Commit Graph

362 Commits

Author SHA1 Message Date
Daniel Pouzzner ae3996fd0e fix codebase for -Wvla -Wdeclaration-after-statement; fix some whitespace. 2022-04-01 14:44:10 -05:00
Juliusz Sosinowicz 6dffa8a13d Implement EVP_EncodeBlock and EVP_DecodeBlock 2022-04-01 13:29:40 +02:00
JacobBarthelmeh 25d5a624d2 Merge pull request #4975 from cconlon/smallStack
smallstack cleanup for OpenSSL Compatibility Functions
2022-03-25 17:06:59 -06:00
Juliusz Sosinowicz 29c0c9bf48 Rebase fixes 2022-03-24 13:41:50 +01:00
Juliusz Sosinowicz ae9b01c5b8 bind 9.18.0 fixes
- return `1` from `wolfSSL_BIO_set_mem_eof_return` instead of `0` for success
- bind requires ALPN
- `OPENSSL_COMPATIBLE_DEFAULT` defined for bind
- `WOLFSSL_ERROR_CODE_OPENSSL` defined when using compatibility layer
- return `bio->eof` on no pending data to read in memory BIO (defaults to `WOLFSSL_BIO_ERROR`)
- `flags` is no longer an input parameter in `wolfSSL_ERR_get_error_line_data`
- allow lazy parameter loading in `wolfSSL_DH_set0_key`
- implement reference counter in `WOLFSSL_EC_KEY`
- load serial number from `x509->serialNumber` if `x509->serial` is empty
2022-03-24 12:16:59 +01:00
Chris Conlon 851ff9e661 smallstack reduction for PrintPubKeyRSA, PrintPubKeyDSA, PrintPubKeyDH 2022-03-21 14:43:43 -06:00
Hayden Roche dcaa218ed8 Merge pull request #4927 from cconlon/upRef 2022-03-18 18:10:36 -07:00
Chris Conlon c491a6c829 EVP_PKEY_copy_parameters: correctly mark inner struct owned 2022-03-18 16:37:45 -06:00
Chris Conlon 062003916c stack/smallstack reduction for wolfssl_x509_make_der(), d2iGenericKey(), PrintPubKeyEC(), wolfSSL_EC_POINT_add() 2022-03-15 09:40:48 -06:00
Chris Conlon 9fff321e3e address PR review feedback on EVP_PKEY changes 2022-03-11 10:11:02 -07:00
Chris Conlon e1da313b91 EVP_PKEY_copy_parameters: add support for EVP_PKEY_DH 2022-03-09 14:34:09 -07:00
Chris Conlon f49983b3b3 EVP_PKEY_keygen: add DH keygen support, fixes to EVP_PKEY_set1/get1_DH 2022-03-07 16:32:23 -07:00
Chris Conlon 939ce713df EVP_PKEY_derive: set internal DH key if needed 2022-03-07 16:32:22 -07:00
Chris Conlon f3f0d49fce EVP_PKEY_CTX_new: set curve NID from pkey if available 2022-03-07 16:32:22 -07:00
Chris Conlon 8e0f5f9289 EVP_PKEY_get1/set1_EC_KEY: modify for EC_KEY_up_ref support 2022-03-07 16:31:09 -07:00
David Garske 3839b0e675 Fixes for building wolfSSL along side openssl. 2022-03-04 12:06:24 -08:00
Hayden Roche 51d66877f7 Add wolfSSL_EVP_PKEY_paramgen to the compatibility layer.
Currently, it only supports ECC, which is all we need it for for the OpenSplice
port we're working on. In the ECC case, all it needs to do is set the group
appropriately. The logic is very similar to `wolfSSL_EVP_PKEY_keygen`, minus
the final step of actually generating the key.
2022-02-23 13:59:15 -08:00
John Safranek 041d300b2b Fix Small Memory Leaks
Found with the configuration running the unit test through valgrind.

    % ./configure CFLAGS=-DNO_WOLFSSL_CIPHER_SUITE_TEST \
      --enable-all --disable-fastmath --enable-debug --disable-shared

1. ssl.c: In wolfSSL_DSA_generate_key(), we initialize (and allocate)
   all the parameters in the key (p, q, g, x, y), and then we generate a
   key, initializes (and allocates) x and y, again. mp_clear them
   first.
2. evp.c: When printing public keys, the temporary mp_int wasn't getting
   correctly freed.
3. evp.c: When printing public keys, modified the utility functions to
   return once with a do-while-0 loop.
2022-02-18 10:01:49 -08:00
Hayden Roche b850cc89b0 Fix IV length bug in EVP AES-GCM code.
In `wolfSSL_EVP_CipherInit`, `ctx`'s `ivSz` field isn't being accounted for.
A common OpenSSL EVP AES-GCM flow looks like this:

- `EVP_CIPHER_CTX_new`
- `EVP_EncryptInit_ex`
- `EVP_CIPHER_CTX_ctrl` with command `EVP_CTRL_GCM_SET_IVLEN` to set the IV
length to 16 (AES block size) instead of the default 12
- `EVP_EncryptInit_ex` again to set the key and IV
- `EVP_EncryptUpdate` however many times
- `EVP_EncryptFinal`

In fact, we test this flow in our unit test `test_wolfssl_EVP_aes_gcm`. However,
in our implementation, the second call to `EVP_EncryptInit_ex` unconditionally
resets the IV length back to 12. This doesn't cause a test failure because
decryption has the same problem, so both sides of the equation have the same
wrong view of the IV.

The solution is to preserve the IV length in wolfSSL_EVP_CipherInit if ctx->ivSz
is non-zero. Otherwise, use the default of 12 (`GCM_NONCE_MID_SZ`).

This was discovered by a user migrating to the compatibility layer. As I
mentioned, it isn't exposed by our testing. It is exposed if you try to use the
same key and IV with OpenSSL and compare the resulting ciphertext with wolfSSL.
They won't be the same and thus won't interoperate.
2022-02-03 17:40:26 -08:00
David Garske 99799a3e3e Merge pull request #4806 from anhu/kill_idea
Purge IDEA cipher
2022-02-01 12:27:55 -08:00
Anthony Hu 9ea40f3a9c Purge IDEA cipher 2022-01-31 15:29:25 -05:00
David Garske 80ae237852 Fixes for building with ipsec-tools/racoon and openvpn:
* Fix for `EVP_CIPHER_CTX_flags`, which mapped to a missing function (broke openvpn)
* Added stack of name entries for ipsec/racoon support.
* Added `X509_STORE_CTX_set_flags` stub.
* Added PKCS7 NID types.
* Improved FIPS "SHA" logic in `test_wolfSSL_SHA`
* Added some uncommon NID type definitions.
* Expose the DH `DH_set_length` and `DH_set0_pqg` with OPENSSL_ALL
2022-01-28 09:21:03 -08:00
Sean Parkinson 1b5d0c75b8 wolfSSL_EVP_get_cipherbyname: case compare
Accept any case alternatives to name or alias.
Remove case only different aliases.
Tidy up formatting in function.
2022-01-17 09:39:16 +10:00
Daniel Pouzzner d4aa6bd1fc wolfcrypt/src/evp.c: fixes for cppcheck complaints: bufferAccessOutOfBounds nullPointerRedundantCheck 2022-01-08 00:29:47 -06:00
Daniel Pouzzner aa05eb2879 wolfcrypt/src/evp.c: fix wolfSSL_EVP_CIPHER_CTX_ctrl() null pointer passed to XMEMCPY(), found by sanitizers under gcc-11.2.1. 2021-12-27 17:59:28 -06:00
David Garske dec78169bf Merge pull request #4658 from julek-wolfssl/apache-2.4.51
Add Apache 2.4.51 support
2021-12-16 08:52:10 -08:00
Juliusz Sosinowicz e78f7f734e Add Apache 2.4.51 support
- Define `OPENSSL_COMPATIBLE_DEFAULTS` and `WOLFSSL_NO_OCSP_ISSUER_CHECK` for Apache config
- Fix `SSL_set_timeout` to match OpenSSL signature
- Implement `pkey` in `X509_INFO`
- Detect attempt to connect with plain HTTP
- Implement `wolfSSL_OCSP_request_add1_nonce`
- Set `ssl->cipher.bits` when calling `wolfSSL_get_current_cipher`
- Use custom flush method in `wolfSSL_BIO_flush` when set in BIO method
- Set the TLS version options in the `ssl->options` at the end of ClientHello parsing
- Don't modify the `ssl->version` when in a handshake (`ssl->msgsReceived.got_client_hello` is set)
- `wolfSSL_get_shutdown` returns a full bidirectional return when the SSL object is cleared. `wolfSSL_get_shutdown` calls `wolfSSL_clear` on a successful shutdown so if we detect a cleared SSL object, assume full shutdown was performed.
2021-12-16 12:39:38 +01:00
Daniel Pouzzner 355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Juliusz Sosinowicz 223f25149b Return early on failed key init 2021-12-07 18:11:19 +01:00
Juliusz Sosinowicz 96b8b11fba a and key were not being freed => leak in PrintPubKeyEC 2021-12-06 12:03:02 +01:00
Juliusz Sosinowicz 82a9f74476 Compat updates
- implement `wolfSSL_PEM_X509_INFO_read`
- `wolfSSL_EVP_CipherUpdate` no-ops on `NULL` input
- add md4 support to `wolfSSL_EVP_MD_block_size` and `wolfSSL_EVP_MD_size`
2021-11-22 11:45:27 +01:00
David Garske 5182e2a8c8 Merge pull request #4580 from kareem-wolfssl/minor_fixes
Check ssl->arrays in SendClientHello to avoid null dereference.  Allow building with fallthrough defined.
2021-11-19 16:55:01 -08:00
Kareem 72d4dcce0f Fix updated FALL_THROUGH macro. Fix a couple of case statements and remove a trailing whitespace. 2021-11-19 14:13:02 -07:00
kaleb-himes 4324cf8f0a Correct cast from uint to uchar 2021-11-18 10:18:25 -07:00
kaleb-himes 6bb86cf4da OE30 and OE31 changes external to FIPS module for NetBSD builds 2021-11-10 15:16:21 -07:00
Daniel Pouzzner 0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
John Safranek 75df6508e6 Add a read enable for private keys when in FIPS mode. 2021-10-26 20:24:29 -05:00
Daniel Pouzzner 8c3cbf84f9 add missing gating around WOLFSSL_NO_SHAKE256, WOLFSSL_NOSHA512_224, and WOLFSSL_NOSHA512_256. 2021-10-26 20:24:27 -05:00
Sean Parkinson 817cd2f2a6 Merge pull request #4487 from haydenroche5/openssh
Make several changes to support OpenSSH 8.5p1.
2021-10-21 08:59:38 +10:00
Hayden Roche 864f913454 Make several changes to support OpenSSH 8.5p1.
- Permit more wolfSSL_EC_POINT_* functions for FIPS builds. This requires one
workaround in wolfSSL_EC_POINT_mul where wc_ecc_get_generator isn't available.
- Permit more AES-GCM code in EVP code for FIPS v2 builds. It's unclear why this
code wasn't already available.
- Add EVP_CIPHER_CTX_get_iv to the compatibility layer.
- Clear any existing AAD in the EVP_CIPHER_CTX for AES-GCM when we receive the
EVP_CTRL_GCM_IV_GEN control command. OpenSSL does this, and OpenSSH is relying
on this behavior to use AES-GCM correctly.
- Modify ecc_point_test in testwolfcrypt so that it doesn't fail when doing a
FIPS build with HAVE_COMP_KEY defined.
2021-10-20 11:00:42 -07:00
David Garske a03ed32380 Support for Android KeyStore compatibility API's:
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
Sean Parkinson f04380d624 Merge pull request #4475 from douzzer/fix-scan-build-UnreachableCode
scan-build LLVM-13 fixes and expanded coverage
2021-10-20 08:30:46 +10:00
Daniel Pouzzner 62822be6ce scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all. 2021-10-18 21:46:09 -05:00
Eric Blankenhorn 1396c46281 Fix build errors with NO_BIO config 2021-10-14 09:06:54 -05:00
Chris Conlon 9e4ab9b638 Add BIO_up_ref(), PEM_read_DHparam(), EVP_MD_nid() (#4348)
* add BIO_up_ref

* add PEM_read_DHparams()

* add EVP_MD_nid()

* exclude PEM_read_DHparams when NO_FILESYSTEM defined

* review feedback: single threaded, indents, EVP_MD_nid
2021-09-27 08:20:37 +10:00
TakayukiMatsuo 90116a2873 Add support for wolfSSL_EVP_PBE_scrypt (#4345) 2021-09-03 15:49:02 +10:00
TakayukiMatsuo 56843fbefd Add support for EVP_sha512_224/256 (#4257) 2021-09-02 14:05:07 +10:00
John Safranek 078d49ea6f Merge pull request #4333 from dgarske/evp_devid
EVP key support for heap hint and crypto callbacks
2021-08-30 11:59:27 -07:00
John Safranek 3f2abef212 Merge pull request #4321 from haydenroche5/libimobiledevice
Make changes to support libimobiledevice.
2021-08-24 17:19:26 -07:00
David Garske b8263f44f7 Added new EVP API for creating a private key for use with crypto callbacks. Improvements to heap hint and devId with EVP layer. 2021-08-24 12:14:44 -07:00