wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 05:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,733 Commits 12 Branches 184 Tags
0722fb56d8fac87e08813cf3e4d1e2de50a36186
Commit Graph

5356 Commits

Author SHA1 Message Date
John Safranek
6f2853ef28 Merge pull request #4251 from dgarske/openssl_all 
Fixes for edge case builds with openssl all
 2021-07-29 08:58:22 -07:00
David Garske
9df4312c4e Merge pull request #3823 from per-allansson/checkaltname-fix 
wolfSSL_X509_check_ip_asc/CheckForAltName fixes
 2021-07-29 08:08:06 -07:00
David Garske
2c1fed8262 Fixes for edge case builds with openssl all. Improvements to the test_wolfSSL_PKCS8_d2i. Allow forceful disable of OCSP with ./configure --enable-opensslall --disable-ocsp. 2021-07-28 12:32:08 -07:00
David Garske
50ae93071d Merge pull request #4237 from kabuobeid/dupSSL 
Fix missing CBIOSend and properly guard hmac in DupSSL().
 2021-07-28 10:50:17 -07:00
Per Allansson
c41f10e708 CheckForAltNames fixes 
- Missing conversion from char to unsigned char caused any IP
  address with a byte > 127 to be wrong
- IPv6 address was converted to wrong format XX:YY:...
   (which also caused a buffer overrun)
- Anything that is not an IPv4 or IPv6 address should be ignored
 2021-07-28 09:46:33 +02:00
David Garske
3ea22ffa32 Remove use of assert (replace with soft failures). Note: Session hash will always return value < HASH_SIZE. 2021-07-27 12:07:08 -07:00
David Garske
3abb2b86d6 Fix possible issues with math around 64-bit pointer and unsigned int (32-bit). ZD 12681 2021-07-27 12:05:37 -07:00
John Safranek
8c63701577 Merge pull request #4247 from SparkiDev/dhp_to_der_fix 
OpenSSL API: DH params to der
 2021-07-26 17:00:34 -07:00
David Garske
55029acc84 Merge pull request #4244 from SparkiDev/config_fix_4 
Configuration: fixes for uncommon configurations
 2021-07-26 10:32:32 -07:00
JacobBarthelmeh
028c056c55 Merge pull request #4213 from lealem47/leakFixes 
Addressing possible leaks in ssl.c and api.c
 2021-07-26 23:32:19 +07:00
Sean Parkinson
7d5271ed71 OpenSSL API: DH params to der 
Fix calculation of length of encoding in ssl.c.
Fix encoding to check proper length in asn.c.
Fix tests to check for correct value (api.c).
 2021-07-26 22:47:46 +10:00
Sean Parkinson
ec6ffb0583 Configuration: fixes for uncommon configurations 
./configure --enable-all --disable-filesystem
./configure --enable-all CC=g++ --enable-intelasm
 2021-07-26 16:34:20 +10:00
JacobBarthelmeh
27c49b1673 Merge pull request #4075 from julek-wolfssl/bind-dns 
Bind 9.17.9 and 9.11.22 Support
 2021-07-26 11:24:57 +07:00
Kareem
671147549f Fix missing CBIOSend and properly guard hmac in DupSSL(). 2021-07-23 12:11:30 -07:00
John Safranek
e8d636771f Merge pull request #4231 from haydenroche5/des3-iv-fips 
Use correct DES IV size when using FIPS v2.
 2021-07-23 09:38:56 -07:00
Juliusz Sosinowicz
8ee9024da9 More rebase fixes 2021-07-23 18:22:46 +02:00
Juliusz Sosinowicz
23cff71bbf Second wc_EccPrivateKeyDecode not needed now that it supports PKCS8 2021-07-23 18:14:54 +02:00
Juliusz Sosinowicz
9f7aa32662 Fix merge conflict resolution in ECC_populate_EVP_PKEY 2021-07-23 18:14:54 +02:00
Juliusz Sosinowicz
10168e093a Rebase fixes 2021-07-23 18:14:54 +02:00
Juliusz Sosinowicz
c7d6e26437 Fix DSA signature length 
The length of the DSA signature is 40 bytes for N=160 but 64 bytes for N=256. New enum values are added for better clarity.
 2021-07-23 18:14:18 +02:00
Juliusz Sosinowicz
142ff6d885 Bind 9.11.22 2021-07-23 18:14:18 +02:00
Juliusz Sosinowicz
553c930ecb dot system test passed 2021-07-23 18:14:18 +02:00
Juliusz Sosinowicz
69948b3648 WIP 2021-07-23 18:14:18 +02:00
Juliusz Sosinowicz
06ebcca913 Code review and mp_int memory leak fixes 2021-07-23 18:14:18 +02:00
Juliusz Sosinowicz
b4fd737fb1 Bind 9.17.9 Support 
- Add `--enable-bind` configuration option
- New compatibility API:
  - `RSA_get0_crt_params`
  - `RSA_set0_crt_params`
  - `RSA_get0_factors`
  - `RSA_set0_factors`
  - `RSA_test_flags`
  - `HMAC_CTX_get_md`
  - `EVP_MD_block_size`
  - `EC_KEY_check_key`
  - `o2i_ECPublicKey`
  - `DH_get0_key`
  - `DH_set0_key`
- Calling `EVP_MD_CTX_cleanup` on an uninitialized `EVP_MD_CTX` structure is no longer an error
- `DH_generate_parameters` and `DH_generate_parameters_ex` has been implemented
 2021-07-23 18:14:12 +02:00
David Garske
2372ea45fb Merge pull request #4229 from SparkiDev/ssl_reorg_4 
Reorg of ssl.c: CONF, BIO, RAND and EVP_CIPHER
 2021-07-23 07:45:30 -07:00
Sean Parkinson
9452c22653 Small configurations: get compiling 
./configure --enable-psk -disable-rsa --disable-dh -disable-ecc
--disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK --disable-coding
--disable-filesystem CFLAGS=-DNO_WOLFSSL_SERVER

./configure --enable-psk -disable-rsa --disable-dh -disable-ecc
--disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK --disable-coding
--disable-filesystem CFLAGS=-DNO_WOLFSSL_CLIENT
 2021-07-23 11:55:08 +10:00
Hayden Roche
ec180f3901 Use correct DES IV size when using FIPS v2. 2021-07-22 18:17:41 -07:00
Sean Parkinson
715a8303d2 Reorg of ssl.c: CONF, BIO, RAND and EVP_CIPHER 
Remove whitespace at end of lines in ssl.c.
 2021-07-23 09:55:07 +10:00
Chris Conlon
c544c19013 Merge pull request #4227 from miyazakh/ERR_lib_error_string 
add ERR_lib_error_string compatibility layer API
 2021-07-21 11:19:29 -06:00
JacobBarthelmeh
83c6688bee Merge pull request #4135 from dgarske/evp_set1_eckey 
Fixes for handling PKCS8 ECC key with EVP PKEY
 2021-07-22 00:17:11 +07:00
David Garske
73ad0315ce Merge pull request #4226 from douzzer/valgrind-fixes-20210720 
fixes for valgrind-detected leaks and undefined data accesses
 2021-07-21 08:43:00 -07:00
David Garske
ede738b6e4 Merge pull request #4223 from SparkiDev/mem_usage_fixes_1 
Memory allocation: fixes from memory usage generation
 2021-07-21 08:20:09 -07:00
Hideki Miyazaki
b76d44dad9 add ERR_lib_error_string 2021-07-21 10:31:00 +09:00
Sean Parkinson
dc19ba2aa7 Memory allocation: fixes from memory usage generation 
1. Configuration: If not fast math then don't set ALT_ECC_SIZE when
configuring.
2. ECC KeyShare: Key share entry's key was allocated with type
DYNAMIC_TYPE_PRIVATE_KEY, free with same type.
3. Ed25519: free the SHA-512 temporary object. WOLFSSL_SMALL_STACK_CACHE
builds have dynamicaly allocated data.
4. RSA: Don't keep allocating a new hash object in RsaMGF1 when compiled
with WOLFSSL_SMALL_STACK_CACHE.
 2021-07-21 09:54:11 +10:00
Daniel Pouzzner
2014d39254 fixes for valgrind-detected leaks and undefined data accesses: wolfSSL_{SHA*,MD5}_Final (OpenSSL compat wrappers): call wc_*Free() on sha state that otherwise leaks when _SMALL_STACK_CACHE; test_wc_curve25519_shared_secret_ex(): properly initialize public_key. 2021-07-20 18:26:05 -05:00
Sean Parkinson
60288a5083 Merge pull request #4222 from TakayukiMatsuo/tk12625 
SSL APIs: Add sanity check to some APIs
 2021-07-21 09:00:03 +10:00
David Garske
f18344c191 Fix logic error for calculation of PKCS header size in wolfSSL_i2d_PUBKEY. 2021-07-20 15:11:32 -07:00
David Garske
1a7c8ccbd1 Peer review fixes. 2021-07-20 10:02:16 -07:00
David Garske
be6fd26f54 Fix for backwards compatibility for i2d_PrivateKey. 2021-07-20 10:02:16 -07:00
David Garske
b8ed577e9a Peer review fixes and improvements. Resolves issue with public API compatibility. 2021-07-20 10:02:16 -07:00
David Garske
fd52424dd5 Improvements to PKCS8 handling. 
* Fixes for handling PKCS8 in keys with EVP PKEY. Resolves QT test issues. Replacement to PR #3925.
* Improved code handling for PKCS 8 headers. Change PemToDer to not strip the PKCS8 header.
* Add support in the ECC/RSA/DH key import code to support detection / handling of the PKCS8 header.
* Fix for `wc_RsaKeyToDer` to be exposed with `OPENSSL_EXTRA`.
* Adds EVP PKCS8 test case for RSA and ECC.
* Refactor `test_wolfSSL_OPENSSL_hexstr2buf` to resolve g++ compiler warning.
* Added new `WOLFSSL_TRAP_MALLOC_SZ` build option to trap mallocs that are over a specified size.
 2021-07-20 10:02:16 -07:00
David Garske
673becee74 Merge pull request #4210 from JacobBarthelmeh/Testing 
handle edge case of input buffer malloc'd to location immediately aft…
 2021-07-20 09:56:27 -07:00
TakayukiMatsuo
f630fded44 Add sanity check to some APIs 2021-07-20 13:23:16 +09:00
Hayden Roche
5507a07563 Add support for sblim-sfcb port. 2021-07-19 16:28:44 -07:00
John Safranek
77c9b36b5a Merge pull request #4181 from dgarske/sniffer_keycb 
Sniffer fixes and new sniffer key callback support
 2021-07-19 13:26:17 -07:00
Daniel Pouzzner
186ff2b365 make -DNO_ED25519_KEY_{IMPORT,EXPORT} buildable, and fix api.c and suites.c so that -DNO_ED*_KEY_{IMPORT,EXPORT} pass make check. 2021-07-16 23:07:28 -05:00
Daniel Pouzzner
ac92204c15 make -DNO_ED448_KEY_{IMPORT,EXPORT} buildable 2021-07-16 18:21:30 -05:00
David Garske
070ca6c34d Fixes to properly support sniffer with secure renegotiation. 2021-07-16 14:48:22 -07:00
Daniel Pouzzner
9b43e57ccf ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final(); 
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;

track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;

add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;

add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.

add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;

add macro asserts near top of ed*.h to assure the required hash functions are available;

fix {NO,HAVE}_ED*_{SIGN,VERIFY};

wolfcrypt/test/test.c: add missing key initializations in ed*_test();

wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
 2021-07-16 13:49:47 -05:00