Commit Graph

3481 Commits

Author SHA1 Message Date
Juliusz Sosinowicz 0ac6ca3cf7 Fix hard tabs and c++ style comments 2025-06-05 22:04:50 +02:00
Juliusz Sosinowicz 761f0f1d1f Simplify TLSX_SupportedCurve_Parse
Server only uses curves that are supported by both the client and the server. If no common groups are found, the connection will fail in TLS 1.2 and below. In TLS 1.3, HRR may still be used to resolve the group mismatch.
2025-06-05 22:04:49 +02:00
JeremiahM37 9d342bae83 unit tests for set_groups curve fix 2025-06-05 22:04:49 +02:00
Ruby Martin a413be1984 remove null assignment, add null check 2025-06-05 12:25:50 -06:00
Juliusz Sosinowicz f2584fd5fa ALT_NAMES_OID: Mark IP address as WOLFSSL_V_ASN1_OCTET_STRING 2025-06-05 19:17:00 +02:00
Chris Conlon e51702043f Merge pull request #8837 from BridgerVoss/code_cov
Unit test for Dh.c code coverage
2025-06-05 09:37:42 -06:00
Chris Conlon a17b3b4985 Merge pull request #8831 from JeremiahM37/UnitTest
Unit test for wolfcrypt pkcs12 file to improve code coverage
2025-06-05 09:30:48 -06:00
Koji Takeda 1f78923590 Add a test for mixture of algorithms 2025-06-05 09:26:44 +09:00
JeremiahM37 a6580d3916 Unit test for wolfcrypt pkcs12 file to improve code coverage 2025-06-04 16:01:35 -06:00
Bridger Voss 80c6ac141a Unit test for Dh.c wc_DhSetNamedKey code coverage 2025-06-04 15:48:52 -06:00
Sebastian Carpenter a29d12fd3f WOLFSSL_ASN_ALLOW_0_SERIAL not handled in make check
test_MakeCertWith0Ser needed an extra #define check for WOLFSSL_ASN_ALLOW_0_SERIAL. Previously, it was validating that a 0 serial should not work -> now it validates that a 0 serial does work.
2025-06-04 12:21:41 -06:00
Lealem Amedie 02a49693e2 Fix bug in ParseCRL_Extensions 2025-06-04 10:23:53 -06:00
Koji Takeda 7c33096398 Support PBE_AES256_CBC and PBE_AES128_CBC cert encryption on wc_PKCS12_create() 2025-06-04 16:43:30 +09:00
Sean Parkinson 8ea01056c3 Merge pull request #8788 from julek-wolfssl/gh/8765
tls13: handle malformed CCS and CCS before CH
2025-05-28 09:45:09 +10:00
Ruby Martin 2eddc32eed coverity: fix use after free, improper use of negative value, initialize src variable 2025-05-27 09:43:44 -06:00
Juliusz Sosinowicz 2ec6b92b41 tls13: handle malformed CCS and CCS before CH
- fix incorrect alert type being sent
- error out when we receive a CCS before a CH
- error out when we receive an encrypted CCS
2025-05-23 15:04:22 +02:00
Sean Parkinson 999641d9b1 Merge pull request #8642 from rizlik/dtls_no_span_records
DTLS: drop records that span datagrams
2025-05-23 14:57:24 +10:00
Daniel Pouzzner b06a921697 tests/api.c: add missing NO_SHA gates in test_wc_PKCS12_create(). 2025-05-22 14:56:31 -05:00
Sean Parkinson 85a4e34705 Merge pull request #8782 from kojiws/support_aes_cbc_pkcs12_export
Support PBE_AES(256|128)_CBC key encryptions on wc_PKCS12_create()
2025-05-22 08:39:11 +10:00
Ruby Martin a170624118 coverity: init dgst variable test_sha3.c
improper use of neg val api.c

copy-paste error in test_wolfSSL_PEM_read_bio_ECPKParameters
2025-05-21 08:29:44 -06:00
Koji Takeda 3666851589 Support PBE_AES256_CBC and PBE_AES128_CBC key encryption on wc_PKCS12_create() 2025-05-19 22:26:46 +09:00
Marco Oliverio cbe1fb2c62 dtls: drop DTLS messages that span across datagrams
A new macro "WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS" restores the old
behaviour.
2025-05-19 10:28:13 +02:00
Marco Oliverio 23b73bb298 test_memio: preserve write boundaries in reads 2025-05-19 10:25:24 +02:00
Daniel Pouzzner 91af9073b0 Merge pull request #8777 from rizlik/dtls_reject_v11
Drop DTLS packets with bogus minor version number
2025-05-16 14:45:25 -05:00
Daniel Pouzzner e67536cb15 Merge pull request #8775 from rlm2002/coverity
Coverity: address uninitialized scalar variable issues
2025-05-16 14:44:38 -05:00
Ruby Martin 2940a16c10 coverity: initialize variables for api.c, test_digest.h, and test_sha3.c 2025-05-15 16:55:34 -06:00
Marco Oliverio 22f41a8dbb Drop DTLS packets with bogus minor version number 2025-05-15 19:50:36 +02:00
Anthony Hu a613fc28d6 Allow tests to build with opensslall and no server. 2025-05-15 11:18:15 -04:00
Brett Nicholas 2151a1b8a1 review comments 2025-05-12 11:43:56 -06:00
Brett Nicholas 79f214f73c add new X509 API: wc_Exportx509PubKeyWithSpki 2025-05-09 14:40:20 -06:00
David Garske 1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update
ASN.1 OIDs and sum: Change algorithm for sum
2025-05-07 11:43:54 -07:00
Sean Parkinson 5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
2025-05-07 20:56:18 +10:00
Sean Parkinson 112351667a ASN.1 OIDs and sum: Change algorithm for sum
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
2025-05-07 08:32:08 +10:00
David Garske 219902149e Fix issue with api.c test_wolfSSL_OBJ and ./certs/test-servercert.p12 that uses DES3 and AES-CBC-256. 2025-05-05 15:55:00 -07:00
David Garske 0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
jordan efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
Sean Parkinson bb9f3c9f9d Merge pull request #8698 from rlm2002/msys2
adjust MSYS CI Build
2025-04-29 09:03:58 +10:00
Ruby Martin a1cb6e5ba5 only test msys system, add buffer typecasts 2025-04-22 12:35:12 -06:00
JacobBarthelmeh 9da9817f89 move test case to the correct location for stub macro guard 2025-04-22 10:09:01 -06:00
JacobBarthelmeh 33da20c3ec revert BN_CTX_init stub for older applications 2025-04-22 09:22:40 -06:00
Daniel Pouzzner 543ba268a4 Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix
wolfSSL_EVP_PKEY_cmp: only compare the public keys
2025-04-19 01:51:49 -05:00
Juliusz Sosinowicz 43c564d48b dtls13: send acks with correct record number order 2025-04-18 14:56:59 -05:00
Juliusz Sosinowicz 3f560036d6 dtls13: additional epoch checks 2025-04-17 18:18:01 +02:00
Juliusz Sosinowicz 257fd17ea4 fixup! wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:21:55 +02:00
Juliusz Sosinowicz 290dbaa18e wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:14:09 +02:00
Sean Parkinson 3ac05dea09 Regression test fixes
dtls13.c: LowResTimer() not available when NO_ASN_TIME is defined.
api.c: Add certificate and key to use for when only Ed25519 or Ed448.
asn.c: Casts needed for g++ compile.
mem_track.c: Casts needed for g++ compile.
2025-04-16 21:46:48 +10:00
Daniel Pouzzner 29dcf42309 src/internal.c, tests/api.c: add missing casts for C++ compatibility (fixes "invalid conversion" errors). 2025-04-11 09:33:20 -05:00
Daniel Pouzzner cfd93b1bd4 tests/api.c: fix error path uninited-data defects in test_wc_PKCS7_EncodeSignedData() (followup to bf95f80c6d, detected by valgrind). 2025-04-11 09:20:14 -05:00
David Garske 77692a814a Merge pull request #8645 from JacobBarthelmeh/pkcs7_stream
additional PKCS7 streaming test case
2025-04-10 16:03:56 -07:00
David Garske 368dcf51af Merge pull request #8612 from JacobBarthelmeh/pkcs8
account for existing pkcs8 header
2025-04-10 16:03:49 -07:00