-30 09:08:28 -06:00
Ethan Looney b4cd0886bb Changed test returns for 'get_digit' to remove implicit conversion errors 2020-07-29 14:23:03 -07:00
Ethan Looney 7c59c74e07 Added unit tests for wolfmath.c 2020-07-29 10:34:15 -07:00
Ethan Looney b524926837 Deleted unneeded xfopen and xfclose 2020-07-29 09:31:37 -07:00
toddouska e618257f21
Merge pull request #3167 from dgarske/test_fixups 
Fixes for `mutex_test` and API unit test `derSz`
 2020-07-28 16:45:58 -07:00
Chris Conlon 70aa11f0a9
Merge pull request #3153 from ethanlooney/15th_branch 
Added unit tests for Logging.c
 2020-07-28 16:35:31 -06:00
Ethan Looney 5af4872bab Changed lock type to 0 2020-07-28 09:16:43 -07:00
David Garske 8440973d99 Fix for `derSz` calculation on non-const value `keySz`. ZD 10654 2020-07-28 08:18:42 -07:00
Ethan Looney e7429c8504 Added unit tests for wc_port.c 2020-07-27 09:32:25 -07:00
Chris Conlon b0ed250f09
Merge pull request #3162 from ethanlooney/18th_branch 
Changed ifndef(NO_SHA224) to ifdef(WOLFSSL_SHA224)
 2020-07-27 09:21:28 -06:00
Ethan Looney b734b13120 Changed ifndef(NO_SHA224) to ifdef(WOLFSSL_SHA224) due to 'NO_SHA224' not existing 2020-07-24 14:24:50 -07:00
Ethan Looney 6088a7bd79 Added if defined debug check to only print to file if debug is enabled 2020-07-24 10:03:49 -07:00
Ethan Looney 563806c497 Changed the log dump txt file's directory to include /tests and added it to make clean 2020-07-23 10:12:40 -07:00
Ethan Looney f7e4c1c8ad Added SetLoggingCb check 2020-07-22 15:44:13 -07:00
Ethan Looney 5e515c12fb Removed unneeded comment 2020-07-22 08:28:43 -07:00
John Safranek c8e9d058f0
DTLS Test Speedup 
Change the example client to use select instead of sleep.
If building for the standalone client, it will wait 1 second.
If built for no main driver, it'll wait 10ms rather than 1 second.
 2020-07-21 18:40:18 -07:00
Ethan Looney 953e7cf181 Changed sz type from int to long 2020-07-21 15:28:17 -07:00
Ethan Looney b500a54fc5 Added new file to read in and dump error message and added cleanup within cleanup script 2020-07-21 12:30:43 -07:00
Ethan Looney e8034619ba Add more if defined to ERR_print_errors_fp 2020-07-21 12:30:43 -07:00
Chris Conlon ddb2923c19
Merge pull request #3133 from ethanlooney/13th_branch 
Added unit tests for Hash.c - Fixed hash formatting errors
 2020-07-20 10:03:28 -06:00
Chris Conlon 86745dd7fc
Merge pull request #3134 from ethanlooney/14th_branch 
Added unit tests for Random.c
 2020-07-20 10:02:22 -06:00
Ethan Looney ef71099225 Removed duplicate semicolon and deleted unneeded initrng 2020-07-17 10:34:38 -07:00
Ethan Looney 93c6e99aef Added a ret check 2020-07-17 08:45:39 -07:00
Ethan Looney 96e59118fc Changed the if defined order and to include fips and selftest 2020-07-16 15:50:03 -07:00
Ethan Looney 2275b89654 Removed unnecessary comments and added HashInit's and checked that they returned errors when they should 2020-07-16 12:38:55 -07:00
toddouska 9137794cb4
Merge pull request #3105 from embhorn/zd10457_a 
Adding wolfSSL_X509_check_ip_asc
 2020-07-16 10:53:27 -07:00
toddouska fbe0c8cba7
Merge pull request #3122 from JacobBarthelmeh/Compatibility-Layer 
fix X509 multiple OU's and refactor
 2020-07-15 15:06:22 -07:00
Ethan Looney d54a51cd20 Added if not defined wc_no_rng 2020-07-15 13:56:12 -07:00
Ethan Looney 7a642e2b78 Added unit tests for Random.c 2020-07-15 12:55:19 -07:00
Ethan Looney 6be76e84ec Fixed formatting for Shake256Hash 2020-07-15 12:52:17 -07:00
Ethan Looney 9a07df9631 Changed hash size to 144 for Shake256Hash 2020-07-15 12:52:17 -07:00
Ethan Looney 379212acec Initialized variable data 2020-07-15 12:52:17 -07:00
Ethan Looney aaa6e892da Added unit tests for hash.c 2020-07-15 12:52:17 -07:00
Eric Blankenhorn 525a3cb9c3 Move API out of OPENSSL_EXTRA 2020-07-15 10:48:11 -05:00
Eric Blankenhorn d1a82589f9 Adding wolfSSL_X509_check_ip_asc 2020-07-15 10:48:11 -05:00
Chris Conlon 4938baa892
Merge pull request #3121 from ethanlooney/12th_branch 
Added unit tests for Sha3.c
 2020-07-13 17:29:45 -06:00
Ethan Looney c5b8181005 Added a free call for shake256_copy 2020-07-13 09:58:00 -07:00
Chris Conlon ed9648770d
Merge pull request #3120 from ethanlooney/11th_branch 
Added unit tests for Sha512.c
 2020-07-10 17:12:23 -06:00
Jacob Barthelmeh 2aaeb2a2df fix X509 multiple OU's and refactor 2020-07-10 17:12:20 -06:00
Ethan Looney 84aa7d746a Added unit tests for Sha3 2020-07-10 15:43:08 -07:00
Ethan Looney 295aa4ac55 Added tests for Sha512.c 2020-07-10 10:15:32 -07:00
Tesfa Mael 890500c1b1 Fix Coverity 2020-07-08 08:20:43 -07:00
TakayukiMatsuo 1e94f0478c Added resetting size info output-buffer before calling export APIs 
Added resetting size into output-buffer before calling export APIs
 2020-07-08 08:20:43 -07:00
toddouska c8dcd59565
Merge pull request #3082 from JacobBarthelmeh/Testing 
restrict the cert version allowed
 2020-07-07 15:37:01 -07:00
Ethan Looney 296b562113 Fixed formatting and forgotten curly bracket 2020-07-06 12:33:06 -07:00
Ethan Looney 1b7a96627c Changed formatting 2020-07-06 12:05:55 -07:00
Ethan Looney dfde73620c Added if defined cases for tests using hashes 2020-07-06 08:07:03 -07:00
Ethan Looney 5f3a287a6a Added tests to sha256.c for sha224 and sha256. 2020-07-02 14:30:30 -07:00
Ethan Looney 3242fa3669 Fixed formatting, redundant if's and added a comment explaining why a value was chosen. 2020-07-01 16:01:50 -07:00
Juliusz Sosinowicz fd79ebfe8d TLS 1.3 requires chacha and poly1305 for myTicketEncCb 2020-07-01 20:24:50 +02:00
Ethan Looney f526a11126 Added additional tests for curve25519 and fixed a print format error from previous tests 2020-07-01 10:19:40 -07:00
Ethan Looney a59560a1d5 Added tests to curve25519.c and fixed a print error from previous curve25519 tests 2020-07-01 09:32:03 -07:00
Ethan Looney 4ad904909c Added a return check 2020-06-30 12:40:20 -07:00
Ethan Looney 78efb48acf Added two more tests to hit xmemset lines 2020-06-30 12:40:20 -07:00
Ethan Looney b7e682e677 Added more tests to api.c for curve448 2020-06-30 12:40:20 -07:00
Chris Conlon 94654c7a46
Merge pull request #3062 from TakayukiMatsuo/branch-2 
Added testcases for wc_curve25519_export_key_xx
 2020-06-30 14:27:24 -05:00
Juliusz Sosinowicz e63a80f1af Use `NO_SESSION_CACHE` as well in preproc checks 2020-06-30 21:21:43 +02:00
Juliusz Sosinowicz b57cf802eb Expose session serialization outside of `OPENSSL_EXTRA` 
Use `./configure CFLAGS='-DHAVE_EXT_CACHE'` to enable session serialization without `OPENSSL_EXTRA`.
 2020-06-30 20:17:21 +02:00
Chris Conlon b6aaedd3b4
Merge pull request #3080 from ethanlooney/second_branch 
Added additional tests to curve448.c through api.c
 2020-06-29 11:21:15 -05:00
Jacob Barthelmeh 14d0b4e7d6 adjust test case 2020-06-26 10:25:50 -06:00
Ethan Looney 1c1ddaa6c2 Added checks to initial returns and free rng 2020-06-25 16:40:38 -07:00
Sean Parkinson f6d26b4e81
Merge pull request #3072 from kaleb-himes/SANITY_CHECKS 
ed25519 and ed448 check sigLen against expected
 2020-06-26 08:31:55 +10:00
Jacob Barthelmeh 0c7b851bd3 restrict the cert version allowed 2020-06-25 15:45:18 -06:00
David Garske e2afbae6aa
Merge pull request #3054 from JacobBarthelmeh/CRL 
fix for x509 store add crl
 2020-06-25 09:52:12 -07:00
kaleb-himes 17466727b2 Implement peer review feedback 2020-06-25 09:43:22 -06:00
Ethan Looney fe7d9ea7c1 changed RNG to WC_RNG 2020-06-24 15:40:58 -07:00
Ethan Looney 79981e3cf7 Added additonal tests to curve448.c 2020-06-24 15:40:38 -07:00
Ethan Looney 86b7f18502 Added additional tests to curve448.c through api.c 2020-06-24 15:40:22 -07:00
toddouska 9cd6f92d19
Merge pull request #3058 from JacobBarthelmeh/Certs 
Fix and test case for malformed name constraint
 2020-06-24 10:15:08 -07:00
kaleb-himes 722961f55c ed25519 and ed448 check sigLen against expected 2020-06-23 17:32:00 -06:00
Sean Parkinson 582240a84d
Merge pull request #3051 from embhorn/zd10451 
Sanity check wc_ecc_import_raw x, y, and key
 2020-06-24 08:52:10 +10:00
Jacob Barthelmeh 8511d07698 store chain is free'd when store is free'd 2020-06-23 15:42:32 -06:00
Jacob Barthelmeh ae90119af4 remove double free in test case 2020-06-23 14:45:31 -06:00
Eric Blankenhorn 7cc64377d0 Sanity check wc_ecc_import_raw x, y, and key 2020-06-23 08:54:47 -05:00
toddouska 93bd0dbfe1
Merge pull request #2980 from dgarske/psoc6 
Fix for `WOLFSSL_ALT_CERT_CHAINS` with long chain
 2020-06-22 13:36:35 -07:00
JacobBarthelmeh b88342eeaf memory handling fixes 2020-06-19 10:08:42 -07:00
TakayukiMatsuo 771d60c085 Replaced some hard-tabs with spaces in wc_curve25519_export_key_raw_ex() 2020-06-19 13:40:16 +09:00
toddouska 248b8c9b62
Merge pull request #3057 from kaleb-himes/FIPSv2_plus_OPENSSLALL 
Resolve issues with FIPSv2 when opensslall set
 2020-06-18 10:12:06 -07:00
toddouska 48cd6f36ff
Merge pull request #2967 from dgarske/ecc_null 
Fixes for ECC key import
 2020-06-18 10:10:49 -07:00
Jacob Barthelmeh 1e431e1ade add test case and fixes from review 2020-06-18 10:57:25 -06:00
David Garske 667d9ca896 Fix to catch the issue in this PR with alt cert chains, which only happens if the verify callback is used and the chain is long enough. Cleanup of the myVerify callback to allow specific actions. Fix the suites.c to not crash if no newline at end of file. Added helpful debug message to show that a CA was found. 2020-06-18 09:26:50 -07:00
TakayukiMatsuo 28819bd45e Made two lines wrap around in test_wc_curve25519_export_key_raw_ex() 2020-06-18 12:25:21 +09:00
TakayukiMatsuo a855d6355e Added cleanup to test_wc_curve25519_export_key_raw_ex 2020-06-18 12:25:21 +09:00
TakayukiMatsuo 1d98c960cf Added resetting size info output-buffer before calling export APIs 
Added resetting size into output-buffer before calling export APIs
 2020-06-18 12:24:03 +09:00
David Garske 0fd5eda5af Fix for `test_wolfSSL_DTLS_either_side`, which was not properly free'ing in error case. Improves the test shared context logic to make it explicit. 2020-06-17 17:08:09 -07:00
Jacob Barthelmeh dafd35e4c1 remove unused variable 2020-06-17 15:55:08 -06:00
Jacob Barthelmeh f75659641a test on malformed name constraint 2020-06-17 14:33:10 -06:00
kaleb-himes e2fb4c55b8 Resolve issues with FIPSv2 when opensslall set 2020-06-17 14:03:02 -06:00
Sean Parkinson 6bb73fb25d Fix ED448 calls to use context and correct variable name 
Added basic test of OpenSSL compatability APIs:
  - wolfSSL_ED25519_generate_key
  - wolfSSL_ED25519_sign
  - wolfSSL_ED25519_verify
  - wolfSSL_ED2448_generate_key
  - wolfSSL_ED448_sign
  - wolfSSL_ED448_verify
 2020-06-17 10:05:50 +10:00
toddouska 4c2dee77d8
Merge pull request #3028 from julek-wolfssl/CRYPTO_memcmp 
Implement CRYPTO_memcmp
 2020-06-12 11:16:18 -07:00
toddouska 29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
toddouska e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska c023efb2aa
Merge pull request #3025 from JacobBarthelmeh/Compatibility-Layer 
fix macro to match *_FLAGS_*
 2020-06-09 13:19:29 -07:00
toddouska 7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
David Garske 3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in `AddSession`. 2020-06-05 13:33:03 -07:00
Juliusz Sosinowicz a75f83c9f2 Implement CRYPTO_memcmp 2020-06-05 16:44:12 +02:00
David Garske ca9dc7d509 Fix for `wc_ecc_import_unsigned` failing if first private key byte is zero (Fixes #2950). Fix `wc_ecc_is_point` to return better code `IS_POINT_E` on failure (was returning -1). Improved ECC import API unit tests. Added `WOLFSSL_VALIDATE_ECC_IMPORT` and `WOLFSSL_VALIDATE_ECC_KEYGEN` to `--enable-all`. 2020-06-04 15:25:56 -07:00
toddouska 3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
toddouska 23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
Jacob Barthelmeh c8b87eab5f fix macro to match *_FLAGS_* 2020-06-04 11:53:46 -06:00
kaleb-himes 5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00
Chris Conlon 0b9d06e529 return value from FailTestCallBack to prevent NetBSD noreturn warning 2020-06-03 14:45:31 -06:00
Chris Conlon 504b887851 fix NetBSD warnings in ASN1_INTEGER_set() tests around int max/min 2020-06-03 14:14:43 -06:00
Tesfa Mael d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
kaleb-himes 6217118ee4 Account for unmodifiable FIPS module files when adding new OpenSSL functionality 2020-06-01 16:28:32 -06:00
Chris Conlon 896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
kaleb-himes 53d2a17b43 Fix a seg fault when cert not loaded prior to key check 2020-05-22 15:03:11 -06:00
Juliusz Sosinowicz a67e1fc2ad Fix implicit conversions 2020-05-21 13:20:42 +02:00
Juliusz Sosinowicz 5f7832909b BIO_new_mem_buf with negative len should take strlen of buf as len 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 4a85bf8108 Additional OpenSSL compat layer stuff 
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 3d2cbdd3e8 Fix LUT cache implementation 
- Make sure that the cache is actually set (and not just depend on the LRU_count)
- test_wolfSSL_EC should also be run without ECC_SHAMIR
 2020-05-12 13:48:59 +02:00
Juliusz Sosinowicz b5886e0e37 Add option `--enable-ip-alt-name` 
This commit adds the configure option `--enable-ip-alt-name` that enables support for the IP alternative subject name parsing in `wolfcrypt/src/asn.c:DecodeAltNames`.
 2020-05-08 13:20:24 +02:00
Juliusz Sosinowicz 9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
Jacob Barthelmeh 9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
Sean Parkinson e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
toddouska cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++ 
Fixes for G++ and enable-all
 2020-04-28 09:51:34 -07:00
Juliusz Sosinowicz 01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL 
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
 2020-04-27 15:52:01 +02:00