wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:02:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,908 Commits 12 Branches 184 Tags
cd7256ae63b895335f6a2da2a01cb671dafec371
Commit Graph

8693 Commits

Author SHA1 Message Date
Sean Parkinson
cd7256ae63 Merge pull request #8979 from anhu/abort_on_bad_legacy 
Abort TLS connection if legacy version field  is TLS 1.3 or higher
 2025-07-22 17:12:39 +10:00
Sean Parkinson
1f72866489 Merge pull request #8993 from miyazakh/tsip_tlsproperties_uc 
Make properties related to TLS handshake hidden for TSIP TLS user-context structure
 2025-07-22 17:05:44 +10:00
Sean Parkinson
7417958649 Merge pull request #9015 from philljj/fix_dual_alg_build 
dual alg certs: fix dual alg certs build, and asn cleanup.
 2025-07-22 16:26:41 +10:00
Albert Ribes
b2463f167c Avoid bogus warning on uninitialized variables on old versions of GCC 
gcc-4.3.3 erroneously complains that some variables may be used
uninitialized. Silence it assigning NULL on declaration, as is already
done with many other variables.
 2025-07-21 10:57:50 +02:00
jordan
8e46687223 dual alg certs: add missing WC_ENABLE_ASYM_KEY_IMPORT guard. 2025-07-18 09:30:17 -05:00
jordan
e571988059 dual alg certs: fix dual alg certs build, and asn cleanup. 2025-07-17 15:15:11 -05:00
JacobBarthelmeh
2c90d1585a Merge pull request #8897 from anhu/compat_additions 
Compatibility layer additions for X.509 extensions and RSA PSS
 2025-07-15 10:52:33 -06:00
Anthony Hu
c341a9fc05 FIPS > 2 2025-07-15 07:59:20 -04:00
Daniel Pouzzner
2c341a5806 Merge pull request #8990 from JacobBarthelmeh/license 
updating license from GPLv2 to GPLv3

(linuxkm tweak to `MODULE_LICENSE("GPL")` to follow.)
 2025-07-14 16:14:39 -05:00
Hideki Miyazaki
eb8a3afe38 Addressed code review comments 2025-07-12 09:49:09 +09:00
Anthony Hu
1a0a3283a0 Add a test. 2025-07-11 14:32:47 -04:00
David Garske
a36f9085c1 Fix for compat wolfSSL_RSA_sign and wolfSSL_RSA_verify to support RSA PSS with custom salt and mgf1 hash type. Adds compat API's for i2d_PrivateKey_bio , BN_ucmp and X509v3_get_ext_by_NID. ZD 20059 2025-07-11 08:51:51 -07:00
Hideki Miyazaki
0a0b9a3c24 Make properties related to TLS handshake hidden for TSIP TLS user context structure 2025-07-11 14:25:06 +09:00
JacobBarthelmeh
629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Kareem
c9d451e857 Fix wolfSSL_BIO_new_connect's handling of IPV6 addresses. 2025-07-10 10:33:46 -07:00
Anthony Hu
4bd2835cf1 Change suggested by SparkiDev 2025-07-10 10:40:12 -04:00
David Garske
2b07b9143b Fix issue with X509 reference counter with --enable-opensslextra=x509small or OPENSSL_EXTRA_X509_SMALL. Thank you Mohre. 2025-07-09 16:51:48 -07:00
David Garske
b0a5d2fdf0 Merge pull request #8969 from SparkiDev/alpn_gcc_Os_fix 
ALPN: don't use BIO
 2025-07-09 16:30:12 -07:00
David Garske
3f83ed2815 Merge pull request #8960 from ribes96/certwrite-custext 
When creating a Cert from a WOLFSSL_X509, account for custom extensions
 2025-07-09 16:13:07 -07:00
David Garske
3c00e26274 Merge pull request #8974 from rlm2002/coverity_fix 
Coverity: Check values
 2025-07-09 16:12:42 -07:00
Anthony Hu
57e2ae5a21 Abort TLS connection if legacy version field indicates TLS 1.3 or higher. 2025-07-09 12:45:04 -04:00
gojimmypi
ebeb95e47b Initialize Dilithium keyTypeTemp and keySizeTemp 2025-07-09 09:13:14 -07:00
David Garske
0407ea131b Merge pull request #8970 from miyazakh/qt_jenkins_encryptedKey4PBKDF1 
Fix Qt nightly Jenkins failure
 2025-07-09 08:04:48 -07:00
Ruby Martin
f62d0fa256 check sigAlgs.size against WOLFSSL_MAX_SIGALGO 2025-07-09 08:57:44 -06:00
Ruby Martin
61e4142fe0 add null check for ssl before use in wc_DhGenerateKeyPair 2025-07-07 09:17:29 -06:00
Hideki Miyazaki
ee8be22a3f Fix Qt nightly jenkins failure 
PBKDF1 encrpted key
 2025-07-07 15:10:41 +09:00
Sean Parkinson
70e53d1a34 ALPN: don't use BIO 
Fix wolfSSL_set_alpn_protos to not use BIO.
When compiling with -Os and newer gcc, the compiler gets confused with
the void* cast in the wolfSSL_BIO_get_mem_data call.
 2025-07-07 12:59:42 +10:00
Albert Ribes
5615993f48 Add missing option checks 2025-07-03 19:01:50 +02:00
Albert Ribes
2ddd98927f When creating a Cert from a WOLFSSL_X509, account for custom extensions 
Function 'CertFromX509' is used to convert a WOLFSSL_X509 to a Cert
structure for writing out. It didn't copy custom extensions.
 2025-07-03 17:28:57 +02:00
JacobBarthelmeh
ff80d62db2 Merge pull request #8942 from rlm2002/coverity 
Coverity: address unresolved issue from previous change
 2025-07-01 16:09:32 -06:00
Ruby Martin
c06fa48e75 return NULL on negative length 2025-07-01 14:25:35 -06:00
Sean Parkinson
7c4de54e73 EVP HMAC: get working with WOLFSSL_HMAC_COPY_HASH 
Get the EVP layer working with the wolfSSL HMAC implementation when
WOLFSSL_HMAC_COPY_HASH is defined.
This define hashes the ipad and opad into temporary hashes and copies
the required hash into the working hash when needed. Uses more memory
but is faster when starting a new hash with the same key.
 2025-07-01 13:14:26 +10:00
JacobBarthelmeh
7fb750962b Merge pull request #8935 from philljj/fix_coverity 
coverity: prune dead code in ssl_sess.c.
 2025-06-30 13:32:34 -06:00
Daniel Pouzzner
1127dabe98 Merge pull request #8926 from dgarske/various_20250625 
Improvement to allow building OPENSSL_EXTRA without KEEP_PEER_CERT
 2025-06-27 22:29:24 -05:00
jordan
68cf96e7f6 coverity: do not free x509 on error in wolfSSL_add0_chain_cert. 2025-06-27 17:25:28 -05:00
jordan
d998d01a0c coverity: prune dead code in ssl_sess.c. 2025-06-27 15:40:01 -05:00
David Garske
1db3dbcc28 Improvement to allow building OPENSSL_EXTRA without KEEP_PEER_CERT. Workaround to avoid large WOLFSSL structure size with compatibility layer enabled (the struct WOLFSSL_X509 is over 5KB). Note: May investigate way to place into heap instead. Fix issues building compatibility layer without MD5. 2025-06-27 12:42:52 -07:00
Ruby Martin
9b6b41627e move CFErrorRef instantiation 
cleanup
 2025-06-26 09:06:01 -06:00
Ruby Martin
79b6e62668 modify check domain test 
void code for unused variable warning

do not run check_domain_name test if ssl_verify_none has been set
 2025-06-26 08:39:32 -06:00
Ruby Martin
7c44f14e77 add apple test to github actions 2025-06-26 08:38:30 -06:00
Ruby Martin
d3b30f8d51 Check underlying error, want only maximum validity period error 
add apple test macros to tests requiring cert manager
 2025-06-26 08:38:28 -06:00
Brett
877bade216 additional debugging 2025-06-26 08:38:28 -06:00
Brett
7232b3a6bb Apple native cert validation: add WOLFSSL_TEST_APPLE_CERT_VALIDATION feature macro that forces system CA certs on and makes all CA certs added to CM via xxx_load_verify_xxx APIs to instead be loaded as system trust anchors when used for TLS cert verification 2025-06-26 08:38:26 -06:00
Daniel Pouzzner
23a37b2ebc Merge pull request #8916 from dgarske/revert_pr8911 
Revert PR #8911
 2025-06-25 21:52:34 -05:00
Daniel Pouzzner
d6d124bb85 Merge pull request #8774 from SparkiDev/armv8_ghs 
Armv8 (Aarch64) ASM fixes for Green Hills compiler
 2025-06-25 21:46:48 -05:00
Daniel Pouzzner
38892fdd07 Merge pull request #8757 from anhu/recalc_suites 
Recalculate suites at ssl initialization.
 2025-06-25 21:32:38 -05:00
JacobBarthelmeh
fe7d458d29 random.c is also locked in FIPS v6 2025-06-24 16:08:25 -06:00
David Garske
bfebeae533 Revert PR #8911. For TLS v1.2 RSA only is only supported with WOLFSSL_STATIC_RSA. For TLS v1.3 RSA only is not supported (must be PFS). 2025-06-24 09:40:15 -07:00
Anthony Hu
43df11c9c1 Add gate on having DH 2025-06-24 10:37:26 -04:00
Anthony Hu
8c1298a1d8 Check if DH's P and G are set 2025-06-24 09:59:12 -04:00