wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 18:32:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,930 Commits 12 Branches 184 Tags
wolfEntropy2d
Commit Graph

26930 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Holtrop
c61ac22e89 Rust wrapper: enable conditional compilation based on C library build options 2025-11-14 10:44:25 -05:00
Josh Holtrop
dd3b9260f9 Rust wrapper: merge wolfssl-sys crate into wolfssl crate 2025-11-14 10:44:06 -05:00
philljj
50c5028c5a Merge pull request #9432 from douzzer/20251114-atomic-default-c 
20251114-atomic-default-c
 2025-11-14 10:34:24 -05:00
Daniel Pouzzner
135bb66352 wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: use stdatomic.h implementation as C default when available, as before, for proper type annotation in objects. 2025-11-14 07:54:14 -06:00
Sean Parkinson
10a60fc41b Merge pull request #9427 from douzzer/20251113-ZD20815 
20251113-ZD20815
 2025-11-14 11:50:16 +10:00
jackctj117
5e2fd78113 Suppress unused parameter warning 2025-11-13 18:32:00 -07:00
Daniel Pouzzner
7916db78e8 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: change precedence of atomic implementations, and don't use the stdatomic.h in C++ builds (not compatible); 
fix the name of the wolfSSL_Atomic_Ptr_CompareExchange() implementation in the _MSC_VER code path.
 2025-11-13 17:28:19 -06:00
Daniel Pouzzner
c430cc75ea src/ssl.c and wolfssl/ssl.h: fix signature on wolfSSL_CTX_get0_privatekey() -- ctx is not const; 
wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: tweak gates on atomic implementations to maximize availability within currently supported targets;

fix some whitespace.
 2025-11-13 17:11:52 -06:00
Daniel Pouzzner
26ba6344f2 add wolfSSL_Atomic_Ptr_CompareExchange(); mitigate race on ctx->privateKeyPKey in wolfSSL_CTX_get0_privatekey(). 2025-11-13 16:25:49 -06:00
JacobBarthelmeh
c63ca04228 convert to type int for return value 2025-11-13 12:17:04 -07:00
JacobBarthelmeh
d06221c16e with decode enveloped data track total encrypted content size 2025-11-13 12:08:46 -07:00
jackctj117
29c2f15a8f Add #ifdef guards to cipher suite checks 2025-11-13 10:06:07 -07:00
David Garske
6ff57b8045 Merge pull request #9419 from rlm2002/coverity 
Uninitialized variable fix
 2025-11-13 08:58:00 -08:00
David Garske
4f3586fe58 Merge pull request #9421 from SparkiDev/mlkem_to_bytes_fix 
ML-KEM to bytes C: not reducing all values
 2025-11-13 08:57:31 -08:00
David Garske
082943649b Merge pull request #9422 from SparkiDev/ecc_sign_hash_inlen_check 
ECC sign hash: only allow up to max digest size
 2025-11-13 08:55:53 -08:00
Sean Parkinson
6c30186168 ECC sign hash: only allow up to max digest size 
Validate that the hash passed in is of an appropriate length - not
greater than the maximum digest size.
 2025-11-13 11:53:51 +10:00
Sean Parkinson
b272f784ec ML-KEM to bytes C: not reducing all values 
Call to mlkem_csubq_c was only called on first array.
Fixed to do it for all.
 2025-11-13 10:42:07 +10:00
David Garske
5a8411a1ad Merge pull request #9418 from SparkiDev/tls13_ks_dup_check_fix 
TLS 1.3 duplicate KeyShare entry fix
 2025-11-12 16:09:11 -08:00
David Garske
f53191bae2 Merge pull request #9416 from julek-wolfssl/priv-key-blinding 
Fix errors when blinding private keys
 2025-11-12 16:09:03 -08:00
jackctj117
c56ea55f89 Fix TLS 1.3 cipher suite selection when TLS 1.2 ciphers precede TLS 1.3 ciphers 2025-11-12 17:03:06 -07:00
Ruby Martin
b2336c57ce initialize ctype variable 2025-11-12 16:48:52 -07:00
Sean Parkinson
1ec18949bc TLS 1.3 duplicate KeyShare entry fix 
Fix comparison to be greater than or equal in case count is incremented
after maxing out.
 2025-11-13 08:23:19 +10:00
David Garske
e78752f3b2 Merge pull request #9407 from holtrop/rust-heap-devid-cleanup 
Rust wrapper: support optional heap and dev_id parameters
 2025-11-12 13:50:45 -08:00
David Garske
7cfffd5bbc Merge pull request #9308 from kareem-wolfssl/zd20603 
Add IPv6 support to wolfSSL_BIO_new_accept and wolfIO_TcpBind.
 2025-11-12 11:09:17 -08:00
Josh Holtrop
40c471e20d Rust wrapper: fix cmac documentation 2025-11-12 13:41:08 -05:00
David Garske
92fffa166b Merge pull request #9413 from JacobBarthelmeh/lic 
update to GPLv3 exception list, add Fetchmail and OpenVPN
 2025-11-12 10:12:29 -08:00
David Garske
3fe534e3a2 Merge pull request #9403 from gojimmypi/pr-lms-unary-fix 
Fix LMS C4146 unary minus warning in MSVC, new param check
 2025-11-12 08:40:33 -08:00
Juliusz Sosinowicz
32911dc6b8 Add blinding to CI 2025-11-12 17:12:35 +01:00
Juliusz Sosinowicz
4b7c052ee9 test_wolfSSL_inject: don't call accept on completed handshake 2025-11-12 17:12:22 +01:00
Juliusz Sosinowicz
d1c321abdc Don't override errors when blinding the priv key 2025-11-12 17:12:22 +01:00
Josh Holtrop
df99227dc8 Rust wrapper: use _ex APIs for heap and dev_id variants 2025-11-12 09:50:20 -05:00
gojimmypi
ca920edbd0 Fix LMS C4146 unary minus warning in MSVC, new param check 2025-11-11 19:26:52 -08:00
Kareem
fbb7ae2257 Add NULL check to wolfSSL_BIO_new_accept. 2025-11-11 16:20:09 -07:00
Kareem
3296e6a1f0 Merge remote-tracking branch 'upstream/master' into zd20603 2025-11-11 16:15:22 -07:00
David Garske
6914f08f5e Merge pull request #9391 from holtrop/check-dup-extensions-fix 
Check for duplicate extensions in client hello when HAVE_TLS_EXTENSIONS is not set - fix #9377
 2025-11-11 14:05:14 -08:00
Josh Holtrop
798b16dcef Address more code review feedback for PR 9391 2025-11-11 15:36:28 -05:00
Josh Holtrop
32b00fd10b Address code review feedback for PR 9391 2025-11-11 14:06:44 -05:00
David Garske
4c273a6f3f Merge pull request #9404 from cconlon/jniNoQuicEch 
Fixes for "--enable-jni --enable-all" with WOLFSSL_TLS13_MIDDLEBOX_COMPAT
 2025-11-11 09:42:38 -08:00
David Garske
e323fb9675 Merge pull request #9410 from SparkiDev/multi_arch_opt 
Workflow: multiple architectures with different -O levels
 2025-11-11 09:42:21 -08:00
David Garske
2db1c7a522 Merge pull request #9395 from SparkiDev/tls12_cv_sig_check 
TLS 1.2 CertificateVerify: validate sig alg matches peer key
 2025-11-11 09:18:11 -08:00
JacobBarthelmeh
4da365214a Merge pull request #9412 from SparkiDev/regression_fixes_21 
Regression testing fixes
 2025-11-11 09:32:43 -07:00
Sean Parkinson
d84564217c Regression testing fixes 
Fix #ifdef protection for AES tests.
 2025-11-11 21:46:04 +10:00
Sean Parkinson
702f6ce94f Workflow: multiple architectures with different -O levels 
Test configurations with different optimization levels: -O2, -O3, -O1,
-O0, -Os, -Ofast
 2025-11-11 17:50:48 +10:00
Sean Parkinson
f54ca0d481 TLS 1.2 CertificateVerify: req sig alg to have been in CR 
The signature algorithm specified in CertificateVerify must have been in
the CertificateRequest. Add check.

The cipher suite test cases, when client auth and RSA are built-in and
use the default client certificate and use the *-ECDSA-* cipher
suites, no longer work. The client certificate must be ECC when the
cipher suite has ECDSA. Don't run them for that build.
 2025-11-11 13:20:46 +10:00
David Garske
967f520c28 Merge pull request #9408 from anhu/stateful_integ_deprecate 
Deprecate LMS and XMSS integrations.
 2025-11-10 15:17:51 -08:00
JacobBarthelmeh
0fa2274a16 Merge pull request #9406 from SparkiDev/sp_label_noinline 
SP label noinline: function inlined even when asked not to
 2025-11-10 14:52:14 -07:00
Anthony Hu
0771bc42d6 Deprecate LMS and XMSS integrations. 2025-11-10 15:13:06 -05:00
Josh Holtrop
4102f8272e Rust wrapper: support optional heap and dev_id parameters 2025-11-10 13:53:51 -05:00
David Garske
2c47675194 Merge pull request #9333 from gojimmypi/pr-msvc-random 
Conditional wolfcrypt-only wc_RNG_GenerateBlock for MSVC
 2025-11-10 08:33:54 -08:00
Josh Holtrop
3af60ff85d Check for duplicate extensions in client hello when HAVE_TLS_EXTENSIONS is not set - fix #9377 2025-11-10 10:06:07 -05:00