wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:29:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,397 Commits 12 Branches 184 Tags
100d765b0c333ec00a111ce7c19be6f1bf4070a5
Commit Graph

27397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kareem
233e574f32 Merge remote-tracking branch 'upstream/master' into zd20595 2025-10-07 14:23:21 -07:00
Kareem
8fbc39ea6c Merge branch 'master' into zd20527 2025-10-07 14:22:55 -07:00
Kareem
14e1d2eec3 Merge branch 'master' into zd20527 2025-10-07 14:22:08 -07:00
Kareem
931384a117 Merge branch 'master' into zd20595 2025-10-07 14:21:46 -07:00
David Garske
1d67e5551b Merge pull request #9279 from julek-wolfssl/testsuite_test-ready 
testsuite_test: reset `ready` in between uses
 2025-10-07 13:26:59 -07:00
Josh Holtrop
4fba5f8679 Rust wrapper: add license comments to Rust source files 2025-10-07 16:02:36 -04:00
Josh Holtrop
cf9014dce5 Rust wrapper: document more directories in README.md 2025-10-07 15:59:54 -04:00
Daniel Pouzzner
e4f0acdc1d linuxkm/linuxkm_wc_port.h: disable CONFIG_FORTIFY_SOURCE module-wide on kernels <5.18 (shim conflicts), and add WC_FORCE_LINUXKM_FORTIFY_SOURCE for future use. 2025-10-07 12:49:54 -05:00
David Garske
b75af93a05 Merge pull request #9278 from JacobBarthelmeh/pkcs7_stream 
coverity warnings on test case, CID 549270 and 549271
 2025-10-07 10:19:01 -07:00
JacobBarthelmeh
2445af9308 compile both fe_operations.c and low_mem version and rely on macro defines to choose which code gets compiled 2025-10-07 10:42:08 -06:00
Juliusz Sosinowicz
5069d977ed testsuite_test: reset ready in between uses 
This should fix the constant intermittent failures in GH CI.
 2025-10-07 18:30:36 +02:00
David Garske
b3031d25ca Merge pull request #9255 from SparkiDev/tls13_cookie_hash 
TLS 1.3 Cookie Hash: use stronger hash if no SHA-256
 2025-10-07 08:51:26 -07:00
JacobBarthelmeh
1237a5468f coverity warnings on test case, CID 549270 and 549271 2025-10-07 09:35:37 -06:00
David Garske
d9b52d832c Merge pull request #9259 from julek-wolfssl/dtls13-timeout 
Reset DTLS 1.3 timeout
 2025-10-07 07:57:17 -07:00
Daniele Lacamera
ea300985e0 Added support for AES-CTR in PKCS11 driver 2025-10-07 13:03:24 +02:00
Sean Parkinson
abfcb7122c KCAPI ECC: initialize mp_ints 
Was not initializing mp_ints and it is needed now.
 2025-10-07 20:59:27 +10:00
Sean Parkinson
9d546acd03 Merge pull request #9200 from effbiae/build-msg-or-hash-output 
refactor to BuildMsgOrHashOutput()
 2025-10-07 08:20:20 +10:00
David Garske
92a47829fa Merge pull request #8674 from JacobBarthelmeh/pkcs7_stream 
Fix to advance past multiple recipients
 2025-10-06 11:27:03 -07:00
Josh Holtrop
ab5d9ad1b8 Rust wrapper: add wolfssl::wolfcrypt::rsa module 2025-10-06 14:10:53 -04:00
David Garske
d4242fa026 Merge pull request #9272 from julek-wolfssl/cov-20251006 
Handle coverity reported errors
 2025-10-06 10:57:20 -07:00
JacobBarthelmeh
68eb8b70d1 Merge pull request #9271 from rizlik/cryptocb_sha512_family_fix 
cryptocb: sha512_family: try specific digest length hashtype first
 2025-10-06 11:38:57 -06:00
Daniel Pouzzner
f854795c02 Merge pull request #9263 from holtrop/rsa-const-pointers 
RSA API: use const pointers and clean up some comments
 2025-10-06 11:55:04 -05:00
JacobBarthelmeh
7128932eff avoid attempt of key decode and free buffer if incorrect recipient found 2025-10-06 10:48:59 -06:00
David Garske
dcafe9adf2 Add STM32H5 PKA support. 2025-10-06 18:38:09 +02:00
David Garske
fe7b6f1651 Add missing TimeNowInMilliseconds for FreeRTOS 2025-10-06 18:38:09 +02:00
David Garske
c349001d94 Move the STM32 hash options into STM32_HASH. Fix for realloc. Improve docs for hcom_uart. Fix issue with detecting RTC and incorrectly setting NO_ASN_TIME. 2025-10-06 18:38:09 +02:00
David Garske
ee77094dd6 Fixes to get STM32N6 hash and GMAC working 2025-10-06 18:38:09 +02:00
Juliusz Sosinowicz
f6be6c8b6d Add timeout assertions to DTLS test 2025-10-06 18:23:16 +02:00
Juliusz Sosinowicz
cd0d986016 Reset DTLS 1.3 timeout 2025-10-06 18:23:16 +02:00
David Garske
874633da38 Merge pull request #9270 from effbiae/sm3-free-x2 
double free -- should be o_hash
 2025-10-06 08:41:30 -07:00
Juliusz Sosinowicz
32e24e8199 Suppress Coverity deadcode warning in test_ocsp_tls_cert_cb 2025-10-06 16:26:45 +02:00
Juliusz Sosinowicz
a9ad5181e6 tls13: remove dead code in SetupOcspResp csr assignment 2025-10-06 16:21:47 +02:00
Juliusz Sosinowicz
303401b047 Refactor certificate status handling to use word32 2025-10-06 16:19:54 +02:00
Marco Oliverio
fc348da28f fix: escape error code operands 2025-10-06 14:47:13 +02:00
Marco Oliverio
9cbc3f97e5 cryptocb: sha512_family: try specific digest length hashtype first 
If the cryptocb provider supports specific SHA512/224 and SHA512/256
hashtype, this commit allows to:

1. avoid a copy
2. do not touch the output buffer outside of the cryptocb handler

2 might be important for cryptocb provider that needs special handling
of memory buffer (DMA, memory mapping).
 2025-10-06 11:42:23 +02:00
effbiae
a53f0cd3fa double free -- should be o_hash 2025-10-05 19:13:50 +11:00
Kaleb Himes
99c983d44f Merge pull request #9269 from douzzer/20251002-linuxkm-fencepost-and-fortify-tweaks 
20251002-linuxkm-fencepost-and-fortify-tweaks
 2025-10-03 17:01:45 -06:00
JacobBarthelmeh
fca3028395 advance index past recipent set in non stream case too 2025-10-03 15:55:35 -06:00
Daniel Pouzzner
781c9bb990 Merge pull request #9268 from dgarske/cryptocb_only 
Remove the `NO_WRITE_TEMP_FILES` test.c logic added in #9194
 2025-10-03 16:39:59 -05:00
Daniel Pouzzner
46fd3d60f9 linuxkm/Kbuild: activate linker script with backward-compatible construct (tests good on 4.4); 
linuxkm/linuxkm_wc_port.h: completely inhibit CONFIG_FORTIFY_SOURCE across the module when HAVE_LINUXKM_PIE_SUPPORT, for fidget-free backward compat;

linuxkm/module_hooks.c:
* add startup-time sanity check on fenceposts,
* enhance DEBUG_LINUXKM_PIE_SUPPORT with coverage for WOLFSSL_TEXT_SEGMENT_CANONICALIZER on the entire text segment,
* compute and report a hash on the stabilized text segment,
* fix wc_linuxkm_normalize_relocations() to allow span end == __wc_text_end, and
* add numerous verbose pr_err()s when DEBUG_LINUXKM_PIE_SUPPORT.
 2025-10-03 15:07:56 -05:00
JacobBarthelmeh
4e92920a7f cast variable to word32 for compare 2025-10-03 13:51:15 -06:00
JacobBarthelmeh
12cfca4060 account for no AES build and add err trace macro 2025-10-03 13:51:15 -06:00
JacobBarthelmeh
328f505702 add pkcs7 test with multiple recipients 2025-10-03 13:51:15 -06:00
JacobBarthelmeh
7a5e97e30e adjustment for recipient index advancement 2025-10-03 13:51:15 -06:00
JacobBarthelmeh
6987304f42 Fix to advance past multiple recipients 2025-10-03 13:51:15 -06:00
David Garske
d2be867b51 Remove the NO_WRITE_TEMP_FILES test.c logic added in #9194 2025-10-03 10:40:11 -07:00
David Garske
ac23b48283 Merge pull request #9144 from julek-wolfssl/ocsp-callbacks 
tls ocsp: support lazy cert loading with ocsp stapling
 2025-10-03 09:47:55 -07:00
Juliusz Sosinowicz
f9063c406b Enables dynamic TLS cert loading with OCSP 
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.

The server no longer needs to load the CA to staple OCSP responses.

Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
 2025-10-03 13:08:11 +02:00
effbiae
2adae90a5d refactor to BuildMsgOrHashOutput 2025-10-03 11:41:57 +10:00
Sean Parkinson
ea4554c941 Merge pull request #9234 from effbiae/TLSX_WriteWithEch 
restore inner server name in TLSX_WriteWithEch
 2025-10-03 09:20:40 +10:00