Commit Graph

11274 Commits

Author SHA1 Message Date
Kareem fe5ae0cbdf Restore 128-byte SRP test using safe prime N for the case where 192 bytes is too large for the fast/SP math config. 2025-06-17 11:30:11 -07:00
Kareem a035b045a4 Only run SRP tests with at least 3072 bits.
The SRP buffers are 192 bytes, so they need a minimum of 3072 bits.
If the bit size is too low, wc_SrpGetVerifier will return MP_VAL as the buffers won't fit.
2025-06-17 11:30:11 -07:00
Kareem 7e4ec84124 Add macros for legacy get_digit functions for FIPS/selftest. 2025-06-17 10:12:06 -07:00
Kareem 9c9465aa23 Also account for selftest for mp_get_digit refactor. 2025-06-17 10:12:06 -07:00
Kareem 05aa4f5f08 Make mp_get_digit refactor FIPS friendly. 2025-06-17 10:12:06 -07:00
Kareem 304019d28d Fix inclusion guard around wc_RsaSSL_Verify.
The current condition of !WOLFSSL_RSA_VERIFY_ONLY doesn't make sense,
as the verify only case will want this function.

Based on the original change and the context, it looks like this was a
typo meant to be !WOLFSSL_RSA_VERIFY_INLINE.
2025-06-17 10:12:06 -07:00
Kareem e8c110d2ac Rename get_digit* to mp_get_digit* to avoid conflicts with other functions named get_digit. 2025-06-17 10:12:06 -07:00
Kareem 6633b52e28 Don't try to build wc_RsaSSL_Sign in asn.c MakeSignature if RSA public or verify only is enabled. 2025-06-17 10:12:06 -07:00
David Garske 83954100d6 Merge pull request #8812 from kosmax871/tropic01-dev
Added crypto callback functions for TROPIC01 secure element
2025-06-17 10:03:18 -07:00
David Garske 5e6c1ba05f Merge pull request #8879 from julek-wolfssl/openssh-10.0p2
Updates for OpenSSH 10.0p2
2025-06-17 09:36:45 -07:00
Daniel Pouzzner d28045daa8 wolfcrypt/test/test.c: fix prime_test() uninitialized data access by wc_FreeRng(). 2025-06-17 09:31:19 -05:00
Maxim Kostin 037ccbaa05 Update TROPIC01 integration guide and header file for key slot definitions and datasheet link 2025-06-16 21:12:19 +02:00
Maxim Kostin f865e0de97 improve ED25519 key handling in CryptoCb function 2025-06-16 20:27:15 +02:00
Maxim Kostin 60f442b04e Fix formatting inconsistencies in README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin bab7677273 Added AES IV retrieval from TROPIC01 and use of new R-Memory slot definitions 2025-06-16 20:27:15 +02:00
Maxim Kostin 3b198babe3 Add Tropic01_Deinit call in wolfCrypt_Cleanup for proper resource management 2025-06-16 20:27:15 +02:00
Maxim Kostin 172728bf7f Refactor Tropic01 interface: clean up code formatting and improve function declarations 2025-06-16 20:27:15 +02:00
kosmax871 5696582add Update README.md 2025-06-16 20:27:15 +02:00
Maxim Kostin 375af753aa Changes for the PR https://github.com/wolfSSL/wolfssl/pull/8812 2025-06-16 20:27:15 +02:00
Maxim Kostin 2f210b3907 Refactor TROPIC01 integration: update README, enhance pairing key handling, and improve error messages 2025-06-16 20:27:15 +02:00
Maxim Kostin 296bfd258c README.md added 2025-06-16 20:27:15 +02:00
Maxim Kostin 0eecfbfb35 ed25519 fixes 2025-06-16 20:27:15 +02:00
Maxim Kostin cd76615e49 added support of ED25519 2025-06-16 20:27:15 +02:00
kosmax871 7c1980fe01 some fixes and updates 2025-06-16 20:27:15 +02:00
kosmax871 b13fdaa05e Draft of readme.md 2025-06-16 20:27:15 +02:00
Maxim Kostin 385be1c08a added support for Tropic01 crypto callbacks 2025-06-16 20:27:15 +02:00
Juliusz Sosinowicz 9a576d9e2e Fix CI failures 2025-06-16 19:07:58 +02:00
Juliusz Sosinowicz aca6da66f6 Set default seedCb when not FIPS 2025-06-16 17:39:22 +02:00
Juliusz Sosinowicz 37554a13db Updates for OpenSSH 10.0p2
- random.c: use getrandom when available and fall back to direct file access
- openssh.yml: run more tests
- openssh.yml: add 10.0p2 and 9.9p2
- configure.ac: detect if `getrandom` is available on the system
- configure.ac: openssh requires WC_RNG_SEED_CB to always use `getrandom` so that the RNG doesn't get killed by SECCOMP
2025-06-13 18:06:19 +02:00
Koji Takeda ff1baf0ae7 Apply stronger salt length for PBES2 2025-06-14 00:45:03 +09:00
David Garske c5e63b84ca Merge pull request #8840 from douzzer/20250605-linuxkm-DRBG-multithread-round-1
20250605-linuxkm-DRBG-multithread-round-1
2025-06-12 13:17:54 -07:00
David Garske 2fc1110a13 Merge pull request #8587 from lealem47/gh8574
Fix bug in ParseCRL_Extensions
2025-06-12 12:09:52 -07:00
David Garske bfdce3a345 Merge pull request #8832 from SparkiDev/aarch64_xfence
Aarch64 XFENCE
2025-06-12 11:53:55 -07:00
David Garske 6571f42cb9 Merge pull request #8867 from JacobBarthelmeh/rng
Improvements to RNG and compatibility layer
2025-06-11 14:31:53 -07:00
Sean Parkinson 1c85a76ddd Dilithium/ML-DSA: Fixes for casting down and uninit 2025-06-11 11:14:49 +10:00
Sean Parkinson d66863d0ac Aarch64 XFENCE
Use sb instruction instead of isb if available.
2025-06-11 09:29:20 +10:00
JacobBarthelmeh ae87afa677 Merge pull request #8857 from miyazakh/tsip_fix
fix TSIP TLS example program
2025-06-10 16:26:34 -06:00
JacobBarthelmeh 47cf634965 add a way to restore previous pid behavior 2025-06-10 16:12:09 -06:00
JacobBarthelmeh 31490ab813 add sanity checks on pid with RNG 2025-06-10 14:37:11 -06:00
JacobBarthelmeh 047f0bb5fc Merge pull request #8847 from gojimmypi/pr-platformio-cert-bundles
Improve PlatformIO Certificate Bundle Support
2025-06-10 10:23:07 -06:00
Sean Parkinson cb90b78688 ML-DSA: fix tests for different configs
Setting the private key into SSL object requires signing to be
available.
Only enable the parameters that are compiled in.
2025-06-10 20:44:27 +10:00
Koji Takeda 0260ff789b Clarify supported PKCS12 encryption algorithms 2025-06-09 12:03:47 +09:00
Hideki Miyazaki 0404447bd8 fix typo 2025-06-07 12:46:22 +09:00
Hideki Miyazaki 1f8efc3c14 fix TSIP example
fix Client Certificate Verify using RSA sign/verify
2025-06-07 12:38:18 +09:00
Daniel Pouzzner ae15693fa8 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_generate() and wc_linuxkm_drbg_seed(), check retval from wc_LockMutex().
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), restore smallstack path for digest[], but use non-smallstack path for WOLFSSL_LINUXKM.
2025-06-07 07:07:20 +04:00
gojimmypi 3254f56d32 Improve PlatformIO Certificate Bundle Support 2025-06-06 15:48:07 -07:00
JacobBarthelmeh ae7509e746 Merge pull request #8813 from gojimmypi/espressif-mlkem-support
Adjust Espressif Examples for Post Quantum ML-KEM
2025-06-06 11:41:59 -06:00
JacobBarthelmeh 9ffca6b39c Merge pull request #8822 from kojiws/support_cert_aes_cbc_on_pkcs12_export
Support PBE_AES(256|128)_CBC certificate encryptions on wc_PKCS12_create()
2025-06-06 11:35:13 -06:00
Daniel Pouzzner 4572dcf9f9 tests/api/test_x509.c: in test_x509_rfc2818_verification_callback(), add dependency on HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES;
wolfcrypt/test/test.c: in lms_test(), fix -Wdeclaration-after-statement;

add .github/workflows/no-tls.yml;

.github/workflows/pq-all.yml: add smallstack scenario.
2025-06-06 17:18:50 +04:00
JacobBarthelmeh c207e2d198 Merge pull request #8838 from miyazakh/fsp_fix2
Fix Renesas SCE on RA6M4
2025-06-05 09:43:05 -06:00