Cyclic0007/wolfssl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27,536 Commits 12 Branches 184 Tags
4c0c51fdff222d7f3ba21e13f014a1a08f22eac7
Commit Graph

27536 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kareem
4c0c51fdff Merge branch 'master' of https://github.com/wolfSSL/wolfssl into gh7735 2026-01-22 15:13:15 -07:00
Kareem
baedba6a58 Force client haveDH to true in wolfSSL_set_options. haveDH won't be set to true on the client as the server side is what calls DH param generation APIs which set this to true, but we still want the client to support DH cipher suites if enabled. This matches behavior from InitSSL_EitherSide. 2026-01-22 15:13:08 -07:00
David Garske
62ca34497c Merge pull request #9633 from douzzer/20260108-DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS 
20260108-DEFAULT_MAX_CLASSIC_ASYM_KEY_BITS
 2026-01-21 17:39:56 -08:00
David Garske
baeffb2f6a Merge pull request #9692 from anhu/aead 
wc_XChaCha20Poly1305_Init: NULL check aead, not ad
 2026-01-21 17:22:32 -08:00
Daniel Pouzzner
142f493964 configure.ac: if ENABLED_32BIT, add -DWC_32BIT_CPU to AM_CFLAGS, and don't add WOLFSSL_X86_64_BUILD to AM_CFLAGS; fix handling for --enable-bump; 
wolfssl/wolfcrypt/settings.h: classify OPENSSL_EXTRA as "desktop type system" in bump up of default FP_MAX_BITS and SP_INT_BITS;

wolfssl/wolfcrypt/types.h: if WC_32BIT_CPU, don't define WC_64BIT_CPU.
 2026-01-21 18:21:16 -06:00
David Garske
e4e79dd8a3 Merge pull request #9694 from SparkiDev/tls_msg_sanity_fix 
TLS: more sanity checks on message order
 2026-01-21 15:11:11 -08:00
Anthony Hu
7d7299e254 Do not allow NULL with non-zero length. 2026-01-21 17:49:30 -05:00
David Garske
11ddec3f69 Merge pull request #9681 from tmael/wfb1_ 
Fix cert SW issues in Aes and rng
 2026-01-21 13:41:01 -08:00
David Garske
e1e7c4d9f0 Merge pull request #9695 from miyazakh/fix_qt_unittest 
Include `asn.h` for SN_xxx definitions from `openssl/obj_mac.h`
 2026-01-21 12:56:53 -08:00
David Garske
47ff34b503 Merge pull request #9696 from SparkiDev/mldsa_max_vals_from_avail 
ML-DSA: max values based on available parameters
 2026-01-21 12:56:07 -08:00
David Garske
758d74f51f Merge pull request #9687 from holtrop-wolfssl/rust-hmac-blake2 
Rust wrapper: add HMAC-BLAKE2[bs] wrappers
 2026-01-21 12:55:48 -08:00
Tesfa Mael
1c3816d7d8 Use seedSz < SEED_BLOCK_SZ 2026-01-21 12:09:53 -08:00
Tesfa Mael
d3d2105035 Fix cert SW issues 2026-01-21 12:09:53 -08:00
Daniel Pouzzner
418a3bff32 Merge pull request #9698 from dgarske/rsa_no_rng2 
More fixes for NO RNG and NO check key
 2026-01-21 14:01:10 -06:00
David Garske
f52930b844 More fixes for NO RNG and NO check key (broken in #9606 and #9576) 2026-01-21 10:31:57 -08:00
David Garske
2a449ebfdf Merge pull request #9673 from holtrop-wolfssl/update-github-workflows-ubuntu 
Update from Ubuntu 22.04 to Ubuntu 24.04 for github workflows
 2026-01-21 09:14:39 -08:00
Daniel Pouzzner
cc7897be0d Merge pull request #9689 from dgarske/rsa_no_rng 
Fixes for RSA with no RNG
 2026-01-21 11:13:03 -06:00
David Garske
98dbc56daa Merge pull request #9691 from douzzer/20260120-linuxkm-RHEL9v6-and-RDSEED-sanity-check 
20260120-linuxkm-RHEL9v6-and-RDSEED-sanity-check
 2026-01-21 09:03:32 -08:00
JacobBarthelmeh
685bacc917 Merge pull request #9614 from dgarske/stsafe-a120 
Add STSAFE-A120 Support
 2026-01-21 09:12:23 -07:00
Josh Holtrop
69fd8dc01f Update from Ubuntu 22.04 to Ubuntu 24.04 for several github workflows 2026-01-20 21:44:56 -05:00
Sean Parkinson
88593f8dcd ML-DSA: max values based on available parameters 
When building wolfSSL implementation, make maximum sizes based on
available parameter sets.

Add wc_MlDsaKey_SignCtx and wc_MlDsaKey_VerifyCtx macros.
 2026-01-21 12:04:28 +10:00
David Garske
38b0fe19a1 Improvements to code for ECDHE and peer review fixes. 2026-01-21 00:03:26 +00:00
David Garske
16fb84d0d1 Peer review fixes. Tested with brainpool. 2026-01-21 00:03:26 +00:00
David Garske
54f0ecb536 Fix for ephemeral key usage limit. 2026-01-21 00:03:26 +00:00
David Garske
384eaa48b3 Peer review fixes (thank you copilot) 2026-01-21 00:03:26 +00:00
David Garske
654901782c Peer review cleanups. ECDHE improvements. 2026-01-21 00:03:26 +00:00
David Garske
02c3086e00 Added ECDHE support 2026-01-21 00:03:26 +00:00
David Garske
09c75f25de Fixes for peer review. 2026-01-21 00:03:26 +00:00
David Garske
c7ca035baf Cleanup WOLFSL_STSAFE and fix issue with multi-test macros 2026-01-21 00:03:26 +00:00
David Garske
a4c2398265 Add STSAFE-A120 Support 2026-01-21 00:03:26 +00:00
Sean Parkinson
8902afdcea TLS: more sanity checks on message order 
Add more checks on message ordering for TLS 1.2 and below.
Reformat code.
 2026-01-21 10:00:38 +10:00
Hideki Miyazaki
22ed7472b4 fix qt unit test 
include asn.h for SN_xxx definitions
 2026-01-21 08:59:28 +09:00
Daniel Pouzzner
7048fa80d4 wolfcrypt/src/random.c and wolfssl/wolfcrypt/settings.h: fixes from CI and peer review: 
* in wc_GenerateSeed_IntelRD(), use stack/register allocation for sanity_word{1,2}, and
* don't set WC_VERBOSE_RNG if WOLFSSL_DEBUG_PRINTF is missing.
 2026-01-20 16:48:21 -06:00
Kareem
0f0163d888 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into gh7735 2026-01-20 15:18:26 -07:00
Anthony Hu
4550814e66 wc_XChaCha20Poly1305_Init: NULL check aead, not ad 2026-01-20 16:37:20 -05:00
Daniel Pouzzner
b91272c9a5 wolfcrypt/src/random.c: add sanity check in wc_GenerateSeed_IntelRD() to work around buggy RDSEED by disabling it if it generates three identical 64 bit words consecutively; 
wolfssl/wolfcrypt/settings.h: if DEBUG_WOLFSSL && !WC_NO_VERBOSE_RNG, set WC_VERBOSE_RNG, and add WOLFSSL_NO_DEBUG_CERTS to allow inhibition of WOLFSSL_DEBUG_CERTS.
 2026-01-20 15:24:43 -06:00
Daniel Pouzzner
ba53051457 add linuxkm/patches/5.14.0-570.58.1.el9_6/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v14-570v58v1-el9_6.patch 2026-01-20 15:07:44 -06:00
Josh Holtrop
4a92ee31bb Rust HMAC-BLAKE2: require exact output buffer size 2026-01-20 15:31:58 -05:00
Josh Holtrop
e59ddb95c7 Rust blake2: remove unnecessary cfg guards 2026-01-20 14:56:55 -05:00
David Garske
91d9389b9f Fixes for RSA with no RNG 2026-01-20 11:05:10 -08:00
David Garske
c8867d8c52 Merge pull request #9688 from padelsbach/login-live-com-cert 
Address connection issues in ocsp-stapling test
 2026-01-20 11:04:51 -08:00
David Garske
17401da6ae Merge pull request #9678 from cconlon/otherNameSan 
Fix GENERAL_NAME memory management for otherName and RID SANs
 2026-01-20 10:56:37 -08:00
David Garske
3520b4c9a1 Merge pull request #9636 from julek-wolfssl/zephyr-fixes-202601 
Address Zephyr and C++ compatibility issues
 2026-01-20 10:52:27 -08:00
David Garske
6bdc6a7550 Merge pull request #9618 from SparkiDev/volatile_multi_statement 
Multiple volatile variables in a C statement undefined
 2026-01-20 10:42:49 -08:00
Kareem
d505c0b7c5 Only reinitialize suites in InitSSL_Side if they were not set by the user. Always allocate suites in InitSSL_Side if they're NULL so InitSSL_Suites will set them. 2026-01-20 11:40:37 -07:00
David Garske
26b8795a3f Merge pull request #9682 from JacobBarthelmeh/lic 
add RPCS3 to GPLv2 exception list
 2026-01-20 10:38:32 -08:00
Paul Adelsbach
2325c68d4e Address connection issues in ocsp-stapling test 2026-01-20 09:46:35 -08:00
Josh Holtrop
af0fd013a1 HMAC-BLAKE2b: avoid coverity complaints about accessing x_key out of range 2026-01-20 08:14:02 -05:00
Josh Holtrop
a555d5290a Rust wrapper: add HMAC-BLAKE2[bs] wrappers 2026-01-20 08:10:16 -05:00
Kareem
89931bd884 Always reinitialize the SSL cipher suites in InitSSL_Side as the side and enabled algos have likely changed. 2026-01-19 17:50:26 -07:00