wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 08:32:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,445 Commits 12 Branches 184 Tags
fc348da28f08ca4e2c9233c82fff68ecd78db5b2
Commit Graph

10006 Commits

Author SHA1 Message Date
Marco Oliverio
fc348da28f fix: escape error code operands 2025-10-06 14:47:13 +02:00
Marco Oliverio
9cbc3f97e5 cryptocb: sha512_family: try specific digest length hashtype first 
If the cryptocb provider supports specific SHA512/224 and SHA512/256
hashtype, this commit allows to:

1. avoid a copy
2. do not touch the output buffer outside of the cryptocb handler

2 might be important for cryptocb provider that needs special handling
of memory buffer (DMA, memory mapping).
 2025-10-06 11:42:23 +02:00
David Garske
d2be867b51 Remove the NO_WRITE_TEMP_FILES test.c logic added in #9194 2025-10-03 10:40:11 -07:00
Juliusz Sosinowicz
f9063c406b Enables dynamic TLS cert loading with OCSP 
Exposes dynamic TLS certificate loading and OCSP stapling to allow applications to load certs lazily.

The server no longer needs to load the CA to staple OCSP responses.

Adds a certificate setup callback (WOLFSSL_CERT_SETUP_CB)
Adds an OCSP status callback to load OCSP responses directly
Adds `wc_NewOCSP`, `wc_FreeOCSP`, and `wc_CheckCertOcspResponse`
Don't call verify twice on the same error
Send correct alert on status response error
 2025-10-03 13:08:11 +02:00
Daniel Pouzzner
5804ba759a Merge pull request #9194 from dgarske/cryptocb_only_test 
Fixes for crypto callback only (no filesystem and keygen)
 2025-10-02 16:52:31 -05:00
Daniel Pouzzner
408e6f79f9 tests/api/test_dtls.c: add missing ExpectIntEQ() around wolfSSL_connect() in test_dtls_bogus_finished_epoch_zero(); 
wolfcrypt/test/test.c: fix gate for wc_DhGeneratePublic() test in dh_ffdhe_test() to properly exclude 5.3.0.
 2025-10-02 14:38:05 -05:00
David Garske
36ce93d409 Merge pull request #9225 from gojimmypi/pr-espidf-v6-sha-fix 
Add fix for SHA HW on ESP-IDF v6
 2025-10-02 09:50:46 -07:00
Daniel Pouzzner
2ca9f66579 wolfcrypt/test/test.c: add FIPS gate around wc_DhGeneratePublic() test in dh_ffdhe_test(). 2025-10-01 10:23:49 -05:00
Daniel Pouzzner
477d7fae54 remove WOLFSSL_DH_GEN_PUB, WOLFSSL_NO_DH_GEN_PUB, and WOLFSSL_DH_EXTRA gating re wc_DhGeneratePublic(), consistent with recent FIPS changes. 2025-10-01 09:38:27 -05:00
Daniel Pouzzner
88075664dc Merge pull request #9252 from bigbrett/kdf-cryptocb 
HKDF cryptocb
 2025-09-30 20:37:11 -05:00
Daniel Pouzzner
55a19da4c6 Merge pull request #9178 from SparkiDev/ed448_no_large_code 
Ed448: No large code option with fast code
 2025-09-30 20:36:10 -05:00
Daniel Pouzzner
234ba7780a Merge pull request #9148 from SparkiDev/ct_volatile 
Mark variables as volatile
 2025-09-30 20:35:52 -05:00
Daniel Pouzzner
1932c5a96d Merge pull request #9196 from kareem-wolfssl/zd20038_3 
Fix building and running tests and examples with coding/PEM support disabled.
 2025-09-30 20:34:46 -05:00
Daniel Pouzzner
c7cd3b6c6d Merge pull request #8543 from JacobBarthelmeh/fsl_caam 
handle unsupported fsl algo
 2025-09-30 20:33:34 -05:00
Daniel Pouzzner
b56cafdd25 Merge pull request #8692 from kareem-wolfssl/zd19563_verify 
Update wolfSSL_X509_verify_cert to retry all certs until a valid chain is found.
 2025-09-30 16:22:41 -05:00
Sean Parkinson
4719fd5e80 Ed448: No large code option with fast code 
Make from bytes, to bytes and mod top half use for loops when no large
code.
Make generation script generate casting changes.
 2025-09-30 09:38:06 +10:00
Daniel Pouzzner
7ea66aeffe refactor WOLFSSL_LINUXKM gates as generic WOLFSSL_KERNEL_MODE gates where appropriate: 
rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).

rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.

rename lkm_printf() to wc_km_printf().

replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H

remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
 2025-09-29 16:59:12 -05:00
David Garske
6698cb7616 Fix for crypto callback only 2025-09-29 12:37:57 -07:00
Brett Nicholas
5121847728 add HAVE_SELFTEST protection 2025-09-29 12:00:41 -06:00
Brett Nicholas
7b67dbaa31 add FIPS protection to test.c usage of wc_HKDF_ex() 2025-09-29 11:36:18 -06:00
Brett Nicholas
26ed835ca1 fix HKDF test macro protection 2025-09-29 10:52:22 -06:00
Brett Nicholas
3c81fffedd Add HKDF cryptoCb and test 2025-09-29 10:16:01 -06:00
David Garske
eda6c184bb Merge pull request #9219 from kareem-wolfssl/zd20538 
Fix building with --enable-keygen --enable-rsavfy.
 2025-09-26 14:08:33 -07:00
Kareem
ef989a4241 Merge remote-tracking branch 'upstream/master' into zd19563_verify 2025-09-26 11:13:28 -07:00
Kareem
28aef2f4dd Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20038_3 2025-09-26 10:56:42 -07:00
Kareem
af9a06e9bf Merge remote-tracking branch 'upstream/master' into zd19563_verify 2025-09-25 10:39:11 -07:00
Kareem
a3b29ed99f Merge remote-tracking branch 'upstream/master' into zd20038_3 2025-09-25 10:32:13 -07:00
JacobBarthelmeh
50835c14a2 fix warning of const char* passed as char* 2025-09-25 09:27:16 -06:00
JacobBarthelmeh
40b9fc35f9 handle unsupported fsl algo 2025-09-25 09:14:59 -06:00
Sean Parkinson
561fead861 Merge pull request #9235 from anhu/rpi_WC_RESEED_INTERVAL 
Fixing up a small documentation omission.
 2025-09-25 10:48:37 +10:00
Stanislav Klima
1cfafc2a52 fixes from zd20556 2025-09-24 12:03:39 +02:00
Sean Parkinson
aa87b35964 Mark variables as volatile 
Ensures compiler optimizers don't stop code from being constant time.
 2025-09-24 08:47:20 +10:00
Daniel Pouzzner
4af6eb4f2b wolfcrypt/src/chacha20_poly1305.c: in wc_XChaCha20Poly1305_crypt_oneshot(), allow empty message. 2025-09-23 17:06:22 -05:00
Anthony Hu
93955a2ba7 Fixing up a small documentation omission. 2025-09-23 15:24:50 -04:00
gojimmypi
d50593834b Add fix for SHA HW on ESP-IDF v6 2025-09-19 12:04:46 -07:00
Kareem
7afcf20077 Fix non constant compare of TLS 1.3 binder, check for negative dst_len in wc_XChaCha20Poly1305_crypt_oneshot. 2025-09-19 11:39:46 -07:00
Kareem
23f595586d Fix building with --enable-keygen --enable-rsavfy. 2025-09-18 16:21:08 -07:00
JacobBarthelmeh
5d9c608ed6 Merge pull request #9195 from rlm2002/zd20508 
address undefined shift behavior and overflow
 2025-09-18 15:34:32 -06:00
JacobBarthelmeh
f143dbb858 Merge pull request #9217 from douzzer/20250918-25519-low-mem-gates 
20250918-25519-low-mem-gates
 2025-09-18 14:34:13 -06:00
Daniel Pouzzner
d15523a6df fix gating in wolfssl/wolfcrypt/fe_operations.h -- gate out load_3() and load_4() when !(CURVE25519_SMALL || ED25519_SMALL); 
harmonize low-mem outer gate in wolfcrypt/src/fe_operations.c with outer gate in wolfcrypt/src/fe_low_mem.c.
 2025-09-18 12:27:37 -05:00
Andrew Hutchings
b7679dbe96 Fix a test when using ACVP_VECTOR_TESTING 
The `ACVP_VECTOR_TESTING` blocks the clearing of the output when an auth
tag check fails. This causes a test for that scenario to fail, so don't
do that test whcn `ACVP_VECTOR_TESTING` is defined.
 2025-09-18 11:37:06 +01:00
gojimmypi
152075848c Change test order: random_test after SHA tests 2025-09-16 10:48:14 -07:00
Ruby Martin
a8fca08b7e add edge case unit test where cost=22, block=8 2025-09-16 11:04:43 -06:00
Ruby Martin
86abe793d7 address undefined shift behavior and overflow 2025-09-16 11:03:21 -06:00
Kareem
ec92f76dec Fix tests when building with PEM support disabled by using DER certs/keys. 2025-09-12 16:11:07 -07:00
Sean Parkinson
dc421a0d4c Merge pull request #9164 from dgarske/keytoder 
Add support for enabling RSA private key to DER without keygen
 2025-09-12 10:36:34 +10:00
David Garske
3e63bc68d4 Add support for enabling RSA private key to DER without keygen. ( new macro WOLFSSL_KEY_TO_DER) 2025-09-11 10:29:31 -07:00
David Garske
c397a27897 Appease IAR compiler possible use of uninitialized variables 2025-09-11 10:27:01 -07:00
David Garske
88586a5a47 Fix for ST-Safe issue with ECC signature R/S parsing needing leading zero pad (ZD 20504) 2025-09-11 10:27:01 -07:00
David Garske
b3aa39ddad Merge pull request #9138 from JacobBarthelmeh/sgx 
update for SGX CPU ID to follow atomics refactor
 2025-09-09 12:18:51 -07:00