Commit Graph

3553 Commits

Author SHA1 Message Date
Daniel Pouzzner 91af9073b0 Merge pull request #8777 from rizlik/dtls_reject_v11
Drop DTLS packets with bogus minor version number
2025-05-16 14:45:25 -05:00
Daniel Pouzzner e67536cb15 Merge pull request #8775 from rlm2002/coverity
Coverity: address uninitialized scalar variable issues
2025-05-16 14:44:38 -05:00
Daniel Pouzzner 56b43e5948 Merge pull request #8776 from anhu/no_server_with_opensslall
Allow tests to build with opensslall and no server.
2025-05-16 13:28:48 -05:00
Daniel Pouzzner 77bebff341 fixes for armasm:
configure.ac: set DEFAULT_ENABLED_ALL_ASM=no if FIPS <v6 and not on amd64 (i.e. if ARM);

tests/api/test_sha256.c: skip test_wc_Sha256_Flags() and test_wc_Sha224_Flags() if armasm and FIPS <v7;

wolfssl/wolfcrypt/settings.h: define WOLFSSL_SP_INT_DIGIT_ALIGN for ARM (needed on BE, and no effect on LE).
2025-05-15 21:20:10 -05:00
Ruby Martin 2940a16c10 coverity: initialize variables for api.c, test_digest.h, and test_sha3.c 2025-05-15 16:55:34 -06:00
Marco Oliverio 22f41a8dbb Drop DTLS packets with bogus minor version number 2025-05-15 19:50:36 +02:00
Anthony Hu a613fc28d6 Allow tests to build with opensslall and no server. 2025-05-15 11:18:15 -04:00
David Garske 49d9bfa160 Merge pull request #8758 from bigbrett/exportx509pubkey-api
Added new ASN X509 API: `wc_GetSubjectPubKeyInfoDerFromCert`
2025-05-14 12:28:45 -07:00
Brett Nicholas 2151a1b8a1 review comments 2025-05-12 11:43:56 -06:00
Brett Nicholas 79f214f73c add new X509 API: wc_Exportx509PubKeyWithSpki 2025-05-09 14:40:20 -06:00
JacobBarthelmeh f96e493790 help static analyzer out, CID 516263 2025-05-08 13:50:02 -06:00
JacobBarthelmeh ea03decf60 fix for --group argument test, CID 516265 2025-05-08 13:50:02 -06:00
Daniel Pouzzner d3ce45fbfb clean up Curve25519/Curve448 dependencies in FIPS builds:
configure.ac:

* in FIPS setup, fix sensing of ENABLED_CURVE25519 and ENABLED_CURVE448 to prevent noasm sneaking through, and allow fips=dev to enable them via override;

* enable-all enables ECH only if !FIPS;

* enable-all-crypto enables curve25519/curve448 only if !FIPS;

* QUIC implication of ENABLED_CURVE25519 is inhibited if FIPS;

tests/quic.c: add !HAVE_CURVE25519 paths in test_quic_key_share() to allow FIPS QUIC.
2025-05-07 14:34:35 -05:00
David Garske 1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update
ASN.1 OIDs and sum: Change algorithm for sum
2025-05-07 11:43:54 -07:00
Sean Parkinson 5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
2025-05-07 20:56:18 +10:00
Sean Parkinson 112351667a ASN.1 OIDs and sum: Change algorithm for sum
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
2025-05-07 08:32:08 +10:00
David Garske 25db14f50c Fix macro typo. 2025-05-06 10:42:09 -07:00
Sean Parkinson 1c0e5af3a4 Merge pull request #8720 from JacobBarthelmeh/xilinx
add macro guards for SHA3 test cases to unit tests
2025-05-06 10:50:01 +10:00
David Garske 219902149e Fix issue with api.c test_wolfSSL_OBJ and ./certs/test-servercert.p12 that uses DES3 and AES-CBC-256. 2025-05-05 15:55:00 -07:00
David Garske 0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
jordan efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
JacobBarthelmeh e233ead7f6 add macro guards for SHA3 test cases 2025-05-05 11:19:21 -06:00
Sean Parkinson bb9f3c9f9d Merge pull request #8698 from rlm2002/msys2
adjust MSYS CI Build
2025-04-29 09:03:58 +10:00
Daniel Pouzzner e6f8de7d31 Merge pull request #8699 from JacobBarthelmeh/bn
revert BN_CTX_init stub for older applications
2025-04-22 14:21:01 -05:00
Ruby Martin a1cb6e5ba5 only test msys system, add buffer typecasts 2025-04-22 12:35:12 -06:00
Daniel Pouzzner 25cd009a42 Merge pull request #8695 from JacobBarthelmeh/coverity
null derefernce sanity checks and control flow issue
2025-04-22 11:37:51 -05:00
JacobBarthelmeh 9da9817f89 move test case to the correct location for stub macro guard 2025-04-22 10:09:01 -06:00
JacobBarthelmeh 33da20c3ec revert BN_CTX_init stub for older applications 2025-04-22 09:22:40 -06:00
Daniel Pouzzner bbbed009b2 tests/api/test_dtls.c: fix read of uninited data in test_dtls13_ack_order(). 2025-04-19 01:57:51 -05:00
Daniel Pouzzner 9e5c064d5d Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse
Add wc_PKCS12_parse_ex() to keep PKCS8 header
2025-04-19 01:57:21 -05:00
Daniel Pouzzner 543ba268a4 Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix
wolfSSL_EVP_PKEY_cmp: only compare the public keys
2025-04-19 01:51:49 -05:00
JacobBarthelmeh f834b9b08a add null sanity check to wolfSSL_SESSION_get_max_early_data, CID 516264 2025-04-18 16:31:33 -06:00
Juliusz Sosinowicz 43c564d48b dtls13: send acks with correct record number order 2025-04-18 14:56:59 -05:00
Koji Takeda 2e02274be7 Add guard macro 2025-04-18 08:08:25 +09:00
Koji Takeda 039ff1b460 Add wc_PKCS12_parse_ex() 2025-04-18 06:39:16 +09:00
Juliusz Sosinowicz 3cba5c6dc1 fixup! dtls13: additional epoch checks 2025-04-17 18:18:01 +02:00
Juliusz Sosinowicz 3f560036d6 dtls13: additional epoch checks 2025-04-17 18:18:01 +02:00
Daniel Pouzzner 3fcd3cdb99 tests/api/test_mldsa.c: fix clang-analyzer-core.NullDereference in test_mldsa_pkcs8(). 2025-04-17 00:42:11 -05:00
David Garske 404fafd598 Merge pull request #8677 from SparkiDev/regression_fixes_17
Regression test fixes
2025-04-16 20:20:28 -07:00
Juliusz Sosinowicz 257fd17ea4 fixup! wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:21:55 +02:00
Juliusz Sosinowicz 290dbaa18e wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:14:09 +02:00
Sean Parkinson 3ac05dea09 Regression test fixes
dtls13.c: LowResTimer() not available when NO_ASN_TIME is defined.
api.c: Add certificate and key to use for when only Ed25519 or Ed448.
asn.c: Casts needed for g++ compile.
mem_track.c: Casts needed for g++ compile.
2025-04-16 21:46:48 +10:00
Sean Parkinson 5e8d018ff7 Merge pull request #8659 from kojiws/improve_mldsa_priv_key_import
Improve ML-DSA private key import and the test
2025-04-16 18:21:00 +10:00
Koji Takeda c05c827d6b Add a space after if and for 2025-04-16 16:26:52 +09:00
Koji Takeda 1646a4b274 Reflect review 2025-04-16 13:46:39 +09:00
Daniel Pouzzner 6bf93c93d4 Merge pull request #8594 from julek-wolfssl/nss
Implement AES-CTS in wolfCrypt
2025-04-15 18:35:52 -05:00
Juliusz Sosinowicz e320b3c90d fixup! Implement AES-CTS in wolfCrypt 2025-04-14 17:45:34 +02:00
Koji Takeda 1252d69a9a Remove trailing spaces 2025-04-12 17:09:36 +09:00
Daniel Pouzzner 29dcf42309 src/internal.c, tests/api.c: add missing casts for C++ compatibility (fixes "invalid conversion" errors). 2025-04-11 09:33:20 -05:00
Daniel Pouzzner cfd93b1bd4 tests/api.c: fix error path uninited-data defects in test_wc_PKCS7_EncodeSignedData() (followup to bf95f80c6d, detected by valgrind). 2025-04-11 09:20:14 -05:00