wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-05 15:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,115 Commits 13 Branches 184 Tags
44adc4a71d52cea0d2da3981fb35cb66df863d4c
Commit Graph

3036 Commits

Author SHA1 Message Date
JacobBarthelmeh 7c6cd1deea passing a unit test 2025-02-28 14:23:24 -07:00
JacobBarthelmeh 1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
Lealem Amedie 22221e5007 Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate 2025-02-28 11:44:30 -07:00
Sean Parkinson 4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes 
OCSP openssl compat fixes
 2025-02-28 13:42:50 +10:00
Daniel Pouzzner d63a180f95 Merge pull request #8513 from SparkiDev/api_c_split_ciphers 
Test api.c: split out MACs and ciphers
 2025-02-27 14:00:36 -06:00
Marco Oliverio 194db7e844 tests: gate ocsp test on SM2 || SM3 
we don't properly support SM2 and SM3 hash algo id properly yet
 2025-02-27 19:38:46 +00:00
Sean Parkinson 48300352c6 Test api.c: split out MACs and ciphers 2025-02-27 15:52:39 +10:00
David Garske 557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"). 2025-02-26 14:00:48 -08:00
Ruby Martin 0c413e75c6 add environment matrix to msys workflow 2025-02-26 09:07:16 -07:00
Ruby Martin 439012dd57 adjust xfopen commands 2025-02-26 09:05:53 -07:00
Ruby Martin 57646a88ff check if clientfd != SOCKET_INVALID not 0, add check if USE_WINDOWS_API 
not defined
 2025-02-26 09:03:55 -07:00
Marco Oliverio 07c7b21b10 tests: api: fix test for d2i_CERT_ID refactor 2025-02-25 22:22:43 +00:00
Marco Oliverio 5eef98a5ea ocsp: add OCSP CERT ID encode/decode test 2025-02-25 22:22:43 +00:00
David Garske 3557cc764a Merge pull request #8501 from SparkiDev/digest_test_rework 
Digest testing: improve
 2025-02-25 13:03:48 -08:00
David Garske f2c5b4e56a Merge pull request #8500 from SparkiDev/evp_aes_gcm_test_fix 
test_wolfssl_EVP_aes_gcm: fix for mem fail testing
 2025-02-25 09:56:55 -08:00
David Garske bac6771828 Merge pull request #8499 from SparkiDev/crl_list_fix 
CRL: fix memory allocation failure leaks
 2025-02-25 09:54:55 -08:00
Reda Chouk 9178c53f79 Fix: Address and clean up code conversion in various files. 2025-02-25 11:17:58 +01:00
Sean Parkinson 6016cc0c97 Digest testing: improve 
Make testing digests consistent.
Add KATs for all digests.
Check unaligned input and output works.
Perform chunking tests for all digests.

Fix Blake2b and Blake2s to checkout parameters in update and final
functions.
Fix Shake256 and Shake128 to checkout parameters in absorb and squeeze
blocks functions.

Add default digest size enums for Blake2b and Blake2s.
 2025-02-25 19:07:20 +10:00
Sean Parkinson 6f268c4369 CRL: fix memory allocation failure leaks 
On memory allocation failure, some functions were leaking memory.

Also add reference counting to CRL object so that a deep copy of a list
of CRLs doesn't leak memory.
The test was explicitly freeing each CRL in the list.
 2025-02-25 09:05:03 +10:00
Sean Parkinson ac1f25d6f4 test_wolfssl_EVP_aes_gcm: fix for mem fail testing 
Fix test to not leak when memory allocation failure testing.
When not supporting AES-GCM streaming, allocation failures occur.
Always call cleanup.
 2025-02-25 08:15:43 +10:00
Sean Parkinson 82b50f19c6 ML-KEM/Kyber: improvements 
ML-KEM/Kyber:
  MakeKey call generate random once only for all data.
  Allow MakeKey/Encapsulate/Decapsulate to be compiled separately.
  Pull out public key decoding common to public and private key decode.
Put references to FIPS 140-3 into code. Rename variables to match FIPS
140-3.
  Fix InvNTT assembly code for x64 - more reductions.
  Split out ML-KEM/Kyber tests from api.c.

TLSX:
Store the object instead of the private key when WOLFSSL_MLKEM_CACHE_A
is defined or WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ. Faster decapsulation
when A is cached and object stored.
To store private key as normal define
WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY.

misc.c: when Intel x64 build, assume able to read/write unaligned
 2025-02-20 08:14:15 +10:00
David Garske 268326d875 Merge pull request #8408 from rizlik/ocsp-resp-refactor 
OpenSSL Compat Layer: OCSP response improvments
 2025-02-19 11:20:12 -08:00
JacobBarthelmeh 373a7d462a Merge pull request #8472 from SparkiDev/ed25519_fix_tests 
Ed25519: fix tests to compile with feature defines
 2025-02-19 09:53:10 -07:00
Sean Parkinson 331a713271 Ed25519: fix tests to compile with feature defines 
ge_operations.c: USe WOLFSSL_NO_MALLOC rather than WOLFSSL_SP_NO_MALLOC.
 2025-02-19 17:41:03 +10:00
Daniel Pouzzner 65f38df74d tests/api.c: refactor several C89-incompatible dynamically constructed arrays using static const. 2025-02-17 17:47:36 -06:00
Marco Oliverio 3e50c79c3b tests: bind test_wolfSSL_client_server_nofail_memio HAVE_SSL_MEMIO_TESTS_DEP 2025-02-17 08:59:29 +00:00
Marco Oliverio eb7904b5e5 tests/api: expose test_ssl_memio functions 2025-02-17 08:59:29 +00:00
Marco Oliverio 2fe413d80f ocsp: add tests 2025-02-17 08:59:23 +00:00
Marco Oliverio f526679ad5 ocsp: refactor OCSP response decoding and wolfSSL_OCSP_basic_verify 
- Search certificate based on responderId
- Verify response signer is authorized for all single responses
- Align with OpenSSL behavior
- Separate wolfSSL_OCSP_basic_verify from verification done during
  decoding
 2025-02-17 08:58:03 +00:00
Juliusz Sosinowicz 68c27c4e5d Move dtls cid tests to tests/api/dtls.c 2025-02-14 09:51:29 -06:00
Juliusz Sosinowicz e02da08192 Reorganize utility functions into tests/utils.c and testsuite/utils.c 2025-02-14 09:51:29 -06:00
David Garske 846ba43a29 Merge pull request #8392 from SparkiDev/curve25519_blinding 
Curve25519: add blinding when using private key
 2025-02-12 16:20:51 -08:00
Sean Parkinson bb84ebfd7a Curve25519: add blinding when using private key 
XOR in random value to scalar and perform special scalar multiplication.
Multiply x3 and z3 by random value to randomize co-ordinates.

Add new APIs to support passing in an RNG.
Old APIs create a new RNG.

Only needed for the C implementations that are not small.

Modified TLS and OpenSSL compat API implementations to pass in RNG.

Fixed tests and benchmark program to pass in RNG.
 2025-02-13 08:52:35 +10:00
Sean Parkinson bcd89b0592 Merge pull request #8388 from julek-wolfssl/BN_CTX_get 
Implement BN_CTX_get
 2025-02-12 08:08:58 +10:00
jordan 922cb73061 test_dual_alg_ecdsa_mldsa: fix decoded cert leak. 2025-02-11 10:58:03 -05:00
David Garske be5f203274 Merge pull request #8425 from philljj/ecdsa_mldsa_test_api 
dual alg: add ML-DSA test, and misc cleanup.
 2025-02-10 15:05:44 -08:00
David Garske ff41eee2e7 Merge pull request #8413 from SparkiDev/tests_api_digests 
API test: move digest functions out
 2025-02-10 14:51:19 -08:00
jordan 937d6d404a dual alg: clean up comments and line lengths. 2025-02-07 09:22:16 -05:00
David Garske c668a4e5a0 Merge pull request #8426 from SparkiDev/read_der_bio_small_data_fix 
Read DER BIO: fix for when BIO data is less than seq buffer size
 2025-02-06 16:21:42 -08:00
Sean Parkinson 3ff89f2cc2 API test: move digest functions out 
Move all api.c tests of wolfCrypt APIs that are for digests out into
separate files.
 2025-02-07 09:29:46 +10:00
Sean Parkinson ae8b8c4164 Read DER BIO: fix for when BIO data is less than seq buffer size 
wolfssl_read_der_bio did not not handle the length to be read from the
BIO being less than the size of the sequence buffer.
 2025-02-07 08:46:49 +10:00
Daniel Pouzzner 6f044c577f tests/api.c: add a missed "#ifdef WOLFSSL_ATOMIC_INITIALIZER" in test_AEAD_limit_server(). 2025-02-06 16:32:54 -06:00
jordan 3df616ae58 dual alg: small cleanup. 2025-02-06 15:57:13 -05:00
jordan 035d4022fb dual alg: add ML-DSA test, and misc cleanup. 2025-02-06 15:50:37 -05:00
Daniel Pouzzner 40e3f03795 tests/api.c: fix data races in test_wolfSSL_CTX_add_session_ctx_ready() using a mutex, and in test_wolfSSL_dtls_AEAD_limit() using a mutex, an atomic integer, and a volatile attribute. 
wolfssl/wolfcrypt/wc_port.h: add WOLFSSL_ATOMIC_LOAD() and WOLFSSL_ATOMIC_STORE() definitions.
 2025-02-06 00:55:44 -06:00
David Garske 345c969164 Fixes for Watcom compiler and new CI test 
* Correct cmake script to support Open Watcom toolchain (#8167)
* Fix thread start callback prototype for Open Watcom toolchain (#8175)
* Added GitHub CI action for Windows/Linux/OS2
* Improvements for C89 compliance.
Thank you @jmalak for your contributions.
 2025-02-04 12:38:52 -08:00
Juliusz Sosinowicz 8b7b9636aa Remove BN_CTX_init as its no longer in OpenSSL for a long time 2025-02-04 16:37:21 +01:00
Juliusz Sosinowicz 841d13e81c Implement BN_CTX_get 2025-02-04 16:37:21 +01:00
Eric Blankenhorn b488af1d34 Fix compat layer ASN1_TIME_diff to accept NULL output params 2025-01-31 15:55:35 -06:00
JacobBarthelmeh 4891d1c471 Merge pull request #8400 from ColtonWilley/add_trusted_cert_pem_parsing 
Add support for parsing trusted PEM certs
 2025-01-31 10:53:51 -07:00