12cfca4060
account for no AES build and add err trace macro
2025-10-03 13:51:15 -06:00
328f505702
add pkcs7 test with multiple recipients
2025-10-03 13:51:15 -06:00
7a5e97e30e
adjustment for recipient index advancement
2025-10-03 13:51:15 -06:00
6987304f42
Fix to advance past multiple recipients
2025-10-03 13:51:15 -06:00
d2be867b51
Remove the NO_WRITE_TEMP_FILES test.c logic added in #9194
2025-10-03 10:40:11 -07:00
f9063c406b
Enables dynamic TLS cert loading with OCSP
...
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.
The server no longer needs to load the CA to staple OCSP responses.
Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
2025-10-03 13:08:11 +02:00
e14cc3a34e
TLS 1.3 Cookie Hash: use stronger hash if no SHA-256
...
Order of preference, based on algorithms compiled in, to use with HMAC
for TLS 1.3 cookie:
1. SHA-256
2. SHA-384
3. SHA-512
4. SM3
Make code compile and unittest pass when SHA-256 not compiled in.
Certificates used for testing require SHA-256 so handshake testing
fails.
2025-10-03 08:28:02 +10:00
5804ba759a
Merge pull request #9194 from dgarske/cryptocb_only_test
...
Fixes for crypto callback only (no filesystem and keygen)
2025-10-02 16:52:31 -05:00
408e6f79f9
tests/api/test_dtls.c: add missing ExpectIntEQ() around wolfSSL_connect() in test_dtls_bogus_finished_epoch_zero();
...
wolfcrypt/test/test.c: fix gate for wc_DhGeneratePublic() test in dh_ffdhe_test() to properly exclude 5.3.0.
2025-10-02 14:38:05 -05:00
c36c39af0a
RSA API: use const pointers and clean up some comments
2025-10-02 15:28:43 -04:00
36ce93d409
Merge pull request #9225 from gojimmypi/pr-espidf-v6-sha-fix
...
Add fix for SHA HW on ESP-IDF v6
2025-10-02 09:50:46 -07:00
2ca9f66579
wolfcrypt/test/test.c: add FIPS gate around wc_DhGeneratePublic() test in dh_ffdhe_test().
2025-10-01 10:23:49 -05:00
477d7fae54
remove WOLFSSL_DH_GEN_PUB, WOLFSSL_NO_DH_GEN_PUB, and WOLFSSL_DH_EXTRA gating re wc_DhGeneratePublic(), consistent with recent FIPS changes.
2025-10-01 09:38:27 -05:00
88075664dc
Merge pull request #9252 from bigbrett/kdf-cryptocb
...
HKDF cryptocb
2025-09-30 20:37:11 -05:00
55a19da4c6
Merge pull request #9178 from SparkiDev/ed448_no_large_code
...
Ed448: No large code option with fast code
2025-09-30 20:36:10 -05:00
234ba7780a
Merge pull request #9148 from SparkiDev/ct_volatile
...
Mark variables as volatile
2025-09-30 20:35:52 -05:00
1932c5a96d
Merge pull request #9196 from kareem-wolfssl/zd20038_3
...
Fix building and running tests and examples with coding/PEM support disabled.
2025-09-30 20:34:46 -05:00
c7cd3b6c6d
Merge pull request #8543 from JacobBarthelmeh/fsl_caam
...
handle unsupported fsl algo
2025-09-30 20:33:34 -05:00
b56cafdd25
Merge pull request #8692 from kareem-wolfssl/zd19563_verify
...
Update wolfSSL_X509_verify_cert to retry all certs until a valid chain is found.
2025-09-30 16:22:41 -05:00
4719fd5e80
Ed448: No large code option with fast code
...
Make from bytes, to bytes and mod top half use for loops when no large
code.
Make generation script generate casting changes.
2025-09-30 09:38:06 +10:00
7ea66aeffe
refactor WOLFSSL_LINUXKM gates as generic WOLFSSL_KERNEL_MODE gates where appropriate:
...
rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).
rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.
rename lkm_printf() to wc_km_printf().
replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H
remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
2025-09-29 16:59:12 -05:00
6698cb7616
Fix for crypto callback only
2025-09-29 12:37:57 -07:00
5121847728
add HAVE_SELFTEST protection
2025-09-29 12:00:41 -06:00
7b67dbaa31
add FIPS protection to test.c usage of wc_HKDF_ex()
2025-09-29 11:36:18 -06:00
26ed835ca1
fix HKDF test macro protection
2025-09-29 10:52:22 -06:00
3c81fffedd
Add HKDF cryptoCb and test
2025-09-29 10:16:01 -06:00
eda6c184bb
Merge pull request #9219 from kareem-wolfssl/zd20538
...
Fix building with --enable-keygen --enable-rsavfy.
2025-09-26 14:08:33 -07:00
ef989a4241
Merge remote-tracking branch 'upstream/master' into zd19563_verify
2025-09-26 11:13:28 -07:00
28aef2f4dd
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20038_3
2025-09-26 10:56:42 -07:00
af9a06e9bf
Merge remote-tracking branch 'upstream/master' into zd19563_verify
2025-09-25 10:39:11 -07:00
3a4472f5da
Merge remote-tracking branch 'upstream/master' into zd20527
2025-09-25 10:37:22 -07:00
a3b29ed99f
Merge remote-tracking branch 'upstream/master' into zd20038_3
2025-09-25 10:32:13 -07:00
50835c14a2
fix warning of const char* passed as char*
2025-09-25 09:27:16 -06:00
40b9fc35f9
handle unsupported fsl algo
2025-09-25 09:14:59 -06:00
561fead861
Merge pull request #9235 from anhu/rpi_WC_RESEED_INTERVAL
...
Fixing up a small documentation omission.
2025-09-25 10:48:37 +10:00
1cfafc2a52
fixes from zd20556
2025-09-24 12:03:39 +02:00
aa87b35964
Mark variables as volatile
...
Ensures compiler optimizers don't stop code from being constant time.
2025-09-24 08:47:20 +10:00
4af6eb4f2b
wolfcrypt/src/chacha20_poly1305.c: in wc_XChaCha20Poly1305_crypt_oneshot(), allow empty message.
2025-09-23 17:06:22 -05:00
93955a2ba7
Fixing up a small documentation omission.
2025-09-23 15:24:50 -04:00
0fcfade6a0
Add missing aes NULL check to SI Labs wc_AesSetKey.
2025-09-23 10:16:47 -07:00
1c7fe06322
Also gate out wc_Sha512Final for SILabs.
2025-09-22 15:45:37 -07:00
d50593834b
Add fix for SHA HW on ESP-IDF v6
2025-09-19 12:04:46 -07:00
f4d9c90827
Fix swapped WOLFSSL_SILABS_SHA384/SHA512 defines in sha512.c.
2025-09-19 11:45:22 -07:00
7afcf20077
Fix non constant compare of TLS 1.3 binder, check for negative dst_len in wc_XChaCha20Poly1305_crypt_oneshot.
2025-09-19 11:39:46 -07:00
23f595586d
Fix building with --enable-keygen --enable-rsavfy.
2025-09-18 16:21:08 -07:00
5d9c608ed6
Merge pull request #9195 from rlm2002/zd20508
...
address undefined shift behavior and overflow
2025-09-18 15:34:32 -06:00
f143dbb858
Merge pull request #9217 from douzzer/20250918-25519-low-mem-gates
...
20250918-25519-low-mem-gates
2025-09-18 14:34:13 -06:00
d15523a6df
fix gating in wolfssl/wolfcrypt/fe_operations.h -- gate out load_3() and load_4() when !(CURVE25519_SMALL || ED25519_SMALL);
...
harmonize low-mem outer gate in wolfcrypt/src/fe_operations.c with outer gate in wolfcrypt/src/fe_low_mem.c.
2025-09-18 12:27:37 -05:00
b7679dbe96
Fix a test when using ACVP_VECTOR_TESTING
...
The `ACVP_VECTOR_TESTING` blocks the clearing of the output when an auth
tag check fails. This causes a test for that scenario to fail, so don't
do that test whcn `ACVP_VECTOR_TESTING` is defined.
2025-09-18 11:37:06 +01:00
152075848c
Change test order: random_test after SHA tests
2025-09-16 10:48:14 -07:00
JacobBarthelmeh
David Garske
Juliusz Sosinowicz
Sean Parkinson
Daniel Pouzzner
Josh Holtrop
Brett Nicholas
Kareem
Stanislav Klima
Anthony Hu
gojimmypi
Andrew Hutchings