John Safranek
f6a8a2f5bd
NULL Check
...
When using the async option, the RSA key is checked on the first call to
DoTls13CertificateVerify() when the async state machine is set up. On
the subsequent call, the pointer to the key isn't checked again. Added a
check. (This was from a static analysis report.)
2018-08-03 11:09:43 -07:00
John Safranek
368b5b1072
Merge pull request #1729 from kaleb-himes/init-array
...
Initialize array to zero(s)
2018-08-02 16:33:37 -07:00
David Garske
a43d4d16ba
Merge pull request #1719 from MJSPollard/OpenSSLAllFix
...
Added boost define and openssl bug fix with WOLFSSL_KEY_GEN
2018-08-02 15:20:27 -07:00
David Garske
a915c3a381
Merge pull request #1738 from ejohnstown/DH
...
DH SP Fix
2018-08-02 15:04:33 -07:00
Kaleb Himes
660c3300e1
Merge pull request #1730 from dgarske/dertoc
...
Added handy script for converting DER file to C array
2018-08-02 15:54:15 -06:00
JacobBarthelmeh
782ea74fbf
Merge pull request #1732 from kojo1/Ticket-4169-2
...
Ticket 4169: eliminate ssl->CBIORecv/Send overwritten in SSL_set_bio
2018-08-02 14:58:25 -06:00
JacobBarthelmeh
99b556c07d
Merge pull request #1735 from embhorn/zd4179
...
Fix for resource leak
2018-08-02 14:27:04 -06:00
Eric Blankenhorn
b248af6f84
Update from review
2018-08-02 10:59:07 -05:00
kaleb-himes
93c2f3b170
Initialize array to zero(s)
2018-08-02 09:21:09 -06:00
Takashi Kojo
fd75f35801
fix cbioFlag check
2018-08-02 10:18:09 +09:00
John Safranek
6527c2a724
DH SP Fix
...
When doing the sp_2048_mod_exp_*() is processed, one of the index
variables is masked with 0x1f when it was updated. Added the masking to
the initial set of the index.
2018-08-01 16:32:22 -07:00
David Garske
0ccdefb8d0
Merge pull request #1733 from ejohnstown/des-iv
...
Fix DES IV value
2018-08-01 14:57:26 -07:00
JacobBarthelmeh
244d931e75
Merge pull request #1721 from kaleb-himes/cleanup-debug
...
Cleanup debug errors
2018-08-01 15:01:25 -06:00
Eric Blankenhorn
ba2f0fd8fc
Fix for zd4179, 4181, 4182
2018-08-01 15:56:15 -05:00
John Safranek
5ca2ff187b
DES IV
...
Change the DES_IV_SIZE back to 8 bytes, rather than 16.
DES/DES3 was passing the wolfCrypt test becuase the main DES code uses
the DES_BLOCK_SIZE when handling the IV. The TLS/SSL code uses the
DES_IV_SIZE when generating the session keys.
2018-08-01 13:08:52 -07:00
Takashi Kojo
98f6ae16ca
copy cbioFlag from ctx to ssl
2018-08-02 04:48:39 +09:00
toddouska
8bc5bc227d
Merge pull request #1634 from ejohnstown/gcc-8-fixes
...
GCC-8 String Fixes
2018-08-01 12:13:10 -07:00
toddouska
da096497e0
Merge pull request #1727 from dgarske/memdocs
...
Documented memory build options
2018-08-01 12:12:34 -07:00
David Garske
dba8131b19
Merge pull request #1731 from ejohnstown/redundant-cert
...
redundant certificate fix
2018-08-01 10:42:30 -07:00
David Garske
a72cbcf8eb
Merge pull request #1726 from ejohnstown/memcb-test
...
memory callback test fix
2018-08-01 10:05:14 -07:00
Takashi Kojo
96c1a567f0
#4169 : CBIO set flag to escape from overwritten in SSL_set_bio
2018-08-01 19:16:42 +09:00
John Safranek
61ac7315e2
a certificate was named in an automake include that isn't actually in the tree, a similar named certificate is actually used
2018-07-31 17:25:35 -07:00
David Garske
72aef0ab11
Added handy script for converting DER file to C array. Example: ./scripts/dertoc.pl ./certs/server-cert.der server_cert_der_2048 server-cert.c.
2018-07-31 15:57:02 -07:00
John Safranek
f5b3de6b54
GCC-8 string fixes
...
1. Found one more case where a string is copied, potentially without the null. In wc_ports w.r.t. directory and file names.
2018-07-31 14:02:44 -07:00
John Safranek
7053830628
GCC-8 string fixes
...
Fix for the Windows directory search code.
2018-07-31 14:02:44 -07:00
John Safranek
af89458af0
GCC-8 string fixes
...
1. strncpy needs to include the source string's NULL.
2. Deleted a few redundant string modifications.
2018-07-31 14:02:44 -07:00
John Safranek
ed208efc4d
GCC-8 string fixes
...
1. Modify wolfSSL_get_ciphers() to limit the XSTRNCPY based on the dst buf length, not the src string.
2018-07-31 14:02:44 -07:00
John Safranek
2e1a1681ec
GCC-8 string fixes
...
1. strncat() does not like to copy single byte strings with "n = 1", as it won't null-terminate.
2. strncpy()'s len parameter is the size of the dst not the src.
3. Replaced the echoserver HTTP response composition of const strings with a copy of a single string.
2018-07-31 14:02:44 -07:00
John Safranek
50372b7033
Memory Callback
...
1. Allow SetAllocators to use NULL as a callback. Memory wrappers will use default with NULL.
2. Remove the ResetAllocators function. Use SetAllocators with NULL.
3. Modify memory tracker to save the old allocators on init and restore them on cleanup.
2018-07-31 09:30:03 -07:00
David Garske
0e1588f4ad
Documented memory build options. Added logging for normal wolf malloc/free opterations when using WOLFSSL_DEBUG_MEMORY and WOLFSSL_DEBUG_MEMORY_PRINT (previously only worked with WOLFSSL_STATIC_MEMORY and WOLFSSL_TRACK_MEMORY). Changed WOLFSSL_MALLOC_CHECK option to use WOLFSSL_MSG.
2018-07-31 09:03:40 -07:00
kaleb-himes
fe08b98117
Adjust guards following peer review
2018-07-31 09:50:44 -06:00
David Garske
2b3f94944d
Merge pull request #1723 from kaleb-himes/overhead-avoidance
...
avoid overhead call to alloc and free when sigSz invalid
2018-07-31 08:14:49 -07:00
toddouska
f18351fef5
Merge pull request #1718 from dgarske/memtest
...
New memory testing feature and fixes for null checks
2018-07-31 07:56:29 -07:00
toddouska
f5bd376450
Merge pull request #1720 from dgarske/stsafe_wolf
...
Added STM32L4/ST-Safe support. Fixes for AES CBC Decrypt w/CubeMX
2018-07-31 07:41:49 -07:00
David Garske
0f86494161
* Added support for STM32L4 AES hardware crypto.
...
* Added reference PK callbacks functions for ECC sign, verify and shared secret used by TLS in `wolfcrypt/src/port/st/stsafe.c`.
* Fix for wolfcrypt_test to not require args to be provided.
* Fix for wolfCrypt `ecc_test_buffers` to poperly init ecc_key (resolves devId issue).
* Fix for STM32 AES CBC Decrypt with CubeMX, which was not capturing the first input block for next IV.
* Refactor to combine STM32 hardware init code.
2018-07-30 13:58:19 -07:00
David Garske
656c0453a2
Fix for unit test abort().
2018-07-30 13:53:54 -07:00
David Garske
6a91fbcfdd
Fixes for warnings from Jenkins reports.
2018-07-30 13:53:54 -07:00
David Garske
4eff7b641b
First pass at bugs found with ./scripts/memtest.sh. Fixes for NULL pointer checks, making sure free'd pointers are reset, making sure pointers are initialized and making sure memory is always free'd. Fix for TicketInit() which was using non-thread safe RNG and key_ctx. Fix for possible double free case in wolfSSL_PEM_read_X509_CRL.
2018-07-30 13:53:54 -07:00
David Garske
6ed6876b1f
Enhanced the --enable-memtrack option to keep list of pointers allocated and reports leaked memory at end. Cleanup of the wolfCrypt_Init and wolfCrypt_Cleanup calls in unit.test and SrpTest memory tracking feature.
2018-07-30 13:53:54 -07:00
David Garske
2c3475c1d6
Added new build option --enable-memtest or WOLFSSL_FORCE_MALLOC_FAIL_TEST which enables random malloc failures for testing. This test supresses the abort() calls to detect seg faults. A new script ./scripts/memtest.sh starts the test. If an issue is found it can be reviewed with the ./scripts/memtest.txt log and reproduced using the seed printed at top of unit test as --- RNG MALLOC FAIL AT 295--- and rerun using ./tests/unit.test 295.
2018-07-30 13:53:35 -07:00
toddouska
62cb69ded6
Merge pull request #1724 from dgarske/pemtoder
...
Added API's to expose alloc/free of DerBuffer and new unit tests
2018-07-30 13:50:19 -07:00
toddouska
335f467b8c
Merge pull request #1714 from dgarske/pic32hashleak
...
Fixes for PIC32MZ hash memory leak
2018-07-30 13:48:59 -07:00
David Garske
50115e55b3
Merge pull request #1725 from kaleb-himes/USER_CONF_SIZES
...
Allow users to adjust upper bounds
2018-07-30 13:44:58 -07:00
kaleb-himes
ec238c0553
Allow users to adjust upper bounds
2018-07-30 13:44:40 -06:00
Chris Conlon
c71d8eb6ba
Merge pull request #1653 from Naruto/feature/mynewt
...
port apache mynewt
2018-07-30 13:33:25 -06:00
Chris Conlon
1079b0e3b3
Merge pull request #1716 from cariepointer/osp/haproxy
...
Define functions required by HAProxy and enable SSLV3 dependency
2018-07-30 13:26:38 -06:00
David Garske
0ef63048a0
Fix for new report in wc_BerToDer with uninitialized derSz.
2018-07-30 11:51:26 -07:00
David Garske
309d7a9d0d
Added API's to expose alloc/free of DerBuffer using wc_AllocDer and wc_FreeDer. Added unit tests for new API's and missing ones for wc_PemToDer and wc_CertPemToDer. ZD 4185.
2018-07-30 11:19:59 -07:00
Kaleb Himes
d19b78d81a
Fix typo in comment
2018-07-30 12:17:55 -06:00
kaleb-himes
166330030c
Handle case where external unassigned
2018-07-29 06:46:07 -06:00