wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-29 02:43:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
19,655 Commits 13 Branches 184 Tags
7a0d6487b75fd9fe2a26ed228b030d19a3307e16
Commit Graph

2663 Commits

Author SHA1 Message Date
Andras Fekete 0ec0c05eda Change variable names to protect the innocent 2023-01-04 10:23:42 -05:00
Juliusz Sosinowicz 8d59f61b9b Fix test_wolfSSL_dtls_stateless_resume test case 2023-01-04 13:04:45 +01:00
David Garske 023db01aca * Fixed some build configuration variations. 
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
 2023-01-03 10:59:59 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Andras Fekete f734f5037d Add similar trick to GCM routines so our code is more uniform 2022-12-30 13:11:26 -05:00
Andras Fekete a00abb0f88 Fix compilation issue when AESCCM is not enabled 2022-12-30 13:10:24 -05:00
Jacob Barthelmeh aab12fc14b check DTLS method for test case 2022-12-29 15:49:46 -07:00
Andras Fekete 1132579dd1 Add in zero length test 2022-12-29 17:02:43 -05:00
Andras Fekete 1192d41f0e First successful implementation of EVP_aes_*_ccm 2022-12-29 17:02:43 -05:00
Eric Blankenhorn 004705b38f Fix unguarded XFPRINTF calls 2022-12-28 12:23:40 -06:00
David Garske 49d23cf60a Merge pull request #5913 from douzzer/20221219-no-sha-1-all-crypto 
20221219-no-sha-1-all-crypto
 2022-12-22 17:02:58 -08:00
John Safranek 9ce79c4de8 Merge pull request #5921 from cconlon/libsuffix 2022-12-22 11:37:28 -08:00
Chris Conlon 9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
Daniel Pouzzner 455e76873c peer review fixes re: minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 10:43:33 -06:00
Daniel Pouzzner 91869f6028 minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 00:42:05 -06:00
JacobBarthelmeh c6aaa1310e end of year certificate update 2022-12-16 13:32:37 -08:00
Sean Parkinson 4434d898a1 Merge pull request #5894 from kaleb-himes/fix-leak 
Fix a quick leak in the test apps
 2022-12-16 08:04:50 +10:00
kaleb-himes b23db16ff8 Refactor the double-free fix 2022-12-15 12:21:08 -07:00
kaleb-himes 46c47e4adc Fix a quick leak in the test apps 
Fix a double-free scenario also
 2022-12-15 09:13:45 -07:00
Stefan Eissing 78fd5d7dbc Fix wolfSSL_set_SSL_CTX() to be usable during handshake. 
This method requires some explanation. Its sibling is
  int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
which re-inits the WOLFSSL* with all settings in the new CTX.
That one is the right one to use *before* a handshake is started.

This method was added by OpenSSL to be used *during* the handshake, e.g.
when a server inspects the SNI in a ClientHello callback and
decides which set of certificates to use.

Since, at the time the SNI callback is run, some decisions on
Extensions or the ServerHello might already have been taken, this
method is very restricted in what it does:
 - changing the server certificate(s)
 - changing the server id for session handling
and everything else in WOLFSSL* needs to remain untouched.
 2022-12-15 09:33:01 +01:00
Anthony Hu c5ca20fe43 New files so add them to include.am 2022-12-14 13:28:20 -05:00
Anthony Hu ad6d6be620 Kyber with DTLS 1.3 tests 2022-12-14 12:46:24 -05:00
David Garske d0c9ec6681 Merge pull request #5854 from JacobBarthelmeh/Certs 
fix other name san parsing and add RID cert to test parsing
 2022-12-12 14:44:07 -08:00
David Garske a1e883b43d Merge pull request #5875 from JacobBarthelmeh/Compatibility-Layer 
fix for handling DEFAULT:... cipher suite list
 2022-12-12 14:43:50 -08:00
David Garske f87859a00e Whitespace cleanups. Use const for test_tls_ext_duplicate. 2022-12-12 08:59:53 -08:00
Sean Parkinson b4b1739783 API test: Report time taken to perform test 
API test now displays timing taken to perform a test case to help
identify ones that are doing too much work.
 2022-12-12 12:24:38 +10:00
David Garske 50c5d61998 Merge pull request #5872 from SparkiDev/tls_ext_no_dup 
TLS: detect duplicate known extensions
 2022-12-11 16:53:38 -08:00
Sean Parkinson 9ab8867b42 TLS: detect duplicate known extensions 
TLS specification requires that there not be more than one extension of
the same type in a given extension block. E.g. ClientHello
 2022-12-12 08:35:04 +10:00
JacobBarthelmeh f974bd4ad6 move test function call into macro guard 2022-12-10 15:45:14 -08:00
JacobBarthelmeh 8b296877ab fix for handling DEFAULT:... cipher suite list 2022-12-10 14:53:43 -08:00
David Garske 52c6710783 Fix test_wc_ecc_import_raw to handle ECC_INF_E or MP_VAL on point failures. SP math returns MP_VAL in sp_256_ecc_is_point_4. 2022-12-09 10:32:46 -08:00
Anthony Hu cdaa4d8aa0 Add proper gating on !NO_WOLFSSL_SERVER 
Found with the following configuration:

--enable-dtls --enable-dtls13 --enable-dtls-mtu CFLAGS="-DNO_WOLFSSL_SERVER"
 2022-12-08 14:20:17 -05:00
Anthony Hu 937d247c7d Don't create a key if we don't support the curve. 
Found with the following configuration:

./configure --enable-tls13 --disable-oldtls --enable-static --enable-singlethreaded --enable-dtls --enable-dtls13 --enable-dtls-mtu --enable-sp=yes,4096 --disable-shared --disable-sha3 --disable-dh --enable-curve25519 --enable-secure-renegotiation --enable-debug --enable-opensslextra 'CFLAGS=-DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -DFP_MAX_BITS=8192 -fomit-frame-pointer'
 2022-12-08 12:13:12 -05:00
JacobBarthelmeh eb69ccb22c Merge pull request #5856 from icing/errq-improvements 
Improvements in OpenSSL Compat ERR Queue handling.
 2022-12-08 09:28:05 -07:00
Jacob Barthelmeh 94212e68e5 map SSL_CTX_get_session_cache_mode compat API 2022-12-07 11:35:48 -07:00
Stefan Eissing 45f9ef5dd9 Improvements in OpenSSL Compat ERR Queue handling. 
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
  be used as before to explicitly en-/disable the feature.

Implementation:
- with thread-local-storage, error queue is realized in one struct without
  allocations. Queue size is restricted to 16 entries (per thread), which
  is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
  functions to allow locked queue iterations/manipulations.
 2022-12-07 18:14:45 +01:00
Sean Parkinson e5d03cf5ad Merge pull request #5848 from philljj/fix_mingw64_build 
Fix mingw-w64 build issues on windows.
 2022-12-07 08:57:07 +10:00
Anthony Hu 7935a11b3e Fixups for problems discovered while testing for DTLS 1.3 2022-12-06 11:30:23 -05:00
David Garske a6c98a11d9 Merge pull request #5845 from anhu/re-sign 
Don't regenerate in wolfSSL_PEM_write_bio_X509().
 2022-12-06 06:35:13 -08:00
JacobBarthelmeh f1daa2d356 fix other name san parsing and add RID cert to test parsing 2022-12-05 15:51:33 -08:00
David Garske 9d9549fbd3 Merge pull request #5836 from anhu/kyber_cleanup 
Remove kyber-90s and route all kyber through wolfcrypt.
 2022-12-05 13:18:44 -08:00
Anthony Hu 312b488582 Remove double free 2022-12-05 15:39:14 -05:00
Anthony Hu 65a5ea7cae Make sure certs are identical in tests. 2022-12-05 13:57:53 -05:00
jordan 87113cc88d Fix mingw-w64 build issues on windows. 2022-12-03 17:00:44 -06:00
Anthony Hu f58f3bd986 Don't regenerate in test_wolfSSL_PEM_write_bio_X509(). We don't have the private key. 2022-12-02 16:41:24 -05:00
Marco Oliverio abbba4815e tests: add tests for stateless dtls v1.2 cookie 2022-12-01 16:47:37 +00:00
Anthony Hu a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
David Garske b2f9838af4 Fix DSA public decode to allow extra buffer (in case private key is passed in). Fixes for clang-tidy "value stored never read". Allow showing line number and conditional with DEBUG_WOLFSSL_VERBOSE on TEST_RES_CHECK. 2022-11-29 14:58:52 -08:00
David Garske 7310eb102f Whitespace and line length cleanups. 2022-11-29 09:52:11 -08:00
Sean Parkinson e4e53ab7ca Unit test: rework to be able to run API tests individually 
Change API test cases to return a result.
Test success is now TEST_SUCCESS (1).
Test result can be returned with use of macro TEST_RES_CHECK().
Always print the id, name of the test and the result (skipped or
otherwise) before and after running the test case.

Changed test case output to go to stderr.
Fixed some formatting.

Add option to take index and/or name of test case to run.
Added option to list all API tests.
Added option to only run API tests.
Added options to show usage.
 2022-11-29 12:37:20 +10:00