a358174b4b
Fix for DH prime test (extra leading spaces). Fix for new chain tests with CRL enabled. The current way of testing chain only loads root CA as trusted. The intermediate CA CRL isn't trusted or loaded and causes error.
2018-12-21 12:36:47 -08:00
59a3b4a110
New tests for cert chains, alternate cert chains, trusted peer certs and DH prime cleanup:
...
* Added ECC and RSA intermediate CA's and server/client chain certificates for testing.
* Enhanced suites test to support expected fail arg `-H exitWithRet` in any test .conf file.
* Added new `test-altchains.conf` for testing with `WOLFSSL_ALT_CERT_CHAINS` defined.
* Added new `test-chains` for testing chains.
* Added new `test-dhprime.conf` for DH prime check tests.
* Added new `test-trustedpeer.conf` for testing `WOLFSSL_TRUST_PEER_CERT`.
* Refactor to add `-2` to disable DH prime check by default (except for new test-dhprime.conf).
* Added ability to run a specific test.conf file using syntax like `./tests/unit.test tests/test-altchains.conf`.
2018-12-21 09:54:55 -08:00
164a762088
fix afalg/cryptodev + opensslextra build
2018-12-20 10:52:17 -07:00
92d59c7df4
fix for cryptonly + rsavfy build
2018-12-19 14:36:32 -07:00
195b995bc4
Fixes from review
2018-12-11 12:19:45 -06:00
dc104985c3
Fixes from review
2018-12-11 11:41:39 -06:00
59bfead3c8
Fixes from review
2018-12-11 11:30:13 -06:00
1c0fa6fb58
Code coverage tests and fixes - default config
2018-12-11 08:56:21 -06:00
7048efb5fa
Test adjustments for testing with nginx in FIPS mode
2018-12-06 13:02:58 -07:00
74eadf556e
Merge pull request #1946 from ejohnstown/dh-speedup
...
DHE Speed Up
2018-12-05 12:22:21 -08:00
a47e08c49e
DHE Speed Up
...
1. Add missing "-2" flags to the last line of most of the test conf files.
2018-12-04 12:04:12 -08:00
fa0b4cd2d5
DHE Speed Up
...
1. Modify all the test configuration files to disable the DHE prime test.
2. Add a test configuration that tests three cipher suites with the DHE prime test enabled.
2018-12-03 15:15:30 -08:00
28dc1cbb67
fix unit test for PKCS#7 with AES disabled
2018-12-03 12:00:04 -07:00
a5e3b18252
exclude wolfSSL_EC_POINT_point2hex() in CAVP selftest build
2018-11-27 09:12:55 -08:00
f11809aa62
Merge pull request #1923 from JacobBarthelmeh/Testing
...
cast to resolve warning, check size of time_t, and check for null tes…
2018-11-21 10:17:23 -08:00
95bd340de5
Add support for more OpenSSL APIs
...
Add support for PEM_read and PEM_write
Add OpenSSL PKCS#7 signed data support
Add OpenSSL PKCS#8 Private key APIs
Add X509_REQ OpenSSL APIs
2018-11-20 07:54:24 +10:00
ee30b2b476
better name for time_t size macro guard
2018-11-16 15:51:38 -07:00
c307fd7af4
additional macro guards for disabling aescbc with opensslextra
2018-11-15 13:40:04 -07:00
0f4a06594e
cast to resolve warning, check size of time_t, and check for null test case
2018-11-12 16:02:33 -07:00
f7f6506a54
Merge pull request #1898 from cconlon/cmsupdates
...
wolfCrypt PKCS#7/CMS Expansion
2018-11-07 08:36:02 -08:00
27db083733
make degenerate test structure dynamic to set the uninitialized dynamic flag
2018-11-06 18:35:13 -08:00
9bef9bad8e
PKCS7/CMS build fixes when disabling individual AES sizes
2018-11-06 18:35:13 -08:00
62a2847d75
make internal stream buffer dynamic
...
formating and build without stream api
2018-11-06 18:35:12 -08:00
98efc1e9de
testing with verify signed stream function
2018-11-06 18:35:12 -08:00
5525f59852
first addition of verify sign stream data
2018-11-06 18:35:12 -08:00
02df920269
use fall through and update api tests to use wc_PKCS7_New
2018-11-06 18:35:12 -08:00
83a150c4df
stream of PKCS7 decode encrypted
2018-11-06 18:35:12 -08:00
06a6f8400b
add CMS AuthEnvelopedData support for authAttrs
2018-11-06 18:35:12 -08:00
0b3930e24f
save and set PKCS7 isDynamic flag in wc_PKCS7_Init
2018-11-06 18:35:12 -08:00
efb1efcc0d
Fixes and additional tests for compatibility function BN_bn2hex. In the DEBUG_WOLFSSL case it was returning a (char*)"", which was trying to be free'd. We cannot return const char* here, since its assumed to be an allocated pointer. Fix the dynamic type for XMALLOC/XFREE to match, since OPENSSL_free is used to free returned value. Fix to add room for null term. Added missing API unit test for BN_print_fp. Exposed these functions for OPENSSL_EXTRA.
2018-11-06 05:55:25 -08:00
1ffc1108a6
Merge pull request #1906 from cconlon/selftest-fixes
...
fixes for CAVP selftest build errors
2018-11-01 11:31:39 -06:00
6dd4fba888
fix for clang warning
2018-10-30 17:41:03 -06:00
cc3ccbaf0c
add test for degenerate case and allow degenerate case by default
2018-10-30 17:04:33 -06:00
def7a91e70
fix CAVP selftest build errors
2018-10-30 16:35:45 -06:00
ae07ba93ad
Merge pull request #1894 from dgarske/pk_keysize
...
Fixes for key size detection when using PK callbacks
2018-10-26 09:46:10 -07:00
3be7eacea9
Added client/server certs and keys for P-384-bit signed by P-384 CA. Fix for broken certs/ecc/genecc.sh script. Added simple P-384 cipher suite test.
2018-10-25 09:21:27 -07:00
86758f9640
Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects HAVE_PK_CALLBACKS on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API wc_RsaPublicKeyDecode_ex for parsing an RSA public key for the modulus and exponent. Changed wolfSSL_CTX_SetTmpEC_DHE_Sz to support a size == 0 for using the long-term private key's size. Changed ECDHE_SIZE so it can be overridden and build-time. Added tests for wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz.
2018-10-25 09:15:23 -07:00
0eb115e7a1
Merge pull request #1884 from kaleb-himes/ECC_DISABLED_TEST_FIX
...
Fixes to resolve skipped tests with ECC disabled
2018-10-24 09:30:47 -07:00
878b5925fc
Merge pull request #1877 from dgarske/pkcs8_ec
...
Added support for ECC private key with PKCS8 encoding
2018-10-22 14:59:10 -07:00
7ce236f3af
Fix for new test_wolfSSL_PKCS8 changes to init/free the ecc_key.
2018-10-19 16:04:02 -07:00
c268829b68
Fix bug with SendClientKeyExchange and ifdef logic for ecdhe_psk_kea, which was preventing ECDHE-PSK from working if HAVE_CURVE25519 was defined. Disabled broken downgrade test in test-tls13-down.conf (@SpariDev will need to investigate). Various spelling fixes.
2018-10-19 13:21:56 -07:00
dc519e6a45
When no cert specified using default, do not return failure in suite tests
2018-10-17 15:20:39 -06:00
095337b1cf
Merge pull request #1878 from kaleb-himes/TEST_COVERAGE_3
...
Test coverage 3
2018-10-17 13:47:10 -07:00
dcb105deff
Merge pull request #1876 from dgarske/max_frag_256
...
Added new 256-byte max fragment option `WOLFSSL_MFL_2_8`
2018-10-17 13:21:57 -07:00
8b529d3d57
Add test for ECC private key with PKCS 8 encoding (no crypt) and -----BEGIN EC PRIVATE KEY----- header.
2018-10-17 10:01:29 -07:00
5ca822b1e9
Peer review changes requested
2018-10-17 10:46:45 -06:00
2aa6f91144
Reset IV after update via call to encrypt
2018-10-16 18:31:16 -06:00
d7d102d90a
Added cipher suite unit tests for max fragment options 1-6 for TLS v1.2 and DTLS v1.2. Fix for client usage comment for max fragment.
2018-10-16 16:47:24 -07:00
ab61cefa58
Fix max frag error case tests to use min/max.
2018-10-16 08:58:46 -07:00
4adaeb8585
Added new 256-byte max fragment option WOLFSSL_MFL_2_8.
2018-10-15 17:06:21 -07:00
David Garske
Jacob Barthelmeh
Eric Blankenhorn
kaleb-himes
toddouska
John Safranek
Chris Conlon
Sean Parkinson