Commit Graph

11142 Commits

Author SHA1 Message Date
John Safranek fea1f1d6e5 Maintenance: ASN.1
1. Reject as an error any ASN.1 length value that is multibyte of length 0.
2019-11-18 17:02:19 -08:00
toddouska 7a5c8f4e07 Merge pull request #2584 from SparkiDev/sp_rsa4096
SP now has support for RSA/DH 4096-bit operations
2019-11-18 15:38:47 -08:00
toddouska b646b7258b Merge pull request #2585 from dgarske/webrtc_m79
Support for Google WebRTC (ref m79)
2019-11-18 15:33:49 -08:00
toddouska 20c82f3c4b Merge pull request #2586 from dgarske/STM32_HW
STM32 Crypto hardware fixes and improvements
2019-11-18 15:22:19 -08:00
toddouska 90f7a96721 Merge pull request #2593 from ejohnstown/maintenance-DH
Maintenance: DH
2019-11-18 15:18:16 -08:00
toddouska 12dfe027ed Merge pull request #2595 from dgarske/hmac_devid
Adds PBKDF2 and Hash wrapper heap ctx and crypto callback support
2019-11-18 15:16:19 -08:00
Tesfa Mael 74dd142a51 Review comment 2019-11-18 15:13:59 -08:00
David Garske abee442c1e Useful script to cleanup test files created. 2019-11-18 15:08:54 -08:00
toddouska 6ffd931db1 Merge pull request #2564 from SparkiDev/tlsext_list_fix
Modify linked list traversal - fix for compiler bug
2019-11-18 15:04:26 -08:00
John Safranek a1e33e7ec9 Maintenance: OCSP
1. Check array index bounds before using them in arrays.
2. When processing an HTTP buffer, check that the new buffer size is
valid before allocating a new one.
2019-11-18 14:15:55 -08:00
David Garske 48d0b53074 Fix for wolfSSL_cmp_peer_cert_to_file compiler warning with size_t vs long. 2019-11-18 14:01:16 -08:00
David Garske ca5549ae91 Improvements for XFTELL return code and MAX_WOLFSSL_FILE_SIZE checking.
Fixes #2527
2019-11-18 13:49:06 -08:00
John Safranek 8347d00bf2 Maintenance BLAKE2
1. Remove the BLAKE2 HMAC from wolfSSL and its testing.
2019-11-18 13:31:15 -08:00
David Garske 1542482cd5 Cleanup of the MQX file headers for STDIO. Cleanup of fio.h and nio.h includes to use wc_port.h. ZD 9453. 2019-11-18 12:14:34 -08:00
David Garske b780982aa4 Adds "devId" crypto device and "heap" context for Hash wrappers and PBKDF
* Adds new hash wrapper init `wc_HashInit_ex`.
* Adds new PBKDF2 API `wc_PBKDF2_ex`.
ZD 9494 (using PBKDF2)
2019-11-18 11:26:56 -08:00
John Safranek 14c986360d Maintenance BLAKE2
1. Remove BLAKE2 support from HMAC.
2. Update doxy header for HMAC with removal of BLAKE2 and addition of SHA-3.
2019-11-18 10:45:30 -08:00
David Garske cb9f16d3cb Fix for proper sizing of in-memory buffer for TLS benchmarking (32 is not always the max digest size). 2019-11-18 10:34:15 -08:00
David Garske 12d2d17d18 Minor cleanups to TLS bench tool configuration. 2019-11-18 10:29:50 -08:00
David Garske 95b83272dd Implementation for SSL_CTX_add1_chain_cert. 2019-11-18 10:19:48 -08:00
JacobBarthelmeh c9f7741dfb Merge pull request #2567 from aaronjense/scan-build-fix
Scan-Build Fixes for PKCS7 and PKCS12
2019-11-18 10:21:14 -07:00
toddouska ea04dbede1 Merge pull request #2583 from ejohnstown/rng-ebsnet
RNG-EBSNET
2019-11-18 09:15:30 -08:00
David Garske 7e17904c54 Fix for AES GCM Decrypt auth tag. ZD 9507 2019-11-18 06:46:50 -08:00
David Garske b676c69561 Fix for DES mutex return code. Fix TLS bench thread shutdown. README.md updates. 2019-11-18 06:46:20 -08:00
Tesfa Mael 520a032b71 Add show x509 test 2019-11-15 13:23:08 -08:00
Tesfa Mael 6ca12787ae retrieve a stack of X509 certs in a cert manager and a store ctx 2019-11-15 13:23:08 -08:00
David Garske 7819fedca7 Update for OpenSTM32 project. Adds TLS benchmarking tool, which test client/server for each cipher suite. 2019-11-15 12:10:09 -08:00
David Garske 0c2c4fd91b Improvements to tls_bench tool in wolfSSL lib for embedded use. 2019-11-15 12:09:19 -08:00
David Garske 961f9c4ecc Cleanup for invalid use of NO_SHA512 in api.c unit test. 2019-11-15 12:08:50 -08:00
David Garske a7e415d077 Fix for AEC CTR mode with STM32 and CubeMX. 2019-11-15 12:08:25 -08:00
David Garske 27d95d1dfd Add mutex protection on STM32 RNG, AES/DES and Hashing crypto hardware calls for thread safety. Fixes #2580 2019-11-15 12:08:11 -08:00
David Garske 2a9449182c * Make the wc_Stm32_Aes_Init API always available for STM32. ZD 9503
* Fix for SHA256 hash context to only be included for `STM32_HASH_SHA2`. ZD 9503
2019-11-15 12:07:08 -08:00
Chris Conlon 4282346eef Merge pull request #2551 from kaleb-himes/ZD5815-EBSNET
Implement porting efforts from ZD5241 and ZD5815
2019-11-15 09:24:10 -07:00
John Safranek 3cd5a97473 Maintenance
1. When getting the DH public key, initialize the P, G, and Pub pointers
to NULL, then set that we own the DH parameters flag. This allows
FreeSSL to correctly clean up the DH key.
2019-11-14 14:42:58 -08:00
John Safranek 604219f2fc Sync OCTEON fix
1. For OCTEON builds, leave out the "-DCVMX_BUILD_FOR_LINUX_HOST" option
from CFLAGS by default so it makes standalone host builds.
2. Add a check of the variable OCTEON_HOST for linux to add back in the
"-DCVMX_BUILD_FOR_LINUX_HOST" to CFLAGS.
2019-11-14 14:21:44 -08:00
John Safranek 2ace532e45 Sync OCTEON fix
1. The sniffer's global device ID wasn't tagged as global.
2. Make sure the sniffer's global device ID is used.
2019-11-14 14:21:44 -08:00
John Safranek 7c78130f70 Sync OCTEON fix
The preprocessor selection for the WOLFSSL_GLOBAL macro for OCTEON wasn't getting selected.
2019-11-14 14:21:44 -08:00
Kaleb Himes 4a2f8482b5 Remove static RSA setting
Customer confirmed their tests are passing without static rsa enabled.
2019-11-14 15:16:32 -07:00
Eric Blankenhorn 8c6c4e2432 Add unique error codes to verify failures 2019-11-14 16:02:02 -06:00
Chris Conlon 22042830d6 Merge pull request #2588 from kojo1/BasicConst2
BasicConstraint, compatibility
2019-11-14 13:16:30 -07:00
Takashi Kojo dccb2e165e if integer it is valid format with CA = False, 2019-11-14 14:51:58 +09:00
Sean Parkinson cc880e39ae Add deterministic ECDSA sig gen. Fix corner cases for add point.
In verify, two points are added and they may either be the same point
(different z) or result in infinity.
If they are the same point then a double needs to be performed instead.
Detection of infinity added.
Calculation of wc_ecc_sig_size fixed to handle wehn there are more bits
in the order than in the modulus.
2019-11-14 12:49:45 +10:00
Guido Vranken a3fca34471 Properly limit array access in OCSP response decoder 2019-11-14 03:19:07 +01:00
Sean Parkinson 411b130369 Add new 4096-bit cert and key to distribution 2019-11-14 09:13:24 +10:00
John Safranek 8f08f001d2 Update the EBSNET GenerateSeed function with a better seed. It was
reseeding itself every few bytes and failing the simple entropy check.
2019-11-13 14:50:58 -08:00
David Garske af142b307b Support for WebRTC (ref m79):
* Fixed `set1_curves_list` API's to use `const char*` for names.
* Fixed `ossl_typ.h` to include `ssl.h` compatibility.
* Added `SSL_CTX_up_ref`.
* Added `wolfSSL_set1_curves_list`
* Added `TLS_method` and `DTLS_method`
* Added `SSL_CIPHER_standard_name`.
* Added `X509_STORE_CTX_get0_cert`
* Added `SSL_CTX_set_cert_verify_callback`.
* Enabled "either" side support when `--enable-opensslall` is used.
* Changed `SSL_CIPHER_get_rfc_name` to use `wolfSSL_CIPHER_get_name` instead of stub.
2019-11-13 12:34:33 -08:00
toddouska 99292158e4 Merge pull request #2573 from JacobBarthelmeh/staticmemory
handle case to avoid memcpy when staticmemory IO pool gives same buffer
2019-11-13 11:29:13 -08:00
toddouska 76e7e7349b Merge pull request #2575 from tmael/valgrind_dhtest
Fix memory leak in dh_test
2019-11-13 11:28:04 -08:00
toddouska 46bc8e092a Merge pull request #2582 from ejohnstown/abi-current
ABI
2019-11-13 11:24:45 -08:00
Aaron Jense dab7d09570 Fix the possibility that memory is not free'd when GetLength returns 0 2019-11-13 11:55:45 -07:00
Aaron Jense 0beeb2356b Fix scan-build not recognizing FlatAttrib array being initialized 2019-11-13 11:50:26 -07:00