mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,062 Commits 5 Branches 162 Tags 807 MiB
e99a5b0483
Commit Graph

4062 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jacob Barthelmeh
e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
toddouska
10e74f7200 Merge pull request #353 from dgarske/EccUnsignedSizeCheckFix 
Fixed bug where mp_unsigned_bin_size returning 0 could produce a UINT…
 2016-03-17 10:50:01 -07:00
David Garske
19967dd264 Fixed bug where mp_unsigned_bin_size returning 0 could produce a UINT_MAX (based on -1) resulting in invalid index to an array. Added test case for this if FP_ECC is defined. 2016-03-17 09:39:10 -07:00
toddouska
46a01c29d8 Merge pull request #350 from JacobBarthelmeh/master 
check for invalid RSA OAEP with SHA512 test case
 2016-03-16 16:25:13 -07:00
Jacob Barthelmeh
2dd5efd969 sanity check for RSA key size and hash digest size 2016-03-16 15:25:52 -06:00
Jacob Barthelmeh
4c3ddac23c catch invalid test case of RSA-OAEP and fix cast 2016-03-16 14:51:25 -06:00
toddouska
7722c4484a Merge pull request #349 from dgarske/CobiPort 
Port for Nordic nRF51 RNG, RTC and AES. Added RNG test for wc_RNG_Gen…
 2016-03-16 13:36:27 -07:00
David Garske
0683ecb727 Fixed FreeCRL issue with strdup memory. Added additional checks for WOLF_AES_CBC and WOLF_AES_COUNTER. Disabled memory tracker by default for wolfCrypt test and benchmark. Updated README to better document Linux Binutils LD bug workaround. 2016-03-16 09:41:19 -07:00
David Garske
f0ea9d747f Fix possible positive return value for random_rng_test. Removed reference to nrf51_aes_decrypt, which is not supported, and added compile error for it. Corrected ecc_test_raw_vector return code checking. Cleanup in InitMemoryTracker. 2016-03-15 18:33:24 -07:00
David Garske
bf058ef1b9 Fixed Jenkins error reports for mem_track msg, incorrect #ifdef in aes_test and ecc_test_raw_vector response code checking. Fixed C89 compliance with wc_AesSetKey. Fixed nrf_drv_rng_init response checks in RNG code. Reverted comment change in AES. Fixed nRF51 AES CBC Encrypt support. Added response code checking for nrf51_aes_set_key. 2016-03-15 17:18:03 -07:00
David Garske
a38183b816 Port for Nordic nRF51 RNG, RTC and AES. Added RNG test for wc_RNG_GenerateBlock 0's check even if HAVE_HASHDRBG is enabled. Added NIST test vectors for ECC P-256, P-384 and P-521. Added helpful debug message in ECC import if issue finding ecc_sets[] for curve. Moved memory tracker into separate file and added support for it to wolfcrypt test and benchmark. Added Ed255519/Curve25519 options for granular control of sign, verify, shared secret, import and export. Added AES options for max key size (AES_MAX_KEY_SIZE), no decrypt (NO_AES_DECRYPT) and no CBC (NO_AES_CBC). 2016-03-15 13:58:51 -07:00
toddouska
47491e6c22 Merge pull request #332 from JacobBarthelmeh/Certs 
Certs
 2016-03-14 13:24:03 -07:00
Jacob Barthelmeh
db758dc98b update test script, fall back to cert name search, fix der free 2016-03-12 09:37:32 -07:00
Jacob Barthelmeh
060e278559 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into Certs 2016-03-11 23:48:39 -07:00
JacobBarthelmeh
154f027c54 Merge pull request #347 from dgarske/ScanBuildFix214 
Address scan-build issue on build #214 after DerBuffer refactor part 2
 2016-03-11 16:53:41 -07:00
David Garske
81b0ccdb1a Address scan-build issue on build #214 after DerBuffer refactor part 2 (ceafb25). 2016-03-11 09:39:13 -08:00
dgarske
98f40fa132 Merge pull request #345 from moisesguimaraes/remove_unnecessary_condition 
remove unnecessary condition
 2016-03-11 09:27:22 -08:00
Moisés Guimarães
2e1c1ca7f8 remove unnecessary condition 2016-03-10 23:07:36 -03:00
dgarske
0171aefc65 Merge pull request #344 from JacobBarthelmeh/master 
K64F RNGA register
 2016-03-10 16:05:19 -08:00
toddouska
1bd7de46bb Merge pull request #342 from dgarske/JenkinsFixes20160310 
Fixes multiple Jenkins warnings/failures
 2016-03-10 14:19:47 -08:00
Jacob Barthelmeh
3976a3e2f2 K64F RNGA register 2016-03-10 14:35:55 -07:00
David Garske
80aa431689 Fixes multiple Jenkins warnings/failures. First is PickHashSigAlgo is required for client builds or if certs are enabled. Fixed scan-build warning with OCSP not recognized ForceZero as cleaning memory and using possible garbage value. Also cleaned up the OCSP functions to use struct buffer* instead of void* for clarity with a little forward declaration. 2016-03-10 09:38:11 -08:00
toddouska
1435a6ce92 Merge pull request #341 from JacobBarthelmeh/master 
SEP and CERTEXT, QSH debug
 2016-03-10 09:36:25 -08:00
Kaleb Joseph Himes
0a1871e77c Merge pull request #337 from dgarske/WarnDoubleFree 
Fixes scan-build warning with "--enable-opensslextra --disable-memory"
 2016-03-09 16:28:18 -08:00
Jacob Barthelmeh
6e1c5b3801 disable CERT_EXT policies check when SEP is used instead 2016-03-09 17:22:38 -07:00
Jacob Barthelmeh
49b547db08 make QSH debug compile for C89 2016-03-09 17:15:28 -07:00
toddouska
ceafb25f49 Merge pull request #338 from dgarske/DerBufferRefactor2 
Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a re…
 2016-03-09 12:36:22 -08:00
toddouska
2f060dd860 Merge pull request #312 from dgarske/LeanTls 
New LeanTLS configure option
 2016-03-09 10:13:00 -08:00
David Garske
f17dfa5b03 Moved the x509 XFREE to outside the FreeX509 function. Internally FreeX509 is only used in two places. One is for the ssl->peerCert, which is not dynamic anyways. The second is in the ExternalFreeX509 where it calls FreeX509 if its dynamic and will XFREE there. 2016-03-09 09:15:00 -08:00
David Garske
c863300805 Fixed scan-build error with possibly using a NULL pointer. 2016-03-08 09:34:56 -08:00
David Garske
0f93b86b61 Fixes for PK_CALLBACKS and sniffer after DerBuffer refactor #2. 2016-03-08 08:56:14 -08:00
David Garske
ce9f14f713 Refactor of DerBuffer, so WOLFSSL object doesn't have to grow as a result of additional functionality. Removed InitDer. Changed all DerBuffers to use pointer and pass pointer to DerBuffer* to AllocDer and FreeDer. Result is more efficient code and reduced WOLFSSL object size. AllocDer uses first part of the allocated buffer for the actual DerBuffer. 2016-03-08 08:56:14 -08:00
David Garske
daa1cd634e Fixes scan-build warning with "--enable-opensslextra --disable-memory". Problem was different #if defines on the InitX509 and FreeX509, which caused the static analyzer to think the "x509->dynamicMemory" was always true. 2016-03-08 08:38:02 -08:00
David Garske
0ed26ad262 Updated build for "leantls" to support building only the client, by splitting BUILD_EXAMPLES into 3 parts (BUILD_EXAPLE_SERVERS, BUILD_EXAMPLE_CLIENTS and BUILD_TESTS). This allows the make check to perform the external tests to validate the client only "leantls" configuration option. 2016-03-08 08:35:28 -08:00
David Garske
2891939098 Remove NO_CERT and NO_CODING. Enable building of the client with leantls. 2016-03-08 08:35:28 -08:00
David Garske
8e8ee45828 LeanTLS: Fixed issue with GetCA, GetCAByName and PickHashSigAlgo with HAVE_ECC, NO_RSA and NO_CERTS defined. Added new "--enable-leantls" option, which enables TLS 1.2 client only with ECC256, AES128 and SHA256 (no RSA, DH, DSA, MD4, MD5, SHA, PSK, PWD, CERTS, DES3, Error Strings, ARC4, Coding, Memory or File System). 2016-03-08 08:35:28 -08:00
JacobBarthelmeh
375d85fe9a Merge pull request #336 from dgarske/ASNCertPolicyExtFix 
Fixed bug with ASN.1 X509V3 Certificate Policy extension parsing
 2016-03-08 08:59:24 -07:00
David Garske
b549c81337 Fix the WOLFSSL_SEP (--enable-sep) build scenario where extCertPoliciesNb is not available. 2016-03-07 14:49:24 -08:00
David Garske
05fb648747 Remove white-space. 2016-03-07 14:33:22 -08:00
David Garske
9b79d8643e Added checks for total length and the cert policy OID len to make sure they don't exceed buffer. 2016-03-07 14:20:37 -08:00
David Garske
dee3645c4e Fixed bug with ASN.1 X509V3 Certificate Policy extension parsing. Bug had to do with parsing when OID contains multiple items such as example 2 below. The wolfssl.com server key now contains a URL in the certificate policy "https://secure.comodo.com/CPS0", which wasn't being parsed over correctly. Also cleanup to use loop instead of duplicate code. 
Example 1:
30 12
30 06 06 04 55 1D 20 00
30 08 06 06 67 81 0C 01 02 01

Result:
2.5.29.32.0
2.23.140.1.2.1

Example 2:
30 46
30 3A 06 0B 2B 06 01 04 01 B2 31 01 02 02 07
   30 2B 30 29 06 08 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 2E 63 6F 6D 6F 64 6F 2E 63 6F 6D 2F 43 50 53
30 08 06 06 67 81 0C 01 02 01

Result:
1.3.6.1.4.1.6449.1.2.2.7
2.23.140.1.2.1
 2016-03-07 13:40:25 -08:00
dgarske
98a72a3f9d Merge pull request #334 from JacobBarthelmeh/master 
update wolfssl-ntru vs project and fix warnings
 2016-03-03 15:53:52 -08:00
dgarske
8ca1c3935d Merge pull request #322 from ejohnstown/dtls-handshake 
DTLS Handshake Update
 2016-03-03 14:33:31 -08:00
Jacob Barthelmeh
c98c457b9b update wolfssl-ntru vs project and fix warnings 2016-03-03 14:35:39 -07:00
dgarske
b9ecd9474c Merge pull request #330 from kaleb-himes/CID-66007-coverity 
avoid dereference of null pointer if args is null
 2016-03-02 18:22:07 -08:00
Jacob Barthelmeh
112cf1f0c9 fix example client help print out 2016-03-02 16:51:57 -07:00
kaleb-himes
7a599c1309 Account for not used case 2016-03-02 16:31:58 -07:00
dgarske
a0f1e1e3ea Merge pull request #331 from kaleb-himes/CID-66006-coverity 
Move assignment to after the null check
 2016-03-02 15:23:58 -08:00
Jacob Barthelmeh
aab44eb26b adjest example server PSK plus flag 2016-03-02 15:43:17 -07:00
Jacob Barthelmeh
267dc48d95 fixs after testing : hash table, using NO_SKID, sanity check, and freeing dCert 2016-03-02 15:23:50 -07:00