wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:52:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,341 Commits 12 Branches 184 Tags
97d9bfcea6bdde086cfebb1345fa06d6cb1fe82f
Commit Graph

27341 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
97d9bfcea6 Merge pull request #9601 from rizlik/early_data_client_side_fixes 
check that we are resuming in write_early_data + minor fixes
 2026-01-08 10:26:48 -08:00
David Garske
71f3bd4cd3 Merge pull request #9627 from SparkiDev/aarch64_asm_chacha20_256 
ChaCha20 Aarch64 ASM fix: 256-bit case fixed
 2026-01-08 10:24:48 -08:00
David Garske
d290caa848 Merge pull request #9608 from Frauschi/typo_fix 
Fix for WOLFSSL_BLIND_PRIVATE_KEY and WOLFSSL_DUAL_ALG_CERTS
 2026-01-08 10:23:30 -08:00
Sean Parkinson
883ceecf8a ChaCha20 Aarch64 ASM fix: 256-bit case fixed 
Fixed the 256-bits at a time crypt assembly code.

Add a chunking test for ChaCha20.
 2026-01-08 18:01:15 +10:00
David Garske
6264c115cc Merge pull request #9563 from LinuxJedi/renode 
Add Renode GH Action for STM32H753
 2026-01-07 09:51:30 -08:00
David Garske
5c2c4599ed Merge pull request #9537 from SparkiDev/aarch64_darwin_addr_calc_fix 
ARM64 ASM: Darwin specific address calc fix
 2026-01-07 09:50:05 -08:00
David Garske
cf9016b29f Merge pull request #9622 from SparkiDev/rsa_pkcs15_verify_bounds_check 
RSA PKCS#1.5 verify: bounds check input
 2026-01-07 08:26:24 -08:00
David Garske
84aeeb655f Merge pull request #9580 from SparkiDev/curve25519_smul_improv 
Curve25519 improvements
 2026-01-07 08:25:41 -08:00
David Garske
19f7b946f5 Merge pull request #9621 from SparkiDev/mlkem_check_pub 
MLKEM: check public key when decoding
 2026-01-07 08:24:51 -08:00
David Garske
dd8d2a2d4d Merge pull request #9575 from SparkiDev/dilithium_16_bit_fixes 
MLDSA/Dilithium: fix 16-bit int issues
 2026-01-07 08:24:22 -08:00
David Garske
b5d3c87876 Merge pull request #9603 from SparkiDev/ppc32_sha256_asm_reg 
PPC32 ASM: alternative C code with registers prepended
 2026-01-07 08:23:55 -08:00
David Garske
315ebf5be6 Merge pull request #9615 from SparkiDev/arm32_aes_block_inline 
AES ARM32/Thumb2: option to inline block
 2026-01-07 08:21:51 -08:00
Marco Oliverio
50b39c91da fixup! (d)tls13: check if early data is possible in write_early_data 2026-01-07 14:30:16 +01:00
Takashi Kojo
5f68ea087a Merge pull request #9562 from kojiws/sync_ja_doc_rsa 
[JA] Sync Japanese RSA Part with English on API Document
 2026-01-07 18:18:53 +09:00
Sean Parkinson
80a0f6bb32 RSA PKCS#1.5 verify: bounds check input 
As long as NO_RSA_BOUNDS_CHECK is not defined, the input range is
checked for verification.
 2026-01-07 17:49:50 +10:00
Sean Parkinson
2a08fbe3ed MLKEM: check public key when decoding 
Check that the public key values are less than Q when decoding.
 2026-01-07 13:11:15 +10:00
Sean Parkinson
eab58ae226 Merge pull request #9599 from holtrop-wolfssl/rust-chacha20-poly1305 
Rust wrapper: add wolfssl_wolfcrypt::chacha20_poly1305 module
 2026-01-06 20:28:24 +10:00
Sean Parkinson
b293a1cc5c Merge pull request #9591 from rlm2002/coverity 
20251229 Coverity Dereference before Null check
 2026-01-06 20:25:01 +10:00
Sean Parkinson
5343cb386a Merge pull request #9588 from kareem-wolfssl/ghAlerts 
Fix incorrect alerts.
 2026-01-06 20:22:51 +10:00
Sean Parkinson
a1089ba9f2 AES ARM32/Thumb2: option to inline block 
Branching to a common block encrypt/decrypt may work for assembly but
not always for C code.
Added option, for assembly and inline assembly, to inline block
encrypt/decrypt: WOLFSSL_ARMASM_AES_BLOCK_INLINE.
 2026-01-06 11:24:21 +10:00
Sean Parkinson
38241227a2 Curve25519 improvements 
Add non-constant time implemenations of mod_inv for x64 and Aarch64
assembly.

Generate base point table, with better formatting, for double smul with
a script.
Increase Bi table size to 32 entries for 64-bit asm.
Minor improvements to double smul.

WOLFSSL_CURVE25519_NOT_USE_ED25519 to not use ed25519 base smul in
curve25519 base smul.
 2026-01-06 10:24:21 +10:00
Daniel Pouzzner
83f7204f99 Merge pull request #9597 from sameehj/rhel9_linuxkm_sign 
linuxkm: handle RHEL9 disabled akcipher sign/decrypt ops
 2026-01-05 17:23:45 -06:00
Sean Parkinson
a20d5f7b9d Merge pull request #9613 from philljj/fix_ecc_test_name 
wolfcrypt test: fix ecc521 err msg.
 2026-01-06 08:49:01 +10:00
jordan
842511b0ef wolfcrypt test: fix ecc521 err msg. 2026-01-05 12:25:53 -06:00
Sameeh Jubran
d27c04bbca linuxkm: handle RHEL9 disabled akcipher sign/decrypt ops 
RHEL9 kernels (9.6+) disable RSA signing and decryption in the kernel
crypto API for security reasons (CVE-2023-6240). The kernel forcibly
overwrites akcipher sign/decrypt callbacks to return -ENOSYS, regardless
of what the driver provides.

Commit 3709c35c in the RHEL kernel:
"crypto: akcipher - Disable signing and decryption"

This affects our self-tests which call crypto_akcipher_sign() and
crypto_akcipher_decrypt(). On RHEL9, these operations return -ENOSYS
even though our driver correctly implements them.

Add compile-time checks for RHEL_RELEASE_CODE >= 9.6 to detect this
scenario and skip the affected self-tests gracefully. The tests pass
since the algorithms are registered correctly; the kernel simply
refuses to execute sign/decrypt operations as a matter of policy.

Note: encrypt and verify operations are unaffected and continue to be
tested normally.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
 2026-01-05 19:42:29 +02:00
Tobias Frauenschläger
116260762f Fix for WOLFSSL_BLIND_PRIVATE_KEY and WOLFSSL_DUAL_ALG_CERTS 2026-01-05 17:26:11 +01:00
Josh Holtrop
9007d12d2a Rust wrapper: add wolfssl_wolfcrypt::chacha20_poly1305 module 2026-01-05 08:44:34 -05:00
Andrew Hutchings
4b606ebbeb Fix trailing whitespace and flush-left 2026-01-05 13:39:43 +00:00
Andrew Hutchings
0c4ca257a0 Add Renode GH Action for STM32H753 
This adds bare metal wolfCrypt test with hardware RNG and AES-GCM for
STM32H753 using Renode.

Renode does not support HASH HAL at this time.
 2026-01-05 13:39:43 +00:00
Sean Parkinson
99692003d4 PPC32 ASM: alternative C code with registers prepended 
C implementation with registers prepended with letter 'r'.
 2026-01-05 21:12:10 +10:00
Marco Oliverio
7b9d3748cf tls13: early_data: prevent earlyData reset on re-entry 
Avoid resetting ssl->earlyData in wolfSSL_write_early_data when the
function is re-entered due to WC_PENDING_E, WANT_WRITE, or WANT_READ.
 2026-01-05 10:40:34 +01:00
Marco Oliverio
29941d5645 (d)tls13: check if early data is possible in write_early_data 2026-01-05 10:35:02 +01:00
Marco Oliverio
d9bba72b8c tls13: merge guarded code in a single section 2026-01-05 09:04:36 +01:00
David Garske
80c1228a38 Merge pull request #9594 from holtrop-wolfssl/rust-curve25519 
Rust wrapper: add wolfssl_wolfcrypt::curve25519 module
 2025-12-31 12:45:43 -08:00
Daniel Pouzzner
bbd3d4f55d Merge pull request #9579 from dgarske/coding_standard_20251223 
Add new coding standard for local (internal) function names
 2025-12-31 11:55:58 -06:00
philljj
776512846f Merge pull request #9598 from fabiankeil/unbreak-freebsd-build 
tests: Unbreak the build on FreeBSD-based systems
 2025-12-31 10:31:52 -06:00
Fabian Keil
21f35137a1 tests: Unbreak the build on FreeBSD-based systems 
... by using the same additional includes as on Linux.

Fixes:

      CC       tests/api/unit_test-test_rsa.o
    tests/api.c:19554:9: error: call to undeclared function 'waitpid'; ISO C99 and later do not support implicit function declarations [-Werror,-Wimplicit-function-declaration]
     19554 |         waitpid(pid, &waitstatus, 0);
	   |         ^

Tested on ElectroBSD amd64 14.3-STABLE.
 2025-12-31 14:48:06 +01:00
Daniel Pouzzner
cb78341886 Merge pull request #7586 from kareem-wolfssl/gh7197 
Keep RNG seed file descriptor open until the RNG is freed.
 2025-12-30 15:57:25 -06:00
philljj
5fa06818c0 Merge pull request #9595 from douzzer/20251229-linuxkm-rng-wolfentropy 
20251229-linuxkm-rng-wolfentropy
 2025-12-30 14:50:53 -06:00
Daniel Pouzzner
0621615b15 wolfcrypt/src/random.c: remove WC_VERBOSE_RNG messaging from wc_RNG_TestSeed(), which is called by test code with expected failure, and move it to _InitRng() and PollAndReSeed(), where it's always expected to succeed. 2025-12-30 13:27:31 -06:00
Daniel Pouzzner
299ca1cfef fixes from peer review: added comments for clarity, and remove errant condition added in _InitRng(). 2025-12-30 12:13:15 -06:00
JacobBarthelmeh
7a2e1c1dd0 Merge pull request #9585 from dgarske/add-missing-api-docs 
Add missing API documentation
 2025-12-30 09:37:22 -07:00
Josh Holtrop
8c125df85e Rust wrapper: ensure curve25519_key struct will have free called after init 2025-12-30 10:46:44 -05:00
Daniel Pouzzner
d504baaf3a linuxkm/lkcapi_sha_glue.c and .wolfssl_known_macro_extras: fixes from check-source-text. 2025-12-29 20:55:36 -06:00
Daniel Pouzzner
450b0b46c6 wolfcrypt/src/random.c and wolfssl/wolfcrypt/settings.h: add WC_VERBOSE_RNG messages, and activate by default when WOLFSSL_KERNEL_MODE. 2025-12-29 20:55:36 -06:00
Daniel Pouzzner
fecc1cffe7 linuxkm/lkcapi_sha_glue.c: add retry loop around wc_InitRng(), and allow interrupt in preemptible threads, in wc_linuxkm_drbg_init_tfm(). 2025-12-29 20:55:36 -06:00
Daniel Pouzzner
1844b8e3ac linuxkm/Makefile: fix bash cleanup in recipe for libwolfssl.ko -- new trap for an event replaces previous trap rather than adding to it. 2025-12-29 20:55:36 -06:00
David Garske
d39b0e6f82 Fixes from peer review. 2025-12-29 17:30:23 -08:00
David Garske
0d44018627 Merge pull request #9593 from julek-wolfssl/copilot/changes-20251229 
Add AGENTS.md to .gitignore
 2025-12-29 17:22:39 -08:00
Anthony Hu
48ebe99372 Validate asn date based on position of Z (#8603) 2025-12-29 16:01:22 -06:00