Commit Graph

29160 Commits

Author SHA1 Message Date
Anthony Hu cd4f96924b Better error message too. 2025-12-11 12:23:38 -05:00
JacobBarthelmeh 1d448ec3b4 public disclosure of CVE-2025-13912 2025-12-11 10:22:22 -07:00
JacobBarthelmeh d7a852af82 remove unimplemented function macro 2025-12-11 09:32:57 -07:00
cwilley 2d9d399a50 Merge pull request #9519 from douzzer/20251210-linuxkm-get_drbg-local_bh_disable
20251210-linuxkm-get_drbg-local_bh_disable
2025-12-11 08:02:34 -08:00
Eric Blankenhorn 67b6b284d6 Add checking of size param and clarify usage in doc 2025-12-11 08:27:57 -06:00
Sean Parkinson b4b617de49 api.c: Split out more functions
More X509 function testing.
X509 store function testing.
X509 lookup function testing.
2025-12-11 19:00:19 +10:00
Sean Parkinson 0b2fb66af6 api.c: Split out more functions
wolfSSL_PEM, wolfSSL_X509, wolfSSL_X509_NAME, wolfSSL_X509_PUBKEY API
testing moved out to separate files.
2025-12-11 15:32:09 +10:00
Daniel Pouzzner fe33bb9bd9 linuxkm/lkcapi_sha_glue.c:
* in get_drbg(), call local_bh_disable() for the crypto_default_rng, and in put_drbg(), call local_bh_enable() if needed.
* re-gate migrate_disable() and migrate_enable() so they're called for any SMP kernel >= 5.7, regardless of CONFIG_PREEMPT_COUNT.
* in get_drbg_n(), if the caller can't sleep, return immediately if the requested DRBG is busy, to avoid priority inversions and deadlocks.
2025-12-10 20:33:48 -06:00
Sean Parkinson 569a5e0388 Merge pull request #9509 from rizlik/comment_fix
internal.c: fix comment to be more precise
2025-12-11 10:26:52 +10:00
Sean Parkinson b69ce5a568 Merge pull request #9506 from rlm2002/coverity
check if ctx and ssl are null when checking public key in certificate
2025-12-11 08:30:58 +10:00
Sean Parkinson 1faf740f10 Merge pull request #9505 from douzzer/20251209-linuxkm-GENERATE_SECTION_MAP--sections
20251209-linuxkm-GENERATE_SECTION_MAP--sections
2025-12-11 08:03:44 +10:00
Sameeh Jubran 4d4751bff3 Merge pull request #9512 from douzzer/20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches
20251210-linuxkm-5.17-ubuntu-jammy-tegra-patches
2025-12-10 22:46:12 +02:00
Anthony Hu 008132c33b Note that HMAC_FIPS_MIN_KEY is also salt len min for HKDF 2025-12-10 15:05:25 -05:00
Kareem 63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Daniel Pouzzner 650990e1e2 add linuxkm/patches/5.17-ubuntu-jammy-tegra/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-5v17-ubuntu-jammy-tegra.patch 2025-12-10 11:51:29 -06:00
Daniel Pouzzner ba861971eb wolfssl/wolfcrypt/wc_port.h: don't attempt to define WC_DEPRECATED() for _MSC_VER < 1400 -- still causing error on old MSVC (now C2085 rather than C2485). 2025-12-10 11:15:55 -06:00
jackctj117 9db4aad468 Added --enable-certgencache to os-check 2025-12-10 10:14:39 -07:00
Eric Blankenhorn 8053e8f9b3 Fix test when ECH and harden are enabled 2025-12-10 08:14:59 -06:00
Marco Oliverio 33a518958c internal.c: fix comment to be more precise 2025-12-10 14:11:07 +01:00
Takashi Kojo 6c5e84178e Merge pull request #9371 from tamasan238/doc
[ja] update docs - part 1
2025-12-10 18:16:12 +09:00
Masaki Iwai d100ff81ba Merge branch 'master' into doc 2025-12-10 16:07:30 +09:00
Takashi Kojo a555e211d4 Merge pull request #9405 from tamasan238/doc-2
[ja] update docs - part 2
2025-12-10 15:58:57 +09:00
Sean Parkinson 0ab09ab147 PPC32 SHA-256 ASM: support comnpiling for PIC
When compiling for PIC, 30 and 31 are not always available.
Alternative implementation added not using them that puts registers on
the stack.
Small code size version implemented as well.
2025-12-10 16:20:49 +10:00
Hideki Miyazaki 090d89acbc add RA6M4/tools folder to include.am 2025-12-10 10:18:26 +09:00
Ruby Martin 36e66eb763 check if ctx and ssl are null when checking public key in certificate 2025-12-09 17:04:05 -07:00
David Garske f18fdcae91 Merge pull request #9501 from JacobBarthelmeh/xcode
Fix for XCODE build with ARM assembly
2025-12-09 15:38:31 -08:00
Daniel Pouzzner 41b2fc28b3 wolfssl/wolfcrypt/wc_port.h: add WC_DEPRECATED() definitions for _MSC_VER < 1400. 2025-12-09 17:15:48 -06:00
Daniel Pouzzner d210b92a16 linuxkm/Makefile: tweak GENERATE_SECTION_MAP recipe to expect --sections output from readelf, and feed that to it, to work around missing section names in --symbols output on binutils <2.36. 2025-12-09 17:03:16 -06:00
Sean Parkinson 80b7ea638e Aarch64 no harware crypto assembly AES
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
2025-12-10 08:55:58 +10:00
David Garske c9fbad2bc3 Merge pull request #9504 from julek-wolfssl/cov-20251203
Fix uninit variables
2025-12-09 09:24:05 -08:00
Juliusz Sosinowicz 24b35badb4 Fix uninit variables 2025-12-09 17:07:40 +01:00
JacobBarthelmeh c05f0680c6 remove trailing whitespace 2025-12-09 07:00:50 -07:00
JacobBarthelmeh 5873142403 add xcode github actions build test 2025-12-08 14:42:51 -07:00
JacobBarthelmeh ea058c6e85 xcode set correct file type for assembly files with project 2025-12-08 14:42:19 -07:00
Josh Holtrop b5bea05c55 Rust wrapper: fix ECCPoint import_der_ex unit tests 2025-12-08 13:28:48 -05:00
Ruby Martin edbca503be Run check for IP address in wolfSSL_X509_check_host() 2025-12-08 11:04:45 -07:00
David Garske ab1a738859 Merge pull request #9499 from holtrop/rust-32-bit-fixes
Rust wrapper: fix "e" param type for wc_MakeRsaKey() on 32-bit targets
2025-12-08 07:58:32 -08:00
Josh Holtrop 1b4d09d752 Rust wrapper: fix "e" param type for wc_MakeRsaKey() on 32-bit targets 2025-12-08 10:02:25 -05:00
Sean Parkinson 5a89ef9f76 Merge pull request #9497 from douzzer/20251206-old-fips-test_wc_RsaPublicEncryptDecrypt
20251206-old-fips-test_wc_RsaPublicEncryptDecrypt
2025-12-08 20:32:21 +10:00
Daniel Pouzzner 12d07c4d43 tests/api/test_rsa.c: in test_wc_RsaPublicEncryptDecrypt(), add FIPS gate around new test coverage from #9454 (23c5678797). 2025-12-06 10:20:45 -06:00
Eric Blankenhorn 83f6fe1a1a Enable wolfSSL_i2d_X509_NAME_canon to handle blank optional fields 2025-12-05 15:12:29 -06:00
Sean Parkinson 886b0c2ec6 Benchmark ECDSA: use digest size instead of key size
The key size can be larger than the maximum digest size supported by the
sign and verify APIs.
Calculate a reasonable digest size for the key size and bound it on the
maximum digest size.
2025-12-05 09:01:12 +10:00
David Garske 1b7072b739 Merge pull request #9493 from holtrop/build-rust-wrappers-on-arm
Rust wrapper: run CI tests on ARM
2025-12-04 13:54:28 -08:00
Josh Holtrop 379ec8a23e Rust wrapper: run CI tests on ARM 2025-12-04 15:49:55 -05:00
David Garske fd58885887 Merge pull request #9490 from douzzer/20251202-linuxkm-old-kernel-fixes
20251202-linuxkm-old-kernel-fixes
2025-12-04 11:42:00 -08:00
JacobBarthelmeh 5b7480486e Merge pull request #9487 from dgarske/qathash
Fix QAT hash final with no update and fix g++ warnings
2025-12-04 11:35:46 -07:00
David Garske f01c4f10fa Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix
RSA decrypt: don't write past buffer end on error
2025-12-04 10:06:37 -08:00
David Garske 1dfa4d1bcf Merge pull request #9488 from SparkiDev/aes_gcm_4bit_be
AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
2025-12-04 10:06:06 -08:00
David Garske 003f2385b9 Merge pull request #9491 from SparkiDev/sha256_armasm_small
ARM32/Thumb2 ASM SHA-256: provide small code size option
2025-12-04 10:05:01 -08:00
David Garske 1ebecb68c8 Merge pull request #9484 from holtrop/add-rust-wrapper-build-configs
Add several library configurations from os-check.yml to the Rust wrapper CI build
2025-12-04 08:00:24 -08:00