wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 20:32:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,397 Commits 12 Branches 184 Tags
100d765b0c333ec00a111ce7c19be6f1bf4070a5
Commit Graph

75 Commits

Author SHA1 Message Date
David Garske
57ef8a7caf Merge pull request #9574 from anhu/dtls_guard 
Guard a bit of DTLS code.
 2025-12-23 15:03:46 -08:00
Anthony Hu
c03c2dd541 Add tests 2025-12-23 11:48:57 -05:00
Sean Parkinson
b766f11e7b TLS 1.3, plaintext alert: ignore when expecting encrypted 
In TLS 1.3, ignore valid unencrypted alerts that appear after encryption
has started.
Only ignore WOLFSSL_ALERT_COUNT_MAX-1 alerts.
 2025-12-23 09:09:06 +10:00
Juliusz Sosinowicz
432f0e33f6 Fix incorrect use of CFLAGS in os-check 2025-12-17 10:28:43 +01:00
jackctj117
9db4aad468 Added --enable-certgencache to os-check 2025-12-10 10:14:39 -07:00
Juliusz Sosinowicz
32911dc6b8 Add blinding to CI 2025-11-12 17:12:35 +01:00
Josh Holtrop
32b00fd10b Address code review feedback for PR 9391 2025-11-11 14:06:44 -05:00
Juliusz Sosinowicz
f9063c406b Enables dynamic TLS cert loading with OCSP 
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.

The server no longer needs to load the CA to staple OCSP responses.

Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
 2025-10-03 13:08:11 +02:00
Kareem
a216ea170c Add test case for --enable-coding=no. 2025-09-12 16:11:07 -07:00
Juliusz Sosinowicz
74c7115cc1 Revert "Fix building with --coding=no/WOLFSSL_PEM_TO_DER undefined." 2025-09-10 18:07:57 +02:00
Kareem
183aa7a214 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20038_2 2025-09-02 16:17:18 -07:00
Ruby Martin
8b1422a869 add configuration for WOLFSSL_MEM_CHECK_ZERO 2025-08-27 16:12:57 -06:00
Kareem
87f99ea824 Add test case for --enable-coding=no. 2025-08-27 12:02:25 -07:00
gojimmypi
d64ef34ef8 Introduce WOLFSSL_DEBUG_CERTS Certificate Debug Messages 2025-08-06 13:57:53 -07:00
David Garske
5d7cb2ec07 Fix for new api.c test test_wolfSSL_check_domain_basic added in PR #8863 that fails with --disable-sys-ca-certs. 2025-06-24 08:25:01 -07:00
David Garske
d4c827bc5e Fix for building LMS with verify only. Added tests for LMS/XMSS verify only. New wc_LmsKey_GetKid references key->priv_raw that is not available. 2025-06-23 11:12:53 -07:00
David Garske
9b50708741 Fix to expose API to access "store" error code and error depth for cert failure callback (from set_verify). Useful for C# wrapper or clients that cannot directly dereference X509_STORE. Fixes for building with WOLFSSL_EXTRA and WOLFSSL_NO_CA_NAMES (and added new tests). Added example in CSharp TLS client for overriding a begin date error (useful if date is not set). 2025-06-19 14:49:00 -07:00
David Garske
8181561f0f Fix for syntax error in os-check.yml added in PR #8867. 2025-06-13 07:17:37 -07:00
JacobBarthelmeh
47cf634965 add a way to restore previous pid behavior 2025-06-10 16:12:09 -06:00
JacobBarthelmeh
4207affc72 adding additional RAND test cases 2025-06-10 16:01:52 -06:00
Marco Oliverio
cbe1fb2c62 dtls: drop DTLS messages that span across datagrams 
A new macro "WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS" restores the old
behaviour.
 2025-05-19 10:28:13 +02:00
David Garske
e09e3f6098 Fix for Curve25519 and static ephemeral issue with curve25519 blinding. Added new test case (used by wolfKeyMgr). 2025-05-12 10:26:31 -07:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson
112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
Daniel Pouzzner
982a7600c2 src/tls13.c: in DoTls13ServerHello() WOLFSSL_ASYNC_CRYPT path, fix -Wdeclaration-after-statement caused by fallthrough definition; 
.github/workflows: update async.yml, multi-arch.yml, multi-compiler.yml, no-malloc.yml, opensslcoexist.yml, and os-check.yml, with -pedantic and related flags, and add --enable-riscv-asm to multi-arch.yml RISC-V scenario;

configure.ac: clarify error message for "SP ASM not available for CPU."
 2025-05-06 14:49:32 -05:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
David Garske
dfc6a52db5 Fixes for ECC non-blocking tests. Added example user_settings.h build test. Demonstrate ECC 256, 384 and 521 bit. 2025-03-05 15:58:51 -08:00
Juliusz Sosinowicz
c5ad780798 Force experimental flag to enable ascon 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz
e4100d977c ascon: added forced permutation unroll 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz
e3a612300b Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 
Implemented based on the NIST Initial Public Draft "NIST SP 800-232 ipd". Testing based on KAT's available at https://github.com/ascon/ascon-c. Added configuration for testing in github action.
 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz
1d2acd9de6 Revert to ubuntu-22.04 2024-12-10 16:27:41 +01:00
Andras Fekete
a5331d406c Revert "Merge pull request #8072 from rizlik/github-fix" 
This reverts commit 0f8b4dbc63, reversing
changes made to 743a78dc85.
 2024-10-15 12:39:01 -04:00
Marco Oliverio
5d3f7c2528 ci: github: fix ubuntu version to 22.04 2024-10-14 16:46:45 +00:00
Sean Parkinson
ac788ec40d Merge pull request #7995 from julek-wolfssl/dtls12-cid 
Implement DTLS 1.2 Connection ID (CID)
 2024-10-02 09:00:59 +10:00
András Fekete
a1a3a0b04f Merge pull request #7871 from gojimmypi/pr-repo-owner-check 
Add conditional repository_owner to workflow
 2024-09-26 12:18:58 -04:00
res0nance
62c6a3d892 ci: add Win32 and ARM64 windows CI 2024-09-24 19:35:39 +08:00
gojimmypi
27adc66cca Add conditional repository_owner to workflow, remove socat strategy 2024-09-23 11:30:58 -07:00
Juliusz Sosinowicz
99a99e3d6e Implement DTLS 1.2 Connection ID (CID) 2024-09-20 15:31:01 +02:00
Daniel Pouzzner
a3fb5029f8 clean up trailing whitespace and misplaced CRLFs, add missing final newlines, remove stray UTF8 nonprintables (BOMs) and ASCIIfy stray homoglyphs (spaces and apostrophes), guided by expanded coverage in wolfssl-multi-test check-source-text. 2024-09-05 14:52:18 -05:00
Juliusz Sosinowicz
b67fd6f29c Fix failing test_dtls_frag_ch 
- Add option to disable ECH
- InitSuites: clean up DTLS paths
- wolfSSL_parse_cipher_list: remove WOLFSSL_MAX_SUITE_SZ setting
- wolfSSL_parse_cipher_list: add rationale for keeping ciphersuites
- test_dtls_frag_ch: ECH and ciphersuites were pushing the ClientHello message over the fragmentation limit. Disabling ECH and limiting ciphersuites fixes the test.
 2024-08-30 09:56:52 +02:00
Juliusz Sosinowicz
b2f59f733a DTLS 1.3: check size including headers 2024-08-28 12:58:50 +02:00
David Garske
8763b127d9 Add CI test for the new user_settings_wolfssh.h. 2024-06-03 14:27:07 -07:00
Juliusz Sosinowicz
7206508329 Don't use main.yml since it has a limit of 20 jobs 2024-05-06 17:18:01 +02:00
Daniel Pouzzner
8665295573 Merge pull request #7198 from dgarske/tls12only 
Template for TLS v1.2 only
 2024-02-05 16:14:47 -05:00
Juliusz Sosinowicz
31bfac43ea Update github actions 
Many of these updates should also speed up some steps
 2024-02-02 20:14:28 +01:00
David Garske
9e47703402 Template for TLS v1.2 only. 2024-01-31 10:13:31 -08:00
Juliusz Sosinowicz
aed715cb2c dtls 1.3: allow to skip cookie exchange on resumption 
tls 1.3: do cookie exchange when asked too even when found a matching cipher
 2023-10-31 14:29:04 +01:00
Juliusz Sosinowicz
858c66de3c Add configs that exposed this bug 2023-10-05 16:58:45 +02:00
res0nance
a99139574a ci: run windows test 2023-08-31 19:59:05 +08:00