wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:39:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,417 Commits 12 Branches 184 Tags
7eca4fb331a2771d74493feb2cb8bb8bb877f6d2
Commit Graph

3570 Commits

Author SHA1 Message Date
Sebastian Carpenter
a29d12fd3f WOLFSSL_ASN_ALLOW_0_SERIAL not handled in make check 
test_MakeCertWith0Ser needed an extra #define check for WOLFSSL_ASN_ALLOW_0_SERIAL. Previously, it was validating that a 0 serial should not work -> now it validates that a 0 serial does work.
 2025-06-04 12:21:41 -06:00
Sean Parkinson
8ea01056c3 Merge pull request #8788 from julek-wolfssl/gh/8765 
tls13: handle malformed CCS and CCS before CH
 2025-05-28 09:45:09 +10:00
David Garske
6de7bb74ed Merge pull request #8787 from julek-wolfssl/refactor-GetHandshakeHeader 
Refactor GetHandshakeHeader/GetHandShakeHeader into one
 2025-05-27 15:26:24 -07:00
Sean Parkinson
71a9e48701 Merge pull request #8801 from rlm2002/coverity 
coverity: misc changes to api.c
 2025-05-28 07:28:40 +10:00
Daniel Pouzzner
8179367412 Merge pull request #8798 from dgarske/mldsa_nosign 
Fix for ML-DSA with `WOLFSSL_DILITHIUM_NO_SIGN`
 2025-05-27 14:44:44 -05:00
Ruby Martin
2eddc32eed coverity: fix use after free, improper use of negative value, initialize src variable 2025-05-27 09:43:44 -06:00
Juliusz Sosinowicz
2ec6b92b41 tls13: handle malformed CCS and CCS before CH 
- fix incorrect alert type being sent
- error out when we receive a CCS before a CH
- error out when we receive an encrypted CCS
 2025-05-23 15:04:22 +02:00
Sean Parkinson
999641d9b1 Merge pull request #8642 from rizlik/dtls_no_span_records 
DTLS: drop records that span datagrams
 2025-05-23 14:57:24 +10:00
David Garske
607d7489bc Add no malloc support for Dilithium tests. Fixes for WOLFSSL_DILITHIUM_NO_ASN1. 2025-05-22 14:34:34 -07:00
Daniel Pouzzner
b06a921697 tests/api.c: add missing NO_SHA gates in test_wc_PKCS12_create(). 2025-05-22 14:56:31 -05:00
David Garske
d0085834cd Fix for ML-DSA with WOLFSSL_DILITHIUM_NO_SIGN. ZD 19948. 2025-05-22 12:36:46 -07:00
Sean Parkinson
85a4e34705 Merge pull request #8782 from kojiws/support_aes_cbc_pkcs12_export 
Support PBE_AES(256|128)_CBC key encryptions on wc_PKCS12_create()
 2025-05-22 08:39:11 +10:00
Ruby Martin
a170624118 coverity: init dgst variable test_sha3.c 
improper use of neg val api.c

copy-paste error in test_wolfSSL_PEM_read_bio_ECPKParameters
 2025-05-21 08:29:44 -06:00
Juliusz Sosinowicz
5e7ef142e8 Refactor GetHandshakeHeader/GetHandShakeHeader into one 2025-05-20 13:23:14 +02:00
Koji Takeda
3666851589 Support PBE_AES256_CBC and PBE_AES128_CBC key encryption on wc_PKCS12_create() 2025-05-19 22:26:46 +09:00
Marco Oliverio
cbe1fb2c62 dtls: drop DTLS messages that span across datagrams 
A new macro "WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS" restores the old
behaviour.
 2025-05-19 10:28:13 +02:00
Marco Oliverio
23b73bb298 test_memio: preserve write boundaries in reads 2025-05-19 10:25:24 +02:00
Daniel Pouzzner
91af9073b0 Merge pull request #8777 from rizlik/dtls_reject_v11 
Drop DTLS packets with bogus minor version number
 2025-05-16 14:45:25 -05:00
Daniel Pouzzner
e67536cb15 Merge pull request #8775 from rlm2002/coverity 
Coverity: address uninitialized scalar variable issues
 2025-05-16 14:44:38 -05:00
Daniel Pouzzner
56b43e5948 Merge pull request #8776 from anhu/no_server_with_opensslall 
Allow tests to build with opensslall and no server.
 2025-05-16 13:28:48 -05:00
Daniel Pouzzner
77bebff341 fixes for armasm: 
configure.ac: set DEFAULT_ENABLED_ALL_ASM=no if FIPS <v6 and not on amd64 (i.e. if ARM);

tests/api/test_sha256.c: skip test_wc_Sha256_Flags() and test_wc_Sha224_Flags() if armasm and FIPS <v7;

wolfssl/wolfcrypt/settings.h: define WOLFSSL_SP_INT_DIGIT_ALIGN for ARM (needed on BE, and no effect on LE).
 2025-05-15 21:20:10 -05:00
Ruby Martin
2940a16c10 coverity: initialize variables for api.c, test_digest.h, and test_sha3.c 2025-05-15 16:55:34 -06:00
Marco Oliverio
22f41a8dbb Drop DTLS packets with bogus minor version number 2025-05-15 19:50:36 +02:00
Anthony Hu
a613fc28d6 Allow tests to build with opensslall and no server. 2025-05-15 11:18:15 -04:00
David Garske
49d9bfa160 Merge pull request #8758 from bigbrett/exportx509pubkey-api 
Added new ASN X509 API: `wc_GetSubjectPubKeyInfoDerFromCert`
 2025-05-14 12:28:45 -07:00
Brett Nicholas
2151a1b8a1 review comments 2025-05-12 11:43:56 -06:00
Brett Nicholas
79f214f73c add new X509 API: wc_Exportx509PubKeyWithSpki 2025-05-09 14:40:20 -06:00
JacobBarthelmeh
f96e493790 help static analyzer out, CID 516263 2025-05-08 13:50:02 -06:00
JacobBarthelmeh
ea03decf60 fix for --group argument test, CID 516265 2025-05-08 13:50:02 -06:00
Daniel Pouzzner
d3ce45fbfb clean up Curve25519/Curve448 dependencies in FIPS builds: 
configure.ac:

* in FIPS setup, fix sensing of ENABLED_CURVE25519 and ENABLED_CURVE448 to prevent noasm sneaking through, and allow fips=dev to enable them via override;

* enable-all enables ECH only if !FIPS;

* enable-all-crypto enables curve25519/curve448 only if !FIPS;

* QUIC implication of ENABLED_CURVE25519 is inhibited if FIPS;

tests/quic.c: add !HAVE_CURVE25519 paths in test_quic_key_share() to allow FIPS QUIC.
 2025-05-07 14:34:35 -05:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson
112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
David Garske
25db14f50c Fix macro typo. 2025-05-06 10:42:09 -07:00
Sean Parkinson
1c0e5af3a4 Merge pull request #8720 from JacobBarthelmeh/xilinx 
add macro guards for SHA3 test cases to unit tests
 2025-05-06 10:50:01 +10:00
David Garske
219902149e Fix issue with api.c test_wolfSSL_OBJ and ./certs/test-servercert.p12 that uses DES3 and AES-CBC-256. 2025-05-05 15:55:00 -07:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
jordan
efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
JacobBarthelmeh
e233ead7f6 add macro guards for SHA3 test cases 2025-05-05 11:19:21 -06:00
Sean Parkinson
bb9f3c9f9d Merge pull request #8698 from rlm2002/msys2 
adjust MSYS CI Build
 2025-04-29 09:03:58 +10:00
Daniel Pouzzner
e6f8de7d31 Merge pull request #8699 from JacobBarthelmeh/bn 
revert BN_CTX_init stub for older applications
 2025-04-22 14:21:01 -05:00
Ruby Martin
a1cb6e5ba5 only test msys system, add buffer typecasts 2025-04-22 12:35:12 -06:00
Daniel Pouzzner
25cd009a42 Merge pull request #8695 from JacobBarthelmeh/coverity 
null derefernce sanity checks and control flow issue
 2025-04-22 11:37:51 -05:00
JacobBarthelmeh
9da9817f89 move test case to the correct location for stub macro guard 2025-04-22 10:09:01 -06:00
JacobBarthelmeh
33da20c3ec revert BN_CTX_init stub for older applications 2025-04-22 09:22:40 -06:00
Daniel Pouzzner
bbbed009b2 tests/api/test_dtls.c: fix read of uninited data in test_dtls13_ack_order(). 2025-04-19 01:57:51 -05:00
Daniel Pouzzner
9e5c064d5d Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse 
Add wc_PKCS12_parse_ex() to keep PKCS8 header
 2025-04-19 01:57:21 -05:00
Daniel Pouzzner
543ba268a4 Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix 
wolfSSL_EVP_PKEY_cmp: only compare the public keys
 2025-04-19 01:51:49 -05:00
JacobBarthelmeh
f834b9b08a add null sanity check to wolfSSL_SESSION_get_max_early_data, CID 516264 2025-04-18 16:31:33 -06:00
Juliusz Sosinowicz
43c564d48b dtls13: send acks with correct record number order 2025-04-18 14:56:59 -05:00