wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 01:32:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,898 Commits 12 Branches 184 Tags
658ea305d140a618b112e426e2f6aa825c7fab09
Commit Graph

26898 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
658ea305d1 Fix issue with poorly written macros 2025-11-18 14:15:22 -08:00
Daniel Pouzzner
46a7719e2d Merge pull request #9441 from gojimmypi/pr-arduino-examples 
Update Arduino workflow with parameterized matrix
 2025-11-17 17:58:13 -06:00
JacobBarthelmeh
8e38e3bb5e Merge pull request #9433 from holtrop/rust-conditional-compilation 
Rust wrapper: enable conditional compilation based on C library build options
 2025-11-17 15:03:17 -07:00
JacobBarthelmeh
35374a16fe Merge pull request #9436 from douzzer/20251114-WOLFSSL_BLIND_PRIVATE_KEY-thread-safety 
20251114-WOLFSSL_BLIND_PRIVATE_KEY-thread-safety
 2025-11-17 15:01:13 -07:00
JacobBarthelmeh
2be7482210 Merge pull request #9439 from SparkiDev/mlkem_derive_secret_fix 
ML-KEM: derive secret fix
 2025-11-17 10:29:56 -07:00
gojimmypi
d2c0901e80 Update Arduino workflow with parameterized matrix 2025-11-17 08:41:28 -08:00
Sean Parkinson
074a3dbcc1 ML-KEM: derive secret fix 
Fixes for deriving secret for ML-KEM.
 2025-11-17 10:01:19 +10:00
Daniel Pouzzner
c29abccc9f src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer(). 2025-11-14 18:13:44 -06:00
Daniel Pouzzner
dee0658e8a fix races around WOLFSSL_CTX.{privateKey,privateKeyMask,altPrivateKey,altPrivateKeyMask} in WOLFSSL_BLIND_PRIVATE_KEY code paths: 
* rename wolfssl_priv_der_unblind() to wolfssl_priv_der_blind_toggle(),
* add wolfssl_priv_der_unblind() that allocates a temp copy,
* add wolfssl_priv_der_unblind_free(),
* in wolfssl_priv_der_blind_toggle(), make mask a const arg;

restore const attribute to ctx arg to wolfSSL_CTX_get0_privatekey(), and add explanatory comment.
 2025-11-14 18:13:43 -06:00
David Garske
5c421a152d Merge pull request #9429 from JacobBarthelmeh/certs 
renew example certificates
 2025-11-14 16:02:55 -08:00
JacobBarthelmeh
a68da8d2d5 update pksc7 decode test for new ca-cert.pem size 2025-11-14 14:53:48 -07:00
JacobBarthelmeh
3f441ef1a5 update tests after certificate renewal 2025-11-14 14:45:37 -07:00
JacobBarthelmeh
6c74098be5 run renewcerts.sh, gencertbuf.pl, and create_ocsp_test_blobs.py 2025-11-14 14:45:37 -07:00
JacobBarthelmeh
d18b251f54 Merge pull request #9420 from wolfSSL/TLS13-cipher-suite-fix 
Fix TLS 1.3 cipher suite when TLS 1.2 ciphers precede TLS 1.3 ciphers
 2025-11-14 16:42:05 -05:00
David Garske
46a2234c61 Merge pull request #9425 from JacobBarthelmeh/pkcs7_stream 
with decode enveloped data track total encrypted content size
 2025-11-14 12:59:09 -08:00
JacobBarthelmeh
30baf0a2e0 Merge pull request #9435 from dgarske/hmac_zerolen 
Improve wc_HmacUpdate to return early if input length == 0
 2025-11-14 15:49:04 -05:00
David Garske
4e1b719236 Improve wc_HmacUpdate to return early if input length == 0. Fixes QAT issue with HKDF test. 2025-11-14 09:40:56 -08:00
jackctj117
0767cb84bf Removed trailing white space 2025-11-14 09:03:51 -07:00
Josh Holtrop
c61ac22e89 Rust wrapper: enable conditional compilation based on C library build options 2025-11-14 10:44:25 -05:00
Josh Holtrop
dd3b9260f9 Rust wrapper: merge wolfssl-sys crate into wolfssl crate 2025-11-14 10:44:06 -05:00
philljj
50c5028c5a Merge pull request #9432 from douzzer/20251114-atomic-default-c 
20251114-atomic-default-c
 2025-11-14 10:34:24 -05:00
Daniel Pouzzner
135bb66352 wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: use stdatomic.h implementation as C default when available, as before, for proper type annotation in objects. 2025-11-14 07:54:14 -06:00
Sean Parkinson
10a60fc41b Merge pull request #9427 from douzzer/20251113-ZD20815 
20251113-ZD20815
 2025-11-14 11:50:16 +10:00
jackctj117
5e2fd78113 Suppress unused parameter warning 2025-11-13 18:32:00 -07:00
Daniel Pouzzner
7916db78e8 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: change precedence of atomic implementations, and don't use the stdatomic.h in C++ builds (not compatible); 
fix the name of the wolfSSL_Atomic_Ptr_CompareExchange() implementation in the _MSC_VER code path.
 2025-11-13 17:28:19 -06:00
Daniel Pouzzner
c430cc75ea src/ssl.c and wolfssl/ssl.h: fix signature on wolfSSL_CTX_get0_privatekey() -- ctx is not const; 
wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: tweak gates on atomic implementations to maximize availability within currently supported targets;

fix some whitespace.
 2025-11-13 17:11:52 -06:00
Daniel Pouzzner
26ba6344f2 add wolfSSL_Atomic_Ptr_CompareExchange(); mitigate race on ctx->privateKeyPKey in wolfSSL_CTX_get0_privatekey(). 2025-11-13 16:25:49 -06:00
JacobBarthelmeh
c63ca04228 convert to type int for return value 2025-11-13 12:17:04 -07:00
JacobBarthelmeh
d06221c16e with decode enveloped data track total encrypted content size 2025-11-13 12:08:46 -07:00
jackctj117
29c2f15a8f Add #ifdef guards to cipher suite checks 2025-11-13 10:06:07 -07:00
David Garske
6ff57b8045 Merge pull request #9419 from rlm2002/coverity 
Uninitialized variable fix
 2025-11-13 08:58:00 -08:00
David Garske
4f3586fe58 Merge pull request #9421 from SparkiDev/mlkem_to_bytes_fix 
ML-KEM to bytes C: not reducing all values
 2025-11-13 08:57:31 -08:00
David Garske
082943649b Merge pull request #9422 from SparkiDev/ecc_sign_hash_inlen_check 
ECC sign hash: only allow up to max digest size
 2025-11-13 08:55:53 -08:00
Sean Parkinson
6c30186168 ECC sign hash: only allow up to max digest size 
Validate that the hash passed in is of an appropriate length - not
greater than the maximum digest size.
 2025-11-13 11:53:51 +10:00
Sean Parkinson
b272f784ec ML-KEM to bytes C: not reducing all values 
Call to mlkem_csubq_c was only called on first array.
Fixed to do it for all.
 2025-11-13 10:42:07 +10:00
David Garske
5a8411a1ad Merge pull request #9418 from SparkiDev/tls13_ks_dup_check_fix 
TLS 1.3 duplicate KeyShare entry fix
 2025-11-12 16:09:11 -08:00
David Garske
f53191bae2 Merge pull request #9416 from julek-wolfssl/priv-key-blinding 
Fix errors when blinding private keys
 2025-11-12 16:09:03 -08:00
jackctj117
c56ea55f89 Fix TLS 1.3 cipher suite selection when TLS 1.2 ciphers precede TLS 1.3 ciphers 2025-11-12 17:03:06 -07:00
Ruby Martin
b2336c57ce initialize ctype variable 2025-11-12 16:48:52 -07:00
Sean Parkinson
1ec18949bc TLS 1.3 duplicate KeyShare entry fix 
Fix comparison to be greater than or equal in case count is incremented
after maxing out.
 2025-11-13 08:23:19 +10:00
David Garske
e78752f3b2 Merge pull request #9407 from holtrop/rust-heap-devid-cleanup 
Rust wrapper: support optional heap and dev_id parameters
 2025-11-12 13:50:45 -08:00
David Garske
7cfffd5bbc Merge pull request #9308 from kareem-wolfssl/zd20603 
Add IPv6 support to wolfSSL_BIO_new_accept and wolfIO_TcpBind.
 2025-11-12 11:09:17 -08:00
Josh Holtrop
40c471e20d Rust wrapper: fix cmac documentation 2025-11-12 13:41:08 -05:00
David Garske
92fffa166b Merge pull request #9413 from JacobBarthelmeh/lic 
update to GPLv3 exception list, add Fetchmail and OpenVPN
 2025-11-12 10:12:29 -08:00
David Garske
3fe534e3a2 Merge pull request #9403 from gojimmypi/pr-lms-unary-fix 
Fix LMS C4146 unary minus warning in MSVC, new param check
 2025-11-12 08:40:33 -08:00
Juliusz Sosinowicz
32911dc6b8 Add blinding to CI 2025-11-12 17:12:35 +01:00
Juliusz Sosinowicz
4b7c052ee9 test_wolfSSL_inject: don't call accept on completed handshake 2025-11-12 17:12:22 +01:00
Juliusz Sosinowicz
d1c321abdc Don't override errors when blinding the priv key 2025-11-12 17:12:22 +01:00
Josh Holtrop
df99227dc8 Rust wrapper: use _ex APIs for heap and dev_id variants 2025-11-12 09:50:20 -05:00
gojimmypi
ca920edbd0 Fix LMS C4146 unary minus warning in MSVC, new param check 2025-11-11 19:26:52 -08:00