Commit Graph

8768 Commits

Author SHA1 Message Date
Jacob Barthelmeh f74406d2c9 check max key size with ocsp stapling test 2018-08-15 09:52:43 -06:00
David Garske 3d16f891d4 Fix to check for buffer overrrun with the additional padding in PKCS12 EncryptContent function. 2018-08-14 19:20:24 -06:00
David Garske cdff2869c2 Fixes for building with WC_NO_RNG (applies to wolfCrypt only builds). Tested with ./configure --enable-cryptonly CFLAGS="-DWC_NO_RNG" && make. 2018-08-14 18:53:25 -06:00
Eric Blankenhorn 2420af3cf2 Merge pull request #1758 from dgarske/certext
Fix for building certext without certgen
2018-08-14 17:00:51 -05:00
toddouska 9ad059542a Merge pull request #1745 from dgarske/ecc_export_hex
Added new ECC export API's to support export as hex string
2018-08-14 14:19:23 -07:00
toddouska e2de988f98 Merge pull request #1739 from dgarske/asio
Fixes to openssl compatibility for Boost.Asio with SSF
2018-08-14 14:18:08 -07:00
David Garske d1e13a973c Fix for building WOLFSSL_CERT_EXT without WOLFSSL_CERT_GEN due to missing CTC_MAX_EKU_OID_SZ. Change to allow --enable-certext without certgen. 2018-08-14 15:00:56 -06:00
David Garske 1c297b3ac4 Cleanup of some macro logic for enabling the mp_toradix. 2018-08-14 12:58:00 -06:00
David Garske f23915baa1 Fix for BIO ssl case, which is not supported (for the Boost.Asio project this isn't required either). 2018-08-14 12:44:31 -06:00
David Garske 6ca56ee98c Fix to handle carriage return case in PEM end of line character handling (for Windows). Cleanup to consolidate duplicate end of line character handling code. 2018-08-14 12:22:18 -06:00
David Garske ff7d2fefdc Fix for DH max size calc not including DH_Pub. 2018-08-14 12:22:18 -06:00
David Garske 7b83db0f65 Fix for PemToDer which was not properly handling extra new lines at end of file. 2018-08-14 12:22:18 -06:00
David Garske eca64717be Fix for BIO_wpending to work correctly. 2018-08-14 12:22:18 -06:00
David Garske 17e102d914 Fixes for asio build options (so includes OPENSSL_EXTRA). Fix for bad named variable shutdown. Fix for the side size in Options struct to support WOLFSSL_SIDE_NEITHER (3). Fix to set the side on wolfSS_connect() or wolfSS_accept(). 2018-08-14 12:22:18 -06:00
David Garske be33e69b22 Refactor to rename wc_ecc_export_int to wc_export_int for generic API for exporting an mp_int as hex string or unsigned bin. 2018-08-14 12:17:20 -06:00
David Garske 368227be2c Fix to make sure fp_div_d is available. 2018-08-14 12:05:22 -06:00
David Garske c073aee87c Added new ECC export API's to support export as hex string. New API's are wc_ecc_export_ex and wc_ecc_export_int. For hex string use ECC_TYPE_HEX_STR as encType arg. Refactor to reduce duplicate code. Build fixes for NO_ECC_KEY_EXPORT. 2018-08-14 12:05:22 -06:00
David Garske 04c2b51b4d Fix for padding size calculation and cast warning. 2018-08-14 11:49:21 -06:00
Jacob Barthelmeh 278fd9c054 update condition for include of sys/time.h 2018-08-14 10:51:05 -06:00
David Garske d823d6f7b6 Fix to resolve padding issue with PKCS 8 encryption. 2018-08-14 10:51:04 -06:00
Kaleb Himes 64f553d944 Merge pull request #1755 from ejohnstown/scan-build-fix
Scan-Build Fix
2018-08-14 10:11:02 -06:00
David Garske aee4aea64d Merge pull request #1748 from JacobBarthelmeh/Testing
call hamc init with blake2 software test
2018-08-14 10:07:01 -06:00
toddouska d4f908c372 Merge pull request #1728 from JacobBarthelmeh/HardwareAcc
Add build for AF_ALG
2018-08-13 16:27:51 -07:00
toddouska a3627106ea Merge pull request #1753 from dgarske/gcc_arm_fips
Enhancements to the GCC-ARM example
2018-08-13 16:20:13 -07:00
John Safranek 91d2b17139 Scan-Build Fix
1. Initialize the sz variable in wc_BerToDer().
2018-08-13 14:37:04 -07:00
David Garske f44d42b1c8 Enhancements to the GCC-ARM example to support FIPS and additional build options. Added examples for memory overrides and standard library overrides. Fixes for building without test, benchmark or TLS. Changed the ARM startup code to only work for the Cortex M0 example using the define USE_WOLF_ARM_STARTUP. 2018-08-13 12:22:14 -06:00
John Safranek 5caaa94868 Merge pull request #1754 from dgarske/fix_fipsv2
Fix for FIPS PRB error with CAVP test
2018-08-13 11:18:33 -07:00
Jacob Barthelmeh b71c2ddf38 call hamc init with blake2 software test 2018-08-13 08:58:01 -06:00
David Garske 93a7b76da5 Fix missing RSA_MIN_SIZE and RSA_MAX_SIZE and case where HAVE_FIPS_VERSION is not defined. 2018-08-13 08:18:51 -06:00
David Garske 80e46253d9 Fix for FIPS v1 CAVP case so the wc_RsaExportKey and wc_CheckProbablePrime functions are available. Cleanup to remove unused ERROR_OUT. 2018-08-13 06:25:55 -06:00
Eric Blankenhorn bb574d28b2 Support for more cert subject OIDs and raw subject access (#1734)
* Add businessCategory OID
* Raw subject support methods
* Support for jurisdiction OIDs
* Wrap in WOLFSSL_CERT_EXT
* Adding tests
2018-08-12 12:53:29 -07:00
David Garske 6d10efe79c Merge pull request #1752 from kaleb-himes/ocsp-stapling-pzero-take2
Use port 0 (dynamic) solution on servers and clients in addition to ocsp responders. Fix for OCSP tests when running concurrently.
2018-08-10 15:15:43 -07:00
kaleb-himes 280de47d06 Use pzero solutions on servers and clients in addition to ocsp responders 2018-08-10 14:17:17 -06:00
kaleb-himes c288a214b1 give servers time to shut-down after client connection 2018-08-10 11:57:35 -06:00
kaleb-himes ba3bc59771 further test control over ocsp-stapling tests 2018-08-10 11:44:16 -06:00
kaleb-himes 735e4a0986 ocsp stapling tests to wait until unit tests are complete 2018-08-10 11:18:04 -06:00
kaleb-himes 6113f68c21 make renewcerts-for-test use portable function declaration 2018-08-10 10:40:16 -06:00
kaleb-himes 35dbf9a6fe address file restoration issue present when git not available 2018-08-10 10:24:42 -06:00
JacobBarthelmeh a9a9dd257e Merge pull request #1743 from kaleb-himes/ocsp-logic-update
update ocsp test case for portability and informative updates on use …
2018-08-08 10:45:26 -06:00
kaleb-himes c7f1d810c3 update ocsp test case for portability and informative updates on use of environment variable 2018-08-07 10:42:18 -06:00
toddouska cc1680dc98 Merge pull request #1741 from dgarske/verify_cb
Refactor of the verify callback
2018-08-06 13:12:54 -07:00
David Garske 56974c099e Improved the logic for WOLFSSL_ALWAYS_VERIFY_CB to be more explicit and updated comments. 2018-08-06 11:40:35 -07:00
David Garske c4ea50b956 Fix for issue with using CopyDecodedToX509 again for existing X509 and freeing the altNames in original. Fix was to use the ssl->peerCert directly for the index 0 cert. Improvement to make sure ex_data is always populated. Added NULL arg check on wolfSSL_get_peer_certificate. 2018-08-06 11:40:35 -07:00
David Garske 7d39a897dc Refactor of the verify callback to eliminate duplicate code and provide consistency with various build options. Documented build options and added code comments in new DoVerifyCallback function. Added documentation in test.h myVerify function for arguments and return code. Fix from commit da1ac36 which added current_cert to WOLFSSL_X509_STORE_CTX, but is only required for ASIO compatibility and is not used. 2018-08-06 11:40:35 -07:00
David Garske 30d6c0c1fc Merge pull request #1737 from ejohnstown/ocsp-free
OCSP Free
2018-08-06 09:08:01 -07:00
Jacob Barthelmeh 30e787b10c create buffer with structure copy and set fd after close 2018-08-03 16:46:15 -06:00
Jacob Barthelmeh 7726786998 fix comment and remove duplicate free 2018-08-03 15:04:37 -06:00
David Garske 738a121d61 Merge pull request #1740 from ejohnstown/null-check
NULL Check
2018-08-03 13:53:53 -07:00
toddouska b88d60ecbb Merge pull request #1665 from ejohnstown/mr
Prime Number Testing
2018-08-03 12:50:27 -07:00
John Safranek f6a8a2f5bd NULL Check
When using the async option, the RSA key is checked on the first call to
DoTls13CertificateVerify() when the async state machine is set up. On
the subsequent call, the pointer to the key isn't checked again. Added a
check. (This was from a static analysis report.)
2018-08-03 11:09:43 -07:00