Commit Graph

27397 Commits

Author SHA1 Message Date
Sean Parkinson e3876fcab7 Merge pull request #8287 from JacobBarthelmeh/sigfault
fix for sig fault harden build
2024-12-16 09:04:29 +10:00
Daniel Pouzzner 7c5451c742 fips-check.sh fixes + enhancements:
* change default WOLFSSL_REPO to the canonical upstream.
* refactor tag calculation without bash associative arrays, for backward compat.
* add support for fetching FIPS tags/branches into a persistent fips repo if one is found at ../fips.
* use --shared in git clones where applicable.
* always check out the master FIPS branch, for its tooling, and always make sure it's up to date with $FIPS_REPO.
* after each fetch for a previously unknown tag, explicitly associate the tag with the FETCH_HEAD.
2024-12-13 21:36:40 -06:00
Daniel Pouzzner 4bdccac584 Merge pull request #8290 from wolfSSL/revert-8277-aarch64_no_crypto
Revert "Aarch64: make code compile when no hardware crypto avail"
2024-12-13 20:43:01 -06:00
JacobBarthelmeh ad03518aa8 armasm with opensslcoexist build 2024-12-13 17:11:32 -07:00
JacobBarthelmeh 6442689d22 set dk-s7g2 socklent 2024-12-13 17:01:58 -07:00
David Garske 71325a2a32 Revert "Aarch64: make code compile when no hardware crypto avail" 2024-12-13 13:52:53 -08:00
JacobBarthelmeh f0f50f1837 add option for additional sanity checks 2024-12-13 14:42:51 -07:00
JacobBarthelmeh d7e40e7413 Merge pull request #8264 from dgarske/various_20241206
Various cleanups and fixes
2024-12-13 13:48:10 -07:00
JacobBarthelmeh 68e85ef33a Merge pull request #8252 from anhu/use_srtp_retcode
wolfSSL_CTX_set_tlsext_use_srtp() should return 1 on failure and 0 up…
2024-12-13 13:35:49 -07:00
JacobBarthelmeh e76e0e33fd Merge pull request #8283 from rlm2002/enableAlwaysKeepSNI
WOLFSSL_ALWAYS_KEEP_SNI enabled by default with --enable-jni
2024-12-13 13:32:47 -07:00
JacobBarthelmeh a22176af40 fix for sig fault harden build 2024-12-13 10:34:23 -07:00
Juliusz Sosinowicz 3407f21e69 Use source hostap repo 2024-12-13 17:12:23 +01:00
David Garske 79d9b2d6c3 Merge pull request #8277 from SparkiDev/aarch64_no_crypto
Aarch64: make code compile when no hardware crypto avail
2024-12-12 15:49:57 -08:00
Sean Parkinson 24bb2b7fab Aarch64: make code compile when no hardware crypto avail
Detects availability of instructions for Aarch64.
2024-12-13 09:16:11 +10:00
Ruby Martin b34a39a6bc WOLFSSL_ALWAYS_KEEP_SNI enabled by default with --enable-jni 2024-12-12 15:49:47 -07:00
Sean Parkinson 2aacc7cd87 MacOS: allow SHA-3 instructions to be explicitly not used
Some iPads and iPhones don't support SHA-3 instructions.
Allow SHA-3 instructions to explicitly not be used for these devices.
2024-12-13 08:25:39 +10:00
Sean Parkinson 65fc8f8d77 Merge pull request #8280 from kareem-wolfssl/zd19046
Add support for the RFC822 Mailbox attribute.
2024-12-13 08:07:46 +10:00
Kareem d4af181593 Add support for the RFC822 Mailbox attribute. 2024-12-12 12:37:32 -07:00
Andrew Hutchings 8ecbd3479e Fix code comments for some x509.c functions
The return of `wolfSSL_sk_push` was changed, but some of the functions
that use it did not have their return comments updated appropriately.
2024-12-12 16:21:16 +00:00
Daniel Pouzzner dd3012682a Merge pull request #8278 from JacobBarthelmeh/settings
adjustments on sanity check of build
2024-12-11 17:04:58 -06:00
Daniel Pouzzner 1f1e985d73 Merge pull request #8268 from bandi13/fixMemleak
Fix memory leak
2024-12-11 16:35:38 -06:00
Sean Parkinson c9c28335ae EdDSA Ed448: sc_muladd now does full reduction
sc_muladd was reducing to word boundary and not to order.
Now reduces to order as last step.
2024-12-12 08:33:35 +10:00
Daniel Pouzzner d825b08e16 Merge pull request #8275 from SparkiDev/aarch64_poly1305_fix
Aarch64 Poly1305: fix corner case
2024-12-11 16:24:36 -06:00
Daniel Pouzzner 88241f1a2c Merge pull request #8267 from ColtonWilley/pkcs11_cert_support
PKCS11 cert support
2024-12-11 16:04:58 -06:00
Daniel Pouzzner ee4366acc5 Merge pull request #8162 from redbaron/find-threads
CMAKE: look for pthreads when importing wolfSSL if required
2024-12-11 14:36:04 -06:00
Colton Willey 2039d6371f Remove redundant NULL check 2024-12-11 12:25:35 -08:00
Daniel Pouzzner 2ea2e6bf59 Merge pull request #8233 from ColtonWilley/x509_store_add_cert_ref_count
Use proper ref count handling when adding to x509 store
2024-12-11 11:54:29 -06:00
JacobBarthelmeh 2749884fdc defining custom config avoids warning of library builds pulling in options.h 2024-12-11 09:50:52 -07:00
JacobBarthelmeh 45992164d6 make new sanity check be a warning 2024-12-11 09:46:39 -07:00
Sean Parkinson c0f3b433b2 Aarch64 Poly1305: fix corner case
Don't mask top 26 bits as it may have next bit set as reduction step was
only approximate.
2024-12-11 12:49:21 +10:00
Anthony Hu 762c36687f Add a test. 2024-12-10 21:21:41 -05:00
Sean Parkinson 7ef328548d Merge pull request #8274 from douzzer/20241210-update-wolfssl_known_macro_extras
20241210-update-wolfssl_known_macro_extras
2024-12-11 10:45:11 +10:00
JacobBarthelmeh 59ea24f915 Merge pull request #8225 from gojimmypi/pr-espressif-improve-sha-msg
Improve Espressif SHA HW/SW mutex messages
2024-12-10 17:30:03 -07:00
Daniel Pouzzner 6a05ba7cce .wolfssl_known_macro_extras: regenerate 2024-12-10 17:20:24 -06:00
JacobBarthelmeh 1208a7499b Merge pull request #8272 from douzzer/20241210-fixes
20241210-fixes
2024-12-10 13:35:09 -07:00
Daniel Pouzzner d257a59087 add support for WOLFSSL_NO_OPTIONS_H:
* activate WOLFSSL_NO_OPTIONS_H in linuxkm/Kbuild for in-module test.o and benchmark.o.
* refine explanatory comments in settings.h re WOLFSSL_USE_OPTIONS_H, WOLFSSL_NO_OPTIONS_H, and WOLFSSL_CUSTOM_CONFIG.
* add safety catch to options.h/options.h.in to inhibit inclusion if defined(WOLFSSL_NO_OPTIONS_H).
* for good measure, add explicit check for WOLFSSL_NO_OPTIONS_H to wolfcrypt/benchmark/benchmark.c and wolfcrypt/test/test.c.
2024-12-10 13:02:37 -06:00
Colton Willey 00386c76bf No redundant NULL check on free 2024-12-10 09:43:03 -08:00
JacobBarthelmeh e443366748 Merge pull request #8270 from julek-wolfssl/actions-ubuntu-22.04
Revert to ubuntu-22.04
2024-12-10 09:14:00 -07:00
Juliusz Sosinowicz 1d2acd9de6 Revert to ubuntu-22.04 2024-12-10 16:27:41 +01:00
JacobBarthelmeh 0772cf692d Merge pull request #8262 from embhorn/zd18968
Add sanity check for configuration method
2024-12-09 21:22:54 -07:00
Colton Willey 0c20a20acc Use char instead of sword8, sanity length check on CKA_VALUE 2024-12-09 16:09:04 -08:00
Daniel Pouzzner ba59f1af19 wolfssl/wolfcrypt/settings.h: use #warning, not #error, for "No configuration for wolfSSL detected, check header order", to avoid unnecessary breakage of old projects with nonstandard custom settings. 2024-12-09 17:04:38 -06:00
gojimmypi 7bc026540b Improve Espressif SHA HW/SW mutex messages 2024-12-09 14:51:18 -08:00
Colton Willey 0cda59e00e Add support for cert format in get cert crypto callback 2024-12-09 14:32:02 -08:00
David Garske c4e319b092 Cleanup the gating for WOLFSSL_NO_AES_CFB_1_8. 2024-12-09 13:51:51 -08:00
Andras Fekete ff66998575 Fix memory leak 2024-12-09 16:24:38 -05:00
Colton Willey c83c9e68c9 Updates per review comments 2024-12-09 13:10:32 -08:00
Daniel Pouzzner e248d8499a move !defined(EXTERNAL_OPTS_OPENVPN) assert from src/internal.c to wolfssl/wolfcrypt/types.h with refinements; refine logic+message of assert in wolfssl/wolfcrypt/settings.h re "wolfssl/options.h included in compiled wolfssl library object..". 2024-12-09 15:02:41 -06:00
Colton Willey 324b87614e Initial implementation for using PKCS11 to retrieve certificate for SSL CTX 2024-12-09 12:15:41 -08:00
Eric Blankenhorn fcce09a4d3 Fix from review 2024-12-09 12:59:37 -06:00