Commit Graph

8768 Commits

Author SHA1 Message Date
John Safranek 368b5b1072 Merge pull request #1729 from kaleb-himes/init-array
Initialize array to zero(s)
2018-08-02 16:33:37 -07:00
John Safranek f45dbed8f9 OCSP
1. Modify the other OCSP Stapling scripts to better manage the OCSP responder.
2. Modify the client's W option to take:
 - 1 for Stapling v1
 - 2 for Stapling v2
 - 3 for Stapling v2 MULTI
3. Modify the client to disallow stapling v2 with TLSv1.3.
2018-08-02 16:25:38 -07:00
David Garske a43d4d16ba Merge pull request #1719 from MJSPollard/OpenSSLAllFix
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
2018-08-02 15:20:27 -07:00
David Garske a915c3a381 Merge pull request #1738 from ejohnstown/DH
DH SP Fix
2018-08-02 15:04:33 -07:00
Kaleb Himes 660c3300e1 Merge pull request #1730 from dgarske/dertoc
Added handy script for converting DER file to C array
2018-08-02 15:54:15 -06:00
John Safranek 5ae45436f4 OSCP
1. Added a missed attr files for the OSCP status files. Bare minimum attr.
2. Added the attr files to the automake include.
3. Fix out of bounds read with the OCSP URL.
2018-08-02 14:50:59 -07:00
JacobBarthelmeh 782ea74fbf Merge pull request #1732 from kojo1/Ticket-4169-2
Ticket 4169: eliminate ssl->CBIORecv/Send overwritten in SSL_set_bio
2018-08-02 14:58:25 -06:00
JacobBarthelmeh 99b556c07d Merge pull request #1735 from embhorn/zd4179
Fix for resource leak
2018-08-02 14:27:04 -06:00
John Safranek c71f730d67 OSCP
1. Made killing the OCSP server process more reliable.
2. Added attr files for the OSCP status files. Bare minimum attr.
3. Added a NL to the error string from the client regarding external tests.
2018-08-02 11:32:36 -07:00
kaleb-himes ddec878152 Disable external tests for OCSP scripts 2018-08-02 10:03:47 -06:00
Eric Blankenhorn b248af6f84 Update from review 2018-08-02 10:59:07 -05:00
kaleb-himes a178764a8b Portability and self-cleanup changes to ocsp test scripts 2018-08-02 09:47:13 -06:00
kaleb-himes 93c2f3b170 Initialize array to zero(s) 2018-08-02 09:21:09 -06:00
Takashi Kojo fd75f35801 fix cbioFlag check 2018-08-02 10:18:09 +09:00
John Safranek 6527c2a724 DH SP Fix
When doing the sp_2048_mod_exp_*() is processed, one of the index
variables is masked with 0x1f when it was updated. Added the masking to
the initial set of the index.
2018-08-01 16:32:22 -07:00
John Safranek c87d6b27e2 OCSP Free
Free the OCSP request when creating the response only if there is an error making the request.
2018-08-01 15:34:43 -07:00
David Garske 0ccdefb8d0 Merge pull request #1733 from ejohnstown/des-iv
Fix DES IV value
2018-08-01 14:57:26 -07:00
John Safranek 7647d52d77 Prime Number Testing
1. Remove a copy-paste error when clearing up the RNG used to test a prime.
2. Tag a some const test values as static in the wolfCrypt test.
2018-08-01 14:49:06 -07:00
JacobBarthelmeh 244d931e75 Merge pull request #1721 from kaleb-himes/cleanup-debug
Cleanup debug errors
2018-08-01 15:01:25 -06:00
Eric Blankenhorn ba2f0fd8fc Fix for zd4179, 4181, 4182 2018-08-01 15:56:15 -05:00
John Safranek 5ca2ff187b DES IV
Change the DES_IV_SIZE back to 8 bytes, rather than 16.

DES/DES3 was passing the wolfCrypt test becuase the main DES code uses
the DES_BLOCK_SIZE when handling the IV. The TLS/SSL code uses the
DES_IV_SIZE when generating the session keys.
2018-08-01 13:08:52 -07:00
Takashi Kojo 98f6ae16ca copy cbioFlag from ctx to ssl 2018-08-02 04:48:39 +09:00
toddouska 8bc5bc227d Merge pull request #1634 from ejohnstown/gcc-8-fixes
GCC-8 String Fixes
2018-08-01 12:13:10 -07:00
toddouska da096497e0 Merge pull request #1727 from dgarske/memdocs
Documented memory build options
2018-08-01 12:12:34 -07:00
Jacob Barthelmeh ce5e787afc formating and sanity check on pointer with test case 2018-08-01 11:57:36 -06:00
David Garske dba8131b19 Merge pull request #1731 from ejohnstown/redundant-cert
redundant certificate fix
2018-08-01 10:42:30 -07:00
David Garske a72cbcf8eb Merge pull request #1726 from ejohnstown/memcb-test
memory callback test fix
2018-08-01 10:05:14 -07:00
JacobBarthelmeh cb756397b3 inital AES-CBC with af_alg
progress on AES-GCM with AF_ALG and add SHA256

add aes-gcm test cases and finish logic of aes-gcm with AF_ALG

formating of tabs and white space

add files to dist

adding ecb and ctr mode with af_alg

make length of buffers for ctr be AES_BLOCK_SIZE

formating and add support for sha256 copy/gethash

sanity checks on arguments

cast return values and valgrind tests

make it easier to use sha256 with af_alg

remove hard tabs

add endif for after rebase
2018-08-01 08:54:20 -06:00
Takashi Kojo 96c1a567f0 #4169: CBIO set flag to escape from overwritten in SSL_set_bio 2018-08-01 19:16:42 +09:00
John Safranek 61ac7315e2 a certificate was named in an automake include that isn't actually in the tree, a similar named certificate is actually used 2018-07-31 17:25:35 -07:00
David Garske 72aef0ab11 Added handy script for converting DER file to C array. Example: ./scripts/dertoc.pl ./certs/server-cert.der server_cert_der_2048 server-cert.c. 2018-07-31 15:57:02 -07:00
John Safranek f5b3de6b54 GCC-8 string fixes
1. Found one more case where a string is copied, potentially without the null. In wc_ports w.r.t. directory and file names.
2018-07-31 14:02:44 -07:00
John Safranek 7053830628 GCC-8 string fixes
Fix for the Windows directory search code.
2018-07-31 14:02:44 -07:00
John Safranek af89458af0 GCC-8 string fixes
1. strncpy needs to include the source string's NULL.
2. Deleted a few redundant string modifications.
2018-07-31 14:02:44 -07:00
John Safranek ed208efc4d GCC-8 string fixes
1. Modify wolfSSL_get_ciphers() to limit the XSTRNCPY based on the dst buf length, not the src string.
2018-07-31 14:02:44 -07:00
John Safranek 2e1a1681ec GCC-8 string fixes
1. strncat() does not like to copy single byte strings with "n = 1", as it won't null-terminate.
2. strncpy()'s len parameter is the size of the dst not the src.
3. Replaced the echoserver HTTP response composition of const strings with a copy of a single string.
2018-07-31 14:02:44 -07:00
John Safranek 50372b7033 Memory Callback
1. Allow SetAllocators to use NULL as a callback. Memory wrappers will use default with NULL.
2. Remove the ResetAllocators function. Use SetAllocators with NULL.
3. Modify memory tracker to save the old allocators on init and restore them on cleanup.
2018-07-31 09:30:03 -07:00
David Garske 0e1588f4ad Documented memory build options. Added logging for normal wolf malloc/free opterations when using WOLFSSL_DEBUG_MEMORY and WOLFSSL_DEBUG_MEMORY_PRINT (previously only worked with WOLFSSL_STATIC_MEMORY and WOLFSSL_TRACK_MEMORY). Changed WOLFSSL_MALLOC_CHECK option to use WOLFSSL_MSG. 2018-07-31 09:03:40 -07:00
kaleb-himes fe08b98117 Adjust guards following peer review 2018-07-31 09:50:44 -06:00
David Garske 2b3f94944d Merge pull request #1723 from kaleb-himes/overhead-avoidance
avoid overhead call to alloc and free when sigSz invalid
2018-07-31 08:14:49 -07:00
toddouska f18351fef5 Merge pull request #1718 from dgarske/memtest
New memory testing feature and fixes for null checks
2018-07-31 07:56:29 -07:00
toddouska f5bd376450 Merge pull request #1720 from dgarske/stsafe_wolf
Added STM32L4/ST-Safe support. Fixes for AES CBC Decrypt w/CubeMX
2018-07-31 07:41:49 -07:00
David Garske 0f86494161 * Added support for STM32L4 AES hardware crypto.
* Added reference PK callbacks functions for ECC sign, verify and shared secret used by TLS in `wolfcrypt/src/port/st/stsafe.c`.
* Fix for wolfcrypt_test to not require args to be provided.
* Fix for wolfCrypt `ecc_test_buffers` to poperly init ecc_key (resolves devId issue).
* Fix for STM32 AES CBC Decrypt with CubeMX, which was not capturing the first input block for next IV.
* Refactor to combine STM32 hardware init code.
2018-07-30 13:58:19 -07:00
David Garske 656c0453a2 Fix for unit test abort(). 2018-07-30 13:53:54 -07:00
David Garske 6a91fbcfdd Fixes for warnings from Jenkins reports. 2018-07-30 13:53:54 -07:00
David Garske 4eff7b641b First pass at bugs found with ./scripts/memtest.sh. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in wolfSSL_PEM_read_X509_CRL. 2018-07-30 13:53:54 -07:00
David Garske 6ed6876b1f Enhanced the --enable-memtrack option to keep list of pointers allocated and reports leaked memory at end. Cleanup of the wolfCrypt_Init and wolfCrypt_Cleanup calls in unit.test and SrpTest memory tracking feature. 2018-07-30 13:53:54 -07:00
David Garske 2c3475c1d6 Added new build option --enable-memtest or WOLFSSL_FORCE_MALLOC_FAIL_TEST which enables random malloc failures for testing. This test supresses the abort() calls to detect seg faults. A new script ./scripts/memtest.sh starts the test. If an issue is found it can be reviewed with the ./scripts/memtest.txt log and reproduced using the seed printed at top of unit test as --- RNG MALLOC FAIL AT 295--- and rerun using ./tests/unit.test 295. 2018-07-30 13:53:35 -07:00
toddouska 62cb69ded6 Merge pull request #1724 from dgarske/pemtoder
Added API's to expose alloc/free of DerBuffer and new unit tests
2018-07-30 13:50:19 -07:00
toddouska 335f467b8c Merge pull request #1714 from dgarske/pic32hashleak
Fixes for PIC32MZ hash memory leak
2018-07-30 13:48:59 -07:00