Commit Graph

23716 Commits

Author SHA1 Message Date
Colton Willey 1afbf55a80 Fix new build error after refactor 2024-10-23 16:55:34 -05:00
Colton Willey 6607314dc6 Address code comments, rewrite get issuer internals, use better internal names, get rid of all lines over 80 chars 2024-10-23 16:55:34 -05:00
Colton Willey f0fae6506f Fix windows warnings 2024-10-23 16:55:34 -05:00
Colton Willey 98eb6b398c Fix for windows builds 2024-10-23 16:55:34 -05:00
Colton Willey f7bfa71d9f Implement support for verify flag X509_V_FLAG_PARTIAL_CHAIN 2024-10-23 16:55:34 -05:00
Colton Willey 12f4f69fb4 Allow intermediate CA certs without keycertsign when added through X509 STORE 2024-10-23 16:55:34 -05:00
Colton Willey 38c7de1707 Fixes for CI build errors 2024-10-23 16:55:34 -05:00
Colton Willey 17c9e92b7f Initial rewrite of X509 STORE to replicate openssl behavior 2024-10-23 16:55:34 -05:00
Daniel Pouzzner 82273094e0 Merge pull request #8107 from JacobBarthelmeh/aesgcm
fix for state of aes.gcm.H on re-use
2024-10-23 16:52:42 -05:00
JacobBarthelmeh 1d25e0f89b Merge pull request #8104 from gojimmypi/pr-vs2022-wolfssl-name
Name VS2022 binary output wolfssl via project name
2024-10-23 15:36:55 -06:00
JacobBarthelmeh 8fbf6a59bc Merge pull request #8105 from kareem-wolfssl/zd18825
Fix 256-bit ECC conditional in ecc_map_ex.
2024-10-23 15:19:50 -06:00
JacobBarthelmeh d0f5778429 fix for state of aes.gcm.H on re-use 2024-10-23 15:04:06 -06:00
Kareem 8986a9dae0 Fix 256-bit ECC conditional in ecc_map_ex. 2024-10-23 11:12:48 -07:00
gojimmypi e3c9c07393 Name VS2022 binary output wolfssl via project name 2024-10-23 09:51:18 -07:00
Daniel Pouzzner 6e14889758 Merge pull request #8094 from JacobBarthelmeh/coverity
minor fixes for Coverity reports
2024-10-23 11:26:33 -05:00
JacobBarthelmeh beeda7bc6f Merge pull request #8100 from douzzer/20241022-cleanups
20241022-cleanups
2024-10-23 10:08:57 -06:00
Daniel Pouzzner ea491b80ef tests/api.c: gate test_GENERAL_NAME_set0_othername() on OPENSSL_ALL, not OPENSSL_EXTRA, as it fails with --enable-all-crypto --enable-opensslextra, and is commented to require --enable-opensslall. 2024-10-23 00:02:29 -05:00
Daniel Pouzzner 3bbd00f918 wolfcrypt/src/asn.c: tweak retval handling in MakeSignature() CERTSIGN_STATE_DO section for the benefit of WOLFSSL_DEBUG_TRACE_ERROR_CODES. 2024-10-23 00:02:29 -05:00
Daniel Pouzzner 508555c927 configure.ac: add several missing low level crypto algorithms to all-crypto that are already included indirectly in enable-all. 2024-10-23 00:02:29 -05:00
Daniel Pouzzner 30181f2ced configure.ac: for reproducible-build, use --build-id=sha1, not --build-id=none, to support users relying on build-id in the linked object. 2024-10-23 00:02:29 -05:00
Daniel Pouzzner bffcfb7efc wolfcrypt/src/ecc.c: in wc_ecc_get_curve_id_from_oid(), deconditionalize guard against zero-length len added in 03a6eed037, to fix test_wc_ecc_get_curve_id_from_oid() failing in cross-mingw-all-crypto. 2024-10-23 00:02:29 -05:00
Daniel Pouzzner 6429315216 fix references to misnamed HAVE_SHA224, HAVE_SHA384, HAVE_SHA512 (correct names have WOLFSSL_ prefixes). 2024-10-23 00:02:28 -05:00
JacobBarthelmeh 43fe46cf24 Merge pull request #8099 from dgarske/armasm_aes
Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member
2024-10-22 17:29:45 -06:00
David Garske 5a0bb3a3ed Fix issue with ARM ASM with AES CFB/OFB not initializing the "left" member. ZD 18841. 2024-10-22 14:30:54 -07:00
JacobBarthelmeh f21a763ae9 return out of test function if failing RNG init 2024-10-22 14:22:46 -06:00
JacobBarthelmeh 18150a11aa CID 426062,426063 initialization and free check 2024-10-22 00:24:29 -06:00
JacobBarthelmeh 27267d7d2e CID 426066 fix check if null before free 2024-10-22 00:21:26 -06:00
Daniel Pouzzner 846ef1570d Merge pull request #8096 from philljj/fix_coverity_more
Fix more coverity errors.
2024-10-21 23:57:56 -05:00
Daniel Pouzzner f8fc31e134 Merge pull request #8090 from gojimmypi/pr-visual-studio-2022
Add Visual Studio 2022 Project Files for wolfSSL, Test, & Benchmark
2024-10-21 23:56:57 -05:00
Daniel Pouzzner 805eaa90cc Merge pull request #7797 from julek-wolfssl/softhsm
Init SoftHSMv2 support
2024-10-21 23:56:12 -05:00
jordan 5fd9e99bbd coverity: don't overwrite obj in wolfSSL_X509_get_ext_d2i. 2024-10-21 20:49:34 -05:00
JacobBarthelmeh b535d9f752 Merge pull request #8093 from philljj/fix_coverity
Fix coverity
2024-10-21 16:45:51 -06:00
gojimmypi ee24446bee Add Visual Studio 2022 Project Files for wolfSSL, Test, & Benchmark 2024-10-21 14:05:51 -07:00
jordan 5690af82dc wolfcrypt test: fix double free. 2024-10-21 15:57:24 -05:00
jordan 35def11781 coverity: fix error, and cleanup. 2024-10-21 14:59:32 -05:00
JacobBarthelmeh 104c805b82 Merge pull request #8092 from douzzer/20241021-wc_FreeRsaKey-WOLFSSL_XILINX_CRYPT
20241021-wc_FreeRsaKey-WOLFSSL_XILINX_CRYPT
2024-10-21 13:26:55 -06:00
Daniel Pouzzner 38c337967e Merge pull request #8086 from bandi13/addDependency
Need 'libfile' for license.pl
2024-10-21 14:20:42 -05:00
Daniel Pouzzner 25da3bfe5f Merge pull request #8070 from JacobBarthelmeh/testing_static_memory
use heap hint with wolfSSL_CTX_check_private_key
2024-10-21 13:57:55 -05:00
JacobBarthelmeh 8a71c3b3db Merge pull request #8066 from gojimmypi/pr-espressif-wolfcrypt
Apply various Espressif compatibility updates
2024-10-21 11:36:24 -06:00
Daniel Pouzzner f24b987f59 wolfcrypt/src/rsa.c: fix wc_FreeRsaKey() WOLFSSL_XILINX_CRYPT XFREE() call to pass key->heap as before. 2024-10-21 12:26:29 -05:00
gojimmypi 187a9b5b4d Apply various Espressif compatibility updates 2024-10-21 09:20:32 -07:00
JacobBarthelmeh bc0a2c43e6 avoid warning for unused parameter with certain build configurations 2024-10-21 10:04:26 -06:00
JacobBarthelmeh efff8e096c Merge pull request #8076 from gojimmypi/pr-update-espressif-examples
Update Espressif Examples
2024-10-21 09:57:29 -06:00
Juliusz Sosinowicz 901384e704 Init SoftHSMv2 support
- wolfSSL_EVP_PKEY_set1_DH: If both private and public present, output private key
- ToTraditionalInline_ex2: Add DH checking
- wc_ecc_get_curve_id: check index is not negative
- Fix i2d_PKCS8_PRIV_KEY_INFO to actually output pkcs8 instead of just der
- wolfSSL_EVP_PKEY2PKCS8: Create duplicate to avoid double free
- wolfSSL_DH_generate_key: Fix case where not enough buffer was allocated for 128 bit case
- pkcs8_encode: Add DSA and DH support
- wolfSSL_d2i_PKCS8_PKEY: Correctly advance buffer
- RSA_LOW_MEM: export all integers in compat layer
- Add softhsm action
- Define
  - OPENSSL_DH_MAX_MODULUS_BITS
  - OPENSSL_DSA_MAX_MODULUS_BITS
  - OPENSSL_RSA_MAX_MODULUS_BITS
- Implement
  - BN_mul_word
  - i2d_ECPKParameters
  - PEM_write_bio_PKCS8_PRIV_KEY_INFO
  - PEM_read_bio_PKCS8_PRIV_KEY_INFO
  - i2d_PKCS8_PRIV_KEY_INFO
  - RSA_padding_add_PKCS1_PSS_mgf1
  - RSA_verify_PKCS1_PSS_mgf1
2024-10-21 17:26:42 +02:00
JacobBarthelmeh 8fda4ce147 use heap hint with wolfSSL_CTX_check_private_key 2024-10-21 08:53:15 -06:00
JacobBarthelmeh ef063aac2f Merge pull request #8091 from julek-wolfssl/openvpn-action-update
openvpn action: remove v2.6.0 as certs have expired
2024-10-21 08:50:53 -06:00
Juliusz Sosinowicz e1aba52e51 openvpn action: remove v2.6.0 as certs have expired 2024-10-21 13:50:36 +02:00
philljj ea3a79e216 Merge pull request #8089 from douzzer/20241017-wc-delete-methods
20241017-wc-delete-methods
2024-10-19 11:07:19 -05:00
Daniel Pouzzner 996986d0c1 refactor wc_AesDelete, wc_curve25519_delete, wc_ed25519_delete, wc_HashDelete, and wc_DeleteRsaKey to take two arguments, the first a required pointer to the object, the second an optional pointer to the pointer to be zeroed upon successful deletion, for the benefit of calling from C# without unsafe code.
wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs: update for new calling conventions around wc_AesNew, wc_curve25519_new, wc_ed25519_new, wc_HashNew, and wc_NewRsaKey, and the corresponding delete functions.
2024-10-18 21:13:38 -05:00
Daniel Pouzzner f44d12026a wolfssl/wolfcrypt/{aes.h,curve25519.h,ed25519.h,hash.h,rsa.h}: remove unneeded .isAllocated member from struct definitions, and add int *result_code argument to constructor prototypes;
wolfssl/wolfcrypt/aes.h: add Aes.streamData_sz;

src/tls13.c: fix devId passed to wc_HmacInit() in CreateCookieExt() and TlsCheckCookie();

src/keys.c: in SetKeys(), call wc_HmacInit() on hmacs only if newly allocated;

wolfcrypt/src/aes.c:
* in wc_Gmac(), wc_GmacVerify(), and AesSivCipher(), use wc_AesNew() and wc_AesDelete();
* in wc_AesInit(), zero the object on entry, and remove superseded piecemeal initializations to zero;
* in wc_AesFree(), zero aes->streamData, and zero the entire object as final cleanup;

wolfcrypt/src/curve25519.c: in wc_curve25519_free(), zero the entire object rather than zeroing piecemeal;

wolfcrypt/test/test.c:
* add fallback implementations (for old FIPS) of wc_HashNew(), wc_HashDelete(), wc_curve25519_new(), wc_curve25519_delete(), wc_ed25519_new(), and wc_ed25519_delete();
* update constructor calls throughout for new semantics;
* refactor ed25519_test() for proper cleanup and error encoding.
2024-10-18 17:49:28 -05:00