Commit Graph

3214 Commits

Author SHA1 Message Date
Daniel Pouzzner e6dac68ce3 Merge pull request #7966 from cconlon/x509CheckHostLeftWildcardOnly
Add left-most wildcard matching support to X509_check_host()
2024-10-08 15:17:27 -05:00
Chris Conlon f878220b81 add WOLFSSL_LEFT_MOST_WILDCARD_ONLY support to X509_check_host() 2024-10-08 10:38:14 -06:00
Aidan Garske e10c943bf3 wolfCrypt CSharp Wrapper:
* Adds RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and Hashing to the CSharp wrapper.
* Adds GitHub action for building the CSharp wrapper solution and running wolfCrypt test and a TLS server/client example.
* Adds "new" API's for wolfCrypt for platforms that cannot tolerate the structs directly.
* Fixes for several scan-build warnings.
2024-10-05 11:44:58 -07:00
Daniel Pouzzner e814d1baea Merge pull request #8016 from SparkiDev/dilithium_draft_final_fix
Dilithium: Final and draft available in one build
2024-10-02 14:02:00 -05:00
Reda Chouk 10f0885d88 Merge branch 'master' into fix-conversion 2024-10-02 17:14:06 +02:00
Sean Parkinson 50bbdbbe42 Dilithium: Final and draft available in one build
Make draft version of ML-DSA compiled in with final.
Use WC_ML_DSA_44_DRAFT, WC_ML_DSA_65_DRAFT and WC_ML_DSA_87_DRAFT for
the level to get the draft implementation.
2024-10-02 22:23:25 +10:00
Sean Parkinson ac788ec40d Merge pull request #7995 from julek-wolfssl/dtls12-cid
Implement DTLS 1.2 Connection ID (CID)
2024-10-02 09:00:59 +10:00
Reda Chouk 666e658398 trailing spaces and overlong lines fixes 2024-10-01 16:28:31 +02:00
Reda Chouk 3193ecb2c3 fixed Wconversion in the api.c file 2024-10-01 15:07:59 +02:00
JacobBarthelmeh bea285c8ef initialize values for -Og test 2024-09-25 14:57:09 -06:00
Marco Oliverio 76f71a31f1 dtls13: support either side DTLSv1_3 method 2024-09-24 16:56:02 +00:00
Marco Oliverio 9dccd66a3a address review: better guarding in test 2024-09-24 12:54:15 +00:00
JacobBarthelmeh 8017c816bb check on RNG init return with test, and make input const 2024-09-20 08:34:28 -07:00
JacobBarthelmeh ca3b1a1412 add test case 2024-09-20 08:34:28 -07:00
Juliusz Sosinowicz 99a99e3d6e Implement DTLS 1.2 Connection ID (CID) 2024-09-20 15:31:01 +02:00
András Fekete bbbc40dacc Merge pull request #7996 from julek-wolfssl/move-mymemmem
memmem is only being used in testing so move it there

Failing test is disabled in: https://github.com/wolfSSL/wolfssl/pull/7991/commits/5be198fa0e7aa035cbba1b2cc58162bd359a1208
2024-09-20 09:08:44 -04:00
Juliusz Sosinowicz d7303664b5 memmem is only being used in testing so move it there 2024-09-19 15:54:20 +02:00
Daniel Pouzzner 263cb5bf78 tests/api.c:test_Sha512_Family_Final(): fix unreachable null pointer deref reported by clang-tidy in FIPS/Async configs. 2024-09-18 17:42:05 -05:00
Daniel Pouzzner 072c5311a5 m4/ax_atomic.m4: fixes for C++ compatibility.
wolfssl/wolfcrypt/wc_port.h: add WOLFSSL_API attribute to wolfSSL_Atomic_Int_Init, wolfSSL_Atomic_Int_FetchAdd, and wolfSSL_Atomic_Int_FetchAdd, and add fallback definitions for them, allowing elimination of SINGLE_THREADED implementations of wolfSSL_Ref*(), and allowing ungated use of wolfSSL_Atomic_* calls in api.c.

wolfcrypt/src/dh.c: in wc_DhAgree_ct(), remove frivolous XMEMSET() and stray semicolon.

wolfcrypt/benchmark/benchmark.c: fix bench_rsaKeyGen() to skip tests of key sizes below RSA_MIN_SIZE, and add 4096 bit benchmark if RSA_MAX_SIZE is big enough.

tests/unit.h:
* adopt definitions of TEST_FAIL, TEST_SUCCESS, and TEST_SKIPPED from unit.c, remap TEST_SKIPPED from -7777 to 3, and add TEST_SUCCESS_NO_MSGS, TEST_SKIPPED_NO_MSGS, EXPECT_DECLS_NO_MSGS(), and EXPECT_FAILURE_CODEPOINT_ID, to support existing and future expected-particular-failure test cases without log noise.
* rename outer gate from CyaSSL_UNIT_H to TESTS_UNIT_H.

tests/api.c:
* use EXPECT_DECLS_NO_MSGS() in test_ssl_memio_setup(), test_ssl_memio_read_write(), and test_wolfSSL_client_server_nofail_memio(), and globally update affected expected error codes to correspond.
* use atomics for {client,server}SessRemCount{Malloc,free} to fix races in SessRemCtxCb() and SessRemSslSetupCb().
2024-09-18 16:25:26 -05:00
JacobBarthelmeh 87dc45b938 Merge pull request #7986 from julek-wolfssl/crl-cb
Add crl error override callback
2024-09-18 10:43:37 -06:00
Reda Chouk 949565f156 Merge branch 'wolfSSL:master' into fix-conversion 2024-09-18 17:16:48 +02:00
Reda Chouk be88ddda15 more Wconversion fixes: api/test* block 2024-09-18 16:53:39 +02:00
Juliusz Sosinowicz ae6c872797 Add crl error override callback 2024-09-18 11:58:53 +02:00
Juliusz Sosinowicz 1e75a2367c Address code review 2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz ee2b77c0bd Move manual memio to api.c 2024-09-18 10:35:29 +02:00
Juliusz Sosinowicz 8ce6f17144 Add dtls 1.3 cid api test 2024-09-18 10:35:29 +02:00
András Fekete 9666394b73 Merge pull request #7977 from billphipps/have_rsa_fix
Update to remove HAVE_RSA references.  Correct NO_MALLOC RSA test bug.
2024-09-16 16:26:26 -04:00
Bill Phipps b4a491de12 Add missing guard to api.c 2024-09-16 14:03:31 -04:00
Bill Phipps 92f3a808b0 Update to remove HAVE_RSA references. Correct NO_MALLOC RSA test bug. 2024-09-16 13:29:38 -04:00
Sean Parkinson e6b466dd71 Merge pull request #7923 from embhorn/rsa2048_min
Set RSA_MIN_SIZE default to 2048 bits
2024-09-16 21:38:19 +10:00
Eric Blankenhorn 91e411b4b9 Set RSA_MIN_SIZE default to 2048 bits 2024-09-13 16:02:05 -05:00
jordan 7faed6cded X509 attribute cert (acert) support. 2024-09-13 08:03:55 -05:00
Daniel Pouzzner b736d78950 Merge pull request #7948 from anhu/MATCH_SUITE
Convert MATCH_SUITE_ERROR to OpenSSL error in wolfSSL_get_error()
2024-09-12 17:50:35 -05:00
Daniel Pouzzner 49a680540c add constant time DH key agreement APIs:
* adds wc_DhAgree_ct().
* adds wolfSSL_DH_compute_key_padded(), using wc_DhAgree_ct() if available, with fallback fixup code.
* adds unit test coverage in api.c:test_wolfSSL_DH() for expected-success calls to wolfSSL_DH_compute_key() and wolfSSL_DH_compute_key_padded().
2024-09-09 16:24:07 -05:00
Reda Chouk 884b51151b Merge branch 'fix-conversion' of github.com:gasbytes/wolfssl into fix-conversion 2024-09-09 16:06:16 +02:00
Reda Chouk 65db4b15d6 api type conversion errors, first half of tls* files 2024-09-09 16:05:15 +02:00
Anthony Hu 9e204dc023 Convert MATCH_SUITE_ERROR to OpenSSL error in wolfSSL_get_error() 2024-09-06 16:29:30 -04:00
Sean Parkinson 96e2c51f07 Merge pull request #7907 from ColtonWilley/rsa_pad_crypto_cb
Add new crypto callback for RSA with padding.
2024-09-06 08:48:36 +10:00
Daniel Pouzzner dcaff9dff4 Merge pull request #7944 from JacobBarthelmeh/pkcs12
add parsing over optional PKCS8 attributes
2024-09-05 16:55:44 -05:00
Daniel Pouzzner a3fea482db Merge pull request #7914 from julek-wolfssl/gh/7825
Fix failing test_dtls_frag_ch
2024-09-04 19:35:06 -05:00
JacobBarthelmeh 9a8573afc9 touch up pkcs8 create function and test case warning 2024-09-04 15:48:44 -06:00
JacobBarthelmeh 2a1165460e add parsing over optional PKCS8 attributes 2024-09-04 15:15:53 -06:00
David Garske 1c8767b4d3 Merge pull request #7942 from douzzer/20240904-fix-test_wolfSSL_EVP_sm3
20240904-fix-test_wolfSSL_EVP_sm3
2024-09-04 12:40:51 -07:00
Daniel Pouzzner a31733db85 Merge pull request #7909 from SparkiDev/dilithium_fips204_draft
Dilithium: Support FIPS 204 Draft
2024-09-04 14:34:59 -05:00
Daniel Pouzzner 7e16016311 tests/api.c: fix expected retval from EVP_DigestInit() in test_wolfSSL_EVP_sm3() -- before 2c9a3c5c1c, EVP_DigestInit() incorrectly returned BAD_FUNC_ARG when passed a null ctx. 2024-09-04 14:04:29 -05:00
David Garske 7c7de235d8 Merge pull request #7937 from douzzer/20240903-missing-WC_NO_ERR_TRACEs
20240903-missing-WC_NO_ERR_TRACEs
2024-09-04 08:07:19 -07:00
Daniel Pouzzner 806df85477 backfill more missing WC_NO_ERR_TRACE()s on error code operands, and refactor away the obsolete GEN_MEM_ERR macro mechanism in wolfcrypt/src/ecc.c. 2024-09-03 17:44:11 -05:00
Juliusz Sosinowicz 2c9a3c5c1c Missing libspdm features
- RsaFunctionPrivate: detect when only n,e,d are available
- wolfSSL_EVP_add_digest: return success
- wolfSSL_EVP_add_cipher: return success
- wolfSSL_BN_bin2bn: accept NULL data if len is 0 (checked in mp_read_unsigned_bin)
- wolfssl_read_bio: advance correct bio
- wolfSSL_X509_set_ext: return raw extension data for BASIC_CA_OID
- Implement
  - sk_X509_EXTENSION_free
  - d2i_EC_PUBKEY_bio
  - d2i_RSA_PUBKEY_bio
  - d2i_X509_REQ_INFO
  - X509_REQ_INFO_free
  - ASN1_TIME_set_string_X509
2024-09-02 10:01:12 +02:00
Colton Willey 2bcfff3497 Expand testing to include SW implementation of RSA with padding callback, code cleanup to address review comments. 2024-08-30 13:41:51 -07:00
Juliusz Sosinowicz b67fd6f29c Fix failing test_dtls_frag_ch
- Add option to disable ECH
- InitSuites: clean up DTLS paths
- wolfSSL_parse_cipher_list: remove WOLFSSL_MAX_SUITE_SZ setting
- wolfSSL_parse_cipher_list: add rationale for keeping ciphersuites
- test_dtls_frag_ch: ECH and ciphersuites were pushing the ClientHello message over the fragmentation limit. Disabling ECH and limiting ciphersuites fixes the test.
2024-08-30 09:56:52 +02:00