wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 10:30:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,437 Commits 12 Branches 184 Tags
761f0f1d1fa596d41c7ea54e5ca4658fb334b7f9
Commit Graph

99 Commits

Author SHA1 Message Date
Juliusz Sosinowicz
761f0f1d1f Simplify TLSX_SupportedCurve_Parse 
Server only uses curves that are supported by both the client and the server. If no common groups are found, the connection will fail in TLS 1.2 and below. In TLS 1.3, HRR may still be used to resolve the group mismatch.
 2025-06-05 22:04:49 +02:00
JeremiahM37
a160ba1379 Supported_group unit test fix 2025-06-05 22:04:49 +02:00
JeremiahM37
9d342bae83 unit tests for set_groups curve fix 2025-06-05 22:04:49 +02:00
Sean Parkinson
8ea01056c3 Merge pull request #8788 from julek-wolfssl/gh/8765 
tls13: handle malformed CCS and CCS before CH
 2025-05-28 09:45:09 +10:00
David Garske
6de7bb74ed Merge pull request #8787 from julek-wolfssl/refactor-GetHandshakeHeader 
Refactor GetHandshakeHeader/GetHandShakeHeader into one
 2025-05-27 15:26:24 -07:00
Sean Parkinson
71a9e48701 Merge pull request #8801 from rlm2002/coverity 
coverity: misc changes to api.c
 2025-05-28 07:28:40 +10:00
Daniel Pouzzner
8179367412 Merge pull request #8798 from dgarske/mldsa_nosign 
Fix for ML-DSA with `WOLFSSL_DILITHIUM_NO_SIGN`
 2025-05-27 14:44:44 -05:00
Ruby Martin
2eddc32eed coverity: fix use after free, improper use of negative value, initialize src variable 2025-05-27 09:43:44 -06:00
Juliusz Sosinowicz
2ec6b92b41 tls13: handle malformed CCS and CCS before CH 
- fix incorrect alert type being sent
- error out when we receive a CCS before a CH
- error out when we receive an encrypted CCS
 2025-05-23 15:04:22 +02:00
Sean Parkinson
999641d9b1 Merge pull request #8642 from rizlik/dtls_no_span_records 
DTLS: drop records that span datagrams
 2025-05-23 14:57:24 +10:00
David Garske
607d7489bc Add no malloc support for Dilithium tests. Fixes for WOLFSSL_DILITHIUM_NO_ASN1. 2025-05-22 14:34:34 -07:00
David Garske
d0085834cd Fix for ML-DSA with WOLFSSL_DILITHIUM_NO_SIGN. ZD 19948. 2025-05-22 12:36:46 -07:00
Ruby Martin
a170624118 coverity: init dgst variable test_sha3.c 
improper use of neg val api.c

copy-paste error in test_wolfSSL_PEM_read_bio_ECPKParameters
 2025-05-21 08:29:44 -06:00
Juliusz Sosinowicz
5e7ef142e8 Refactor GetHandshakeHeader/GetHandShakeHeader into one 2025-05-20 13:23:14 +02:00
Marco Oliverio
cbe1fb2c62 dtls: drop DTLS messages that span across datagrams 
A new macro "WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS" restores the old
behaviour.
 2025-05-19 10:28:13 +02:00
Marco Oliverio
23b73bb298 test_memio: preserve write boundaries in reads 2025-05-19 10:25:24 +02:00
Daniel Pouzzner
91af9073b0 Merge pull request #8777 from rizlik/dtls_reject_v11 
Drop DTLS packets with bogus minor version number
 2025-05-16 14:45:25 -05:00
Daniel Pouzzner
e67536cb15 Merge pull request #8775 from rlm2002/coverity 
Coverity: address uninitialized scalar variable issues
 2025-05-16 14:44:38 -05:00
Daniel Pouzzner
77bebff341 fixes for armasm: 
configure.ac: set DEFAULT_ENABLED_ALL_ASM=no if FIPS <v6 and not on amd64 (i.e. if ARM);

tests/api/test_sha256.c: skip test_wc_Sha256_Flags() and test_wc_Sha224_Flags() if armasm and FIPS <v7;

wolfssl/wolfcrypt/settings.h: define WOLFSSL_SP_INT_DIGIT_ALIGN for ARM (needed on BE, and no effect on LE).
 2025-05-15 21:20:10 -05:00
Ruby Martin
2940a16c10 coverity: initialize variables for api.c, test_digest.h, and test_sha3.c 2025-05-15 16:55:34 -06:00
Marco Oliverio
22f41a8dbb Drop DTLS packets with bogus minor version number 2025-05-15 19:50:36 +02:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
David Garske
25db14f50c Fix macro typo. 2025-05-06 10:42:09 -07:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
JacobBarthelmeh
e233ead7f6 add macro guards for SHA3 test cases 2025-05-05 11:19:21 -06:00
Daniel Pouzzner
bbbed009b2 tests/api/test_dtls.c: fix read of uninited data in test_dtls13_ack_order(). 2025-04-19 01:57:51 -05:00
Daniel Pouzzner
9e5c064d5d Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse 
Add wc_PKCS12_parse_ex() to keep PKCS8 header
 2025-04-19 01:57:21 -05:00
Juliusz Sosinowicz
43c564d48b dtls13: send acks with correct record number order 2025-04-18 14:56:59 -05:00
Koji Takeda
2e02274be7 Add guard macro 2025-04-18 08:08:25 +09:00
Koji Takeda
039ff1b460 Add wc_PKCS12_parse_ex() 2025-04-18 06:39:16 +09:00
Juliusz Sosinowicz
3cba5c6dc1 fixup! dtls13: additional epoch checks 2025-04-17 18:18:01 +02:00
Juliusz Sosinowicz
3f560036d6 dtls13: additional epoch checks 2025-04-17 18:18:01 +02:00
Daniel Pouzzner
3fcd3cdb99 tests/api/test_mldsa.c: fix clang-analyzer-core.NullDereference in test_mldsa_pkcs8(). 2025-04-17 00:42:11 -05:00
Sean Parkinson
5e8d018ff7 Merge pull request #8659 from kojiws/improve_mldsa_priv_key_import 
Improve ML-DSA private key import and the test
 2025-04-16 18:21:00 +10:00
Koji Takeda
c05c827d6b Add a space after if and for 2025-04-16 16:26:52 +09:00
Koji Takeda
1646a4b274 Reflect review 2025-04-16 13:46:39 +09:00
Daniel Pouzzner
6bf93c93d4 Merge pull request #8594 from julek-wolfssl/nss 
Implement AES-CTS in wolfCrypt
 2025-04-15 18:35:52 -05:00
Juliusz Sosinowicz
e320b3c90d fixup! Implement AES-CTS in wolfCrypt 2025-04-14 17:45:34 +02:00
Koji Takeda
a3862f0e59 Improve ML-DSA private key import 2025-04-11 16:28:54 +09:00
Juliusz Sosinowicz
ab64597b62 fixup! Move extended master secret testing to test_tls_ext 2025-04-09 14:36:34 +02:00
Juliusz Sosinowicz
a240a58605 fixup! TLS EMS: Set haveEMS when we negotiate TLS 1.3 2025-04-09 14:36:34 +02:00
Juliusz Sosinowicz
89e392f1e8 fixup! Move extended master secret testing to test_tls_ext 2025-04-09 14:36:34 +02:00
Juliusz Sosinowicz
f15ff6861c TLS EMS: Set haveEMS when we negotiate TLS 1.3 2025-04-09 14:36:34 +02:00
Juliusz Sosinowicz
2c585d73c8 Move extended master secret testing to test_tls_ext 2025-04-09 14:36:34 +02:00
Juliusz Sosinowicz
75ca54889c Implement AES-CTS in wolfCrypt 2025-04-09 12:11:08 +02:00
Daniel Pouzzner
217440c885 Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h, 
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
  sources to include them at the top.

  wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
  conditionally, config.h.  settings.h and wc_port.h are unconditionally
  included at the top of types.h.

  wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.

Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
  files.

Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
  wolfssl/wolfcrypt/settings.h to allow coverage testing.

In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
  them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.

Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.

Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
  for clarity.
 2025-04-04 16:51:04 -05:00
Daniel Pouzzner
e3fe575720 tests/api/test_evp.c: fix gating in test_wolfSSL_EVP_CIPHER_type_string(). 2025-03-21 17:52:33 -05:00
Daniel Pouzzner
a57326d500 fix whitespace in tests/api/test_evp.c. 2025-03-21 16:56:48 -05:00
David Garske
294e4c79a8 Merge pull request #8578 from philljj/coverity_unchecked_ret 
Coverity unchecked return value
 2025-03-21 10:05:29 -07:00
David Garske
9258fde02f Merge pull request #8570 from wolfSSL/devin/1742405136-cipherType-to-string 
Add wolfSSL_EVP_CIPHER_type_string function and test
 2025-03-21 10:04:41 -07:00