Commit Graph

29626 Commits

Author SHA1 Message Date
Sean Parkinson fafc333e93 LMS: add API to get Key ID from raw private key
Always last 16 bytes of private key.
2025-04-02 16:05:11 +10:00
Sean Parkinson 8a9e125756 ML-KEM/Kyber: minor improvements
Minor improvement to SHA-3 x64 code.
Minor improvement to performance of ML-KEM/Kyber x64 code.
Minor improvement to performance of C code.
2025-04-02 13:10:44 +10:00
David Garske dcdaeabc40 Merge pull request #8620 from lealem47/actions_cmake
Set the CMake compiler version for failing gh actions
2025-04-01 18:46:59 -07:00
Lealem Amedie 5083b41d1b Set the CMake compiler version for failin gh actions 2025-04-01 14:11:15 -10:00
Sean Parkinson 83e1cfcf01 LMS: change identifiers to match standard
Use the identifiers from IANA for LMS.
2025-04-01 12:15:20 +10:00
Sean Parkinson c5dadd6f8d Merge pull request #8600 from JacobBarthelmeh/microchip
random implementation does not require PIC32 build macro
2025-04-01 08:36:45 +10:00
Kareem 8e9a986e0b Add comment clarifying that DoD certificate policy OIDs are not currently being parsed in the code, they are just recognized as valid OIDs. 2025-03-31 14:37:19 -07:00
mgrojo e6f09b8372 Ada: fixes for the No_Secondary_Stack restriction
- Align README.md and GPR files with the fact that the server no longer compiles with the No_Secondary_Stack restriction.
- Fix include.am to reference the new name for the adc file.
2025-03-31 23:27:31 +02:00
JacobBarthelmeh 307d746653 Merge pull request #8590 from SparkiDev/arm32_no_assign_reg
ARM32/Thumb2 ASM: fix WOLFSSL_NO_VAR_ASSIGN_REG
2025-03-31 10:04:51 -06:00
JacobBarthelmeh 151a156581 include harmony macro check with strncasecmp and strcasecmp 2025-03-31 09:35:10 -06:00
JacobBarthelmeh d035bfeb99 Merge pull request #8607 from embhorn/nds_doc
Update DevKitPro doc with calico dependency
2025-03-31 09:08:30 -06:00
Eric Blankenhorn b0f65a85ab Update DevKitPro doc with calico dependency 2025-03-28 15:59:02 -05:00
Kareem b803a03ddd Add support for ISRG domain validated certificate policy OID (used by Let's Encrypt). Fixes libspdm test failure. 2025-03-28 12:41:52 -07:00
mgrojo 98eda78857 Ada: fix issues in tls_server.adb detected by gnatprove
Checked with:
```
gnatprove -Pdefault.gpr --level=4 -j12
```
2025-03-28 19:33:42 +01:00
mgrojo bf5009b544 Ada: fix initialization issue in examples
Detected by
```
gnatprove -Pclient.gpr --level=4 -j12
```
2025-03-28 18:38:22 +01:00
mgrojo db4ebfb77e Allow use of the library with an Alire pin
- Allow enabling WOLFSSL_STATIC_PSK via an Alire configuration variable
 - `gnat.adc` applies unconditionally when using the library through Alire, so it has been renamed and used only in the default project file.
 - Clean-up of the Alire project file `wolfssl.gpr`.
2025-03-28 18:16:06 +01:00
Brett Nicholas a8384bb426 Merge pull request #8602 from dgarske/cryptocb_no_hmac
Fix for crypto callback macro guards with `DEBUG_CRYPTOCB`
2025-03-28 10:51:45 -06:00
David Garske 04a3f1c206 Merge pull request #8604 from LinuxJedi/STM32MP2
Add instructions for STM32MP25 with OpenSTLinux
2025-03-28 09:37:13 -07:00
Andrew Hutchings 803a160808 Merge pull request #8601 from dgarske/stm32_pka
Fix for STM32 PKA with P521 and shared secret
2025-03-28 13:49:25 +00:00
Andrew Hutchings 5d0c3f7c27 Add instructions for STM32MP25 with OpenSTLinux 2025-03-28 09:28:49 +00:00
David Garske e1ec90a886 Fix for crypto callback without HMAC and DEBUG_CRYPTOCB. Fix guards on crypto cb hashing. 2025-03-27 16:42:24 -07:00
Sean Parkinson 3969dd5a11 Merge pull request #8596 from dgarske/various_isacii_keylog
Various improvements to iscacii and CMake key log
2025-03-28 08:51:49 +10:00
David Garske d235013fe9 Fix for STM32 PKA with P521 and shared secret. ZD 19422 2025-03-27 15:30:37 -07:00
JacobBarthelmeh 25dc3f08e9 random implementation does not require PIC32 build macro 2025-03-27 15:53:39 -06:00
Kareem f313edb4cf Add a test certificate for all of the FPKI certificate policy OIDs. 2025-03-27 12:20:36 -07:00
Kareem eb3b4751ac Handle collisions in FPKI cert policy OID sums. 2025-03-27 12:20:36 -07:00
Kareem ac2df1420b Checked and corrected all OIDs and OID sums. 2025-03-27 12:20:36 -07:00
Devin AI 53f30b3c47 Add remaining FPKI cert policy OIDs.
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
2025-03-27 12:20:29 -07:00
Kareem 6daaaec6e2 WIP: clean up Devin's work, remove duplicate OIDs, handle OID sum collisions 2025-03-27 12:20:28 -07:00
Devin AI a911f70049 Add other federal PKI OIDs.
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
2025-03-27 12:20:02 -07:00
Devin AI 6910f80e3d Add all DoD PKI cert policy OIDs.
Co-Authored-By: kareem@wolfssl.com <kareem@wolfssl.com>
2025-03-27 12:19:49 -07:00
Sean Parkinson 1c56a2674a Merge pull request #8521 from kaleb-himes/KH-SRTP-PORTING-OEs-phase4-rev3
Checkin XCODE settings for v6.0.0 module
2025-03-27 13:03:23 +10:00
Sean Parkinson 21c0d7803a Greenhills compiler: fix asm and volatile
Greenhills compiler doesn't accept volatile and __asm__ needs to be
__asm.
2025-03-27 10:54:19 +10:00
Sean Parkinson ea677dd30d ARM32 inline ASM: make all vars input when not assigning regs
Compiler doesn't keep parameters in the same registers as passed if they
are output registers.
2025-03-27 10:51:01 +10:00
David Garske a59075b908 Various improvements to iscacii and CMake key log:
* Detect 'isascii' at configuration (tested with `./configure CFLAGS="-DNO_STDLIB_ISASCII" && make check`).
* Add mew CMake option `WOLFSSL_KEYLOG_EXPORT` (fixes #8165)
Replaces PR #8174 and #8158. Thank you @redbaron.
2025-03-26 15:24:15 -07:00
Daniel Pouzzner 8b8873fb2c Merge pull request #8553 from kareem-wolfssl/zd19458
Check for whether librt is needed for clock_gettime.
2025-03-26 12:44:24 -05:00
Daniel Pouzzner ddf7d5b6f1 Merge pull request #8584 from dgarske/stm32_aesgcm
Fixes for STM32H7S AES GCM. Cleanups for STM32 AES GCM.
2025-03-26 10:57:18 -05:00
Sean Parkinson cfab666369 ARM32/Thumb2 ASM: fix WOLFSSL_NO_VAR_ASSIGN_REG
Thumb2 needed constants defined even with no register assignments.
ARM32 needed support added fo rnot having registers assigned to
variables.
2025-03-26 12:46:32 +10:00
Daniel Pouzzner 61cdcd71e6 Merge pull request #8588 from SparkiDev/mlkem_encapsulte_no_return
ML-KEM/Kyber: mlkem_encapsulate not to return a value
2025-03-25 00:14:41 -05:00
Sean Parkinson 50304cfb1c Intel x86_64, gcc, icc: align loops to 64 byte boundary
Improved security with compile flag.
2025-03-25 09:40:01 +10:00
Sean Parkinson cfc774c152 Merge pull request #8581 from dgarske/no_ecc_check_public_order
Add option to disable ECC public key order checking
2025-03-25 09:13:56 +10:00
Sean Parkinson 66662bc399 ML-KEM/Kyber: mlkem_encapsulate not to return a value
Don't return a value from mlkem_encapsulate() to ensure code is just the
maths.
2025-03-25 08:11:03 +10:00
David Garske 8635014249 Fix to enable SHA384/SHA512 crypto hardware on STM32H7S. 2025-03-24 14:30:35 -07:00
David Garske a709b16ed2 Adding option for NO_ECC_CHECK_PUBKEY_ORDER. ZD 19422 2025-03-24 14:00:23 -07:00
David Garske 0cc0bb0afe Merge pull request #8586 from douzzer/20250321-siphash-armasm
20250321-siphash-armasm
2025-03-23 14:00:17 -07:00
Daniel Pouzzner 0cea9c09f7 src/internal.c: fix -Wdeclaration-after-statement in ProcessCSR_ex(). 2025-03-22 23:51:59 -05:00
Daniel Pouzzner 29a0992ed5 wolfssl/wolfcrypt/settings.h: for WOLFCRYPT_FIPS_RAND, don't define USE_FAST_MATH, and make sure NO_BIG_INT is defined. 2025-03-22 22:21:23 -05:00
Daniel Pouzzner 3cad38a1ca wolfcrypt/test/test.c: gate wc_CmacFree()s in cmac_test() on !HAVE_FIPS || FIPS_VERSION3_GE(6,0,0); fix some return codes in hash_test(). 2025-03-22 17:19:37 -05:00
Daniel Pouzzner 60ffde6d7c wolfcrypt/test/test.c: fix error-path various uninitialized data uses and memory leaks. 2025-03-22 13:40:31 -05:00
Daniel Pouzzner 190f46ef23 wolfcrypt/test/test.c: fix -Wdeclaration-after-statement in sm3_test(). 2025-03-22 01:22:19 -05:00