wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 09:52:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,165 Commits 12 Branches 184 Tags
1cb2231ff595c1922dd709b0bfff2f4abf8847ca
Commit Graph

9056 Commits

Author SHA1 Message Date
David Garske
1cb2231ff5 Added build option to allow certificate CA matching using AKID with signers SKID ( WOLFSSL_ALLOW_AKID_SKID_MATCH). Fixed issue with cert->extAuthKeyIdSz not being set with ASN template code. 2025-12-19 14:14:39 -08:00
JacobBarthelmeh
8153ea6189 Merge pull request #9559 from cconlon/pkcs7SignedNonOctet 
Fix PKCS#7 SignedData parsing for non-OCTET_STRING content types
 2025-12-19 11:12:06 -07:00
Chris Conlon
afe82b9512 Fix PKCS#7 degenerate detection based on signerInfos length 2025-12-18 16:28:03 -07:00
Chris Conlon
d6dcd30736 Fix PKCS#7 streaming for non OCTET STRING content types 2025-12-18 16:28:01 -07:00
JacobBarthelmeh
4162f24434 Merge pull request #9555 from embhorn/zd20964 
Null deref check in Pkcs11ECDH
 2025-12-18 15:14:35 -07:00
Daniel Pouzzner
83e9a0780f wolfcrypt/src/wc_lms.c: fix leak in wc_LmsKey_Reload(). 2025-12-18 11:09:37 -06:00
Eric Blankenhorn
d1a4677a8a Null deref check in Pkcs11ECDH 2025-12-18 10:10:57 -06:00
Sean Parkinson
a103f5af8b Merge pull request #9545 from douzzer/20251211-DRBG-SHA2-smallstackcache-prealloc 
20251211-DRBG-SHA2-smallstackcache-prealloc
 2025-12-18 10:07:37 +10:00
Sean Parkinson
b7e69fb2f3 Merge pull request #9543 from kareem-wolfssl/zd20944 
Check Curve25519 public key after generating one to avoid generating invalid keys.
 2025-12-18 09:29:58 +10:00
JacobBarthelmeh
911e996a8d Merge pull request #9546 from SparkiDev/curve25519_base_smul_improv 
Curve25519: improved smul
 2025-12-17 15:28:56 -07:00
Daniel Pouzzner
b23f59f137 Merge pull request #9540 from sameehj/linuxkm_tegra_fips_fixes 
linuxkm: fix Tegra Yocto FIPS build issues (ARM64, RT, PIE)
 2025-12-17 12:49:23 -06:00
Daniel Pouzzner
fc7d4ffad4 PR#9545 20251211-DRBG-SHA2-smallstackcache-prealloc addressing peer review: clear dest if necessary in InitHandshakeHashesAndCopy(), style tweaks in random.c, explanatory comments in sha512.c. 2025-12-17 11:07:22 -06:00
Daniel Pouzzner
8bd0fb0e4b wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h: refactor WOLFSSL_SMALL_STACK_CACHE support to eliminate all heap calls after init and before cleanup. 
* add DRBG_internal.{seed_scratch,digest_scratch}
  * add WC_RNG.{drbg_scratch,health_check_scratch,newSeed_buf}
  * refactor to implement new WOLFSSL_SMALL_STACK_CACHE dynamics:
    * wc_RNG_HealthTestLocal()
    * Hash_df()
    * Hash_gen()
    * Hash_DRBG_Generate()
    * Hash_DRBG_Instantiate()
    * _InitRng()
    * PollAndReSeed()
    * wc_FreeRng()
    * wc_RNG_HealthTest_ex_internal()
    * wc_RNG_HealthTest_ex()
    * wc_RNG_HealthTestLocal()
  * refactor out WOLFSSL_KERNEL_MODE gates (now all WOLFSSL_SMALL_STACK_CACHE)
 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
2b28931855 wolfcrypt/src/sha256.c and wolfcrypt/src/sha512.c: in WOLFSSL_SMALL_STACK_CACHE builds, allocate shafoo->W at init or context copy time, rather than in the transform function. for the SHA512 family, allocate additional space in W for "buffer" in wc_Sha512Transform(). 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
525266c467 wolfssl/wolfcrypt/mem_track.h and wolfcrypt/src/memory.c: add WOLFSSL_API extern memoryStats *wc_MemStats_Ptr, set by InitMemoryTracker() and cleared by CleanupMemoryTracker(), allowing public access to the memory statistics. 
tests/unit.c: at end of unit_test(), when WOLFSSL_TRACK_MEMORY, explicitly wolfSSL_Cleanup() then check and error if wc_MemStats_Ptr->currentBytes > 0.
 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
1e38a1011e wolfcrypt/src/wolfentropy.c: in wc_Entropy_Get(): 
* use a bss segment allocation for noise, to avoid a heap allocation (access is already mutex-protected), and
  * in the loop, WC_CHECK_FOR_INTR_SIGNALS() and WC_RELAX_LONG_LOOP().
 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
50b51adc93 wolfcrypt/src/hmac.c and wolfssl/wolfcrypt/hmac.h: implement WOLFSSL_API wc_HmacCopy(), and remove the WOLFSSL_HMAC_COPY_HASH gate on HmacKeyCopyHash(). 2025-12-17 11:01:10 -06:00
Daniel Pouzzner
2802e2d82b wolfcrypt/src/rsa.c: in RsaUnPad_OAEP(), refactor volatile-based constant time mitigation to fix "using value of assignment with ‘volatile’-qualified left operand is deprecated [-Werror=volatile]" (new warning from gcc-16.0.0_p20251207, not reported by gcc-16.0.0_p20251116-r1). 2025-12-17 11:01:10 -06:00
Sameeh Jubran
a5f1fde955 linuxkm: fix Tegra Yocto FIPS build issues (ARM64, RT, PIE) 
Fix multiple build and runtime issues when building wolfSSL LinuxKM FIPS
on NVIDIA Tegra (ARM64) kernels under Yocto.

- Disable ARM64 LSE atomics for out-of-tree modules to avoid jump_table
  asm constraints
- Handle PREEMPT_RT mutex and spinlock differences correctly
- Avoid alt_cb_patch_nops / queued_spin_lock_slowpath on Tegra
- Remove conflicting compiler auto-var-init flags for PIE objects
- Align PIE symbol redirection with RT and Tegra kernels

This restores successful LinuxKM FIPS builds on Tegra-based Yocto systems.

Signed-off-by: Sameeh Jubran <sameeh.j@gmail.com>
 2025-12-17 14:32:26 +02:00
Sean Parkinson
af2c6cc932 AES-GCM ARM32/Thumb2 ASM: don't change aes->reg in decrypt 
OpenSSL compatability layer expects aes->reg to be unmodified by AES-GCM
decrypt call. ARM32/Thumb2 assembly implementation  modifies buffer.
Keep a copy and restore aes->reg after call.
 2025-12-17 16:04:25 +10:00
Sean Parkinson
f54266c2c6 Curve25519: improved smul 
Use the Ed25519 base smul in Curve25519 base mul and covert to
Montogmery curve for a faster implementation.
Only when Ed25519 is compiled in or WOLFSSL_CURVE25519_USE_ED25519 is
defined.
When compiling Intel x64 assembly and Aarch64 assembly, always define
WOLFSSL_CURVE25519_USE_ED25519.
Can't use with blinding - normal C implementation.

Optimized the Curve25519 smul slightly for Intel x64 and Aarch64.
Improved the conditional table lookup on Intel x64 to use AVX2 when
available.
 2025-12-17 13:25:36 +10:00
JacobBarthelmeh
b42e9a9410 Merge pull request #9529 from SparkiDev/dsa_pg_sp_int_fix 
DSA Parameter Generation: init g earlier
 2025-12-16 14:52:45 -07:00
JacobBarthelmeh
75fdf959c1 Merge pull request #9514 from kareem-wolfssl/zd20936 
Fix uninitialized variable, fix potentially undefined printf reference in HASH_DRBG_Generate.
 2025-12-16 14:48:17 -07:00
Kareem
36eda9fb75 Check Curve25519 public key after generating one to avoid generating invalid keys. 
Thanks to Kr0emer for the report.
 2025-12-15 16:31:29 -07:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Kareem
968662063d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-15 14:06:18 -07:00
Daniel Pouzzner
b9368d7a3d Merge pull request #9516 from embhorn/gh3665 
Add checking of size param and clarify usage in doc
 2025-12-15 10:49:57 -06:00
Sean Parkinson
dacb3425cd DSA Parameter Generation: init g earlier 
Ensure dsa->g is initialized with other mp_ints so that it can be
cleared at the end regardless of failures.

Don't clear tmp or tmp2 if allocation or initialization failed as you
will access uninitialized data.
 2025-12-15 09:12:11 +10:00
JacobBarthelmeh
5099e6e315 add macro guard on use of time_t 2025-12-12 16:42:19 -07:00
Kareem
2d4e589a8d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:45 -07:00
Kareem
3797c03e6c Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:34 -07:00
night1rider
cf42d14e10 Fix wc_CmacFree() and wc_CMAC_Grow() to use correct heap pointer from internal Aes structure 2025-12-12 11:14:16 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Sean Parkinson
8e14d4a774 Aarch64 AES ASM no hw crypto: no dead code 
Fix code so that there is no dead code compiled.
That is, change if checks to #ifdef checks.
 2025-12-12 12:31:36 +10:00
Daniel Pouzzner
9201b4e5eb Merge pull request #9515 from anhu/salt_len_min 
Note that HMAC_FIPS_MIN_KEY is also salt len min for HKDF
 2025-12-11 13:03:06 -06:00
Anthony Hu
cd4f96924b Better error message too. 2025-12-11 12:23:38 -05:00
Eric Blankenhorn
67b6b284d6 Add checking of size param and clarify usage in doc 2025-12-11 08:27:57 -06:00
Kareem
63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Sean Parkinson
80b7ea638e Aarch64 no harware crypto assembly AES 
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
 2025-12-10 08:55:58 +10:00
JacobBarthelmeh
5b7480486e Merge pull request #9487 from dgarske/qathash 
Fix QAT hash final with no update and fix g++ warnings
 2025-12-04 11:35:46 -07:00
David Garske
f01c4f10fa Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix 
RSA decrypt: don't write past buffer end on error
 2025-12-04 10:06:37 -08:00
David Garske
1dfa4d1bcf Merge pull request #9488 from SparkiDev/aes_gcm_4bit_be 
AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
 2025-12-04 10:06:06 -08:00
Sean Parkinson
bff29a8535 ARM32/Thumb2 ASM SHA-256: provide small code size option 
WOLFSSL_ARMASM_SHA256_SMALL for Thumb2 and ARM32 using base instructions
compiles implementations that are smaller but slower.
 2025-12-04 16:44:37 +10:00
David Garske
45b7fb9e39 Merge pull request #9489 from julek-wolfssl/zd/20860 
Fix AKID CA lookup
 2025-12-03 08:16:51 -08:00
Juliusz Sosinowicz
995e63f6e1 Fix AKID CA lookup 
The `authorityCertIssuer` field refers to the Issuer field of the CA being looked up and not its Subject field.
 2025-12-03 10:47:40 +01:00
Sean Parkinson
697bc47d8e AES-GCM, 4-bit table, Big Endian: fast impl of GMULT 
Add fast implementation GMULT for big-endian platforms like PowerPC and
PowerPC64.
Speeds up AES-GCM.
 2025-12-03 11:22:49 +10:00
David Garske
628c1e5225 Fix g++ compiler implicit cast warnings 2025-12-02 10:54:16 -08:00
David Garske
6deef7c14a QAT fix to properly handle a finish with no update 2025-12-02 09:57:12 -08:00
David Garske
dd40417fca Merge pull request #9479 from josepho0918/aes-cbc-mmcau 
Prefer ARMASM over MMCAU for AES CBC when both enabled
 2025-12-02 07:58:17 -08:00
David Garske
a2f46cd9b0 Merge pull request #9470 from lealem47/MLKEM_PUB_HASH_E 
ML-KEM: Add check for Pubkey hash mismatch on decoding the dk
 2025-12-01 12:49:48 -08:00