Daniel Pouzzner
7bbd28d369
wolfcrypt/src/aes.c: fix clang-diagnostic-unreachable-code in AesSetKey_C().
2025-12-26 18:13:44 -06:00
Daniel Pouzzner
283792c207
linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_startup(), deinstall the callbacks and stdrng first before checking refcnt.
2025-12-26 16:41:43 -06:00
Kareem
7d04a53a6c
Update X509_get_default_cert_* stubs to return empty strings.
...
According to the documentation, these functions must return static strings, so NULL was not valid.
Fixes #6474 .
2025-12-26 15:26:05 -07:00
Kareem
6145f3aba2
Fix incorrect alert being sent when wolfSSL receives unexpected PSK extension.
...
Fixes #9503 .
2025-12-26 15:24:14 -07:00
Kareem
a7b83b06c1
Alert on out of order message with unexpected_message.
...
Fixes #9531 .
2025-12-26 15:23:23 -07:00
Daniel Pouzzner
3b3ddd1fb4
wolfcrypt/src/random.c: in wc_GenerateSeed(), move the gate closures for !FORCE_FAILURE_RDSEED and !ENTROPY_MEMUSE_FORCE_FAILURE to follow the /dev/urandom fallback method.
2025-12-26 14:16:11 -06:00
Kareem
17b6ce7b7b
Add parenthesis around XBADFD.
2025-12-26 12:38:54 -07:00
Kareem
d09b5ee1f1
Add duplicate entry error to distinguish cases where a duplicate CRL is rejected.
2025-12-26 12:02:35 -07:00
Daniel Pouzzner
b487287abf
wolfcrypt/benchmark/benchmark.c: smallstack refactor of bench_mlkem_encap()
2025-12-26 12:45:26 -06:00
Josh Holtrop
bbac280890
Rust wrapper: add wolfssl_wolfcrypt::blake2 module
2025-12-26 13:02:27 -05:00
David Garske
77d9410aa0
Add missing API documentation for Doxygen:
...
This PR adds Doxygen documentation for native wolfSSL API functions that were previously undocumented. It includes documentation notes for APIs gated on specific preprocessor macros:
- WOLF_PRIVATE_KEY_ID: _Id and _Label init helpers (wc_AesInit_Id, wc_AesInit_Label, wc_ecc_init_id, wc_ecc_init_label, wc_InitRsaKey_Id, wc_InitRsaKey_Label) require this for PKCS11 support
- WC_NO_CONSTRUCTORS: New/Delete constructor functions (wc_AesNew/Delete, wc_curve25519_new/delete, wc_ed25519_new/delete, wc_NewRsaKey/DeleteRsaKey) are only available when this is not defined. WC_NO_CONSTRUCTORS is automatically defined when WOLFSSL_NO_MALLOC is defined.
- WOLFSSL_PUBLIC_ASN: ASN functions marked with WOLFSSL_ASN_API include notes indicating they are not public by default
- WOLFSSL_DUAL_ALG_CERTS: wc_GeneratePreTBS and wc_MakeSigWithBitStr for Post-Quantum dual algorithm certificate signing
The New/Delete functions are documented as being exposed to support allocation of structures using dynamic memory to provide better ABI compatibility.
2025-12-26 08:41:56 -08:00
David Garske
73ee89a2fc
Improve no-void-functions rule
2025-12-26 08:06:37 -08:00
David Garske
e70e7cb144
Merge pull request #9583 from kareem-wolfssl/gh8152_2
...
Update CMake logic to allow WOLFSSL_SYS_CA_CERTS without filesystem support on Windows/Mac.
2025-12-26 07:48:43 -08:00
David Garske
1744c11686
Merge pull request #9570 from kareem-wolfssl/variousFixes
...
Add SSL_get_rfd and SSL_get_wfd. Various documentation updates.
2025-12-26 07:47:17 -08:00
David Garske
c3e65153cc
Improve the Devin lifeguard coding standard rules
2025-12-26 07:39:37 -08:00
David Garske
48d6811e04
Merge pull request #9582 from douzzer/20251224-wc_GenerateSeed-unreachable-code
...
20251224-wc_GenerateSeed-unreachable-code
2025-12-26 07:38:07 -08:00
Koji Takeda
51d49658d4
Update Japanese RSA API document
2025-12-26 09:16:33 +09:00
Kareem
0a02f5ef6b
Code review feedback
2025-12-24 17:12:40 -07:00
Kareem
496d124736
Merge remote-tracking branch 'upstream/master' into gh7197
2025-12-24 17:05:04 -07:00
Kareem
f98229554b
Update CMake logic to allow WOLFSSL_SYS_CA_CERTS without filesystem support on Windows/Mac.
2025-12-24 17:02:25 -07:00
Daniel Pouzzner
f4f4c7cfae
src/ssl.c: fix clang-analyzer-deadcode.DeadStores in check_cert_key().
2025-12-24 17:49:33 -06:00
Daniel Pouzzner
a944575e4b
wolfcrypt/src/random.c: fix clang-diagnostic-unreachable-code in wc_GenerateSeed().
2025-12-24 17:48:37 -06:00
Takashi Kojo
ff14797c3a
Merge pull request #9552 from tamasan238/pr9458
...
[JA] Fix issues with the API documentation
2025-12-25 08:28:21 +09:00
Daniel Pouzzner
019a420187
Merge pull request #9568 from kareem-wolfssl/zd20947
...
Add a flag which allows requesting exactly SEED_SZ and using the full seed to instantiate the DRBG during RNG init.
2025-12-24 17:03:26 -06:00
Takashi Kojo
09ce46e2d5
Merge pull request #9581 from tamasan238/pr9578
...
[JA] Correct the API docs for wolfSSL_write_early_data()
2025-12-25 07:34:57 +09:00
Masaki I.
ee8fcf9d36
[JA] Correct the API docs for wolfSSL_write_early_data()
2025-12-24 14:53:10 +09:00
David Garske
2354ea196b
Merge pull request #9513 from rizlik/dtls_header_fix
...
fix DTLS header headroom accounting
2025-12-23 17:20:12 -08:00
David Garske
0fae0a7ba6
Merge pull request #9397 from rizlik/earlydata_want_write_fixes
...
wolfssl: preserve early-data handling across WANT_WRITE retries
2025-12-23 17:19:39 -08:00
David Garske
d885749c09
Merge pull request #9561 from miyazakh/renesas_ssp_upgrade
...
add Renesas SK-S7G2 support
2025-12-23 15:15:45 -08:00
David Garske
57ef8a7caf
Merge pull request #9574 from anhu/dtls_guard
...
Guard a bit of DTLS code.
2025-12-23 15:03:46 -08:00
David Garske
18176392fa
Merge pull request #9576 from douzzer/20251222-linuxkm-PK-initrng-optimize
...
20251222-linuxkm-PK-initrng-optimize
2025-12-23 15:02:53 -08:00
Marco Oliverio
149bf19b4c
split overlong line
2025-12-23 23:41:52 +01:00
Marco Oliverio
2e63845531
use wolfssl_local as local functions prefix
2025-12-23 23:39:07 +01:00
David Garske
96e2e80108
Add new coding standard for local (internal) function names.
2025-12-23 14:32:08 -08:00
Marco Oliverio
bafb8e56d5
use wolfssl_local_ as local functions prefix
2025-12-23 23:32:08 +01:00
Kareem
06d8f69dac
Separate new /dev/urandom opening logic into a new section in wc_GenerateSeed.
2025-12-23 14:52:52 -07:00
Kareem
cb81cc8ce6
Merge remote-tracking branch 'upstream/master' into gh7197
2025-12-23 14:43:57 -07:00
Hideki Miyazaki
ba63d81441
add .gitignore to include.am
2025-12-24 06:36:08 +09:00
Hideki Miyazaki
75fad16f20
addressed code review comments
2025-12-24 05:59:09 +09:00
Anthony Hu
40327b7fe3
Binary consts to hexidecimal. C2X feature.
2025-12-23 14:45:36 -05:00
Daniel Pouzzner
b66f1b78a7
peer/Devin review:
...
* in get_crypto_default_rng() (linuxkm/lkcapi_sha_glue.c), sanity check that crypto_default_rng isn't null;
* in wc_InitRsaKey_ex(), remove frivolous NULL/zero assignments (XMEMSET clears them implicitly);
* in wc_CheckRsaKey(), check ret from wc_InitRng() and short circuit return if failed.
2025-12-23 13:05:40 -06:00
Daniel Pouzzner
da4fc4921e
tests/api/test_ed25519.c: in test_wc_Ed25519PublicKeyToDer(), on old FIPS, tolerate old error code from wc_Ed25519PublicKeyToDer().
2025-12-23 12:25:10 -06:00
Daniel Pouzzner
cd88a8ae88
peer review -- add !WC_NO_RNG gates around WC_RNG changes in wolfcrypt/src/rsa.c and wolfssl/wolfcrypt/rsa.h.
2025-12-23 11:41:59 -06:00
David Garske
d36bfabe18
Merge pull request #9560 from JacobBarthelmeh/clang
...
fix for shadows global declaration warning
2025-12-23 08:54:50 -08:00
David Garske
9de98cee73
Merge pull request #9569 from kareem-wolfssl/gh8152
...
Only enforce !NO_FILESYSTEM for WOLFSSL_SYS_CA_CERTS on non Windows/Mac systems.
2025-12-23 08:53:51 -08:00
Anthony Hu
c03c2dd541
Add tests
2025-12-23 11:48:57 -05:00
David Garske
70165c517b
Merge pull request #9571 from mattia-moffa/20251222-sniffer-uint-underflow-vuln
...
Add missing length check in sniffer for AES-GCM/AES-CCM/ARIA-GCM
2025-12-23 08:37:50 -08:00
David Garske
776b31267c
Merge pull request #9466 from SparkiDev/tls13_pt_alert_when_enc
...
TLS 1.3, plaintext alert: ignore when expecting encrypted
2025-12-23 08:37:00 -08:00
David Garske
86808b8a9b
Merge pull request #9578 from anhu/early_data_doc
...
Correct the API docs for wolfSSL_write_early_data()
2025-12-23 08:14:10 -08:00
David Garske
8f089cdcfe
Merge pull request #9508 from SparkiDev/ppc32_sha256_asm_pic
...
PPC32 SHA-256 ASM: support compiling for PIC
2025-12-23 08:12:50 -08:00