Commit Graph

27619 Commits

Author SHA1 Message Date
Daniel Pouzzner 681d09fc3c Merge pull request #9714 from philljj/bsdkm_crypto_accel
bsdkm: x86 crypto acceleration support.
2026-02-05 16:48:03 -06:00
Daniel Pouzzner 2a32e108d0 Merge pull request #9656 from jackctj117/PKCS7-signing
Add PKCS7 ECC raw sign callback support
2026-02-05 16:46:27 -06:00
Daniel Pouzzner 6d7cb87965 Merge pull request #9733 from SparkiDev/srtp_kdf_ctr_fix
SRTP-KDF: use two bytes of index
2026-02-05 16:21:38 -06:00
jackctj117 cfcd384c4c Address copilot feedback 2026-02-05 12:12:16 -07:00
David Garske 6a4415911b Merge pull request #9727 from miyazakh/tsip_rm_asn_original
Renesas RX72N : Remove WOLFSSL_ASN_ORIGINAL from user_settings.h
2026-02-05 08:42:59 -08:00
David Garske c7ed5ff179 Merge pull request #9740 from douzzer/20260204-linuxkm-with-global-replace-etc
20260204-linuxkm-with-global-replace-etc
2026-02-04 19:07:06 -08:00
Chris Conlon 3753f69a50 Merge pull request #9728 from padelsbach/aia-updates
Extend AIA interface
2026-02-04 15:11:02 -07:00
Daniel Pouzzner 5fca3786c6 .wolfssl_known_macro_extras: remove WC_SHA3_HARDEN (unneeded because --enable-faultharden defines it). 2026-02-04 14:30:31 -06:00
Daniel Pouzzner 0364a348b5 linuxkm/lkcapi_sha_glue.c and linuxkm/linuxkm_wc_port.h: when LINUXKM_DRBG_GET_RANDOM_BYTES, add "-with-global-replace" to the DRBG driver name, to advertise that /dev/[u]random and getrandom() are FIPS PRNGs; when NO_LINUXKM_DRBG_GET_RANDOM_BYTES, don't implicitly define LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT. 2026-02-04 14:30:08 -06:00
Daniel Pouzzner 10d4b1dd92 wolfcrypt/src/aes.c: fix -Wunused-variable in wc_AesSetKey(). 2026-02-04 14:14:57 -06:00
Daniel Pouzzner 017ac97de0 configure.ac: remove prohibition on ARM32 --enable-armasm with --enable-aesgcm-stream (current code in aes.c falls back to C gracefully in that case). 2026-02-04 14:12:51 -06:00
Paul Adelsbach 08c1397cc1 Enable 8 combined OCSP and URLs instead of 1 of each 2026-02-04 11:04:46 -08:00
Hideki Miyazaki c74a95c8d0 rm WOLFSSL_ASN_ORIGINAL from user_settings.h
- update signed ca cert (rsa/ecc)
 - update compiler options for v3.06.00
2026-02-05 00:08:35 +09:00
Daniel Pouzzner 492ff386dc Merge pull request #9658 from sameehj/aes-offload
cryptocb: add AES CryptoCB key import support and tests
2026-02-03 12:23:42 -06:00
Sameeh Jubran 425dc1372d cryptocb: add AES CryptoCB key import support and tests
Add CryptoCB-based AES key import support to enable Secure Element
offload without exposing raw AES key material to wolfCrypt.

When WOLF_CRYPTO_CB_AES_SETKEY is defined, wolfCrypt invokes a CryptoCB
callback during AES key setup. Behavior is determined by the callback
return value:

- If callback returns 0: Key is imported to the device (aes->devCtx).
  Key is NOT copied to wolfCrypt RAM; GCM H/M tables are NOT generated.
  Full hardware offload is assumed.

- If callback returns CRYPTOCB_UNAVAILABLE: Device does not support
  SetKey. Normal software path is used; key is copied to devKey for
  optional encrypt/decrypt acceleration.

- Any other error: Propagated to the caller.

Key points:
- Add wc_CryptoCb_AesSetKey() callback for AES key import
- Update AES SetKey paths to call CryptoCB and branch on return value
- Skip GCM H/M table generation when callback succeeded (devCtx set)
- Preserve existing behavior when devId is INVALID_DEVID or
  WOLF_CRYPTO_CB_AES_SETKEY is not defined

Testing:
- Add unit test for CryptoCB AES SetKey (verifies key isolation when
  callback succeeds)
- Add end-to-end AES-GCM offload test (SetKey, Encrypt, Decrypt, Free
  via CryptoCB)
- Tests use a mock SE with software AES to validate routing

Enable with: CPPFLAGS="-DWOLF_CRYPTO_CB_AES_SETKEY -DWOLF_CRYPTO_CB_FREE"

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-02-03 16:59:02 +02:00
Sean Parkinson b1d3529419 SRTP-KDF: use two bytes of index
One byte of index creates up to 4096 bytes for a key.
Increase output size to match specification.
2026-02-03 11:01:11 +10:00
jordan 8ae27c75e4 bsdkm: x86 crypto acceleration support. 2026-02-02 12:00:22 -06:00
Paul Adelsbach aa020f39c4 Extend AIA interface 2026-02-02 08:48:40 -08:00
JacobBarthelmeh c807903088 Merge pull request #9722 from SparkiDev/sha3-harden
SHA-3: harden against glitch attack
2026-02-02 09:21:35 -07:00
Sean Parkinson 5924524920 SHA-3: harden against glitch attack
Check loop counts to ensure glitching didn't change number of times loop
was performed.
2026-02-02 15:54:55 +10:00
Sean Parkinson b56eeb91aa Merge pull request #9730 from douzzer/20251126-linuxkm-full-reloc-support
20251126-linuxkm-full-reloc-support
2026-02-02 15:52:15 +10:00
Daniel Pouzzner f2f9d5bbe7 src/internal.c: in SanityCheckMsgReceived(), gate "TLS 1.2 message order check: certificate before CKE" from 5b6f86bc8e on !WOLFSSL_NO_CLIENT_AUTH. 2026-01-30 22:38:44 -06:00
Daniel Pouzzner 64bdcce08d linuxkm/linuxkm_wc_port.h: move implementation of wc_linuxkm_inet_pton() and definition of XINET_PTON() inside BUILDING_WOLFSSL guard. 2026-01-30 22:35:31 -06:00
Daniel Pouzzner 6123febd3f src/ssl_sk.c, src/x509.c, wolfssl/ssl.h: tweaks and fixes to from #9705: remove !WOLFSSL_LINUXKM gates, and fix nullPointerArithmeticRedundantCheck in ExtractHostFromUri(). 2026-01-30 17:34:37 -06:00
Daniel Pouzzner 0b91a0e913 linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, linuxkm/Makefile: refactor wc_linuxkm_normalize_relocations() and associated types and objects:
* change wc_linuxkm_pie_reloc_tab from unsigned int[] to struct wc_linuxkm_pie_reloc_tab_ent[], with dest_segment and reloc_type members;
  * add enum wc_reloc_dest_segment and enum wc_reloc_type;
  * update GENERATE_RELOC_TAB recipe in Makefile to render the dest segment and reloc type;
  * add struct reloc_layout_ent, and reloc_layouts[] fully populated for x86 and ARM relocations;
  * refactor find_reloc_tab_offset() and wc_linuxkm_normalize_relocations() to reflect the above;

linuxkm/module_hooks.c: tweak various printf format characters and arguments for compatibility with ARM32;

linuxkm/linuxkm_wc_port.h: include linux/inet.h and define wc_linuxkm_inet_pton() and XINET_PTON(), unless WOLFCRYPT_ONLY.
2026-01-30 17:34:02 -06:00
Daniel Pouzzner 8719df2666 wolfcrypt/src/aes.c: in wc_AesGcmSetKey(), don't VECTOR_REGISTERS_POP() until after GCM_generate_m0_*(). 2026-01-30 17:33:30 -06:00
Daniel Pouzzner e48663248c wolfssl/wolfcrypt/types.h: in setup for wc_static_assert, include assert.h if __STDC_VERSION__ or __cplusplus denotes presence, even if WOLFSSL_HAVE_ASSERT_H is unset. 2026-01-30 17:33:13 -06:00
Daniel Pouzzner 1feb7d247d .github/workflows/linuxkm.yml: in first scenario, remove --disable-opensslextra (i.e. retain opensslextra implicit to --enable-all), remove -DWOLFSSL_LINUXKM_VERBOSE_DEBUG, and use --enable-all-asm rather than --enable-intelasm --disable-sp-asm; in second secnario, add -DDEBUG_LINUXKM_PIE_SUPPORT. 2026-01-30 17:32:55 -06:00
JacobBarthelmeh ff28a114b3 Merge pull request #9724 from holtrop-wolfssl/rust-ecc-allow-empty-pub_buf_slice-on-import-private
Rust wrapper: ECC: Allow import_private_*() calls with empty pub_buf slice
2026-01-30 10:54:01 -07:00
JacobBarthelmeh 1dc177fdbe Merge pull request #9718 from SparkiDev/tls12_msg_order_checks
TLS 1.2 message order check: certificate before CKE
2026-01-30 10:50:33 -07:00
JacobBarthelmeh 9ca379f3bb Merge pull request #9719 from dgarske/usersettings_expand
Improve user_settings.h examples and add validation rules
2026-01-29 15:35:12 -07:00
David Garske 7077a7bdd8 Fix for macros not longer needed in .wolfssl_known_macro_extras 2026-01-29 09:28:23 -08:00
Josh Holtrop 88b34a68d8 Rust wrapper: ECC: Allow import_private_*() calls with empty pub_buf slice 2026-01-29 10:32:50 -05:00
jackctj117 6d6d0ab088 Add PKCS7 ECC raw sign callback support 2026-01-28 14:44:00 -07:00
David Garske c2a987595f Add new user_settings.h templates for tls13, dtls13, pq, openssl_compat, baremetal, rsa_only, pkcs7, ca 2026-01-28 11:27:01 -08:00
David Garske 3946ba8de3 Improve user_settings.h examples and add validation rules
- Standardize header guards to WOLFSSL_USER_SETTINGS_H across all files
  - Add #if 0/1 gates with labels for easy feature toggling
  - Fix bugs: typos in eccnonblock (WOLFSL_SHA*), duplicates in fipsv5/all
  - Add NO_DES3_TLS_SUITES alongside NO_DES3 where needed
  - Update wolfboot_keytools with upstream PQ algorithms (ML-DSA, LMS, XMSS)
  - Add settings.h validation rules with descriptive error messages
  - Auto-define NO_DES3_TLS_SUITES when NO_DES3 is set (instead of error)
  - Update README.md and add missing files to CI tests
2026-01-28 09:52:24 -08:00
JacobBarthelmeh a6316114bd Merge pull request #9716 from SparkiDev/regression_fixes_22
Regression test fixes
2026-01-27 22:07:50 -07:00
JacobBarthelmeh ba3653d8d0 Merge pull request #9717 from dgarske/config_rules
Make sure all configure.ac rules are also enforced in settings.h
2026-01-27 21:53:51 -07:00
Sean Parkinson 5b6f86bc8e TLS 1.2 message order check: certificate before CKE
Make sure we received a Certificate message before the ClientKeyExchange
when a certificate is requested. (Certificate message will be empty when
client has no valid certificate.)
2026-01-28 10:35:14 +10:00
Sean Parkinson eb2fb4a9ce Merge pull request #9699 from anhu/downg
Add cipher suite filtering when downgrade is disabled
2026-01-28 08:59:06 +10:00
David Garske 46251bb401 Fix issue with NO_DES3_TLS_SUITES 2026-01-27 14:42:41 -08:00
Sean Parkinson bc9e37118e Regression test fixes
Mostly combinations of NO_WOLFSSL_CLIENT, NO_WOLFSSL_SERVER and
WOLFSSL_NO_CLIENT_AUTH were failing.
Added configurations to CI loop.

wc_AesGcmDecryptFinal: use WC_AES_BLOCK_SIZE to satisfy compiler.
2026-01-28 07:37:29 +10:00
JacobBarthelmeh f7b5f00973 Merge pull request #9710 from rlm2002/xChaCha20_Poly1305_unitTest
Unit test updates for XChacha20-Poly1305
2026-01-27 13:56:16 -07:00
JacobBarthelmeh 4f84be8e66 Merge pull request #9715 from dgarske/rsa_key_parsing
Fix for RSA private key parsing (allowing public) and RSA keygen no malloc support
2026-01-27 13:11:14 -07:00
David Garske 74a4bcb546 Enforce all configure.ac rules in settings.h also. Keeping configure.ac for early error checking. 2026-01-27 10:46:29 -08:00
Anthony Hu 3aa758c615 renegotiation indication changes number of ciphersuites so gate on that 2026-01-27 12:57:31 -05:00
JacobBarthelmeh 3e7efe8be2 Merge pull request #9705 from cconlon/nameConstraints
Support for extracting and validating X.509 Name Constraints extensions
2026-01-27 10:01:48 -07:00
Anthony Hu 9a53125794 Simplify testing gating logic. 2026-01-27 11:19:50 -05:00
David Garske c8fa1e915b Fix for RSA private key parsing (allowing public) and RSA keygen no malloc support. 2026-01-26 16:06:05 -08:00
Ruby Martin 38cb14f2a9 add API unit test for XChacha20-Poly1305
Expand XChacha20-Poly1305 unit test
2026-01-26 15:33:35 -07:00