WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
11,680 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

980 Commits (e55ca1a8cf34c0e63c490e52c25a0921e2273ad6)

Author SHA1 Message Date
David Garske 0fd5eda5af Fix for `test_wolfSSL_DTLS_either_side`, which was not properly free'ing in error case. Improves the test shared context logic to make it explicit. 2020-06-17 17:08:09 -07:00
Jacob Barthelmeh dafd35e4c1 remove unused variable 2020-06-17 15:55:08 -06:00
Jacob Barthelmeh f75659641a test on malformed name constraint 2020-06-17 14:33:10 -06:00
kaleb-himes e2fb4c55b8 Resolve issues with FIPSv2 when opensslall set 2020-06-17 14:03:02 -06:00
Sean Parkinson 6bb73fb25d Fix ED448 calls to use context and correct variable name 
Added basic test of OpenSSL compatability APIs:
  - wolfSSL_ED25519_generate_key
  - wolfSSL_ED25519_sign
  - wolfSSL_ED25519_verify
  - wolfSSL_ED2448_generate_key
  - wolfSSL_ED448_sign
  - wolfSSL_ED448_verify
 2020-06-17 10:05:50 +10:00
toddouska 4c2dee77d8
Merge pull request #3028 from julek-wolfssl/CRYPTO_memcmp 
Implement CRYPTO_memcmp
 2020-06-12 11:16:18 -07:00
toddouska 29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
toddouska e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska c023efb2aa
Merge pull request #3025 from JacobBarthelmeh/Compatibility-Layer 
fix macro to match *_FLAGS_*
 2020-06-09 13:19:29 -07:00
toddouska 7a7bfce565
Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
David Garske 3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in `AddSession`. 2020-06-05 13:33:03 -07:00
Juliusz Sosinowicz a75f83c9f2 Implement CRYPTO_memcmp 2020-06-05 16:44:12 +02:00
David Garske ca9dc7d509 Fix for `wc_ecc_import_unsigned` failing if first private key byte is zero (Fixes #2950). Fix `wc_ecc_is_point` to return better code `IS_POINT_E` on failure (was returning -1). Improved ECC import API unit tests. Added `WOLFSSL_VALIDATE_ECC_IMPORT` and `WOLFSSL_VALIDATE_ECC_KEYGEN` to `--enable-all`. 2020-06-04 15:25:56 -07:00
toddouska 3529d9a40d
Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
toddouska 23d1550439
Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
Jacob Barthelmeh c8b87eab5f fix macro to match *_FLAGS_* 2020-06-04 11:53:46 -06:00
kaleb-himes 5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00
Chris Conlon 0b9d06e529 return value from FailTestCallBack to prevent NetBSD noreturn warning 2020-06-03 14:45:31 -06:00
Chris Conlon 504b887851 fix NetBSD warnings in ASN1_INTEGER_set() tests around int max/min 2020-06-03 14:14:43 -06:00
Tesfa Mael d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
kaleb-himes 6217118ee4 Account for unmodifiable FIPS module files when adding new OpenSSL functionality 2020-06-01 16:28:32 -06:00
Chris Conlon 896fcd9aec add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions 2020-05-27 16:49:29 -06:00
kaleb-himes 53d2a17b43 Fix a seg fault when cert not loaded prior to key check 2020-05-22 15:03:11 -06:00
Juliusz Sosinowicz a67e1fc2ad Fix implicit conversions 2020-05-21 13:20:42 +02:00
Juliusz Sosinowicz 5f7832909b BIO_new_mem_buf with negative len should take strlen of buf as len 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 4a85bf8108 Additional OpenSSL compat layer stuff 
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
 2020-05-20 16:55:16 +02:00
Juliusz Sosinowicz 3d2cbdd3e8 Fix LUT cache implementation 
- Make sure that the cache is actually set (and not just depend on the LRU_count)
- test_wolfSSL_EC should also be run without ECC_SHAMIR
 2020-05-12 13:48:59 +02:00
Juliusz Sosinowicz b5886e0e37 Add option `--enable-ip-alt-name` 
This commit adds the configure option `--enable-ip-alt-name` that enables support for the IP alternative subject name parsing in `wolfcrypt/src/asn.c:DecodeAltNames`.
 2020-05-08 13:20:24 +02:00
Juliusz Sosinowicz 9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
Jacob Barthelmeh 9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
Sean Parkinson e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
toddouska cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++ 
Fixes for G++ and enable-all
 2020-04-28 09:51:34 -07:00
Juliusz Sosinowicz 01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL 
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
 2020-04-27 15:52:01 +02:00
David Garske 6d025f8c0f Refactor of the EVP `macType` to use `enum wc_HashType` to resolve issues with invalid casting. 2020-04-24 07:43:44 -07:00
TakayukiMatsuo 922ab1e944 Merge remote-tracking branch 'upstream/master' into branch-1 2020-04-24 18:00:29 +09:00
TakayukiMatsuo bcc408442b Added test cases for wc_curve25519_key_export_xx 2020-04-24 17:50:17 +09:00
David Garske b07dfa425d Fixes for `./configure CC="g++" --enable-all && make`. Resolves issues with implicit casts and use of reserved `template` keyword. 2020-04-23 15:26:04 -07:00
toddouska 7318121d3a
Merge pull request #2915 from dgarske/async_v4.4.0 
Fixes for async release v4.4.0
 2020-04-23 09:26:08 -07:00
David Garske 88d04e5eeb Fix for NULL == NULL test case in `test_wolfSSL_EC_get_builtin_curves`. 2020-04-22 10:15:52 -07:00
John Safranek bf680b4a92
Fix for QAT with Shake256. Fix for XFREE missing semicolon. 2020-04-21 10:38:27 -07:00
JacobBarthelmeh 0cfde0794b
Merge pull request #2848 from julek-wolfssl/wpa-supplicant-openssl-compat 
Added partial support for wpa_supplicant, hostapd, and cjose:
 2020-04-20 12:17:55 -06:00
Eric Blankenhorn 6b3642db36 Fix forbidden iv length 0 with AES-GCM 2020-04-16 13:48:56 -05:00
Juliusz Sosinowicz 36403c1dad Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat 2020-04-15 16:55:03 +02:00
toddouska 06c6e583c8
Merge pull request #2891 from julek-wolfssl/refactor-evp-functions 
Move EVP functions to evp.c
 2020-04-14 09:22:51 -07:00
Juliusz Sosinowicz dad0bc0159 Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions 2020-04-14 12:52:23 +02:00
Juliusz Sosinowicz 0b3a331265 Revert wc_OBJ_sn2nid 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz dbe4e778d3 Test fixes 
- Add `parameter` to `WOLFSSL_X509_ALGOR`
- Implement `wolfSSL_ASN1_TYPE_new`, `wolfSSL_ASN1_TYPE_free`, and `wolfSSL_ASN1_TYPE_set`
- Fix leak where `pval` in `wolfSSL_X509_ALGOR_set0` was lost if `aobj` was provided
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 18093a6b0b Code review changes 
- Don't include `ENABLED_OPENSSLALL` with `ENABLED_WPAS`
- Return length in `wolfSSL_i2d_DHparams`
- Implement `wolfSSL_EC_POINT_mul` with independent multiplication and addition if `ECC_SHAMIR` not defined
- Implment `ASN1_SIMPLE` without `offsetof` by using a dummy struct
- Style fixes
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 9722082372 Fix `nid2*` and `*2nid` functions 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz eb549f7095 Test fixes 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz ef5eefac91 Test fixes 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz b4d9007a48 Test fixes 
Config fixes
Fix windows FIPS
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 9ced70edc1 Test fixes 
Free `x509->key.pkey` in `FreeX509
Fix type conversions
Fix memory leaks and use of uninitialized memory
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 73b4d78d5b Added partial support for wpa_supplicant, hostapd, and cjose: 
- Moved `SetECKeyInternal` and `SetECKeyExternal` to `internal.h` to allow usage outside of `ssl.c`
- Added `asn1t.h`
- Implemented the `IMPLEMENT_ASN1_FUNCTIONS` macro for a small subset of ASN1 tags
-- So far only `X509_ALGOR` and `ASN1_BIT_STRING` are supported
- Implemented `BN_mod_add` function
- Allow for setting of `EC_KEY` export form through EC_KEY_set_conv_form
- Implemented `i2o_ECPublicKey`
- Implemented `EC_POINT_copy`
- Implemented deriving DH and ECDH keys in `EVP_PKEY_CTX`. Functions added:
-- `EVP_PKEY_derive_init`
-- `EVP_PKEY_derive_set_peer`
-- `EVP_PKEY_derive`
- Implemented `EVP_PKEY_get0_DH`
- Implemented `X509_ALGOR_new`
- Implemented `X509_ALGOR_free`
- Implemented `X509_ALGOR_set0`
- Implemented `X509_PUBKEY_new`
- Implemented `X509_PUBKEY_free`
- Implemented `X509_PUBKEY_set`
- Implemented `RSA_padding_add_PKCS1_PSS`
- Implemented `RSA_verify_PKCS1_PSS`
- Changed second parameter of `wolfSSL_d2i_PUBKEY` to be constant
- Corrected long names in `asn.h`
- Added `wc_ecc_get_generator` as a way to get the generator point of a curve
- Added `wc_ecc_export_point_der_ex` to export an ECC point in compressed or uncompressed format with one API
- Added `wc_ecc_export_point_der_compressed` to export a point in an `ecc_point` structure in compressed DER format
- Added 'wc_RsaSSL_Verify_ex` which adds the option to choose a padding type
- Added `wc_RsaPad_ex` and `wc_RsaUnPad_ex` to `rsa.h` as `WOLFSSL_LOCAL` functions
- `CopyDecodedToX509` now fills `x509->key` and `x509->algor` when populating x509
- `wolfSSL_EVP_CipherInit` now uses `wc_AesGcmSetExtIV` to set the IV so that it is copied to `ctx->iv` by `wolfSSL_StoreExternalIV`
- Added error checking to `wolfSSL_EVP_PKEY_get_der`
- `wolfSSL_X509_ALGOR_get0` now attempts to return something in all parameters
- Refactored `wolfSSL_EC_KEY_new` to use `*_new` functions when available
- Added `setupPoint` to set the internal point if not yet set
- Always set external point in `wolfSSL_ECPoint_d2i`
- Added compressed point support to `wolfSSL_EC_POINT_point2oct`
- Fix `wolfSSL_EC_POINT_mul` so that it will calculate the full `generator * n + q * m` then OpenSSL does
- Added `WOLFSSL_RSA_GetRNG` helper function to get a `WC_RNG` from `WOLFSSL_RSA`
- Correct short names in `wolfssl_object_info`
- Added all currently supported curves to `wolfssl_object_info`
- Added `oidCurveType` to `oid2nid`
- Add more padding types to `wolfSSL_RSA_public_decrypt`
- Fix `keysize` in `wc_ecc_import_point_der`
- Added tests for new additions
 2020-04-14 11:45:32 +02:00
toddouska 4748254b60
Merge pull request #2896 from embhorn/zd9916 
Fix wc_KeyPemToDer with PKCS1 and empty key
 2020-04-10 15:38:07 -07:00
Eric Blankenhorn c3e0575914 Fix from review 2020-04-09 12:52:32 -05:00
Juliusz Sosinowicz 9cbbd164e0 Fix test errors 2020-04-09 14:54:09 +02:00
Eric Blankenhorn 4d6e33b1dd Fix wc_KeyPemToDer with PKCS1 and empty key 2020-04-08 11:34:24 -05:00
Sean Parkinson 411aee6e05 Fixes from cppcheck 
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
 2020-04-08 09:46:22 +10:00
Juliusz Sosinowicz 4c0ea10e45 Move EVP functions to evp.c 2020-04-07 22:36:50 +02:00
toddouska 16fa1a4747
Merge pull request #2855 from JacobBarthelmeh/PKCS12 
maintenance to PKCS12 create for outputting encrypted bundles
 2020-03-26 10:41:04 -07:00
Jacob Barthelmeh 2116c20f5d add test case for PKCS12 to DER and back 2020-03-25 10:38:18 -06:00
Jacob Barthelmeh dde1c3bc08 Fix for clang warning with ARM assembly build 2020-03-23 15:08:28 -06:00
toddouska 49f01450de
Merge pull request #2853 from SparkiDev/dtls_mtu 
Allow setting of MTU in DTLS
 2020-03-19 16:23:39 -07:00
toddouska f4a8430115
Merge pull request #2851 from JacobBarthelmeh/SanityChecks 
add space for null terminator and check on header pointer
 2020-03-19 16:00:57 -07:00
Sean Parkinson e17e064ce2 Allow setting of MTU in DTLS 2020-03-18 12:36:11 +10:00
toddouska eb6f44e491
Merge pull request #2847 from tmael/memLeak 
Fix memory leak
 2020-03-17 13:31:10 -07:00
JacobBarthelmeh aff80ab0d3 adjust test case for no ECC 2020-03-17 08:56:55 -07:00
JacobBarthelmeh 74781a3d45
Merge pull request #2829 from cconlon/pkcs7multioctets 
PKCS7/CMS EnvelopedData support for fragmented encrypted content
 2020-03-16 13:12:23 -06:00
toddouska 464631f920
Merge pull request #2841 from JacobBarthelmeh/Certs 
add function wolfSSL_X509_NAME_ENTRY_create_by_txt
 2020-03-13 10:17:52 -07:00
Tesfa Mael 452b4c03a6 Fix memory leak 2020-03-12 23:24:44 -07:00
Jacob Barthelmeh 0be0cf44e4 fix for returning NULL when text not found and add test case 2020-03-10 09:54:31 -06:00
toddouska ab8bfc241d
Merge pull request #2833 from JacobBarthelmeh/Compatibility-Layer 
compile for NO_WOLFSSL_STUB
 2020-03-06 11:04:36 -08:00
Jacob Barthelmeh 1035d73a05 add function wolfSSL_X509_NAME_ENTRY_create_by_txt 2020-03-05 16:29:55 -07:00
Jacob Barthelmeh bb76495233 compile for NO_WOLFSSL_STUB 2020-03-03 14:03:11 -07:00
David Garske 92114fef75 Fixes for building NO_ASN_TIME with OPENSSL_EXTRA. Fixes #2820. 
* `./configure --enable-opensslextra CFLAGS="-DNO_ASN_TIME"`
 2020-02-28 09:35:17 -08:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
Chris Conlon d21e370822 add support for PKCS7/CMS EnvelopedData with fragmented encrypted content 2020-02-27 14:42:57 -07:00
Eric Blankenhorn 6eda4e7b46 Fix in test 2020-02-20 17:28:34 -06:00
Eric Blankenhorn 95f973a5be Adding test and dox for ERR_print_errors_cb 2020-02-20 17:28:34 -06:00
Jacob Barthelmeh 51d55ed1c8 account for different peer certificate in test case, g++ build fix, static memory size increase 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh a9accb6c39 add more macro guards for builds 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh 76eec8884b clean up memory after test and don't leak x509 with get session peer 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 018f313cca Fix clang warning 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 5a87dbe094 Adding tests for EVP_CIPHER_CTX_reset 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh 49def96998 add test for get0 session peer certificate 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 65732c2269 add bio retry and set close tests 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 3137312911 update to implementation of BIO_MD type 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 8f7af875a4 add BIO_f_md and BIO_get_md_ctx tests 2020-02-20 17:28:32 -06:00
Juliusz Sosinowicz 1512485926 Fix user-rsa tests 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz f55cfd7ba7 Fix missing wolfSSL_i2d_RSAPrivateKey references 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 3fcec191a4 Refactor wolfSSL_RSA_To_Der 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz eedbce7c0a Null-check keyFormat 
Zero all of WOLFSSL_DH struct
Fix macros for self-test
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 97a4889bb3 Undo some stuff 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz f765b711bf More macro preproc stuff 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz b58f26945d Different configuration fixes 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 9a0d3ba369 Check boundaries in B64 decode 
ERR_get_error will always return a positive error code
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 58c239a49f Fix stuff after rebase 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 6e72a299d7 Don't undef HAVE_GETADDRINFO as it disables defines in projects using wolfSSL 
Change test_wolfssl_EVP_aes_gcm so that changing the tag will fail the authentication check
 2020-02-18 21:37:06 +01:00
Juliusz Sosinowicz 84a2ca7a4e Map the Jacobian point back to affine space in wolfSSL_EC_POINT_get_affine_coordinates_GFp 2020-02-18 21:37:06 +01:00