wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 18:42:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,159 Commits 12 Branches 184 Tags
dd35f10b579e1f389bf76fea4d51171dc8fb1b7b
Commit Graph

9004 Commits

Author SHA1 Message Date
Daniel Pouzzner
8a8ef3512e src/internal.c: in FreeSSL_Ctx(), use wolfSSL_RefWithMutexFree(&ctx->ref), matching refactor in #8187. 2025-12-18 11:48:31 -06:00
Sean Parkinson
a103f5af8b Merge pull request #9545 from douzzer/20251211-DRBG-SHA2-smallstackcache-prealloc 
20251211-DRBG-SHA2-smallstackcache-prealloc
 2025-12-18 10:07:37 +10:00
JacobBarthelmeh
911e996a8d Merge pull request #9546 from SparkiDev/curve25519_base_smul_improv 
Curve25519: improved smul
 2025-12-17 15:28:56 -07:00
Daniel Pouzzner
fc7d4ffad4 PR#9545 20251211-DRBG-SHA2-smallstackcache-prealloc addressing peer review: clear dest if necessary in InitHandshakeHashesAndCopy(), style tweaks in random.c, explanatory comments in sha512.c. 2025-12-17 11:07:22 -06:00
Daniel Pouzzner
dc0fe803a5 src/internal.c: in InitHandshakeHashesAndCopy(), don't call InitHandshakeHashes(), to avoid leaking in the later wc_FooCopy() operation. 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
cd3e81a656 src/ssl_load.c: in ProcessBufferCert(), check ctx for nullness before accessing ctx->verifyNone (fixes -Wnull-dereference reported by multi-test dtls-no-rsa-no-dh after merge of 36e66eb763). 2025-12-17 11:01:10 -06:00
Sean Parkinson
f54266c2c6 Curve25519: improved smul 
Use the Ed25519 base smul in Curve25519 base mul and covert to
Montogmery curve for a faster implementation.
Only when Ed25519 is compiled in or WOLFSSL_CURVE25519_USE_ED25519 is
defined.
When compiling Intel x64 assembly and Aarch64 assembly, always define
WOLFSSL_CURVE25519_USE_ED25519.
Can't use with blinding - normal C implementation.

Optimized the Curve25519 smul slightly for Intel x64 and Aarch64.
Improved the conditional table lookup on Intel x64 to use AVX2 when
available.
 2025-12-17 13:25:36 +10:00
JacobBarthelmeh
75fdf959c1 Merge pull request #9514 from kareem-wolfssl/zd20936 
Fix uninitialized variable, fix potentially undefined printf reference in HASH_DRBG_Generate.
 2025-12-16 14:48:17 -07:00
JacobBarthelmeh
9156b50bbc Merge pull request #9538 from SparkiDev/tls13_dup_ext_alert_code_fix 
TLS 1.3: duplicate extension alert code fix
 2025-12-16 14:43:19 -07:00
Sean Parkinson
5512c2d0b4 Merge pull request #9541 from jackctj117/empty-hash-comment 
Added comment with empty hash use
 2025-12-16 08:34:16 +10:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Kareem
968662063d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-15 14:06:18 -07:00
Sean Parkinson
d3863e5fa3 TLS 1.3: duplicate extension alert code fix 
The specification states to return illegal_parameter when a message is
syntactically correct but semantically invalid. (RFC 8446 section 6,
Paragraph 5)
 2025-12-15 10:00:56 -08:00
jackctj117
585a8d22aa Added comment with empty hash imofrmation 2025-12-15 10:52:24 -07:00
Sean Parkinson
44be44a509 TLS 1.3 missing extension: return correct alert code 
Change TLS 1.3 handling to return missing_extension alert code when
 - KeyShare is present but SupportedGroups is missing and
 - SupportedGroups is present but KeyShare is missing

Added tests for this.
 2025-12-15 09:07:13 +10:00
Lealem Amedie
61e58f0f04 Fix for analyzer null dereference 2025-12-12 12:31:07 -07:00
Kareem
3797c03e6c Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:34 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Daniel Pouzzner
093f15ca4f Merge pull request #9496 from embhorn/zd20913 
Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields
 2025-12-11 12:43:32 -06:00
Daniel Pouzzner
8c839b1ffc Merge pull request #9502 from rlm2002/x509_addressIsIP 
Run check for IP address in wolfSSL_X509_check_host()
 2025-12-11 12:41:54 -06:00
Sean Parkinson
569a5e0388 Merge pull request #9509 from rizlik/comment_fix 
internal.c: fix comment to be more precise
 2025-12-11 10:26:52 +10:00
Kareem
63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Marco Oliverio
33a518958c internal.c: fix comment to be more precise 2025-12-10 14:11:07 +01:00
Ruby Martin
36e66eb763 check if ctx and ssl are null when checking public key in certificate 2025-12-09 17:04:05 -07:00
Ruby Martin
edbca503be Run check for IP address in wolfSSL_X509_check_host() 2025-12-08 11:04:45 -07:00
Eric Blankenhorn
83f6fe1a1a Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields 2025-12-05 15:12:29 -06:00
Sean Parkinson
2b726ebf0b Merge pull request #9386 from sebastian-carpenter/oss-fuzz-fix-442261624 
fixed oss-fuzz warnings
 2025-12-04 15:28:18 +10:00
David Garske
45b7fb9e39 Merge pull request #9489 from julek-wolfssl/zd/20860 
Fix AKID CA lookup
 2025-12-03 08:16:51 -08:00
Juliusz Sosinowicz
995e63f6e1 Fix AKID CA lookup 
The `authorityCertIssuer` field refers to the Issuer field of the CA being looked up and not its Subject field.
 2025-12-03 10:47:40 +01:00
David Garske
6d55b42cf6 Merge pull request #9483 from josepho0918/mqx 
Enhance MQX platform support and integration
 2025-12-02 07:58:49 -08:00
David Garske
8741805e9d Merge pull request #9476 from embhorn/zd20515 
Fix Coverity dead code report
 2025-12-01 13:59:21 -08:00
Joseph Chen
10efcd9787 Enhance MQX platform support and integration 2025-11-27 10:03:04 +08:00
Sean Parkinson
93944d289f Merge pull request #9482 from anhu/move_the_sigalg_check 
Need to move sigalg check down because it does not consider hybrids.
 2025-11-27 09:42:18 +10:00
Sean Parkinson
6c8b9054a0 Merge pull request #9443 from holtrop/report-rsa_pss_pss-sig-algo 
TLSv1.3 certificate verify: report rsa_pss_pss_* signature algorithm when supported
 2025-11-27 09:12:58 +10:00
Anthony Hu
a765bbdb79 Need to move sigalg check down because it does not consider hybrids. 2025-11-26 13:31:21 -05:00
Josh Holtrop
36418aca76 Set useRsaPss flag in both SSL and CTX structures 2025-11-26 10:30:38 -05:00
David Garske
0aaa31c438 Merge pull request #9459 from JacobBarthelmeh/async 
fix small stack define and warnings for g++ build with async
 2025-11-25 14:22:24 -08:00
Eric Blankenhorn
6de31e95fc Fix Coverity dead code report 2025-11-25 13:53:36 -06:00
Sean Parkinson
0afbc1ef08 Merge pull request #9471 from douzzer/20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange 
20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange
 2025-11-25 19:22:22 +10:00
Daniel Pouzzner
e459b21744 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: add volatile attribute to wolfSSL_Atomic_Uint_CompareExchange() first arg, for pedantic accuracy; 
wolfssl/internal.h and src/ssl.c: add volatile attribute to WOLFSSL_CTX.privateKeyPKey pointer, for pedantic accuracy;

wolfcrypt/test/test.c: in memory_test(), use compatible pointers for all operands in the wolfSSL_Atomic_Ptr_CompareExchange() test, to avoid undefined behavior.
 2025-11-24 18:21:09 -06:00
Sean Parkinson
7c8d7dff5e Merge pull request #9348 from effbiae/ExportEccTempKey 
Refactor: Extract ExportEccTempKey, DhSetKey, and other helper functions from SendServerKeyExchange
 2025-11-25 09:31:20 +10:00
Josh Holtrop
d766b82bac Remove conditional and just assign boolean result 2025-11-24 15:55:32 -05:00
JacobBarthelmeh
c5fb83f52d fix warnings for g++ build with async 2025-11-21 14:38:40 -07:00
kaleb-himes
dc6fa0ad4e De-couple ESV from DRBG 2025-11-20 09:38:13 -07:00
Josh Holtrop
80d3037332 Use more uppercase U's 2025-11-20 08:34:54 -05:00
Josh Holtrop
bb8673070a Use uppercase U 2025-11-19 23:52:21 -05:00
Josh Holtrop
268b81c29e TLSv1.3 certificate verify: report rsa_pss_pss_* signature algorithm when supported 2025-11-19 09:47:05 -05:00
David Garske
658ea305d1 Fix issue with poorly written macros 2025-11-18 14:15:22 -08:00
sebastian-carpenter
7fdd177233 fixed oss-fuzz warnings 2025-11-18 13:28:51 -07:00
Daniel Pouzzner
c29abccc9f src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer(). 2025-11-14 18:13:44 -06:00