Commit Graph

28332 Commits

Author SHA1 Message Date
David Garske 4f1d578212 Merge pull request #9610 from Frauschi/pre_master_secret_size
Remove PQC-based buffer size increase for PreMasterSecret
2026-01-08 11:18:19 -08:00
David Garske 198eac24d3 Merge pull request #9606 from Frauschi/cleanup_decode_private_key
Cleanup for DecodePrivateKey() functionality
2026-01-08 11:09:44 -08:00
David Garske d25f98fd82 Merge pull request #9584 from miyazakh/fix_qtfail
Fix qt jenkins nightly test failure
2026-01-08 10:58:20 -08:00
David Garske 133d29dcef Merge pull request #9626 from rizlik/name_contraints_fixes
asn: MatchBaseName fixes
2026-01-08 10:56:53 -08:00
David Garske f57484d1b3 Merge pull request #9616 from douzzer/20251230-persistent-drbg
20251230-persistent-drbg
2026-01-08 10:54:45 -08:00
David Garske b609fe28ca Merge pull request #9611 from Frauschi/psk_compile_fix
Fix for PSK compile option
2026-01-08 10:52:57 -08:00
Tobias Frauenschläger b934d9587a Add Zephyr support for TRACK_MEMORY 2026-01-08 19:27:24 +01:00
David Garske 97d9bfcea6 Merge pull request #9601 from rizlik/early_data_client_side_fixes
check that we are resuming in write_early_data + minor fixes
2026-01-08 10:26:48 -08:00
David Garske 71f3bd4cd3 Merge pull request #9627 from SparkiDev/aarch64_asm_chacha20_256
ChaCha20 Aarch64 ASM fix: 256-bit case fixed
2026-01-08 10:24:48 -08:00
David Garske d290caa848 Merge pull request #9608 from Frauschi/typo_fix
Fix for WOLFSSL_BLIND_PRIVATE_KEY and WOLFSSL_DUAL_ALG_CERTS
2026-01-08 10:23:30 -08:00
Tobias Frauenschläger 05dc9f0449 Fix memory leak in case of handshake error
Make sure peer dilithium key is properly freed in case the handshakes fails.
2026-01-08 16:50:28 +01:00
Per Allansson c979f95648 IDE/XCODE: fix file types for asm.S files 2026-01-08 16:47:04 +01:00
Hideki Miyazaki 08876e278a Fix CRL Number hex string buffer overflow in CRL parser 2026-01-08 17:25:19 +09:00
Sean Parkinson 883ceecf8a ChaCha20 Aarch64 ASM fix: 256-bit case fixed
Fixed the 256-bits at a time crypt assembly code.

Add a chunking test for ChaCha20.
2026-01-08 18:01:15 +10:00
Daniel Pouzzner 0059f1647e move WC_RNG_BANK_SUPPORT implementation from wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h to new files wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h;
wolfcrypt/src/rng_bank.c:

  * add wc_local_rng_bank_checkout_for_bankref, wc_BankRef_Release(), wc_rng_bank_new(), and wc_rng_bank_free();

  * in wc_rng_bank_checkin(), take a struct wc_rng_bank_inst **rng_inst and NULL it before return;

  * in wc_rng_bank_init(), add a devId arg, and handle devId in wc_rng_bank_inst_reinit();

  * add WC_RNG_BANK_INST_LOCK_* and use them in wc_rng_bank_checkout() and wc_rng_bank_checkin();

  * fix order of operations in wc_rng_bank_checkout() re DISABLE_VECTOR_REGISTERS();

wolfcrypt/src/random.c:

  * refactor per-instance salting for wc_rng_bank_inst: remove changes in Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(), and in wc_rng_bank_init() and wc_rng_bank_inst_reinit(), use wc_InitRngNonce_ex() and pass the wc_rng_bank_inst pointer as the nonce;

  * simplify the WC_RNG_BANK_SUPPORT variant of wc_RNG_GenerateBlock() -- delegate to wc_local_rng_bank_checkout_for_bankref() and remove supplementary error checking;

  * in wc_FreeRng(), call wc_BankRef_Release() when WC_DRBG_BANKREF, and in wc_BankRef_Release(), fix refcount flub (not wolfSSL_RefFree, rather wolfSSL_RefDec);

  * streamline the WOLFSSL_LINUXKM wc_GenerateSeed();

wolfcrypt/test/test.c: add random_bank_test();

linuxkm/lkcapi_sha_glue.c: use WC_RNG_BANK_INST_TO_RNG() opportunistically;

configure.ac: add --enable-amdrdseed as a synonym for --enable-amdrand;

linuxkm/linuxkm_wc_port.h: when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, don't include get_random_bytes() in struct wolfssl_linuxkm_pie_redirect_table;

add various comments for clarity.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 1e0351a69b wolfssl/wolfcrypt/random.h and wolfssl/wolfcrypt/async.h: use #ifdef HAVE_ANONYMOUS_INLINE_AGGREGATES, not #if HAVE_ANONYMOUS_INLINE_AGGREGATES. 2026-01-07 22:54:07 -06:00
Daniel Pouzzner 98ffc519b4 wolfssl/wolfcrypt/types.h: if _MSC_VER, disable HAVE_ANONYMOUS_INLINE_AGGREGATES by default. 2026-01-07 22:54:07 -06:00
Daniel Pouzzner c1d2828daf wolfcrypt/src/random.c, wolfssl/wolfcrypt/random.h, wolfssl/wolfcrypt/wc_port.h, linuxkm/lkcapi_sha_glue.c: fixes from autotesting:
* refactor to eliminate recursion in wc_RNG_GenerateBlock();
* refactor enum wc_rng_bank_flags as word32 and macros;
* fix -Wconversions, -Wunused, and stray EINVAL in wc_rng_bank_init();
* make struct wc_rng_bank_inst a top-level definition for C++ compat;
* fix several bugprone-macro-parentheses.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner b87af914bc configure.ac: add handling for --enable-rng-bank, and add it to the all-crypto feature set. 2026-01-07 22:54:07 -06:00
Daniel Pouzzner b2199e9862 linuxkm/{lkcapi_dh_glue.c,lkcapi_ecdh_glue.c,lkcapi_rsa_glue.c}: use LKCAPI_INITRNG() rather than wc_InitRng(), and remove calls to LKCAPI_INITRNG_FOR_SELFTEST(). also, in km_rsa_ctx_init_rng(), recognize WC_DRBG_BANKREF as a usable RNG status. 2026-01-07 22:54:07 -06:00
Daniel Pouzzner 1c6ef8b621 linuxkm/lkcapi_sha_glue.c:
* refactor to use new wc_rng_bank facility:
  * wc_linuxkm_drbg_init_tfm()
  * wc_linuxkm_drbg_exit_tfm()
  * get_drbg() (renamed to linuxkm_get_drbg())
  * put_drbg() (renamed to linuxkm_put_drbg())
  * wc_linuxkm_drbg_generate()
  * wc_linuxkm_drbg_seed()
  * wc_mix_pool_bytes()
  * wc_crng_reseed()
* add:
  * linuxkm_affinity_lock()
  * linuxkm_affinity_get_id()
  * linuxkm_affinity_unlock()
  * linuxkm_InitRng_DefaultRef()
* remove:
  * get_drbg_n()
  * drbg_init_from()
  * fork_default_rng()
  * LKCAPI_INITRNG_FOR_SELFTEST.
* when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, define LKCAPI_INITRNG to linuxkm_InitRng_DefaultRef, else define it to wc_InitRng().
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 3c15be6610 wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h: implement WC_RNG_BANK_SUPPORT:
* add WC_DRBG_BANKREF status code;
* add `struct wc_rng_bank *bankref` to struct WC_RNG, and move status slot out from HAVE_HASHDRBG gate;
* add WC_DRBG_MAX_SALT_SZ, and add saltSz and salt slots to struct DRBG_internal;
* add salt handling to Hash_df(), Hash_DRBG_Instantiate(), and _InitRng();
* add types:
  * enum wc_rng_bank_flags
  * struct wc_rng_bank
* add implementations:
  * wc_rng_bank_init()
  * wc_rng_bank_set_affinity_handlers()
  * wc_rng_bank_fini()
  * wc_rng_bank_checkout()
  * wc_rng_bank_checkin()
  * wc_rng_bank_inst_reinit()
  * wc_rng_bank_seed()
  * wc_rng_bank_reseed()
  * wc_InitRng_BankRef()
  * wc_rng_new_bankref()
  * WC_RNG_BANK_INST_TO_RNG()
* in wc_RNG_GenerateBlock() and wc_FreeRng(), add WC_RNG_BANK_SUPPORT sections;

wolfcrypt/src/random.c: in WC_VERBOSE_RNG messages, add "ERROR: " prefixes to text to assure pickup by autotesting.  also fixed line lengths.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 6c8ff6dfa9 linuxkm/x86_vector_register_glue.c: in wc_save_vector_registers_x86(), don't render warning of call while non-preemptible if WC_SVR_FLAG_INHIBIT was passed in. 2026-01-07 22:54:07 -06:00
Daniel Pouzzner dd158b073c linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c: remove WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES gate around setup for wolfssl_linuxkm_pie_redirect_table.dump_stack.
linuxkm/module_hooks.c: in wc_linuxkm_relax_long_loop(), use cpu_relax() as a fallback when non-preemptible.
2026-01-07 22:54:07 -06:00
Daniel Pouzzner 500c790b18 wolfssl/wolfcrypt/settings.h:
* add FIPS_VERSION_NE();
* move more generic setup code from WOLFSSL_LINUXKM/WOLFSSL_BSDKM to kernel-generic WOLFSSL_KERNEL_MODE; fix WOLFSSL_OLD_PRIME_CHECK setup to exclude FIPS.
2026-01-07 22:54:06 -06:00
Daniel Pouzzner 32b1598db1 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: in wolfSSL_RefFree() and wolfSSL_RefWithMutexFree(), zero the refcount (valid refcount objects are initialized to count of 1); add wolfSSL_RefCur(). 2026-01-07 22:54:06 -06:00
Daniel Pouzzner f1dd234ac9 wolfcrypt/src/error.c, wolfssl/wolfcrypt/error-crypt.h: add BUSY_E and ALREADY_E. 2026-01-07 22:54:06 -06:00
Hideki Miyazaki cdd75ff5ef fix indent 2026-01-08 08:46:22 +09:00
Ruby Martin 6090ddb3f3 initialize hmac_copy
add WC_CALLOC_VAR_EX function, replace WC_ALLOC_VAR_EX in tests
2026-01-07 15:43:16 -07:00
Hideki Miyazaki 6392c2b420 undo changes
fix indentation
2026-01-08 07:10:25 +09:00
David Garske 6264c115cc Merge pull request #9563 from LinuxJedi/renode
Add Renode GH Action for STM32H753
2026-01-07 09:51:30 -08:00
David Garske 5c2c4599ed Merge pull request #9537 from SparkiDev/aarch64_darwin_addr_calc_fix
ARM64 ASM: Darwin specific address calc fix
2026-01-07 09:50:05 -08:00
Marco Oliverio 94dc7ae9ad asn: MatchBaseName fixes 2026-01-07 17:53:43 +01:00
Josh Holtrop a9b2e83d1c Rust wrapper: add one-shot XChaCha20-Poly1305 encrypt/decrypt functions 2026-01-07 11:43:08 -05:00
David Garske cf9016b29f Merge pull request #9622 from SparkiDev/rsa_pkcs15_verify_bounds_check
RSA PKCS#1.5 verify: bounds check input
2026-01-07 08:26:24 -08:00
David Garske 84aeeb655f Merge pull request #9580 from SparkiDev/curve25519_smul_improv
Curve25519 improvements
2026-01-07 08:25:41 -08:00
David Garske 19f7b946f5 Merge pull request #9621 from SparkiDev/mlkem_check_pub
MLKEM: check public key when decoding
2026-01-07 08:24:51 -08:00
David Garske dd8d2a2d4d Merge pull request #9575 from SparkiDev/dilithium_16_bit_fixes
MLDSA/Dilithium: fix 16-bit int issues
2026-01-07 08:24:22 -08:00
David Garske b5d3c87876 Merge pull request #9603 from SparkiDev/ppc32_sha256_asm_reg
PPC32 ASM: alternative C code with registers prepended
2026-01-07 08:23:55 -08:00
David Garske 315ebf5be6 Merge pull request #9615 from SparkiDev/arm32_aes_block_inline
AES ARM32/Thumb2: option to inline block
2026-01-07 08:21:51 -08:00
Tobias Frauenschläger 87182992b8 Fix for PSK compile option
The derivation of the ResumptionSecret is only necessary in case SessionTickets are enabled.
2026-01-07 16:58:52 +01:00
Marco Oliverio 50b39c91da fixup! (d)tls13: check if early data is possible in write_early_data 2026-01-07 14:30:16 +01:00
Tobias Frauenschläger b8cb5bee87 Cleanup for DecodePrivateKey() functionality
* Create a new method DecodePrivateKey_ex() that gets the key to decode as parameters
* Adapt DecodePrivateKey() and DecodeAltPrivateKey() to use this new method
* Fix unblinding for TLS 1.3 Dual Algorithm Certificate alternative keys

This removes a lot of nearly duplicate code and simplifies maintenance.
2026-01-07 13:45:11 +01:00
Takashi Kojo 5f68ea087a Merge pull request #9562 from kojiws/sync_ja_doc_rsa
[JA] Sync Japanese RSA Part with English on API Document
2026-01-07 18:18:53 +09:00
Sean Parkinson 80a0f6bb32 RSA PKCS#1.5 verify: bounds check input
As long as NO_RSA_BOUNDS_CHECK is not defined, the input range is
checked for verification.
2026-01-07 17:49:50 +10:00
Sean Parkinson 2a08fbe3ed MLKEM: check public key when decoding
Check that the public key values are less than Q when decoding.
2026-01-07 13:11:15 +10:00
Hideki Miyazaki c6dd1a745e boundary check 2026-01-07 09:19:43 +09:00
Hideki Miyazaki c923c4c026 fix compile error 2026-01-07 07:16:28 +09:00
Hideki Miyazaki 30fe079763 Addressed review comments 2026-01-07 06:55:22 +09:00
Hideki Miyazaki 10d3e251fd fix qt jenkins nightly test failure 2026-01-07 06:55:22 +09:00