wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 17:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,742 Commits 12 Branches 184 Tags
2de3d469719171832a30200157e4b035b7ebe159
Commit Graph

8279 Commits

Author SHA1 Message Date
Daniel Pouzzner
66376bed28 wolfcrypt/src/misc.c: in xorbufout() and xorbuf(), call XorWords() directly via a simplified path if all args are already aligned to WOLFSSL_WORD_SIZE (fixes performance regression from dc2e2631bc). 
configure.ac: add a "Conflicting asm settings" error check at end, since our configuration currently blows up if --enable-intelasm and --disable-asm are combined.
 2025-03-07 19:52:26 -06:00
Daniel Pouzzner
c3f24568ff Merge pull request #8520 from JacobBarthelmeh/pkcs7_verify_stream 
PKCS7 verify and decode indefinite length support
 2025-03-07 18:47:30 -06:00
JacobBarthelmeh
09ffdeb897 fix for different reported conversion warnings 2025-03-07 11:52:01 -07:00
JacobBarthelmeh
53fa4ffbaf conversion warning fixes 2025-03-07 11:03:12 -07:00
Daniel Pouzzner
932513a41e fixes for various -W*conversions in sp_int.c, asn.c, fe_operations.c, fe_448.c, ge_448.c. also, add support for NO_INT128, and add .github/workflows/wolfCrypt-Wconversion.yml. 2025-03-06 16:08:38 -06:00
JacobBarthelmeh
8e98a41401 fix for build with NO_PKCS7_STREAM 2025-03-06 10:43:02 -07:00
David Garske
547519265a Merge pull request #8534 from douzzer/20250305-linuxkm-LKCAPI-AES-CBC-fixes 
20250305-linuxkm-LKCAPI-AES-CBC-fixes
 2025-03-06 08:44:05 -08:00
JacobBarthelmeh
b039e055df clang-tidy warning of garbage value used 2025-03-05 17:19:53 -07:00
David Garske
1bd3bf1b66 Merge pull request #8531 from night1rider/zephyr-fs-rewind-fix 
Fix for missing rewind function in zephyr
 2025-03-05 16:04:36 -08:00
Daniel Pouzzner
d82a7b10c5 wolfcrypt/src/evp.c: fix a name conflict around "cipherType" that provokes -Wshadow on gcc pre-4v8. 2025-03-05 17:56:08 -06:00
Daniel Pouzzner
dc2e2631bc linuxkm: various fixes for LKCAPI wrapper for AES-CBC (now passing kernel-native 
self-test and crypto fuzzer), and de-experimentalize it.

wolfssl/wolfcrypt/types.h: add definitions for WOLFSSL_WORD_SIZE_LOG2.

wolfcrypt/src/misc.c: fix xorbuf() to make the XorWords() reachable; also,
  refactor integer division and modulus ops as masks and shifts, and add pragma
  to suppress linuxkm FORTIFY_SOURCE false positive -Wmaybe-uninitialized.
 2025-03-05 17:56:08 -06:00
JacobBarthelmeh
624233fb98 update test case to account for NO_DES3 build and resolve clang tidy warnings 2025-03-05 16:28:26 -07:00
JacobBarthelmeh
68e483d196 refactor of decode envelop for edge cases 2025-03-05 15:24:02 -07:00
Daniel Pouzzner
9fc7e42554 Merge pull request #8507 from SparkiDev/ct_fixes_3 
Constant time code: improved implementations
 2025-03-05 15:17:23 -06:00
msi-debian
7ea89a62ba Fix for missing rewind function in zephyr 2025-03-05 12:49:58 -07:00
David Garske
a073868cf0 Merge pull request #8527 from SparkiDev/sp_int_asm_fixes_1 
SP int: inline asm improvements and mont reduce simplifications
 2025-03-04 14:45:16 -08:00
JacobBarthelmeh
b75976692e spelling fix and code formatting 2025-03-04 14:31:23 -07:00
JacobBarthelmeh
4124c824ca refactor decrypt content init call 2025-03-04 09:29:36 -07:00
Sean Parkinson
caf801f211 SP int: inline asm improvements and mont reduce simplifications 
SP int inline asm:
- allow input variables to be either registers or memory for Intel
x86/x64 (minor performance improvement)
  - don't have memory in clobber list if output variables are registers
- remove empty clobber line in arm32/thumb2 code for old versions of
gcc
_sp_mont_red():
  - simplify the code by not using extra variables
  - don't add to j in for loop check.
 2025-03-04 16:16:26 +10:00
David Garske
9b16ed5da4 Merge pull request #8518 from lealem47/evp_update_null_cipher 
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
 2025-03-03 14:03:57 -08:00
David Garske
2b099daee0 Merge pull request #8511 from SparkiDev/intel_sha_not_avx1 
SHA256: Intel flags has SHA but not AVX1 or AVX2
 2025-03-03 13:59:10 -08:00
JacobBarthelmeh
fcf88f16e6 spelling fixes and free decrypt structs on error case 2025-03-01 15:43:59 -07:00
JacobBarthelmeh
b781ac6c29 asn to der macro gaurds and co-exist build fix 2025-02-28 15:42:24 -07:00
JacobBarthelmeh
6020bf2368 initialize test variables and fix async build 2025-02-28 14:46:42 -07:00
JacobBarthelmeh
ea9f044bcc spelling fixes and return value fix 2025-02-28 14:34:51 -07:00
Daniel Pouzzner
50a3be6df7 wolfcrypt/src/sp_int.c. src/ssl_asn1.c. src/internal.c: rename several declarations to avoid shadowing global functions, for the convenience of obsolete (pre-4v8) gcc -Wshadow. 2025-02-28 15:29:58 -06:00
JacobBarthelmeh
638d9961d2 passing the rest of the PKCS7 unit tests 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
7c6cd1deea passing a unit test 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
b1b1c15b35 add content stream output callback for VerifySignedData function 2025-02-28 14:23:24 -07:00
Lealem Amedie
22221e5007 Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate 2025-02-28 11:44:30 -07:00
Sean Parkinson
4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes 
OCSP openssl compat fixes
 2025-02-28 13:42:50 +10:00
Daniel Pouzzner
f7ddc49487 linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug). 
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().

tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).

move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.

add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().

optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
 2025-02-26 20:55:56 -06:00
Sean Parkinson
0a6a8516f9 Merge pull request #8488 from dgarske/stm32h7s 
Support for STM32H7S (tested on NUCLEO-H7S3L8)
 2025-02-27 10:34:41 +10:00
Daniel Pouzzner
183d9b44d1 Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN 
Disable XTS-384 as an allowed use in FIPS mode
 2025-02-26 18:24:12 -06:00
Sean Parkinson
99f25c6399 Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various 
Various fixes and improvements
 2025-02-27 09:40:06 +10:00
Sean Parkinson
b104887042 SHA256: Intel flags has SHA but not AVX1 or AVX2 
Reversal of bytes when IS_INTEL_SHA only is same as when AVX1 or AVX2.
 2025-02-27 09:25:13 +10:00
David Garske
92ed003a58 Merge pull request #8502 from SparkiDev/pkcs_pad 
PKCS Pad: public API to do PKCS padding
 2025-02-26 15:17:50 -08:00
Sean Parkinson
f204ac8363 PKCS Pad: public API to do PKCS padding 
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
 2025-02-27 08:28:53 +10:00
David Garske
557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"). 2025-02-26 14:00:48 -08:00
kaleb-himes
9063093993 Disable XTS-384 as an allowed use in FIPS mode 2025-02-26 07:38:45 -07:00
Tobias Frauenschläger
3d4ec1464b Minor Dilithium fix 
Fix compilation in case caching is enabled.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
af4017132d LMS fixes 
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
9db5499dbd Update CryptoCb API for Dilithium final standard 
Add context and preHash metadata.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
be6888c589 Fixes for Dilithium in TLS handshake 
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Sean Parkinson
9e9efeda28 ARM ASM: available for SHA-384 only too 
Add HAVE_SHA384 to check for whether assembly code is available.
 2025-02-26 16:10:21 +10:00
Sean Parkinson
4752bd2125 Constant time code: improved implementations 
Change constant time code to be faster.
 2025-02-26 11:52:09 +10:00
David Garske
3557cc764a Merge pull request #8501 from SparkiDev/digest_test_rework 
Digest testing: improve
 2025-02-25 13:03:48 -08:00
Marco Oliverio
dfc5e61508 asn: ocsp: refactor out CERT ID decoding 
It will be reused in d2i_CERT_ID
 2025-02-25 20:20:34 +00:00
David Garske
4eda5e1f7f Merge pull request #8491 from jmalak/winsock-guard 
correct comment for _WINSOCKAPI_ macro manipulation
 2025-02-25 09:51:23 -08:00