Commit Graph

9499 Commits

Author SHA1 Message Date
Sean Parkinson dc70cfa3b3 ARM32/Thumb2/RISC-V 64 ASM: omit frame pointer
ARM32/Thumb2: Generated code now omits the frame pointer attribute on
each function. Remove global use in configure.ac.
RISC-V 64: Omit the frame pointer on the one function that uses the
register 's0'.
2025-06-18 10:20:55 +10:00
Kaleb Himes 6f78c26bff Merge pull request #8820 from SparkiDev/entropy_cont_tests_fix
Entropy - fix off by ones in continuous testing
2025-06-17 17:56:00 -06:00
Sean Parkinson c724c6560d Entropy - fix off by ones in continuous testing
rep_cnt is count of contiguous bytes with same value.
First ever sample must set count to 1.

Wasn't filling the cache up completely.
Off by one in check for initial fill.
2025-06-18 08:10:55 +10:00
Kareem 7e4ec84124 Add macros for legacy get_digit functions for FIPS/selftest. 2025-06-17 10:12:06 -07:00
Kareem 9c9465aa23 Also account for selftest for mp_get_digit refactor. 2025-06-17 10:12:06 -07:00
Kareem 05aa4f5f08 Make mp_get_digit refactor FIPS friendly. 2025-06-17 10:12:06 -07:00
Kareem 304019d28d Fix inclusion guard around wc_RsaSSL_Verify.
The current condition of !WOLFSSL_RSA_VERIFY_ONLY doesn't make sense,
as the verify only case will want this function.

Based on the original change and the context, it looks like this was a
typo meant to be !WOLFSSL_RSA_VERIFY_INLINE.
2025-06-17 10:12:06 -07:00
Kareem e8c110d2ac Rename get_digit* to mp_get_digit* to avoid conflicts with other functions named get_digit. 2025-06-17 10:12:06 -07:00
Kareem 6633b52e28 Don't try to build wc_RsaSSL_Sign in asn.c MakeSignature if RSA public or verify only is enabled. 2025-06-17 10:12:06 -07:00
David Garske 83954100d6 Merge pull request #8812 from kosmax871/tropic01-dev
Added crypto callback functions for TROPIC01 secure element
2025-06-17 10:03:18 -07:00
David Garske 5e6c1ba05f Merge pull request #8879 from julek-wolfssl/openssh-10.0p2
Updates for OpenSSH 10.0p2
2025-06-17 09:36:45 -07:00
Maxim Kostin 037ccbaa05 Update TROPIC01 integration guide and header file for key slot definitions and datasheet link 2025-06-16 21:12:19 +02:00
Maxim Kostin f865e0de97 improve ED25519 key handling in CryptoCb function 2025-06-16 20:27:15 +02:00
Maxim Kostin 60f442b04e Fix formatting inconsistencies in README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin bab7677273 Added AES IV retrieval from TROPIC01 and use of new R-Memory slot definitions 2025-06-16 20:27:15 +02:00
Maxim Kostin 3b198babe3 Add Tropic01_Deinit call in wolfCrypt_Cleanup for proper resource management 2025-06-16 20:27:15 +02:00
Maxim Kostin 172728bf7f Refactor Tropic01 interface: clean up code formatting and improve function declarations 2025-06-16 20:27:15 +02:00
kosmax871 5696582add Update README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin 375af753aa Changes for the PR https://github.com/wolfSSL/wolfssl/pull/8812 2025-06-16 20:27:15 +02:00
Maxim Kostin 2f210b3907 Refactor TROPIC01 integration: update README, enhance pairing key handling, and improve error messages 2025-06-16 20:27:15 +02:00
Maxim Kostin 296bfd258c README.md added 2025-06-16 20:27:15 +02:00
Maxim Kostin 0eecfbfb35 ed25519 fixes 2025-06-16 20:27:15 +02:00
Maxim Kostin cd76615e49 added support of ED25519 2025-06-16 20:27:15 +02:00
kosmax871 7c1980fe01 some fixes and updates 2025-06-16 20:27:15 +02:00
kosmax871 b13fdaa05e Draft of readme.md 2025-06-16 20:27:15 +02:00
Maxim Kostin 385be1c08a added support for Tropic01 crypto callbacks 2025-06-16 20:27:15 +02:00
Juliusz Sosinowicz aca6da66f6 Set default seedCb when not FIPS 2025-06-16 17:39:22 +02:00
Juliusz Sosinowicz 37554a13db Updates for OpenSSH 10.0p2
- random.c: use getrandom when available and fall back to direct file access
- openssh.yml: run more tests
- openssh.yml: add 10.0p2 and 9.9p2
- configure.ac: detect if `getrandom` is available on the system
- configure.ac: openssh requires WC_RNG_SEED_CB to always use `getrandom` so that the RNG doesn't get killed by SECCOMP
2025-06-13 18:06:19 +02:00
Koji Takeda ff1baf0ae7 Apply stronger salt length for PBES2 2025-06-14 00:45:03 +09:00
David Garske c5e63b84ca Merge pull request #8840 from douzzer/20250605-linuxkm-DRBG-multithread-round-1
20250605-linuxkm-DRBG-multithread-round-1
2025-06-12 13:17:54 -07:00
David Garske 2fc1110a13 Merge pull request #8587 from lealem47/gh8574
Fix bug in ParseCRL_Extensions
2025-06-12 12:09:52 -07:00
David Garske bfdce3a345 Merge pull request #8832 from SparkiDev/aarch64_xfence
Aarch64 XFENCE
2025-06-12 11:53:55 -07:00
David Garske 6571f42cb9 Merge pull request #8867 from JacobBarthelmeh/rng
Improvements to RNG and compatibility layer
2025-06-11 14:31:53 -07:00
Sean Parkinson 1c85a76ddd Dilithium/ML-DSA: Fixes for casting down and uninit 2025-06-11 11:14:49 +10:00
Sean Parkinson d66863d0ac Aarch64 XFENCE
Use sb instruction instead of isb if available.
2025-06-11 09:29:20 +10:00
JacobBarthelmeh ae87afa677 Merge pull request #8857 from miyazakh/tsip_fix
fix TSIP TLS example program
2025-06-10 16:26:34 -06:00
JacobBarthelmeh 47cf634965 add a way to restore previous pid behavior 2025-06-10 16:12:09 -06:00
JacobBarthelmeh 31490ab813 add sanity checks on pid with RNG 2025-06-10 14:37:11 -06:00
JacobBarthelmeh 047f0bb5fc Merge pull request #8847 from gojimmypi/pr-platformio-cert-bundles
Improve PlatformIO Certificate Bundle Support
2025-06-10 10:23:07 -06:00
Koji Takeda 0260ff789b Clarify supported PKCS12 encryption algorithms 2025-06-09 12:03:47 +09:00
Hideki Miyazaki 0404447bd8 fix typo 2025-06-07 12:46:22 +09:00
Hideki Miyazaki 1f8efc3c14 fix TSIP example
fix Client Certificate Verify using RSA sign/verify
2025-06-07 12:38:18 +09:00
Daniel Pouzzner ae15693fa8 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_generate() and wc_linuxkm_drbg_seed(), check retval from wc_LockMutex().
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), restore smallstack path for digest[], but use non-smallstack path for WOLFSSL_LINUXKM.
2025-06-07 07:07:20 +04:00
gojimmypi 3254f56d32 Improve PlatformIO Certificate Bundle Support 2025-06-06 15:48:07 -07:00
JacobBarthelmeh ae7509e746 Merge pull request #8813 from gojimmypi/espressif-mlkem-support
Adjust Espressif Examples for Post Quantum ML-KEM
2025-06-06 11:41:59 -06:00
JacobBarthelmeh 9ffca6b39c Merge pull request #8822 from kojiws/support_cert_aes_cbc_on_pkcs12_export
Support PBE_AES(256|128)_CBC certificate encryptions on wc_PKCS12_create()
2025-06-06 11:35:13 -06:00
JacobBarthelmeh c207e2d198 Merge pull request #8838 from miyazakh/fsp_fix2
Fix Renesas SCE on RA6M4
2025-06-05 09:43:05 -06:00
Daniel Pouzzner dbc34352c7 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_seed(), prefix the supplied seed with the CPU ID of each DRBG, to avoid duplicate states;
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), always put digest[] on the stack even in WOLFSSL_SMALL_STACK configuration (it's only 32 bytes);

configure.ac: default smallstackcache on when linuxkm-defaults.
2025-06-05 16:31:46 +04:00
Sean Parkinson 640b060792 LMS: Key ID fixup
Fix implementation for extracting from private key data.
Add implementation that gets Key ID from wc_LmsKey.
2025-06-05 10:25:47 +10:00
Lealem Amedie 02a49693e2 Fix bug in ParseCRL_Extensions 2025-06-04 10:23:53 -06:00