wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 00:52:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,920 Commits 12 Branches 184 Tags
140e18c063fd4efb301672bfb45e45ca6f4bd102
Commit Graph

9450 Commits

Author SHA1 Message Date
Daniel Pouzzner
c2b486ce53 fix some misindentation in wolfcrypt/src/coding.c. 
force lower CMAKE_POLICY_VERSION_MINIMUM to try to work around obsolete cmake config syntax in several OSP workflows.
 2025-04-02 17:08:20 -05:00
Daniel Pouzzner
51c6848340 wolfcrypt/src/coding.c, wolfssl/wolfcrypt/coding.h, wolfcrypt/src/asn.c, 
wolfcrypt/test/test.c: refactor Base64_Decode() with separate always-CT
  Base64_Decode() and never-CT Base64_Decode_nonCT(), and use the latter only to
  decode known-public PEM objects, otherwise use always-CT Base64_Decode().
 2025-04-02 17:08:20 -05:00
JacobBarthelmeh
a3d0ffb1ed Merge pull request #8622 from SparkiDev/kyber_improv_3 
ML-KEM/Kyber: minor improvements
 2025-04-02 09:56:32 -06:00
JacobBarthelmeh
0a4599133c Merge pull request #8599 from kareem-wolfssl/zd19563 
Add support for DoD certificate policy OIDs.
 2025-04-02 09:44:25 -06:00
Sean Parkinson
8a9e125756 ML-KEM/Kyber: minor improvements 
Minor improvement to SHA-3 x64 code.
Minor improvement to performance of ML-KEM/Kyber x64 code.
Minor improvement to performance of C code.
 2025-04-02 13:10:44 +10:00
Sean Parkinson
c5dadd6f8d Merge pull request #8600 from JacobBarthelmeh/microchip 
random implementation does not require PIC32 build macro
 2025-04-01 08:36:45 +10:00
Kareem
8e9a986e0b Add comment clarifying that DoD certificate policy OIDs are not currently being parsed in the code, they are just recognized as valid OIDs. 2025-03-31 14:37:19 -07:00
JacobBarthelmeh
307d746653 Merge pull request #8590 from SparkiDev/arm32_no_assign_reg 
ARM32/Thumb2 ASM: fix WOLFSSL_NO_VAR_ASSIGN_REG
 2025-03-31 10:04:51 -06:00
Kareem
b803a03ddd Add support for ISRG domain validated certificate policy OID (used by Let's Encrypt). Fixes libspdm test failure. 2025-03-28 12:41:52 -07:00
Brett Nicholas
a8384bb426 Merge pull request #8602 from dgarske/cryptocb_no_hmac 
Fix for crypto callback macro guards with `DEBUG_CRYPTOCB`
 2025-03-28 10:51:45 -06:00
David Garske
04a3f1c206 Merge pull request #8604 from LinuxJedi/STM32MP2 
Add instructions for STM32MP25 with OpenSTLinux
 2025-03-28 09:37:13 -07:00
Andrew Hutchings
5d0c3f7c27 Add instructions for STM32MP25 with OpenSTLinux 2025-03-28 09:28:49 +00:00
David Garske
e1ec90a886 Fix for crypto callback without HMAC and DEBUG_CRYPTOCB. Fix guards on crypto cb hashing. 2025-03-27 16:42:24 -07:00
David Garske
d235013fe9 Fix for STM32 PKA with P521 and shared secret. ZD 19422 2025-03-27 15:30:37 -07:00
JacobBarthelmeh
25dc3f08e9 random implementation does not require PIC32 build macro 2025-03-27 15:53:39 -06:00
Kareem
f313edb4cf Add a test certificate for all of the FPKI certificate policy OIDs. 2025-03-27 12:20:36 -07:00
Kareem
eb3b4751ac Handle collisions in FPKI cert policy OID sums. 2025-03-27 12:20:36 -07:00
Kareem
ac2df1420b Checked and corrected all OIDs and OID sums. 2025-03-27 12:20:36 -07:00
Devin AI
53f30b3c47 Add remaining FPKI cert policy OIDs. 
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
 2025-03-27 12:20:29 -07:00
Kareem
6daaaec6e2 WIP: clean up Devin's work, remove duplicate OIDs, handle OID sum collisions 2025-03-27 12:20:28 -07:00
Devin AI
a911f70049 Add other federal PKI OIDs. 
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
 2025-03-27 12:20:02 -07:00
Devin AI
6910f80e3d Add all DoD PKI cert policy OIDs. 
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
 2025-03-27 12:19:49 -07:00
Sean Parkinson
21c0d7803a Greenhills compiler: fix asm and volatile 
Greenhills compiler doesn't accept volatile and __asm__ needs to be
__asm.
 2025-03-27 10:54:19 +10:00
Sean Parkinson
ea677dd30d ARM32 inline ASM: make all vars input when not assigning regs 
Compiler doesn't keep parameters in the same registers as passed if they
are output registers.
 2025-03-27 10:51:01 +10:00
Daniel Pouzzner
ddf7d5b6f1 Merge pull request #8584 from dgarske/stm32_aesgcm 
Fixes for STM32H7S AES GCM. Cleanups for STM32 AES GCM.
 2025-03-26 10:57:18 -05:00
Sean Parkinson
cfab666369 ARM32/Thumb2 ASM: fix WOLFSSL_NO_VAR_ASSIGN_REG 
Thumb2 needed constants defined even with no register assignments.
ARM32 needed support added fo rnot having registers assigned to
variables.
 2025-03-26 12:46:32 +10:00
Daniel Pouzzner
61cdcd71e6 Merge pull request #8588 from SparkiDev/mlkem_encapsulte_no_return 
ML-KEM/Kyber: mlkem_encapsulate not to return a value
 2025-03-25 00:14:41 -05:00
Sean Parkinson
cfc774c152 Merge pull request #8581 from dgarske/no_ecc_check_public_order 
Add option to disable ECC public key order checking
 2025-03-25 09:13:56 +10:00
Sean Parkinson
66662bc399 ML-KEM/Kyber: mlkem_encapsulate not to return a value 
Don't return a value from mlkem_encapsulate() to ensure code is just the
maths.
 2025-03-25 08:11:03 +10:00
David Garske
8635014249 Fix to enable SHA384/SHA512 crypto hardware on STM32H7S. 2025-03-24 14:30:35 -07:00
David Garske
a709b16ed2 Adding option for NO_ECC_CHECK_PUBKEY_ORDER. ZD 19422 2025-03-24 14:00:23 -07:00
Daniel Pouzzner
3cad38a1ca wolfcrypt/test/test.c: gate wc_CmacFree()s in cmac_test() on !HAVE_FIPS || FIPS_VERSION3_GE(6,0,0); fix some return codes in hash_test(). 2025-03-22 17:19:37 -05:00
Daniel Pouzzner
60ffde6d7c wolfcrypt/test/test.c: fix error-path various uninitialized data uses and memory leaks. 2025-03-22 13:40:31 -05:00
Daniel Pouzzner
190f46ef23 wolfcrypt/test/test.c: fix -Wdeclaration-after-statement in sm3_test(). 2025-03-22 01:22:19 -05:00
Daniel Pouzzner
1587f21938 fix a couple -Wdeclaration-after-statements. 2025-03-21 22:33:45 -05:00
Daniel Pouzzner
777d42fabe wolfcrypt/src/siphash.c: gate armasm on defined(WOLFSSL_ARMASM), not !defined(WOLFSSL_NO_ASM). 2025-03-21 21:12:41 -05:00
David Garske
93c8d7df0d Fixes for STM32H7S AES GCM. Cleanups for STM32 AES GCM. 2025-03-21 16:17:36 -07:00
Daniel Pouzzner
1e89002762 fix various -Wdeclaration-after-statements, and add 
-Wdeclaration-after-statement to .github/workflows/pq-all.yml.

rearrange code/gating in wolfcrypt/src/wc_mlkem.c:mlkemkey_encapsulate() for
  clarity and to fix a -Wdeclaration-after-statement.

also, made mlkem_encapsulate_c() and mlkem_encapsulate() return error code
  (currently always zero) rather than void, for consistency.

configure.ac: fix Kyber/ML-KEM option setup.
 2025-03-21 15:46:44 -05:00
David Garske
9a3ea6fd73 Merge pull request #8568 from embhorn/msvs_pqc_build 
Fix MSVS build issues with PQC config
 2025-03-21 12:41:19 -07:00
David Garske
294e4c79a8 Merge pull request #8578 from philljj/coverity_unchecked_ret 
Coverity unchecked return value
 2025-03-21 10:05:29 -07:00
David Garske
9258fde02f Merge pull request #8570 from wolfSSL/devin/1742405136-cipherType-to-string 
Add wolfSSL_EVP_CIPHER_type_string function and test
 2025-03-21 10:04:41 -07:00
Eric Blankenhorn
f663ed28b6 Fix MSVS build issues with PQC config 2025-03-21 11:49:55 -05:00
Chris Conlon
7c9ecd39fe Merge pull request #8550 from lealem47/STM32WBA 
Add support for STM32WBA
 2025-03-21 09:58:17 -06:00
David Garske
b9aeeac58b Merge pull request #8576 from douzzer/20250319-FIPS-lean-aesgcm 
20250319-FIPS-lean-aesgcm
 2025-03-21 08:55:34 -07:00
jordan
8d0931df9d coverity: check mp radix ret values. 2025-03-21 10:08:13 -04:00
jordan
15ac07c9ef coverity: check correct ret value. 2025-03-21 09:25:28 -04:00
jordan
3a02ab286c coverity: unchecked return value with mp_copy. 2025-03-21 08:59:31 -04:00
Daniel Pouzzner
57ecd4b246 configure.ac: fix -DNO_BIG_INT setup to recognize $ENABLED_SP_MATH. 
wolfcrypt/test/test.c: fix gating around modLen in rsa_test().

wolfssl/openssl/bn.h: remove superfluous WOLFSSL_SP_MATH gate around mp_int mpi
  in struct WOLFSSL_BIGNUM definition.

wolfssl/wolfcrypt/wolfmath.h: add check for "Conflicting MPI settings.", add
  initial check for WOLFSSL_SP_MATH_ALL || WOLFSSL_SP_MATH to include sp_int.h,
  and remove superfluous WOLFSSL_SP_MATH gate on "common math functions".
 2025-03-20 22:18:22 -05:00
David Garske
5f013c735e Merge pull request #8575 from ColtonWilley/fix_cryptocb_rsa_pad_ret_len 
Fix outlen return for RSA private decrypt with WOLF_CRYPTO_CB_RSA_PAD
 2025-03-20 19:03:25 -07:00
Daniel Pouzzner
b544354306 wolfssl/wolfcrypt/wolfmath.h: don't include an MPI header if NO_BIG_INT is 
defined, and issue a #error if no MPI backend gate is defined and NO_BIG_INT
   is not defined either.

configure.ac:
* add support for FIPS lean-aesgcm[-{ready,dev}].
* implement handler for --enable-sha256.
* move setup for WOLFSSL_FIPS_DEV and WOLFSSL_FIPS_READY into the applicable
    per-flavor sections.
* fix sensing of $ENABLED_AESGCM in FIPS setup clauses to pivot on `!= "no"`
    rather than `= "yes"`, to accommodate "4bit" and other non-"yes" values.
* fix SNI_DEFAULT to be "no" if $ENABLED_TLS = no.
* fix ENABLED_DHDEFAULTPARAMS default to be $ENABLED_DH rather than yes.

wc_encrypt.c: add missing gates in wc_CryptKey() for NO_SHA256.

wolfcrypt/test/test.c: gating fixes for NO_SHA256.

wolfcrypt/benchmark/benchmark.c: basic fixes for building/running with
  --disable-rng (-DWC_NO_RNG).

With the above additions and fixes, it's now a clean build, test, and benchmark,
  with --disable-sha256 --enable-cryptonly --disable-hashdrbg --disable-rng
  --disable-hmac, though RSA/DH/ECC benches are disabled.
 2025-03-20 20:03:34 -05:00