wolfssl

feedc0de/wolfssl

Fork 0

forked from wolfSSL/wolfssl

Commit Graph

Select branches

Hide Pull Requests

cert-3389

devin-lifeguard/update-rules-d59f9c48

devin/1739556249-pem-hash-algorithm

devin/1739556249-pem-hash-algorithm-fix

devin/1739556249-pem-hash-algorithm-fix2

devin/1739784730-fix-tlsext-constants

devin/1739818351-optimize-test-suite

devin/1739818351-optimize-test-suite-fix

devin/1739917420-rename-kyberkey-to-mlkem

devin/1739920896-esp32-fixes

devin/1740705266-update-mlkemkey-apis

devin/1740757542-null-cipher-evp-update

devin/1740759575-null-cipher-fix

devin/1741319666-remove-qt-guard-add-tests

devin/1741708186-add-cmake-wolfclu

devin/1742172556-aes-xts-tests

devin/1742405136-cipherType-to-string

devin/1742841122-add-dod-pki-oids

devin/1747238512-add-ssl-remove-session

devin/invalid-gentime-crl-test

fixes_with_new_idf

master

nightly-snapshot

pr-8603

remove-arc4

revert-5549-fix_sha256_debug

revert-8277-aarch64_no_crypto

rm_arc4

WCv4-rng-stable

WCv4-stable

WCv4.0-RC1

WCv4.0-RC2

WCv4.0-RC3

WCv4.0-RC4

WCv4.0-RC5

WCv4.0-RC6

WCv4.0-RC7

WCv4.0-RC8

WCv4.0-RC9

WCv5.0-RC10

WCv5.0-RC11

WCv5.0-RC12

WCv5.0-RC2

WCv5.0-RC3

WCv5.0-RC4

WCv5.0-RC5

WCv5.0-RC6

WCv5.0-RC7

WCv5.0-RC8

WCv5.0-RC9

WCv5.2.1-PILOT

WCv5.2.3-ARMv8-PAA

WCv5.2.3-ARMv8-PAA-r2

WCv5.2.3-DHGENPUB

WCv5.2.3-DHGENPUB-r2

WCv5.2.3-STM32-PAA

WCv6.0.0-RC1

WCv6.0.0-RC2

WCv6.0.0-RC3

WCv6.0.0-RC4

WCv6.0.0-RC5

l

list

v0.5

v1.8.8.0

v1.9.0

v2.0.2

v2.0.3

v2.0.6

v2.0.8

v2.0rc1

v2.0rc2

v2.0rc2b

v2.0rc3

v2.1.1

v2.1.2

v2.1.4

v2.2.0

v2.2.1

v2.2.2

v2.3.0

v2.4.0

v2.4.2

v2.4.6

v2.4.7

v2.5.0

v2.5.2

v2.5.2b

v2.6.0

v2.6.2

v2.7.0

v2.7.2

v2.8.0

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.5a

v2.8.6

v2.9.0

v2.9.1

v2.9.2

v2.9.4

v3.0.0

v3.0.2

v3.1.0

v3.10.0-stable

v3.10.0a

v3.10.2-stable

v3.10.3

v3.10.4

v3.11.0-stable

v3.11.1-tls13-beta

v3.12.0-stable

v3.12.2-stable

v3.13.0-stable

v3.13.2

v3.13.3

v3.14.0-stable

v3.14.0a

v3.14.0b

v3.14.2

v3.14.4

v3.14.5

v3.15.0-stable

v3.15.3-stable

v3.15.5-stable

v3.15.5a

v3.15.6

v3.15.7-stable

v3.15.8

v3.2.0

v3.2.4

v3.2.6

v3.3.0

v3.3.2

v3.3.3

v3.4.0

v3.4.2

v3.4.6

v3.4.8

v3.6.0

v3.6.0b

v3.6.2

v3.6.6

v3.6.8

v3.6.9

v3.6.9b

v3.6.9c

v3.6.9d

v3.69.d

v3.7.0

v3.7.1

v3.7.3

v3.8.0

v3.9.0

v3.9.1

v3.9.10-stable

v3.9.10b

v3.9.6

v3.9.6w

v3.9.8

v4.0.0-stable

v4.1.0-stable

v4.2.0-stable

v4.2.0c

v4.3.0-stable

v4.4.0-stable

v4.5.0-stable

v4.6.0-stable

v4.7.0-stable

v4.7.1r

v4.8.0-stable

v4.8.1-stable

v5.0.0-stable

v5.1.0-stable

v5.1.1-stable

v5.2.0-stable

v5.2.1-stable

v5.2.1-stable-OS_Seed-HdrOnly

v5.3.0-stable

v5.4.0-stable

v5.5.0-stable

v5.5.1-stable

v5.5.2-stable

v5.5.3-stable

v5.5.4-stable

v5.6.0-stable

v5.6.2-stable

v5.6.3-stable

v5.6.4-stable

v5.6.6-stable

v5.7.0-stable

v5.7.2-stable

v5.7.4-stable

v5.7.6-stable

v5.8.0-stable

wolfEntropy1

wolfRand-RC1

wolfRand-RC2

c8b507d246 wolfssl/wolfcrypt/sp_int.h: refactor SP_WORD_SIZEOF as a simple numeric literal, and use them for XALIGNED() for Windows portability. Daniel Pouzzner 2025-05-14 16:54:49 -05:00
55bbd84445 wolfssl/wolfcrypt/sp_int.h and wolfcrypt/src/sp_int.c: add WOLFSSL_SP_DYN_STACK macro to orthogonalize gnarly setup logic, and refactor to use it throughout; refactor several more sp_int stack-allocated data buffers as sp_int_digit[]s rather than char[]s. Daniel Pouzzner 2025-05-14 15:38:12 -05:00
f0f4084f94 linuxkm/lkcapi_dh_glue.c: never install DH/FFDHE on kernel <5.18 -- DH secrets have a different format before that version, and FFDHE (CONFIG_CRYPTO_DH_RFC7919_GROUPS) was introduced in 5.18 and is the only FIPS-allowed DH variant. Daniel Pouzzner 2025-05-14 15:37:12 -05:00
49d9bfa160 Merge pull request #8758 from bigbrett/exportx509pubkey-api David Garske 2025-05-14 12:28:45 -07:00
4af0e14e7b Add ssl_RemoveSession API Lealem Amedie 2025-05-14 11:47:33 -06:00
40c9a03ebe rename function args to match implementation Brett Nicholas 2025-05-14 11:31:36 -06:00
e0216d3ea5 Update ssl_RemoveSession to use SessionHash for direct row calculation devin/1747238512-add-ssl-remove-session Devin AI 2025-05-14 17:29:02 +00:00
6270429089 Fix STM32MP13x STM32 AES GCM. David Garske 2025-05-13 07:15:04 -07:00
4fd76dae95 Add portability fix for new INT_MAX required on all TLS limit checking (added in 91aad90c59 Jan 24, 2025). David Garske 2025-05-12 12:19:38 -07:00
7a936d731d Fix edge case issue with STM32 AES GCM auth padding. Issue introduced in PR #8584. Fixes ZD 19783 Added way to override STM_CRYPT_HEADER_WIDTH. David Garske 2025-05-12 12:19:20 -07:00
8de9b9e69e Remove IP version matching restriction in ssl_RemoveSession Devin AI 2025-05-14 16:33:08 +00:00
61bb5624f4 Update ssl_RemoveSession to use existing RemoveSession function Devin AI 2025-05-14 16:28:21 +00:00
4cfaef7c30 Add ssl_RemoveSession API to remove sessions by client/server IP/port tuples Devin AI 2025-05-14 16:02:52 +00:00
813e36a823 Merge pull request #8770 from douzzer/20250514-WOLFSSL_DEBUG_PRINTF-C89 David Garske 2025-05-14 08:50:46 -07:00
88ae4266cf Don't define PQC option strings in benchmark if WOLFSSL_BENCHMARK_ALL is defined Alex Lanzano 2025-05-14 08:43:27 -04:00
8035667d9b wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add WOLFSSL_DEBUG_PRINTF_FN and WOLFSSL_DEBUG_PRINTF_FIRST_ARGS, and update refactored wolfssl_log(), for C89 compat. Daniel Pouzzner 2025-05-14 03:21:28 -05:00
c5021c0690 wolfcrypt/src/ecc.c: fix identicalInnerCondition in ecc_mulmod(). Daniel Pouzzner 2025-05-14 03:18:35 -05:00
9b7a95e338 gurd tests NO_SW_BENCH Hideki Miyazaki 2025-05-10 13:42:56 +09:00
cd79be4928 Merge pull request #8769 from douzzer/20250513-WOLFSSL_DEBUG_PRINTF-WOLFSSL_DEBUG_CERTIFICATE_LOADS David Garske 2025-05-13 21:15:43 -07:00
9d722b3a6c purge baltimore-cybertrust-root.pem from certs/external/include.am and scripts/. Daniel Pouzzner 2025-05-13 20:52:08 -05:00
55460a5261 wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add WOLFSSL_DEBUG_PRINTF() macro adapted from wolfssl_log(), refactor wolfssl_log() to use it, and move printf setup includes/prototypes from logging.c to logging.h; Daniel Pouzzner 2025-05-13 20:30:48 -05:00
5a4c1d99a3 Expose RemoveStaleSessions sniffer API Lealem Amedie 2025-05-13 15:16:02 -06:00
336b374b9c Merge pull request #8753 from dgarske/gcc4_portability JacobBarthelmeh 2025-05-13 13:12:31 -06:00
5f2a43f01f Merge pull request #8766 from dgarske/static_ephemeral Daniel Pouzzner 2025-05-12 15:18:37 -05:00
2151a1b8a1 review comments Brett Nicholas 2025-05-12 11:43:56 -06:00
e09e3f6098 Fix for Curve25519 and static ephemeral issue with curve25519 blinding. Added new test case (used by wolfKeyMgr). David Garske 2025-05-12 10:26:31 -07:00
ed6f853b9c Merge pull request #8763 from douzzer/20250511-fixes David Garske 2025-05-12 08:48:37 -07:00
110504acd6 Merge pull request #8761 from douzzer/20250510-SP-dyn-stack-tweaks-and-workaround David Garske 2025-05-12 08:48:10 -07:00
af29a59325 Do not allow define of max to interfere with pthreads Anthony Hu 2025-04-30 13:33:53 -04:00
e19295bb64 wolfssl/wolfcrypt/settings.h: #define WOLFSSL_CURVE25519_BLINDING if defined(NO_CURVED25519_X64); Daniel Pouzzner 2025-05-11 12:06:23 -05:00
b1cf5df2c2 Merge pull request #8762 from douzzer/20250510-testwolfcrypt-fix-exit-status David Garske 2025-05-10 11:54:36 -07:00
001a5ef897 wolfcrypt/test/test.c: in main(), return (exit with) 0 for success and 1 for failure. Daniel Pouzzner 2025-05-10 12:05:10 -05:00
5a911f6af0 wolfssl/wolfcrypt/sp_int.h: wc_static_assert(), not static_assert(). Daniel Pouzzner 2025-05-10 02:16:48 -05:00
8410d922db .wolfssl_known_macro_extras: remove WOLFSSL_CURVE25519_BLINDING (defined in settings.h since aa840f9c94). Daniel Pouzzner 2025-05-10 01:31:45 -05:00
c967dd2a30 wolfcrypt/src/sp_int.c and wolfssl/wolfcrypt/sp_int.h: add MP_INT_SIZEOF_DIGITS() macro, and use it for stack allocations in DECL_SP_INT() and DECL_SP_INT_ARRAY(); Daniel Pouzzner 2025-05-10 01:28:17 -05:00
25357e14eb Remove DH_GEN_PUB macro requirement WCv5.2.3-DHGENPUB-r2 Lealem Amedie 2025-05-09 15:49:43 -06:00
d232680e9c Merge pull request #8749 from philljj/linuxkm_aes_debug_msgs Daniel Pouzzner 2025-05-09 16:46:44 -05:00
79f214f73c add new X509 API: wc_Exportx509PubKeyWithSpki Brett Nicholas 2025-05-09 11:29:19 -06:00
8e0aefd321 Merge pull request #8725 from AlexLanzano/no-malloc-support JacobBarthelmeh 2025-05-09 14:23:47 -06:00
3d92eb6d2e Merge pull request #8756 from douzzer/20250509-linuxkm-lkcapi-rsa-pkcs1-precedence philljj 2025-05-09 13:59:09 -05:00
68b83bfa14 Merge pull request #8711 from JacobBarthelmeh/coverity David Garske 2025-05-09 11:41:53 -07:00
407efd3c5d Merge pull request #8710 from JacobBarthelmeh/codesonar David Garske 2025-05-09 11:41:24 -07:00
7cd080b421 Merge pull request #8713 from JacobBarthelmeh/scan David Garske 2025-05-09 11:23:20 -07:00
0adb6eb788 Merge pull request #8748 from ColtonWilley/pkcs7_x509_store_update David Garske 2025-05-09 11:22:53 -07:00
b6f6d8ffda linuxkm/lkcapi_glue.c: reorder registration of AES and SHA algs to put composite first and primitive last, to prevent kernel dynamic synthesis of the composites. Daniel Pouzzner 2025-05-09 12:12:15 -05:00
76fd5319d4 Remove redefinition of MlKemKey Alex Lanzano 2025-05-09 10:42:15 -04:00
9d1bf83a43 Merge pull request #8736 from JacobBarthelmeh/build Sean Parkinson 2025-05-09 20:24:53 +10:00
707505d31d linuxkm/lkcapi_glue.c: in linuxkm_lkcapi_register(), register PKCS1 algs before direct_rsa, to prevent kernel from synthesizing conflicting PKCS1 implementations. for good measure, move raw DH after FFDHE too. Daniel Pouzzner 2025-05-09 00:31:28 -05:00
82cb83abee Improvements for portability using older gcc 4.8.2 and customer parsing tools. David Garske 2025-05-08 16:51:37 -07:00
4f07f6a9c1 Merge pull request #8750 from anhu/crl_RefFree Sean Parkinson 2025-05-09 08:24:10 +10:00
96c15b3a87 Merge pull request #8751 from douzzer/20250508-linuxkm-lkcapi-ECDH-never-fips_enabled philljj 2025-05-08 14:59:48 -05:00
77c0f79cbe adjust ech get length only case JacobBarthelmeh 2025-04-24 09:08:49 -07:00
9fb34d76c2 adjust size of temporary buffer JacobBarthelmeh 2025-04-24 08:04:35 -07:00
6f1fe2e4b9 add sanity check on des cbc decrypt, CID 512990 JacobBarthelmeh 2025-04-23 17:11:05 -06:00
f96e493790 help static analyzer out, CID 516263 JacobBarthelmeh 2025-04-23 14:00:22 -06:00
ea03decf60 fix for --group argument test, CID 516265 JacobBarthelmeh 2025-04-23 13:54:36 -06:00
ae4a4236cc fix for index value with curve25519 JacobBarthelmeh 2025-05-08 13:42:02 -06:00
b3d330258f linuxkm aes: cleanup. jordan 2025-05-08 14:32:42 -05:00
0532df5ce1 configure.ac: further fixes+cleanups for curve25519/ed25519 feature setup. now recognizes =asm as an override optionally preventing implicit noasm (linuxkm), and fixes wrong -DHAVE_CURVE25519 added to flags in FIPS builds. Daniel Pouzzner 2025-05-08 12:20:05 -05:00
ac7326d272 linuxkm/lkcapi_glue.c: for LINUXKM_LKCAPI_REGISTER_ECDH, always clear fips_enabled (see comment for details). Daniel Pouzzner 2025-05-08 12:13:06 -05:00
42fb041890 Add missing call to wolfSSL_RefFree in FreeCRL Anthony Hu 2025-05-08 13:11:37 -04:00
49f1725620 linuxkm aes: add debug msgs. jordan 2025-05-08 11:47:20 -05:00
9e7a4f6518 Update PKCS7 to use X509 STORE for internal verification instead of underlying CM Colton Willey 2025-05-08 09:45:58 -07:00
7ff4ada692 Merge pull request #8746 from douzzer/20250507-ed25519-noasm David Garske 2025-05-08 08:29:04 -07:00
e044ec45b7 .github/workflows/codespell.yml: in skip section, add full paths for new artifacts in examples/asn1/. Daniel Pouzzner 2025-05-08 00:41:35 -05:00
2e0ada9836 configure.ac: implement support for --enable-ed25519=noasm, and refactor and improve existing support for --enable-curve25519=noasm. Daniel Pouzzner 2025-05-07 23:59:58 -05:00
c2528d48d7 Fix liboqs builds. David Garske 2025-05-07 14:36:55 -07:00
18818415d9 Merge pull request #8744 from douzzer/20250507-fips-all David Garske 2025-05-07 13:56:31 -07:00
3f9fe491cc adjust C# test and set rng with hpke case JacobBarthelmeh 2025-05-07 12:52:43 -06:00
d3ce45fbfb clean up Curve25519/Curve448 dependencies in FIPS builds: Daniel Pouzzner 2025-05-07 14:32:31 -05:00
cdeac13c87 Merge pull request #8742 from gojimmypi/pr-espressif-p4-and-hkdf David Garske 2025-05-07 12:30:54 -07:00
72bff7d01e Lint and overlong. David Garske 2025-05-06 17:01:36 -07:00
760178c7dc Improvements to no malloc support in ConfirmSignature for async and non-blocking. Refactor DSA ASN.1 decode in ConfirmSignature. Cleanup indent in types.h. Move struct CertSignCtx to types.h. Move WC_ENABLE_ASYM_KEY_IMPORT and WC_ENABLE_ASYM_KEY_EXPORT to settings.h. David Garske 2025-05-06 12:08:35 -07:00
bc6b5598c5 Add NO_MALLOC support for wc_CheckCertSigPugKey Alex Lanzano 2025-05-01 09:03:49 -04:00
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update David Garske 2025-05-07 11:43:54 -07:00
36d8298602 Merge pull request #8743 from douzzer/20250807-linuxkm-lkcapi-ecdh-fips-5v15 philljj 2025-05-07 12:47:03 -05:00
cbc4cba263 set rng when making a curve25519 key and cast type after shift JacobBarthelmeh 2025-05-07 11:45:55 -06:00
060d4d5ecc linuxkm/lkcapi_glue.c: on FIPS kernels <5.15, suspend fips_enabled when registering ecdh-nist-p256 and ecdh-nist-p384 to work around wrong/missing attributes/items in kernel crypto manager. Daniel Pouzzner 2025-05-07 11:14:24 -05:00
eae4005884 Merge pull request #8717 from dgarske/renesas_rx_api JacobBarthelmeh 2025-05-07 09:29:05 -06:00
ed2c20a3b2 Espressif HAVE_HKDF for wolfssl_test, explicit ESP32P4 gojimmypi 2025-05-07 16:38:05 +02:00
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status Sean Parkinson 2025-05-07 20:56:18 +10:00
4b73e70515 Merge pull request #8706 from dgarske/win_crypt_rng Sean Parkinson 2025-05-07 20:55:07 +10:00
a69039b40d Merge pull request #8740 from douzzer/20250506-linuxkm-lkcapi-default-priority-100000 philljj 2025-05-06 20:04:19 -05:00
112351667a ASN.1 OIDs and sum: Change algorithm for sum Sean Parkinson 2025-04-10 17:46:32 +10:00
d100898e92 Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix Sean Parkinson 2025-05-07 08:23:33 +10:00
8a3a5929b8 linuxkm/lkcapi_glue.c: change WOLFSSL_LINUXKM_LKCAPI_PRIORITY from INT_MAX to 100000 to avoid overflows in kernel calculation of priority on constructed algs. Daniel Pouzzner 2025-05-06 17:21:35 -05:00
6eb8dfb769 Merge pull request #8668 from gojimmypi/pr-arduino-print David Garske 2025-05-06 14:51:12 -07:00
213c43b0fc Merge pull request #8715 from padelsbach/ssl-certman-codesonar David Garske 2025-05-06 14:49:57 -07:00
1ee954a38c Merge pull request #8738 from kaleb-himes/refine-module-boundary David Garske 2025-05-06 14:42:57 -07:00
05a3557b2b Merge pull request #8703 from lealem47/zd19592 David Garske 2025-05-06 14:42:19 -07:00
d04ab3757e New build option WIN_REUSE_CRYPT_HANDLE to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after WC_RESEED_INTERVAL. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing hpke.c to wolfssl VS project. David Garske 2025-05-06 14:38:02 -07:00
602f4a7b05 Merge pull request #8739 from douzzer/20250506-fixes-and-test-coverage David Garske 2025-05-06 14:27:38 -07:00
982a7600c2 src/tls13.c: in DoTls13ServerHello() WOLFSSL_ASYNC_CRYPT path, fix -Wdeclaration-after-statement caused by fallthrough definition; Daniel Pouzzner 2025-05-06 14:49:32 -05:00
579e22f843 Remove WOLFSSL_NO_FSEEK from known macros Lealem Amedie 2025-05-06 15:39:18 -04:00
25db14f50c Fix macro typo. David Garske 2025-05-06 10:42:09 -07:00
654812679b Refine module boundary based on lab feedback [IG C.K.] kaleb-himes 2025-05-06 09:33:36 -06:00
d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index Juliusz Sosinowicz 2025-05-06 13:47:54 +02:00
1c0e5af3a4 Merge pull request #8720 from JacobBarthelmeh/xilinx Sean Parkinson 2025-05-06 10:50:01 +10:00
428915e492 Merge pull request #8719 from philljj/coverity_april_2025 Sean Parkinson 2025-05-06 10:11:27 +10:00
dfec168402 Merge pull request #8721 from philljj/coverity_misc Sean Parkinson 2025-05-06 10:04:53 +10:00