Commit Graph

2028 Commits

Author SHA1 Message Date
David Garske a7f86f9473 Merge pull request #5517 from JacobBarthelmeh/Testing
misc. testing items from static analysis tools
2022-08-29 08:48:51 -07:00
Juliusz Sosinowicz 88deaf9b5c SNI can appear in ServerHello for TLS 1.2
Co-authored-by: Eric Blankenhorn <eric@wolfssl.com>
2022-08-29 14:22:10 +02:00
JacobBarthelmeh ad0fd15a0d static analysis fix from infer 2022-08-26 14:55:42 -07:00
Juliusz Sosinowicz 2fb3f58c03 Cleanup output object in wolfSSL_EVP_MD_CTX_copy_ex before copy 2022-08-26 13:07:45 +02:00
David Garske 1976601811 Merge pull request #5505 from julek-wolfssl/dtls-plaintext
Ignore plaintext on established connections
2022-08-25 07:25:03 -07:00
Hayden Roche 9f39ffdba7 Fix wolfSSL_GENERAL_NAMES_free memory leak.
This function was just freeing the stack object itself of GENERAL_NAMES with
wolfSSL_sk_free, but this doesn't free the data in the items of the stack. The
fix is to replace wolfSSL_sk_free with wolfSSL_sk_GENERAL_NAME_free.
2022-08-24 18:42:30 -07:00
Juliusz Sosinowicz 159a3c8b03 Ignore plaintext on established connections 2022-08-24 21:40:19 +02:00
John Safranek 9b65f5819c API Test Fixes for GCC/PowerPC Warnings
1. In api.c, change the name of the devId global to testDevId.
2. In api.c, for the SNI test, some of the pointers were multiply
   typecast eventually to `void **`. An older compiler didn't like
   that. Just use void pointer.
2022-08-24 11:30:56 -07:00
David Garske 48463f6d54 Merge pull request #5388 from lealem47/crlPrint
Adding X509_CRL_print() function
2022-08-22 17:16:19 -07:00
David Garske 1e5de8255e Merge pull request #5472 from satoshiyamaguchi/trial3
Add/Extend PEM_read compatibility API's
2022-08-22 09:24:39 -07:00
Lealem Amedie 8f4b467f47 Fixing line lengths and SMALL_STACK code path 2022-08-22 09:17:23 -07:00
Lealem Amedie 2a65220527 Adding X509_CRL_print() function 2022-08-19 12:21:35 -07:00
David Garske 1d0e83bd1a Merge pull request #5474 from julek-wolfssl/zd14644-2
Match OpenSSL self signed error return.
2022-08-19 06:46:26 -07:00
Satoshi Yamaguchi 61c7003520 Fix whitespace 2022-08-19 12:38:07 +09:00
Chris Conlon e830a0f613 Merge pull request #5434 from satoshiyamaguchi/trial4 2022-08-17 17:04:36 -06:00
Juliusz Sosinowicz 008e947fec Match OpenSSL self signed error return.
OpenSSL compat expects ASN_SELF_SIGNED_E when a self signed cert can't be verified. This is useful when translating the error with GetX509Error into a X509_V_ERR_* error.
2022-08-17 12:40:16 +02:00
Satoshi Yamaguchi 091fc71c74 Fix EVP_PKEY not freed and FILE pointer not closed 2022-08-17 01:03:09 +09:00
Satoshi Yamaguchi e1b3f14d35 Fix FILE pointer not closed in tests/api.c 2022-08-17 00:11:29 +09:00
Satoshi Yamaguchi fba534dce0 Add wolfSSL_PEM_read_RSA_PUBKEY to OpenSSL compatible API 2022-08-14 16:08:22 +09:00
Daniel Pouzzner e382905311 CMakeLists.txt: synchronize CMAKE_C_FLAGS with diagnostic flags set in autotools-generated Makefile (-Wall -Wextra -Wno-unused -Werror), and fix WOLFSSL_RSA_PSS to add -DWOLFSSL_PSS_LONG_SALT as needed by changes to test_wolfSSL_CertRsaPss() in fb531dacc2 (gating of those changes is also added in this commit). 2022-08-12 15:18:41 -05:00
David Garske 499b9c4f35 Merge pull request #5456 from SparkiDev/ssl_set1_curve_fix
wolfSSL_CTX_set1_curves_list: X25519 and X448 defines
2022-08-11 09:19:25 -07:00
Sean Parkinson 4d8a713783 wolfSSL_CTX_set1_curves_list: X25519 and X448 defines
Support wolfSSL_CTX_set1_curves_list being available when X25519 and/or
X448 only defined.
Don't recognize X25519 or X448 if corresponding define is not set.
Enable test in api.c.
2022-08-11 14:13:04 +10:00
Sean Parkinson fb531dacc2 Certs with RSA-PSS sig
Add support for parsing and verifying certificates with RSA-PSS
signatures. Including check PSS parameters in key with those in
signature algorithm.
Add support for parsing private RSA PSS key.
Add support for parsing public RSA PSS key.
2022-08-11 09:43:01 +10:00
David Garske 7004157869 Merge pull request #5387 from TakayukiMatsuo/tk14445
Suppress build errors when defining some disable macros
2022-08-07 20:09:41 -07:00
TakayukiMatsuo 79fb1783c4 Suppress build errors when defining some disable macros 2022-08-07 17:11:22 +09:00
David Garske 96fcc129ec Merge pull request #5213 from JacobBarthelmeh/req
expand functions included in opensslextra and add REQ print out
2022-08-05 13:20:21 -07:00
David Garske 2c2a7750a4 Merge pull request #5414 from darktohka/feature/chacha20-poly1305-evp
Integrate chacha20-poly1305 into the EVP interface
2022-08-03 18:21:17 -07:00
David Garske 0c1add08e3 Merge pull request #5416 from darktohka/feature/chacha20-outl-bytes
Ensure ChaCha20 updates out length during cipher update
2022-08-03 07:26:02 -07:00
Satoshi Yamaguchi 013ad0d564 Add wolfSSL_PEM_read_RSAPrivateKey to OpenSSL compatible API 2022-08-03 00:02:40 +09:00
Jacob Barthelmeh 52b80ea52a expand functions included in opensslextra and add REQ print out 2022-08-01 09:21:43 -07:00
Disyer e3dd7677c8 Add tests for chacha20-poly1305 EVP integration 2022-07-28 18:21:12 +03:00
Disyer e8febaf414 Ensure ChaCha20 updates out length during cipher update 2022-07-28 18:06:41 +03:00
Sean Parkinson 460845ba49 Maths bit size: ensure size is right
Ensure WOLFSSL_MAX_RSA_BITS works.
Fix SP math size defines.
Regression testing maths implementations.
2022-07-27 18:58:30 +10:00
David Garske a98642ba61 Merge pull request #5383 from julek-wolfssl/negating-ciphersuites
Expand SetCipherList()
2022-07-25 08:26:47 -07:00
Juliusz Sosinowicz e7cd1562b4 Expand SetCipherList()
- support disabling ciphersuites starting from the default list
2022-07-25 11:14:16 +02:00
Sean Parkinson 8fa2449a63 Cert path length: add flag to indicate path length set
A path length is allowed to be 0.
Can't check path len for 0 to determine when value is set.
Added flag to indicate path length is set.
2022-07-25 09:07:14 +10:00
Hayden Roche daf5135642 Begin refactor of api.c.
- Modify all existing tests to return an int. This moves us in the direction of
being able to return error/success from a test rather than just calling abort
when something fails. Also, all tests now have the same signature, so they can
easily be members of an array of test cases.
- Wrap each test in a TEST_CASE struct, which just stores a pointer to the test
function and the name of the test, for now. In the future, other metadata can
be added (e.g. should this test be run/skipped) to TEST_CASE, if desired.
- Modify all tests to return 0 on success. Right now, this doesn't do us much
good because the failure mechanism isn't returning some value != 0, it's
abort.
- Add TestSetup and TestCleanup functions that run before and after each test,
respectively. The former does nothing right now, and the latter clears the
error queue, if the error queue is compiled in.
2022-07-21 10:12:26 -07:00
JacobBarthelmeh 1281d97b1e Merge pull request #5373 from haydenroche5/error_queue_fix
Fix backwards behavior for various wolfSSL_ERR* functions.
2022-07-21 09:35:21 -06:00
Kareem 741d61574b Make wolfSSL_CTX_clear_options available without OPENSSL_EXTRA. 2022-07-20 12:24:47 -07:00
Hayden Roche e6da540fb3 Fix backwards behavior for various wolfSSL_ERR* functions.
wolfSSL_ERR_get_error and wolfSSL_ERR_peek_error_line_data should return the
earliest error in the queue (i.e. the error at the front), but prior to this
commit, they returned the latest/most recent one instead.

In DoAlert, we were adding an error to the queue for all alerts. However, a
close_notify isn't really an error. This commit makes it so DoAlert only adds
errors to the queue for non-close_notify alerts. In ReceiveData, similarly, we
were adding an error to the queue when the peer sent a close_notify, as
determined by ssl->error == ZERO_RETURN. Now, we don't add an error in this
case.
2022-07-20 08:56:48 -07:00
David Garske f4191a102b Merge pull request #5304 from SKlimaRA/SKlimaRA/cert-pathlen
drafted pathlen for cert struct
2022-07-20 07:54:13 -07:00
David Garske aab2459d1f Merge pull request #5372 from JacobBarthelmeh/copyright
update copyright year to 2022
2022-07-20 07:52:05 -07:00
David Garske c029b23043 Merge pull request #5308 from SparkiDev/ecies_gen_iv
ECIES: Google Pay generates IV and places it before msg
2022-07-20 06:46:14 -07:00
Stanislav Klima 66c5a947fd XSTRNCPY, fixed typos 2022-07-20 08:56:59 +02:00
Sean Parkinson 09bba3510f ECIES: Google Pay ECIES
Generates IV and places it before msg
Uses 12 byte IV with AES-CTR
Add API to explicitly set KDF salt.
2022-07-20 09:30:47 +10:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Stanislav Klima 1a44bad8cc drafted test case for path len 2022-07-19 15:34:20 +02:00
Hayden Roche a1b7c29309 Make wolfSSL_(get|set)_options available outside compat layer.
Also make wolfSSL_CTX_get_options available.
2022-07-14 16:03:58 -07:00
David Garske 2d5bc72c9b Fixes for ED25519/ED448 private key with public key export (RFC8410). Added length only support. 2022-07-13 16:17:08 -07:00
Daniel Pouzzner ccc5952369 global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked;
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
2022-07-11 22:28:09 -05:00