WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
24,560 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

24560 Commits (devin/1739920896-esp32-fixes)

Author SHA1 Message Date
Anthony Hu 41d8eabb33 Update INSTALL file regarding PQ 2025-02-04 13:28:05 -05:00
Daniel Pouzzner b466bde5d0 src/internal.c and src/ssl.c: in CheckcipherList() and ParseCipherList(), refactor "while (next++)" to "while (next)" to avoid clang21 UndefinedBehaviorSanitizer "applying non-zero offset 1 to null pointer". 2025-02-04 12:07:29 -06:00
David Garske 6141b5060d
Merge pull request #8418 from gojimmypi/pr-post-release-239b85c80-espressif 
Espressif Managed Component wolfSSL 5.7.6 post-release update
 2025-02-04 07:47:14 -08:00
Juliusz Sosinowicz 8b7b9636aa Remove BN_CTX_init as its no longer in OpenSSL for a long time 2025-02-04 16:37:21 +01:00
Juliusz Sosinowicz 91bffeead3 wolfSSL_BN_CTX_get: prepend to list skipping need to traverse the list 2025-02-04 16:37:21 +01:00
Juliusz Sosinowicz 841d13e81c Implement BN_CTX_get 2025-02-04 16:37:21 +01:00
Hideki Miyazaki 77f3b45af0 update key_data 2025-02-05 00:11:55 +09:00
David Garske 93cb9c4a5e
Merge pull request #8417 from SparkiDev/tls13_hrr_keyshare_comments 
TLS 1.3 HRR KeyShare: Improve comments
 2025-02-04 06:20:24 -08:00
Juliusz Sosinowicz db0345c009 ascon: make tests more readable by moving the kat vectors into a header 2025-02-04 12:58:51 +01:00
Sean Parkinson 316177a7f1 ML-KEM/Kyber: small memory usage 
Options to compile ML-KEM/Kyber to use less dynamic memory.
Only available with C code and has small performance trade-off.
 2025-02-04 10:51:56 +10:00
Sean Parkinson 92491e6368 TLS 1.3 HRR KeyShare: Improve comments 
HelloRetryRequest has the key exchange group it wants to use.
A KeyShare for that group must not have been in the ClientHello.
 2025-02-04 10:16:27 +10:00
gojimmypi 71a982e6b7
sync with upstream 2025-02-03 16:13:05 -08:00
gojimmypi 962260af9d
Espressif Managed Component wolfSSL 5.7.6 post-release update 2025-02-03 15:34:33 -08:00
Sean Parkinson eb15a1213c
Merge pull request #8416 from embhorn/zd19323 
Clear old ssl->error after retry
 2025-02-04 08:54:10 +10:00
Sean Parkinson 7898cce43c
Merge pull request #8407 from embhorn/zd19346 
Fix compat layer ASN1_TIME_diff to accept NULL output params
 2025-02-04 08:43:50 +10:00
Eric Blankenhorn e9892c22a2 Clear old ssl->error after retry 2025-02-03 14:18:09 -06:00
Eric Blankenhorn b488af1d34 Fix compat layer ASN1_TIME_diff to accept NULL output params 2025-01-31 15:55:35 -06:00
JacobBarthelmeh 275becab6f
Merge pull request #8406 from julek-wolfssl/krb5-spake-testing 
Add spake to kerberos 5 testing
 2025-01-31 13:45:36 -07:00
JacobBarthelmeh 4891d1c471
Merge pull request #8400 from ColtonWilley/add_trusted_cert_pem_parsing 
Add support for parsing trusted PEM certs
 2025-01-31 10:53:51 -07:00
Juliusz Sosinowicz a48f7ce276 Add spake to kerberos 5 testing 2025-01-31 18:28:31 +01:00
JacobBarthelmeh 4abba81315
Merge pull request #8405 from anhu/thanks_tobiasbrunner 
Fix some typoes around Kyber and Dilithium
 2025-01-31 10:05:14 -07:00
Anthony Hu f86b19dd30 Fix some typoes around Kyber and Dilithium 2025-01-31 10:13:39 -05:00
Hideki Miyazaki 6555da9448 revert TSIP_KEY_TYPE as TSIP TLS definition 2025-01-31 14:13:36 +09:00
David Garske e7a0340eea
Merge pull request #8395 from SparkiDev/asm32_asm_older_opt 
ARM32 ASM: optimize older platform alternatives
 2025-01-30 15:47:25 -08:00
Colton Willey cb0779f151 Add trusted cert to generation script and include.am 2025-01-30 15:29:59 -08:00
Sean Parkinson 3f47963802
Merge pull request #8396 from douzzer/20250129-CT-tweaks 
20250129-CT-tweaks
 2025-01-31 09:10:22 +10:00
JacobBarthelmeh 6181559d83
Merge pull request #8401 from douzzer/20250130-UHAVE_FFDHE_2048 
20250130-UHAVE_FFDHE_2048
 2025-01-30 15:55:25 -07:00
Colton Willey a0950e97f5 Add tests for trusted certificate banner 2025-01-30 14:42:41 -08:00
Daniel Pouzzner 3a6b33c180 tests/api.c and wolfcrypt/benchmark/benchmark.c: fixes for building with HAVE_FFDHE_3072 and/or HAVE_FFDHE_4096 but without HAVE_FFDHE_2048. 2025-01-30 15:02:02 -06:00
Colton Willey c4288cc334 Add support for parsing PEM certificates with begin trusted cert header/footer, needed for wolfProvider. 2025-01-30 11:34:02 -08:00
JacobBarthelmeh eb7bac3cd0
Merge pull request #8399 from julek-wolfssl/cov-fixes-30-01-2025 
Cov fixes
 2025-01-30 11:56:36 -07:00
JacobBarthelmeh 9641dc79d9
Merge pull request #8398 from douzzer/20250130-ASCON-unit-test-fixes 
20250130-ASCON-unit-test-fixes
 2025-01-30 10:57:05 -07:00
Juliusz Sosinowicz c36d23029f dtls: malloc needs to allocate the size of the dereferenced object 2025-01-30 18:32:22 +01:00
Juliusz Sosinowicz 9a8bc248de dtls: remove dead code 2025-01-30 18:32:22 +01:00
Juliusz Sosinowicz 3cd64581eb dtls: better sanitize incoming messages in stateless handling 2025-01-30 18:32:22 +01:00
JacobBarthelmeh f7b76002c2
Merge pull request #8397 from SparkiDev/kyber_no_malloc 
ML-KEM/Kyber: build with no malloc
 2025-01-30 10:06:13 -07:00
Juliusz Sosinowicz e4b7a53191 api: make sure len doesn't overrun the input buffer 2025-01-30 18:01:51 +01:00
Juliusz Sosinowicz 2865b0c79b api: check fd values as recv and send can't take in negative fd 2025-01-30 18:01:10 +01:00
Juliusz Sosinowicz d91141fe05 api: pass in sizeof(tmp) instead of 1024 to attempt to satisfy Coverity 2025-01-30 18:00:32 +01:00
Juliusz Sosinowicz 2590aebfd9 dtls13: don't overrun hdr->epoch 2025-01-30 17:59:48 +01:00
Daniel Pouzzner 49d2beed1a fixes for gating/tooling around ASCON. 2025-01-30 10:48:23 -06:00
Sean Parkinson b62f5ab722 ML-KEM/Kyber: build with no malloc 
ML-KEM/Kyber van now be built with WOLFSSL_NO_MALLOC and all data is on
the stack.
 2025-01-30 18:11:55 +10:00
Daniel Pouzzner 0de38040f4 CT tweaks: 
in wolfcrypt/src/coding.c, add ALIGN64 to hexDecode[], and add hexEncode[] for use by Base16_Encode();

in wolfcrypt/src/misc.c and wolfssl/wolfcrypt/misc.h:

move ctMask*() up so that min() and max() can use them, and add ctMaskWord32GTE();

add ALIGN64 to kHexChar[];

add CT implementation of CharIsWhiteSpace();

remove min_size_t() and max_size_t() recently added, but only one user (refactored).
 2025-01-30 01:24:40 -06:00
Daniel Pouzzner dd7ec129af fixes for gating/tooling around ASCON. 2025-01-30 01:23:26 -06:00
Sean Parkinson 2d06e67a64 ARM32 ASM: optimize older platform alternatives 
Make the alternative instructions for architectures less than 7 more
optimal.
 2025-01-30 16:58:13 +10:00
Anthony Hu 25c8869541
Merge pull request #8390 from SparkiDev/lms_sha256_192_l1_h20 
LMS: Fix SHA-256-192 level 1, height 20
 2025-01-29 18:20:50 -05:00
Sean Parkinson 871c05e0e2
Merge pull request #8307 from julek-wolfssl/ascon 
Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd
 2025-01-30 08:39:59 +10:00
Juliusz Sosinowicz bcde4bdebb ascon: move tests to api.c and introduce framework to split up api.c 2025-01-29 15:50:00 +01:00
Juliusz Sosinowicz cd047a35f2 fixup! Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 2025-01-29 12:21:28 +01:00
Juliusz Sosinowicz b0ab7f0d26 ascon: use individual word64 to help compiler 2025-01-29 11:49:09 +01:00