WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
24,890 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

67 Commits (f313edb4cfa7227f1bd1bf4fa40bf51162ee2f15)

Author SHA1 Message Date
Kareem f313edb4cf Add a test certificate for all of the FPKI certificate policy OIDs. 2025-03-27 12:20:36 -07:00
JacobBarthelmeh 1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
JacobBarthelmeh 28184dd8cc update certificates in certs directory 2024-12-18 14:26:15 -07:00
Daniel Pouzzner 1c68da282c portability enhancement: use "#!/usr/bin/env <interpreter>" on all perl scripts and shell scripts that use bash extensions, and use "#!/bin/sh" on the rest. 2024-08-20 13:48:33 -05:00
JacobBarthelmeh 90b28b5cef add test case for verify of stream signed PKCS7 bundle 2024-03-01 23:43:46 +07:00
JacobBarthelmeh d58acef895 add RSA-PSS CRL test case 2024-01-05 14:47:53 -08:00
Anthony Hu b22c2971e3 Fixup spelling: Elliptic 
Fixes https://github.com/wolfSSL/wolfssl/issues/6767
 2023-09-26 16:18:02 -04:00
TakayukiMatsuo 3a5739a8fa Add support for raw-public-key 2023-08-11 11:29:15 +09:00
Andras Fekete 0a2201700d Put the .rnd file in a local folder 2023-03-28 10:43:17 -04:00
Andras Fekete 1cf2d9ece3 Create files that the script depends on 2023-03-28 10:16:24 -04:00
Andras Fekete 610c45afb6 Don't need to store state anymore 2023-03-28 10:15:58 -04:00
Andras Fekete 1f6071df33 PR suggestions 2023-03-27 13:59:01 -04:00
Andras Fekete cadd2d9ab6 Remove expectation for an argument to be passed 
Added in a failing return value to flush out tests/scripts that may be calling this script multiple times with various arguments
 2023-03-27 13:30:12 -04:00
Kareem 5b08b016af Add client-absolute-urn.pem to renewcerts.sh 2023-03-16 16:14:08 -07:00
JacobBarthelmeh f1daa2d356 fix other name san parsing and add RID cert to test parsing 2022-12-05 15:51:33 -08:00
Sean Parkinson fb531dacc2 Certs with RSA-PSS sig 
Add support for parsing and verifying certificates with RSA-PSS
signatures. Including check PSS parameters in key with those in
signature algorithm.
Add support for parsing private RSA PSS key.
Add support for parsing public RSA PSS key.
 2022-08-11 09:43:01 +10:00
JacobBarthelmeh 36db5ef929 add test case for UUID and FASC-N 2022-05-23 09:17:42 -07:00
JacobBarthelmeh c0f8fd5f5d update certificate dates and fix autorenew 2021-12-20 16:04:05 -08:00
David Garske 9d2082f7e1
Fixes and improvements for crypto callbacks with TLS (mutual auth) (#4437) 
* This PR resolves issues with using TLS client authentication (mutual auth) with crypto callbacks. The TLS client auth will not be sent without a private key being set. The solution is to allow setting a public key only if crypto callbacks is enabled and a devId is set.

* Fix to allow using crypto callbacks with TLS mutual authentication where a private key is not available.
* Fix for ED25519 sign when only a private key is loaded.
* Fix to enable crypto callbacks for ED25519 and Curve25519 in TLS by using the _ex init functions.
* Fix for wc_PemToDer return code where a PKCS8 header does not exist.
* Remove duplicate logs in DoCertificateVerify.
* Doxygen API updates: Added crypto callback help and updated use_PrivateKey with info about public key use.

* * Added crypto callback tests for TLS client and server with mutual auth for RSA, ECC and ED25519.
* Enhanced the API unit test TLS code to allow setting CA, cert and key.

* Revert ED25519 changes. Opt to calculate public key directly when required for signing in the TLS crypto callback test. Build configuration fixes.

* Fix to use proper devId in `ProcessBufferTryDecode`.

* Various build fixes due to changes in PR. G++ issue with `missing-field-initializers`. Unused api.c func with DTLS and session export. Duplicate `eccKeyPubFile` def.

* Added crypto callback TLS tests at WOLFSSL object level. Fix for ED25519/ED448 with client mutual auth where the private key is not set till WOLFSSL object. Fix issues with  `wolfSSL_CTX_GetDevId` where devId is set on WOLFSSL object. Enable the `_id` API's for crypto callbacks.

* Proper fix for `eccKeyPubFile` name conflict. Was causing RSA test to fail (expected DER, not PEM).
 2021-10-07 11:12:06 +10:00
Chris Conlon 95b9fae605
Add DIST_POINT compatibility functions (#4351) 
* add DIST_POINT compatibility functions

* switch X509_LU_* from enum to define, prevent compiler type warnings

* refactoring, adding in comments, and formating

* refactoring and a memory leak fix

* cast return value for g++ warning

* refactor wolfSSL_sk_DIST_POINT_pop_free and remove NULL assign after free

* fix get next DIST_POINT node for free function

Co-authored-by: Jacob Barthelmeh <jacob@wolfssl.com>
 2021-09-30 08:27:39 +10:00
Anthony Hu 33cb823148
Remove legacy NTRU and OQS (#4418) 
* Remove NTRU and OQS

* Keep the DTLS serialization format backwards compatible.

* Remove n from mygetopt_long() call.

* Fix over-zealous deletion.

* Resolve problems found by @SparkiDev
 2021-09-24 08:37:53 +10:00
Sean Parkinson d486b89c61 ASN1 Template: stricter and simpler DER/BER parsing/construction 
Reduce debug output noise
 2021-08-19 11:32:41 +10:00
kaleb-himes 93a8f36530 Fix basic constraints extension present and CA Boolean not asserted 2021-07-02 12:16:16 -06:00
Jacob Barthelmeh 3cd43cf692 fix for keyid with ktri cms 2021-06-22 21:33:12 +07:00
Jacob Barthelmeh d8fc01aabf add cert generation to renewcerts script 2021-06-16 14:31:33 +07:00
Jacob Barthelmeh 41e5e547c4 run renewcerts.sh script 2021-02-11 03:12:54 +07:00
Jacob Barthelmeh e2b411805d add ca-cert-chain.der to renewcerts.sh, update ed25519 certs and gen script 2021-01-12 00:40:15 +07:00
Chris Conlon 062df01737 add PKCS12 RC2 test case, example p12 bundle 2020-10-16 12:02:20 -06:00
Sean Parkinson d63ff07edc TLS 1.3: Fix P-521 algorithm matching 
Digest size compared to key size - P521 has large key size.
Fixed to round down.
Added P-521 keys and certificates.
Added testing of P-521 keys and certificcates to unittest.
 2020-09-18 10:51:55 +10:00
John Safranek 3bd27f7912
fix a bad path in renewcerts 2020-08-12 15:17:21 -07:00
John Safranek 95337e666c
Release Update 
1. Update the usual versions.
2. Update README and ChangeLog.
3. Modify genecc and renewcerts to update two certificate files that had expired.
4. Update the expired certificate files.
 2020-08-12 14:43:47 -07:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
David Garske da882f3912 Added wolfCrypt RSA 4096-bit test support using `USE_CERT_BUFFERS_4096` build option (`./configure CFLAGS="-DUSE_CERT_BUFFERS_4096"`). 2020-02-23 18:40:13 -08:00
David Garske 3f1c3392e5 Fixes for build with opensslextra and 3072-bit cert buffers. Adds 3072-bit RSA public key der. Eliminates duplicate 3072-bit client cert/key. 2020-01-29 06:37:06 -08:00
David Garske 2a5c623c97 Fix for RSA without SHA512 build error. Fix or renew cert PEM to DER. 2020-01-22 08:15:34 -08:00
David Garske 4d9dbc9ec3 Adds 3072-bit RSA tests using `USE_CERT_BUFFERS_3072`. 2020-01-21 22:16:54 -08:00
Sean Parkinson 5221c082f1 SP now has support for RSA/DH 4096-bit operations 2019-11-12 12:04:06 +10:00
Jacob Barthelmeh cc3ccbaf0c add test for degenerate case and allow degenerate case by default 2018-10-30 17:04:33 -06:00
kaleb-himes 54e04dd312 posix compliance enhancements for portability 2018-09-20 10:30:11 -06:00
kaleb-himes 4f6ee556dc Refactor the cert renewal scripts with error handling 
Portability updates
 2018-09-19 14:47:21 -06:00
Jacob Barthelmeh 63a0e872c5 add test for fail case when parsing relative URI path 2018-05-14 14:27:02 -06:00
Jacob Barthelmeh bb979980ca add test case for parsing URI from certificate 2018-05-08 16:24:41 -06:00
Jacob Barthelmeh 607bd96317 add ocsp cert renew and test-pathlen to script 2018-03-14 16:35:16 -06:00
Jacob Barthelmeh e41f5de556 default generate ed25519 cert with renew and add ecc crls to script 2018-03-09 14:09:34 -07:00
Jacob Barthelmeh d9738563af add ed25519 certificate generation to renewcerts.sh 2018-03-09 10:43:36 -07:00
Jacob Barthelmeh f6b5427f2b bad sig certificate renew script 2018-03-09 09:50:52 -07:00
Jacob Barthelmeh 849e1eb10d updating renewcerts script 2018-03-09 00:35:14 -07:00
Jacob Barthelmeh 62b8c0c3fd add test case for order of certificates with PKCS12 parse 2018-02-07 16:52:39 -07:00
Sean Parkinson 90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
Jacob Barthelmeh 4c8fdf99c5 add digsigku to renewcerts script and update the not after date 2017-05-02 18:08:10 -06:00