wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-06 13:05:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,563 Commits 12 Branches 184 Tags
7077a7bdd8edae202bedebb95b3801af5604aaa0
Commit Graph

3259 Commits

Author SHA1 Message Date
Sean Parkinson
27df554e99 Merge pull request #9701 from Frauschi/brainpool-tls13 
Add support for TLS 1.3 Brainpool curves
 2026-01-23 10:42:32 +10:00
Tobias Frauenschläger
eb8ba6124e Support TLS 1.3 ECC Brainpool authentication 
This also fixes TLS 1.2 authentication to only succeed in case the
brainpool curve was present in the supported_groups extension.
 2026-01-22 14:14:09 +01:00
Kareem
832bcd7f4b Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20850 2026-01-20 15:59:05 -07:00
Chris Conlon
0f395a5f9d Fix memory management in wolfssl_dns_entry_othername_to_gn() and 
wolfSSL_X509_get_ext_d2i() for otherName SAN handling, add ASN_RID_TYPE case to wolfSSL_X509_get_ext_d2i()
 2026-01-19 16:39:33 -07:00
Daniel Pouzzner
9aabef04ba Merge pull request #9641 from SparkiDev/api_c_split_evp 
API testing: split out more test cases
 2026-01-16 14:58:15 -06:00
Sean Parkinson
43d831ff06 API testing: split out more test cases 
EVP into test_evp_cipher, test_evp_digest, test_evp_pkey and test_evp.
OBJ into test_ossl_obj.
OpenSSL RAND into test_ossl_rand.
OpenSSL PKCS7 and PKCS12 tests into test_ossl_p7p12.
CertificateManager into test_certman.

Move some BIO tests from api.c into test_evp_bio.c.

Fix line lengths.
 2026-01-13 06:34:49 +10:00
Sean Parkinson
ce69f1cec0 Merge pull request #9635 from miyazakh/x509errstr_handling 
Fix OpenSSL error code handling in ERR_reason_error_string()
 2026-01-12 08:57:17 +10:00
Hideki Miyazaki
0e8af03f1d OpenSSL error code handling in reason_error_string 2026-01-10 13:50:08 +09:00
Hideki Miyazaki
d052128830 addressed review comments 2026-01-09 09:01:14 +09:00
Hideki Miyazaki
08876e278a Fix CRL Number hex string buffer overflow in CRL parser 2026-01-08 17:25:19 +09:00
Fabian Keil
21f35137a1 tests: Unbreak the build on FreeBSD-based systems 
... by using the same additional includes as on Linux.

Fixes:

      CC       tests/api/unit_test-test_rsa.o
    tests/api.c:19554:9: error: call to undeclared function 'waitpid'; ISO C99 and later do not support implicit function declarations [-Werror,-Wimplicit-function-declaration]
     19554 |         waitpid(pid, &waitstatus, 0);
	   |         ^

Tested on ElectroBSD amd64 14.3-STABLE.
 2025-12-31 14:48:06 +01:00
Anthony Hu
48ebe99372 Validate asn date based on position of Z (#8603) 2025-12-29 16:01:22 -06:00
Kareem
d09b5ee1f1 Add duplicate entry error to distinguish cases where a duplicate CRL is rejected. 2025-12-26 12:02:35 -07:00
David Garske
57ef8a7caf Merge pull request #9574 from anhu/dtls_guard 
Guard a bit of DTLS code.
 2025-12-23 15:03:46 -08:00
Anthony Hu
40327b7fe3 Binary consts to hexidecimal. C2X feature. 2025-12-23 14:45:36 -05:00
night1rider
afbc65a6c3 Aes Free callback support 2025-12-22 12:39:41 -07:00
JacobBarthelmeh
d5723d0d89 Merge pull request #9544 from julek-wolfssl/gh/9362 
Check KeyShare after HRR
 2025-12-19 14:36:31 -07:00
Daniel Pouzzner
33fc601011 tweaks from PRBs results: 
tests/api.c:
* remove inapt SSL_library_init() in test_wolfSSL_EVP_Cipher_extra();
* move TEST_X509_DECLS to follow TEST_DECL(test_wolfSSL_Init);

tests/api/test_random.c: enlarge seed buffer in test_wc_RNG_TestSeed() to accommodate amdrand block size;

tests/quic.c: wrap exercises in wolfSSL_Init()...wolfSSL_Cleanup();

tests/unit.c: in unit_test(), add several more fflush(stdout)s, report error from wolfSSL_Cleanup(), and fix line length;

wolfcrypt/test/test.c: omit reseed test in _rng_test() if HAVE_INTEL_RDRAND or old FIPS, and use simplified random_test() if HAVE_INTEL_RDRAND;

wolfssl/wolfcrypt/mem_track.h: add memList pointer in struct memoryStats, and set it in InitMemoryTracker();

wolfssl/wolfcrypt/settings.h: undefine WOLFSSL_SMALL_STACK_CACHE if WOLFSSL_SMALL_STACK is undefined;

.github/workflows/trackmemory.yml: add --enable-intelrdseed scenario.
 2025-12-17 11:01:11 -06:00
Daniel Pouzzner
918b6973bd tests/api.c: in test_wolfSSL_dtls_stateless_HashWOLFSSL(), when WOLFSSL_SMALL_STACK_CACHE, omit ssl->hsHashes from the comparison (init-time heap pointers destabilize its bit signature). 2025-12-17 11:01:10 -06:00
Juliusz Sosinowicz
f61bfd7805 Check KeyShare after HRR 2025-12-17 10:27:04 +01:00
Ruby Martin
27b5ac9f84 sanitize loop bound in tls_multi_handshakes_one_record() unit test 
add additional check for breaking while loop
 2025-12-12 14:18:25 -07:00
Daniel Pouzzner
38d5dc6c7a Merge pull request #9510 from embhorn/gh7981 
Fix test when ECH and harden are enabled
 2025-12-11 13:07:29 -06:00
Daniel Pouzzner
3e8c6811c7 Merge pull request #9518 from SparkiDev/api_c_split_3 
api.c: Split out more functions
 2025-12-11 13:06:58 -06:00
Daniel Pouzzner
f07e379d6d Merge pull request #9456 from anhu/test_inits 
Initialize test variables; avoid false warnings.
 2025-12-11 12:40:44 -06:00
Sean Parkinson
b4b617de49 api.c: Split out more functions 
More X509 function testing.
X509 store function testing.
X509 lookup function testing.
 2025-12-11 19:00:19 +10:00
Sean Parkinson
0b2fb66af6 api.c: Split out more functions 
wolfSSL_PEM, wolfSSL_X509, wolfSSL_X509_NAME, wolfSSL_X509_PUBKEY API
testing moved out to separate files.
 2025-12-11 15:32:09 +10:00
Eric Blankenhorn
8053e8f9b3 Fix test when ECH and harden are enabled 2025-12-10 08:14:59 -06:00
Anthony Hu
cf8b729bae Initialize test variables; avoid false warnings. 2025-11-21 11:59:07 -05:00
JacobBarthelmeh
3f441ef1a5 update tests after certificate renewal 2025-11-14 14:45:37 -07:00
David Garske
6ff57b8045 Merge pull request #9419 from rlm2002/coverity 
Uninitialized variable fix
 2025-11-13 08:58:00 -08:00
Ruby Martin
b2336c57ce initialize ctype variable 2025-11-12 16:48:52 -07:00
Juliusz Sosinowicz
4b7c052ee9 test_wolfSSL_inject: don't call accept on completed handshake 2025-11-12 17:12:22 +01:00
Josh Holtrop
3af60ff85d Check for duplicate extensions in client hello when HAVE_TLS_EXTENSIONS is not set - fix #9377 2025-11-10 10:06:07 -05:00
Sean Parkinson
f376c8d910 Merge pull request #9388 from lealem47/scan_build 
Various fixes for nightly tests
 2025-11-07 09:30:08 +10:00
Lealem Amedie
08db159c5d Fixes for minor scan-build warnings 2025-11-05 21:27:06 -07:00
Marco Oliverio
6855325bf8 test: memio: simulate_want_write: block client on is_client == true 2025-11-03 13:43:33 +01:00
Juliusz Sosinowicz
c14b1a0504 Validate cipher suite after HelloRetryRequest 
- Add validation to ensure the cipher suite in the ServerHello matches the one specified in the HelloRetryRequest.
- test_TLSX_CA_NAMES_bad_extension: use the same ciphersuite in HRR and SH
 2025-10-29 13:14:50 +01:00
Daniel Pouzzner
8c60b7b250 src/internal.c and tests/api.c: fix clang-analyzer-core.NullPointerArithms. 2025-10-28 16:42:14 -05:00
Sean Parkinson
093cc04076 Stack API: Pull out implementation into separate file 
General stack APIs pulled out into ssl_sk.c.
Other simple APIs also pulled out into ssl_sk.c.
wolfSSL_lh_retrieve also pulled out into ssl_sk.c.

Added tests of public APIs that weren't already tested.
 2025-10-27 17:08:41 +10:00
JacobBarthelmeh
4daab8a813 Merge pull request #9284 from SparkiDev/aarch64_asm_gen 
Aarch64 asm: convert to generated
 2025-10-22 11:10:27 -06:00
JacobBarthelmeh
d60e4ddbd1 Merge pull request #9329 from SparkiDev/regression_fixes_20 
Regression testing fixes
 2025-10-22 09:12:58 -06:00
Sean Parkinson
821dc5cb13 Regression testing fixes 
Adding protection to tests that use RSA and ECC.
 2025-10-22 18:33:44 +10:00
Sean Parkinson
9c1462a9ec Aarch64 asm: convert to generated 
Algorithms now generated:
  SHA-256
  SHA-512
  ChaCha20
  Poly1305
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM + streaming
  AES-XTS
  AES SetKey

ARM32 asm algorithms generated now too:
  SHA-256
  SHA-512
  ChaCha20
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM
  AES-XTS
  AES SetKey

Removed use of ARM specific implementations of algorithms. (armv8-aes.c)
 2025-10-21 17:03:39 +10:00
night1rider
f1faefed91 Added callbacks for copy and free to SHA, 224, 384, 512, and SHA3. Also split macros for FREE and COPY Callbacks, and add configure.ac option. 2025-10-20 11:09:35 -06:00
night1rider
0dca3bc24d Setup to be opt-in for copy callback, and also added a outline for a free callback 2025-10-20 10:07:24 -06:00
Daniel Pouzzner
6ee660841b fixes/workarounds for -Wnull-dereferences, some true positive, some false 
positive:
* src/pk.c:wolfSSL_RSA_meth_new()
* tests/api.c:test_wolfSSL_PKCS7_certs()
* tests/api.c:test_wolfSSL_X509V3_EXT_get()
* wolfcrypt/src/asn.c:EncodeName()
* wolfcrypt/src/pkcs12.c:wc_i2d_PKCS12()
* wolfcrypt/src/port/af_alg/afalg_aes.c
 2025-10-16 15:10:16 -05:00
David Garske
3534fad3ee Merge pull request #9295 from rizlik/shutdown_nonblocking_fix 
wolfSSL_shutdown: handle non-blocking I/O
 2025-10-14 12:50:57 -07:00
Marco Oliverio
4280b52bff test: increase coverage for multiple wolfSSL_shutdown test 2025-10-14 10:05:11 +02:00
effbiae
7a3db09ddd automated small stack compress 2025-10-11 11:40:30 +11:00
Juliusz Sosinowicz
6fbbdf9324 Add message order sanity checks 
Reorganize test_dtls tests to use TEST_DECL_GROUP
Reorganize test_tls tests to use TEST_DECL_GROUP
 2025-10-08 11:11:03 +02:00