wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 11:22:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,397 Commits 12 Branches 184 Tags
100d765b0c333ec00a111ce7c19be6f1bf4070a5
Commit Graph

3252 Commits

Author SHA1 Message Date
John Bland
8ff08740f8 Merge branch 'master' into ech-hello-retry 2025-03-10 03:37:27 -04:00
Sean Parkinson
a7690ca24b ML-KEM/Kyber: finish name change 2025-03-10 08:37:14 +10:00
Sean Parkinson
e7ef3ab606 Digest tests: add more tests 
Add testing of MD2 and Md4.
Add more tests of functions in hash.c.
Reformat data to match what is output by PRINT_DATA macro.
 2025-03-10 08:13:06 +10:00
Daniel Pouzzner
c3f24568ff Merge pull request #8520 from JacobBarthelmeh/pkcs7_verify_stream 
PKCS7 verify and decode indefinite length support
 2025-03-07 18:47:30 -06:00
Daniel Pouzzner
27ed748867 Merge pull request #8504 from rlm2002/msys2 
Add MSYS2 build CI test
 2025-03-07 17:58:50 -06:00
Anthony Hu
6d6c5f520b unit tests 2025-03-07 18:30:41 -05:00
JacobBarthelmeh
8dd614430a clang-tidy fixes for test case 2025-03-07 16:04:57 -07:00
Anthony Hu
f8506c3e04 Allow critical alt and basic constraints extensions 
Also properly track pathlen.
 2025-03-07 13:06:06 -05:00
JacobBarthelmeh
53fa4ffbaf conversion warning fixes 2025-03-07 11:03:12 -07:00
JacobBarthelmeh
624233fb98 update test case to account for NO_DES3 build and resolve clang tidy warnings 2025-03-05 16:28:26 -07:00
Sean Parkinson
eaa61c2208 Test daul alg support: set before and after dates 
Must set before and after dates into certificate structure as creation
of certificate does not fill in those fields but uses the current time.
The current time may change by a second between signings.
 2025-03-05 16:15:55 +10:00
JacobBarthelmeh
b75976692e spelling fix and code formatting 2025-03-04 14:31:23 -07:00
David Garske
9b16ed5da4 Merge pull request #8518 from lealem47/evp_update_null_cipher 
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
 2025-03-03 14:03:57 -08:00
Daniel Pouzzner
9c3816089c tests/api.c: disable test_wolfSSL_OCSP_parse_url() if WOLFSSL_SM2 || WOLFSSL_SM3. 2025-02-28 15:58:54 -06:00
JacobBarthelmeh
6020bf2368 initialize test variables and fix async build 2025-02-28 14:46:42 -07:00
JacobBarthelmeh
ea387323c3 remove white space and add macro guard around test case 2025-02-28 14:23:25 -07:00
JacobBarthelmeh
7c6cd1deea passing a unit test 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
Lealem Amedie
22221e5007 Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate 2025-02-28 11:44:30 -07:00
Sean Parkinson
4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes 
OCSP openssl compat fixes
 2025-02-28 13:42:50 +10:00
Daniel Pouzzner
d63a180f95 Merge pull request #8513 from SparkiDev/api_c_split_ciphers 
Test api.c: split out MACs and ciphers
 2025-02-27 14:00:36 -06:00
Marco Oliverio
194db7e844 tests: gate ocsp test on SM2 || SM3 
we don't properly support SM2 and SM3 hash algo id properly yet
 2025-02-27 19:38:46 +00:00
Sean Parkinson
48300352c6 Test api.c: split out MACs and ciphers 2025-02-27 15:52:39 +10:00
David Garske
557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"). 2025-02-26 14:00:48 -08:00
Ruby Martin
0c413e75c6 add environment matrix to msys workflow 2025-02-26 09:07:16 -07:00
Ruby Martin
439012dd57 adjust xfopen commands 2025-02-26 09:05:53 -07:00
Ruby Martin
57646a88ff check if clientfd != SOCKET_INVALID not 0, add check if USE_WINDOWS_API 
not defined
 2025-02-26 09:03:55 -07:00
Marco Oliverio
07c7b21b10 tests: api: fix test for d2i_CERT_ID refactor 2025-02-25 22:22:43 +00:00
Marco Oliverio
5eef98a5ea ocsp: add OCSP CERT ID encode/decode test 2025-02-25 22:22:43 +00:00
David Garske
3557cc764a Merge pull request #8501 from SparkiDev/digest_test_rework 
Digest testing: improve
 2025-02-25 13:03:48 -08:00
David Garske
f2c5b4e56a Merge pull request #8500 from SparkiDev/evp_aes_gcm_test_fix 
test_wolfssl_EVP_aes_gcm: fix for mem fail testing
 2025-02-25 09:56:55 -08:00
David Garske
bac6771828 Merge pull request #8499 from SparkiDev/crl_list_fix 
CRL: fix memory allocation failure leaks
 2025-02-25 09:54:55 -08:00
Reda Chouk
9178c53f79 Fix: Address and clean up code conversion in various files. 2025-02-25 11:17:58 +01:00
Sean Parkinson
6016cc0c97 Digest testing: improve 
Make testing digests consistent.
Add KATs for all digests.
Check unaligned input and output works.
Perform chunking tests for all digests.

Fix Blake2b and Blake2s to checkout parameters in update and final
functions.
Fix Shake256 and Shake128 to checkout parameters in absorb and squeeze
blocks functions.

Add default digest size enums for Blake2b and Blake2s.
 2025-02-25 19:07:20 +10:00
Sean Parkinson
6f268c4369 CRL: fix memory allocation failure leaks 
On memory allocation failure, some functions were leaking memory.

Also add reference counting to CRL object so that a deep copy of a list
of CRLs doesn't leak memory.
The test was explicitly freeing each CRL in the list.
 2025-02-25 09:05:03 +10:00
Sean Parkinson
ac1f25d6f4 test_wolfssl_EVP_aes_gcm: fix for mem fail testing 
Fix test to not leak when memory allocation failure testing.
When not supporting AES-GCM streaming, allocation failures occur.
Always call cleanup.
 2025-02-25 08:15:43 +10:00
Sean Parkinson
82b50f19c6 ML-KEM/Kyber: improvements 
ML-KEM/Kyber:
  MakeKey call generate random once only for all data.
  Allow MakeKey/Encapsulate/Decapsulate to be compiled separately.
  Pull out public key decoding common to public and private key decode.
Put references to FIPS 140-3 into code. Rename variables to match FIPS
140-3.
  Fix InvNTT assembly code for x64 - more reductions.
  Split out ML-KEM/Kyber tests from api.c.

TLSX:
Store the object instead of the private key when WOLFSSL_MLKEM_CACHE_A
is defined or WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ. Faster decapsulation
when A is cached and object stored.
To store private key as normal define
WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY.

misc.c: when Intel x64 build, assume able to read/write unaligned
 2025-02-20 08:14:15 +10:00
David Garske
268326d875 Merge pull request #8408 from rizlik/ocsp-resp-refactor 
OpenSSL Compat Layer: OCSP response improvments
 2025-02-19 11:20:12 -08:00
JacobBarthelmeh
373a7d462a Merge pull request #8472 from SparkiDev/ed25519_fix_tests 
Ed25519: fix tests to compile with feature defines
 2025-02-19 09:53:10 -07:00
Sean Parkinson
331a713271 Ed25519: fix tests to compile with feature defines 
ge_operations.c: USe WOLFSSL_NO_MALLOC rather than WOLFSSL_SP_NO_MALLOC.
 2025-02-19 17:41:03 +10:00
Daniel Pouzzner
65f38df74d tests/api.c: refactor several C89-incompatible dynamically constructed arrays using static const. 2025-02-17 17:47:36 -06:00
Marco Oliverio
3e50c79c3b tests: bind test_wolfSSL_client_server_nofail_memio HAVE_SSL_MEMIO_TESTS_DEP 2025-02-17 08:59:29 +00:00
Marco Oliverio
eb7904b5e5 tests/api: expose test_ssl_memio functions 2025-02-17 08:59:29 +00:00
Marco Oliverio
2fe413d80f ocsp: add tests 2025-02-17 08:59:23 +00:00
Marco Oliverio
f526679ad5 ocsp: refactor OCSP response decoding and wolfSSL_OCSP_basic_verify 
- Search certificate based on responderId
- Verify response signer is authorized for all single responses
- Align with OpenSSL behavior
- Separate wolfSSL_OCSP_basic_verify from verification done during
  decoding
 2025-02-17 08:58:03 +00:00
Juliusz Sosinowicz
68c27c4e5d Move dtls cid tests to tests/api/dtls.c 2025-02-14 09:51:29 -06:00
Juliusz Sosinowicz
e02da08192 Reorganize utility functions into tests/utils.c and testsuite/utils.c 2025-02-14 09:51:29 -06:00
David Garske
846ba43a29 Merge pull request #8392 from SparkiDev/curve25519_blinding 
Curve25519: add blinding when using private key
 2025-02-12 16:20:51 -08:00
Sean Parkinson
bb84ebfd7a Curve25519: add blinding when using private key 
XOR in random value to scalar and perform special scalar multiplication.
Multiply x3 and z3 by random value to randomize co-ordinates.

Add new APIs to support passing in an RNG.
Old APIs create a new RNG.

Only needed for the C implementations that are not small.

Modified TLS and OpenSSL compat API implementations to pass in RNG.

Fixed tests and benchmark program to pass in RNG.
 2025-02-13 08:52:35 +10:00
Sean Parkinson
bcd89b0592 Merge pull request #8388 from julek-wolfssl/BN_CTX_get 
Implement BN_CTX_get
 2025-02-12 08:08:58 +10:00