mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
22,052 Commits 5 Branches 162 Tags
Commit Graph

2992 Commits

Author SHA1 Message Date
Juliusz Sosinowicz
8ac72750bc Fix linting issues 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
948d7ae761 keyLog_callback: flush the descriptor to make sure it is written out 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
bec87e525f PQC TLS 1.3: test setting pqc with wolfSSL_CTX_set_groups 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
2c6c52078a test_dtls13_frag_ch_pq: make sure kyber5 is used 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
37c0d52fa8 Dump manual memio stream with WOLFSSL_DUMP_MEMIO_STREAM 2023-10-09 12:54:11 +02:00
Anthony Hu
f640fdf91f Adding a post-quantum DTLS 1.3 test. 
This exercises the fragmenting of ClientHello via large post-quantum key share.

./configure --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtls \
            --enable-dtls13 --with-liboqs
 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
85a596e54a DTLS 1.3: allow fragmenting the second ClientHello message 
- DTLS 1.3 pqc support
- Add --enable-dtls-frag-ch option to enable CH fragmenting
- Send an alert when we get an empty keyshare with a cookie present to not allow for multiple HRR in one connection
- Only update the DTLS window when we have successfully processed or stored a message
- Call ssl->chGoodCb as soon as we have processed a verified full or fragmented ClientHello cookie
 2023-10-09 12:54:11 +02:00
JacobBarthelmeh
5cb80ea898
Merge pull request #6847 from embhorn/zd16767 
Fix wolfSSL_set_verify_result to use correct value
 2023-10-06 16:52:32 -06:00
Eric Blankenhorn
b329c0d5f4 Fix wolfSSL_set_verify_result to use correct value 2023-10-06 16:34:31 -05:00
Juliusz Sosinowicz
7baf151c37 CRL verify the entire chain including loaded CA's 
- Regen CRL's as most of them are expired
- certs/crl/extra-crls/ca-int-cert-revoked.pem: CRL that revokes certs/intermediate/ca-int-cert.pem signed by certs/ca-cert.pem
- Add CheckCertCRL_ex API to not depend on DecodedCert
- CheckCertCRLList: accept raw serial or hashed version to work with Signers
- Add XELEM_CNT to simplify pre-proc element counting
 2023-10-03 11:45:43 +02:00
Andras Fekete
47f0d5a5d0 Fix issue created by 62c14e4d5b5b5ff421742226c92dacc8621f26b7 2023-10-02 12:34:33 -04:00
David Garske
b72d02dd88
Merge pull request #6742 from embhorn/zd16187_2 
Fixes for NO_FILESYSTEM and NO_BIO config
 2023-09-19 11:19:07 -07:00
Anthony Hu
6bf716bd26
Merge pull request #6743 from JacobBarthelmeh/unit_tests 
add test case for ignoring cert path error
 2023-09-14 11:04:35 -04:00
JacobBarthelmeh
61f48eb5a1
Merge pull request #6763 from DimitriPapadopoulos/codespell 
Fix residual typos found by codespell
 2023-09-11 15:55:34 -06:00
JacobBarthelmeh
63477bcfdb
Merge pull request #6733 from gojimmypi/windows-gettime_secs 
implement gettime_secs for Windows (_MSC_VER) in tests/api.c
 2023-09-11 09:31:30 -06:00
Dimitri Papadopoulos
d532833af9
Fix residual typos found by codespell 2023-09-11 11:34:28 +02:00
Sean Parkinson
90467aa578 Curve25519/Ed25519: align buffers 
Make data structures align buffers.
Align buffers in functions.
Add versions that don't use umaal
 2023-09-08 15:23:15 +10:00
gojimmypi
e74b3ecdad revert to only original gettime_secs changes per code review 2023-09-06 17:55:15 -07:00
JacobBarthelmeh
e748e1be32 add test case for ignoring cert path error 2023-08-30 12:45:29 -07:00
JacobBarthelmeh
2aefdfe9d5
Merge pull request #6737 from anhu/ignoreBadPath 
Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.
 2023-08-30 13:37:56 -06:00
Eric Blankenhorn
7262a30074 Fixes for NO_FILESYSTEM config 2023-08-30 13:54:49 -05:00
Eric Blankenhorn
4e86523624 Fix NO_BIO build error 2023-08-30 10:24:25 -05:00
Anthony Hu
d7bb5aa367 Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH. 2023-08-29 10:28:02 -04:00
JacobBarthelmeh
c47600c52c update comment 2023-08-29 12:45:45 +02:00
Juliusz Sosinowicz
a0fef66c3b Add test case for dropped ccs 2023-08-29 12:45:45 +02:00
gojimmypi
d8fe8b9140 gettime_secs() in api.c now uses TimeNowInMilliseconds() 2023-08-28 18:14:29 -07:00
gojimmypi
4058dbec7c Merge branch 'master' of https://github.com/wolfssl/wolfssl into windows-gettime_secs 2023-08-28 11:40:51 -07:00
Juliusz Sosinowicz
b02fe0853f CI fixes 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz
57ce894393 CRL refactor 
- CheckCertCRLList: check all entries in case a single issuer has multiple CRL's loaded
- test_multiple_crls_same_issuer: testing two different certificates forcing the client to check both CRL's from the same issuer
- CRL_Entry
  - use a lock instead of a mutex to allow multiple threads to access the same list simultaneously
  - add a verifyMutex when doing verification so that we don't have to release the crlLock
- Add allocation and free functions for CRL_Entry
- DupCRL_Entry: simplify copying by copying all static fields in one memcpy
 2023-08-28 10:52:36 +02:00
Juliusz Sosinowicz
e85901c8e5 Only list supported sigalgs in certreq 2023-08-28 10:52:36 +02:00
gojimmypi
321f74869a implement gettime_secs for Windows (_MSC_VER) in tests/api.c 2023-08-25 18:30:05 -07:00
JacobBarthelmeh
14deb7afda
Merge pull request #6700 from julek-wolfssl/dtls13-downgrade-acks 
DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH)
 2023-08-25 09:34:53 -06:00
JacobBarthelmeh
c9e9e0fc72
Merge pull request #6704 from icing/session-copy-on-write 
Updating a shared session objects needs to do copy on write
 2023-08-24 16:52:17 -06:00
JacobBarthelmeh
a6257ca635
Merge pull request #6724 from julek-wolfssl/zd/16445 
ZD16445
 2023-08-24 13:46:49 -06:00
JacobBarthelmeh
5f44a73f8e
Merge pull request #6725 from julek-wolfssl/zd/16598 
TLSX_CA_Names_Parse: Include header in length check
 2023-08-24 10:30:07 -06:00
Juliusz Sosinowicz
82c5170659 TLSX_CA_Names_Parse: Include header in length check 2023-08-24 15:23:37 +02:00
Juliusz Sosinowicz
06d81f7f8f Add a test case that negotiates tickets during another handshake 2023-08-24 15:01:22 +02:00
Juliusz Sosinowicz
b771b6ebf5 ZD16445 
- Use unions for type punning in xor API
- Initialise potentially uninitialised variables
- Use `LL` suffix to specify a larger integer type
- Don't use `max` as it can shadow other definitions
 2023-08-24 10:53:26 +02:00
Sean Parkinson
36b92a4cef Thumb2 ASM, Curve25519 
Add support for compiling ASM for Thumb2
Add Curve25519 ASM for Thumb2
Limit assembly code compiled when Ed25519 not required.
Rework all assembly implementations to replace ge_*() functions instead
of having fe_ge_*() versions that take many parameters.
Get ARM32 inline asm working.
 2023-08-24 17:43:03 +10:00
Juliusz Sosinowicz
9427bea275 DTLS 1.3: do not send ACKs until we negotiate 1.3 (through SH) 2023-08-23 22:18:21 +02:00
JacobBarthelmeh
9cc8cdcc30
Merge pull request #6712 from philljj/spelling_cleanup 
Used codespell and fixed obvious typos.
 2023-08-18 16:29:36 -06:00
Juliusz Sosinowicz
b32ff0b0b8 Rename utils.c to utils.h 
This better signals that this file is meant to be included directly in testing programs and also plays better with my IDE.
 2023-08-18 15:05:23 +02:00
jordan
d4ba2e50d4 Used codespell and fixed obvious typos. 2023-08-17 15:20:10 -05:00
JacobBarthelmeh
cc4e327316
Merge pull request #6544 from TakayukiMatsuo/rpk 
Add support for raw-public-key
 2023-08-17 09:23:18 -06:00
JacobBarthelmeh
a4152ab341
Merge pull request #6695 from philljj/fix_test_x509_guards 
Fix define guards for X509 api tests.
 2023-08-11 09:18:00 -06:00
TakayukiMatsuo
3a5739a8fa Add support for raw-public-key 2023-08-11 11:29:15 +09:00
Juliusz Sosinowicz
e96837aa34 cond: Add start and end API for mutex handling 2023-08-10 18:07:51 +02:00
jordan
5255b02fbb Fix define guards for X509 api tests. 2023-08-10 08:49:25 -05:00
David Garske
5b16586483 Fixes for wolfSSL conditional porting. Can cause deadlock in high usage situations. Added better signal support on MacOS. Issue created in PR #6437. 2023-08-08 12:46:42 -07:00
JacobBarthelmeh
65b515aec8
Merge pull request #6655 from julek-wolfssl/threading-testing 
Port testing to wolfSSL threading interface
 2023-08-04 13:46:14 -06:00