wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 11:02:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,188 Commits 12 Branches 184 Tags
2bcad989da4f94d8eb7f5028ee62de355d4e4044
Commit Graph

9153 Commits

Author SHA1 Message Date
David Garske
2bcad989da Merge pull request #8309 from douzzer/20241221-fix-CEscape-bounds-check 
20241221-fix-CEscape-bounds-check
 2024-12-21 14:51:46 -08:00
Daniel Pouzzner
50a0773c09 Merge pull request #8285 from LinuxJedi/gaisler 
Add initial support for Gaisler-BCC with Sparc
 2024-12-21 11:03:39 -06:00
Daniel Pouzzner
33a47c1c04 Merge pull request #8265 from JacobBarthelmeh/armasm 
armasm with opensslcoexist build
 2024-12-21 10:06:27 -06:00
Daniel Pouzzner
b07f2cb461 wolfcrypt/src/coding.c: fix incorrect array bounds check in CEscape(), introduced in 8bbe8a7c8a (before which there was no bounds check at all). 2024-12-21 09:47:07 -06:00
Andrew Hutchings
231cea34ef Add initial support for Gaisler-BCC with Sparc 
Slight modifications and documentation to get wolfSSL working with
Gaisler Sparc CPUs and their cross-compilers.
 2024-12-21 09:19:58 +00:00
JacobBarthelmeh
67f3343a5d Merge pull request #8306 from SparkiDev/kyber_no_avx2_fix 
ML-KEM/Kyber: fix kyber_prf() for when no AVX2
 2024-12-20 11:40:46 -07:00
JacobBarthelmeh
7cebe95138 Merge pull request #8304 from SparkiDev/regression_fixes_15 
Regression testing: fixes
 2024-12-20 11:29:15 -07:00
Sean Parkinson
e507c466d5 ML-KEM/Kyber: fix kyber_prf() for when no AVX2 
When no AVX2 available, kyber_prf() is called to produce more than one
SHAKE-256 blocks worth of ouput. Otherwise only one block is needed.
Changed function to support an outlen of greater than one block.
 2024-12-20 11:03:58 +10:00
Kareem
8bbe8a7c8a Fix a couple of missing bounds checks found via code analyzer. 2024-12-19 17:01:25 -07:00
Sean Parkinson
b7c1e1cf35 Regression testing: fixes 
src/x509.c: wolfssl_x509_name_entry_set() ne->object is freed if call to
wolfSSL_OBJ_nid2obj_ex() fails. Always assign directly back to
ne->object.

wolfcrypt/test/test.c: aes_ctr_test() doesn't need AES decrypt
./configure '--disable-shared' '--enable-cryptonly'
'CFLAGS=-DNO_AES_DECRYPT' '--disable-aescbc' '--disable-aesofb'
'--disable-aescfb' '--disable-aesgcm' '--disable-aesccm'
'--enable-aesctr' '--disable-aesxts' '--disable-aeseax'

tests/api.c: test_X509_STORE_InvalidCa() only defined when !NO_RSA
./configure '--disable-shared' '--enable-opensslall' '--disable-rsa'

tests/api.c: test_wolfSSL_GENERAL_NAME_print() free ridObj if not
assigned into gn.
 2024-12-20 09:25:03 +10:00
Daniel Pouzzner
ed76d8ea10 Merge pull request #8297 from miyazakh/ra_jankins 
Fix RA6M4 jankins failure
 2024-12-18 22:18:43 -06:00
Daniel Pouzzner
122502e2b1 wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion. 2024-12-18 11:51:06 -06:00
Hideki Miyazaki
39c11c269f Fix RA6M jankins failure 2024-12-18 07:37:21 +09:00
Daniel Pouzzner
f23a2f2f48 wolfcrypt/src/aes.c: add missing WOLFSSL_ARMASM gate clause around wolfCrypt_FIPS_aes_ro_sanity, necessitated by 514a92d6ee/#8293. 2024-12-17 14:17:52 -06:00
Daniel Pouzzner
22e95081cd Merge pull request #8181 from gojimmypi/dev-compiler-message 
Initialize vars & change types to appease Windows/VS
 2024-12-16 23:19:05 -06:00
Daniel Pouzzner
9d7c02589f Merge pull request #8276 from SparkiDev/ed448_muladd_full_reduce 
EdDSA Ed448: sc_muladd now does full reduction
 2024-12-16 20:29:49 -06:00
Daniel Pouzzner
fd22bfc0b7 Merge pull request #8293 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-16 14:57:53 -06:00
Sean Parkinson
514a92d6ee Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-16 17:46:08 +10:00
JacobBarthelmeh
ad03518aa8 armasm with opensslcoexist build 2024-12-13 17:11:32 -07:00
David Garske
71325a2a32 Revert "Aarch64: make code compile when no hardware crypto avail" 2024-12-13 13:52:53 -08:00
JacobBarthelmeh
d7e40e7413 Merge pull request #8264 from dgarske/various_20241206 
Various cleanups and fixes
 2024-12-13 13:48:10 -07:00
David Garske
79d9b2d6c3 Merge pull request #8277 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-12 15:49:57 -08:00
Sean Parkinson
24bb2b7fab Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-13 09:16:11 +10:00
Kareem
d4af181593 Add support for the RFC822 Mailbox attribute. 2024-12-12 12:37:32 -07:00
Daniel Pouzzner
1f1e985d73 Merge pull request #8268 from bandi13/fixMemleak 
Fix memory leak
 2024-12-11 16:35:38 -06:00
Sean Parkinson
c9c28335ae EdDSA Ed448: sc_muladd now does full reduction 
sc_muladd was reducing to word boundary and not to order.
Now reduces to order as last step.
 2024-12-12 08:33:35 +10:00
Daniel Pouzzner
d825b08e16 Merge pull request #8275 from SparkiDev/aarch64_poly1305_fix 
Aarch64 Poly1305: fix corner case
 2024-12-11 16:24:36 -06:00
Daniel Pouzzner
88241f1a2c Merge pull request #8267 from ColtonWilley/pkcs11_cert_support 
PKCS11 cert support
 2024-12-11 16:04:58 -06:00
Sean Parkinson
c0f3b433b2 Aarch64 Poly1305: fix corner case 
Don't mask top 26 bits as it may have next bit set as reduction step was
only approximate.
 2024-12-11 12:49:21 +10:00
JacobBarthelmeh
59ea24f915 Merge pull request #8225 from gojimmypi/pr-espressif-improve-sha-msg 
Improve Espressif SHA HW/SW mutex messages
 2024-12-10 17:30:03 -07:00
Daniel Pouzzner
d257a59087 add support for WOLFSSL_NO_OPTIONS_H: 
* activate WOLFSSL_NO_OPTIONS_H in linuxkm/Kbuild for in-module test.o and benchmark.o.
* refine explanatory comments in settings.h re WOLFSSL_USE_OPTIONS_H, WOLFSSL_NO_OPTIONS_H, and WOLFSSL_CUSTOM_CONFIG.
* add safety catch to options.h/options.h.in to inhibit inclusion if defined(WOLFSSL_NO_OPTIONS_H).
* for good measure, add explicit check for WOLFSSL_NO_OPTIONS_H to wolfcrypt/benchmark/benchmark.c and wolfcrypt/test/test.c.
 2024-12-10 13:02:37 -06:00
Colton Willey
00386c76bf No redundant NULL check on free 2024-12-10 09:43:03 -08:00
Colton Willey
0c20a20acc Use char instead of sword8, sanity length check on CKA_VALUE 2024-12-09 16:09:04 -08:00
gojimmypi
7bc026540b Improve Espressif SHA HW/SW mutex messages 2024-12-09 14:51:18 -08:00
Colton Willey
0cda59e00e Add support for cert format in get cert crypto callback 2024-12-09 14:32:02 -08:00
David Garske
c4e319b092 Cleanup the gating for WOLFSSL_NO_AES_CFB_1_8. 2024-12-09 13:51:51 -08:00
Andras Fekete
ff66998575 Fix memory leak 2024-12-09 16:24:38 -05:00
Colton Willey
c83c9e68c9 Updates per review comments 2024-12-09 13:10:32 -08:00
Colton Willey
324b87614e Initial implementation for using PKCS11 to retrieve certificate for SSL CTX 2024-12-09 12:15:41 -08:00
David Garske
017f931f8b Various cleanups and fixes: 
* Fix to properly set configure.ac LMS/XMSS enables and build of those code files.
* Remove duplicate aes.c `wc_AesSetKeyLocal` call to `wc_AesSetIV`. Moved earlier in function in commit a10260ca5f.
* Benchmark missing time.h with NO_ASN_TIME.
* Added option to support disabling AES CFB 1/8 `WOLFSSL_NO_AES_CFB_1_8`.
* Fixes for building with combinations of `WOLFSSL_RSA_VERIFY_ONLY` and `WOLFSSL_RSA_PUBLIC_ONLY`.
* Fix for building `--enable-stacksize=verbose` with single threaded.
* Various tab and formatting cleanups.
ZD 18996
 2024-12-06 16:45:33 -08:00
JacobBarthelmeh
1bfbdb6c7f Merge pull request #8257 from dgarske/settings_h 
Fix issue with wc_lms_impl.c or wc_lms not including settings.h
 2024-12-05 11:43:43 -07:00
David Garske
1e9607b65e Fixes for ML-DSA and LMS cast warnings and spelling errors. 2024-12-05 08:34:58 -08:00
JacobBarthelmeh
aa32027c26 Merge pull request #8236 from philljj/zephyr_thread_type 
wc_port: change zephyr struct k_thread tid member to pointer.
 2024-12-05 09:29:30 -07:00
David Garske
19b486e1f7 Fix issue with wc_lms_impl.c or wc_lms not including settings.h. Caused issue enabling LMS from user_settings.h. 2024-12-05 08:15:11 -08:00
Lealem Amedie
3476425967 Fix for Compressed Keys with FIPS 2024-12-03 14:56:30 -07:00
JacobBarthelmeh
42afede3fc Merge pull request #8235 from dgarske/fix_sp_rsa_publiconly 
Fixes for building with SP RSA small and RSA Public only
 2024-12-02 10:39:08 -07:00
JacobBarthelmeh
015d47b9cd Merge pull request #8231 from LinuxJedi/STM32MP13 
Add STM32MP13 HAL support for more SHA types
 2024-12-02 10:18:38 -07:00
jordan
a18f71c27b wc_port: change zephyr struct k_thread tid member to pointer. 2024-11-27 16:05:48 -06:00
David Garske
57e1bf9fba Fixes for building with SP RSA small and RSA Public only. ZD 18996 2024-11-27 13:26:45 -08:00
Andrew Hutchings
f15dbb9110 Add STM32MP13 HAL support for more SHA types 
This adds STM32 HAL support for:

* SHA384
* SHA512 (with -224 and -256)
* SHA3 (all variants apart from SHAKE)

The partial FIFO block calculations have been adjusted based in the
STM32 code to support the larger hash sizes.

This should work with other chips such as the STM32U5xx, but is not
enabled for that yet.
 2024-11-27 15:04:45 +00:00