Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
26,219 Commits 12 Branches 184 Tags
183aa7a21489c5c4774e7a945ee5eec2e177d92b
Commit Graph

26219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kareem
183aa7a214 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20038_2 2025-09-02 16:17:18 -07:00
philljj
f33814b377 Merge pull request #9151 from douzzer/20250830-linuxkm-fix-get_drbg 
20250830-linuxkm-fix-get_drbg
 2025-09-02 11:39:25 -05:00
Daniel Pouzzner
aa96c352d4 add !WC_SKIP_INCLUDED_C_FILES gates in indirectly compiled files in linuxkm/, to avoid false positive unknownMacro reports from cppcheck-force-source. 2025-08-30 14:15:55 -05:00
Daniel Pouzzner
f8e4feb633 wolfssl/wolfcrypt/error-crypt.h: in WC_ERR_TRACE() definition, use WOLFSSL_DEBUG_PRINTF_FN(WOLFSSL_DEBUG_PRINTF_FIRST_ARGS, not WOLFSSL_DEBUG_PRINTF(, for compatibility with WOLF_NO_VARIADIC_MACROS. 2025-08-30 12:54:22 -05:00
Daniel Pouzzner
7df8ee4081 linuxkm/linuxkm_wc_port.h: add default setup for LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, to make visibility in random.c; 
linuxkm/lkcapi_sha_glue.c: revert f7c7ac275a (get_drbg() DISABLE_VECTOR_REGISTERS() for crypto_default_rng) -- compiler/inlining bug makes it break on at least one target, so caller needs to retain responsibility;

linuxkm/x86_vector_register_glue.c: in wc_save_vector_registers_x86(), always return WC_ACCEL_INHIBIT_E if already fpu_state & WC_FPU_INHIBITED_FLAG, for safe+correct dynamics on recursive calls.
 2025-08-30 12:08:57 -05:00
David Garske
7ef94284cc Merge pull request #9149 from douzzer/20250829-_mlkem_decompress_5_avx2-movzwq 
20250829-_mlkem_decompress_5_avx2-movzwq
 2025-08-29 16:23:16 -07:00
Daniel Pouzzner
8ed1ce6a8b wolfcrypt/src/wc_mlkem_asm.S: in _mlkem_decompress_5_avx2, use movzwq, not movzxw, for portability. 2025-08-29 14:42:48 -05:00
David Garske
330d6ad5a6 Merge pull request #9083 from mgrojo/bugfix/ada-overflow-check-error-string 
Ada: fix wrapping of `wolfSSL_ERR_error_string_n`
 2025-08-29 11:28:16 -07:00
David Garske
24bbb38a9a Merge pull request #9120 from effbiae/print-debug 
replace (f)printf with WOLFSSL_DEBUG_PRINTF
 2025-08-29 11:26:44 -07:00
David Garske
c2885cf0b9 Merge pull request #9147 from douzzer/20250828-WC_SVR_FLAG_INHIBIT-recursive 
20250828-WC_SVR_FLAG_INHIBIT-recursive
 2025-08-29 11:25:03 -07:00
mgrojo
cdbad34284 Ada: include use of WolfSSL.Get_Error in the example 2025-08-29 09:57:04 -07:00
mgrojo
a0c8efdffe Ada: fix wrapping of wolfSSL_ERR_error_string_n 
Use unchecked conversion instead of type conversion to mimic C style
conversion from int to unsigned long, avoiding the Ada overflow check that is raised when a negative value is converted to an unsigned type.
 2025-08-29 09:57:04 -07:00
effbiae
44c403f4c7 replace (f)printf with WOLFSSL_DEBUG_PRINTF 2025-08-29 12:34:22 +10:00
Daniel Pouzzner
f7c7ac275a linuxkm/linuxkm_wc_port.h and linuxkm/x86_vector_register_glue.c: refactor 
wc_save_vector_registers_x86() and wc_restore_vector_registers_x86() to allow
  recursive WC_SVR_FLAG_INHIBIT while already in a vector save context;

linuxkm/lkcapi_sha_glue.c: in get_drbg() and put_drbg(),
  DISABLE_VECTOR_REGISTERS()...REENABLE_VECTOR_REGISTERS() if tfm ==
  crypto_default_rng.
 2025-08-28 11:02:45 -05:00
Sean Parkinson
0224ef3d2e Merge pull request #9146 from rlm2002/gh9128_MEM_ZERO 
ForceZero change for WOLFSSL_CHECK_MEM_ZERO
 2025-08-28 22:37:55 +10:00
Ruby Martin
8b1422a869 add configuration for WOLFSSL_MEM_CHECK_ZERO 2025-08-27 16:12:57 -06:00
Ruby Martin
11942e774c do not abort MEM_ZERO check if TEST_ALWAYS_RUN_TO_END is defined 2025-08-27 15:04:49 -06:00
Ruby Martin
1ad8b2897a Force zero with bufferSize instead of length. add void prototype to definitions 2025-08-27 14:56:51 -06:00
Kareem
87f99ea824 Add test case for --enable-coding=no. 2025-08-27 12:02:25 -07:00
Kareem
e25bd603ed Fix building with --coding=no/WOLFSSL_PEM_TO_DER undefined. 2025-08-27 11:53:22 -07:00
David Garske
344f127e64 Merge pull request #9129 from effbiae/wolfSSL_read_ex 
SSL_read_ex() ... will return 1 for success or 0 for failure
 2025-08-27 07:33:29 -07:00
David Garske
dac80aad58 Merge pull request #9142 from SparkiDev/mlkem_dec5_oor_fix 
ML-KEM/Kyber: fix out of bouds read
 2025-08-27 07:05:29 -07:00
effbiae
934364b8e1 wolfSSL_read_ex returns {0,1} 2025-08-27 15:35:17 +10:00
Sean Parkinson
4ff6f5f10c ML-KEM/Kyber: fix out of bouds read 
Decompose 5-bit values: Don't read 15 bytes when only have 10 bytes
available.
 2025-08-27 14:49:24 +10:00
David Garske
c78bb1cd42 Merge pull request #9141 from gojimmypi/espressif-latest-debug 
Fix workflow for latest ESP-IDF for espressif examples
 2025-08-26 15:48:05 -07:00
gojimmypi
797c1d00ac Fix workflow for latest ESP-IDF for espressif examples 2025-08-26 14:38:23 -07:00
Sean Parkinson
02cba85856 Merge pull request #9135 from douzzer/20250825-linuxkm-IntelRDseed64_r-burn-buf 
20250825-linuxkm-IntelRDseed64_r-burn-buf
 2025-08-27 07:22:25 +10:00
David Garske
71581e321e Merge pull request #9098 from julek-wolfssl/fix-test_wolfSSL_tls_export 
Fix test_wolfSSL_tls_export
 2025-08-26 12:11:49 -07:00
philljj
00860baddf Merge pull request #9136 from douzzer/20250826-more-wc_linuxkm_normalize_relocations 
20250826-more-wc_linuxkm_normalize_relocations
 2025-08-26 14:04:14 -05:00
David Garske
1ce13fc3ee Merge pull request #9118 from SparkiDev/api_c_split_tls13 
api.c: pull out TLS 1.3 specific tests
 2025-08-26 09:23:56 -07:00
Daniel Pouzzner
79a75d1ef2 linuxkm/module_hooks.c: in wc_linuxkm_normalize_relocations(), allow non-text 
relocations 1 byte outside the destination segment, and when
  DEBUG_LINUXKM_PIE_SUPPORT, tally the relocation counts by segment for final info
  report;

linuxkm/module_hooks.c and linuxkm/linuxkm_wc_port.h: tweak gating on
  wc_linuxkm_normalize_relocations() and related -- ifdef
  HAVE_LINUXKM_PIE_SUPPORT, not ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE --
  for consistency+clarity.
 2025-08-26 11:07:40 -05:00
David Garske
c7d1673948 Merge pull request #9132 from anhu/dup_CKS 
Properly detect duplicate CKS extensions.
 2025-08-26 09:07:04 -07:00
Juliusz Sosinowicz
d26b2811e0 test_wolfSSL_tls_export_run: silence unused cmpSess warning 2025-08-26 16:40:17 +02:00
Juliusz Sosinowicz
5934c1eece Fix test_wolfSSL_tls_export 
- Add TLS_EXPORT_OPT_SZ_4 to specify previous option size
- Actually pick up failures in the tests and propagate them to the top level
- Tests v4 and v5 sessions
Fixes https://github.com/wolfSSL/wolfssl/issues/9081 and https://github.com/wolfSSL/wolfssl/pull/9082
 2025-08-26 11:04:54 +02:00
Daniel Pouzzner
fa61187f2e linuxkm/module_hooks.c: in IntelRDseed64_r(), burn buf after each use to protect against info leakage. 2025-08-25 21:59:32 -05:00
Sean Parkinson
115d4d88c0 api.c: pull out TLS 1.3 specific tests 2025-08-26 09:05:46 +10:00
philljj
7aab2f3b47 Merge pull request #9126 from douzzer/20250823-linuxkm-reloc-bikeshedding 
20250823-linuxkm-reloc-bikeshedding
 2025-08-25 16:53:36 -05:00
lealem47
1c2fb10007 Merge pull request #9124 from dgarske/sniffer_partial_overlap 
Fix for sniffer partial segment overlap that can occur when a TCP win…
 2025-08-25 15:15:48 -06:00
David Garske
6ae0ecc5f3 Merge pull request #9133 from AlexLanzano/log-fix 
Fix value comparison typo in if statement
 2025-08-25 14:09:20 -07:00
David Garske
cfee026f98 Merge pull request #9131 from embhorn/zd20429 
Fix markdown in docs
 2025-08-25 14:08:30 -07:00
JacobBarthelmeh
e0913c47ef Merge pull request #9039 from tamasan238/for-pr-1 
Add _new/_delete API for ML-KEM/ML-DSA
 2025-08-25 14:47:07 -06:00
Alex Lanzano
8207053636 Fix value comparison typo in if statement 2025-08-25 13:56:35 -04:00
Anthony Hu
2885df68b4 Properly detect duplicate CKS extensions. 2025-08-25 12:01:50 -04:00
Eric Blankenhorn
6ab6634efc Fix markdown in docs 2025-08-25 09:28:08 -05:00
Sean Parkinson
ffbcd4f86c Merge pull request #9125 from douzzer/20250819-linuxkm-fips-v5-wc_GenerateSeed_IntelRD 
20250819-linuxkm-fips-v5-wc_GenerateSeed_IntelRD
 2025-08-25 21:37:35 +10:00
Daniel Pouzzner
a67d1a84f5 configure.ac: for linuxkm with PIE, don't include enable-fpcc in enable-all-crypto (the compiler generates a weird out-of-bounds bss reference for find_hole()); 
linuxkm/Makefile: in recipe (awk script) for wc_linuxkm_pie_reloc_tab.c, report and error on unexpected relocation types;

linuxkm/module_hooks.c: in wc_linuxkm_normalize_relocations():
* fix bounds checking on the input,
* recognize references pointing at the first byte after the end of the segment,
* and mask out pad bytes when rendering the 32 bit addresses;

linuxkm/wolfcrypt.lds: add 4k alignment directives just before the segment end fenceposts, to make the fenceposts more inclusive.
 2025-08-23 17:21:24 -05:00
Daniel Pouzzner
d9467db007 wolfssl/wolfcrypt/types.h: fix bugprone-macro-parentheses in definition of DISABLE_VECTOR_REGISTERS. 2025-08-22 23:43:36 -05:00
Daniel Pouzzner
e0383b496a linuxkm/module_hooks.c: implement wc_linuxkm_GenerateSeed_IntelRD, gated on WC_LINUXKM_RDSEED_IN_GLUE_LAYER; 
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();

linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;

wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;

wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
 2025-08-22 21:58:00 -05:00
David Garske
8dd43077fd Fix for sniffer partial segment overlap that can occur when a TCP window is full and a TCP retransmission occurs. 2025-08-22 14:29:18 -07:00
JacobBarthelmeh
6f567bbca2 Merge pull request #9122 from julek-wolfssl/hostap-fix-cert-update 
Fix hostap cert update
 2025-08-22 15:28:19 -06:00