Commit Graph

155 Commits

Author SHA1 Message Date
toddouska 29bdc7d8b5 Merge pull request #3015 from tmael/cov-fix
Coverity fix in wolfSSL 4.4.0
2020-06-10 17:07:47 -07:00
Tesfa Mael 28913a276f Include GCM in latest FIPS and Windows build 2020-06-08 08:38:59 -07:00
toddouska 3529d9a40d Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
2020-06-04 15:08:17 -07:00
toddouska 23d1550439 Merge pull request #2989 from julek-wolfssl/openvpn
Additional OpenSSL compat layer stuff
2020-06-04 11:57:55 -07:00
kaleb-himes 5a4d84ecad Consolidate to one-line where possible 2020-06-03 16:19:34 -06:00
Tesfa Mael d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
kaleb-himes bc02f2c74e Revert GCM_NONCE_MID_SZ changes 2020-06-01 17:13:23 -06:00
kaleb-himes 6217118ee4 Account for unmodifiable FIPS module files when adding new OpenSSL functionality 2020-06-01 16:28:32 -06:00
Hideki Miyazaki 5f783f0198 fix build failrue on esp-idf 2020-05-30 15:19:37 +09:00
Juliusz Sosinowicz 4a85bf8108 Additional OpenSSL compat layer stuff
- Add X509_get0_notBefore and X509_get0_notAfter
- Implement EVP_PKEY_get0_DSA and DSA_bits
- OpenSSL_version now prints "wolfSSL $VERSION"
- Remove define guards in `wolfSSL_internal_get_version` as all protocols are defined regardless in `wolfssl/internal.h`and this function just returns the string description of the protocol
2020-05-20 16:55:16 +02:00
David Garske 174b4d5159 Cleanup of SP with small stack. Expand support for WOLFSSL_SP_NO_MALLOC. Fix for evp.c when included directly. 2020-05-04 14:23:32 -07:00
Sean Parkinson e9b433a998 Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
2020-04-29 09:00:04 +10:00
Juliusz Sosinowicz c02c408409 Only 80 characters a line 2020-04-28 12:38:02 +02:00
Juliusz Sosinowicz 01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
2020-04-27 15:52:01 +02:00
David Garske 3c93a7b757 Fix Value stored to 'ret' is never read. 2020-04-24 11:31:12 -07:00
David Garske 41fc208195 Fixes for isHMAC checks. 2020-04-24 08:51:56 -07:00
David Garske 6d025f8c0f Refactor of the EVP macType to use enum wc_HashType to resolve issues with invalid casting. 2020-04-24 07:43:44 -07:00
John Safranek ccd096e1bb Memory Leak Fix
1. In `wolfSSL_d2i_DHparams()`, when setting the internal key on a
   WOLFSSL_KEY, set the flag inSet.
2. Not a leak, but in `wolfSSL_EVP_PKEY_set1_DH()`, only allocate one
   buffer to store the flat key. Saves an alloc, memcpy, and free.
2020-04-21 10:21:59 -07:00
Juliusz Sosinowicz dd68074104 Fix merge issues 2020-04-16 10:09:15 +02:00
Juliusz Sosinowicz 36403c1dad Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat 2020-04-15 16:55:03 +02:00
Eric Blankenhorn d9472b895f Fix conflicts after rebase 2020-04-14 15:24:52 -05:00
Eric Blankenhorn 1487917214 Fix EVP_MD_CTX_type to return NID 2020-04-14 14:27:21 -05:00
toddouska 06c6e583c8 Merge pull request #2891 from julek-wolfssl/refactor-evp-functions
Move EVP functions to evp.c
2020-04-14 09:22:51 -07:00
Juliusz Sosinowicz dad0bc0159 Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions 2020-04-14 12:52:23 +02:00
Juliusz Sosinowicz 9ced70edc1 Test fixes
Free `x509->key.pkey` in `FreeX509
Fix type conversions
Fix memory leaks and use of uninitialized memory
2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 73b4d78d5b Added partial support for wpa_supplicant, hostapd, and cjose:
- Moved `SetECKeyInternal` and `SetECKeyExternal` to `internal.h` to allow usage outside of `ssl.c`
- Added `asn1t.h`
- Implemented the `IMPLEMENT_ASN1_FUNCTIONS` macro for a small subset of ASN1 tags
-- So far only `X509_ALGOR` and `ASN1_BIT_STRING` are supported
- Implemented `BN_mod_add` function
- Allow for setting of `EC_KEY` export form through EC_KEY_set_conv_form
- Implemented `i2o_ECPublicKey`
- Implemented `EC_POINT_copy`
- Implemented deriving DH and ECDH keys in `EVP_PKEY_CTX`. Functions added:
-- `EVP_PKEY_derive_init`
-- `EVP_PKEY_derive_set_peer`
-- `EVP_PKEY_derive`
- Implemented `EVP_PKEY_get0_DH`
- Implemented `X509_ALGOR_new`
- Implemented `X509_ALGOR_free`
- Implemented `X509_ALGOR_set0`
- Implemented `X509_PUBKEY_new`
- Implemented `X509_PUBKEY_free`
- Implemented `X509_PUBKEY_set`
- Implemented `RSA_padding_add_PKCS1_PSS`
- Implemented `RSA_verify_PKCS1_PSS`
- Changed second parameter of `wolfSSL_d2i_PUBKEY` to be constant
- Corrected long names in `asn.h`
- Added `wc_ecc_get_generator` as a way to get the generator point of a curve
- Added `wc_ecc_export_point_der_ex` to export an ECC point in compressed or uncompressed format with one API
- Added `wc_ecc_export_point_der_compressed` to export a point in an `ecc_point` structure in compressed DER format
- Added 'wc_RsaSSL_Verify_ex` which adds the option to choose a padding type
- Added `wc_RsaPad_ex` and `wc_RsaUnPad_ex` to `rsa.h` as `WOLFSSL_LOCAL` functions
- `CopyDecodedToX509` now fills `x509->key` and `x509->algor` when populating x509
- `wolfSSL_EVP_CipherInit` now uses `wc_AesGcmSetExtIV` to set the IV so that it is copied to `ctx->iv` by `wolfSSL_StoreExternalIV`
- Added error checking to `wolfSSL_EVP_PKEY_get_der`
- `wolfSSL_X509_ALGOR_get0` now attempts to return something in all parameters
- Refactored `wolfSSL_EC_KEY_new` to use `*_new` functions when available
- Added `setupPoint` to set the internal point if not yet set
- Always set external point in `wolfSSL_ECPoint_d2i`
- Added compressed point support to `wolfSSL_EC_POINT_point2oct`
- Fix `wolfSSL_EC_POINT_mul` so that it will calculate the full `generator * n + q * m` then OpenSSL does
- Added `WOLFSSL_RSA_GetRNG` helper function to get a `WC_RNG` from `WOLFSSL_RSA`
- Correct short names in `wolfssl_object_info`
- Added all currently supported curves to `wolfssl_object_info`
- Added `oidCurveType` to `oid2nid`
- Add more padding types to `wolfSSL_RSA_public_decrypt`
- Fix `keysize` in `wc_ecc_import_point_der`
- Added tests for new additions
2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz f6b9b2e0eb Remove redundant guards 2020-04-09 18:26:23 +02:00
Juliusz Sosinowicz 9cbbd164e0 Fix test errors 2020-04-09 14:54:09 +02:00
Sean Parkinson 411aee6e05 Fixes from cppcheck
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
2020-04-08 09:46:22 +10:00
Juliusz Sosinowicz 4c0ea10e45 Move EVP functions to evp.c 2020-04-07 22:36:50 +02:00
toddouska bcc720ef68 Merge pull request #2773 from SKlimaRA/master
Coverity issues fixes.
2020-03-13 10:20:45 -07:00
Jacob Barthelmeh a0ddb05a07 change evp with cfb1 expect input size in bytes 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 1a96558b6e Adding macro and XTS support functions 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh b67ade5164 account for cavp build 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 64dcf5740a Fix for AES_XTS 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh d4428ebc0c add EVP cfb1 test and update some EVP code 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh 887eeb3c47 add EVP tests for cfb128 2020-02-20 17:28:32 -06:00
Eric Blankenhorn 9c4e0807e2 Adding EVP_aes_###_xts tests (not complete) 2020-02-20 17:28:32 -06:00
Jacob Barthelmeh df0d5f3b08 add EVP_aes_*_ofb implementation and tests, add support for inline with OFB 2020-02-20 17:28:32 -06:00
Eric Blankenhorn 62f20db48e Adding more EVP and SSL API 2020-02-20 17:28:32 -06:00
Eric Blankenhorn 0abc814792 EVP_MD_CTX_reset and EVP_aes fixes 2020-02-20 17:28:31 -06:00
Juliusz Sosinowicz 3fcec191a4 Refactor wolfSSL_RSA_To_Der 2020-02-18 21:37:06 +01:00
David Garske e5426f85c9 Fix for evp.c when being included directly due to improperly placed WOLFSSL_EVP_INCLUDED. Fix for FREERTOS to expose XREALLOC for normal math. 2020-01-30 06:22:08 -08:00
Stanislav Klima c3fabb1da6 NULL dereference. 2020-01-29 17:33:21 +01:00
toddouska d257003341 Merge pull request #2711 from cconlon/copyright2020
update copyright to 2020
2020-01-07 08:40:15 -08:00
JacobBarthelmeh ce0475a8e0 Merge pull request #2689 from tmael/pkey_freeMutex
Free EVP ctx pkey
2020-01-06 23:15:00 +07:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
Tesfa Mael 99a7aff31e Increment pkey references count 2019-12-20 22:38:54 -08:00
Tesfa Mael 48e59eaeb1 Free EVP ctx pkey 2019-12-20 22:38:54 -08:00