wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 04:22:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,336 Commits 12 Branches 184 Tags
2ace532e4575ecbe89339e124fc172dddf120cae
Commit Graph

10336 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Safranek
2ace532e45 Sync OCTEON fix 
1. The sniffer's global device ID wasn't tagged as global.
2. Make sure the sniffer's global device ID is used.
 2019-11-14 14:21:44 -08:00
John Safranek
7c78130f70 Sync OCTEON fix 
The preprocessor selection for the WOLFSSL_GLOBAL macro for OCTEON wasn't getting selected.
 2019-11-14 14:21:44 -08:00
Chris Conlon
22042830d6 Merge pull request #2588 from kojo1/BasicConst2 
BasicConstraint, compatibility
 2019-11-14 13:16:30 -07:00
Takashi Kojo
dccb2e165e if integer it is valid format with CA = False, 2019-11-14 14:51:58 +09:00
toddouska
99292158e4 Merge pull request #2573 from JacobBarthelmeh/staticmemory 
handle case to avoid memcpy when staticmemory IO pool gives same buffer
 2019-11-13 11:29:13 -08:00
toddouska
76e7e7349b Merge pull request #2575 from tmael/valgrind_dhtest 
Fix memory leak in dh_test
 2019-11-13 11:28:04 -08:00
toddouska
46bc8e092a Merge pull request #2582 from ejohnstown/abi-current 
ABI
 2019-11-13 11:24:45 -08:00
JacobBarthelmeh
e3fb746f1d Merge pull request #2503 from dgarske/openvpn 
wolfSSL Compatibility support for OpenVPN
 2019-11-13 11:04:08 -07:00
David Garske
546442c130 Fix for CAVP test issue trying to use AES_128_KEY_SIZE and AES_IV_SIZE. 2019-11-12 09:43:09 -08:00
David Garske
d8e40dea3f Fixes from peer review: 
* Reduced codesize when building with `OPENSSL_EXTRA_X509_SMALL`.
* Additional argument checks in `wolfSSL_ASN1_BIT_STRING_set_bit`, `wolfSSL_ASN1_STRING_to_UTF8`, `wolfSSL_RSA_meth_new`, `wolfSSL_RSA_meth_set`.
* Fix for compiler warnings in asn.c using strncmp to duplicate string. "specified bound depends on the length of the source argument"
 2019-11-11 15:39:23 -08:00
John Safranek
682cf6deac wolfSSL ABI 
Hide the RNG and ecc_key allocators from FIPS mode builds.
 2019-11-11 15:16:39 -08:00
David Garske
d17748b1ad Fix for EC_GROUP_order_bits and added unit test. 2019-11-11 14:58:23 -08:00
David Garske
2bae1d27a1 wolfSSL Compatibility support for OpenVPN 
* Adds compatibility API's for:
	* `sk_ASN1_OBJECT_free`
	* `sk_ASN1_OBJECT_num`
	* `sk_ASN1_OBJECT_value`
	* `sk_X509_OBJECT_num`
	* `sk_X509_OBJECT_value`
	* `sk_X509_OBJECT_delete`
	* `sk_X509_NAME_find`
	* `sk_X509_INFO_free`
	* `BIO_get_len`
	* `BIO_set_ssl`
	* `BIO_should_retry` (stub)
	* `X509_OBJECT_free`
	* `X509_NAME_get_index_by_OBJ`
	* `X509_INFO_free`
	* `X509_STORE_get0_objects`
	* `X509_check_purpose` (stub)
	* `PEM_read_bio_X509_CRL`
	* `PEM_X509_INFO_read_bio`
	* `ASN1_BIT_STRING_new`
	* `ASN1_BIT_STRING_free`
	* `ASN1_BIT_STRING_get_bit`
	* `ASN1_BIT_STRING_set_bit`
	* `DES_check_key_parity`
	* `EC_GROUP_order_bits`
	* `EC_get_builtin_curves`
	* `EVP_CIPHER_CTX_cipher`
	* `EVP_PKEY_get0_EC_KEY`
	* `EVP_PKEY_get0_RSA`
	* `EVP_PKEY_get0_DSA` (stub)
	* `HMAC_CTX_new`
	* `HMAC_CTX_free`
	* `HMAC_CTX_reset`
	* `HMAC_size`
	* `OBJ_txt2obj`
	* `RSA_meth_new`
	* `RSA_meth_free`
	* `RSA_meth_set_pub_enc`
	* `RSA_meth_set_pub_dec`
	* `RSA_meth_set_priv_enc`
	* `RSA_meth_set_priv_dec`
	* `RSA_meth_set_init`
	* `RSA_meth_set_finish`
	* `RSA_meth_set0_app_data`
	* `RSA_get_method_data`
	* `RSA_set_method`
	* `RSA_get0_key`
	* `RSA_set0_key`
	* `RSA_flags`
	* `RSA_set_flags`
	* `RSA_bits`
	* `SSL_CTX_set_ciphersuites`
	* `SSL_CTX_set_security_level` (stub)
	* `SSL_export_keying_material` (stub)
	* `DSA_bits` (stub)
* Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505.
* Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`.
* Cleanup of "sk" compatibility.
 2019-11-11 14:58:23 -08:00
John Safranek
5a21cec030 wolfSSL ABI 
Add ABI tags to the functions wolfSSL_Cleanup() to match wolfSSL_Init(),
wolfSSL_X509_free to match wolfSSL_load_certificate_file() which
allocates memory.
 2019-11-11 10:16:58 -08:00
Tesfa Mael
68e4014c3f memset DhKeys 2019-11-11 09:43:10 -08:00
toddouska
8246e02756 Merge pull request #2502 from cariepointer/gcm-tls10-fix 
Return error with AES-GCM and negotiated versions < TLSv1.2
 2019-11-08 15:06:54 -08:00
John Safranek
c6fa49d4b4 wolfSSL ABI 
Add the ABI tag to the prescribed list of functions in the header and source files.
 2019-11-08 15:06:18 -08:00
toddouska
44552fe707 Merge pull request #2536 from dgarske/nxp_mmcau_align 
Fix NXP MMCAU when data pointer is not aligned
 2019-11-08 15:02:43 -08:00
toddouska
801ffd4712 Merge pull request #2571 from SparkiDev/asn1_cert_parse_fix 
Ensure space for name string. Reset policy count.
 2019-11-08 15:02:02 -08:00
Tesfa Mael
99ee4a407d Fix mem leak for valgrind 2019-11-08 12:09:46 -08:00
Carie Pointer
39eaaddeae Add tests for AEAD cipher suites with TLSv1.1 and TLSv1.0 2019-11-08 10:04:58 -08:00
JacobBarthelmeh
e329431bc1 Merge pull request #2572 from kaleb-himes/GH2559 
Address logical fallacies and syntax issues in example server, addres…
 2019-11-08 10:18:12 -07:00
John Safranek
c69b6fb6d1 wolfSSL ABI 
1. Add a blank #define WOLFSSL_ABI to tag functions as part of the ABI
to remind developers there are rules about those functions specifically.
2. Added allocators and deallocators for WC_RNG objects and ecc_key
objects so they don't have to be used on the stack.
3. Add tests for the new allocators.
 2019-11-07 13:03:12 -08:00
kaleb-himes
5ce88b5086 seperate sanity checks on size and rnd allocation 2019-11-07 13:12:17 -07:00
Jacob Barthelmeh
fd3e4abb46 handle case to avoid memcpy when staticmemory IO pool gives same buffer 2019-11-07 11:36:20 -07:00
kaleb-himes
ad192786b1 Remove double assignment to pt caught by scan-build test 2019-11-07 11:35:36 -07:00
kaleb-himes
e24059691c Address logical fallacies and syntax issues in example server, addresses GH issue #2559 2019-11-07 10:30:12 -07:00
Sean Parkinson
c06efb6c1f Ensure space for name string. Reset policy count. 
Only set the name string in one place, keeping a length of the name type
to copy. Also only move cert data index once.
Reset certificate extension policy number/count in case of malicious
cert with multiple policy extensions.
 2019-11-07 13:51:50 +10:00
David Garske
0fe5d40507 Merge pull request #2568 from aaronjense/iar-build-fix 
Fix changed sign warning for IAR build
 2019-11-06 15:47:15 -08:00
toddouska
b2270a068f Merge pull request #2566 from SparkiDev/malloc_unused_fix 
Fix unused parameter when XMALLOC doesn't use params
 2019-11-06 13:08:48 -08:00
toddouska
c137c5a3e0 Merge pull request #2565 from SparkiDev/rsa_kg_sp_math 
SP Math and RSA Key Gen working again
 2019-11-06 13:08:19 -08:00
toddouska
1becdb9f3b Merge pull request #2563 from SparkiDev/x509_dname_index 
Check domain name location index hasn't exceed maximum before setting
 2019-11-06 13:07:42 -08:00
toddouska
c995417d54 Merge pull request #2554 from SparkiDev/sp_misrac 
MISRA-C changes to SP plus cppcheck fixes
 2019-11-06 13:06:28 -08:00
toddouska
15d4da1e14 Merge pull request #2562 from JacobBarthelmeh/staticmemory 
fix for memory management on edge case with staticmemory
 2019-11-06 13:04:33 -08:00
toddouska
ba34b0d09f Merge pull request #2547 from SparkiDev/rsa_pss_salt_len 
Compile options for larger salt lengths in RSA-PSS
 2019-11-06 13:03:15 -08:00
tmael
969488434a Merge pull request #2544 from JacobBarthelmeh/SanityChecks 
add null checks (QSH and CRYPTOCELL)
 2019-11-06 12:18:00 -08:00
Aaron Jense
ea77cd743e Fix changed sign warning for IAR build 2019-11-06 09:59:31 -08:00
JacobBarthelmeh
cd7001904a Merge pull request #2561 from ejohnstown/x509-loss 
X.509 and Secure Renegotiation
 2019-11-06 10:53:18 -07:00
Sean Parkinson
d4ca48a513 Fix unused parameter when XMALLOC doesn't use params 2019-11-06 15:46:19 +10:00
Sean Parkinson
65cd8a930e SP Math and RSA Key Gen working again 2019-11-06 15:24:12 +10:00
Tesfa Mael
a6e4926d2f Init variables 2019-11-05 15:14:47 -08:00
Chris Conlon
77c36b5ea9 Merge pull request #2542 from kojo1/BasicConst 
x.509 basic constratint
 2019-11-05 15:38:07 -07:00
Sean Parkinson
52f28bd514 Check domain name location index hasn't exceed maximum before setting 2019-11-06 08:31:04 +10:00
Jacob Barthelmeh
890eb415b1 fix for memory management on edge case with staticmemory 2019-11-05 15:13:26 -07:00
David Garske
165105af95 Merge pull request #2558 from danielinux/pwbased-no-asn 
Allow pwdbased module to compile without ASN
 2019-11-05 13:26:45 -08:00
David Garske
e48cf88a70 Merge pull request #2556 from embhorn/arm-test-fix 
Fix for ARM platforms
 2019-11-05 12:25:56 -08:00
David Garske
c337ce2703 Merge pull request #2560 from cconlon/cavppss 
use wc_RsaPSS_CheckPadding() for selftest build instead of extended
 2019-11-05 12:09:25 -08:00
John Safranek
72e1afbe99 X.509 and Secure Renegotiation 
1. When retaining the handshake resources for a session using resumption, do not delete the peer's certificate. If keeping peer certificates is enabled, the certificate needs to exist so it may be examined.
2. Free the saved peer certificate when receiving a peer certificate during a renegotiation.
 2019-11-05 11:03:34 -08:00
Chris Conlon
e429558166 use wc_RsaPSS_CheckPadding() for selftest build instead of extended 2019-11-05 10:48:36 -07:00
Daniele Lacamera
51ea806d8b Allow pwdbased module to compile without ASN 2019-11-05 10:16:46 +01:00