Commit Graph

29626 Commits

Author SHA1 Message Date
Sean Parkinson c9c28335ae EdDSA Ed448: sc_muladd now does full reduction
sc_muladd was reducing to word boundary and not to order.
Now reduces to order as last step.
2024-12-12 08:33:35 +10:00
Daniel Pouzzner d825b08e16 Merge pull request #8275 from SparkiDev/aarch64_poly1305_fix
Aarch64 Poly1305: fix corner case
2024-12-11 16:24:36 -06:00
Daniel Pouzzner 88241f1a2c Merge pull request #8267 from ColtonWilley/pkcs11_cert_support
PKCS11 cert support
2024-12-11 16:04:58 -06:00
Daniel Pouzzner ee4366acc5 Merge pull request #8162 from redbaron/find-threads
CMAKE: look for pthreads when importing wolfSSL if required
2024-12-11 14:36:04 -06:00
Colton Willey 2039d6371f Remove redundant NULL check 2024-12-11 12:25:35 -08:00
Daniel Pouzzner 2ea2e6bf59 Merge pull request #8233 from ColtonWilley/x509_store_add_cert_ref_count
Use proper ref count handling when adding to x509 store
2024-12-11 11:54:29 -06:00
JacobBarthelmeh 2749884fdc defining custom config avoids warning of library builds pulling in options.h 2024-12-11 09:50:52 -07:00
JacobBarthelmeh 45992164d6 make new sanity check be a warning 2024-12-11 09:46:39 -07:00
Sean Parkinson c0f3b433b2 Aarch64 Poly1305: fix corner case
Don't mask top 26 bits as it may have next bit set as reduction step was
only approximate.
2024-12-11 12:49:21 +10:00
Anthony Hu 762c36687f Add a test. 2024-12-10 21:21:41 -05:00
Sean Parkinson 7ef328548d Merge pull request #8274 from douzzer/20241210-update-wolfssl_known_macro_extras
20241210-update-wolfssl_known_macro_extras
2024-12-11 10:45:11 +10:00
JacobBarthelmeh 59ea24f915 Merge pull request #8225 from gojimmypi/pr-espressif-improve-sha-msg
Improve Espressif SHA HW/SW mutex messages
2024-12-10 17:30:03 -07:00
Daniel Pouzzner 6a05ba7cce .wolfssl_known_macro_extras: regenerate 2024-12-10 17:20:24 -06:00
JacobBarthelmeh 1208a7499b Merge pull request #8272 from douzzer/20241210-fixes
20241210-fixes
2024-12-10 13:35:09 -07:00
Daniel Pouzzner d257a59087 add support for WOLFSSL_NO_OPTIONS_H:
* activate WOLFSSL_NO_OPTIONS_H in linuxkm/Kbuild for in-module test.o and benchmark.o.
* refine explanatory comments in settings.h re WOLFSSL_USE_OPTIONS_H, WOLFSSL_NO_OPTIONS_H, and WOLFSSL_CUSTOM_CONFIG.
* add safety catch to options.h/options.h.in to inhibit inclusion if defined(WOLFSSL_NO_OPTIONS_H).
* for good measure, add explicit check for WOLFSSL_NO_OPTIONS_H to wolfcrypt/benchmark/benchmark.c and wolfcrypt/test/test.c.
2024-12-10 13:02:37 -06:00
Colton Willey 00386c76bf No redundant NULL check on free 2024-12-10 09:43:03 -08:00
JacobBarthelmeh e443366748 Merge pull request #8270 from julek-wolfssl/actions-ubuntu-22.04
Revert to ubuntu-22.04
2024-12-10 09:14:00 -07:00
Juliusz Sosinowicz 1d2acd9de6 Revert to ubuntu-22.04 2024-12-10 16:27:41 +01:00
JacobBarthelmeh 0772cf692d Merge pull request #8262 from embhorn/zd18968
Add sanity check for configuration method
2024-12-09 21:22:54 -07:00
Colton Willey 0c20a20acc Use char instead of sword8, sanity length check on CKA_VALUE 2024-12-09 16:09:04 -08:00
Daniel Pouzzner ba59f1af19 wolfssl/wolfcrypt/settings.h: use #warning, not #error, for "No configuration for wolfSSL detected, check header order", to avoid unnecessary breakage of old projects with nonstandard custom settings. 2024-12-09 17:04:38 -06:00
gojimmypi 7bc026540b Improve Espressif SHA HW/SW mutex messages 2024-12-09 14:51:18 -08:00
Colton Willey 0cda59e00e Add support for cert format in get cert crypto callback 2024-12-09 14:32:02 -08:00
David Garske c4e319b092 Cleanup the gating for WOLFSSL_NO_AES_CFB_1_8. 2024-12-09 13:51:51 -08:00
Andras Fekete ff66998575 Fix memory leak 2024-12-09 16:24:38 -05:00
Colton Willey c83c9e68c9 Updates per review comments 2024-12-09 13:10:32 -08:00
Daniel Pouzzner e248d8499a move !defined(EXTERNAL_OPTS_OPENVPN) assert from src/internal.c to wolfssl/wolfcrypt/types.h with refinements; refine logic+message of assert in wolfssl/wolfcrypt/settings.h re "wolfssl/options.h included in compiled wolfssl library object..". 2024-12-09 15:02:41 -06:00
Colton Willey 324b87614e Initial implementation for using PKCS11 to retrieve certificate for SSL CTX 2024-12-09 12:15:41 -08:00
Eric Blankenhorn fcce09a4d3 Fix from review 2024-12-09 12:59:37 -06:00
Eric Blankenhorn c77bea6691 Disable hitch OSP test 2024-12-09 12:45:54 -06:00
Eric Blankenhorn 3d0cc250b9 Add sanity check for configuration method 2024-12-09 12:03:25 -06:00
JacobBarthelmeh 67fb29a6f6 Merge pull request #8255 from julek-wolfssl/nss-interop
Add nss interop
2024-12-09 09:52:07 -07:00
David Garske 314f7575fa Fixes for macro names. 2024-12-09 08:30:47 -08:00
Juliusz Sosinowicz aa662ad50a fix redirect order 2024-12-09 13:38:07 +01:00
Juliusz Sosinowicz a3be826895 use unique key 2024-12-09 13:38:07 +01:00
Juliusz Sosinowicz 3275ebf54b add shebang 2024-12-09 13:37:20 +01:00
Juliusz Sosinowicz 0961be7711 Add CID interop with mbedtls 2024-12-09 13:37:18 +01:00
Juliusz Sosinowicz ba4d1e6815 Add nss interop 2024-12-09 12:42:32 +01:00
Juliusz Sosinowicz 0e8320347c CID also supported in DTLS 1.2 2024-12-09 12:09:54 +01:00
David Garske 017f931f8b Various cleanups and fixes:
* Fix to properly set configure.ac LMS/XMSS enables and build of those code files.
* Remove duplicate aes.c `wc_AesSetKeyLocal` call to `wc_AesSetIV`. Moved earlier in function in commit a10260ca5f.
* Benchmark missing time.h with NO_ASN_TIME.
* Added option to support disabling AES CFB 1/8 `WOLFSSL_NO_AES_CFB_1_8`.
* Fixes for building with combinations of `WOLFSSL_RSA_VERIFY_ONLY` and `WOLFSSL_RSA_PUBLIC_ONLY`.
* Fix for building `--enable-stacksize=verbose` with single threaded.
* Various tab and formatting cleanups.
ZD 18996
2024-12-06 16:45:33 -08:00
JacobBarthelmeh f764dbeee1 Merge pull request #8254 from douzzer/20241204-WOLF_AGG_DUMMY_MEMBER
20241204-WOLF_AGG_DUMMY_MEMBER
2024-12-06 14:07:32 -07:00
Daniel Pouzzner 0ad072a34b src/internal.c: in HashSkeData(), remove unneeded logically faulty nullness check around XFREE(ssl->buffers.digest.buffer, ...). 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 0381a47d7e peer review: refactor HAVE_ANONYMOUS_INLINE_AGGREGATES and HAVE_EMPTY_AGGREGATES to conform to wolfssl convention -- defined() for true, !defined() for false -- while retaining ability for user override-off by passing in explicit 0 definition. 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 447d5ea6ee fips-check.sh: add support for WOLFSSL_REPO and noautogen option; tweak git fetching to keep wolfssl and fips tags distinct, and fetch all needed tags by name to assure availability for checkout. also, hide stdout noise from pushd/popd. 2024-12-06 13:01:40 -06:00
Daniel Pouzzner aec0345f90 update fips-check.sh for cert #4718: remap linuxv5 as an alias for linuxv5.2.1, and add linuxv5-RC12. 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 27e0df040f src/ssl_crypto.c: revert FIPS gate threshold in wolfSSL_AES_decrypt() changed in d85c108952 -- original value was correct, misdiagnosed by faulty test. 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 3dcc12b30a wolfssl/wolfcrypt/types.h and wolfssl/wolfcrypt/hash.h: define WOLF_AGG_DUMMY_MEMBER, pivoting on HAVE_EMPTY_AGGREGATES, and use WOLF_AGG_DUMMY_MEMBER in wc_Hashes. 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 37acac2eb3 configure.ac: fix SC1105 ("Shells disambiguate (( differently or not at all."). 2024-12-06 13:01:40 -06:00
Daniel Pouzzner 66c874bded configure.ac: add --enable-fips=cert4718 alias for v5, and make --enable-fips=v5 set FIPS to 5.2.1; set DEF_FAST_MATH and DEF_SP_MATH to "no" when "yes" would conflict with user-supplied arguments. 2024-12-06 13:01:40 -06:00
JacobBarthelmeh 86b24ef6fa Merge pull request #8261 from julek-wolfssl/libspdm-action
Add libspdm action
2024-12-06 11:44:14 -07:00