wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 17:32:42 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,397 Commits 12 Branches 184 Tags
100d765b0c333ec00a111ce7c19be6f1bf4070a5
Commit Graph

27397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kareem
5b473f6b9b Add SSL_get_rfd and SSL_get_wfd. 
Fixes https://github.com/wolfSSL/wolfssl-nginx/issues/25.
 2025-12-19 17:16:35 -07:00
Kareem
b6766106c8 Add documentation for Base16_Encode and Base64_Encode's behavior of adding a NULL terminator byte. 
Fixes #5602
 2025-12-19 17:15:44 -07:00
Kareem
a1999d29ed Only enforce !NO_FILESYSTEM for WOLFSSL_SYS_CA_CERTS on non Windows/Mac systems. 
wolfSSL's support for WOLFSSL_SYS_CA_CERTS uses APIs which don't depend on !NO_FILESYSTEM
on Windows/Mac.

Fixes #8152.
 2025-12-19 16:37:50 -07:00
JacobBarthelmeh
0a0c43054f Merge pull request #9564 from douzzer/20251219-fixes 
20251219-fixes
 2025-12-19 16:24:20 -07:00
Kareem
3e59b83727 Only keep /dev/urandom open, close /dev/random after each use. 
Improve logic for opening RNG seed FD.
 2025-12-19 15:57:49 -07:00
Kareem
fe105d4b48 Add a flag which allows requesting exactly SEED_SZ and using the full seed to instantiate the DRBG during RNG init. 
This flag can not be used with FIPS.
 2025-12-19 15:25:15 -07:00
David Garske
1cb2231ff5 Added build option to allow certificate CA matching using AKID with signers SKID ( WOLFSSL_ALLOW_AKID_SKID_MATCH). Fixed issue with cert->extAuthKeyIdSz not being set with ASN template code. 2025-12-19 14:14:39 -08:00
Daniel Pouzzner
a7550346dd wolfcrypt/test/test.c: in rng_seed_test(), fix gates for FIPS 5.2.4. 2025-12-19 15:50:27 -06:00
Daniel Pouzzner
d3f74557fe wolfcrypt/src/wolfentropy.c: add volatile attribute to entropy_memuse_initialized declaration; in wc_Entropy_Get(), if HAVE_FIPS, call Entropy_Init() if necessary, to accommodate FIPS KATs; in Entropy_Init(), add thread safety. 2025-12-19 15:45:17 -06:00
JacobBarthelmeh
d5723d0d89 Merge pull request #9544 from julek-wolfssl/gh/9362 
Check KeyShare after HRR
 2025-12-19 14:36:31 -07:00
David Garske
1825bd86f5 Merge pull request #9550 from JacobBarthelmeh/caam 
sanity checks on buffer size with AES and CAAM Integrity use
 2025-12-19 11:03:40 -08:00
JacobBarthelmeh
d26c11c626 Merge pull request #9551 from josepho0918/iar 
Add IAR support to WC_OFFSETOF macro
 2025-12-19 11:36:33 -07:00
JacobBarthelmeh
8153ea6189 Merge pull request #9559 from cconlon/pkcs7SignedNonOctet 
Fix PKCS#7 SignedData parsing for non-OCTET_STRING content types
 2025-12-19 11:12:06 -07:00
Daniel Pouzzner
6f95a9c58e wolfcrypt/src/random.c: in _InitRng(), remove "drbg_instantiated" conditional cleanup logic (Coverity true-benign-positive: DEADCODE because drbg_instantiated is always false when ret != DRBG_SUCCESS). 2025-12-19 10:30:14 -06:00
Daniel Pouzzner
fb26b2dfe1 wolfcrypt/test/test.c: in HMAC tests, initialize ret, to silence uninitvar from cppcheck-force-source. 2025-12-19 09:07:14 -06:00
Daniel Pouzzner
96c47cd18c wolfcrypt/test/test.c: in _rng_test(), inhibit the WC_RESEED_INTERVAL subtest if an rng callback is installed. 2025-12-19 08:55:35 -06:00
Juliusz Sosinowicz
dd35f10b57 ed25519: validate presence of keys in export functions 2025-12-19 10:14:26 +01:00
JacobBarthelmeh
a3072c7a8d fix for shadows global declaration warning 2025-12-18 17:18:39 -07:00
Chris Conlon
afe82b9512 Fix PKCS#7 degenerate detection based on signerInfos length 2025-12-18 16:28:03 -07:00
Chris Conlon
d6dcd30736 Fix PKCS#7 streaming for non OCTET STRING content types 2025-12-18 16:28:01 -07:00
JacobBarthelmeh
bbc3a72ea8 Merge pull request #9556 from julek-wolfssl/rng-tools-timeout-fix 
rng-tools: increase jitter timeout
 2025-12-18 15:59:42 -07:00
Kareem
b0b840aa0f Rename fdOpen to seedFdOpen to avoid potential conflicts. 
Gate keeping the seed FD open behind WOLFSSL_KEEP_RNG_SEED_FD_OPEN and only
enable by default for HAProxy.  It is causing issues on OS X and may
cause issues on other OSes, and is generally a major behavior change.
 2025-12-18 15:55:35 -07:00
Kareem
c238defe23 Add cast for public_size 2025-12-18 15:32:59 -07:00
Kareem
755097d512 Track if RNG seed FD was opened and only close it if it was already open. This fixes the case where wc_FreeRng is called when _InitRng was not called on the RNG. Since the FD value defaults to 0 before _InitRng was called, and 0 is potentially a valid FD, it was being closed. 2025-12-18 15:27:00 -07:00
JacobBarthelmeh
4162f24434 Merge pull request #9555 from embhorn/zd20964 
Null deref check in Pkcs11ECDH
 2025-12-18 15:14:35 -07:00
Chris Conlon
5eef52c6fa Add test for PKCS#7 SignedData with non-OCTET_STRING content 2025-12-18 15:02:02 -07:00
Kareem
81d32f4fe6 Move Curve25519 public key check to make_pub/make_pub_blind to cover the case where they are called directly by an application. 2025-12-18 14:37:59 -07:00
David Garske
4e96b11cce Merge pull request #9557 from douzzer/20251218-fixes 
20251218-fixes
 2025-12-18 12:35:44 -08:00
Kareem
0420c942a0 Only use -1 for uninitialized fds as 0 is a valid fd. 2025-12-18 11:22:22 -07:00
Kareem
2e83b97909 Only attempt to close RNG file descriptor on platforms with XCLOSE. 2025-12-18 11:15:33 -07:00
Kareem
fb880e943b Reset fd after closing it. 2025-12-18 11:15:33 -07:00
Kareem
6bcbfec200 Initalize RNG seed fd in _InitRng. 2025-12-18 11:15:33 -07:00
Kareem
ea43bcba72 Keep RNG seed file descriptor open until the RNG is freed. 2025-12-18 11:15:33 -07:00
Daniel Pouzzner
8a8ef3512e src/internal.c: in FreeSSL_Ctx(), use wolfSSL_RefWithMutexFree(&ctx->ref), matching refactor in #8187. 2025-12-18 11:48:31 -06:00
Juliusz Sosinowicz
4e15ccec35 rng-tools: increase jitter timeout 2025-12-18 18:40:54 +01:00
Daniel Pouzzner
83e9a0780f wolfcrypt/src/wc_lms.c: fix leak in wc_LmsKey_Reload(). 2025-12-18 11:09:37 -06:00
Daniel Pouzzner
59b3219c0f wolfcrypt/test/test.c: fix memory leaks in Hmac tests. 2025-12-18 10:47:21 -06:00
Eric Blankenhorn
d1a4677a8a Null deref check in Pkcs11ECDH 2025-12-18 10:10:57 -06:00
Marco Oliverio
988ba340ba address reviewer's comments 2025-12-18 10:28:54 +01:00
Masaki I.
42e324e545 [JA] Fix issues with the API documentation 2025-12-18 18:08:59 +09:00
Joseph Chen
1484fb5069 Add IAR support to WC_OFFSETOF macro 2025-12-18 15:46:35 +08:00
Sean Parkinson
a103f5af8b Merge pull request #9545 from douzzer/20251211-DRBG-SHA2-smallstackcache-prealloc 
20251211-DRBG-SHA2-smallstackcache-prealloc
 2025-12-18 10:07:37 +10:00
Sean Parkinson
b7e69fb2f3 Merge pull request #9543 from kareem-wolfssl/zd20944 
Check Curve25519 public key after generating one to avoid generating invalid keys.
 2025-12-18 09:29:58 +10:00
JacobBarthelmeh
911e996a8d Merge pull request #9546 from SparkiDev/curve25519_base_smul_improv 
Curve25519: improved smul
 2025-12-17 15:28:56 -07:00
JacobBarthelmeh
498b86fabd Merge pull request #9542 from holtrop-wolfssl/rust-wolfssl-wolfcrypt-crate 
Create wolfssl-wolfcrypt Rust crate
 2025-12-17 12:17:51 -07:00
Daniel Pouzzner
b23f59f137 Merge pull request #9540 from sameehj/linuxkm_tegra_fips_fixes 
linuxkm: fix Tegra Yocto FIPS build issues (ARM64, RT, PIE)
 2025-12-17 12:49:23 -06:00
JacobBarthelmeh
04a06fee0f Merge pull request #9535 from philljj/kernel_readme 
linuxkm: add a readme.
 2025-12-17 11:32:58 -07:00
JacobBarthelmeh
a2ab7b3e80 Merge pull request #9548 from julek-wolfssl/fix-os-check-cflags 
Fix incorrect use of CFLAGS in os-check
 2025-12-17 10:37:44 -07:00
JacobBarthelmeh
39a903b30c Merge pull request #9549 from embhorn/zd20965 
Fix MQX example null deref
 2025-12-17 10:35:43 -07:00
JacobBarthelmeh
16e035d692 Merge pull request #9547 from SparkiDev/aesgcm_ossl_arm32_asm_fix 
AES-GCM ARM32/Thumb2 ASM: don't change aes->reg in decrypt
 2025-12-17 10:33:38 -07:00