wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 13:32:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,305 Commits 12 Branches 184 Tags
83f7204f999008eb3cdc51e1cf46dc8fdfee95bd
Commit Graph

3879 Commits

Author SHA1 Message Date
Fabian Keil
21f35137a1 tests: Unbreak the build on FreeBSD-based systems 
... by using the same additional includes as on Linux.

Fixes:

      CC       tests/api/unit_test-test_rsa.o
    tests/api.c:19554:9: error: call to undeclared function 'waitpid'; ISO C99 and later do not support implicit function declarations [-Werror,-Wimplicit-function-declaration]
     19554 |         waitpid(pid, &waitstatus, 0);
	   |         ^

Tested on ElectroBSD amd64 14.3-STABLE.
 2025-12-31 14:48:06 +01:00
Anthony Hu
48ebe99372 Validate asn date based on position of Z (#8603) 2025-12-29 16:01:22 -06:00
David Garske
2354ea196b Merge pull request #9513 from rizlik/dtls_header_fix 
fix DTLS header headroom accounting
 2025-12-23 17:20:12 -08:00
David Garske
0fae0a7ba6 Merge pull request #9397 from rizlik/earlydata_want_write_fixes 
wolfssl: preserve early-data handling across WANT_WRITE retries
 2025-12-23 17:19:39 -08:00
David Garske
57ef8a7caf Merge pull request #9574 from anhu/dtls_guard 
Guard a bit of DTLS code.
 2025-12-23 15:03:46 -08:00
David Garske
18176392fa Merge pull request #9576 from douzzer/20251222-linuxkm-PK-initrng-optimize 
20251222-linuxkm-PK-initrng-optimize
 2025-12-23 15:02:53 -08:00
Anthony Hu
40327b7fe3 Binary consts to hexidecimal. C2X feature. 2025-12-23 14:45:36 -05:00
Daniel Pouzzner
da4fc4921e tests/api/test_ed25519.c: in test_wc_Ed25519PublicKeyToDer(), on old FIPS, tolerate old error code from wc_Ed25519PublicKeyToDer(). 2025-12-23 12:25:10 -06:00
Sean Parkinson
b766f11e7b TLS 1.3, plaintext alert: ignore when expecting encrypted 
In TLS 1.3, ignore valid unencrypted alerts that appear after encryption
has started.
Only ignore WOLFSSL_ALERT_COUNT_MAX-1 alerts.
 2025-12-23 09:09:06 +10:00
night1rider
afbc65a6c3 Aes Free callback support 2025-12-22 12:39:41 -07:00
Marco Oliverio
540fae80ab test_dtls: test payload split when WOLFSSL_NO_DTLS_SIZE_CHECK 2025-12-22 13:41:33 +01:00
Sean Parkinson
7a326ef43f Merge pull request #9553 from julek-wolfssl/ed25519-export-key-check 
ed25519: validate presence of keys in export functions
 2025-12-22 19:31:14 +10:00
Marco Oliverio
38d8eb6f0d address reviewer's comments 2025-12-22 09:51:06 +01:00
Marco Oliverio
950c074c25 test: fix typo in structure field 2025-12-22 09:51:06 +01:00
Marco Oliverio
8de68decd2 test: tls13_early_data: test WANT_WRITE in early data 2025-12-22 09:51:06 +01:00
Marco Oliverio
609e30a69c test: tls13_early_data: refactor splitEarlyData test option 2025-12-22 09:51:06 +01:00
JacobBarthelmeh
d5723d0d89 Merge pull request #9544 from julek-wolfssl/gh/9362 
Check KeyShare after HRR
 2025-12-19 14:36:31 -07:00
Juliusz Sosinowicz
dd35f10b57 ed25519: validate presence of keys in export functions 2025-12-19 10:14:26 +01:00
Chris Conlon
5eef52c6fa Add test for PKCS#7 SignedData with non-OCTET_STRING content 2025-12-18 15:02:02 -07:00
Marco Oliverio
988ba340ba address reviewer's comments 2025-12-18 10:28:54 +01:00
Daniel Pouzzner
33fc601011 tweaks from PRBs results: 
tests/api.c:
* remove inapt SSL_library_init() in test_wolfSSL_EVP_Cipher_extra();
* move TEST_X509_DECLS to follow TEST_DECL(test_wolfSSL_Init);

tests/api/test_random.c: enlarge seed buffer in test_wc_RNG_TestSeed() to accommodate amdrand block size;

tests/quic.c: wrap exercises in wolfSSL_Init()...wolfSSL_Cleanup();

tests/unit.c: in unit_test(), add several more fflush(stdout)s, report error from wolfSSL_Cleanup(), and fix line length;

wolfcrypt/test/test.c: omit reseed test in _rng_test() if HAVE_INTEL_RDRAND or old FIPS, and use simplified random_test() if HAVE_INTEL_RDRAND;

wolfssl/wolfcrypt/mem_track.h: add memList pointer in struct memoryStats, and set it in InitMemoryTracker();

wolfssl/wolfcrypt/settings.h: undefine WOLFSSL_SMALL_STACK_CACHE if WOLFSSL_SMALL_STACK is undefined;

.github/workflows/trackmemory.yml: add --enable-intelrdseed scenario.
 2025-12-17 11:01:11 -06:00
Daniel Pouzzner
525266c467 wolfssl/wolfcrypt/mem_track.h and wolfcrypt/src/memory.c: add WOLFSSL_API extern memoryStats *wc_MemStats_Ptr, set by InitMemoryTracker() and cleared by CleanupMemoryTracker(), allowing public access to the memory statistics. 
tests/unit.c: at end of unit_test(), when WOLFSSL_TRACK_MEMORY, explicitly wolfSSL_Cleanup() then check and error if wc_MemStats_Ptr->currentBytes > 0.
 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
918b6973bd tests/api.c: in test_wolfSSL_dtls_stateless_HashWOLFSSL(), when WOLFSSL_SMALL_STACK_CACHE, omit ssl->hsHashes from the comparison (init-time heap pointers destabilize its bit signature). 2025-12-17 11:01:10 -06:00
Juliusz Sosinowicz
f61bfd7805 Check KeyShare after HRR 2025-12-17 10:27:04 +01:00
JacobBarthelmeh
9156b50bbc Merge pull request #9538 from SparkiDev/tls13_dup_ext_alert_code_fix 
TLS 1.3: duplicate extension alert code fix
 2025-12-16 14:43:19 -07:00
Marco Oliverio
0fa0fd2317 (d)tls: refactor wolfSSL_GetMaxFragSize(), simplify length computations 2025-12-16 10:46:29 +01:00
Marco Oliverio
e9f3bd5ddd dtls: test precise header headroom computation 2025-12-16 10:00:30 +01:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Sean Parkinson
d3863e5fa3 TLS 1.3: duplicate extension alert code fix 
The specification states to return illegal_parameter when a message is
syntactically correct but semantically invalid. (RFC 8446 section 6,
Paragraph 5)
 2025-12-15 10:00:56 -08:00
Daniel Pouzzner
52ee00132d Merge pull request #9528 from SparkiDev/tls13_missing_ext_fix 
TLS 1.3 missing extension: return correct alert code
 2025-12-15 11:05:02 -06:00
Sean Parkinson
44be44a509 TLS 1.3 missing extension: return correct alert code 
Change TLS 1.3 handling to return missing_extension alert code when
 - KeyShare is present but SupportedGroups is missing and
 - SupportedGroups is present but KeyShare is missing

Added tests for this.
 2025-12-15 09:07:13 +10:00
Ruby Martin
27b5ac9f84 sanitize loop bound in tls_multi_handshakes_one_record() unit test 
add additional check for breaking while loop
 2025-12-12 14:18:25 -07:00
JacobBarthelmeh
01442a1460 adjust macro guard around test case 2025-12-12 13:36:14 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Daniel Pouzzner
38d5dc6c7a Merge pull request #9510 from embhorn/gh7981 
Fix test when ECH and harden are enabled
 2025-12-11 13:07:29 -06:00
Daniel Pouzzner
3e8c6811c7 Merge pull request #9518 from SparkiDev/api_c_split_3 
api.c: Split out more functions
 2025-12-11 13:06:58 -06:00
Daniel Pouzzner
ef8bf55528 Merge pull request #9495 from SparkiDev/aarch64_no_hw_crypto_asm_aes 
Aarch64 no harware crypto assembly AES
 2025-12-11 12:46:07 -06:00
Daniel Pouzzner
f07e379d6d Merge pull request #9456 from anhu/test_inits 
Initialize test variables; avoid false warnings.
 2025-12-11 12:40:44 -06:00
Sean Parkinson
b4b617de49 api.c: Split out more functions 
More X509 function testing.
X509 store function testing.
X509 lookup function testing.
 2025-12-11 19:00:19 +10:00
Sean Parkinson
0b2fb66af6 api.c: Split out more functions 
wolfSSL_PEM, wolfSSL_X509, wolfSSL_X509_NAME, wolfSSL_X509_PUBKEY API
testing moved out to separate files.
 2025-12-11 15:32:09 +10:00
Eric Blankenhorn
8053e8f9b3 Fix test when ECH and harden are enabled 2025-12-10 08:14:59 -06:00
Sean Parkinson
80b7ea638e Aarch64 no harware crypto assembly AES 
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
 2025-12-10 08:55:58 +10:00
Juliusz Sosinowicz
24b35badb4 Fix uninit variables 2025-12-09 17:07:40 +01:00
Daniel Pouzzner
12d07c4d43 tests/api/test_rsa.c: in test_wc_RsaPublicEncryptDecrypt(), add FIPS gate around new test coverage from #9454 (23c5678797). 2025-12-06 10:20:45 -06:00
David Garske
f01c4f10fa Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix 
RSA decrypt: don't write past buffer end on error
 2025-12-04 10:06:37 -08:00
Juliusz Sosinowicz
7b82224462 tests: add unit coverage for GetCAByAKID 2025-12-03 10:47:40 +01:00
JacobBarthelmeh
a83fb4fc42 revert 6bda10a forcing small stack with async 2025-11-25 00:43:04 -07:00
Anthony Hu
cf8b729bae Initialize test variables; avoid false warnings. 2025-11-21 11:59:07 -05:00
Sean Parkinson
23c5678797 RSA decrypt: don't write past buffer end on error 
When the decrypted data is bigger than the buffer, the one extra bytes
was being written to.
 2025-11-21 12:12:14 +10:00
JacobBarthelmeh
a68da8d2d5 update pksc7 decode test for new ca-cert.pem size 2025-11-14 14:53:48 -07:00