Commit Graph

6 Commits

Author SHA1 Message Date
Tobias Frauenschläger 25a1a20444 Reject small-order public keys for Ed25519 and Ed448
Add defense-in-depth checks to wc_ed{25519,448}_check_key() and
ed{25519,448}_verify_msg_final_with_sha() that reject the identity
point and other small-order public keys. Honest EdDSA key generation
never produces such keys, but wolfSSL previously accepted them on
import and verification. The guard runs at both entry points so it
holds even when a key is imported with trusted=1. New tests are gated
on !HAVE_FIPS || FIPS_VERSION3_GE(7,0,0).
2026-05-28 19:53:19 +02:00
Chris Conlon 7cc84d38fb fix SetAsymKeyDer to set PKCS#8 version=1 when bundling publicKey (RFC 5958) 2026-05-07 14:05:51 -06:00
Anthony Hu 30b196471b Add privKeySet checks to Ed25519, Ed448, ML-DSA, and ML-KEM 2026-03-26 14:56:00 -04:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Sean Parkinson 663ca29a5d Split out tests: random, wolfmath, public key
Improved testing of random APIs.
wolfmath tests moved out.
Public key algorithm testing moved out: RSA, DSA, DH, ECC, SM2,
Curve25519, Ed25519, Curve448, Ed448, ML-DSA.
Signature API tests moved out.

Fix for OCSP testing to ensure RSA is available.

Added group names to API test cases.
Can select groups to run with --group <name>. --groups lists all known
group names.

Added option to stop API testing on first failure: --stopOnFail.
2025-03-17 09:32:00 +10:00