Ruby Martin
439012dd57
adjust xfopen commands
2025-02-26 09:05:53 -07:00
Ruby Martin
6fed2fe447
include cygwin and msys2 ostypes to oscp-stapling tests
2025-02-26 09:05:53 -07:00
Ruby Martin
57646a88ff
check if clientfd != SOCKET_INVALID not 0, add check if USE_WINDOWS_API
...
not defined
2025-02-26 09:03:55 -07:00
Ruby Martin
d37e566d5d
msys2 build file
2025-02-26 08:10:59 -07:00
kaleb-himes
9063093993
Disable XTS-384 as an allowed use in FIPS mode
2025-02-26 07:38:45 -07:00
Tobias Frauenschläger
75d63071df
Fix memory leak in handshake
...
Make sure peer dilithium keys are properly freed.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:34:00 +01:00
Tobias Frauenschläger
491e70be7a
PSK fix
...
Fix compilation in case PSK is enabled, not Session tickets are
disabled.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
3d4ec1464b
Minor Dilithium fix
...
Fix compilation in case caching is enabled.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
af4017132d
LMS fixes
...
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
key is imported into a reloaded private key.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
9db5499dbd
Update CryptoCb API for Dilithium final standard
...
Add context and preHash metadata.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
be6888c589
Fixes for Dilithium in TLS handshake
...
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Jiri Malak
b5ba7a6fcc
correct Open Watcom linker extra libraries
2025-02-26 11:03:36 +01:00
Jiri Malak
47d130440d
remove now useless __WATCOMC__ macro check
2025-02-26 10:26:28 +01:00
Jiri Malak
17a0081261
correct line length to be shorter then 80 characters
2025-02-26 08:02:43 +01:00
Sean Parkinson
9e9efeda28
ARM ASM: available for SHA-384 only too
...
Add HAVE_SHA384 to check for whether assembly code is available.
2025-02-26 16:10:21 +10:00
Sean Parkinson
4752bd2125
Constant time code: improved implementations
...
Change constant time code to be faster.
2025-02-26 11:52:09 +10:00
Jiri Malak
a83cf8584d
add new macro __UNIX__ to the list of known macros
2025-02-26 01:22:25 +01:00
Marco Oliverio
07c7b21b10
tests: api: fix test for d2i_CERT_ID refactor
2025-02-25 22:22:43 +00:00
Marco Oliverio
5eef98a5ea
ocsp: add OCSP CERT ID encode/decode test
2025-02-25 22:22:43 +00:00
Marco Oliverio
5f05209c77
ocsp: fix wolfSSL_d2i_OCSP_CERTID
2025-02-25 22:22:43 +00:00
Jiri Malak
ddfbbc68ac
various fixes for Open Watcom build
...
- fix build for OS/2
- fix build for Open Watcom 1.9
2025-02-25 22:52:36 +01:00
David Garske
3557cc764a
Merge pull request #8501 from SparkiDev/digest_test_rework
...
Digest testing: improve
2025-02-25 13:03:48 -08:00
Marco Oliverio
dfc5e61508
asn: ocsp: refactor out CERT ID decoding
...
It will be reused in d2i_CERT_ID
2025-02-25 20:20:34 +00:00
David Garske
f2c5b4e56a
Merge pull request #8500 from SparkiDev/evp_aes_gcm_test_fix
...
test_wolfssl_EVP_aes_gcm: fix for mem fail testing
2025-02-25 09:56:55 -08:00
David Garske
bac6771828
Merge pull request #8499 from SparkiDev/crl_list_fix
...
CRL: fix memory allocation failure leaks
2025-02-25 09:54:55 -08:00
David Garske
4eda5e1f7f
Merge pull request #8491 from jmalak/winsock-guard
...
correct comment for _WINSOCKAPI_ macro manipulation
2025-02-25 09:51:23 -08:00
Daniel Pouzzner
0589a34f91
Merge pull request #8135 from gasbytes/fix-conversion
...
Fix conversion on various files
2025-02-25 10:01:31 -06:00
Marco Oliverio
3bd4b35657
ocsp: support CERT_ID encoding in i2d_OCSP_CERTID
2025-02-25 15:45:11 +00:00
Marco Oliverio
4016120f37
ocsp: populate digest type in cert_to_id
...
- Added validation for digest type in `wolfSSL_OCSP_cert_to_id` function.
- Defined `OCSP_DIGEST` based on available hash types.
- Set `hashAlgoOID` in `certId` based on `OCSP_DIGEST`.
- Updated `asn.h` to define `OCSP_DIGEST` and `OCSP_DIGEST_SIZE` based on
available hash types.
2025-02-25 15:42:44 +00:00
Marco Oliverio
740fb6bafc
test: gate ocsp test when SHA-1 is disabled
...
tests blobs contains sha-1 hashes in certificate status
2025-02-25 15:42:35 +00:00
Marco Oliverio
78ca784826
test: ocsp: fix output file name in script
2025-02-25 15:42:30 +00:00
Marco Oliverio
c24b7d1041
ocsp: use SHA-256 for responder name if no-sha
2025-02-25 15:42:27 +00:00
Marco Oliverio
8b80cb10d6
ocsp: responderID.ByKey is SHA-1 Digest len
...
Check that responderID.ByKey is exactly WC_SHA_DIGEST_SIZE as per RFC
6960. KEYID_SIZE can change across build configuration.
2025-02-25 15:42:22 +00:00
Reda Chouk
9178c53f79
Fix: Address and clean up code conversion in various files.
2025-02-25 11:17:58 +01:00
Sean Parkinson
6016cc0c97
Digest testing: improve
...
Make testing digests consistent.
Add KATs for all digests.
Check unaligned input and output works.
Perform chunking tests for all digests.
Fix Blake2b and Blake2s to checkout parameters in update and final
functions.
Fix Shake256 and Shake128 to checkout parameters in absorb and squeeze
blocks functions.
Add default digest size enums for Blake2b and Blake2s.
2025-02-25 19:07:20 +10:00
Sean Parkinson
6f268c4369
CRL: fix memory allocation failure leaks
...
On memory allocation failure, some functions were leaking memory.
Also add reference counting to CRL object so that a deep copy of a list
of CRLs doesn't leak memory.
The test was explicitly freeing each CRL in the list.
2025-02-25 09:05:03 +10:00
Sean Parkinson
ac1f25d6f4
test_wolfssl_EVP_aes_gcm: fix for mem fail testing
...
Fix test to not leak when memory allocation failure testing.
When not supporting AES-GCM streaming, allocation failures occur.
Always call cleanup.
2025-02-25 08:15:43 +10:00
Daniel Pouzzner
a85641574d
Merge pull request #8493 from Laboratory-for-Safe-and-Secure-Systems/pqc_clang_tidy
...
PQC Clang-tidy fixes
2025-02-24 15:37:05 -06:00
JacobBarthelmeh
146d17d134
Merge pull request #8496 from embhorn/mosquitto_cert_update
...
Add cert update to workflow
2025-02-24 11:14:33 -07:00
Eric Blankenhorn
0256b426f0
Add cert update to workflow
2025-02-24 11:26:19 -06:00
Sean Parkinson
a756010a4d
Merge pull request #8492 from douzzer/20250221-fix-Kbuild-EXPORT_SYMBOL_NS_GPL
...
20250221-fix-Kbuild-EXPORT_SYMBOL_NS_GPL
2025-02-24 22:37:29 +10:00
Tobias Frauenschläger
fd8f6e168b
PQC Clang-tidy fixes
...
Fixes two clang-tidy warnings in error cases.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-24 09:28:23 +01:00
Daniel Pouzzner
c9cf4137e7
linuxkm/Kbuild and linuxkm/module_exports.c.template: refactor using .ONESHELL, and in recipe for generating linuxkm/module_exports.c, render the namespace with a literal, with or without quotes as dictated by target kernel version. remove EXPORT_SYMBOL_NS_Q(), which didn't work right on old (pre-6.13) kernels with namespace support.
...
wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM section, define NO_OLD_WC_NAMES, OPENSSL_COEXIST, etc., to avoid collisions with in-tree crypto in application sources that include both wolfssl and linux kernel native headers.
2025-02-23 15:35:33 -06:00
Daniel Pouzzner
011ade4966
.wolfssl_known_macro_extras: fix unneeded and out-of-order entries (LC_ALL=C order).
2025-02-23 15:35:33 -06:00
Daniel Pouzzner
0116ab6ca2
Merge pull request #8484 from jmalak/offsetof
...
Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
2025-02-23 14:45:43 -06:00
Jiri Malak
d066e6b9a5
correct comment for _WINSOCKAPI_ macro manipulation
...
The issue is with MINGW winsock2.h header file which is not compatible
with Miscrosoft version and handle _WINSOCKAPI_ macro differently
2025-02-23 11:15:38 +01:00
Jiri Malak
1d1ab2d9ff
Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
...
There are the following reasons for this
- it conflicts with the OFFSETOF macro in the OS/2 header (Open Watcom)
- it is compiler-specific and should use the C standard offsetof definition in the header file stddef.h
- it is more transparent unique name
2025-02-22 09:44:54 +01:00
David Garske
29c3ffb5ee
Merge pull request #8435 from JacobBarthelmeh/formatting
...
add else case to match with other statements
2025-02-21 17:21:10 -08:00
David Garske
865f96aafd
Merge pull request #7821 from Laboratory-for-Safe-and-Secure-Systems/pqc_hybrid_kex
...
Add more PQC hybrid key exchange algorithms
2025-02-21 11:28:55 -08:00
JacobBarthelmeh
5fc7d9f5f2
Merge pull request #8483 from gojimmypi/pr-fips-readme
...
Update README.md to reflect FIPS 140-3 validated Certificate #4718
2025-02-21 11:00:31 -07:00