Commit Graph

29160 Commits

Author SHA1 Message Date
Ruby Martin 8ab08f7b17 check length in wc_oid_sum()
add MAX_OID_SZ to known macro extras
2025-06-26 09:20:26 -06:00
Ruby Martin 9b6b41627e move CFErrorRef instantiation
cleanup
2025-06-26 09:06:01 -06:00
Ruby Martin 1321e00e45 set p2 to null before next iteration 2025-06-26 08:57:56 -06:00
Ruby Martin 79b6e62668 modify check domain test
void code for unused variable warning

do not run check_domain_name test if ssl_verify_none has been set
2025-06-26 08:39:32 -06:00
Ruby Martin 7c44f14e77 add apple test to github actions 2025-06-26 08:38:30 -06:00
Ruby Martin d3b30f8d51 Check underlying error, want only maximum validity period error
add apple test macros to tests requiring cert manager
2025-06-26 08:38:28 -06:00
Brett 877bade216 additional debugging 2025-06-26 08:38:28 -06:00
Brett 7232b3a6bb Apple native cert validation: add WOLFSSL_TEST_APPLE_CERT_VALIDATION feature macro that forces system CA certs on and makes all CA certs added to CM via xxx_load_verify_xxx APIs to instead be loaded as system trust anchors when used for TLS cert verification 2025-06-26 08:38:26 -06:00
Sean Parkinson f1cb4d579c Regression testing
Fixes to get WOLFSSL_PUBLIC_MP testing passing.
Fix DH constant time agreement:
  - implement constant time encoding to big-endian byte array in TFM
- only force x to be zero for SP math as others implementations ensure
unused words are zero
- exponentiate in constant time to the smallest number of words
possible
- no need to encode into separate buffer anymore as encoding is
constant time and front padded
- make requested_sz be the maximum size for the parameters and check
against agreeSz
- update agreeSz to be the maximum valid size instead of filling all
the buffer which may be many times too big
- fix SP result to front pad when doing constant time
2025-06-26 21:21:05 +10:00
Koji Takeda b734c47cc9 Check the len range stricter 2025-06-26 17:48:52 +09:00
Daniel Pouzzner 981ba4b14c Merge pull request #8925 from mattia-moffa/20250625-wolftpm-ca-false
Allow CA:FALSE on wolftpm
2025-06-25 22:27:27 -05:00
Daniel Pouzzner 41e2d920a5 Merge pull request #8924 from JacobBarthelmeh/cert_expr
regenerate intermediate and crl certs to update ca-int.pem
2025-06-25 22:26:26 -05:00
Daniel Pouzzner d49eb5f2c4 Merge pull request #8920 from kaleb-himes/wolfEntropy-2025
Update wolfEntropy checkout with AdPr update
2025-06-25 22:21:36 -05:00
Daniel Pouzzner 6fb1c54c29 Merge pull request #8854 from dgarske/renesas_rx_tsip_aesctr
Added Renesas RX TSIP AES CTR support
2025-06-25 22:20:03 -05:00
Daniel Pouzzner 6bfd2632db Merge pull request #8917 from dgarske/various_20250623
Fix for broken `test_wolfSSL_check_domain_basic`
2025-06-25 22:15:02 -05:00
Daniel Pouzzner 23a37b2ebc Merge pull request #8916 from dgarske/revert_pr8911
Revert PR #8911
2025-06-25 21:52:34 -05:00
Daniel Pouzzner d6d124bb85 Merge pull request #8774 from SparkiDev/armv8_ghs
Armv8 (Aarch64) ASM fixes for Green Hills compiler
2025-06-25 21:46:48 -05:00
Daniel Pouzzner 29f534f3b0 Merge pull request #8836 from SparkiDev/lms_serialize_state
LMS: Allow state to be saved with private key
2025-06-25 21:34:42 -05:00
Daniel Pouzzner 38892fdd07 Merge pull request #8757 from anhu/recalc_suites
Recalculate suites at ssl initialization.
2025-06-25 21:32:38 -05:00
David Garske 6b7fe091bf Implement proper MacOS dispatch for conditional signal/wait. Note: this logic was pulled from wolfMQTT and is well established. 2025-06-25 17:14:12 -07:00
Sean Parkinson f119086d3e Merge pull request #8918 from kojiws/fix_asn_integer_export
Fix SetShortInt() not to export wrong DER
2025-06-26 08:16:48 +10:00
Sean Parkinson 80a234a0c5 Merge pull request #8830 from JacobBarthelmeh/rx_threadx
add option to not use CT code with min/max
2025-06-26 08:15:09 +10:00
Mattia Moffa e9e00c47ab Allow CA:FALSE on wolftpm
The Intel CSME fTFM sets this basic constraint on their EK certificates
and by default wolfSSL fails to parse because of this.
2025-06-25 22:48:53 +02:00
Alex Lanzano 9ae221444c Enable MD5 when --enable-opensslall is set 2025-06-25 15:16:02 -04:00
JacobBarthelmeh 7b5e3e2551 regenerate intermediate and crl certs to update ca-int.pem 2025-06-25 10:00:57 -06:00
Alex Lanzano 6bba48d89c Enable MD5 when --enabled-bump is set 2025-06-25 11:47:04 -04:00
Alex Lanzano 39cef87e43 Enable MD5 when --enable-des3 is set 2025-06-25 11:42:10 -04:00
Alex Lanzano caaa4fbc5d Enable MD5 when --enable-lighty is set 2025-06-25 11:35:35 -04:00
Alex Lanzano 3e774f8074 Enable MD5 when --enable-mcapi is set 2025-06-25 11:33:52 -04:00
Alex Lanzano 4275b66211 Enable MD5 when --enable-jni is set 2025-06-25 11:27:08 -04:00
Alex Lanzano 4fd0029f18 Enable MD5 when --enable-fortress is set 2025-06-25 11:21:00 -04:00
Alex Lanzano f33d1d69bb Enable MD5 when --enable-asio is set 2025-06-25 11:15:50 -04:00
Alex Lanzano 495324d4dc Add the md5 dependency to options that require it 2025-06-25 11:00:41 -04:00
Alex Lanzano 07f76723e2 Disable MD5 by default
Disable the use of MD5 by default. Add the conditional use of MD5 when
--enable-all-crypto is present. Add the use of MD5 when
--enable-opensslextra is present. Add the use of MD5 when
--enable-tlsv10 is present.
2025-06-25 11:00:41 -04:00
Daniel Pouzzner 1c1c556e5e Merge pull request #8915 from philljj/linuxkm_rsa_fix_sig_callbacks
linuxkm rsa: set sig_alg max_size and digest_size callbacks.
2025-06-25 08:28:04 -05:00
Daniel Pouzzner e223da457c Merge pull request #8922 from JacobBarthelmeh/rng
altering macro guards and test case for RNG test on alternate builds
2025-06-24 22:15:14 -05:00
Koji Takeda d76386f38c Add tests 2025-06-25 11:27:12 +09:00
Koji Takeda 05c8bc7514 Fix SetShortInt() 2025-06-25 11:27:11 +09:00
JacobBarthelmeh 6cf3b51333 guard test that uses pipe from running with mingw 2025-06-24 17:21:24 -06:00
Sean Parkinson 5c9ad359d1 Merge pull request #8904 from anhu/bigger_header
Fix missing dashes on the end of header and footer.
2025-06-25 08:26:59 +10:00
JacobBarthelmeh fe7d458d29 random.c is also locked in FIPS v6 2025-06-24 16:08:25 -06:00
JacobBarthelmeh 1c5e531332 add new macro to known macro list 2025-06-24 14:57:17 -06:00
JacobBarthelmeh c33035e6a6 add conditions to constant time mask functions 2025-06-24 13:52:40 -06:00
JacobBarthelmeh 838636c76b add option to not use CT code with min/max 2025-06-24 13:52:40 -06:00
jordan 1e0e4932ca linuxkm rsa: fix km_pkcs1_key_size callback. 2025-06-24 14:41:57 -05:00
David Garske 33972e3678 Disable system CA certs for msys2 test. 2025-06-24 10:28:42 -07:00
kaleb-himes f5f0bdf61e Update wolfEntropy checkout with AdPr update 2025-06-24 10:54:52 -06:00
David Garske 41591e7eb9 Fixes for TSIP AES CTR unit tests and handling of invalid cases. 2025-06-24 09:41:33 -07:00
David Garske 191165a021 Test case created by @miyazakh. 2025-06-24 09:41:33 -07:00
David Garske dc57adcfed Fix to increment IV for AES CTR with TSIP (allow encrypt to be called multiple times without having to manually reset the IV). 2025-06-24 09:41:33 -07:00