Commit Graph

415 Commits

Author SHA1 Message Date
JacobBarthelmeh fbf1b783da initialize value to resolve warning 2024-03-01 21:39:27 +07:00
JacobBarthelmeh c32d9c826c fix for check on hash with ECDSAk case 2024-03-01 21:14:15 +07:00
JacobBarthelmeh 2044d6b7dd add callbacks for PKCS7 streaming input and output 2024-02-26 08:28:12 -07:00
JacobBarthelmeh 8d0dc7a568 fix asn original build, vs warning, and add test cases 2024-02-01 11:50:51 -07:00
JacobBarthelmeh bf23357c8c refactor streaming and additional comments 2024-02-01 11:50:51 -07:00
JacobBarthelmeh c843064681 update macro guard 2024-02-01 11:50:51 -07:00
JacobBarthelmeh 75762d44b6 PKCS7 streaming with encode/sign 2024-02-01 11:50:51 -07:00
Andras Fekete dbc209d8ea Always initialize 'decryptedKey'
Warning 750167.5627928
2024-01-19 10:58:29 -05:00
Andras Fekete 726e7026cb Uninitialized variable because we don't check return value
Warning 544870.5627882
2024-01-19 10:31:20 -05:00
Sean Parkinson 52db533d9b Merge pull request #7106 from bandi13/20231114-codesonar-fixes
20231114 codesonar fixes
2024-01-04 07:16:33 +10:00
Andras Fekete b206e074fc Uninitialized Variable
Warning 545067.3236517
2024-01-03 09:59:18 -05:00
jordan e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
Eric Blankenhorn 1d7fd42aa8 Fixes for release 2023-12-13 14:47:02 -06:00
David Garske db14914951 Fixes for building wolfSSL in Visual Studio. Adds missing files. Fix for type cast warnings. 2023-12-06 13:20:27 -08:00
JacobBarthelmeh 21f34ef028 Merge pull request #6905 from bandi13/moreCodeSonarFixes
Don't nag about leaked resources
2023-11-01 14:46:02 -06:00
JacobBarthelmeh 33c4054cbb Fix for CID 299748 memory leak in error case 2023-10-27 14:36:51 -06:00
Andras Fekete 42c241dbbf Avoid use of uninitialized array 2023-10-27 15:38:46 -04:00
JacobBarthelmeh 7d85e390a9 Merge pull request #6769 from cconlon/pkcs7ContentType
Support PKCS#7 definition for ContentType content ANY
2023-09-14 15:44:35 -06:00
Chris Conlon 0bb9b85cd4 PKCS7: support PKCS#7 definition for ContentType eContent ANY, in addition to CMS OCTET_STRING definition 2023-09-08 16:32:15 -06:00
Anthony Hu 354b28eea0 Propose to convert a less than 0 to less than or equal to 0 2023-08-28 17:16:34 -04:00
JacobBarthelmeh d7b2626433 initialize kari decoded cert 2023-08-16 13:20:29 -07:00
JacobBarthelmeh bd14be8553 init mp_int before use 2023-08-11 10:04:17 -07:00
JacobBarthelmeh 7866a40d06 resolve kari decode without recipient certificate 2023-07-08 07:37:26 -07:00
Sean Parkinson e2424e6744 SM2/SM3/SM4: Chinese cipher support
Add support for:
 - SM2 elliptic curve and SM2 sign/verify
 - SM3 digest
 - SM4 cipher with modes ECB/CBC/CTR/GCM/CCM

Add APIs for SM3 and SM4.
Add SM2 sign and verify APIs.
Add support for SM3 in wc_Hash and wc_Hmac API.
Add support for SM3 and SM4 through EVP layer.
Add support for SM2-SM3 certificates. Support key ID and name hash being
with SHA-1/256 or SM3.
Add support for TLS 1.3 cipher suites: TLS-SM4-GCM-SM3, TLS-SM4-CCM-SM3
Add support for TLS 1.2 SM cipher suite: ECDHE-ECDSA-SM4-CBC-SM3
Add support for SM3 in wc_PRF_TLS.
Add SM2-SM3 certificates and keys. Generated with GmSSL-3.0.0 and
OpenSSL.
2023-07-04 13:36:28 +10:00
Sean Parkinson 7259351a3f Test api.c: change more tests to use Expect instead of Assert
Added a new version of 'nofail' handshaking that doesn't use threads.
More tests can be run in single threaded.

Changed tests over to use test_wolfSSL_client_server_nofail() or
test_wolfSSL_client_server_nofail_memio() to simplfy test cases.

Changed tests to use Expect.

CRL:
BufferLoadCRL wasn't freeing allocated data when currentEntry
couldn't be allocated.

ssl.c:
DecodeToX509(): Needs to call FreeDecodedCert even if
ParseCertRelative fails.
wolfSSL_PEM_read_PUBKEY(): Need to check result of
wolfSSL_d2i_PUBKEY is NULL rather than the passed in WOLFSSL_EVP_PKEY.

X509:
wolfSSL_X509_set_ext(): Must free allocated WOLFSSL_X509_EXTENSION
if not pushed on to stack regardless of stack being NULL.
wolfSSL_X509V3_EXT_i2d(): Don't free asn1str on error as it is the
data passed in.
wolfSSL_i2d_X509_NAME_canon(): free names and cano_data when call to
wolfSSL_ASN1_STRING_canon() fails.

PKCS7:
    wc_PKCS7_InitWithCert(): Check memory allocation of cert for NULL.
2023-06-01 14:22:00 +10:00
Chris Conlon 6ef580ca59 fix PKCS#7 build when using NO_PKCS7_STREAM 2023-05-18 14:50:03 -06:00
Chris Conlon 4526df6d78 Merge pull request #6199 from JacobBarthelmeh/PKCS7
add messageDigest attribute if adding any custom signed attributes
2023-04-26 09:23:22 -06:00
Jacob Barthelmeh bbe9c694a6 more specific naming for attribute types 2023-04-25 13:56:29 -06:00
JacobBarthelmeh d701a0a06e add sanity check on PKCS7 index value 2023-04-25 08:30:33 -07:00
JacobBarthelmeh ca71907142 add function to control default pkcs7 signer attributes 2023-04-18 08:35:02 -07:00
Jacob Barthelmeh ad13717644 add messageDigest attribute if adding any custom signed attributes 2023-04-18 08:35:02 -07:00
Daniel Pouzzner 358af4ef05 fix for cppcheck/zerodivcond in wolfcrypt/src/pkcs7.c:wc_PKCS7_DecodeAuthEnvelopedData();
fixes for clang-tidy/bugprone-macro-parentheses in wolfssl/wolfcrypt/sp_int.{c,h} and wolfcrypt/src/ecc.c;

fix for clang-analyzer-deadcode.DeadStores in olfcrypt/src/asn.c.
2023-04-13 14:51:29 -05:00
Daniel Pouzzner c41030663e wolfcrypt/src/pkcs7.c: correct fix for clang-analyzer-core.DivideZero in wc_PKCS7_DecodeAuthEnvelopedData(). 2023-04-12 16:37:20 -05:00
Daniel Pouzzner 4b59588cf3 more fixes for implicit casts, mostly asn=original. 2023-04-12 02:17:18 -05:00
Daniel Pouzzner 7155c5748e fix overlong lines. 2023-04-12 01:37:09 -05:00
Daniel Pouzzner 99ffd7726f wolfcrypt/src/pkcs7.c:wc_PKCS7_DecodeAuthEnvelopedData(): fix clang-analyzer-core.DivideZero (expBlockSz not properly set before use as a denominator in a mod op). 2023-04-12 01:37:09 -05:00
billphipps 0013be9027 15451 correct padding for pkcs7 (#6260)
* Update to ensure full blocks for crypto in En/DecodeAuthEnvelopedData.

* Corrected spacing and comments

* Set plain to NULL after free on non-error path.
2023-04-10 14:08:52 -07:00
David Garske 58236632ca Fix for PKCS7 with asynchronous crypto enabled. The addition of the devId field will attempt to leverage crypto callbacks and async hardware, so convert WC_PENDING_E to blocking. 2023-02-28 13:22:39 -08:00
JacobBarthelmeh b801a96f8c Port to RT1170 and expand CAAM driver 2023-02-22 08:26:25 -08:00
JacobBarthelmeh 9e9315f480 add sequence around algo parameters with authenvelop 2023-02-02 10:54:38 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Daniel Pouzzner 91869f6028 minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 00:42:05 -06:00
Chris Conlon 1b0171fe3e fix PKCS7 SignedData verification when signer cert is not first in SET 2022-10-13 11:03:13 -06:00
Daniel Pouzzner 3bd91c6ab8 wolfcrypt/src/pkcs7.c: revert 57a7430b6a, which broke SCEP use case, and redo using a simple stack variable initialization approach. 2022-09-09 10:09:14 -05:00
Daniel Pouzzner ef7377d64c fix whitespace and line length. 2022-09-07 15:30:32 -05:00
Daniel Pouzzner 57a7430b6a wolfcrypt/src/pkcs7.c: in wc_PKCS7_DecryptKtri(), refactor handling of OAEP keys to fix uninited value access detected by clang-analyzer-core.UndefinedBinaryOperatorResult; fix whitespace. 2022-09-07 15:14:26 -05:00
Chris Conlon 761fde31ad Merge pull request #5478 from miyazakh/rsaesoaep 2022-09-06 15:45:40 -06:00
Hideki Miyazaki d494894268 Add to parse RSA ES OAEP Oid 2022-08-18 06:43:31 +09:00
JacobBarthelmeh f31c8223f2 fix for not having default pkcs7 signed attributes 2022-07-26 16:45:44 -07:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00