Commit Graph

24704 Commits

Author SHA1 Message Date
jordan 6a45c8ee0e tests quic: fix uninitialized vars. 2025-03-06 16:14:39 -05:00
jordan 8d90e321c4 coverity: tests quic cleanup. 2025-03-06 15:32:21 -05:00
kareem-wolfssl acc096c2ea Merge pull request #8533 from dgarske/eccnb
Fixes for ECC non-blocking tests
2025-03-06 11:08:43 -07:00
David Garske 547519265a Merge pull request #8534 from douzzer/20250305-linuxkm-LKCAPI-AES-CBC-fixes
20250305-linuxkm-LKCAPI-AES-CBC-fixes
2025-03-06 08:44:05 -08:00
Daniel Pouzzner f572cffa31 .wolfssl_known_macro_extras: remove unneeded entry. 2025-03-05 18:44:08 -06:00
David Garske 1bd3bf1b66 Merge pull request #8531 from night1rider/zephyr-fs-rewind-fix
Fix for missing rewind function in zephyr
2025-03-05 16:04:36 -08:00
David Garske dfc6a52db5 Fixes for ECC non-blocking tests. Added example user_settings.h build test. Demonstrate ECC 256, 384 and 521 bit. 2025-03-05 15:58:51 -08:00
Daniel Pouzzner d82a7b10c5 wolfcrypt/src/evp.c: fix a name conflict around "cipherType" that provokes -Wshadow on gcc pre-4v8. 2025-03-05 17:56:08 -06:00
Daniel Pouzzner dc2e2631bc linuxkm: various fixes for LKCAPI wrapper for AES-CBC (now passing kernel-native
self-test and crypto fuzzer), and de-experimentalize it.

wolfssl/wolfcrypt/types.h: add definitions for WOLFSSL_WORD_SIZE_LOG2.

wolfcrypt/src/misc.c: fix xorbuf() to make the XorWords() reachable; also,
  refactor integer division and modulus ops as masks and shifts, and add pragma
  to suppress linuxkm FORTIFY_SOURCE false positive -Wmaybe-uninitialized.
2025-03-05 17:56:08 -06:00
Daniel Pouzzner 7d102a1816 Merge pull request #8530 from SparkiDev/test_dual_alg_support_dates_fix
Test daul alg support: set before and after dates
2025-03-05 17:55:38 -06:00
Daniel Pouzzner 9fc7e42554 Merge pull request #8507 from SparkiDev/ct_fixes_3
Constant time code: improved implementations
2025-03-05 15:17:23 -06:00
msi-debian 7ea89a62ba Fix for missing rewind function in zephyr 2025-03-05 12:49:58 -07:00
Sean Parkinson eaa61c2208 Test daul alg support: set before and after dates
Must set before and after dates into certificate structure as creation
of certificate does not fill in those fields but uses the current time.
The current time may change by a second between signings.
2025-03-05 16:15:55 +10:00
David Garske a073868cf0 Merge pull request #8527 from SparkiDev/sp_int_asm_fixes_1
SP int: inline asm improvements and mont reduce simplifications
2025-03-04 14:45:16 -08:00
David Garske 49122f36e9 Merge pull request #8526 from gasbytes/add-middlebox-compat-to-enable-jni
Enable TLS 1.3 middlebox compatibility by default with --enable-jni
2025-03-04 09:11:28 -08:00
Sean Parkinson caf801f211 SP int: inline asm improvements and mont reduce simplifications
SP int inline asm:
- allow input variables to be either registers or memory for Intel
x86/x64 (minor performance improvement)
  - don't have memory in clobber list if output variables are registers
- remove empty clobber line in arm32/thumb2 code for old versions of
gcc
_sp_mont_red():
  - simplify the code by not using extra variables
  - don't add to j in for loop check.
2025-03-04 16:16:26 +10:00
David Garske 9b16ed5da4 Merge pull request #8518 from lealem47/evp_update_null_cipher
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
2025-03-03 14:03:57 -08:00
David Garske 2b099daee0 Merge pull request #8511 from SparkiDev/intel_sha_not_avx1
SHA256: Intel flags has SHA but not AVX1 or AVX2
2025-03-03 13:59:10 -08:00
Reda Chouk 3e5e81c45f Enable TLS 1.3 middlebox compatibility by default with --enable-jni
Adding -DWOLFSSL_TLS13_MIDDLEBOX_COMPAT flag to the default
compilation flags when --enable-jni is used.

Related PRs in other repositories:
- wolfSSL/wolfssljni#255
- wolfSSL/testing#845
2025-03-03 14:12:20 +01:00
David Garske 72d08a1a79 Merge pull request #8522 from douzzer/20250228-fixes
20250228-fixes
2025-02-28 18:17:31 -08:00
Daniel Pouzzner 058014b3eb src/ssl.c: add missing !NO_WOLFSSL_SERVER gate around wolfSSL_get_servername(). 2025-02-28 19:07:03 -06:00
Daniel Pouzzner d6b5c8e8ee src/ssl_asn1.c: fix misspelling cause by overbroad search+replace. 2025-02-28 18:25:41 -06:00
Daniel Pouzzner de6ac319cc .wolfssl_known_macro_extras: remove unneeded entries. 2025-02-28 18:01:49 -06:00
Lealem Amedie 59a987aa00 Remove trailing whitespace 2025-02-28 16:06:24 -07:00
Daniel Pouzzner 9c3816089c tests/api.c: disable test_wolfSSL_OCSP_parse_url() if WOLFSSL_SM2 || WOLFSSL_SM3. 2025-02-28 15:58:54 -06:00
Daniel Pouzzner 50a3be6df7 wolfcrypt/src/sp_int.c. src/ssl_asn1.c. src/internal.c: rename several declarations to avoid shadowing global functions, for the convenience of obsolete (pre-4v8) gcc -Wshadow. 2025-02-28 15:29:58 -06:00
Daniel Pouzzner f7b911f5cd src/ssl.c, src/internal.c: fix leak in wolfSSL_get_ciphers_compat(): fix gating (OPENSSL_EXTRA, not OPENSSL_ALL) in FreeSuites() re .suitesStack and .clSuitesStack, and similarly fix gating on the implementation of wolfSSL_sk_SSL_CIPHER_free(() and related.
src/ssl_sess: suppress false positive clang-analyzer-unix.Malloc "Argument to 'free()' is the address of a global variable".
2025-02-28 15:23:43 -06:00
Lealem Amedie 08a314e57e Add test src file to CMake build 2025-02-28 11:54:19 -07:00
Lealem Amedie 22221e5007 Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate 2025-02-28 11:44:30 -07:00
Daniel Pouzzner 7698546531 Merge pull request #8515 from SparkiDev/test_sha512_be
Tests api.c: sha512 big endian
2025-02-28 00:51:54 -06:00
Sean Parkinson 14651edae0 Tests api.c: sha512 big endian
Don't need to reverse bytes for SHA-512 Transform API.
2025-02-28 14:58:43 +10:00
Sean Parkinson 4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes
OCSP openssl compat fixes
2025-02-28 13:42:50 +10:00
Daniel Pouzzner d63a180f95 Merge pull request #8513 from SparkiDev/api_c_split_ciphers
Test api.c: split out MACs and ciphers
2025-02-27 14:00:36 -06:00
Marco Oliverio 194db7e844 tests: gate ocsp test on SM2 || SM3
we don't properly support SM2 and SM3 hash algo id properly yet
2025-02-27 19:38:46 +00:00
Marco Oliverio 83f5644549 ocsp: Fix OcspEncodeCertID SetAlgoID return check 2025-02-27 19:38:44 +00:00
Marco Oliverio 814f0f8a09 Refactor CERT_ID encoding as per review comments 2025-02-27 12:50:37 +00:00
Sean Parkinson 48300352c6 Test api.c: split out MACs and ciphers 2025-02-27 15:52:39 +10:00
Sean Parkinson 7d0ef5bd42 Merge pull request #8512 from douzzer/20250226-fixes
20250226-fixes
2025-02-27 14:48:05 +10:00
Daniel Pouzzner f7ddc49487 linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug).
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().

tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).

move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.

add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().

optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
2025-02-26 20:55:56 -06:00
Sean Parkinson 0a6a8516f9 Merge pull request #8488 from dgarske/stm32h7s
Support for STM32H7S (tested on NUCLEO-H7S3L8)
2025-02-27 10:34:41 +10:00
Sean Parkinson a0d6afbb04 Merge pull request #8505 from jmalak/ow-fixes
various fixes for Open Watcom build
2025-02-27 10:31:19 +10:00
Daniel Pouzzner 183d9b44d1 Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN
Disable XTS-384 as an allowed use in FIPS mode
2025-02-26 18:24:12 -06:00
Sean Parkinson c290907228 Merge pull request #8510 from wolfSSL/devin-lifeguard/update-rules-d59f9c48
Update Devin Lifeguard rules
2025-02-27 09:40:48 +10:00
Sean Parkinson 99f25c6399 Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various
Various fixes and improvements
2025-02-27 09:40:06 +10:00
Sean Parkinson b104887042 SHA256: Intel flags has SHA but not AVX1 or AVX2
Reversal of bytes when IS_INTEL_SHA only is same as when AVX1 or AVX2.
2025-02-27 09:25:13 +10:00
David Garske 92ed003a58 Merge pull request #8502 from SparkiDev/pkcs_pad
PKCS Pad: public API to do PKCS padding
2025-02-26 15:17:50 -08:00
David Garske 512f928650 Fix cast warnings with g++. 2025-02-26 14:45:23 -08:00
Sean Parkinson f204ac8363 PKCS Pad: public API to do PKCS padding
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
2025-02-27 08:28:53 +10:00
devin-ai-integration[bot] 615d7229b0 Update Devin Lifeguard rules 2025-02-26 22:19:57 +00:00
David Garske 307b71c0f4 Merge pull request #8508 from SparkiDev/arm_asm_sha512_384
ARM ASM: available for SHA-384 only too
2025-02-26 14:11:27 -08:00