wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 04:42:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,753 Commits 12 Branches 184 Tags
c5ca20fe439bf7bf7efc4e6293b1fa8dc10c33dd
Commit Graph

2543 Commits

Author SHA1 Message Date
Anthony Hu
c5ca20fe43 New files so add them to include.am 2022-12-14 13:28:20 -05:00
Anthony Hu
ad6d6be620 Kyber with DTLS 1.3 tests 2022-12-14 12:46:24 -05:00
David Garske
d0c9ec6681 Merge pull request #5854 from JacobBarthelmeh/Certs 
fix other name san parsing and add RID cert to test parsing
 2022-12-12 14:44:07 -08:00
David Garske
a1e883b43d Merge pull request #5875 from JacobBarthelmeh/Compatibility-Layer 
fix for handling DEFAULT:... cipher suite list
 2022-12-12 14:43:50 -08:00
David Garske
f87859a00e Whitespace cleanups. Use const for test_tls_ext_duplicate. 2022-12-12 08:59:53 -08:00
Sean Parkinson
b4b1739783 API test: Report time taken to perform test 
API test now displays timing taken to perform a test case to help
identify ones that are doing too much work.
 2022-12-12 12:24:38 +10:00
David Garske
50c5d61998 Merge pull request #5872 from SparkiDev/tls_ext_no_dup 
TLS: detect duplicate known extensions
 2022-12-11 16:53:38 -08:00
Sean Parkinson
9ab8867b42 TLS: detect duplicate known extensions 
TLS specification requires that there not be more than one extension of
the same type in a given extension block. E.g. ClientHello
 2022-12-12 08:35:04 +10:00
JacobBarthelmeh
f974bd4ad6 move test function call into macro guard 2022-12-10 15:45:14 -08:00
JacobBarthelmeh
8b296877ab fix for handling DEFAULT:... cipher suite list 2022-12-10 14:53:43 -08:00
David Garske
52c6710783 Fix test_wc_ecc_import_raw to handle ECC_INF_E or MP_VAL on point failures. SP math returns MP_VAL in sp_256_ecc_is_point_4. 2022-12-09 10:32:46 -08:00
Anthony Hu
cdaa4d8aa0 Add proper gating on !NO_WOLFSSL_SERVER 
Found with the following configuration:

--enable-dtls --enable-dtls13 --enable-dtls-mtu CFLAGS="-DNO_WOLFSSL_SERVER"
 2022-12-08 14:20:17 -05:00
Anthony Hu
937d247c7d Don't create a key if we don't support the curve. 
Found with the following configuration:

./configure --enable-tls13 --disable-oldtls --enable-static --enable-singlethreaded --enable-dtls --enable-dtls13 --enable-dtls-mtu --enable-sp=yes,4096 --disable-shared --disable-sha3 --disable-dh --enable-curve25519 --enable-secure-renegotiation --enable-debug --enable-opensslextra 'CFLAGS=-DWOLFSSL_DTLS_ALLOW_FUTURE -DWOLFSSL_MIN_RSA_BITS=2048 -DWOLFSSL_MIN_ECC_BITS=256 -DFP_MAX_BITS=8192 -fomit-frame-pointer'
 2022-12-08 12:13:12 -05:00
JacobBarthelmeh
eb69ccb22c Merge pull request #5856 from icing/errq-improvements 
Improvements in OpenSSL Compat ERR Queue handling.
 2022-12-08 09:28:05 -07:00
Jacob Barthelmeh
94212e68e5 map SSL_CTX_get_session_cache_mode compat API 2022-12-07 11:35:48 -07:00
Stefan Eissing
45f9ef5dd9 Improvements in OpenSSL Compat ERR Queue handling. 
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
  be used as before to explicitly en-/disable the feature.

Implementation:
- with thread-local-storage, error queue is realized in one struct without
  allocations. Queue size is restricted to 16 entries (per thread), which
  is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
  functions to allow locked queue iterations/manipulations.
 2022-12-07 18:14:45 +01:00
Sean Parkinson
e5d03cf5ad Merge pull request #5848 from philljj/fix_mingw64_build 
Fix mingw-w64 build issues on windows.
 2022-12-07 08:57:07 +10:00
Anthony Hu
7935a11b3e Fixups for problems discovered while testing for DTLS 1.3 2022-12-06 11:30:23 -05:00
David Garske
a6c98a11d9 Merge pull request #5845 from anhu/re-sign 
Don't regenerate in wolfSSL_PEM_write_bio_X509().
 2022-12-06 06:35:13 -08:00
JacobBarthelmeh
f1daa2d356 fix other name san parsing and add RID cert to test parsing 2022-12-05 15:51:33 -08:00
David Garske
9d9549fbd3 Merge pull request #5836 from anhu/kyber_cleanup 
Remove kyber-90s and route all kyber through wolfcrypt.
 2022-12-05 13:18:44 -08:00
Anthony Hu
312b488582 Remove double free 2022-12-05 15:39:14 -05:00
Anthony Hu
65a5ea7cae Make sure certs are identical in tests. 2022-12-05 13:57:53 -05:00
jordan
87113cc88d Fix mingw-w64 build issues on windows. 2022-12-03 17:00:44 -06:00
Anthony Hu
f58f3bd986 Don't regenerate in test_wolfSSL_PEM_write_bio_X509(). We don't have the private key. 2022-12-02 16:41:24 -05:00
Marco Oliverio
abbba4815e tests: add tests for stateless dtls v1.2 cookie 2022-12-01 16:47:37 +00:00
Anthony Hu
a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
David Garske
b2f9838af4 Fix DSA public decode to allow extra buffer (in case private key is passed in). Fixes for clang-tidy "value stored never read". Allow showing line number and conditional with DEBUG_WOLFSSL_VERBOSE on TEST_RES_CHECK. 2022-11-29 14:58:52 -08:00
David Garske
7310eb102f Whitespace and line length cleanups. 2022-11-29 09:52:11 -08:00
Sean Parkinson
e4e53ab7ca Unit test: rework to be able to run API tests individually 
Change API test cases to return a result.
Test success is now TEST_SUCCESS (1).
Test result can be returned with use of macro TEST_RES_CHECK().
Always print the id, name of the test and the result (skipped or
otherwise) before and after running the test case.

Changed test case output to go to stderr.
Fixed some formatting.

Add option to take index and/or name of test case to run.
Added option to list all API tests.
Added option to only run API tests.
Added options to show usage.
 2022-11-29 12:37:20 +10:00
Anthony Hu
7c576de914 Fixes from testing 2022-11-25 16:00:09 -05:00
Anthony Hu
0bfa5c9836 Purge NTRU and SABER. Not going to be standardized. 2022-11-25 14:54:08 -05:00
JacobBarthelmeh
143dac64a3 account for 'pulled' error nodes 2022-11-17 14:51:37 -08:00
jordan
17105606b1 Cleanup format and typos, and use WOLFSSL_FILETYPE. 2022-11-15 11:45:11 -06:00
jordan
81ed2a60b4 Support ASN1/DER CRLs in LoadCertByIssuer. 
This fixes hash based dir lookup of ASN1/DER CRLs in OpenSSL
compatible API. The function wolfSSL_X509_load_crl_file is
called with entry->dir_type, rather than hardcoded filetype.

A new test crl was added, and existing crl 0fdb2da4.r0 was
reorganized to a new dir.

Also, completes the stub wolfSSL_X509_LOOKUP_add_dir. A new
test function test_X509_LOOKUP_add_dir was added to tests/api.c
 2022-11-11 15:13:00 -06:00
tim-weller-wolfssl
3bc3ec25b8 Add link of newly created x509 store's certificate manager to self by default 2022-11-09 17:17:30 -06:00
David Garske
eac3b4e189 Merge pull request #5752 from julek-wolfssl/alt-name-str-type 
Set alt name type to V_ASN1_IA5STRING
 2022-11-08 15:42:39 -08:00
Daniel Pouzzner
48ba365fd6 fixes for defects: 
clang-analyzer-deadcode.DeadStores in examples/server/server.c;

-Werror=use-after-free and LeakSanitizer Direct leak in tests/api.c;

nullPointerRedundantCheck in src/pk.c which identified a semantically consequential flub.
 2022-11-08 14:04:16 -06:00
Sean Parkinson
bd83345c02 Merge pull request #5773 from dgarske/async_v5.5.3 
Fixes for various tests that do not properly handle `WC_PENDING_E`
 2022-11-08 14:47:23 +10:00
David Garske
1ee3a78e4a Fixes for various tests that do not properly handle WC_PENDING_E. 2022-11-04 14:56:40 -07:00
Hayden Roche
5d70f3efce Merge pull request #5730 from philljj/zd15040 2022-11-04 13:32:48 -07:00
Hayden Roche
4a917219f7 Merge pull request #5608 from SparkiDev/pk_c_rework_2 2022-11-04 13:32:36 -07:00
JacobBarthelmeh
8225d3642b save next status with OCSP response verify 2022-11-03 22:39:47 -07:00
Juliusz Sosinowicz
8bbbdfa3f9 Set alt name type to V_ASN1_IA5STRING 2022-10-28 19:58:01 +02:00
JacobBarthelmeh
7366a9edbd Merge pull request #5744 from SparkiDev/regression_fixes_4 
Regresssion testing fixes
 2022-10-27 11:49:52 -06:00
Sean Parkinson
fd7544ca19 Regresssion testing fixes 
Ed25519 and Ed448 need to enable certs.

If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.

Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.

MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
 2022-10-27 17:47:48 +10:00
Hayden Roche
294a26ba0c Merge pull request #5708 from JacobBarthelmeh/OCSP 2022-10-26 15:43:15 -07:00
JacobBarthelmeh
8f2d35bb84 Merge pull request #5741 from douzzer/20221026-fixes-QUIC-and-ALPN 
20221026-fixes-QUIC-and-ALPN
 2022-10-26 15:03:28 -06:00
Jacob Barthelmeh
8d6ee0b26a minor warning fixes 2022-10-26 10:48:51 -06:00
Daniel Pouzzner
dfa603e502 fixes for warnings and defects around QUIC and ALPN -- fixes for clang-diagnostic-gnu-zero-variadic-macro-arguments, clang-analyzer-deadcode.DeadStores, clang-analyzer-core.UndefinedBinaryOperatorResult, clang-analyzer-security.insecureAPI.strcpy, and an overrun prevention assert in wolfSSL_ALPN_GetPeerProtocol(). 2022-10-26 11:32:06 -05:00