4e92920a7f
cast variable to word32 for compare
2025-10-03 13:51:15 -06:00
12cfca4060
account for no AES build and add err trace macro
2025-10-03 13:51:15 -06:00
328f505702
add pkcs7 test with multiple recipients
2025-10-03 13:51:15 -06:00
7a5e97e30e
adjustment for recipient index advancement
2025-10-03 13:51:15 -06:00
6987304f42
Fix to advance past multiple recipients
2025-10-03 13:51:15 -06:00
d2be867b51
Remove the NO_WRITE_TEMP_FILES test.c logic added in #9194
2025-10-03 10:40:11 -07:00
ac23b48283
Merge pull request #9144 from julek-wolfssl/ocsp-callbacks
...
tls ocsp: support lazy cert loading with ocsp stapling
2025-10-03 09:47:55 -07:00
f9063c406b
Enables dynamic TLS cert loading with OCSP
...
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.
The server no longer needs to load the CA to staple OCSP responses.
Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
2025-10-03 13:08:11 +02:00
2adae90a5d
refactor to BuildMsgOrHashOutput
2025-10-03 11:41:57 +10:00
ea4554c941
Merge pull request #9234 from effbiae/TLSX_WriteWithEch
...
restore inner server name in TLSX_WriteWithEch
2025-10-03 09:20:40 +10:00
d8d3a7a22d
Merge pull request #9190 from colmenero/hmacCopy-sm3-issue-9187
...
Add SM3 in wolfSSL_HmacCopy
2025-10-03 09:10:03 +10:00
e14cc3a34e
TLS 1.3 Cookie Hash: use stronger hash if no SHA-256
...
Order of preference, based on algorithms compiled in, to use with HMAC
for TLS 1.3 cookie:
1. SHA-256
2. SHA-384
3. SHA-512
4. SM3
Make code compile and unittest pass when SHA-256 not compiled in.
Certificates used for testing require SHA-256 so handshake testing
fails.
2025-10-03 08:28:02 +10:00
5804ba759a
Merge pull request #9194 from dgarske/cryptocb_only_test
...
Fixes for crypto callback only (no filesystem and keygen)
2025-10-02 16:52:31 -05:00
5501111e77
Merge pull request #9265 from douzzer/20251002-misc-clang-tidy-and-fips-fixes
...
20251002-misc-clang-tidy-and-fips-fixes
2025-10-02 14:38:14 -07:00
408e6f79f9
tests/api/test_dtls.c: add missing ExpectIntEQ() around wolfSSL_connect() in test_dtls_bogus_finished_epoch_zero();
...
wolfcrypt/test/test.c: fix gate for wc_DhGeneratePublic() test in dh_ffdhe_test() to properly exclude 5.3.0.
2025-10-02 14:38:05 -05:00
c36c39af0a
RSA API: use const pointers and clean up some comments
2025-10-02 15:28:43 -04:00
db6a4dfedb
Merge pull request #9238 from effbiae/X509PrintSubjAltName
...
refactor X509PrintSubjAltName
2025-10-02 11:53:22 -07:00
6de0b93a08
Merge pull request #9262 from julek-wolfssl/ascon-h-comment
...
ascon.h: Correct the placement of the AsconAEAD API comment
2025-10-02 11:11:01 -07:00
6430a123fd
Merge pull request #9264 from gojimmypi/pr-espressif-workflow
...
Update Espressif workflow to pin latest to ESP-IDF v5.5
2025-10-02 11:05:15 -07:00
b4b9bee950
Update workflow to pin latest to ESP-IDF v5.5
2025-10-02 10:25:25 -07:00
36ce93d409
Merge pull request #9225 from gojimmypi/pr-espidf-v6-sha-fix
...
Add fix for SHA HW on ESP-IDF v6
2025-10-02 09:50:46 -07:00
31db2b9e08
ascon.h: Correct the placement of the AsconAEAD API comment
2025-10-02 10:22:16 +02:00
c3c7b11cfc
refactor X509PrintSubjAltName
2025-10-02 15:36:36 +10:00
abaf57d049
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20595
2025-10-01 15:53:57 -07:00
d53beb0f9d
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd19563_4
2025-10-01 15:53:35 -07:00
018af47f49
Merge pull request #9260 from douzzer/20251001-wc_DhGeneratePublic-ungate
...
20251001-wc_DhGeneratePublic-ungate
2025-10-01 14:38:39 -06:00
992dfecc11
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd19563_4
2025-10-01 11:15:46 -07:00
2ca9f66579
wolfcrypt/test/test.c: add FIPS gate around wc_DhGeneratePublic() test in dh_ffdhe_test().
2025-10-01 10:23:49 -05:00
477d7fae54
remove WOLFSSL_DH_GEN_PUB, WOLFSSL_NO_DH_GEN_PUB, and WOLFSSL_DH_EXTRA gating re wc_DhGeneratePublic(), consistent with recent FIPS changes.
2025-10-01 09:38:27 -05:00
56524a3169
Merge pull request #9226 from philljj/tiny_curl_config
...
curl: document tiny-curl config a bit more.
2025-09-30 20:45:15 -05:00
b3a5c96c56
Merge pull request #9205 from gasbytes/issue-9188
...
Prevent replaying ClientHello messages when Finished message are epoch 0
2025-09-30 20:44:09 -05:00
88075664dc
Merge pull request #9252 from bigbrett/kdf-cryptocb
...
HKDF cryptocb
2025-09-30 20:37:11 -05:00
d5750ac7ca
Merge pull request #9250 from gasbytes/issue-9247
...
Added check in TLX_Parse to check if KeyShare extension is present SupportedGroups must be present too (and viceversa)
2025-09-30 20:36:50 -05:00
c893191577
Merge pull request #9253 from julek-wolfssl/gh/9245
...
DTLS SRTP should also do a cookie exchange since it uses UDP
2025-09-30 20:36:27 -05:00
55a19da4c6
Merge pull request #9178 from SparkiDev/ed448_no_large_code
...
Ed448: No large code option with fast code
2025-09-30 20:36:10 -05:00
234ba7780a
Merge pull request #9148 from SparkiDev/ct_volatile
...
Mark variables as volatile
2025-09-30 20:35:52 -05:00
b4ee8869c8
Merge pull request #9246 from julek-wolfssl/gh/9240
...
Abort connection if we are about to send the same CH
2025-09-30 20:35:32 -05:00
1932c5a96d
Merge pull request #9196 from kareem-wolfssl/zd20038_3
...
Fix building and running tests and examples with coding/PEM support disabled.
2025-09-30 20:34:46 -05:00
2172a4dea9
Merge pull request #9248 from holtrop/rust-wc-aes
...
Rust wrapper: Add aes module
2025-09-30 20:34:25 -05:00
4a176d175a
Merge pull request #9137 from kareem-wolfssl/gh8354
...
Fix documentation typo for wc_ed25519_export_public.
2025-09-30 20:34:06 -05:00
c7cd3b6c6d
Merge pull request #8543 from JacobBarthelmeh/fsl_caam
...
handle unsupported fsl algo
2025-09-30 20:33:34 -05:00
42d2b81231
Merge pull request #9209 from mattia-moffa/20250910-certauth-clienthello
...
Add support for certificate_authorities extension in ClientHello
2025-09-30 20:33:16 -05:00
f869daafa2
Merge pull request #9037 from night1rider/issue-9009-cmake-options
...
Updating configure/Cmake to track Apple options for resulting wolfssl.pc file that is generated
2025-09-30 20:32:52 -05:00
0efc8118d3
Fix potential memory leak in wolfSSL_X509_verify_cert.
2025-09-30 17:39:33 -07:00
a3a08e81a9
Fix running tests in FIPS mode with hash DRBG disabled.
2025-09-30 16:15:21 -07:00
b56cafdd25
Merge pull request #8692 from kareem-wolfssl/zd19563_verify
...
Update wolfSSL_X509_verify_cert to retry all certs until a valid chain is found.
2025-09-30 16:22:41 -05:00
50f25c5849
Merge pull request #9254 from douzzer/20250929-WOLFSSL_KERNEL_MODE
...
20250929-WOLFSSL_KERNEL_MODE
2025-09-30 09:04:13 -07:00
4719fd5e80
Ed448: No large code option with fast code
...
Make from bytes, to bytes and mod top half use for loops when no large
code.
Make generation script generate casting changes.
2025-09-30 09:38:06 +10:00
7ea66aeffe
refactor WOLFSSL_LINUXKM gates as generic WOLFSSL_KERNEL_MODE gates where appropriate:
...
rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).
rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.
rename lkm_printf() to wc_km_printf().
replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H
remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
2025-09-29 16:59:12 -05:00
6698cb7616
Fix for crypto callback only
2025-09-29 12:37:57 -07:00
JacobBarthelmeh
David Garske
Juliusz Sosinowicz
effbiae
Sean Parkinson
Daniel Pouzzner
Josh Holtrop
gojimmypi
Kareem
Kaleb Himes