wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 01:42:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,247 Commits 12 Branches 184 Tags
82cb83abee2472f1204ced8ce45fbc89eec6d795
Commit Graph

25247 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
82cb83abee Improvements for portability using older gcc 4.8.2 and customer parsing tools. 2025-05-08 17:02:27 -07:00
David Garske
7ff4ada692 Merge pull request #8746 from douzzer/20250507-ed25519-noasm 
20250507-ed25519-noasm
 2025-05-08 08:29:04 -07:00
Daniel Pouzzner
e044ec45b7 .github/workflows/codespell.yml: in skip section, add full paths for new artifacts in examples/asn1/. 2025-05-08 00:41:35 -05:00
Daniel Pouzzner
2e0ada9836 configure.ac: implement support for --enable-ed25519=noasm, and refactor and improve existing support for --enable-curve25519=noasm. 2025-05-07 23:59:58 -05:00
David Garske
18818415d9 Merge pull request #8744 from douzzer/20250507-fips-all 
20250507-fips-all
 2025-05-07 13:56:31 -07:00
Daniel Pouzzner
d3ce45fbfb clean up Curve25519/Curve448 dependencies in FIPS builds: 
configure.ac:

* in FIPS setup, fix sensing of ENABLED_CURVE25519 and ENABLED_CURVE448 to prevent noasm sneaking through, and allow fips=dev to enable them via override;

* enable-all enables ECH only if !FIPS;

* enable-all-crypto enables curve25519/curve448 only if !FIPS;

* QUIC implication of ENABLED_CURVE25519 is inhibited if FIPS;

tests/quic.c: add !HAVE_CURVE25519 paths in test_quic_key_share() to allow FIPS QUIC.
 2025-05-07 14:34:35 -05:00
David Garske
cdeac13c87 Merge pull request #8742 from gojimmypi/pr-espressif-p4-and-hkdf 
Espressif HAVE_HKDF for wolfssl_test, explicit ESP32P4
 2025-05-07 12:30:54 -07:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
philljj
36d8298602 Merge pull request #8743 from douzzer/20250807-linuxkm-lkcapi-ecdh-fips-5v15 
20250807-linuxkm-lkcapi-ecdh-fips-5v15
 2025-05-07 12:47:03 -05:00
Daniel Pouzzner
060d4d5ecc linuxkm/lkcapi_glue.c: on FIPS kernels <5.15, suspend fips_enabled when registering ecdh-nist-p256 and ecdh-nist-p384 to work around wrong/missing attributes/items in kernel crypto manager. 2025-05-07 11:14:24 -05:00
JacobBarthelmeh
eae4005884 Merge pull request #8717 from dgarske/renesas_rx_api 
Make wc_tsip_* API's public
 2025-05-07 09:29:05 -06:00
gojimmypi
ed2c20a3b2 Espressif HAVE_HKDF for wolfssl_test, explicit ESP32P4 2025-05-07 16:38:05 +02:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson
4b73e70515 Merge pull request #8706 from dgarske/win_crypt_rng 
New build option to allow reuse of the windows crypt provider handle …
 2025-05-07 20:55:07 +10:00
philljj
a69039b40d Merge pull request #8740 from douzzer/20250506-linuxkm-lkcapi-default-priority-100000 
20250506-linuxkm-lkcapi-default-priority-100000
 2025-05-06 20:04:19 -05:00
Sean Parkinson
112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
Sean Parkinson
d100898e92 Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix 
wc_HKDF_Expand_ex: correctly advance the index
 2025-05-07 08:23:33 +10:00
Daniel Pouzzner
8a3a5929b8 linuxkm/lkcapi_glue.c: change WOLFSSL_LINUXKM_LKCAPI_PRIORITY from INT_MAX to 100000 to avoid overflows in kernel calculation of priority on constructed algs. 2025-05-06 17:21:35 -05:00
David Garske
6eb8dfb769 Merge pull request #8668 from gojimmypi/pr-arduino-print 
Fix Arduino progmem print, AVR WOLFSSL_USER_IO
 2025-05-06 14:51:12 -07:00
David Garske
213c43b0fc Merge pull request #8715 from padelsbach/ssl-certman-codesonar 
Speculative fix for CodeSonar overflow issue in ssl_certman.c
 2025-05-06 14:49:57 -07:00
David Garske
1ee954a38c Merge pull request #8738 from kaleb-himes/refine-module-boundary 
Refine module boundary based on lab feedback [IG C.K.]
 2025-05-06 14:42:57 -07:00
David Garske
05a3557b2b Merge pull request #8703 from lealem47/zd19592 
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
 2025-05-06 14:42:19 -07:00
David Garske
d04ab3757e New build option WIN_REUSE_CRYPT_HANDLE to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after WC_RESEED_INTERVAL. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing hpke.c to wolfssl VS project. 2025-05-06 14:38:02 -07:00
David Garske
602f4a7b05 Merge pull request #8739 from douzzer/20250506-fixes-and-test-coverage 
20250506-fixes-and-test-coverage
 2025-05-06 14:27:38 -07:00
Daniel Pouzzner
982a7600c2 src/tls13.c: in DoTls13ServerHello() WOLFSSL_ASYNC_CRYPT path, fix -Wdeclaration-after-statement caused by fallthrough definition; 
.github/workflows: update async.yml, multi-arch.yml, multi-compiler.yml, no-malloc.yml, opensslcoexist.yml, and os-check.yml, with -pedantic and related flags, and add --enable-riscv-asm to multi-arch.yml RISC-V scenario;

configure.ac: clarify error message for "SP ASM not available for CPU."
 2025-05-06 14:49:32 -05:00
Lealem Amedie
579e22f843 Remove WOLFSSL_NO_FSEEK from known macros 2025-05-06 15:39:18 -04:00
David Garske
25db14f50c Fix macro typo. 2025-05-06 10:42:09 -07:00
kaleb-himes
654812679b Refine module boundary based on lab feedback [IG C.K.] 2025-05-06 09:33:36 -06:00
Juliusz Sosinowicz
d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index 2025-05-06 13:47:54 +02:00
Sean Parkinson
1c0e5af3a4 Merge pull request #8720 from JacobBarthelmeh/xilinx 
add macro guards for SHA3 test cases to unit tests
 2025-05-06 10:50:01 +10:00
Sean Parkinson
428915e492 Merge pull request #8719 from philljj/coverity_april_2025 
Fix coverity warnings
 2025-05-06 10:11:27 +10:00
Sean Parkinson
dfec168402 Merge pull request #8721 from philljj/coverity_misc 
Coverity misc
 2025-05-06 10:04:53 +10:00
JacobBarthelmeh
3819c352e8 Merge pull request #8728 from dgarske/qat_4.28 
Fixes for Intel QuickAssist latest driver (4.28)
 2025-05-05 17:48:49 -06:00
David Garske
219902149e Fix issue with api.c test_wolfSSL_OBJ and ./certs/test-servercert.p12 that uses DES3 and AES-CBC-256. 2025-05-05 15:55:00 -07:00
David Garske
c2f1563144 Merge pull request #8726 from kareem-wolfssl/zd19786 
Pass in correct hash type to wolfSSL_RSA_verify_ex.
 2025-05-05 15:38:41 -07:00
Daniel Pouzzner
629d812eb3 Merge pull request #8730 from philljj/linuxkm_pkcs1pad_more 
linuxkm rsa: add more pkcs1pad sha variants
 2025-05-05 16:59:29 -05:00
David Garske
751dcdf3df Improve the hash wait logic by separating the data input ready from the digest calculation complete. 2025-05-05 14:36:36 -07:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
David Garske
e487685d7d Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads. 2025-05-05 14:36:36 -07:00
philljj
6296dfdb1e Merge pull request #8735 from douzzer/20250502-linuxkm-fixes 
20250502-linuxkm-fixes
 2025-05-05 16:29:00 -05:00
David Garske
3d4e89c2ca Make wc_tsip_* API's public. 2025-05-05 14:02:05 -07:00
David Garske
2c0ca1cacb Fix for QAT driver QAT.L.4.28.0-00004 icp include path. Fix for CentOS 7 to allow automake 1.13.4 (works fine). 2025-05-05 13:22:54 -07:00
Daniel Pouzzner
c402d7bd94 Merge pull request #8729 from philljj/linuxkm_ecdh_decode_secret 
Linuxkm ecdh decode secret
 2025-05-05 14:59:51 -05:00
David Garske
d5cca9d7c9 Merge pull request #8733 from SparkiDev/riscv_hash_raw_fix 
RISC-V 64-bit: fix raw hash when using crypto instructions
 2025-05-05 12:44:51 -07:00
Kareem
aad15b27a2 Pass in correct hash type to wolfSSL_RSA_verify_ex. 2025-05-05 11:58:26 -07:00
jordan
a341333589 linuxkm rsa: additional pkcs1 sha variants. 2025-05-05 13:50:12 -05:00
jordan
68682f155c linuxkm ecdh: remove dependency on crypto_ecdh_decode_key. 2025-05-05 13:39:13 -05:00
jordan
efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
Daniel Pouzzner
b9b66042d7 wolfssl/wolfcrypt/dh.h: gate in wc_DhGeneratePublic() with WOLFSSL_DH_EXTRA, 
adding WOLFSSL_NO_DH_GEN_PUB in the unlikely event it needs to be disabled;

configure.ac: in --enable-linuxkm-lkcapi-register section, remove special-case
  handling for -DWOLFSSL_DH_GEN_PUB, and add support for
  --enable-linuxkm-lkcapi-register=all-kconfig, which disables registration of
  any algs that are disabled in the target kernel, and #errors if any algs or
  registrations are disabled or incompatible in libwolfssl but enabled in the
  target kernel (note, it does not #error for algorithms we don't currently
  shim/implement);

linuxkm/lkcapi_glue.c: change default WOLFSSL_LINUXKM_LKCAPI_PRIORITY from 10000
  to INT_MAX to make masking impossible;

linuxkm/lkcapi*glue.c: move all remaining algorithm-specific gate setup into the
  respective algorithm family files, and in each family file, add
  LINUXKM_LKCAPI_REGISTER_ALL_KCONFIG logic to activate shims only if the
  corresponding algorithm is activated in the target kernel.

linuxkm/lkcapi_sha_glue.c: fix -Wunuseds in
  wc_linuxkm_drbg_default_instance_registered() and wc_linuxkm_drbg_cleanup()
  when !LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT.
 2025-05-05 13:17:06 -05:00
jordan
baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00