Commit Graph

11142 Commits

Author SHA1 Message Date
Tesfa Mael cf127ec05f Fix buffer overrun 2019-11-22 10:33:17 -08:00
David Garske be88bce36d Fix for issues with wolfSSL_OBJ_nid2sn and wc_OBJ_sn2nid and logic finding max item when WOLFSSL_CUSTOM_CURVES and ECC_CACHE_CURVE are defined. Improvements to wolfSSL_EC_get_builtin_curves to avoid using "min" as variable name and eliminate using a local static. 2019-11-22 10:09:10 -08:00
John Safranek 0a924af894 Maintenance: Prime
1. Prime test should return NO for 1. (sp math)
2019-11-22 10:01:21 -08:00
David Garske ffb3dfd6ec Fixes for minor test.c build configuration issues. 2019-11-22 07:01:10 -08:00
David Garske cdc50d7753 Revert header change in #2504 for asynchronous crypto quickassist_mem.h. 2019-11-22 05:59:57 -08:00
Sean Parkinson 50c4347748 More corner cases in tfm
Handle zero base in fp_exptmod better().
Handle negatives in fp_gcd().
Return FP_OKAY when writing out 0 with mp_toradix().
2019-11-22 09:56:02 +10:00
John Safranek 71943844d6 Maintenance: OCSP
1. Add a couple more bounds checks to wolfIO_HttpProcessResponseBuf().
2019-11-21 14:51:35 -08:00
John Safranek 452ba5b502 Maintenance: Prime
1. Prime test should return NO for 1. (normal math and fast math)
2019-11-21 13:49:26 -08:00
Eric Blankenhorn b57294eff7 Fix for vasprintf with AIX 2019-11-21 12:23:15 -06:00
John Safranek edb07cf68e Merge pull request #2587 from guidovranken/ocsp-resp-decoder-bounds-fix
Properly limit array access in OCSP response decoder
2019-11-21 10:13:49 -08:00
Tesfa Mael 428d51e664 IV is set in the evp ctx level 2019-11-21 09:58:03 -08:00
toddouska e883a2f696 Merge pull request #2611 from SparkiDev/sp_int_add_fix
Fix sp_add to handle carries properly
2019-11-21 08:59:09 -08:00
Sean Parkinson f56a74b6b7 Handle negative modulus with negative exponent in exptmod 2019-11-21 14:55:13 +10:00
John Safranek 6720bc3890 Maintenance: OCSP
1. Add some minimum bounds checking on the HTTP responses as some can
end up being too short.
2019-11-20 17:25:03 -08:00
Tesfa Mael f95d5eebff Add FreeX509() to clean up when sk stack is empty 2019-11-20 17:02:13 -08:00
Tesfa Mael 6c732725b0 Test evp aes gcm with default IV length 2019-11-20 16:37:15 -08:00
toddouska b33ce2207d Merge pull request #2608 from SparkiDev/use_heap
When disabled memory, ensure all heap and types are used
2019-11-20 16:18:07 -08:00
toddouska a2d036dcba Merge pull request #2601 from SparkiDev/certs_exts_fix
ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly
2019-11-20 16:17:28 -08:00
Sean Parkinson a20db0b8ad Fix sp_add to handle carries properly 2019-11-21 09:47:17 +10:00
John Safranek ce0136e968 Maintenance: Integers
In TFM and Integer, rshb() shouldn't try to shift a value that is 0.
This leads to using a negative offset to a pointer, but isn't used.
2019-11-20 13:55:57 -08:00
Jacob Barthelmeh 6f98d5d348 remove extra parentheses that clang complained about 2019-11-20 14:49:47 -07:00
John Safranek 71690fc73a Maintenance: DTLS
1. Updated the window scrolling. There was a couple off-by-one errors in
the DTLS window handling. They canceled each other out, but there was a
rare case where they would shift too much.
2019-11-20 13:46:23 -08:00
John Safranek 188eb45433 Maintenance: DTLS
Removed redundant sequence increment when sending the Server Hello message.
2019-11-20 13:08:01 -08:00
Jacob Barthelmeh 1eb1755f07 add another evp decrypt test case 2019-11-20 12:29:22 -07:00
Jacob Barthelmeh 9880ad6926 updates to EVP_CipherUpdate for handling storage of last block 2019-11-20 11:57:06 -07:00
John Safranek 19d8ef405c Maintenance: DTLS
When encrypting with AES-GCM, AES-CCM, or PolyChacha, do not increment
the DTLS sequence number. The sequence number should only be incremented
in BuildMessage. This was done because the sequence number used to be
incremented after calculating the HMAC or after the encrypt for AEAD
ciphers. The HMAC has been separated from the sequence increment.
2019-11-20 10:56:56 -08:00
Takashi Kojo 4896a48955 fix EVP_CipherUpdate padding 2019-11-20 11:49:30 -07:00
toddouska 88fb7efb8c Merge pull request #2602 from SparkiDev/certs_exts_free
ProcessPeerCerts jump to error handling instead of returning
2019-11-20 09:25:48 -08:00
toddouska 2a7fb69523 Merge pull request #2604 from SparkiDev/disabled_curve_fix
TLS supported curve extension - validate support fix
2019-11-20 09:17:50 -08:00
toddouska ccc8a49fcb Merge pull request #2607 from SparkiDev/tls13_serverhello_cs
TLS 1.3 client detects non-TLS 1.3 cipher suite in ServerHello
2019-11-20 09:16:16 -08:00
toddouska d5a1adab5d Merge pull request #2605 from SparkiDev/set_ser_num
Added output size to SetSerialNumber
2019-11-20 09:15:36 -08:00
toddouska 1ba366920c Merge pull request #2581 from SparkiDev/ecc_fixes_add
Add deterministic ECDSA sig gen. Fix corner cases for add point.
2019-11-20 09:12:28 -08:00
Tesfa Mael f1fbabbb60 Use default 96-bits IV length when unset 2019-11-20 09:09:12 -08:00
Sean Parkinson d441cee6fb When disabled memory, ensure all heap and types are used 2019-11-20 17:06:42 +10:00
Sean Parkinson 917e5b0405 TLS 1.3 client detects non-TLS 1.3 cipher suite in ServerHello 2019-11-20 12:22:00 +10:00
Sean Parkinson 13c6346158 Check error returns from mp calls 2019-11-20 11:09:50 +10:00
Sean Parkinson 79b35860e0 Added output size to SetSerialNumber
Some internal calls were passing in output size as max number size.
2019-11-20 10:52:48 +10:00
kaleb-himes ad3e105303 Add dox documentation for wc_ecc_make_key_ex 2019-11-19 17:06:52 -07:00
Sean Parkinson c7f7d1b193 TLS supported curve extension - validate support fix
Check curve name is in range before checking for disabled
2019-11-20 09:38:06 +10:00
Tesfa Mael 62eaa27b41 Review comment, avoid double-free 2019-11-19 15:29:48 -08:00
toddouska 1a3455110e Merge pull request #2599 from dgarske/cleanup_script
Useful script to cleanup test files created
2019-11-19 11:59:50 -08:00
toddouska 5c4da3e6fa Merge pull request #2598 from dgarske/max_file_sz
Improvements to file size checks
2019-11-19 11:59:21 -08:00
toddouska 5de27443d0 Merge pull request #2596 from dgarske/mqx_fio_cleanup
Support for MQX 5.0 and cleanup of the MQX includes
2019-11-19 11:49:03 -08:00
David Garske 7b160a8cf3 Make MAX_WOLFSSL_FILE_SIZE overridable. 2019-11-19 07:46:50 -08:00
David Garske 9a4614f6e1 Fix for possible uninitialized memSz in bio.c 2019-11-19 05:35:22 -08:00
David Garske e7bff37421 Add settings.h build macro note. 2019-11-19 05:33:59 -08:00
Sean Parkinson 1b8f136d29 ProcessPeerCerts jump to error handling instead of returning 2019-11-19 13:17:29 +10:00
Sean Parkinson f08dfb4afc ProcessPeerCerts allocating memory for exts with OPENSSL_EXTRA properly 2019-11-19 13:03:20 +10:00
toddouska e6292eca9c Merge pull request #2597 from ejohnstown/octeon-global
Sync OCTEON Sniffer
2019-11-18 17:06:30 -08:00
toddouska c6dac64438 Merge pull request #2594 from ejohnstown/maintenance-BLAKE2
Maintenance BLAKE2
2019-11-18 17:05:01 -08:00