mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,061 Commits 5 Branches 162 Tags
Commit Graph

1343 Commits

Author SHA1 Message Date
toddouska
7fd51cf9d9
Merge pull request #3267 from SparkiDev/no_client_auth 
Get builds with WOLFSSL_NO_CLIENT_AUTH compiling and testing
 2020-09-03 15:55:38 -07:00
toddouska
db805524de
Merge pull request #3248 from SparkiDev/aes_cbc_oob 
AES-CBC check for input size of 0
 2020-09-03 13:40:34 -07:00
toddouska
b3acd57de5
Merge pull request #3254 from dgarske/leaks 
Fixes valgrind leak reports (related to small stack cache)
 2020-09-02 10:44:49 -07:00
toddouska
9268de229a
Merge pull request #3266 from dgarske/unit_test 
Fix for DH compute key compatibility function failure
 2020-09-02 10:23:23 -07:00
JacobBarthelmeh
914905f1bc
Merge pull request #3193 from embhorn/zd10457_b 
Fix CheckHostName matching
 2020-09-02 10:36:02 -06:00
Sean Parkinson
89b9a77eca Get builds with WOLFSSL_NO_CLIENT_AUTH compiling and testing 
Fix build for no client or server and no client auth.
Fix tests to detect when no client auth compiled and test is trying to
do client auth.
 2020-09-01 15:27:46 +10:00
David Garske
c587ff72d2 Fix for occasional unit.test failure in test_wolfSSL_EVP_PKEY_derive. 2020-08-31 14:04:51 -07:00
Ethan Looney
568184f53f Changed len from hardcoded value to sizeof oid 2020-08-31 13:42:23 -06:00
Ethan Looney
c8d93d4d5e Added ecc.c unit tests to api.c 2020-08-31 13:42:23 -06:00
Eric Blankenhorn
ea5c290d60 Fix CheckHostName matching 2020-08-26 14:03:17 -05:00
David Garske
1b2b3de2c9 Fixes for missing free calls on hash tests. 2020-08-26 09:48:46 -07:00
David Garske
6d5731b8e9 Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with WOLFSSL_SMALL_STACK_CACHE. Added return code checking and cleanup for openssl_test. 2020-08-26 09:45:26 -07:00
David Garske
14e1489365 Fix for SRP leaks with WOLFSSL_SMALL_STACK_CACHE 2020-08-26 09:41:09 -07:00
Sean Parkinson
3a25faea60 AES-CBC check for input size of 0 
Don't need to do anything when size is 0.
 2020-08-25 13:36:45 +10:00
David Garske
3fbaccc8a1 Fix for API unit test test_wolfSSL_X509_sign, which can have a varying length depending on if MSB is set. About 1 in 200 tests would fail. 2020-08-20 15:33:28 -07:00
David Garske
1d55b2f526 Fixes for several memory leaks related to HAVE_WOLF_BIGINT. 2020-08-20 14:25:06 -07:00
toddouska
028bddd7ab
Merge pull request #3215 from ejohnstown/release-4.5.0 
Release Update
 2020-08-17 13:51:23 -07:00
John Safranek
3f6861ee82
FIPS Ready Fix with ECC Timing Resistance 
Commit 6467de5 added some timing resistance to ECC shared secret
agreement. It involved adding an RNG object to the ecc keys so
a random z value can be added to the mix. The older FIPS release
has ECC outside the boundary, so it uses the new ECC code. FIPSv2
has ECC inside the boundary, but all the TLS code checks for that
version of FIPS and leaves out the calls to the new functions as
it is using an older version of ecc.c. FIPS Ready uses the latest
version of ecc.c but compiles as FIPSv2. So, the code outside of
the crypto layer is treating ECC as FIPSv2 and not calling the new
functions, but the crypto layer assumes the RNG should be present,
and errs out on testing.
1. Added a separate option for FIPS Ready to the enable-fips
   configure option. `--enable-fips=ready`. It will treat FIPS
   Ready as the next kind of FIPS release. FIPS Ready will be
   treated like FIPS v3 in the build.
2. Changed the C preprocessor checks for FIPS version 2 to be
   checks for not version 2, with respect to ECC Timing Resistance
   and FIPS builds.
 2020-08-14 10:54:55 -07:00
Sean Parkinson
bc74bfebdd Fixes from C++ and address access checking 
Fix access of table for cache resistance.
Don't name variable public or private.
Cast from void*
 2020-08-13 15:19:49 +10:00
toddouska
fa146870bd
Merge pull request #3155 from julek-wolfssl/openssh-fixes-cherry-picked 
Additional OpenSSL compat stuff for OpenSSH
 2020-08-11 16:32:31 -07:00
toddouska
532c2f50e8
Merge pull request #3083 from julek-wolfssl/openssl-compat-X509V3_EXT_i2d 
Implement more OpenSSL compatibility functions
 2020-08-11 15:01:41 -07:00
toddouska
4e6bc02257
Merge pull request #2982 from SparkiDev/ecc_sc 
ECC now calls mp_submod_ct and mp_addmod_ct
 2020-08-11 09:26:56 -07:00
JacobBarthelmeh
8b7f588aaf
Merge pull request #3108 from SparkiDev/openssl_interop 
Update OpenSSL interopability testing
 2020-08-11 09:42:43 -06:00
Sean Parkinson
93cdfd7132 Update OpenSSL interopability testing 
Added TLS 1.3 testing.
Added Ed25519 and Ed448 testing.
Added tesitng of OpenSSL client against wolfSSL server.
Fixed builds of Curve25519/Curve448/Ed25519/Ed448 in different
configurations.
 2020-08-11 16:44:45 +10:00
Sean Parkinson
6467de5a88 Randomize z ordinates in scalar mult when timing resistant 
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
 2020-08-11 16:12:47 +10:00
Juliusz Sosinowicz
55d4817956 Jenkins fixes 2020-08-10 12:39:16 +02:00
Sean Parkinson
7bb2a69161 Fix memory leak in api.c 
When testing wc_ecc_import_raw(), the mp_int's in the ecc object are
initialized.
For small math, this throws away the allocated buffer.
Must free the object before importing.
 2020-08-10 12:42:46 +10:00
Sean Parkinson
920c97963c Fix Jenikins failure - ToTraditional not declared 
./configure --disable-asn --disable-ecc -disable-rsa --enable-psk
--enable-testcert
 2020-08-10 10:57:07 +10:00
David Garske
c0a664a8e5
Merge pull request #3200 from douzzer/20200805 
Add an error-checking wc_curve25519_make_pub() routine to the API for use by Wireguard
 2020-08-07 16:32:52 -07:00
toddouska
1724347f7a
Merge pull request #3091 from julek-wolfssl/sess-serialization 
Expose session serialization outside of `OPENSSL_EXTRA`
 2020-08-07 15:41:27 -07:00
toddouska
17cc941b29
Merge pull request #3195 from SparkiDev/sp_ecc_cache 
SP ECC Cache Resitance
 2020-08-07 15:35:06 -07:00
JacobBarthelmeh
dd6238fb77
Merge pull request #3174 from embhorn/zd10655 
Fix CheckAltNames to handle IP type
 2020-08-07 16:04:56 -06:00
Chris Conlon
b03e1dd2a9
Merge pull request #3197 from ethanlooney/19th_branch 
Added asn.c unit tests
 2020-08-07 09:25:50 -06:00
Eric Blankenhorn
064bfa583d Fix CheckAltNames to handle IP type 2020-08-07 10:12:56 -05:00
Daniel Pouzzner
f6acbd5f97 test_wc_curve25519_make_pub(): fix order of args to wc_curve25519_make_pub(). 2020-08-06 18:37:00 -05:00
toddouska
82d927d40f
Merge pull request #3199 from dgarske/openssl_sha 
Fix for building openssl compat without SHA-1
 2020-08-06 15:59:26 -07:00
Daniel Pouzzner
0f59e632e1 tests/api.c: add test_wc_curve25519_make_pub(); fix some old stray tabs; remove weird extra string-terminating null in test_wolfSSL_sk_CIPHER_description(). 2020-08-06 17:52:48 -05:00
toddouska
4e9d49556e
Merge pull request #3194 from SparkiDev/unit_fix_1 
Fix unit.test to not fail randomly
 2020-08-06 10:51:12 -07:00
Ethan Looney
77bb300409 Removed unnecessary pointers, matched Xfree arugments and checked the return values of generated keys 2020-08-06 09:21:41 -07:00
Ethan Looney
afcb40724e Added proper ifdef's to EccPrivateKeyToDer 2020-08-06 08:06:06 -07:00
Juliusz Sosinowicz
139a192185 Implement wolfSSL_d2i_X509_NAME 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
ca3a608408 Implement functions 
- `wolfSSL_d2i_ECPrivateKey`
- `wolfSSL_EC_POINT_add`
- `wolfSSL_EC_POINT_invert`
 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
2529ce21b0 Implement wolfSSL_EC_GROUP_dup 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
ea8dd31de0 Implement wolfSSL_i2d_PUBKEY and refactor wolfSSL_i2d_PrivateKey 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
1f0d6d5f31 New functions implemented 
- `EC_POINT_is_on_curve`
- `i2d_EC_PUBKEY`
- `i2d_ECPrivateKey`
- `wc_ecc_point_is_on_curve`
 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
e131d6be5b group->curve_nid is now set to the real NID of the curve 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
c28b7b59c3 Fix jenkins leaks 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz
ad2e710563 Fix missing free 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz
a6651a21f8 Fix segfault 2020-08-06 13:47:26 +02:00
Juliusz Sosinowicz
229c5e9563 wolfSSL_X509V3_EXT_i2d cont. 2020-08-06 13:47:26 +02:00