wolfssl

mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:22:24 +01:00

Author	SHA1	Message	Date
David Garske	2bcad989da	Merge pull request #8309 from douzzer/20241221-fix-CEscape-bounds-check 20241221-fix-CEscape-bounds-check	2024-12-21 14:51:46 -08:00
Daniel Pouzzner	50a0773c09	Merge pull request #8285 from LinuxJedi/gaisler Add initial support for Gaisler-BCC with Sparc	2024-12-21 11:03:39 -06:00
Daniel Pouzzner	33a47c1c04	Merge pull request #8265 from JacobBarthelmeh/armasm armasm with opensslcoexist build	2024-12-21 10:06:27 -06:00
Daniel Pouzzner	b07f2cb461	wolfcrypt/src/coding.c: fix incorrect array bounds check in CEscape(), introduced in `8bbe8a7c8a` (before which there was no bounds check at all).	2024-12-21 09:47:07 -06:00
Andrew Hutchings	231cea34ef	Add initial support for Gaisler-BCC with Sparc Slight modifications and documentation to get wolfSSL working with Gaisler Sparc CPUs and their cross-compilers.	2024-12-21 09:19:58 +00:00
Daniel Pouzzner	ad20593569	Merge pull request #8279 from LinuxJedi/sk_push_comments Fix code comments for some x509.c functions	2024-12-21 00:09:18 -06:00
Daniel Pouzzner	67800c3a22	Merge pull request #8292 from JacobBarthelmeh/xsocktlen set dk-s7g2 socklent	2024-12-21 00:01:33 -06:00
Daniel Pouzzner	5ef4732745	Merge pull request #8299 from JacobBarthelmeh/cert_regen end of year test certificate renewal	2024-12-20 17:41:33 -06:00
Daniel Pouzzner	afc7e0eb8c	Merge pull request #8308 from cconlon/sessTickLenCheck Remove dead code in TLSX_PopulateExtensions() around MAX_PSK_ID_LEN check	2024-12-20 16:41:09 -06:00
JacobBarthelmeh	b273bff4e9	regenerate certs_test.h with raw dilithium keys	2024-12-20 11:50:11 -07:00
JacobBarthelmeh	67f3343a5d	Merge pull request #8306 from SparkiDev/kyber_no_avx2_fix ML-KEM/Kyber: fix kyber_prf() for when no AVX2	2024-12-20 11:40:46 -07:00
JacobBarthelmeh	7cebe95138	Merge pull request #8304 from SparkiDev/regression_fixes_15 Regression testing: fixes	2024-12-20 11:29:15 -07:00
JacobBarthelmeh	3dd9f4631d	Merge pull request #8305 from kareem-wolfssl/zd19044 Fix a couple of missing bounds checks found via code analyzer.	2024-12-20 11:20:19 -07:00
JacobBarthelmeh	19e68ea71a	add a faketime test and update cert buffers	2024-12-20 10:35:58 -07:00
Chris Conlon	f68f99b000	Remove dead code in TLSX_PopulateExtensions() around MAX_PSK_ID_LEN check	2024-12-20 09:48:01 -07:00
Sean Parkinson	e507c466d5	ML-KEM/Kyber: fix kyber_prf() for when no AVX2 When no AVX2 available, kyber_prf() is called to produce more than one SHAKE-256 blocks worth of ouput. Otherwise only one block is needed. Changed function to support an outlen of greater than one block.	2024-12-20 11:03:58 +10:00
Kareem	8bbe8a7c8a	Fix a couple of missing bounds checks found via code analyzer.	2024-12-19 17:01:25 -07:00
Sean Parkinson	b7c1e1cf35	Regression testing: fixes src/x509.c: wolfssl_x509_name_entry_set() ne->object is freed if call to wolfSSL_OBJ_nid2obj_ex() fails. Always assign directly back to ne->object. wolfcrypt/test/test.c: aes_ctr_test() doesn't need AES decrypt ./configure '--disable-shared' '--enable-cryptonly' 'CFLAGS=-DNO_AES_DECRYPT' '--disable-aescbc' '--disable-aesofb' '--disable-aescfb' '--disable-aesgcm' '--disable-aesccm' '--enable-aesctr' '--disable-aesxts' '--disable-aeseax' tests/api.c: test_X509_STORE_InvalidCa() only defined when !NO_RSA ./configure '--disable-shared' '--enable-opensslall' '--disable-rsa' tests/api.c: test_wolfSSL_GENERAL_NAME_print() free ridObj if not assigned into gn.	2024-12-20 09:25:03 +10:00
Sean Parkinson	00f83facb2	Merge pull request #8302 from cconlon/sessTickLenCheck Loosen MAX_PSK_ID_LEN check in TLSX_PopulateExtensions() to only server side	2024-12-20 08:44:10 +10:00
JacobBarthelmeh	8ca790218c	certs_test.h is using raw dilithium keys	2024-12-19 15:23:37 -07:00
JacobBarthelmeh	8fa238e554	Merge pull request #8301 from douzzer/20241219-gating-fixes 20241219-gating-fixes	2024-12-19 14:38:55 -07:00
JacobBarthelmeh	5b6ffe0795	add *.revoked to codespell skip	2024-12-19 14:35:43 -07:00
JacobBarthelmeh	abc87f9c6f	add regression test for gencertbuf.pl	2024-12-19 14:32:46 -07:00
Chris Conlon	1101841b95	Loosen MAX_PSK_ID_LEN check in TLSX_PopulateExtensions() to only server side	2024-12-19 14:26:22 -07:00
JacobBarthelmeh	e66905aaf6	fix for gencertbuf script and add dilithium public key	2024-12-19 14:25:12 -07:00
Daniel Pouzzner	994f218fcb	src/ssl.c and wolfssl/internal.h: gate in wolfSSL_get_ciphers_compat() in OPENSSL_EXTRA builds, so that --with-sys-crypto-policy works with OPENSSL_EXTRA but without OPENSSL_ALL. configure.ac: more fixes for FIPS v6 armasm settings, re ENABLED_ARMASM_CRYPTO.	2024-12-19 14:29:39 -06:00
Daniel Pouzzner	836ee1cbd5	Merge pull request #8298 from lealem47/zd18920 Printing the rfc822Mailbox x509 attribute	2024-12-18 22:19:32 -06:00
Daniel Pouzzner	ed76d8ea10	Merge pull request #8297 from miyazakh/ra_jankins Fix RA6M4 jankins failure	2024-12-18 22:18:43 -06:00
Daniel Pouzzner	be2e779280	Merge pull request #8205 from philljj/fedora_crypto_policy fedora crypto-policies: initial support.	2024-12-18 20:54:36 -06:00
JacobBarthelmeh	a5f9ec67c9	Merge pull request #8251 from gojimmypi/pr-post-release-bdd62314-espressif Espressif Managed Component wolfSSL 5.7.4 post-release update	2024-12-18 16:45:33 -07:00
JacobBarthelmeh	df3897d39f	adjust tests after cert renewal	2024-12-18 16:19:51 -07:00
JacobBarthelmeh	e998dda1db	update test certs to have v3	2024-12-18 16:12:08 -07:00
JacobBarthelmeh	4ed14af331	if no extensions are present a v1 certificate was generated, add a SKID extension to avoid that	2024-12-18 16:11:18 -07:00
jordan	b5c47d27e0	fedora crypto-policies: initial support.	2024-12-18 16:56:36 -06:00
JacobBarthelmeh	bf6ef15be4	update test certificates in header file	2024-12-18 14:27:26 -07:00
JacobBarthelmeh	28184dd8cc	update certificates in certs directory	2024-12-18 14:26:15 -07:00
David Garske	afff48f0d6	Merge pull request #8253 from douzzer/20241204-more-C89-expansion 20241204-more-C89-expansion	2024-12-18 10:44:18 -08:00
Daniel Pouzzner	122502e2b1	wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion.	2024-12-18 11:51:06 -06:00
Sean Parkinson	ba050d6a3f	Merge pull request #8296 from douzzer/20241217-FIPS-v6-ENABLED_ARMASM_CRYPTO-fixes 20241217-FIPS-v6-ENABLED_ARMASM_CRYPTO-fixes	2024-12-18 15:27:08 +10:00
Lealem Amedie	651dab3dbf	Printing the rfc822Mailbox x509 attribute	2024-12-17 15:39:23 -07:00
Hideki Miyazaki	39c11c269f	Fix RA6M jankins failure	2024-12-18 07:37:21 +09:00
Daniel Pouzzner	60afdb557d	Merge pull request #8273 from dgarske/no_tls Enable support for no TLS while allowing certificate manager	2024-12-17 16:24:57 -06:00
David Garske	356889a528	Add `--disable-tls` option that can be used with `--enable-all` to disable TLS features and set `NO_TLS`. Useful for allowing certificate manager and crypto compatibility API's only.	2024-12-17 13:40:03 -08:00
Daniel Pouzzner	f23a2f2f48	wolfcrypt/src/aes.c: add missing WOLFSSL_ARMASM gate clause around wolfCrypt_FIPS_aes_ro_sanity, necessitated by 514a92d6ee/#8293.	2024-12-17 14:17:52 -06:00
Daniel Pouzzner	7b57ef4912	configure.ac: fix faulty logic in FIPS v6 feature calculation re ENABLED_ARMASM_CRYPTO, originally added in `6e0a90190f`.	2024-12-17 12:21:47 -06:00
David Garske	6151160e58	Further fixes with NO_TLS to support use with compatibility layer.	2024-12-17 09:24:38 -08:00
Kaleb Himes	fcbea85ded	Merge pull request #8291 from douzzer/20241213-fips-check-refactor-assoc-arrays 20241213-fips-check-refactor-assoc-arrays	2024-12-17 10:23:51 -07:00
David Garske	a2b5da8651	Fix nested `NO_TLS`.	2024-12-17 08:33:33 -08:00
David Garske	16b2884cf1	Fix issues in `test_tls13_apis` with no filesystem or no RSA/ECC.	2024-12-17 08:33:33 -08:00
David Garske	14e3372826	Enable support for using certificate manager only. Fixes for building without TLS enabled (NO_TLS). ZD 19054. Tested using `./configure --disable-tlsv12 --disable-tls13 CFLAGS="-DNO_TLS" && make check`	2024-12-17 08:33:32 -08:00

1 2 3 4 5 ...

24188 Commits