Commit Graph

29626 Commits

Author SHA1 Message Date
JacobBarthelmeh 4124c824ca refactor decrypt content init call 2025-03-04 09:29:36 -07:00
Sean Parkinson caf801f211 SP int: inline asm improvements and mont reduce simplifications
SP int inline asm:
- allow input variables to be either registers or memory for Intel
x86/x64 (minor performance improvement)
  - don't have memory in clobber list if output variables are registers
- remove empty clobber line in arm32/thumb2 code for old versions of
gcc
_sp_mont_red():
  - simplify the code by not using extra variables
  - don't add to j in for loop check.
2025-03-04 16:16:26 +10:00
David Garske 9b16ed5da4 Merge pull request #8518 from lealem47/evp_update_null_cipher
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
2025-03-03 14:03:57 -08:00
David Garske 2b099daee0 Merge pull request #8511 from SparkiDev/intel_sha_not_avx1
SHA256: Intel flags has SHA but not AVX1 or AVX2
2025-03-03 13:59:10 -08:00
Ruby Martin b64f509d1b define NO_WRITE_TEMP_FILES 2025-03-03 10:14:06 -07:00
Reda Chouk 3e5e81c45f Enable TLS 1.3 middlebox compatibility by default with --enable-jni
Adding -DWOLFSSL_TLS13_MIDDLEBOX_COMPAT flag to the default
compilation flags when --enable-jni is used.

Related PRs in other repositories:
- wolfSSL/wolfssljni#255
- wolfSSL/testing#845
2025-03-03 14:12:20 +01:00
JacobBarthelmeh fcf88f16e6 spelling fixes and free decrypt structs on error case 2025-03-01 15:43:59 -07:00
David Garske 72d08a1a79 Merge pull request #8522 from douzzer/20250228-fixes
20250228-fixes
2025-02-28 18:17:31 -08:00
Daniel Pouzzner 058014b3eb src/ssl.c: add missing !NO_WOLFSSL_SERVER gate around wolfSSL_get_servername(). 2025-02-28 19:07:03 -06:00
Daniel Pouzzner d6b5c8e8ee src/ssl_asn1.c: fix misspelling cause by overbroad search+replace. 2025-02-28 18:25:41 -06:00
Daniel Pouzzner de6ac319cc .wolfssl_known_macro_extras: remove unneeded entries. 2025-02-28 18:01:49 -06:00
Lealem Amedie 59a987aa00 Remove trailing whitespace 2025-02-28 16:06:24 -07:00
JacobBarthelmeh b781ac6c29 asn to der macro gaurds and co-exist build fix 2025-02-28 15:42:24 -07:00
Daniel Pouzzner 9c3816089c tests/api.c: disable test_wolfSSL_OCSP_parse_url() if WOLFSSL_SM2 || WOLFSSL_SM3. 2025-02-28 15:58:54 -06:00
JacobBarthelmeh 6020bf2368 initialize test variables and fix async build 2025-02-28 14:46:42 -07:00
JacobBarthelmeh ea9f044bcc spelling fixes and return value fix 2025-02-28 14:34:51 -07:00
Daniel Pouzzner 50a3be6df7 wolfcrypt/src/sp_int.c. src/ssl_asn1.c. src/internal.c: rename several declarations to avoid shadowing global functions, for the convenience of obsolete (pre-4v8) gcc -Wshadow. 2025-02-28 15:29:58 -06:00
Daniel Pouzzner f7b911f5cd src/ssl.c, src/internal.c: fix leak in wolfSSL_get_ciphers_compat(): fix gating (OPENSSL_EXTRA, not OPENSSL_ALL) in FreeSuites() re .suitesStack and .clSuitesStack, and similarly fix gating on the implementation of wolfSSL_sk_SSL_CIPHER_free(() and related.
src/ssl_sess: suppress false positive clang-analyzer-unix.Malloc "Argument to 'free()' is the address of a global variable".
2025-02-28 15:23:43 -06:00
JacobBarthelmeh ea387323c3 remove white space and add macro guard around test case 2025-02-28 14:23:25 -07:00
JacobBarthelmeh 638d9961d2 passing the rest of the PKCS7 unit tests 2025-02-28 14:23:24 -07:00
JacobBarthelmeh 7c6cd1deea passing a unit test 2025-02-28 14:23:24 -07:00
JacobBarthelmeh 1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
JacobBarthelmeh b1b1c15b35 add content stream output callback for VerifySignedData function 2025-02-28 14:23:24 -07:00
Lealem Amedie 08a314e57e Add test src file to CMake build 2025-02-28 11:54:19 -07:00
Lealem Amedie 22221e5007 Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate 2025-02-28 11:44:30 -07:00
Daniel Pouzzner 7698546531 Merge pull request #8515 from SparkiDev/test_sha512_be
Tests api.c: sha512 big endian
2025-02-28 00:51:54 -06:00
Sean Parkinson 14651edae0 Tests api.c: sha512 big endian
Don't need to reverse bytes for SHA-512 Transform API.
2025-02-28 14:58:43 +10:00
Sean Parkinson 4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes
OCSP openssl compat fixes
2025-02-28 13:42:50 +10:00
Daniel Pouzzner d63a180f95 Merge pull request #8513 from SparkiDev/api_c_split_ciphers
Test api.c: split out MACs and ciphers
2025-02-27 14:00:36 -06:00
Marco Oliverio 194db7e844 tests: gate ocsp test on SM2 || SM3
we don't properly support SM2 and SM3 hash algo id properly yet
2025-02-27 19:38:46 +00:00
Marco Oliverio 83f5644549 ocsp: Fix OcspEncodeCertID SetAlgoID return check 2025-02-27 19:38:44 +00:00
Marco Oliverio 814f0f8a09 Refactor CERT_ID encoding as per review comments 2025-02-27 12:50:37 +00:00
Sean Parkinson 48300352c6 Test api.c: split out MACs and ciphers 2025-02-27 15:52:39 +10:00
Sean Parkinson 7d0ef5bd42 Merge pull request #8512 from douzzer/20250226-fixes
20250226-fixes
2025-02-27 14:48:05 +10:00
Daniel Pouzzner f7ddc49487 linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug).
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().

tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).

move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.

add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().

optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
2025-02-26 20:55:56 -06:00
Sean Parkinson 0a6a8516f9 Merge pull request #8488 from dgarske/stm32h7s
Support for STM32H7S (tested on NUCLEO-H7S3L8)
2025-02-27 10:34:41 +10:00
Sean Parkinson a0d6afbb04 Merge pull request #8505 from jmalak/ow-fixes
various fixes for Open Watcom build
2025-02-27 10:31:19 +10:00
Daniel Pouzzner 183d9b44d1 Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN
Disable XTS-384 as an allowed use in FIPS mode
2025-02-26 18:24:12 -06:00
Sean Parkinson c290907228 Merge pull request #8510 from wolfSSL/devin-lifeguard/update-rules-d59f9c48
Update Devin Lifeguard rules
2025-02-27 09:40:48 +10:00
Sean Parkinson 99f25c6399 Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various
Various fixes and improvements
2025-02-27 09:40:06 +10:00
Sean Parkinson b104887042 SHA256: Intel flags has SHA but not AVX1 or AVX2
Reversal of bytes when IS_INTEL_SHA only is same as when AVX1 or AVX2.
2025-02-27 09:25:13 +10:00
David Garske 92ed003a58 Merge pull request #8502 from SparkiDev/pkcs_pad
PKCS Pad: public API to do PKCS padding
2025-02-26 15:17:50 -08:00
David Garske 512f928650 Fix cast warnings with g++. 2025-02-26 14:45:23 -08:00
Sean Parkinson f204ac8363 PKCS Pad: public API to do PKCS padding
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
2025-02-27 08:28:53 +10:00
devin-ai-integration[bot] 615d7229b0 Update Devin Lifeguard rules 2025-02-26 22:19:57 +00:00
David Garske 307b71c0f4 Merge pull request #8508 from SparkiDev/arm_asm_sha512_384
ARM ASM: available for SHA-384 only too
2025-02-26 14:11:27 -08:00
David Garske 557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"). 2025-02-26 14:00:48 -08:00
kaleb-himes 738462a6f0 Remove redundent gates 2025-02-26 12:03:25 -07:00
kaleb-himes b8a383469a Disable 192-bit tests in FIPS mode 2025-02-26 11:09:31 -07:00
Ruby Martin 0c413e75c6 add environment matrix to msys workflow 2025-02-26 09:07:16 -07:00