wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 14:12:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,470 Commits 12 Branches 184 Tags
3ff89f2cc2912e9060e4a9fb3018525f2463fdcd
Commit Graph

2938 Commits

Author SHA1 Message Date
Sean Parkinson
3ff89f2cc2 API test: move digest functions out 
Move all api.c tests of wolfCrypt APIs that are for digests out into
separate files.
 2025-02-07 09:29:46 +10:00
David Garske
345c969164 Fixes for Watcom compiler and new CI test 
* Correct cmake script to support Open Watcom toolchain (#8167)
* Fix thread start callback prototype for Open Watcom toolchain (#8175)
* Added GitHub CI action for Windows/Linux/OS2
* Improvements for C89 compliance.
Thank you @jmalak for your contributions.
 2025-02-04 12:38:52 -08:00
Eric Blankenhorn
b488af1d34 Fix compat layer ASN1_TIME_diff to accept NULL output params 2025-01-31 15:55:35 -06:00
JacobBarthelmeh
4891d1c471 Merge pull request #8400 from ColtonWilley/add_trusted_cert_pem_parsing 
Add support for parsing trusted PEM certs
 2025-01-31 10:53:51 -07:00
Colton Willey
a0950e97f5 Add tests for trusted certificate banner 2025-01-30 14:42:41 -08:00
Daniel Pouzzner
3a6b33c180 tests/api.c and wolfcrypt/benchmark/benchmark.c: fixes for building with HAVE_FFDHE_3072 and/or HAVE_FFDHE_4096 but without HAVE_FFDHE_2048. 2025-01-30 15:02:02 -06:00
Juliusz Sosinowicz
e4b7a53191 api: make sure len doesn't overrun the input buffer 2025-01-30 18:01:51 +01:00
Juliusz Sosinowicz
2865b0c79b api: check fd values as recv and send can't take in negative fd 2025-01-30 18:01:10 +01:00
Juliusz Sosinowicz
d91141fe05 api: pass in sizeof(tmp) instead of 1024 to attempt to satisfy Coverity 2025-01-30 18:00:32 +01:00
Juliusz Sosinowicz
bcde4bdebb ascon: move tests to api.c and introduce framework to split up api.c 2025-01-29 15:50:00 +01:00
David Garske
ed390e472d Merge pull request #8373 from julek-wolfssl/libimobiledevice-1.3.0 
Changes for libimobiledevice 860ffb
 2025-01-27 07:52:06 -08:00
Juliusz Sosinowicz
89aba661fc Changes for libimobiledevice 860ffb 2025-01-27 12:56:49 +01:00
David Garske
ba88a6454c Merge pull request #8331 from julek-wolfssl/bind-9.18.28 
Bind 9.18.28 fixes
 2025-01-24 11:37:26 -08:00
JacobBarthelmeh
69be9aa211 fix to not stomp on sz with XOF function, restore comment, remove early XFREE call 2025-01-24 11:40:53 -07:00
JacobBarthelmeh
52975150d4 add macro guard for shak128 to test case 2025-01-23 23:14:50 -07:00
JacobBarthelmeh
d2d664b4cc adjust test cases for different builds 2025-01-23 23:02:34 -07:00
JacobBarthelmeh
9b04a4f8d1 account for correct return value of cipher stack push and clSuite use case after rebase 2025-01-23 17:47:24 -07:00
JacobBarthelmeh
286b9b672b increase test coverage 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
2812baf5a9 fix for memory leak with new wolfSSL_get_client_ciphers function 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
49c515ac58 add some unit test cases 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
28bed8d634 fix for SN (short name) of digests to match expected values 2025-01-23 16:30:07 -07:00
JacobBarthelmeh
c6974a921d fix for return values of write_ex/read_ex, propogate PARAMS, handle CRL with load_verify_locations, fix for get verified/unverified chain 2025-01-23 16:30:07 -07:00
David Garske
f61d276f3b Merge pull request #8362 from JacobBarthelmeh/copyright 
update copyright date to 2025
 2025-01-21 16:23:49 -08:00
JacobBarthelmeh
d94c043b09 misc. spelling fixes 2025-01-21 16:18:28 -07:00
David Garske
5df6989eab Merge pull request #8350 from embhorn/zd19220 
Check r and s len before copying
 2025-01-21 10:36:54 -08:00
JacobBarthelmeh
a4c58614b9 Merge pull request #8324 from julek-wolfssl/ntp-4.2.8p17 
ntp 4.2.8p17 additions
 2025-01-21 10:02:23 -08:00
JacobBarthelmeh
2c24291ed5 update copyright date 2025-01-21 09:55:03 -07:00
Eric Blankenhorn
9c4ef7cd30 Use BUFFER_E instead of ASN_PARSE_E when buffer is too small 2025-01-20 08:40:36 -06:00
Eric Blankenhorn
462aa5bec6 Exclude new test for FIPS 2025-01-10 16:47:13 -06:00
Daniel Pouzzner
7cd2fd3617 numerous fixes for memory errors reported by clang-tidy, most of them true positives, unmasked by CPPFLAGS=-DNO_WOLFSSL_MEMORY: clang-analyzer-unix.Malloc, clang-analyzer-core.NullDereference, clang-analyzer-core.uninitialized.Assign, clang-analyzer-core.UndefinedBinaryOperatorResult, and clang-analyzer-optin.portability.UnixAPI (re malloc(0)). 
several fixes for defects reported by cppcheck:

wolfcrypt/src/ecc.c: fix for cppcheck oppositeInnerCondition from cppcheck-2.16.0 in _ecc_make_key_ex(), and fixes for related unhandled errors discovered by manual inspection;

wolfcrypt/test/test.c: fix XREALLOC call in memcb_test() to resolve cppcheck-detected memleak.
 2025-01-10 14:30:42 -06:00
Eric Blankenhorn
53831d0f32 Add test 2025-01-10 10:06:14 -06:00
Daniel Pouzzner
27c37b245f tests/api.c: in test_dtls12_basic_connection_id(), add cast to fix a -Wformat on size_t j when building -m32. 2025-01-07 16:51:30 -06:00
Juliusz Sosinowicz
40500e4f2b fixup! Implement wolfSSL_X509_STORE_set_default_paths 2025-01-07 10:56:34 +01:00
David Garske
d6440be4a9 Fix for SSL_set_mtu -> wolfSSL_set_mtu_compat return code. Update comment for wolfSSL_is_init_finished indicating it works for TLS and DTLS. 2025-01-03 10:10:37 -08:00
Juliusz Sosinowicz
3cb2bb3759 OBJ_sn2nid: use correct short names 2024-12-31 12:50:04 +01:00
jordan
c71392bb7e coverity: correct lock message, check fd value. 2024-12-24 16:31:16 -06:00
JacobBarthelmeh
2409971b14 Merge pull request #8224 from julek-wolfssl/dtls-server-demux 
DTLS: Add server side stateless and CID QoL API
 2024-12-23 10:01:01 -07:00
Daniel Pouzzner
5ef4732745 Merge pull request #8299 from JacobBarthelmeh/cert_regen 
end of year test certificate renewal
 2024-12-20 17:41:33 -06:00
Daniel Pouzzner
9d3e477b63 src/ssl.c: gate wolfSSL_dtls_set_pending_peer() on !defined(WOLFSSL_NO_SOCK), not just defined(WOLFSSL_DTLS_CID). 
tests/api.c: in test_dtls12_basic_connection_id(), omit chacha20 suites if defined(HAVE_FIPS), and fix gate on DHE-PSK-NULL-SHA256.
 2024-12-20 17:24:13 -06:00
JacobBarthelmeh
7cebe95138 Merge pull request #8304 from SparkiDev/regression_fixes_15 
Regression testing: fixes
 2024-12-20 11:29:15 -07:00
JacobBarthelmeh
19e68ea71a add a faketime test and update cert buffers 2024-12-20 10:35:58 -07:00
Sean Parkinson
b7c1e1cf35 Regression testing: fixes 
src/x509.c: wolfssl_x509_name_entry_set() ne->object is freed if call to
wolfSSL_OBJ_nid2obj_ex() fails. Always assign directly back to
ne->object.

wolfcrypt/test/test.c: aes_ctr_test() doesn't need AES decrypt
./configure '--disable-shared' '--enable-cryptonly'
'CFLAGS=-DNO_AES_DECRYPT' '--disable-aescbc' '--disable-aesofb'
'--disable-aescfb' '--disable-aesgcm' '--disable-aesccm'
'--enable-aesctr' '--disable-aesxts' '--disable-aeseax'

tests/api.c: test_X509_STORE_InvalidCa() only defined when !NO_RSA
./configure '--disable-shared' '--enable-opensslall' '--disable-rsa'

tests/api.c: test_wolfSSL_GENERAL_NAME_print() free ridObj if not
assigned into gn.
 2024-12-20 09:25:03 +10:00
Juliusz Sosinowicz
feff68d4fd Increase buffer to make room for \0 2024-12-19 11:01:27 +01:00
JacobBarthelmeh
df3897d39f adjust tests after cert renewal 2024-12-18 16:19:51 -07:00
jordan
b5c47d27e0 fedora crypto-policies: initial support. 2024-12-18 16:56:36 -06:00
Juliusz Sosinowicz
3ded2bc05d Code review and jenkins fixes 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
71337d2959 Client TLS: Set traffic decrypt keys when parsing Finished 2024-12-18 09:31:25 +01:00
Juliusz Sosinowicz
daa57c492d DTLS: Add server side stateless and CID QoL API 
- wolfDTLS_accept_stateless - statelessly listen for incoming connections
- wolfSSL_inject - insert data into WOLFSSL object
- wolfSSL_SSL(Enable|Disable)Read - enable/disable reading from IO
- wolfSSL_get_wfd - get the write side file descriptor
- wolfSSL_dtls_set_pending_peer - set the pending peer that will be upgraded to regular peer when we successfully de-protect a DTLS record
- wolfSSL_dtls_get0_peer - zero copy access to the peer address
- wolfSSL_is_stateful - boolean to check if we have entered stateful processing
- wolfSSL_dtls_cid_get0_rx - zero copy access to the rx cid
- wolfSSL_dtls_cid_get0_tx - zero copy access to the tx cid
- wolfSSL_dtls_cid_parse - extract cid from a datagram/message
 2024-12-18 09:31:24 +01:00
David Garske
356889a528 Add --disable-tls option that can be used with --enable-all to disable TLS features and set NO_TLS. Useful for allowing certificate manager and crypto compatibility API's only. 2024-12-17 13:40:03 -08:00
David Garske
6151160e58 Further fixes with NO_TLS to support use with compatibility layer. 2024-12-17 09:24:38 -08:00