wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-05 16:24:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,580 Commits 13 Branches 184 Tags
55985ad1b49b8d4e1cbc34f95ee7d603961ca786
Commit Graph

1202 Commits

Author SHA1 Message Date
John Safranek 8347d00bf2 Maintenance BLAKE2 
1. Remove the BLAKE2 HMAC from wolfSSL and its testing.
 2019-11-18 13:31:15 -08:00
Tesfa Mael 520a032b71 Add show x509 test 2019-11-15 13:23:08 -08:00
Tesfa Mael 6ca12787ae retrieve a stack of X509 certs in a cert manager and a store ctx 2019-11-15 13:23:08 -08:00
David Garske 961f9c4ecc Cleanup for invalid use of NO_SHA512 in api.c unit test. 2019-11-15 12:08:50 -08:00
David Garske 546442c130 Fix for CAVP test issue trying to use AES_128_KEY_SIZE and AES_IV_SIZE. 2019-11-12 09:43:09 -08:00
David Garske d17748b1ad Fix for EC_GROUP_order_bits and added unit test. 2019-11-11 14:58:23 -08:00
David Garske 2bae1d27a1 wolfSSL Compatibility support for OpenVPN 
* Adds compatibility API's for:
	* `sk_ASN1_OBJECT_free`
	* `sk_ASN1_OBJECT_num`
	* `sk_ASN1_OBJECT_value`
	* `sk_X509_OBJECT_num`
	* `sk_X509_OBJECT_value`
	* `sk_X509_OBJECT_delete`
	* `sk_X509_NAME_find`
	* `sk_X509_INFO_free`
	* `BIO_get_len`
	* `BIO_set_ssl`
	* `BIO_should_retry` (stub)
	* `X509_OBJECT_free`
	* `X509_NAME_get_index_by_OBJ`
	* `X509_INFO_free`
	* `X509_STORE_get0_objects`
	* `X509_check_purpose` (stub)
	* `PEM_read_bio_X509_CRL`
	* `PEM_X509_INFO_read_bio`
	* `ASN1_BIT_STRING_new`
	* `ASN1_BIT_STRING_free`
	* `ASN1_BIT_STRING_get_bit`
	* `ASN1_BIT_STRING_set_bit`
	* `DES_check_key_parity`
	* `EC_GROUP_order_bits`
	* `EC_get_builtin_curves`
	* `EVP_CIPHER_CTX_cipher`
	* `EVP_PKEY_get0_EC_KEY`
	* `EVP_PKEY_get0_RSA`
	* `EVP_PKEY_get0_DSA` (stub)
	* `HMAC_CTX_new`
	* `HMAC_CTX_free`
	* `HMAC_CTX_reset`
	* `HMAC_size`
	* `OBJ_txt2obj`
	* `RSA_meth_new`
	* `RSA_meth_free`
	* `RSA_meth_set_pub_enc`
	* `RSA_meth_set_pub_dec`
	* `RSA_meth_set_priv_enc`
	* `RSA_meth_set_priv_dec`
	* `RSA_meth_set_init`
	* `RSA_meth_set_finish`
	* `RSA_meth_set0_app_data`
	* `RSA_get_method_data`
	* `RSA_set_method`
	* `RSA_get0_key`
	* `RSA_set0_key`
	* `RSA_flags`
	* `RSA_set_flags`
	* `RSA_bits`
	* `SSL_CTX_set_ciphersuites`
	* `SSL_CTX_set_security_level` (stub)
	* `SSL_export_keying_material` (stub)
	* `DSA_bits` (stub)
* Changes to support password callback trial and NO_PASSWORD. Replaces PR #2505.
* Renamed `wolfSSL_SSL_CTX_get_client_CA_list` to `wolfSSL_CTX_get_client_CA_list`.
* Cleanup of "sk" compatibility.
 2019-11-11 14:58:23 -08:00
toddouska 8246e02756 Merge pull request #2502 from cariepointer/gcm-tls10-fix 
Return error with AES-GCM and negotiated versions < TLSv1.2
 2019-11-08 15:06:54 -08:00
Carie Pointer a2cdb87067 Add check for if length is <= 0 in wc_Arc4SetKey 2019-11-08 14:54:39 -07:00
Carie Pointer 39eaaddeae Add tests for AEAD cipher suites with TLSv1.1 and TLSv1.0 2019-11-08 10:04:58 -08:00
Sean Parkinson c06efb6c1f Ensure space for name string. Reset policy count. 
Only set the name string in one place, keeping a length of the name type
to copy. Also only move cert data index once.
Reset certificate extension policy number/count in case of malicious
cert with multiple policy extensions.
 2019-11-07 13:51:50 +10:00
toddouska ba34b0d09f Merge pull request #2547 from SparkiDev/rsa_pss_salt_len 
Compile options for larger salt lengths in RSA-PSS
 2019-11-06 13:03:15 -08:00
Eric Blankenhorn 16899b55b2 Fix for ARM platforms 2019-11-04 11:54:36 -06:00
Sean Parkinson 35ec2bc6d4 Compile options for larger salt lengths in RSA-PSS 
Salt length larger than the hash size allowed in RSA-PSS.
Passing -2 to PSS pad function uses maximum salt length.
Passing -2 to PSS un-pad function makes it discover salt length.
 2019-11-04 14:27:02 +10:00
Eric Blankenhorn 58d800fbb7 Adding support for IP address verification 2019-10-31 09:15:22 -05:00
toddouska 51e8abf126 Merge pull request #2531 from SparkiDev/nginx_unittest 
Fix unittest to pass when compiling for NGINX
 2019-10-28 11:27:22 -07:00
toddouska 28cc7daa68 Merge pull request #2511 from tmael/BN_bn2hex 
Fix for hex digits with fastmath and normal integer
 2019-10-23 15:10:40 -07:00
Sean Parkinson a3c09f6794 Fix unittest to pass when compiling for NGINX 2019-10-22 08:47:49 +10:00
Jacob Barthelmeh 497818525a check on keygen for make rsa key function 2019-10-21 14:54:17 -06:00
Jacob Barthelmeh 09a0859865 fix for fortress and no sha build with encrypted keys 2019-10-21 09:37:24 -06:00
Jacob Barthelmeh e24787c8e4 add ecc header for fp_ecc cache free 2019-10-21 09:21:46 -06:00
Jacob Barthelmeh ea45da5fa8 change add_all_* to be evp table init and fix valgrind report 2019-10-20 01:13:43 -06:00
David Garske 0e73af8b88 Merge pull request #2515 from JacobBarthelmeh/Testing 
Initial pass on test cycle
 2019-10-17 16:02:17 -07:00
Jacob Barthelmeh b7d4c9f839 fix build with no server and enable all 2019-10-16 14:19:50 -06:00
Jacob Barthelmeh b4a3ad6e2d fix test case for enckeys + des3 with md5 disabled 2019-10-15 17:07:05 -06:00
Tesfa Mael 1267987c31 Review comment 2019-10-15 12:24:57 -07:00
Tesfa Mael 1a18e3bba8 Add leading zero padding for odd hex ASCII digits 2019-10-15 11:54:58 -07:00
JacobBarthelmeh 63e74554a8 fix for warning when using c++ compiler 2019-10-15 10:07:02 -07:00
Tesfa Mael 441f3a7f1f Add leading zero for odd number of hex digits 2019-10-14 16:43:45 -07:00
toddouska d30e4ac74f Merge pull request #2499 from ejohnstown/sniffer-features 
Sniffer Features
 2019-10-14 15:35:55 -07:00
JacobBarthelmeh c3e99e1394 Merge pull request #2510 from tmael/bio_base64 
Fix a return value from wolfSSL_BIO_BASE64_write()
 2019-10-14 15:44:14 -06:00
toddouska df77088d5c Merge pull request #2461 from kaleb-himes/ZD_5541_PathLenConstraint 
addressing non RFC compliance in handling of pathLen constraint
 2019-10-14 09:41:09 -07:00
Tesfa Mael ccc500e13f Correct return value from wolfSSL_BIO_BASE64_write() 2019-10-11 14:52:53 -07:00
kaleb-himes 9357db4d0c check value of ret in test cases 2019-10-11 15:27:15 -06:00
kaleb-himes 306b280ccd Add test cases and implement peer suggestions 
Fix failing jenkins test cases

Add detection for file size with static memory

Account for cert without pathLen constraint set including test cases

Resolve OCSP case and test where cert->pathLen expected to be NULL
 2019-10-11 15:03:38 -06:00
kaleb-himes 9c5fd165d0 addressing non RFC compliance in handling of pathLen constraint 2019-10-10 16:45:29 -06:00
David Garske d781734b55 Merge pull request #2507 from cariepointer/apache_updates 
Apache updates
 2019-10-10 12:45:01 -07:00
Tesfa Mael e22563ed00 BIO chain test 2019-10-09 11:38:07 -07:00
Carie Pointer d89f9ddc42 Update X509V3_EXT_print for different extension types 2019-10-09 11:10:27 -07:00
Carie Pointer 5adcee9f2c Update testsuite to expect ADH-AES256-GCM-SHA384 to fail with TLSv1.0 and TLSv1.1 2019-10-09 08:36:47 -07:00
Carie Pointer b247b4565c Fixes for build warnings with apache httpd 2019-10-07 11:15:55 -07:00
John Safranek a991cc42f4 Add function wolfSSL_get_cipher_name_iana_from_suite() a wrapper around 
internal API GetCipherNameIana().
 2019-10-04 14:54:17 -07:00
John Safranek 87a8447f0d 1. Added a tag for global variables in environments where they aren't 
shared across threads by default.
2. Set the Trace file and flag up with the shared flag.
 2019-10-04 14:54:17 -07:00
toddouska 30829cec09 Merge pull request #2482 from SparkiDev/cppcheck_fixes_1 
Fixes from using cppcheck tool
 2019-10-04 14:39:31 -07:00
Eric Blankenhorn f47a9c8b20 Add conditional to 64-bit tests 2019-10-04 09:41:48 -05:00
Sean Parkinson 901ee627fc Fixes from using cppcheck tool 
Various fixes for uninitialized variable use.
sniffer.c: close file when seek fails
tls.c: fix QSH_GET_SIZE macro
wolfio.c: uIPGenerateCookie: use the parameter, _ctx, instead of self
referencing.
wolfssl_adds.c: check for equivalent to XBADFILE to indicate error.
SP: change right shift of signed value to unsigned
sp_int.h: define 128-bit types
types.h: change a XMALLOC define to not use (,,) - cppcheck doesn't like
it and is unnecessary.
 2019-10-01 09:22:00 +10:00
David Garske 34e0eb498a Fix for X509_set_subject_name and X509_set_issuer_name API unit test macro enables. 2019-09-26 08:42:35 -07:00
David Garske 606b76d06e Fix for WPAS certificate size difference. Fix so BIO_METHOD is compatible. Moved BIO stuff into bio.h. 2019-09-26 08:42:35 -07:00
David Garske a5f9d38c0d Remove the BIO method custom... its not compat. Fix bio->ptr to be void*. 2019-09-26 08:42:35 -07:00
David Garske 872d222b59 * Adds the following openssl compatibility API's: 
- SSL_CIPHER_get_id
  - SSL_CIPHER_get_rfc_name
  - SSL_get_cipher_by_value
  - X509_print_ex
  - X509_NAME_add_entry_by_NID
  - X509_time_adj
  - X509_time_adj_ex
  - DTLSv1_get_timeout
  - DTLSv1_handle_timeout
  - DTLSv1_set_initial_timeout_duration
  - SSL_CTX_set_current_time_cb
  - PEM_write_bio_RSA_PUBKEY
  - PEM_read_bio_RSA_PUBKEY
  - PEM_write_bio_PUBKEY
  - EVP_PKEY_missing_parameters
  - EVP_PKEY_cmp
  - BN_is_negative
  - BIO_set_retry_write
* Improvements to the notBefore and notAfter date handling.
* Improvements to BIO and BIO_METHOD
  - Moved structure to public area to allow for dereferencing
  - Renamed members to provide compatibility.
  - Added support for custom BIO methods for read/write.
* Added advanced openssl compatibility test cases for key and certificate generation.
* Fix for `ASN1_STRING_set` to allow NULL data.
* Fix to populate public key information on `EVP_PKEY_assign_RSA` and `EVP_PKEY_assign_EC_KEY`.
* Fix naming for `X509_get_notBefore` and `X509_get_notAfter` functions.
* Added `wc_EccPublicKeyDerSize`.
* Improvements to `wc_RsaPublicKeyDerSize`, so dummy memory doesn't have to be allocated.
* Made the `wc_*PublicKeyDerSize` functions public.
* Eliminate use of snprintf for UTC to generalized time conversion in `wolfSSL_ASN1_TIME_to_generalizedtime`.
 2019-09-26 08:42:35 -07:00