mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21,779 Commits 5 Branches 162 Tags
Commit Graph

2967 Commits

Author SHA1 Message Date
Stanislav Klima
4bbb0e3876 drafted ca false 2023-11-08 10:23:46 +01:00
Daniel Pouzzner
ca694938fd tests/api.c: update response vector in test_wolfSSL_CertManagerCheckOCSPResponse(), reflecting regenerated keys in certs/ocsp/. 2023-11-07 19:25:52 -06:00
JacobBarthelmeh
c5e2f414ea
Merge pull request #6929 from julek-wolfssl/dtls13-early-data-server-side 
dtls 1.3: allow to skip cookie exchange on resumption
 2023-11-06 13:30:21 -07:00
JacobBarthelmeh
c92d25816a
Merge pull request #6887 from julek-wolfssl/zd/16849 
Implement untrusted certs in wolfSSL_X509_STORE_CTX_init
 2023-11-06 10:13:43 -07:00
Juliusz Sosinowicz
8c87920903 Address code review 2023-11-03 11:02:41 +01:00
JacobBarthelmeh
96977d1480
Merge pull request #6900 from julek-wolfssl/zd/16868 
EVP_EncodeBlock should not append a newline
 2023-11-02 09:20:39 -06:00
JacobBarthelmeh
21f34ef028
Merge pull request #6905 from bandi13/moreCodeSonarFixes 
Don't nag about leaked resources
 2023-11-01 14:46:02 -06:00
JacobBarthelmeh
c920337f2f
Merge pull request #6891 from julek-wolfssl/zd/16849-i2d_x509 
Advance pointer in wolfSSL_i2d_X509
 2023-11-01 11:02:44 -06:00
JacobBarthelmeh
026c4bcbc7
Merge pull request #6902 from dgarske/various_20231020 
Fixes for PKCS w/out RSA and Cert/CSR signing with unknown OID
 2023-11-01 10:58:10 -06:00
JacobBarthelmeh
98843798c2
Merge pull request #6934 from SparkiDev/regression_fixes_8 
Regression test fixes
 2023-11-01 10:55:41 -06:00
Sean Parkinson
0eab70f806 Regression test fixes 
Fixes for different configurations and memory allocation failure
testing.
 2023-11-01 14:10:49 +10:00
Juliusz Sosinowicz
aed715cb2c dtls 1.3: allow to skip cookie exchange on resumption 
tls 1.3: do cookie exchange when asked too even when found a matching cipher
 2023-10-31 14:29:04 +01:00
David Garske
0455224439 Fix build errors in API unit test without IO dependencies. 2023-10-30 17:04:36 -07:00
Andras Fekete
42c241dbbf Avoid use of uninitialized array 2023-10-27 15:38:46 -04:00
Juliusz Sosinowicz
8f60fb0053 Advance pointer in wolfSSL_i2d_X509 2023-10-24 10:25:06 +02:00
Daniel Pouzzner
501299bc31 fix null pointer derefs in examples/pem/pem.c:pemApp_ReadFile() and tests/api.c:LoadPKCS7SignedDataCerts() detected by clang-tidy. 2023-10-21 13:34:04 -05:00
David Garske
6887281361 Fix for ./configure --enable-pkcs7 --disable-rsa && make check. 2023-10-20 16:27:54 -07:00
Juliusz Sosinowicz
8cd6cd175d EVP_EncodeBlock should not append a newline 2023-10-20 13:20:11 +02:00
Juliusz Sosinowicz
d13d446c2e Add missing guard 2023-10-19 20:05:59 +02:00
Juliusz Sosinowicz
1ae248018f Implement untrusted certs in wolfSSL_X509_STORE_CTX_init 2023-10-18 22:24:19 +02:00
Daniel Pouzzner
3e9f8bc649 tests/api.c: gate test_wc_AesEaxVectors(), test_wc_AesEaxEncryptAuth(), and test_wc_AesEaxDecryptAuth(), on !FIPS || FIPS>=5.3. 
wolfcrypt/src/eccsi.c: remove incorrect `(void)h` from eccsi_mulmod_base_add() in newly exposed WOLFSSL_SP_MATH code path.
 2023-10-16 13:30:16 -05:00
JacobBarthelmeh
c23559a91c
Merge pull request #6866 from bigbrett/aes-eax 
Add more extensive AES EAX tests to api.c
 2023-10-13 16:09:30 -06:00
Brett
87cffc8229 Added more extensive AES EAX tests to api.c 2023-10-13 11:38:16 -06:00
JacobBarthelmeh
79a6e1eb04
Merge pull request #6808 from SparkiDev/sp_sm2 
SP updates for SM2
 2023-10-13 10:17:17 -06:00
Sean Parkinson
0cc21a42f3 SP updates for SM2 
Allow wolfSSL to build with SP implementations of SM2.
Updates to SP implementation of other code.
 2023-10-13 08:14:15 +10:00
Juliusz Sosinowicz
8ac72750bc Fix linting issues 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
948d7ae761 keyLog_callback: flush the descriptor to make sure it is written out 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
bec87e525f PQC TLS 1.3: test setting pqc with wolfSSL_CTX_set_groups 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
2c6c52078a test_dtls13_frag_ch_pq: make sure kyber5 is used 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
37c0d52fa8 Dump manual memio stream with WOLFSSL_DUMP_MEMIO_STREAM 2023-10-09 12:54:11 +02:00
Anthony Hu
f640fdf91f Adding a post-quantum DTLS 1.3 test. 
This exercises the fragmenting of ClientHello via large post-quantum key share.

./configure --enable-dtls-mtu --enable-dtls-frag-ch --enable-dtls \
            --enable-dtls13 --with-liboqs
 2023-10-09 12:54:11 +02:00
Juliusz Sosinowicz
85a596e54a DTLS 1.3: allow fragmenting the second ClientHello message 
- DTLS 1.3 pqc support
- Add --enable-dtls-frag-ch option to enable CH fragmenting
- Send an alert when we get an empty keyshare with a cookie present to not allow for multiple HRR in one connection
- Only update the DTLS window when we have successfully processed or stored a message
- Call ssl->chGoodCb as soon as we have processed a verified full or fragmented ClientHello cookie
 2023-10-09 12:54:11 +02:00
JacobBarthelmeh
5cb80ea898
Merge pull request #6847 from embhorn/zd16767 
Fix wolfSSL_set_verify_result to use correct value
 2023-10-06 16:52:32 -06:00
Eric Blankenhorn
b329c0d5f4 Fix wolfSSL_set_verify_result to use correct value 2023-10-06 16:34:31 -05:00
Juliusz Sosinowicz
7baf151c37 CRL verify the entire chain including loaded CA's 
- Regen CRL's as most of them are expired
- certs/crl/extra-crls/ca-int-cert-revoked.pem: CRL that revokes certs/intermediate/ca-int-cert.pem signed by certs/ca-cert.pem
- Add CheckCertCRL_ex API to not depend on DecodedCert
- CheckCertCRLList: accept raw serial or hashed version to work with Signers
- Add XELEM_CNT to simplify pre-proc element counting
 2023-10-03 11:45:43 +02:00
Andras Fekete
47f0d5a5d0 Fix issue created by 62c14e4d5b5b5ff421742226c92dacc8621f26b7 2023-10-02 12:34:33 -04:00
David Garske
b72d02dd88
Merge pull request #6742 from embhorn/zd16187_2 
Fixes for NO_FILESYSTEM and NO_BIO config
 2023-09-19 11:19:07 -07:00
Anthony Hu
6bf716bd26
Merge pull request #6743 from JacobBarthelmeh/unit_tests 
add test case for ignoring cert path error
 2023-09-14 11:04:35 -04:00
JacobBarthelmeh
61f48eb5a1
Merge pull request #6763 from DimitriPapadopoulos/codespell 
Fix residual typos found by codespell
 2023-09-11 15:55:34 -06:00
JacobBarthelmeh
63477bcfdb
Merge pull request #6733 from gojimmypi/windows-gettime_secs 
implement gettime_secs for Windows (_MSC_VER) in tests/api.c
 2023-09-11 09:31:30 -06:00
Dimitri Papadopoulos
d532833af9
Fix residual typos found by codespell 2023-09-11 11:34:28 +02:00
Sean Parkinson
90467aa578 Curve25519/Ed25519: align buffers 
Make data structures align buffers.
Align buffers in functions.
Add versions that don't use umaal
 2023-09-08 15:23:15 +10:00
gojimmypi
e74b3ecdad revert to only original gettime_secs changes per code review 2023-09-06 17:55:15 -07:00
JacobBarthelmeh
e748e1be32 add test case for ignoring cert path error 2023-08-30 12:45:29 -07:00
JacobBarthelmeh
2aefdfe9d5
Merge pull request #6737 from anhu/ignoreBadPath 
Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH.
 2023-08-30 13:37:56 -06:00
Eric Blankenhorn
7262a30074 Fixes for NO_FILESYSTEM config 2023-08-30 13:54:49 -05:00
Eric Blankenhorn
4e86523624 Fix NO_BIO build error 2023-08-30 10:24:25 -05:00
Anthony Hu
d7bb5aa367 Add new feature macro WOLFSSL_IGNORE_BAD_CERT_PATH. 2023-08-29 10:28:02 -04:00
JacobBarthelmeh
c47600c52c update comment 2023-08-29 12:45:45 +02:00
Juliusz Sosinowicz
a0fef66c3b Add test case for dropped ccs 2023-08-29 12:45:45 +02:00