David Garske
7d39a897dc
Refactor of the verify callback to eliminate duplicate code and provide consistency with various build options. Documented build options and added code comments in new DoVerifyCallback function. Added documentation in test.h myVerify function for arguments and return code. Fix from commit da1ac36 which added current_cert to WOLFSSL_X509_STORE_CTX, but is only required for ASIO compatibility and is not used.
2018-08-06 11:40:35 -07:00
David Garske
30d6c0c1fc
Merge pull request #1737 from ejohnstown/ocsp-free
...
OCSP Free
2018-08-06 09:08:01 -07:00
David Garske
738a121d61
Merge pull request #1740 from ejohnstown/null-check
...
NULL Check
2018-08-03 13:53:53 -07:00
toddouska
b88d60ecbb
Merge pull request #1665 from ejohnstown/mr
...
Prime Number Testing
2018-08-03 12:50:27 -07:00
John Safranek
f6a8a2f5bd
NULL Check
...
When using the async option, the RSA key is checked on the first call to
DoTls13CertificateVerify() when the async state machine is set up. On
the subsequent call, the pointer to the key isn't checked again. Added a
check. (This was from a static analysis report.)
2018-08-03 11:09:43 -07:00
David Garske
a43d4d16ba
Merge pull request #1719 from MJSPollard/OpenSSLAllFix
...
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
2018-08-02 15:20:27 -07:00
JacobBarthelmeh
782ea74fbf
Merge pull request #1732 from kojo1/Ticket-4169-2
...
Ticket 4169: eliminate ssl->CBIORecv/Send overwritten in SSL_set_bio
2018-08-02 14:58:25 -06:00
Eric Blankenhorn
b248af6f84
Update from review
2018-08-02 10:59:07 -05:00
Takashi Kojo
fd75f35801
fix cbioFlag check
2018-08-02 10:18:09 +09:00
John Safranek
c87d6b27e2
OCSP Free
...
Free the OCSP request when creating the response only if there is an error making the request.
2018-08-01 15:34:43 -07:00
John Safranek
7647d52d77
Prime Number Testing
...
1. Remove a copy-paste error when clearing up the RNG used to test a prime.
2. Tag a some const test values as static in the wolfCrypt test.
2018-08-01 14:49:06 -07:00
Eric Blankenhorn
ba2f0fd8fc
Fix for zd4179, 4181, 4182
2018-08-01 15:56:15 -05:00
Takashi Kojo
98f6ae16ca
copy cbioFlag from ctx to ssl
2018-08-02 04:48:39 +09:00
Takashi Kojo
96c1a567f0
#4169 : CBIO set flag to escape from overwritten in SSL_set_bio
2018-08-01 19:16:42 +09:00
John Safranek
af89458af0
GCC-8 string fixes
...
1. strncpy needs to include the source string's NULL.
2. Deleted a few redundant string modifications.
2018-07-31 14:02:44 -07:00
John Safranek
ed208efc4d
GCC-8 string fixes
...
1. Modify wolfSSL_get_ciphers() to limit the XSTRNCPY based on the dst buf length, not the src string.
2018-07-31 14:02:44 -07:00
David Garske
2b3f94944d
Merge pull request #1723 from kaleb-himes/overhead-avoidance
...
avoid overhead call to alloc and free when sigSz invalid
2018-07-31 08:14:49 -07:00
David Garske
4eff7b641b
First pass at bugs found with ./scripts/memtest.sh. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in wolfSSL_PEM_read_X509_CRL.
2018-07-30 13:53:54 -07:00
toddouska
335f467b8c
Merge pull request #1714 from dgarske/pic32hashleak
...
Fixes for PIC32MZ hash memory leak
2018-07-30 13:48:59 -07:00
Chris Conlon
c71d8eb6ba
Merge pull request #1653 from Naruto/feature/mynewt
...
port apache mynewt
2018-07-30 13:33:25 -06:00
Chris Conlon
1079b0e3b3
Merge pull request #1716 from cariepointer/osp/haproxy
...
Define functions required by HAProxy and enable SSLV3 dependency
2018-07-30 13:26:38 -06:00
Kaleb Himes
d19b78d81a
Fix typo in comment
2018-07-30 12:17:55 -06:00
Naruto TAKAHASHI
861fec1dc6
porting mynewt
2018-07-28 18:03:20 +09:00
kaleb-himes
0ee4b88e74
avoid overhead call to alloc and free when sigSz invalid
2018-07-27 16:25:10 -06:00
John Safranek
4b8507813e
Prime Number Testing
...
1. Also disable the new prime test from TLS while using SELFTEST.
2018-07-27 13:34:38 -07:00
MJSPollard
543cac65d8
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
2018-07-27 12:42:09 -06:00
Jacob Barthelmeh
74c4d31c07
sanity check on pkcs8 variable
2018-07-27 11:16:41 -06:00
John Safranek
31f1692cbf
Prime Number Testing
...
1. Disable the new prime test from TLS while using FIPS or setting the flag WOLFSSL_OLD_PRIME_CHECK.
2018-07-26 16:01:08 -07:00
John Safranek
4b2a591a93
Prime Number Testing
...
1. Added calls to wc_DhSetCheckKey() on the client side of TLS.
2. Added an API test to the wolfCrypt test.
3. Fixed a bug in the prime test found with the API test. Misuse of tertiary operator.
2018-07-26 14:43:04 -07:00
David Garske
efbabbfb29
Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using NO_PIC32MZ_HASH, NO_PIC32MZ_RNG and NO_PIC32MZ_CRYPT.
2018-07-26 14:41:30 -07:00
Carie Pointer
a1f69f0d64
Define functions required by HAProxy and enable SSLV3 dependency
2018-07-26 12:53:21 -07:00
toddouska
90367df13c
Merge pull request #1710 from SparkiDev/ed25519_only
...
Changes to build with X25519 and Ed25519 only
2018-07-25 14:24:03 -07:00
David Garske
92cb8f06ea
Fixes to make sure hash free is always called (resolves memory leaks with PIC32MZ hashing hardware). Only print Alloc/Free messages with track memory when WOLFSSL_DEBUG_MEMORY_PRINT is defined. Added test for ForceZero with 0 length.
2018-07-25 11:22:03 -07:00
JacobBarthelmeh
74fbd06817
Merge pull request #1686 from cconlon/nucleus-update
...
Nucleus port and PB changes
2018-07-25 09:17:40 -06:00
toddouska
fe2aee11d8
Merge pull request #1712 from JacobBarthelmeh/Testing
...
check if internal of WOLFSSL_RSA struct is already set
2018-07-24 11:55:15 -07:00
toddouska
018573bcf3
Merge pull request #1695 from JacobBarthelmeh/Optimizations
...
add some macro guards for CipherRequires function
2018-07-24 11:51:03 -07:00
Jacob Barthelmeh
f69c6e382c
check if internal of WOLFSSL_RSA struct is already set
2018-07-23 17:17:27 -06:00
toddouska
ab3ffaa26a
Merge pull request #1706 from SparkiDev/sha384_not_sha512
...
Allow SHA384 to be compiled in without SHA512
2018-07-23 09:47:49 -07:00
Sean Parkinson
6d3e145571
Changes to build with X25519 and Ed25519 only
...
Allows configurations without RSA, DH and ECC but with Curve25519
algorithms to work with SSL/TLS using X25519 key exchange and Ed25519
certificates.
Fix Ed25519 code to call wc_Sha512Free().
Add certificates to test.h and fix examples to use them.
2018-07-23 10:20:18 +10:00
Chris Conlon
7f19f914c0
create WOLFSSL_NUCLEUS_1_2 for older 1.2 version
2018-07-20 10:51:15 -06:00
Sean Parkinson
9433fcb820
Allow SHA384 to be compiled in without SHA512
2018-07-20 09:42:01 +10:00
MJSPollard
19dd08e191
requested style changes
2018-07-19 11:05:56 -06:00
MJSPollard
0dbd35ae01
websocketpp compat. addition, add new define for asio
2018-07-18 12:09:12 -06:00
MJSPollard
db8939c578
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO
2018-07-18 11:10:35 -06:00
toddouska
227e7cc8c7
Merge pull request #1690 from SparkiDev/tls_sha384_copy
...
Remove special case SHA-384 copy code
2018-07-18 09:37:50 -07:00
toddouska
436e774729
Merge pull request #1685 from SparkiDev/dh_max
...
Add support for maximum DH key size
2018-07-18 09:33:43 -07:00
David Garske
52aac6e641
Merge pull request #1697 from embhorn/zd4060
...
Dead code in wolfSSL_BIO_gets()
2018-07-18 09:22:35 -07:00
Sean Parkinson
0236a293e4
Fix define protection to be ED25519 not ECC
2018-07-18 10:12:57 +10:00
toddouska
1840ae7013
Merge pull request #1693 from SparkiDev/stack_rsa
...
Small stack fixes and ignore RSA fields in RSA_LOW_MEM
2018-07-17 12:24:00 -07:00
Eric Blankenhorn
6a6f5d01b4
Fix for zd4060
2018-07-17 14:20:14 -05:00