Chris Conlon
a7d5e6400d
add support for PKCS7_TEXT flag to PKCS7_verify()
2022-03-15 10:21:22 -06:00
Daniel Pouzzner
4966eb7897
Merge pull request #4944 from douzzer/20220310-asn-template-EncodeExtensions-overrun
...
wolfcrypt/src/asn.c: fix buffer underrun in EncodeExtensions() and leak in ParseCRL_Extensions()
2022-03-13 21:21:07 -05:00
Sean Parkinson
cdb45b12c5
Merge pull request #4884 from haydenroche5/i2d_x509_name_fix
...
Improve wolfSSL_i2d_X509_name.
2022-03-14 11:57:07 +10:00
Daniel Pouzzner
fb0c9b2a66
ssl.c: use InitHandshakeHashes(), not FreeHandshakeHashes(), to reset ssl->hsHashes.
2022-03-11 16:26:24 -06:00
Daniel Pouzzner
82ab7bf32c
ssl.c: fix hash state memory leaks in wolfSSL_clear() and wolfSSL_TicketKeyCb().
2022-03-11 13:40:01 -06:00
Daniel Pouzzner
7602eef98f
src/ssl.c: use strlcpy(), not strncpy(), to make string_fortified happy (else "error: ‘__builtin_strncpy’ specified bound 46 equals destination size").
2022-03-11 08:15:44 -06:00
Sean Parkinson
c3eab0dcdd
Fixes from sanitizer build
...
Fix OID index in SetNameRdnItems for multi attributes.
Stop warning about strncpy to small.
Fix casting in ASN1_SIMPLE to use consistent type.
2022-03-11 14:27:50 +10:00
David Garske
570daa6a7f
Enable support for STM32U585 and PQ on M4
2022-03-10 14:19:01 -05:00
David Garske
b30ada1608
Merge pull request #4940 from ejohnstown/wolfrand
...
Fix wolfRand Build
2022-03-09 15:42:19 -08:00
Sean Parkinson
47895fe78d
Merge pull request #4942 from dgarske/sp_math_opensslextra
...
Fixes to support building opensslextra with SP math
2022-03-10 08:53:21 +10:00
David Garske
141cf822f2
Merge pull request #4941 from douzzer/20220309-script-cleanup
...
20220309 script cleanup
2022-03-09 13:30:50 -08:00
Chris Conlon
bcfe8bf2e2
Merge pull request #4933 from haydenroche5/x509_set_ext_ext_key_usage
2022-03-09 13:22:49 -07:00
David Garske
3a62857dbd
Fixes to support building opensslextra with SP math. Disables some of the compatibility layer BN and ECC point handling.
2022-03-09 11:53:56 -08:00
John Safranek
d6fb454063
Fix wolfRand Build
...
1. Remove the v3 FIPS build from configure and automake. This was for
the old FIPS Ready build, which is now fixed to the certificate 3389
configuration.
2. Remove AES-GCM, PKCS12, and SHA-3 from wolfRand build. They were
getting reenabled later in the configure.
2022-03-09 10:35:39 -08:00
Daniel Pouzzner
abfc788389
script cleanup: use #!/bin/bash on all scripts that use "echo -e" (/bin/sh is sometimes a non-Bourne/non-POSIX shell, e.g. dash/ash, with no support for "echo -e"); fix whitespace.
2022-03-09 12:28:22 -06:00
Chris Conlon
70857f7b3c
Merge pull request #4923 from miyazakh/set_bio
...
Set bio read/write flag obviously
2022-03-08 13:08:33 -07:00
David Garske
a4229c6cf8
Merge pull request #4932 from SparkiDev/tls_hmac_fix
...
TLS HMAC: fix number of blocks to not process
2022-03-08 10:06:11 -08:00
David Garske
9b808bde20
Fixes for building with HAVE_EX_DATA no compat layer.
2022-03-07 17:20:58 -06:00
Hayden Roche
39d975a3c3
Add extended key usage support to wolfSSL_X509_set_ext.
2022-03-07 15:20:01 -08:00
Sean Parkinson
0a91d42f2c
TLS HMAC: fix number of blocks to not process
...
Change made to line for static analysis.
Change was made incorrectly due to bracketting.
This fixes it.
2022-03-08 08:10:52 +10:00
Hideki Miyazaki
a572c19268
set bio flag obviously
...
fix nightly Qt test
2022-03-06 07:41:36 +09:00
David Garske
3839b0e675
Fixes for building wolfSSL along side openssl.
2022-03-04 12:06:24 -08:00
David Garske
3a5f78b55a
Merge pull request #4919 from julek-wolfssl/ZD13737
...
Reported in ZD13737
2022-03-03 08:22:11 -08:00
Sean Parkinson
63e4ba5854
Merge pull request #4906 from julek-wolfssl/ZD13606-master
...
Fix issues reported in ZD13606
2022-03-03 21:27:22 +10:00
Juliusz Sosinowicz
bdb7399398
Reported in ZD13737
...
Implement `wolfSSL_BIO_eof` support for most available BIO's
2022-03-03 10:25:09 +01:00
Juliusz Sosinowicz
c7c3ee00bb
Address code review
...
- Use functions instead of accessing `BIO` members
- Add `wolfSSL_BIO_method_type`
2022-03-03 10:09:41 +01:00
Sean Parkinson
59970d94f5
Merge pull request #4908 from dgarske/tick_pad
...
Fix for padding in session tickets
2022-03-03 08:20:35 +10:00
David Garske
d86122a5e7
Merge pull request #4909 from JacobBarthelmeh/PKCS12
...
refactor PKCS12 parse key creation
2022-03-02 12:37:06 -08:00
Jacob Barthelmeh
aa18209c99
free buffer since pkey struct makes its own copy
2022-03-02 09:59:21 -07:00
David Garske
119f2d2651
Fix for padding in session tickets. Adds padding based on WOLFSSL_GENERAL_ALIGNMENT. Increases enc_len to 32-bit. Related to PR #4887
2022-03-01 15:40:57 -08:00
Sean Parkinson
d1ba82d5e5
Merge pull request #4903 from julek-wolfssl/psk-resuming-certs
...
OpenSSL considers PSK resuming
2022-03-02 08:57:40 +10:00
Jacob Barthelmeh
b03233a35e
handle free'ing up items in fail case
2022-03-01 15:24:53 -07:00
Jacob Barthelmeh
45ff8af026
refactor PKCS12 parse key creation
2022-03-01 14:49:59 -07:00
David Garske
71056f6591
Merge pull request #4902 from SparkiDev/tlsx_usc_leak
...
TLSX: supported groups in temporary not always freed
2022-03-01 12:04:35 -08:00
Juliusz Sosinowicz
a104cf887e
Ticket failure should result in a regular handshake
2022-03-01 10:34:43 +01:00
Juliusz Sosinowicz
645f385031
Fix BioReceive for closed connection
...
The pending check was forcing a `WOLFSSL_CBIO_ERR_WANT_WRITE` return even though the underlying socket was closed and `WOLFSSL_BIO_FLAG_READ|WOLFSSL_BIO_FLAG_RETRY` was not set. The `wolfSSL_BIO_ctrl_pending(ssl->biord) == 0` is old and I can't find a reason to keep checking it. I left it just in the case where there is output data pending.
2022-03-01 10:34:20 +01:00
Juliusz Sosinowicz
5aef687414
OpenSSL considers PSK resuming
...
- `SSL_VERIFY_FAIL_IF_NO_PEER_CERT` check passes on a TLS 1.3 PSK connection that isn't a ticket
2022-03-01 10:09:24 +01:00
Juliusz Sosinowicz
92bd5a4076
Merge pull request #4891 from dgarske/multi_test
2022-02-28 15:28:39 +01:00
Sean Parkinson
350881b1bb
TLSX: supported groups in temporary not always freed
...
Fix handling of errors so that temporary is always freed.
2022-02-28 11:40:58 +10:00
Sean Parkinson
f3df4400d5
Merge pull request #4886 from dgarske/zd13745
...
Adds CSR userId support in subject name
2022-02-28 10:15:41 +10:00
Chris Conlon
870ff5b352
Merge pull request #4890 from miyazakh/objinfo
...
fix to use EXT_KEY_USAGE_OID in object_info
2022-02-25 16:02:48 -07:00
David Garske
a2381ba954
Adds CSR userId support in subject name. Minor build fixes for ASN template.
2022-02-25 14:22:59 -08:00
David Garske
821fd3c898
Peer review fixes. Check idSz and add comment about session variable use.
2022-02-25 11:38:05 -08:00
David Garske
a39a1c1d87
More fixups from cppcheck and clang-tidy.
2022-02-25 10:03:17 -08:00
Hayden Roche
c33ae4c245
Improve wolfSSL_i2d_X509_NAME and wolfSSL_i2d_X509_NAME_canon.
...
Like other i2d functions, these functions should be able to take a NULL output
parameter and return the necessary output buffer size. This commit adds this
ability. This commit also removes some redundant code in wolfSSL_i2d_X509_NAME.
2022-02-24 14:48:52 -08:00
David Garske
269ab86002
Fixes for DoClientTicket changes.
2022-02-24 14:28:50 -08:00
David Garske
c2987a9ef9
Fix for IPv6 sockaddr_len set but not read.
2022-02-24 14:09:08 -08:00
David Garske
6e24e21d5a
Fix for heap pointer in wolfSSL_DupSession.
2022-02-24 12:56:39 -08:00
David Garske
2b794f03c1
Fixes for multi-test pass. Breaks from PR #4807 .
2022-02-24 11:48:40 -08:00
Hideki Miyazaki
de81447b2d
fix to use EXT_KEY_USAGE_OID in object_info
2022-02-24 15:18:32 +09:00