feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
9,925 Commits 28 Branches 172 Tags
adc548fc61bb099f07eb2a10ad32573258eab908
Commit Graph

707 Commits

Author SHA1 Message Date
Sean Parkinson
0275366fb6 Fixes from code review 
Document how length of ECDSA signature calculated.
Check parameter not NULL before use.
Formatting fix.
Also, disable RSA test of EVP_DigestSign/Verify* when HAVE_USER_RSA.
 2018-09-13 08:47:09 +10:00
toddouska
324235f698 Merge pull request #1823 from dgarske/cert_ext_only 
Fix for build with cert extensions and openssl extra only
 2018-09-12 13:03:37 -07:00
Sean Parkinson
df20daa1ae Support RSA and ECC in wolfSSL_DigestSign/Verify* 2018-09-12 16:31:39 +10:00
Takashi Kojo
7ddc756d15 eliminate double semi-colon 2018-09-12 10:13:30 +09:00
Sean Parkinson
330a7048c7 Add more compatability APIs. 
d2i_ECDSA_SIG, i2d_ECDSA_SIG, EVP_DigestVerifyInit,
EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_PKEY_id,
PEM_read_bio_PUBKEY
 2018-09-11 09:28:03 +10:00
David Garske
238f45d89d Fix for build with ./configure --enable-certext --enable-opensslextra. 2018-09-10 08:22:17 -07:00
David Garske
f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
Sean Parkinson
f8ac5b5f71 Merge pull request #1819 from dgarske/fix_load_loc 
Fix for load location test to handle multiple failure codes
 2018-09-10 08:36:19 +10:00
Takashi Kojo
0d44252608 error pass though build flag WOLFSSL_PASSTHRU_ERR 2018-09-08 10:19:31 +09:00
Takashi Kojo
902008f5ea refer unit_PassThrough flag at least once 2018-09-08 09:17:52 +09:00
Eric Blankenhorn
412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798) 
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
 2018-09-07 16:22:23 -07:00
David Garske
575382e5a9 Fix for load location test to handle multiple failure codes (failure may return ProcessFile error code or WOLFSSL_FAILURE). Moved expired certs and setup load location test for expired certs. 2018-09-07 15:30:30 -07:00
Takashi Kojo
e677c32714 test file access functions 2018-09-08 07:27:33 +09:00
Daniele Lacamera
27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
David Garske
ae3d8d3779 * Fixed wolfSSL_CTX_load_verify_locations to continue loading if there is an error (ZD 4265). 
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
 2018-09-06 12:51:22 -07:00
Sean Parkinson
17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
toddouska
7f324d2c3b Merge pull request #1781 from JacobBarthelmeh/Compatibility-Layer 
fix for IV of DES_ncbc function
 2018-08-24 10:16:21 -07:00
Jacob Barthelmeh
f23eb37ade fix for IV of DES_ncbc function 2018-08-23 09:03:09 -06:00
David Garske
d0d28c82cd Added new PKCS7 ex API's for supporting signing and validation of large data blobs. New API's are wc_PKCS7_EncodeSignedData_ex and wc_PKCS7_VerifySignedData_ex. Includes header docx and unit tests for new API's. Cleanup for the PKCS7 small stack and const oid's. 2018-08-22 15:46:37 -07:00
Takashi Kojo
08c2d94011 return value check of XFSEEK 2018-08-22 10:46:46 +09:00
David Garske
b12386fbb1 Fixes for building with TLS v1.3 only (./configure --disable-tlsv12 --enable-tls13 --disable-aescbc --enable-ed25519 --enable-curve25519) 2018-08-20 15:49:03 -07:00
toddouska
0f539616be Merge pull request #1766 from JacobBarthelmeh/UnitTests 
cleanup with test cases and access to FP_MAX_BITS
 2018-08-20 09:19:14 -07:00
toddouska
555714afa3 Merge pull request #1764 from SparkiDev/tls13_psk_cb 
Separate PSK callback for TLS 1.3
 2018-08-20 09:17:01 -07:00
Jacob Barthelmeh
cc10c971cd make sure that even if wolfSSL_Init has been called multiple times that wolfSSL_Cleanup gets called in tests 2018-08-17 11:04:21 -06:00
Sean Parkinson
f1222c3f9f Separate PSK callback for TLS 1.3 
It is highly recommended that the PSK be different for each protocol.
Example callback already returns a different key for TLS 1.3.
New callback includes the ciphersuite, as a string, to use with the key.
 2018-08-17 10:18:28 +10:00
Sean Parkinson
f487b0d96a Config option to disable AES-CBC 
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
 2018-08-16 08:25:13 +10:00
Eric Blankenhorn
2420af3cf2 Merge pull request #1758 from dgarske/certext 
Fix for building certext without certgen
 2018-08-14 17:00:51 -05:00
David Garske
d1e13a973c Fix for building WOLFSSL_CERT_EXT without WOLFSSL_CERT_GEN due to missing CTC_MAX_EKU_OID_SZ. Change to allow --enable-certext without certgen. 2018-08-14 15:00:56 -06:00
David Garske
c073aee87c Added new ECC export API's to support export as hex string. New API's are wc_ecc_export_ex and wc_ecc_export_int. For hex string use ECC_TYPE_HEX_STR as encType arg. Refactor to reduce duplicate code. Build fixes for NO_ECC_KEY_EXPORT. 2018-08-14 12:05:22 -06:00
toddouska
d4f908c372 Merge pull request #1728 from JacobBarthelmeh/HardwareAcc 
Add build for AF_ALG
 2018-08-13 16:27:51 -07:00
Eric Blankenhorn
bb574d28b2 Support for more cert subject OIDs and raw subject access (#1734) 
* Add businessCategory OID
* Raw subject support methods
* Support for jurisdiction OIDs
* Wrap in WOLFSSL_CERT_EXT
* Adding tests
 2018-08-12 12:53:29 -07:00
David Garske
a43d4d16ba Merge pull request #1719 from MJSPollard/OpenSSLAllFix 
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
 2018-08-02 15:20:27 -07:00
JacobBarthelmeh
cb756397b3 inital AES-CBC with af_alg 
progress on AES-GCM with AF_ALG and add SHA256

add aes-gcm test cases and finish logic of aes-gcm with AF_ALG

formating of tabs and white space

add files to dist

adding ecb and ctr mode with af_alg

make length of buffers for ctr be AES_BLOCK_SIZE

formating and add support for sha256 copy/gethash

sanity checks on arguments

cast return values and valgrind tests

make it easier to use sha256 with af_alg

remove hard tabs

add endif for after rebase
 2018-08-01 08:54:20 -06:00
David Garske
4eff7b641b First pass at bugs found with ./scripts/memtest.sh. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in wolfSSL_PEM_read_X509_CRL. 2018-07-30 13:53:54 -07:00
David Garske
6ed6876b1f Enhanced the --enable-memtrack option to keep list of pointers allocated and reports leaked memory at end. Cleanup of the wolfCrypt_Init and wolfCrypt_Cleanup calls in unit.test and SrpTest memory tracking feature. 2018-07-30 13:53:54 -07:00
David Garske
2c3475c1d6 Added new build option --enable-memtest or WOLFSSL_FORCE_MALLOC_FAIL_TEST which enables random malloc failures for testing. This test supresses the abort() calls to detect seg faults. A new script ./scripts/memtest.sh starts the test. If an issue is found it can be reviewed with the ./scripts/memtest.txt log and reproduced using the seed printed at top of unit test as --- RNG MALLOC FAIL AT 295--- and rerun using ./tests/unit.test 295. 2018-07-30 13:53:35 -07:00
toddouska
62cb69ded6 Merge pull request #1724 from dgarske/pemtoder 
Added API's to expose alloc/free of DerBuffer and new unit tests
 2018-07-30 13:50:19 -07:00
toddouska
335f467b8c Merge pull request #1714 from dgarske/pic32hashleak 
Fixes for PIC32MZ hash memory leak
 2018-07-30 13:48:59 -07:00
David Garske
309d7a9d0d Added API's to expose alloc/free of DerBuffer using wc_AllocDer and wc_FreeDer. Added unit tests for new API's and missing ones for wc_PemToDer and wc_CertPemToDer. ZD 4185. 2018-07-30 11:19:59 -07:00
MJSPollard
543cac65d8 Added boost define and openssl bug fix with WOLFSSL_KEY_GEN 2018-07-27 12:42:09 -06:00
David Garske
efbabbfb29 Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using NO_PIC32MZ_HASH, NO_PIC32MZ_RNG and NO_PIC32MZ_CRYPT. 2018-07-26 14:41:30 -07:00
toddouska
84c1b633fb Merge pull request #1713 from JacobBarthelmeh/UnitTests 
fix buffer types for ARC4 test
 2018-07-25 14:17:10 -07:00
David Garske
92cb8f06ea Fixes to make sure hash free is always called (resolves memory leaks with PIC32MZ hashing hardware). Only print Alloc/Free messages with track memory when WOLFSSL_DEBUG_MEMORY_PRINT is defined. Added test for ForceZero with 0 length. 2018-07-25 11:22:03 -07:00
Jacob Barthelmeh
003b7b28f4 fix buffer types for ARC4 test 2018-07-24 17:37:39 -06:00
toddouska
e618f34c2f Merge pull request #1707 from kaleb-himes/ARM_GCC_EX_FIXES 
Fixes for building without DRBG and ForceZero test
 2018-07-23 16:14:43 -07:00
toddouska
ab3ffaa26a Merge pull request #1706 from SparkiDev/sha384_not_sha512 
Allow SHA384 to be compiled in without SHA512
 2018-07-23 09:47:49 -07:00
kaleb-himes
887e3deee8 Move ForceZero test to api.c and turn on tests when inline disabled 2018-07-20 13:30:06 -06:00
Sean Parkinson
9433fcb820 Allow SHA384 to be compiled in without SHA512 2018-07-20 09:42:01 +10:00
MJSPollard
db8939c578 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-18 11:10:35 -06:00
toddouska
436e774729 Merge pull request #1685 from SparkiDev/dh_max 
Add support for maximum DH key size
 2018-07-18 09:33:43 -07:00