Anthony Hu
cd4f96924b
Better error message too.
2025-12-11 12:23:38 -05:00
JacobBarthelmeh
1d448ec3b4
public disclosure of CVE-2025-13912
2025-12-11 10:22:22 -07:00
JacobBarthelmeh
d7a852af82
remove unimplemented function macro
2025-12-11 09:32:57 -07:00
cwilley
2d9d399a50
Merge pull request #9519 from douzzer/20251210-linuxkm-get_drbg-local_bh_disable
...
20251210-linuxkm-get_drbg-local_bh_disable
2025-12-11 08:02:34 -08:00
Eric Blankenhorn
67b6b284d6
Add checking of size param and clarify usage in doc
2025-12-11 08:27:57 -06:00
Sean Parkinson
b4b617de49
api.c: Split out more functions
...
More X509 function testing.
X509 store function testing.
X509 lookup function testing.
2025-12-11 19:00:19 +10:00
Sean Parkinson
0b2fb66af6
api.c: Split out more functions
...
wolfSSL_PEM, wolfSSL_X509, wolfSSL_X509_NAME, wolfSSL_X509_PUBKEY API
testing moved out to separate files.
2025-12-11 15:32:09 +10:00
Daniel Pouzzner
fe33bb9bd9
linuxkm/lkcapi_sha_glue.c:
...
* in get_drbg(), call local_bh_disable() for the crypto_default_rng, and in put_drbg(), call local_bh_enable() if needed.
* re-gate migrate_disable() and migrate_enable() so they're called for any SMP kernel >= 5.7, regardless of CONFIG_PREEMPT_COUNT.
* in get_drbg_n(), if the caller can't sleep, return immediately if the requested DRBG is busy, to avoid priority inversions and deadlocks.
2025-12-10 20:33:48 -06:00
Sean Parkinson
569a5e0388
Merge pull request #9509 from rizlik/comment_fix
...
internal.c: fix comment to be more precise
2025-12-11 10:26:52 +10:00
Sean Parkinson
b69ce5a568
Merge pull request #9506 from rlm2002/coverity
...
check if ctx and ssl are null when checking public key in certificate
2025-12-11 08:30:58 +10:00
Sean Parkinson
1faf740f10
Merge pull request #9505 from douzzer/20251209-linuxkm-GENERATE_SECTION_MAP--sections
...
20251209-linuxkm-GENERATE_SECTION_MAP--sections
2025-12-11 08:03:44 +10:00
Sameeh Jubran
4d4751bff3
Merge pull request #9512 from douzzer/20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches
...
20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches
2025-12-10 22:46:12 +02:00
Anthony Hu
008132c33b
Note that HMAC_FIPS_MIN_KEY is also salt len min for HKDF
2025-12-10 15:05:25 -05:00
Kareem
63976cb09b
Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference.
2025-12-10 12:28:54 -07:00
Daniel Pouzzner
650990e1e2
add linuxkm/patches/5.17-ubuntu-jammy-tegra/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v17-ubuntu-jammy-tegra.patch
2025-12-10 11:51:29 -06:00
Daniel Pouzzner
ba861971eb
wolfssl/wolfcrypt/wc_port.h: don't attempt to define WC_DEPRECATED() for _MSC_VER < 1400 -- still causing error on old MSVC (now C2085 rather than C2485).
2025-12-10 11:15:55 -06:00
jackctj117
9db4aad468
Added --enable-certgencache to os-check
2025-12-10 10:14:39 -07:00
Eric Blankenhorn
8053e8f9b3
Fix test when ECH and harden are enabled
2025-12-10 08:14:59 -06:00
Marco Oliverio
33a518958c
internal.c: fix comment to be more precise
2025-12-10 14:11:07 +01:00
Takashi Kojo
6c5e84178e
Merge pull request #9371 from tamasan238/doc
...
[ja] update docs - part 1
2025-12-10 18:16:12 +09:00
Masaki Iwai
d100ff81ba
Merge branch 'master' into doc
2025-12-10 16:07:30 +09:00
Takashi Kojo
a555e211d4
Merge pull request #9405 from tamasan238/doc-2
...
[ja] update docs - part 2
2025-12-10 15:58:57 +09:00
Sean Parkinson
0ab09ab147
PPC32 SHA-256 ASM: support comnpiling for PIC
...
When compiling for PIC, 30 and 31 are not always available.
Alternative implementation added not using them that puts registers on
the stack.
Small code size version implemented as well.
2025-12-10 16:20:49 +10:00
Hideki Miyazaki
090d89acbc
add RA6M4/tools folder to include.am
2025-12-10 10:18:26 +09:00
Ruby Martin
36e66eb763
check if ctx and ssl are null when checking public key in certificate
2025-12-09 17:04:05 -07:00
David Garske
f18fdcae91
Merge pull request #9501 from JacobBarthelmeh/xcode
...
Fix for XCODE build with ARM assembly
2025-12-09 15:38:31 -08:00
Daniel Pouzzner
41b2fc28b3
wolfssl/wolfcrypt/wc_port.h: add WC_DEPRECATED() definitions for _MSC_VER < 1400.
2025-12-09 17:15:48 -06:00
Daniel Pouzzner
d210b92a16
linuxkm/Makefile: tweak GENERATE_SECTION_MAP recipe to expect --sections output from readelf, and feed that to it, to work around missing section names in --symbols output on binutils <2.36.
2025-12-09 17:03:16 -06:00
Sean Parkinson
80b7ea638e
Aarch64 no harware crypto assembly AES
...
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.
Benchmark of AES-ECB added.
Updated AES tests.
2025-12-10 08:55:58 +10:00
David Garske
c9fbad2bc3
Merge pull request #9504 from julek-wolfssl/cov-20251203
...
Fix uninit variables
2025-12-09 09:24:05 -08:00
Juliusz Sosinowicz
24b35badb4
Fix uninit variables
2025-12-09 17:07:40 +01:00
JacobBarthelmeh
c05f0680c6
remove trailing whitespace
2025-12-09 07:00:50 -07:00
JacobBarthelmeh
5873142403
add xcode github actions build test
2025-12-08 14:42:51 -07:00
JacobBarthelmeh
ea058c6e85
xcode set correct file type for assembly files with project
2025-12-08 14:42:19 -07:00
Josh Holtrop
b5bea05c55
Rust wrapper: fix ECCPoint import_der_ex unit tests
2025-12-08 13:28:48 -05:00
Ruby Martin
edbca503be
Run check for IP address in wolfSSL_X509_check_host()
2025-12-08 11:04:45 -07:00
David Garske
ab1a738859
Merge pull request #9499 from holtrop/rust-32-bit-fixes
...
Rust wrapper: fix "e" param type for wc_MakeRsaKey() on 32-bit targets
2025-12-08 07:58:32 -08:00
Josh Holtrop
1b4d09d752
Rust wrapper: fix "e" param type for wc_MakeRsaKey() on 32-bit targets
2025-12-08 10:02:25 -05:00
Sean Parkinson
5a89ef9f76
Merge pull request #9497 from douzzer/20251206-old-fips-test_wc_RsaPublicEncryptDecrypt
...
20251206-old-fips-test_wc_RsaPublicEncryptDecrypt
2025-12-08 20:32:21 +10:00
Daniel Pouzzner
12d07c4d43
tests/api/test_rsa.c: in test_wc_RsaPublicEncryptDecrypt(), add FIPS gate around new test coverage from #9454 ( 23c5678797).
2025-12-06 10:20:45 -06:00
Eric Blankenhorn
83f6fe1a1a
Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields
2025-12-05 15:12:29 -06:00
Sean Parkinson
886b0c2ec6
Benchmark ECDSA: use digest size instead of key size
...
The key size can be larger than the maximum digest size supported by the
sign and verify APIs.
Calculate a reasonable digest size for the key size and bound it on the
maximum digest size.
2025-12-05 09:01:12 +10:00
David Garske
1b7072b739
Merge pull request #9493 from holtrop/build-rust-wrappers-on-arm
...
Rust wrapper: run CI tests on ARM
2025-12-04 13:54:28 -08:00
Josh Holtrop
379ec8a23e
Rust wrapper: run CI tests on ARM
2025-12-04 15:49:55 -05:00
David Garske
fd58885887
Merge pull request #9490 from douzzer/20251202-linuxkm-old-kernel-fixes
...
20251202-linuxkm-old-kernel-fixes
2025-12-04 11:42:00 -08:00
JacobBarthelmeh
5b7480486e
Merge pull request #9487 from dgarske/qathash
...
Fix QAT hash final with no update and fix g++ warnings
2025-12-04 11:35:46 -07:00
David Garske
f01c4f10fa
Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix
...
RSA decrypt: don't write past buffer end on error
2025-12-04 10:06:37 -08:00
David Garske
1dfa4d1bcf
Merge pull request #9488 from SparkiDev/aes_gcm_4bit_be
...
AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
2025-12-04 10:06:06 -08:00
David Garske
003f2385b9
Merge pull request #9491 from SparkiDev/sha256_armasm_small
...
ARM32/Thumb2 ASM SHA-256: provide small code size option
2025-12-04 10:05:01 -08:00
David Garske
1ebecb68c8
Merge pull request #9484 from holtrop/add-rust-wrapper-build-configs
...
Add several library configurations from os-check.yml to the Rust wrapper CI build
2025-12-04 08:00:24 -08:00