wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-28 22:03:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
27,263 Commits 13 Branches 184 Tags
730b0d3e38340f0385bf45ae93023301eb4bef7a
Commit Graph

254 Commits

Author SHA1 Message Date
Mattia Moffa 26c9908504 Use string literals in tests, fix add CA functions 2025-09-24 00:11:55 +02:00
Mattia Moffa 4535572428 Use memio in tests, fix ifdef, fix typos 2025-09-23 11:50:21 +02:00
Reda Chouk e3fbb24713 Fix malformed DTLS comment syntax 2025-09-22 12:59:30 +02:00
Mattia Moffa 5efc4a7cd0 Fix tests 2025-09-19 16:45:15 +02:00
Kareem 23f595586d Fix building with --enable-keygen --enable-rsavfy. 2025-09-18 16:21:08 -07:00
Reda Chouk 8f47b4bb08 Prevent DTLS clients from replaying ClientHello 
messages when receiving bogus Finished messages in epoch 0 by
ensuring Finished messages are only ignored in encrypted epochs (1).
 2025-09-18 14:41:12 +02:00
Mattia Moffa 3bdb43eb6a Add support for certificate_authorities extension in ClientHello 2025-09-17 15:33:05 +02:00
Kareem ec92f76dec Fix tests when building with PEM support disabled by using DER certs/keys. 2025-09-12 16:11:07 -07:00
David Garske 3e63bc68d4 Add support for enabling RSA private key to DER without keygen. ( new macro WOLFSSL_KEY_TO_DER) 2025-09-11 10:29:31 -07:00
Sean Parkinson 115d4d88c0 api.c: pull out TLS 1.3 specific tests 2025-08-26 09:05:46 +10:00
Josh Holtrop 98b6b92a76 Error from GetShortInt with negative INTEGER values 2025-08-19 12:40:48 -04:00
Sean Parkinson 0ba16a9c5b Merge pull request #9104 from kojiws/export_long_key_orig_asn 
Improve original implementation on SetAsymKeyDer() and the test
 2025-08-18 22:11:25 +10:00
Koji Takeda 0a9356e645 Improve original implementation on SetAsymKeyDer() and the test 2025-08-15 00:04:01 +09:00
David Garske d79ca8a746 Improve some of the build cases around crypto callback only 2025-08-13 21:58:53 +01:00
Daniel Pouzzner e24f76bb1e Merge pull request #9057 from SparkiDev/mldsa_x64_asm 
ML-DSA/Dilithium: Intel x64 ASM
 2025-08-11 23:12:44 -05:00
Juliusz Sosinowicz 0d532cc3f2 Test DTLS replay protection 2025-08-07 19:52:05 +02:00
Sean Parkinson 648a057147 ML-DSA/Dilithium: Intel x64 ASM 
Optimize code knowing it is for Intel x64.
Change signing to calculate one polynomial at a time so that if it isn't
valid then we fail early.
Other minor improvements.
Move the SHA-3 4 blocks at a time assembly into SHA-3 asm file.
Make constants in assembly the same length (front pad with zeros).
 2025-08-07 14:01:50 +10:00
David Garske 1693f72af7 Fixes for issues copilot found. 2025-08-05 07:22:04 -07:00
Sean Parkinson b40e3d479f api.c: split out more tests into separate files 
wolfCrypt PKCS7
wolfCrypt PKCS12
OpenSSL compat ASN.1
OpenSSL compat BN
OpenSSL comppat BIO
OpenSSL comppat Digest
OpenSSL comppat MAC
OpenSSL comppat Cipher
OpenSSL comppat RSA
OpenSSL comppat DH
OpenSSL comppat EC
OpenSSL comppat ECX
OpenSSL comppat DSA
 2025-08-05 19:32:56 +10:00
Koji Takeda 2891815965 Fix errors on #9000 2025-07-31 16:04:22 +09:00
Koji Takeda 09deacbe8f Revert "Merge pull request #9045 from douzzer/20250730-revert-PR9000" 
This reverts commit 70af2be5ab, reversing
changes made to 46347173b2.
 2025-07-31 14:14:51 +09:00
Daniel Pouzzner 26806cda7b Revert "Support importing seed of ML-DSA key" 
This reverts commit a82d1a6b12.
 2025-07-30 15:39:57 -05:00
Daniel Pouzzner d0bf9c4b3c Revert "Disable exporting dilithium DER tests without WOLFSSL_ASN_TEMPLATE" 
This reverts commit bbcdfe92e0.
 2025-07-30 15:39:53 -05:00
Koji Takeda bbcdfe92e0 Disable exporting dilithium DER tests without WOLFSSL_ASN_TEMPLATE 2025-07-28 21:46:28 +09:00
Koji Takeda a82d1a6b12 Support importing seed of ML-DSA key 2025-07-28 21:46:28 +09:00
JacobBarthelmeh c25efcee92 Merge pull request #9028 from dgarske/md5_sha1 
Fixes for building with MD5 and SHA1 to support Hash `WC_HASH_TYPE_MD5_SHA`
 2025-07-24 10:41:22 -06:00
David Garske 6aabc73845 Merge pull request #9018 from holtrop/decode-skp 
Add API to decode SymmetricKeyPackage and OneSymmetricKey CMS objects
 2025-07-23 16:01:58 -07:00
David Garske 551ff3f1b6 Fixes for building with MD5 and SHA1 to support Hash WC_HASH_TYPE_MD5_SHA. ZD 20269. 2025-07-23 15:59:08 -07:00
Josh Holtrop 15c8730ef7 Use wc_ prefix for IndexSequenceOf() 2025-07-22 14:50:42 -04:00
Josh Holtrop 77bace5010 Update style per code review comments 2025-07-22 14:47:22 -04:00
JacobBarthelmeh 98c70fb77e fix mldsa test case for buffer size and expire date 2025-07-21 15:15:31 -06:00
Josh Holtrop 06d86af67c Add API to decode SymmetricKeyPackage and OneSymmetricKey CMS objects 2025-07-19 18:28:06 -04:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Sean Parkinson e649e1047f API test ASN: must not have NO_ASN defined 
Add testing of PSK only to workflows.
 2025-07-07 16:24:10 +10:00
Sean Parkinson af05fa874f Unit Test: fix test case for memory allocation failure testing 
test_ocsp_basic_verify() not freeing and setting pointer to NULL. Second
free occuring on freed pointer.
 2025-07-02 09:27:25 +10:00
JacobBarthelmeh 77792ace65 Merge pull request #8945 from SparkiDev/mem_fail_fixes_2 
Memory allocation failure testing fixes
 2025-07-01 09:35:11 -06:00
Sean Parkinson 574de4b234 Memory allocation failure testing fixes 
Fixes for test code to cleanup on failure properly.
pkcs7.c: when streaming, free the decrypting content when adding data to
the stream fails.
 2025-07-01 11:50:42 +10:00
Marco Oliverio ae9ba6627c fix(tests): enlarge readBuf in DTLS record tests 
Increase readBuf to 256 bytes. Guard memcpy with EXPECT_SUCCESS().
 2025-06-30 09:47:38 +02:00
Koji Takeda d76386f38c Add tests 2025-06-25 11:27:12 +09:00
David Garske 27176a5eeb Merge pull request #8870 from kareem-wolfssl/zd20030 
Various minor fixes.
 2025-06-18 08:55:07 -07:00
Kareem 7e4ec84124 Add macros for legacy get_digit functions for FIPS/selftest. 2025-06-17 10:12:06 -07:00
Kareem 9c9465aa23 Also account for selftest for mp_get_digit refactor. 2025-06-17 10:12:06 -07:00
Kareem 05aa4f5f08 Make mp_get_digit refactor FIPS friendly. 2025-06-17 10:12:06 -07:00
Kareem e8c110d2ac Rename get_digit* to mp_get_digit* to avoid conflicts with other functions named get_digit. 2025-06-17 10:12:06 -07:00
Marco Oliverio b1b49c9ffb dtls13: always send ACKs on detected retransmission 
Otherwise the connection can stall due the indefinite delay of an explicit ACK,
for exapmle:

 -> client sends the last Finished message
<- server sends the ACK, but the ACK is lost
 -> client rentrasmit the Finished message
 - server delay sending of the ACK until a fast timeout
 -> client rentrasmit the Finished message quicker than the server timeout
 - server resets the timeout, delaying sending the ACK
 -> client rentrasmit the Finished...
 2025-06-16 14:19:32 +02:00
JacobBarthelmeh 94f5948f20 Merge pull request #8858 from rizlik/dtls13_set_epoch_fix 
dtls13: move Dtls13NewEpoch into DeriveTls13Keys
 2025-06-10 09:48:58 -06:00
Sean Parkinson cb90b78688 ML-DSA: fix tests for different configs 
Setting the private key into SSL object requires signing to be
available.
Only enable the parameters that are compiled in.
 2025-06-10 20:44:27 +10:00
Marco Oliverio 59ff71f936 fixup! dtls13: move Dtls13NewEpoch into DeriveTls13Keys 2025-06-09 16:11:17 +02:00
Marco Oliverio c1c1929e55 dtls13: move Dtls13NewEpoch into DeriveTls13Keys 
Dlts13NewEpoch saves the keys currently derived in the ssl object.
Moving Dtls13NewEpoch inside DeriveTls13Keys avoid the risk of using the wrong
keys when creating a new Epoch.

This fixes at least he following scenario:

- Client has encryption epoch != 2 in the handshake (eg. due to rtx)

- Client derives traffic0 keys after receiving server Finished message

- Client set encryption epoch to 2 again to send the Finished message, this
   override the traffic key computed

- Client creates the new epoch with the wrong key
 2025-06-09 02:35:29 +02:00
JacobBarthelmeh 570c1fc390 Merge pull request #8824 from JeremiahM37/tlsCurveFix 
tls fix for set_groups
 2025-06-06 10:47:06 -06:00