wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 11:02:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,274 Commits 12 Branches 184 Tags
a7cb64fcc0270ee53ff656e64f7be93b747da439
Commit Graph

9954 Commits

Author SHA1 Message Date
David Garske
b3aa39ddad Merge pull request #9138 from JacobBarthelmeh/sgx 
update for SGX CPU ID to follow atomics refactor
 2025-09-09 12:18:51 -07:00
Kareem
8e7bcfc5c2 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20378 2025-09-04 10:16:53 -07:00
Daniel Pouzzner
ee2e63444d wolfcrypt/src/sha512.c: don't remap ByteReverseWords64(), remove ByteReverseWords64_1() inline asm macro, and refactor Sha512FinalRaw() and wc_Sha384FinalRaw() to write directly to the output buffer when possible. 2025-09-03 22:16:15 -05:00
Kareem
37fc63ca39 Allow the keyCertSign bit to be asserted specifically for self-signed CAs. 2025-09-03 11:43:15 -07:00
Ruby Martin
4d5e1d0dfe move pathLegthSet assignment 2025-09-02 10:09:11 -06:00
Daniel Pouzzner
8ed1ce6a8b wolfcrypt/src/wc_mlkem_asm.S: in _mlkem_decompress_5_avx2, use movzwq, not movzxw, for portability. 2025-08-29 14:42:48 -05:00
effbiae
44c403f4c7 replace (f)printf with WOLFSSL_DEBUG_PRINTF 2025-08-29 12:34:22 +10:00
Sean Parkinson
0224ef3d2e Merge pull request #9146 from rlm2002/gh9128_MEM_ZERO 
ForceZero change for WOLFSSL_CHECK_MEM_ZERO
 2025-08-28 22:37:55 +10:00
JacobBarthelmeh
ccf8eebc5f update for cpuid atomic refactor 2025-08-27 16:44:46 -06:00
Ruby Martin
11942e774c do not abort MEM_ZERO check if TEST_ALWAYS_RUN_TO_END is defined 2025-08-27 15:04:49 -06:00
Ruby Martin
1ad8b2897a Force zero with bufferSize instead of length. add void prototype to definitions 2025-08-27 14:56:51 -06:00
David Garske
dac80aad58 Merge pull request #9142 from SparkiDev/mlkem_dec5_oor_fix 
ML-KEM/Kyber: fix out of bouds read
 2025-08-27 07:05:29 -07:00
Sean Parkinson
4ff6f5f10c ML-KEM/Kyber: fix out of bouds read 
Decompose 5-bit values: Don't read 15 bytes when only have 10 bytes
available.
 2025-08-27 14:49:24 +10:00
gojimmypi
797c1d00ac Fix workflow for latest ESP-IDF for espressif examples 2025-08-26 14:38:23 -07:00
David Garske
6ae0ecc5f3 Merge pull request #9133 from AlexLanzano/log-fix 
Fix value comparison typo in if statement
 2025-08-25 14:09:20 -07:00
JacobBarthelmeh
e0913c47ef Merge pull request #9039 from tamasan238/for-pr-1 
Add _new/_delete API for ML-KEM/ML-DSA
 2025-08-25 14:47:07 -06:00
Alex Lanzano
8207053636 Fix value comparison typo in if statement 2025-08-25 13:56:35 -04:00
Daniel Pouzzner
e0383b496a linuxkm/module_hooks.c: implement wc_linuxkm_GenerateSeed_IntelRD, gated on WC_LINUXKM_RDSEED_IN_GLUE_LAYER; 
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();

linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;

wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;

wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
 2025-08-22 21:58:00 -05:00
David Garske
7ab4c6fa14 Merge pull request #9087 from JacobBarthelmeh/dhuk 
initial SAES and DHUK support
 2025-08-21 14:32:20 -07:00
David Garske
da8ffd5762 Merge pull request #8463 from JacobBarthelmeh/sgx 
updating the build with SGX
 2025-08-21 11:06:35 -07:00
JacobBarthelmeh
42c5324962 SAES does not have GCM support, added IV option for CBC wrapping of key 2025-08-21 09:26:40 -06:00
JacobBarthelmeh
658c3d69fb use memset, fix unlock, adjust return value checks 2025-08-20 13:53:27 -06:00
Josh Holtrop
d2f139c9b0 Error from GetShortInt with negative INTEGER values - Add WORD8 case 2025-08-20 09:34:19 -04:00
JacobBarthelmeh
23498c293e cpuid dummy call with sgx and fix assembly SP + SGX build 2025-08-19 14:32:33 -06:00
JacobBarthelmeh
59ac260ae8 add option for building sgx with assembly optimizations 2025-08-19 14:32:33 -06:00
Josh Holtrop
98b6b92a76 Error from GetShortInt with negative INTEGER values 2025-08-19 12:40:48 -04:00
JacobBarthelmeh
fb6375551b updating unwrap/wrap with use of DHUK 2025-08-18 13:38:26 -06:00
Sean Parkinson
43f94a5d7d Merge pull request #9107 from douzzer/20250816-cpuid_get_flags_ex-optimize 
20250816-cpuid_get_flags_ex-optimize
 2025-08-18 22:13:44 +10:00
Sean Parkinson
0ba16a9c5b Merge pull request #9104 from kojiws/export_long_key_orig_asn 
Improve original implementation on SetAsymKeyDer() and the test
 2025-08-18 22:11:25 +10:00
Daniel Pouzzner
39c6c5af6f wolfcrypt/src/cpuid.c, wolfssl/wolfcrypt/cpuid.h: change cpuid_flags_t to a 
regular word32, and use non-atomics for general flag checking, with a new
  implementation of cpuid_get_flags_ex() that is threadsafe by idempotency;

rename strictly-threadsafe cpuid_get_flags_ex() as cpuid_get_flags_atomic()
  (strictly accurate return value), and add cpuid_flags_atomic_t and
  WC_CPUID_ATOMIC_INITIALIZER, used only for internal manipulation of flags in
  cpuid.c where atomicity matters.
 2025-08-16 13:04:28 -05:00
Daniel Pouzzner
10a05ad839 wolfcrypt/src/dilithium.c: fix dilithium_expand_s() to fall through to dilithium_expand_s_c() for s1Len not implemented for USE_INTEL_SPEEDUP. 2025-08-15 09:48:55 -05:00
Juliusz Sosinowicz
ffe3d80f8d Merge pull request #9097 from douzzer/20250812-atomic-cmpxchg 
20250812-atomic-cmpxchg
 2025-08-15 01:14:45 +02:00
Sean Parkinson
228ede7495 Merge pull request #9102 from rlm2002/zd20212 
Remove dead code and check return values.
 2025-08-15 08:21:38 +10:00
Koji Takeda
0a9356e645 Improve original implementation on SetAsymKeyDer() and the test 2025-08-15 00:04:01 +09:00
Daniel Pouzzner
cefeb4cd7e atomics/cpuid_flags fixes from peer review: 
wolfcrypt/src/cpuid.c: cpuid_set_flag() and cpuid_clear_flag() thread safety;

wolfcrypt/src/wc_port.c: comments re __ATOMIC_SEQ_CST and __ATOMIC_ACQUIRE;

wolfssl/wolfcrypt/wc_port.h: single overrideable definitions for WOLFSSL_ATOMIC_COERCE_[U]INT(), and comment cleanup.

also added WOLFSSL_USER_DEFINED_ATOMICS.
 2025-08-14 09:33:14 -05:00
Daniel Pouzzner
bd4e723f9d add cpuid_flags_t, WC_CPUID_INITIALIZER, and cpuid_get_flags_ex(); 
refactor all static flag initializations to use cpuid_get_flags_ex() for race-free dynamics;

refactor cpuid_set_flags() to be race-free;

wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: add
* WOLFSSL_ATOMIC_COERCE_INT()
* WOLFSSL_ATOMIC_COERCE_UINT()
* wolfSSL_Atomic_Uint
* wolfSSL_Atomic_Uint_Init()
* wolfSSL_Atomic_Int_AddFetch()
* wolfSSL_Atomic_Int_SubFetch()
* wolfSSL_Atomic_Int_CompareExchange()
* wolfSSL_Atomic_Uint_FetchAdd()
* wolfSSL_Atomic_Uint_FetchSub()
* wolfSSL_Atomic_Uint_AddFetch()
* wolfSSL_Atomic_Uint_SubFetch()
* wolfSSL_Atomic_Uint_CompareExchange()

wolfcrypt/test/test.c: add to memory_test() tests for all atomic macros and APIs;

.github/workflows/pq-all.yml: don't use -Wpedantic for CC=c++ scenario.
 2025-08-14 08:44:28 -05:00
Sean Parkinson
a1dd7dae6f Merge pull request #9095 from miyazakh/add_sha512_typeproperty 
Add hashtype property to wc_Sha512 structure
 2025-08-14 21:43:06 +10:00
Sean Parkinson
102525c9c9 Merge pull request #9100 from dgarske/cryptocb_only 
Improve some of the build cases around crypto callback only
 2025-08-14 21:41:26 +10:00
Sean Parkinson
034df3d28f Merge pull request #9101 from dgarske/asm_introspection 
Add assembly introspection for RISC-V and PPC32
 2025-08-14 21:38:42 +10:00
Daniel Pouzzner
7fe890d5e7 wolfcrypt/src/coding.c: clean up comment in Base64_Decode(), per peer review. 2025-08-13 18:00:36 -05:00
Daniel Pouzzner
344db9d7f7 wolfcrypt/src/coding.c: in Base64_Decode_nonCT() and Base64_Decode(), remove overly restrictive preamble check on outLen; return BUFFER_E, not BAD_FUNC_ARG, when output buffer is too short (similarly fixed in Base16_Decode()); 
wolfcrypt/test/test.c: add N_BYTE_TEST() and test vectors to test all input and output length scenarios.
 2025-08-13 17:43:33 -05:00
Ruby Martin
dc18f404ca remove dead code in fe_operations.c 2025-08-13 16:34:14 -06:00
Ruby Martin
71c2878780 verify previously unchecked return values 2025-08-13 16:28:36 -06:00
David Garske
53c36f8529 Add assembly introspection for RISC-V and PPC32. 2025-08-13 22:30:15 +01:00
David Garske
d79ca8a746 Improve some of the build cases around crypto callback only 2025-08-13 21:58:53 +01:00
Hideki Miyazaki
b67e063535 add hashtype property to wc_Sha512 2025-08-14 05:37:40 +09:00
David Garske
3289b6b3da Merge pull request #9089 from douzzer/20250811-linuxkm-and-other-fixes 
20250811-linuxkm-and-other-fixes
 2025-08-12 11:40:36 -07:00
Daniel Pouzzner
e24f76bb1e Merge pull request #9057 from SparkiDev/mldsa_x64_asm 
ML-DSA/Dilithium: Intel x64 ASM
 2025-08-11 23:12:44 -05:00
Daniel Pouzzner
2d1c797b64 fixes from cppcheck-force-source: in src/bio.c:wolfSSL_BIO_vprintf() and 
wolfcrypt/src/logging.c:WOLFSSL_MSG_CERT_EX(), add missing gating on
  defined(XVSNPRINTF);

in src/crl.c:CRL_Entry_new(), fix true-positive nullPointerRedundantCheck;

in src/pk.c:_DH_compute_key(), add bounds checking to ForceZero(priv).
 2025-08-11 18:12:44 -05:00
Daniel Pouzzner
11d84bea86 wolfcrypt/src/rsa.c: fix improperly handled SAVE_VECTOR_REGISTERS() retval in 
wc_CheckProbablePrime_ex(), and in wc_MakeRsaKey(), make sure not to
  RESTORE_VECTOR_REGISTERS() if SAVE_VECTOR_REGISTERS() failed.
 2025-08-11 16:14:32 -05:00