Commit Graph

7439 Commits

Author SHA1 Message Date
Andras Fekete a59a3d109f Explicit cast 2024-05-14 11:03:20 -04:00
Andras Fekete affd0a318e Fix sign conversion errors 2024-05-14 11:02:28 -04:00
David Garske 0e2bb28ff3 Merge pull request #7529 from SparkiDev/aes_decrypt_fixes
AES: NO_AES_DECRYPT defined
2024-05-14 06:59:02 -07:00
David Garske 1ee315bbab Merge pull request #7505 from gojimmypi/PR-Apple-Homekit-SRP-fix
Espressif updates to fix Apple Homekit SHA / SRP
2024-05-14 06:58:31 -07:00
Sean Parkinson e1274013d8 AES: NO_AES_DECRYPT defined
Allow code to compile with NO_AES_DECRYPT with AES modes enabled and
disabled.
2024-05-14 16:27:36 +10:00
Sean Parkinson b7eca574bb SSL/TLS: blind private key DER
When WOLFSSL_BLIND_PRIVATE_KEY is defined, blind the private key DER
encoding so that stored private key data is always changing.
2024-05-14 09:47:51 +10:00
Sean Parkinson f24ebdde25 ECC: blind private key after use in signing
Use a mask to blind the private key after use so that stored private key
is always changing.
2024-05-14 09:41:06 +10:00
Daniel Pouzzner 009ea6640b Merge pull request #7493 from SparkiDev/sm3_benchmark_fix
Benchmark, SM3: fix full hash testing
2024-05-13 19:22:22 -04:00
gojimmypi 44ec470df0 Update esp32 sha uintptr_t types; ret (0/1 not TRUE/FALSE) 2024-05-13 12:36:35 -07:00
David Garske 29f7578a61 Merge pull request #7446 from julek-wolfssl/hostap
hostap update
2024-05-13 10:35:01 -07:00
Daniel Pouzzner 4b81a99f91 Merge pull request #7424 from SparkiDev/aes_xts_x64_msvc
AES XTS asm x64 MSVC
2024-05-13 13:05:23 -04:00
David Garske a9164293c2 Merge pull request #7513 from julek-wolfssl/gh/7510
ed25519: check that the signature is smaller than the order
2024-05-13 09:16:17 -07:00
David Garske 568fda0e8b Merge pull request #7517 from bandi13/bugFixes
Bug fixes
2024-05-13 09:01:00 -07:00
David Garske d39ab765f6 Merge pull request #7519 from julek-wolfssl/gh/7516
Return length in wc_Curve448PublicKeyToDer with NULL output param
2024-05-13 09:00:33 -07:00
Juliusz Sosinowicz 239706615c Return length in wc_Curve448PublicKeyToDer with NULL output param 2024-05-10 20:10:23 +02:00
Sean Parkinson add7428d1c TLS, SM2: fixes to get SM handshakes working
Pass around the algorithm id from the private key so that the WOLFSSL or
WOLFSSL_CTX get the correct key format set.
Use different verification context when self-signed certificate with SM2
and SM3 signature but public key OID is ECC.
2024-05-10 10:15:47 +10:00
Sean Parkinson b87b521044 AES XTS asm x64 MSVC
Use assembly code for AES-XTS with MSVC for x64.
2024-05-10 09:10:36 +10:00
Sean Parkinson b62e8c1467 ASN template debug compile error
Variable is length instead of len.
2024-05-09 10:44:36 -05:00
Juliusz Sosinowicz ab03324dc7 ed25519: put entire order into buffer for sanity check 2024-05-09 10:36:37 +02:00
Daniel Pouzzner f7e1e370a0 Merge pull request #7438 from julek-wolfssl/zephr-no-malloc
zephyr no malloc
2024-05-09 02:57:20 -04:00
Daniel Pouzzner af928faca7 Merge pull request #7489 from anhu/zero_len_hash
Allow for zero length hash.  Its not an error.
2024-05-09 01:34:24 -04:00
Daniel Pouzzner 5a784c818d Merge pull request #7319 from SparkiDev/chacha_poly1305_asm_msvc
ChaCha20, Poly1305 ASM for MSVC
2024-05-08 19:03:56 -04:00
Juliusz Sosinowicz 2508c9e1f4 ed25519: check that the signature is smaller than the order 2024-05-08 17:54:37 +02:00
Andras Fekete 8f9c8a1203 Fix infinite loop
'ret' could be set to non-zero inside the loop and the 'cmac->bufferSz' never gets reset causing 'add' to become 0 in the subsequent loop.
2024-05-08 09:52:37 -04:00
Juliusz Sosinowicz 06798ab8bf EAP-FAST
Implement PACs for EAP-FAST
- wolfSSL_set_session_ticket_ext_cb
- server side wolfSSL_set_session_secret_cb (tls <=1.2 only)
2024-05-08 10:33:20 +02:00
Juliusz Sosinowicz 589bdba256 Apply suggestions from code review
Co-authored-by: Bill Phipps <bill@wolfssl.com>
2024-05-07 10:38:01 +02:00
Juliusz Sosinowicz 550d9ad9a4 Add testing for zephyr no malloc 2024-05-07 10:38:01 +02:00
Juliusz Sosinowicz 7ed5e0b3ba zephyr no malloc
- cert gen
- csr gen
- pkcs12
- Compiles for Zephyr 3.4.0 and 2.7.4
- Add support for CONFIG_POSIX_API
2024-05-07 10:38:01 +02:00
Daniel Pouzzner 4e6a34504d Merge pull request #7500 from SparkiDev/lms_xmss_move_wolfcrypt
LMS, XMSS: move code into wolfCrypt
2024-05-07 01:12:18 -04:00
Chris Conlon 95abc1074b Merge pull request #7278 from JacobBarthelmeh/pkcs7-validate
add guard around public key validation on import
2024-05-06 13:51:29 -06:00
JacobBarthelmeh 7bc73d351f Merge pull request #7504 from ejohnstown/generic-pool-fix
Generic Memory Pools Fix
2024-05-06 13:11:47 -06:00
gojimmypi e90c6bcd24 Espressif updates to fix Apple Homekit SRP. 2024-05-04 14:33:23 -07:00
John Safranek 195bbcc315 Generic Memory Pools Fix
1. Add some expository comments describing the purpose of:
   * WOLFMEM_MAX_BUCKETS
   * WOLFMEM_DEF_BUCKETS
   * WOLFMEM_BUCKETS
   * WOLFMEM_DIST
2. Switch the API test for LoadStaticMemory() to named constants.
3. Delete redundant test case. Add a new test case.
4. In the wolfCrypt test for the memory constants, check the sizes of
   the WOLFMEM_BUCKETS and WOLFMEM_DIST lists against
   WOLFMEM_DEF_BUCKETS which should be their length. Check that
   WOLFMEM_DEF_BUCKETS is not greater than WOLFMEM_MAX_BUCKETS.
5. Default for WOLFMEM_MAX_BUCKETS should be WOLFMEM_DEF_BUCKETS, set it
   to what is specified. Add a warning if MAX is less than DEF.
6. Separate the definition of the constant LARGEST_MEM_BUCKET so it is
   dependent on config and not if WOLFMEM_BUCKETS isn't set.
2024-05-03 16:15:38 -07:00
JacobBarthelmeh 081731be8b Merge pull request #7392 from gojimmypi/PR-Espressif-wolfcrypt-test
Update Espressif Examples and Libraries
2024-05-03 15:31:23 -06:00
Sean Parkinson e47f1d4190 LMS, XMSS: move code into wolfCrypt
Move implementations of LMS and XMSS into wolfCrypt and use by default.
2024-05-03 15:43:22 +10:00
Sean Parkinson 51b85ee1e3 Merge pull request #7490 from dgarske/ecc_curvecache_nomalloc
Support for ECC_CACHE_CURVE with no malloc
2024-05-02 07:17:01 +10:00
Daniel Pouzzner 5905f9289d fix namespace collision: rename types read_private_key_cb and write_private_key_cb to wc_{lms,xmss}_read_private_key_cb and wc_{lms,xmss}_write_private_key_cb. 2024-05-01 13:58:57 -05:00
Sean Parkinson aab97fe9e2 ChaCha20, Poly1305 ASM for MSVC
Make ChaCha20 and Poly1305 asm available for MSVC.
2024-05-01 13:44:25 +10:00
Sean Parkinson 4594151588 Merge pull request #7418 from ejohnstown/generic-pool
Generic Memory Pools
2024-05-01 08:53:56 +10:00
John Safranek 6be55269db Generic Memory Pools
1. Add API for function `wc_UnloadStaticMemory()` which frees the mutex
   used by the static memory pool.
2. Update the `wc_LoadStaticMemory_ex()` test to free the static memory
   pool's mutex on each successful test case.
2024-04-30 09:34:48 -07:00
David Garske eaa5edb65b Support for ECC_CACHE_CURVE with no malloc. ZD 17774 2024-04-30 08:22:56 -07:00
Anthony Hu 529b6a1eb9 Allow for zero length hash. Its not an error.
Fixes ZD17910
2024-04-30 11:06:30 -04:00
Hideki Miyazaki d4b265e84c convert outLen type correctly 2024-04-30 17:19:11 +09:00
Hideki Miyazaki 07de40e4bd fix warnings
fix encrypted key use case

Update README
2024-04-30 17:19:11 +09:00
Sean Parkinson 068a3b5e99 Merge pull request #7481 from douzzer/20240424-sha-C-dynamic-fallback
20240424-sha-C-dynamic-fallback
2024-04-30 09:00:57 +10:00
Daniel Pouzzner bb4c2cbad6 address peer review: typography in linuxkm/linuxkm_memory.c, typography, clarity, and efficiency in wolfcrypt/src/sha256.c and wolfcrypt/src/sha512.c. 2024-04-29 14:02:44 -05:00
David Garske 5af0b1e83b Improved the prioritization of crypto callback vs async crypt in ECC and RSA. Resolves possible use of uninitialized value on ECC/RSA key when PKCS11 is enabled. See #7482 2024-04-29 10:34:01 -07:00
Daniel Pouzzner 7260cc124c smallstack refactors of wolfcrypt/src/evp.c:wolfssl_evp_digest_pk_final() and wolfcrypt/test/test.c:openssl_test(). 2024-04-27 12:35:23 -05:00
Daniel Pouzzner 885497ba5a add missing gate around Sha256_SetTransform() declaration in wolfcrypt/src/sha256.c;
remove stray definitions of XTRANSFORM*() in wolfcrypt/src/sha512.c;

restore global intel_flags in the !WC_NO_INTERNAL_FUNCTION_POINTERS paths of sha256.c and sha512.c;

disable test_wolfSSL_dtls_compare_stateless() in tests/api.c when DEBUG_VECTOR_REGISTER_ACCESS_FUZZING (it depends on a stable SHA512 hash of the in-memory struct WOLFSSL image).
2024-04-27 12:35:23 -05:00
Daniel Pouzzner 3f8e33369c implement WC_C_DYNAMIC_FALLBACK for SHA-3. 2024-04-27 12:35:23 -05:00