Commit Graph

3351 Commits

Author SHA1 Message Date
Jacob Barthelmeh 016f7357d2 increase test buffer size to account for edge case 2017-10-26 16:19:56 -06:00
Sean Parkinson 323db1a95d Fix no ECC builds with TLS13 code.
Fix tests so that having ECC disabled works as well.
Fix define protection for Draft 18 and HRR Cookie.
2017-10-24 09:11:24 -07:00
toddouska 8a01d725da Merge pull request #1177 from dgarske/certreq_tests
Testing improvements for cert gen and TLS cert validation
2017-10-24 08:21:37 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske 024c8725ad Testing improvements for cert gen and TLS cert validation:
* Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled.
* Added new ECC CA for 384-bit tests.
* Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem)
* Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL.
* Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`.
* Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function.
* Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack).
* Cleanup to combine all certificate subject information into global `certDefaultName`.
* Updated cert request info to use wolfSSL instead of Yassl.
* Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`.
* Re-number error codes in rsa_test.
* Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.
2017-10-19 16:17:51 -07:00
David Garske c9558ee27b Updated a few more old names. Added PR for new configs to Jenkins. 2017-10-18 10:38:27 -07:00
toddouska b79b816276 Merge pull request #1168 from dgarske/ctx_get_cm
Add method to get WOLFSSL_CTX certificate manager
2017-10-13 09:13:54 -07:00
David Garske 6021c37ec7 Refactor WOLF_SSL_ to WOLFSSL_ (much better). 2017-10-11 09:10:43 -07:00
David Garske 6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
David Garske 19ea4716f3 Add unit tests for wolfSSL_CTX_GetCertManager, wolfSSL_CTX_UnloadCAs, wolfSSL_CertManagerUnloadCAs and wolfSSL_CTX_get_cert_cache_memsize. Fixed comment typo PERSISTE_CERT_CACHE. 2017-10-03 10:00:20 -07:00
Jacob Barthelmeh 8cd0b7dfc7 fix for wolfSSL_ASN1_TIME_print function 2017-09-28 15:30:46 -06:00
Koichi Tsujino b172585fc3 Resolved conflicts 2017-09-26 09:01:23 +09:00
Koichi Tsujino e8f95b9252 add EVP_get_cipherbynid 2017-09-26 08:58:36 +09:00
dgarske 2c4844d5ef Merge pull request #1146 from ejohnstown/compat
OpenSSL Compatibility Additions and Fixes
2017-09-22 14:19:28 -07:00
Jacob Barthelmeh 80333979a9 fix for wolfSSL_X509_NAME_get_text_by_NID 2017-09-20 17:31:53 -06:00
kaleb-himes 5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
kaleb-himes 60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
John Safranek 2620cb4559 OpenSSL Compatibility Additions and Fixes
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
2017-09-18 13:53:44 -07:00
David Garske a5eaecaa0e Fix unit API test call to wolfSSL_CertManagerLoadCA when building without file system. 2017-09-11 06:51:27 -07:00
Jacob Barthelmeh 61ff3e136a fix memory management in unit test with --disable-fastmath 2017-08-28 16:23:44 -06:00
Chris Conlon 73b8be8fcc Merge pull request #1039 from jrblixt/unitTest_api_addDsa-PR07192017
Add Dsa unit test functions.
2017-08-22 15:46:46 -06:00
David Garske 84a396b7dc Additional init fixes for unit tests based on async valgrind report. 2017-08-17 12:41:18 -07:00
David Garske c06e672eb7 Added missing AES/DES3/HMAC init functions for helping with valgrind reports on unitialized use for async markers. 2017-08-17 09:58:46 -07:00
jrblixt 9909c8428c Code review changes per Chris. 2017-08-16 16:08:50 -06:00
David Garske 1f80fb952f Fix issue with using wrong asyncDev in ConfirmSignature. Fix un-initialized Hmac in API unit tests. 2017-08-15 21:20:32 -07:00
jrblixt dd5430d188 Code review changes, Chris. 2017-08-14 16:09:35 -06:00
jrblixt 3c1140d90e Re-order hash functions in unit test. 2017-08-09 15:23:01 -06:00
toddouska e77e93ef2e Merge pull request #1065 from JacobBarthelmeh/Testing
update DTLS export session version and tests
2017-08-02 11:40:38 -07:00
Jacob Barthelmeh af0514704f place macro guard on test of RSA-OAEP with SHA1 dependency 2017-08-01 11:46:49 -06:00
Jacob Barthelmeh e1ccc5acad update DTLS export session version and tests 2017-07-28 14:27:24 -06:00
jrblixt 3560eed52b Add Dsa unit test functions. 2017-07-26 09:01:36 -06:00
Jacob Barthelmeh 4fead493e7 add to return values checked 2017-07-25 14:44:40 -06:00
Jacob Barthelmeh 4438b8e92d update unit test case with DES3 and FIPS 2017-07-25 14:42:17 -06:00
Jacob Barthelmeh 5b0022fba0 HMAC key size when testing with FIPS 2017-07-25 14:42:17 -06:00
Jacob Barthelmeh 1b80e5a75f check return values with new unit tests 2017-07-25 14:42:17 -06:00
toddouska ef98e96767 Merge pull request #1058 from jrblixt/fix-AesFipsSanityCheck
Unit test GCM sanity check Fips change.
2017-07-25 13:30:35 -07:00
toddouska a076a2f0d8 Merge pull request #1055 from JacobBarthelmeh/Memory
fix memory management with --enable-fast-rsa make key and free RSA ke…
2017-07-25 11:03:16 -07:00
jrblixt f8e2f596d6 Unit test GCM sanity check Fips change. 2017-07-25 09:23:19 -06:00
Chris Conlon e9f87b9f33 Merge pull request #1054 from jrblixt/fix-RsaSetRng
Fix rsa set rng
2017-07-25 09:16:14 -06:00
Jacob Barthelmeh 1040bbde16 fix memory management with --enable-fast-rsa make key and free RSA key before calling make key function 2017-07-24 16:20:27 -06:00
toddouska be61d7fca3 Merge pull request #1044 from ejohnstown/dtls-multicast
DTLS Multicast
2017-07-24 14:20:26 -07:00
jrblixt 6df9bc07a4 RSA Fips harness fix. 2017-07-24 13:21:06 -06:00
jrblixt e68ceb3d2c Guard against WC_RSA_BLINDING in api.c unit test. 2017-07-24 09:51:50 -06:00
John Safranek 96c25b2caa DTLS Multicast
1. Separated the peer ID from the array index into the peer sequence
   list. This allows peer IDs to range from 0..255, and to have an
   arbitrary size for the sequence list.
2. Add API to add and remove peer IDs from the sequence number list.
2017-07-19 13:33:58 -07:00
jrblixt f83a593f27 Added Free functions to hash unit test. 2017-07-19 14:28:41 -06:00
John Safranek b616b8df02 Multicast DTLS
1. Update API
2. Update unit test
3. Partially implemented wolfSSL_set_secret().
2017-07-19 13:26:23 -07:00
John Safranek 0838a3828b Multicast DTLS
1. Added new cipher suite for use with Multicast DTLS,
   WDM_WITH_NULL_SHA256. (It should be a private suite.)
2. Update the API test to use the new suite.
2017-07-19 13:26:23 -07:00
John Safranek 5154584576 Multicast DTLS
1. Add DTLS-multicast to the enable options.
2. Reorg DTLS related enable options together.
3. Update a couple enable option texts to use the AS_HELP_STRING() macro.
4. Add three new APIs for managing a DTLS Multicast session.
5. Add test code for new APIs.
6. Add stub code for the new APIs.
2017-07-19 13:26:23 -07:00
jrblixt 5c19b7bfe0 Changes per Chris. 2017-07-19 11:24:56 -06:00
jrblixt d2245b9614 Unit test functions for HC128. 2017-07-19 09:18:48 -06:00