WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
25,693 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

25693 Commits (edacf0434c0e729d6d9af417f38edc00903a78d8)

Author SHA1 Message Date
Kaleb Himes 6f78c26bff
Merge pull request #8820 from SparkiDev/entropy_cont_tests_fix 
Entropy - fix off by ones in continuous testing
 2025-06-17 17:56:00 -06:00
Sean Parkinson c724c6560d Entropy - fix off by ones in continuous testing 
rep_cnt is count of contiguous bytes with same value.
First ever sample must set count to 1.

Wasn't filling the cache up completely.
Off by one in check for initial fill.
 2025-06-18 08:10:55 +10:00
Josh Holtrop feaae9fc58 Fix configure help to use --enable-debug instead of --enable-verbose 2025-06-17 14:38:01 -04:00
Josh Holtrop 0b6c53c8b0 Remove DTLS from echoserver/echoclient examples 
This fixes some intermittent CI testsuite failures.
 2025-06-17 14:38:01 -04:00
David Garske 7d77446964
Merge pull request #8882 from rizlik/dtls13_always_transmit_explicit_ack 
dtls13: always send ACKs on detected retransmission
 2025-06-17 11:35:07 -07:00
Daniel Pouzzner d39295166f
Merge pull request #8885 from embhorn/zd20088 
Check for STDC_NO_ATOMICS
 2025-06-17 13:33:39 -05:00
David Garske 6b68797b4f
Merge pull request #8883 from JacobBarthelmeh/rng 
account for Intel RDRAND build without HAVE_HASHDRBG
 2025-06-17 11:33:16 -07:00
David Garske 7e864c177d
Merge pull request #8886 from douzzer/20250617-prime_test-uninited-wc_FreeRng 
20250617-prime_test-uninited-wc_FreeRng
 2025-06-17 11:31:53 -07:00
Kareem fe5ae0cbdf Restore 128-byte SRP test using safe prime N for the case where 192 bytes is too large for the fast/SP math config. 2025-06-17 11:30:11 -07:00
Kareem a035b045a4 Only run SRP tests with at least 3072 bits. 
The SRP buffers are 192 bytes, so they need a minimum of 3072 bits.
If the bit size is too low, wc_SrpGetVerifier will return MP_VAL as the buffers won't fit.
 2025-06-17 11:30:11 -07:00
Kareem 7e4ec84124 Add macros for legacy get_digit functions for FIPS/selftest. 2025-06-17 10:12:06 -07:00
Kareem 9c9465aa23 Also account for selftest for mp_get_digit refactor. 2025-06-17 10:12:06 -07:00
Kareem 05aa4f5f08 Make mp_get_digit refactor FIPS friendly. 2025-06-17 10:12:06 -07:00
Kareem 2366718d5a Add args->input free in FreeSskeArgs. 
This free is redundant in most cases but it covers the specific
case of using async, exiting SendServerKeyExchange early due to
WANT_WRITE or WC_PENDING_E, then later freeing the async context
without calling SendServerKeyExchange again.
 2025-06-17 10:12:06 -07:00
Kareem 304019d28d Fix inclusion guard around wc_RsaSSL_Verify. 
The current condition of !WOLFSSL_RSA_VERIFY_ONLY doesn't make sense,
as the verify only case will want this function.

Based on the original change and the context, it looks like this was a
typo meant to be !WOLFSSL_RSA_VERIFY_INLINE.
 2025-06-17 10:12:06 -07:00
Kareem e8c110d2ac Rename get_digit* to mp_get_digit* to avoid conflicts with other functions named get_digit. 2025-06-17 10:12:06 -07:00
Kareem 6633b52e28 Don't try to build wc_RsaSSL_Sign in asn.c MakeSignature if RSA public or verify only is enabled. 2025-06-17 10:12:06 -07:00
David Garske 83954100d6
Merge pull request #8812 from kosmax871/tropic01-dev 
Added crypto callback functions for TROPIC01 secure element
 2025-06-17 10:03:18 -07:00
Eric Blankenhorn 9defad0b24 Check for STDC_NO_ATOMICS 2025-06-17 11:40:07 -05:00
Juliusz Sosinowicz 9c54032159 Add bind v9.18.33 testing 2025-06-17 18:38:38 +02:00
David Garske 5e6c1ba05f
Merge pull request #8879 from julek-wolfssl/openssh-10.0p2 
Updates for OpenSSH 10.0p2
 2025-06-17 09:36:45 -07:00
Daniel Pouzzner d28045daa8 wolfcrypt/test/test.c: fix prime_test() uninitialized data access by wc_FreeRng(). 2025-06-17 09:31:19 -05:00
Daniel Pouzzner 3e5e470005
Merge pull request #8876 from philljj/small_drbg_cleanup 
linuxkm drbg: refactor drbg_ctx clear.
 2025-06-16 16:33:57 -05:00
Maxim Kostin 037ccbaa05 Update TROPIC01 integration guide and header file for key slot definitions and datasheet link 2025-06-16 21:12:19 +02:00
David Garske 842e2366e3
Merge pull request #8881 from douzzer/20250615-heapmath-FREE_MP_INT_SIZE 
20250615-heapmath-FREE_MP_INT_SIZE
 2025-06-16 11:46:12 -07:00
David Garske 5151a2297a
Merge pull request #8880 from holtrop/fix-printing-cert-with-empty-issuer-name 
Fix printing empty names in certificates
 2025-06-16 11:37:02 -07:00
Maxim Kostin cafb1f5fd7 Merge branch 'tropic01-dev' of github.com:kosmax871/wolfssl into tropic01-dev 2025-06-16 20:32:30 +02:00
Maxim Kostin f865e0de97 improve ED25519 key handling in CryptoCb function 2025-06-16 20:27:15 +02:00
Maxim Kostin 60f442b04e Fix formatting inconsistencies in README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin bab7677273 Added AES IV retrieval from TROPIC01 and use of new R-Memory slot definitions 2025-06-16 20:27:15 +02:00
Maxim Kostin 3b198babe3 Add Tropic01_Deinit call in wolfCrypt_Cleanup for proper resource management 2025-06-16 20:27:15 +02:00
Maxim Kostin 172728bf7f Refactor Tropic01 interface: clean up code formatting and improve function declarations 2025-06-16 20:27:15 +02:00
kosmax871 5696582add Update README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin 375af753aa Changes for the PR https://github.com/wolfSSL/wolfssl/pull/8812 2025-06-16 20:27:15 +02:00
Maxim Kostin 2f210b3907 Refactor TROPIC01 integration: update README, enhance pairing key handling, and improve error messages 2025-06-16 20:27:15 +02:00
Maxim Kostin 296bfd258c README.md added 2025-06-16 20:27:15 +02:00
Maxim Kostin 0eecfbfb35 ed25519 fixes 2025-06-16 20:27:15 +02:00
Maxim Kostin cd76615e49 added support of ED25519 2025-06-16 20:27:15 +02:00
kosmax871 7c1980fe01 some fixes and updates 2025-06-16 20:27:15 +02:00
kosmax871 b13fdaa05e Draft of readme.md 2025-06-16 20:27:15 +02:00
kosmax871 5664507e65 Support for static libraries 2025-06-16 20:27:15 +02:00
Maxim Kostin 385be1c08a added support for Tropic01 crypto callbacks 2025-06-16 20:27:15 +02:00
kosmax871 3da72fb9b6
Merge branch 'wolfSSL:master' into tropic01-dev 2025-06-16 19:30:32 +02:00
Juliusz Sosinowicz 9a576d9e2e Fix CI failures 2025-06-16 19:07:58 +02:00
Marco Oliverio e82c099bec fix indentation 2025-06-16 18:42:17 +02:00
Juliusz Sosinowicz 72db5e5108 Remove NO_FILESYSTEM for CI 2025-06-16 18:06:19 +02:00
Juliusz Sosinowicz aca6da66f6 Set default seedCb when not FIPS 2025-06-16 17:39:22 +02:00
Josh Holtrop 3bd9b2e0bc Add generation instructions for empty issuer cert and change expiry to 100 years 2025-06-16 11:39:01 -04:00
JacobBarthelmeh ce61f0d517 account for Intel RDRAND build without HAVE_HASHDRBG 2025-06-16 09:04:50 -06:00
Marco Oliverio b1b49c9ffb dtls13: always send ACKs on detected retransmission 
Otherwise the connection can stall due the indefinite delay of an explicit ACK,
for exapmle:

 -> client sends the last Finished message
<- server sends the ACK, but the ACK is lost
 -> client rentrasmit the Finished message
 - server delay sending of the ACK until a fast timeout
 -> client rentrasmit the Finished message quicker than the server timeout
 - server resets the timeout, delaying sending the ACK
 -> client rentrasmit the Finished...
 2025-06-16 14:19:32 +02:00