wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 00:02:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,480 Commits 12 Branches 184 Tags
2325c68d4efe3d86da01eccebfaec994769103d3
Commit Graph

275 Commits

Author SHA1 Message Date
Daniel Pouzzner
4ce6c4c262 Merge pull request #9623 from julek-wolfssl/dtls-1.3-ms-interval 
dtls 1.3: allow rtx interval to be less than a second
 2026-01-19 17:01:23 -06:00
Daniel Pouzzner
c2cf8b1545 Merge pull request #9659 from holtrop-wolfssl/improve-error-for-invalid-helloretryrequest 
Improve log message and error code for invalid HelloRetryRequest - fix #9653
 2026-01-19 16:23:59 -06:00
Juliusz Sosinowicz
429b690370 Address code review 2026-01-19 09:38:17 +01:00
Juliusz Sosinowicz
48067f1fa7 dtls 1.3: allow rtx interval to be less than a second 2026-01-19 09:32:09 +01:00
Daniel Pouzzner
467d6dd338 tests/api/test_evp_digest.c: fix for copy-paste error in test_wolfSSL_EVP_sm3(), introduced in 43d831ff06. 2026-01-17 09:58:21 -06:00
Daniel Pouzzner
5c7f986925 Merge pull request #9670 from miyazakh/fix_selftest 
Fix compilation, crypt test and unit test failures when selftest is enabled
 2026-01-16 23:57:27 -06:00
Daniel Pouzzner
9aabef04ba Merge pull request #9641 from SparkiDev/api_c_split_evp 
API testing: split out more test cases
 2026-01-16 14:58:15 -06:00
Hideki Miyazaki
8ad73d8ac1 Fix compile and crypt test failures when selftest is enabled 2026-01-16 08:55:06 +09:00
Josh Holtrop
e7612ff36f Improve log message and error code for invalid HelloRetryRequest - fix #9653 2026-01-15 12:55:17 -05:00
Sean Parkinson
43d831ff06 API testing: split out more test cases 
EVP into test_evp_cipher, test_evp_digest, test_evp_pkey and test_evp.
OBJ into test_ossl_obj.
OpenSSL RAND into test_ossl_rand.
OpenSSL PKCS7 and PKCS12 tests into test_ossl_p7p12.
CertificateManager into test_certman.

Move some BIO tests from api.c into test_evp_bio.c.

Fix line lengths.
 2026-01-13 06:34:49 +10:00
David Garske
d25f98fd82 Merge pull request #9584 from miyazakh/fix_qtfail 
Fix qt jenkins nightly test failure
 2026-01-08 10:58:20 -08:00
David Garske
133d29dcef Merge pull request #9626 from rizlik/name_contraints_fixes 
asn: MatchBaseName fixes
 2026-01-08 10:56:53 -08:00
David Garske
97d9bfcea6 Merge pull request #9601 from rizlik/early_data_client_side_fixes 
check that we are resuming in write_early_data + minor fixes
 2026-01-08 10:26:48 -08:00
Sean Parkinson
883ceecf8a ChaCha20 Aarch64 ASM fix: 256-bit case fixed 
Fixed the 256-bits at a time crypt assembly code.

Add a chunking test for ChaCha20.
 2026-01-08 18:01:15 +10:00
Hideki Miyazaki
6392c2b420 undo changes 
fix indentation
 2026-01-08 07:10:25 +09:00
Marco Oliverio
94dc7ae9ad asn: MatchBaseName fixes 2026-01-07 17:53:43 +01:00
Marco Oliverio
50b39c91da fixup! (d)tls13: check if early data is possible in write_early_data 2026-01-07 14:30:16 +01:00
Hideki Miyazaki
c6dd1a745e boundary check 2026-01-07 09:19:43 +09:00
Hideki Miyazaki
30fe079763 Addressed review comments 2026-01-07 06:55:22 +09:00
Hideki Miyazaki
10d3e251fd fix qt jenkins nightly test failure 2026-01-07 06:55:22 +09:00
Kareem
7d04a53a6c Update X509_get_default_cert_* stubs to return empty strings. 
According to the documentation, these functions must return static strings, so NULL was not valid.

Fixes #6474.
 2025-12-26 15:26:05 -07:00
David Garske
2354ea196b Merge pull request #9513 from rizlik/dtls_header_fix 
fix DTLS header headroom accounting
 2025-12-23 17:20:12 -08:00
David Garske
0fae0a7ba6 Merge pull request #9397 from rizlik/earlydata_want_write_fixes 
wolfssl: preserve early-data handling across WANT_WRITE retries
 2025-12-23 17:19:39 -08:00
David Garske
18176392fa Merge pull request #9576 from douzzer/20251222-linuxkm-PK-initrng-optimize 
20251222-linuxkm-PK-initrng-optimize
 2025-12-23 15:02:53 -08:00
Daniel Pouzzner
da4fc4921e tests/api/test_ed25519.c: in test_wc_Ed25519PublicKeyToDer(), on old FIPS, tolerate old error code from wc_Ed25519PublicKeyToDer(). 2025-12-23 12:25:10 -06:00
Sean Parkinson
b766f11e7b TLS 1.3, plaintext alert: ignore when expecting encrypted 
In TLS 1.3, ignore valid unencrypted alerts that appear after encryption
has started.
Only ignore WOLFSSL_ALERT_COUNT_MAX-1 alerts.
 2025-12-23 09:09:06 +10:00
Marco Oliverio
540fae80ab test_dtls: test payload split when WOLFSSL_NO_DTLS_SIZE_CHECK 2025-12-22 13:41:33 +01:00
Sean Parkinson
7a326ef43f Merge pull request #9553 from julek-wolfssl/ed25519-export-key-check 
ed25519: validate presence of keys in export functions
 2025-12-22 19:31:14 +10:00
Marco Oliverio
38d8eb6f0d address reviewer's comments 2025-12-22 09:51:06 +01:00
Marco Oliverio
950c074c25 test: fix typo in structure field 2025-12-22 09:51:06 +01:00
Marco Oliverio
8de68decd2 test: tls13_early_data: test WANT_WRITE in early data 2025-12-22 09:51:06 +01:00
Marco Oliverio
609e30a69c test: tls13_early_data: refactor splitEarlyData test option 2025-12-22 09:51:06 +01:00
JacobBarthelmeh
d5723d0d89 Merge pull request #9544 from julek-wolfssl/gh/9362 
Check KeyShare after HRR
 2025-12-19 14:36:31 -07:00
Juliusz Sosinowicz
dd35f10b57 ed25519: validate presence of keys in export functions 2025-12-19 10:14:26 +01:00
Chris Conlon
5eef52c6fa Add test for PKCS#7 SignedData with non-OCTET_STRING content 2025-12-18 15:02:02 -07:00
Marco Oliverio
988ba340ba address reviewer's comments 2025-12-18 10:28:54 +01:00
Daniel Pouzzner
33fc601011 tweaks from PRBs results: 
tests/api.c:
* remove inapt SSL_library_init() in test_wolfSSL_EVP_Cipher_extra();
* move TEST_X509_DECLS to follow TEST_DECL(test_wolfSSL_Init);

tests/api/test_random.c: enlarge seed buffer in test_wc_RNG_TestSeed() to accommodate amdrand block size;

tests/quic.c: wrap exercises in wolfSSL_Init()...wolfSSL_Cleanup();

tests/unit.c: in unit_test(), add several more fflush(stdout)s, report error from wolfSSL_Cleanup(), and fix line length;

wolfcrypt/test/test.c: omit reseed test in _rng_test() if HAVE_INTEL_RDRAND or old FIPS, and use simplified random_test() if HAVE_INTEL_RDRAND;

wolfssl/wolfcrypt/mem_track.h: add memList pointer in struct memoryStats, and set it in InitMemoryTracker();

wolfssl/wolfcrypt/settings.h: undefine WOLFSSL_SMALL_STACK_CACHE if WOLFSSL_SMALL_STACK is undefined;

.github/workflows/trackmemory.yml: add --enable-intelrdseed scenario.
 2025-12-17 11:01:11 -06:00
Juliusz Sosinowicz
f61bfd7805 Check KeyShare after HRR 2025-12-17 10:27:04 +01:00
JacobBarthelmeh
9156b50bbc Merge pull request #9538 from SparkiDev/tls13_dup_ext_alert_code_fix 
TLS 1.3: duplicate extension alert code fix
 2025-12-16 14:43:19 -07:00
Marco Oliverio
0fa0fd2317 (d)tls: refactor wolfSSL_GetMaxFragSize(), simplify length computations 2025-12-16 10:46:29 +01:00
Marco Oliverio
e9f3bd5ddd dtls: test precise header headroom computation 2025-12-16 10:00:30 +01:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Sean Parkinson
d3863e5fa3 TLS 1.3: duplicate extension alert code fix 
The specification states to return illegal_parameter when a message is
syntactically correct but semantically invalid. (RFC 8446 section 6,
Paragraph 5)
 2025-12-15 10:00:56 -08:00
Sean Parkinson
44be44a509 TLS 1.3 missing extension: return correct alert code 
Change TLS 1.3 handling to return missing_extension alert code when
 - KeyShare is present but SupportedGroups is missing and
 - SupportedGroups is present but KeyShare is missing

Added tests for this.
 2025-12-15 09:07:13 +10:00
JacobBarthelmeh
01442a1460 adjust macro guard around test case 2025-12-12 13:36:14 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Daniel Pouzzner
3e8c6811c7 Merge pull request #9518 from SparkiDev/api_c_split_3 
api.c: Split out more functions
 2025-12-11 13:06:58 -06:00
Daniel Pouzzner
ef8bf55528 Merge pull request #9495 from SparkiDev/aarch64_no_hw_crypto_asm_aes 
Aarch64 no harware crypto assembly AES
 2025-12-11 12:46:07 -06:00
Daniel Pouzzner
f07e379d6d Merge pull request #9456 from anhu/test_inits 
Initialize test variables; avoid false warnings.
 2025-12-11 12:40:44 -06:00
Sean Parkinson
b4b617de49 api.c: Split out more functions 
More X509 function testing.
X509 store function testing.
X509 lookup function testing.
 2025-12-11 19:00:19 +10:00