wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:42:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,104 Commits 12 Branches 184 Tags
cd3e81a656f2fd07ad2fa6d475a2cdf726e7bfa4
Commit Graph

8998 Commits

Author SHA1 Message Date
Daniel Pouzzner
cd3e81a656 src/ssl_load.c: in ProcessBufferCert(), check ctx for nullness before accessing ctx->verifyNone (fixes -Wnull-dereference reported by multi-test dtls-no-rsa-no-dh after merge of 36e66eb763). 2025-12-17 11:01:10 -06:00
JacobBarthelmeh
75fdf959c1 Merge pull request #9514 from kareem-wolfssl/zd20936 
Fix uninitialized variable, fix potentially undefined printf reference in HASH_DRBG_Generate.
 2025-12-16 14:48:17 -07:00
JacobBarthelmeh
9156b50bbc Merge pull request #9538 from SparkiDev/tls13_dup_ext_alert_code_fix 
TLS 1.3: duplicate extension alert code fix
 2025-12-16 14:43:19 -07:00
Sean Parkinson
5512c2d0b4 Merge pull request #9541 from jackctj117/empty-hash-comment 
Added comment with empty hash use
 2025-12-16 08:34:16 +10:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Kareem
968662063d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-15 14:06:18 -07:00
Sean Parkinson
d3863e5fa3 TLS 1.3: duplicate extension alert code fix 
The specification states to return illegal_parameter when a message is
syntactically correct but semantically invalid. (RFC 8446 section 6,
Paragraph 5)
 2025-12-15 10:00:56 -08:00
jackctj117
585a8d22aa Added comment with empty hash imofrmation 2025-12-15 10:52:24 -07:00
Sean Parkinson
44be44a509 TLS 1.3 missing extension: return correct alert code 
Change TLS 1.3 handling to return missing_extension alert code when
 - KeyShare is present but SupportedGroups is missing and
 - SupportedGroups is present but KeyShare is missing

Added tests for this.
 2025-12-15 09:07:13 +10:00
Lealem Amedie
61e58f0f04 Fix for analyzer null dereference 2025-12-12 12:31:07 -07:00
Kareem
3797c03e6c Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:34 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Daniel Pouzzner
093f15ca4f Merge pull request #9496 from embhorn/zd20913 
Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields
 2025-12-11 12:43:32 -06:00
Daniel Pouzzner
8c839b1ffc Merge pull request #9502 from rlm2002/x509_addressIsIP 
Run check for IP address in wolfSSL_X509_check_host()
 2025-12-11 12:41:54 -06:00
Sean Parkinson
569a5e0388 Merge pull request #9509 from rizlik/comment_fix 
internal.c: fix comment to be more precise
 2025-12-11 10:26:52 +10:00
Kareem
63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Marco Oliverio
33a518958c internal.c: fix comment to be more precise 2025-12-10 14:11:07 +01:00
Ruby Martin
36e66eb763 check if ctx and ssl are null when checking public key in certificate 2025-12-09 17:04:05 -07:00
Ruby Martin
edbca503be Run check for IP address in wolfSSL_X509_check_host() 2025-12-08 11:04:45 -07:00
Eric Blankenhorn
83f6fe1a1a Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields 2025-12-05 15:12:29 -06:00
Sean Parkinson
2b726ebf0b Merge pull request #9386 from sebastian-carpenter/oss-fuzz-fix-442261624 
fixed oss-fuzz warnings
 2025-12-04 15:28:18 +10:00
David Garske
45b7fb9e39 Merge pull request #9489 from julek-wolfssl/zd/20860 
Fix AKID CA lookup
 2025-12-03 08:16:51 -08:00
Juliusz Sosinowicz
995e63f6e1 Fix AKID CA lookup 
The `authorityCertIssuer` field refers to the Issuer field of the CA being looked up and not its Subject field.
 2025-12-03 10:47:40 +01:00
David Garske
6d55b42cf6 Merge pull request #9483 from josepho0918/mqx 
Enhance MQX platform support and integration
 2025-12-02 07:58:49 -08:00
David Garske
8741805e9d Merge pull request #9476 from embhorn/zd20515 
Fix Coverity dead code report
 2025-12-01 13:59:21 -08:00
Joseph Chen
10efcd9787 Enhance MQX platform support and integration 2025-11-27 10:03:04 +08:00
Sean Parkinson
93944d289f Merge pull request #9482 from anhu/move_the_sigalg_check 
Need to move sigalg check down because it does not consider hybrids.
 2025-11-27 09:42:18 +10:00
Sean Parkinson
6c8b9054a0 Merge pull request #9443 from holtrop/report-rsa_pss_pss-sig-algo 
TLSv1.3 certificate verify: report rsa_pss_pss_* signature algorithm when supported
 2025-11-27 09:12:58 +10:00
Anthony Hu
a765bbdb79 Need to move sigalg check down because it does not consider hybrids. 2025-11-26 13:31:21 -05:00
Josh Holtrop
36418aca76 Set useRsaPss flag in both SSL and CTX structures 2025-11-26 10:30:38 -05:00
David Garske
0aaa31c438 Merge pull request #9459 from JacobBarthelmeh/async 
fix small stack define and warnings for g++ build with async
 2025-11-25 14:22:24 -08:00
Eric Blankenhorn
6de31e95fc Fix Coverity dead code report 2025-11-25 13:53:36 -06:00
Sean Parkinson
0afbc1ef08 Merge pull request #9471 from douzzer/20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange 
20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange
 2025-11-25 19:22:22 +10:00
Daniel Pouzzner
e459b21744 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: add volatile attribute to wolfSSL_Atomic_Uint_CompareExchange() first arg, for pedantic accuracy; 
wolfssl/internal.h and src/ssl.c: add volatile attribute to WOLFSSL_CTX.privateKeyPKey pointer, for pedantic accuracy;

wolfcrypt/test/test.c: in memory_test(), use compatible pointers for all operands in the wolfSSL_Atomic_Ptr_CompareExchange() test, to avoid undefined behavior.
 2025-11-24 18:21:09 -06:00
Sean Parkinson
7c8d7dff5e Merge pull request #9348 from effbiae/ExportEccTempKey 
Refactor: Extract ExportEccTempKey, DhSetKey, and other helper functions from SendServerKeyExchange
 2025-11-25 09:31:20 +10:00
Josh Holtrop
d766b82bac Remove conditional and just assign boolean result 2025-11-24 15:55:32 -05:00
JacobBarthelmeh
c5fb83f52d fix warnings for g++ build with async 2025-11-21 14:38:40 -07:00
kaleb-himes
dc6fa0ad4e De-couple ESV from DRBG 2025-11-20 09:38:13 -07:00
Josh Holtrop
80d3037332 Use more uppercase U's 2025-11-20 08:34:54 -05:00
Josh Holtrop
bb8673070a Use uppercase U 2025-11-19 23:52:21 -05:00
Josh Holtrop
268b81c29e TLSv1.3 certificate verify: report rsa_pss_pss_* signature algorithm when supported 2025-11-19 09:47:05 -05:00
David Garske
658ea305d1 Fix issue with poorly written macros 2025-11-18 14:15:22 -08:00
sebastian-carpenter
7fdd177233 fixed oss-fuzz warnings 2025-11-18 13:28:51 -07:00
Daniel Pouzzner
c29abccc9f src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer(). 2025-11-14 18:13:44 -06:00
Daniel Pouzzner
dee0658e8a fix races around WOLFSSL_CTX.{privateKey,privateKeyMask,altPrivateKey,altPrivateKeyMask} in WOLFSSL_BLIND_PRIVATE_KEY code paths: 
* rename wolfssl_priv_der_unblind() to wolfssl_priv_der_blind_toggle(),
* add wolfssl_priv_der_unblind() that allocates a temp copy,
* add wolfssl_priv_der_unblind_free(),
* in wolfssl_priv_der_blind_toggle(), make mask a const arg;

restore const attribute to ctx arg to wolfSSL_CTX_get0_privatekey(), and add explanatory comment.
 2025-11-14 18:13:43 -06:00
JacobBarthelmeh
d18b251f54 Merge pull request #9420 from wolfSSL/TLS13-cipher-suite-fix 
Fix TLS 1.3 cipher suite when TLS 1.2 ciphers precede TLS 1.3 ciphers
 2025-11-14 16:42:05 -05:00
jackctj117
0767cb84bf Removed trailing white space 2025-11-14 09:03:51 -07:00
jackctj117
5e2fd78113 Suppress unused parameter warning 2025-11-13 18:32:00 -07:00
Daniel Pouzzner
c430cc75ea src/ssl.c and wolfssl/ssl.h: fix signature on wolfSSL_CTX_get0_privatekey() -- ctx is not const; 
wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: tweak gates on atomic implementations to maximize availability within currently supported targets;

fix some whitespace.
 2025-11-13 17:11:52 -06:00
Daniel Pouzzner
26ba6344f2 add wolfSSL_Atomic_Ptr_CompareExchange(); mitigate race on ctx->privateKeyPKey in wolfSSL_CTX_get0_privatekey(). 2025-11-13 16:25:49 -06:00