wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 17:42:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,533 Commits 12 Branches 184 Tags
20fc2de29dc4e7cf063e654d554ea7f59ef42b1b
Commit Graph

27533 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kaleb-himes
20fc2de29d Restore sanity to < SEED_BLOCK_SZ 2026-01-22 09:09:29 -07:00
kaleb-himes
20b2fd200f Address failure rates from FIPS CRNGT test by implementing alternate RCT/ADP tests 
Update ret code to match docs and update docs

Replace magic numbers with appropriate define

Define MAX_ENTROPY_BITS when MEMUSE not enabled

Fix type cast windows detection

Older FIPS modules still need the old check

CodeSpell you're wrong, that is what I want to name my variable

Turn the hostap into a manual dispatch until it gets fixed

Upon closer review we can not skip the test when memuse enabled

Fix whitespace stuff found by multitest

More syntax things

Correct comments based on latest findings
 2026-01-22 09:06:17 -07:00
David Garske
62ca34497c Merge pull request #9633 from douzzer/20260108-DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS 
20260108-DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS
 2026-01-21 17:39:56 -08:00
David Garske
baeffb2f6a Merge pull request #9692 from anhu/aead 
wc_XChaCha20Poly1305_Init: NULL check aead, not ad
 2026-01-21 17:22:32 -08:00
Daniel Pouzzner
142f493964 configure.ac: if ENABLED_32BIT, add -DWC_32BIT_CPU to AM_CFLAGS, and don't add WOLFSSL_X86_64_BUILD to AM_CFLAGS; fix handling for --enable-bump; 
wolfssl/wolfcrypt/settings.h: classify OPENSSL_EXTRA as "desktop type system" in bump up of default FP_MAX_BITS and SP_INT_BITS;

wolfssl/wolfcrypt/types.h: if WC_32BIT_CPU, don't define WC_64BIT_CPU.
 2026-01-21 18:21:16 -06:00
David Garske
e4e79dd8a3 Merge pull request #9694 from SparkiDev/tls_msg_sanity_fix 
TLS: more sanity checks on message order
 2026-01-21 15:11:11 -08:00
Anthony Hu
7d7299e254 Do not allow NULL with non-zero length. 2026-01-21 17:49:30 -05:00
David Garske
11ddec3f69 Merge pull request #9681 from tmael/wfb1_ 
Fix cert SW issues in Aes and rng
 2026-01-21 13:41:01 -08:00
David Garske
e1e7c4d9f0 Merge pull request #9695 from miyazakh/fix_qt_unittest 
Include `asn.h` for SN_xxx definitions from `openssl/obj_mac.h`
 2026-01-21 12:56:53 -08:00
David Garske
47ff34b503 Merge pull request #9696 from SparkiDev/mldsa_max_vals_from_avail 
ML-DSA: max values based on available parameters
 2026-01-21 12:56:07 -08:00
David Garske
758d74f51f Merge pull request #9687 from holtrop-wolfssl/rust-hmac-blake2 
Rust wrapper: add HMAC-BLAKE2[bs] wrappers
 2026-01-21 12:55:48 -08:00
Tesfa Mael
1c3816d7d8 Use seedSz < SEED_BLOCK_SZ 2026-01-21 12:09:53 -08:00
Tesfa Mael
d3d2105035 Fix cert SW issues 2026-01-21 12:09:53 -08:00
Daniel Pouzzner
418a3bff32 Merge pull request #9698 from dgarske/rsa_no_rng2 
More fixes for NO RNG and NO check key
 2026-01-21 14:01:10 -06:00
David Garske
f52930b844 More fixes for NO RNG and NO check key (broken in #9606 and #9576) 2026-01-21 10:31:57 -08:00
David Garske
2a449ebfdf Merge pull request #9673 from holtrop-wolfssl/update-github-workflows-ubuntu 
Update from Ubuntu 22.04 to Ubuntu 24.04 for github workflows
 2026-01-21 09:14:39 -08:00
Daniel Pouzzner
cc7897be0d Merge pull request #9689 from dgarske/rsa_no_rng 
Fixes for RSA with no RNG
 2026-01-21 11:13:03 -06:00
David Garske
98dbc56daa Merge pull request #9691 from douzzer/20260120-linuxkm-RHEL9v6-and-RDSEED-sanity-check 
20260120-linuxkm-RHEL9v6-and-RDSEED-sanity-check
 2026-01-21 09:03:32 -08:00
JacobBarthelmeh
685bacc917 Merge pull request #9614 from dgarske/stsafe-a120 
Add STSAFE-A120 Support
 2026-01-21 09:12:23 -07:00
Josh Holtrop
69fd8dc01f Update from Ubuntu 22.04 to Ubuntu 24.04 for several github workflows 2026-01-20 21:44:56 -05:00
Sean Parkinson
88593f8dcd ML-DSA: max values based on available parameters 
When building wolfSSL implementation, make maximum sizes based on
available parameter sets.

Add wc_MlDsaKey_SignCtx and wc_MlDsaKey_VerifyCtx macros.
 2026-01-21 12:04:28 +10:00
David Garske
38b0fe19a1 Improvements to code for ECDHE and peer review fixes. 2026-01-21 00:03:26 +00:00
David Garske
16fb84d0d1 Peer review fixes. Tested with brainpool. 2026-01-21 00:03:26 +00:00
David Garske
54f0ecb536 Fix for ephemeral key usage limit. 2026-01-21 00:03:26 +00:00
David Garske
384eaa48b3 Peer review fixes (thank you copilot) 2026-01-21 00:03:26 +00:00
David Garske
654901782c Peer review cleanups. ECDHE improvements. 2026-01-21 00:03:26 +00:00
David Garske
02c3086e00 Added ECDHE support 2026-01-21 00:03:26 +00:00
David Garske
09c75f25de Fixes for peer review. 2026-01-21 00:03:26 +00:00
David Garske
c7ca035baf Cleanup WOLFSL_STSAFE and fix issue with multi-test macros 2026-01-21 00:03:26 +00:00
David Garske
a4c2398265 Add STSAFE-A120 Support 2026-01-21 00:03:26 +00:00
Sean Parkinson
8902afdcea TLS: more sanity checks on message order 
Add more checks on message ordering for TLS 1.2 and below.
Reformat code.
 2026-01-21 10:00:38 +10:00
Hideki Miyazaki
22ed7472b4 fix qt unit test 
include asn.h for SN_xxx definitions
 2026-01-21 08:59:28 +09:00
Daniel Pouzzner
7048fa80d4 wolfcrypt/src/random.c and wolfssl/wolfcrypt/settings.h: fixes from CI and peer review: 
* in wc_GenerateSeed_IntelRD(), use stack/register allocation for sanity_word{1,2}, and
* don't set WC_VERBOSE_RNG if WOLFSSL_DEBUG_PRINTF is missing.
 2026-01-20 16:48:21 -06:00
Anthony Hu
4550814e66 wc_XChaCha20Poly1305_Init: NULL check aead, not ad 2026-01-20 16:37:20 -05:00
Daniel Pouzzner
b91272c9a5 wolfcrypt/src/random.c: add sanity check in wc_GenerateSeed_IntelRD() to work around buggy RDSEED by disabling it if it generates three identical 64 bit words consecutively; 
wolfssl/wolfcrypt/settings.h: if DEBUG_WOLFSSL && !WC_NO_VERBOSE_RNG, set WC_VERBOSE_RNG, and add WOLFSSL_NO_DEBUG_CERTS to allow inhibition of WOLFSSL_DEBUG_CERTS.
 2026-01-20 15:24:43 -06:00
Daniel Pouzzner
ba53051457 add linuxkm/patches/5.14.0-570.58.1.el9_6/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v14-570v58v1-el9_6.patch 2026-01-20 15:07:44 -06:00
Josh Holtrop
4a92ee31bb Rust HMAC-BLAKE2: require exact output buffer size 2026-01-20 15:31:58 -05:00
Josh Holtrop
e59ddb95c7 Rust blake2: remove unnecessary cfg guards 2026-01-20 14:56:55 -05:00
David Garske
91d9389b9f Fixes for RSA with no RNG 2026-01-20 11:05:10 -08:00
David Garske
c8867d8c52 Merge pull request #9688 from padelsbach/login-live-com-cert 
Address connection issues in ocsp-stapling test
 2026-01-20 11:04:51 -08:00
David Garske
17401da6ae Merge pull request #9678 from cconlon/otherNameSan 
Fix GENERAL_NAME memory management for otherName and RID SANs
 2026-01-20 10:56:37 -08:00
David Garske
3520b4c9a1 Merge pull request #9636 from julek-wolfssl/zephyr-fixes-202601 
Address Zephyr and C++ compatibility issues
 2026-01-20 10:52:27 -08:00
David Garske
6bdc6a7550 Merge pull request #9618 from SparkiDev/volatile_multi_statement 
Multiple volatile variables in a C statement undefined
 2026-01-20 10:42:49 -08:00
David Garske
26b8795a3f Merge pull request #9682 from JacobBarthelmeh/lic 
add RPCS3 to GPLv2 exception list
 2026-01-20 10:38:32 -08:00
Paul Adelsbach
2325c68d4e Address connection issues in ocsp-stapling test 2026-01-20 09:46:35 -08:00
Josh Holtrop
af0fd013a1 HMAC-BLAKE2b: avoid coverity complaints about accessing x_key out of range 2026-01-20 08:14:02 -05:00
Josh Holtrop
a555d5290a Rust wrapper: add HMAC-BLAKE2[bs] wrappers 2026-01-20 08:10:16 -05:00
Sean Parkinson
c71a4dd66f Merge pull request #9662 from AlexLanzano/tls1.2-empty-cert-fix 
[TLS 1.2, TLS 1.3] Fail immediately if server sends empty certificate message for TLS 1.2 and beyond
 2026-01-20 09:45:29 +10:00
Chris Conlon
0f395a5f9d Fix memory management in wolfssl_dns_entry_othername_to_gn() and 
wolfSSL_X509_get_ext_d2i() for otherName SAN handling, add ASN_RID_TYPE case to wolfSSL_X509_get_ext_d2i()
 2026-01-19 16:39:33 -07:00
Daniel Pouzzner
4ce6c4c262 Merge pull request #9623 from julek-wolfssl/dtls-1.3-ms-interval 
dtls 1.3: allow rtx interval to be less than a second
 2026-01-19 17:01:23 -06:00