Commit Graph

3012 Commits

Author SHA1 Message Date
David Garske 7d39a897dc Refactor of the verify callback to eliminate duplicate code and provide consistency with various build options. Documented build options and added code comments in new DoVerifyCallback function. Added documentation in test.h myVerify function for arguments and return code. Fix from commit da1ac36 which added current_cert to WOLFSSL_X509_STORE_CTX, but is only required for ASIO compatibility and is not used. 2018-08-06 11:40:35 -07:00
David Garske 30d6c0c1fc Merge pull request #1737 from ejohnstown/ocsp-free
OCSP Free
2018-08-06 09:08:01 -07:00
David Garske 738a121d61 Merge pull request #1740 from ejohnstown/null-check
NULL Check
2018-08-03 13:53:53 -07:00
toddouska b88d60ecbb Merge pull request #1665 from ejohnstown/mr
Prime Number Testing
2018-08-03 12:50:27 -07:00
John Safranek f6a8a2f5bd NULL Check
When using the async option, the RSA key is checked on the first call to
DoTls13CertificateVerify() when the async state machine is set up. On
the subsequent call, the pointer to the key isn't checked again. Added a
check. (This was from a static analysis report.)
2018-08-03 11:09:43 -07:00
David Garske a43d4d16ba Merge pull request #1719 from MJSPollard/OpenSSLAllFix
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
2018-08-02 15:20:27 -07:00
JacobBarthelmeh 782ea74fbf Merge pull request #1732 from kojo1/Ticket-4169-2
Ticket 4169: eliminate ssl->CBIORecv/Send overwritten in SSL_set_bio
2018-08-02 14:58:25 -06:00
Eric Blankenhorn b248af6f84 Update from review 2018-08-02 10:59:07 -05:00
Takashi Kojo fd75f35801 fix cbioFlag check 2018-08-02 10:18:09 +09:00
John Safranek c87d6b27e2 OCSP Free
Free the OCSP request when creating the response only if there is an error making the request.
2018-08-01 15:34:43 -07:00
John Safranek 7647d52d77 Prime Number Testing
1. Remove a copy-paste error when clearing up the RNG used to test a prime.
2. Tag a some const test values as static in the wolfCrypt test.
2018-08-01 14:49:06 -07:00
Eric Blankenhorn ba2f0fd8fc Fix for zd4179, 4181, 4182 2018-08-01 15:56:15 -05:00
Takashi Kojo 98f6ae16ca copy cbioFlag from ctx to ssl 2018-08-02 04:48:39 +09:00
Takashi Kojo 96c1a567f0 #4169: CBIO set flag to escape from overwritten in SSL_set_bio 2018-08-01 19:16:42 +09:00
John Safranek af89458af0 GCC-8 string fixes
1. strncpy needs to include the source string's NULL.
2. Deleted a few redundant string modifications.
2018-07-31 14:02:44 -07:00
John Safranek ed208efc4d GCC-8 string fixes
1. Modify wolfSSL_get_ciphers() to limit the XSTRNCPY based on the dst buf length, not the src string.
2018-07-31 14:02:44 -07:00
David Garske 2b3f94944d Merge pull request #1723 from kaleb-himes/overhead-avoidance
avoid overhead call to alloc and free when sigSz invalid
2018-07-31 08:14:49 -07:00
David Garske 4eff7b641b First pass at bugs found with ./scripts/memtest.sh. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in wolfSSL_PEM_read_X509_CRL. 2018-07-30 13:53:54 -07:00
toddouska 335f467b8c Merge pull request #1714 from dgarske/pic32hashleak
Fixes for PIC32MZ hash memory leak
2018-07-30 13:48:59 -07:00
Chris Conlon c71d8eb6ba Merge pull request #1653 from Naruto/feature/mynewt
port apache mynewt
2018-07-30 13:33:25 -06:00
Chris Conlon 1079b0e3b3 Merge pull request #1716 from cariepointer/osp/haproxy
Define functions required by HAProxy and enable SSLV3 dependency
2018-07-30 13:26:38 -06:00
Kaleb Himes d19b78d81a Fix typo in comment 2018-07-30 12:17:55 -06:00
Naruto TAKAHASHI 861fec1dc6 porting mynewt 2018-07-28 18:03:20 +09:00
kaleb-himes 0ee4b88e74 avoid overhead call to alloc and free when sigSz invalid 2018-07-27 16:25:10 -06:00
John Safranek 4b8507813e Prime Number Testing
1. Also disable the new prime test from TLS while using SELFTEST.
2018-07-27 13:34:38 -07:00
MJSPollard 543cac65d8 Added boost define and openssl bug fix with WOLFSSL_KEY_GEN 2018-07-27 12:42:09 -06:00
Jacob Barthelmeh 74c4d31c07 sanity check on pkcs8 variable 2018-07-27 11:16:41 -06:00
John Safranek 31f1692cbf Prime Number Testing
1. Disable the new prime test from TLS while using FIPS or setting the flag WOLFSSL_OLD_PRIME_CHECK.
2018-07-26 16:01:08 -07:00
John Safranek 4b2a591a93 Prime Number Testing
1. Added calls to wc_DhSetCheckKey() on the client side of TLS.
2. Added an API test to the wolfCrypt test.
3. Fixed a bug in the prime test found with the API test. Misuse of tertiary operator.
2018-07-26 14:43:04 -07:00
David Garske efbabbfb29 Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using NO_PIC32MZ_HASH, NO_PIC32MZ_RNG and NO_PIC32MZ_CRYPT. 2018-07-26 14:41:30 -07:00
Carie Pointer a1f69f0d64 Define functions required by HAProxy and enable SSLV3 dependency 2018-07-26 12:53:21 -07:00
toddouska 90367df13c Merge pull request #1710 from SparkiDev/ed25519_only
Changes to build with X25519 and Ed25519 only
2018-07-25 14:24:03 -07:00
David Garske 92cb8f06ea Fixes to make sure hash free is always called (resolves memory leaks with PIC32MZ hashing hardware). Only print Alloc/Free messages with track memory when WOLFSSL_DEBUG_MEMORY_PRINT is defined. Added test for ForceZero with 0 length. 2018-07-25 11:22:03 -07:00
JacobBarthelmeh 74fbd06817 Merge pull request #1686 from cconlon/nucleus-update
Nucleus port and PB changes
2018-07-25 09:17:40 -06:00
toddouska fe2aee11d8 Merge pull request #1712 from JacobBarthelmeh/Testing
check if internal of WOLFSSL_RSA struct is already set
2018-07-24 11:55:15 -07:00
toddouska 018573bcf3 Merge pull request #1695 from JacobBarthelmeh/Optimizations
add some macro guards for CipherRequires function
2018-07-24 11:51:03 -07:00
Jacob Barthelmeh f69c6e382c check if internal of WOLFSSL_RSA struct is already set 2018-07-23 17:17:27 -06:00
toddouska ab3ffaa26a Merge pull request #1706 from SparkiDev/sha384_not_sha512
Allow SHA384 to be compiled in without SHA512
2018-07-23 09:47:49 -07:00
Sean Parkinson 6d3e145571 Changes to build with X25519 and Ed25519 only
Allows configurations without RSA, DH and ECC but with Curve25519
algorithms to work with SSL/TLS using X25519 key exchange and Ed25519
certificates.
Fix Ed25519 code to call wc_Sha512Free().
Add certificates to test.h and fix examples to use them.
2018-07-23 10:20:18 +10:00
Chris Conlon 7f19f914c0 create WOLFSSL_NUCLEUS_1_2 for older 1.2 version 2018-07-20 10:51:15 -06:00
Sean Parkinson 9433fcb820 Allow SHA384 to be compiled in without SHA512 2018-07-20 09:42:01 +10:00
MJSPollard 19dd08e191 requested style changes 2018-07-19 11:05:56 -06:00
MJSPollard 0dbd35ae01 websocketpp compat. addition, add new define for asio 2018-07-18 12:09:12 -06:00
MJSPollard db8939c578 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO 2018-07-18 11:10:35 -06:00
toddouska 227e7cc8c7 Merge pull request #1690 from SparkiDev/tls_sha384_copy
Remove special case SHA-384 copy code
2018-07-18 09:37:50 -07:00
toddouska 436e774729 Merge pull request #1685 from SparkiDev/dh_max
Add support for maximum DH key size
2018-07-18 09:33:43 -07:00
David Garske 52aac6e641 Merge pull request #1697 from embhorn/zd4060
Dead code in wolfSSL_BIO_gets()
2018-07-18 09:22:35 -07:00
Sean Parkinson 0236a293e4 Fix define protection to be ED25519 not ECC 2018-07-18 10:12:57 +10:00
toddouska 1840ae7013 Merge pull request #1693 from SparkiDev/stack_rsa
Small stack fixes and ignore RSA fields in RSA_LOW_MEM
2018-07-17 12:24:00 -07:00
Eric Blankenhorn 6a6f5d01b4 Fix for zd4060 2018-07-17 14:20:14 -05:00