Commit Graph

21505 Commits

Author SHA1 Message Date
Juliusz Sosinowicz b8b847bbcf Allow SetCipherList to operate on SSL without modifying on SSL_CTX 2024-01-19 14:53:28 +01:00
David Garske ac81d9d29c Merge pull request #7110 from Frauschi/pq_secure_element
PQC: add CryptoCb support for PQC algorithms
2024-01-18 13:29:28 -08:00
Anthony Hu 9be390250d Adding support for dual key/signature certificates. (#7112)
Adding support for dual key/signature certificates with X9.146. Enabled with `--enable-dual-alg-certs` or `WOLFSSL_DUAL_ALG_CERTS`.
2024-01-18 13:20:57 -08:00
David Garske 8a45f43eb0 Merge pull request #7131 from bandi13/fips-check-upgrades
Fips check upgrades
2024-01-18 08:21:29 -08:00
David Garske ec96fcdbae Merge pull request #7138 from ejohnstown/crl-mon-test-fix
CRL Monitor Test Fix
2024-01-18 08:20:05 -08:00
Tobias Frauenschläger 68ea31c52a Fix install step for liboqs port header
Make sure the header file of the liboqs port is properly installed
during a call to `make install`.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-18 17:07:39 +01:00
Tobias Frauenschläger 4d259da60a PQC: CryptoCb support for KEM algorithm Kyber
Add support for crypto callback and device id for all three Kyber PQC KEM
function calls.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-18 17:02:49 +01:00
Tobias Frauenschläger 8e6d151403 PQC: CryptoCb support for signature algorithms
Add initial support of the crypto callback API to the two PQC signature
algorithms Dilithium and Falcon. This ultimatelly enables the usage of
external hardware modules (e.g. secure elements) for these algorithms.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-18 17:02:38 +01:00
John Safranek b66a108e97 CRL Monitor Test Fix
1. For Mach and FreeBsd builds, add the function link_file() which makes
   a hard link for a file.
2. Add a macro STAGE_FILE that either calls copy_file or link_file
   depending on doing a Mach or FreeBSD build or not.

This is to work around how the CRL Monitor is detecting file changes
made by the CRL monitor test in the testsuite. Linux and Windows are
detecting the file copies and deletes, and how macOS detects them.
kevent sees the link as a single change to the parent directory and
reads it. When you copy the file, kevent sees the new file getting
opened and triggering the file update.
2024-01-17 21:38:26 -08:00
David Garske 4f8fd98d0d Merge pull request #7109 from Frauschi/falcon_compat
PQC: Update Falcon support to match OQS
2024-01-17 14:18:32 -08:00
Andras Fekete 41b70b8386 Giving up and reverting back to what it was. 2024-01-17 17:03:37 -05:00
David Garske d5d279454b Merge pull request #7137 from douzzer/20240117-nightly-fixes
20240117-nightly-fixes
2024-01-17 13:57:48 -08:00
David Garske 5ef6ed56dc Merge pull request #7135 from lealem47/returnParity
Return correct error code in TEMPLATE DecodeECC_DSA_Sig_Ex
2024-01-17 12:34:52 -08:00
Andras Fekete 81aa495b51 Fix missing tags 2024-01-17 14:46:19 -05:00
Daniel Pouzzner 64667a5595 src/crl.c: fix "null pointer passed as argument 2" in new XMEMCPY() call in WC_RSA_PSS path of DupCRL_Entry(), added in b140f93b17, detected by gcc 14.0.0_pre20240107 p15 with sanitizers. 2024-01-17 13:38:05 -06:00
David Garske 0b167faa56 Merge pull request #7133 from miyazakh/arm_isb
fix unsupported arm instruction compile error
2024-01-17 09:44:49 -08:00
Tobias Frauenschläger b2888a9467 Update Falcon support to match OQS
Update the OIDs and related variables to match the current OQS values.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-17 16:54:26 +01:00
Lealem Amedie cbc8e98876 Return correct error code in TEMPLATE DecodeECC_DSA_Sig_Ex 2024-01-17 08:49:09 -07:00
Hideki Miyazaki b2f971555e isb available > armv6 2024-01-17 13:39:48 +09:00
David Garske 089468fbf1 Merge pull request #7132 from ejohnstown/x25519-ecdhe-psk
ECDHE-PSK with x25519
2024-01-16 20:16:01 -08:00
David Garske 11029127df Merge pull request #7119 from JacobBarthelmeh/crl
support for RSA-PSS signatures with CRL
2024-01-16 15:23:16 -08:00
Hideki Miyazaki 1af3502204 Merge pull request #7115 from TakayukiMatsuo/jpcmac
Update cmac-api documents
2024-01-17 08:18:11 +09:00
John Safranek 746ffac84a ECDHE-PSK with x25519
1. Add missing assignment of the WOLFSSL object's ecdhCurveOid value. It
   is set correctly in the previous cases, but got missed for ECDHE-PSK.
2. Add test cases to the unit testing.
2024-01-16 15:18:05 -08:00
JacobBarthelmeh b140f93b17 refactor sigParams allocation and adjust test file name 2024-01-16 14:41:24 -07:00
TakayukiMatsuo cdc46a7ddb Update cmac-api documents 2024-01-17 06:21:03 +09:00
Andras Fekete 79272b5861 Only take the latest from the repo. Don't need old history. 2024-01-16 15:41:15 -05:00
David Garske 7a77d64d56 Merge pull request #7059 from bigbrett/cryptocb-oneshot-cmac
Add cryptoCb hook to one-shot CMAC functions
2024-01-16 12:17:05 -08:00
Andras Fekete a51c8d54d2 Standardize script style 2024-01-16 11:58:34 -05:00
Andras Fekete 5fc32a1124 Add in 'make check' bypass 2024-01-16 11:58:10 -05:00
JacobBarthelmeh 114d11a8d8 adding RSA-PSS macro guard around CRL use 2024-01-15 15:33:01 -07:00
JacobBarthelmeh b38e20a721 add crl_rsapss.pem to make dist 2024-01-15 15:19:04 -07:00
David Garske d4272bb48d Merge pull request #7129 from bandi13/configurePrintout
Print out how ./configure was called
2024-01-15 11:01:19 -08:00
Brett Nicholas abbf9f2b77 Add cryptoCb hooks to one-shot CMAC functions; add CMAC coverage to cryptoCb tests; add context argument to CMAC generate_ex 2024-01-15 11:52:17 -07:00
Andras Fekete b5015df35f Print out how ./configure was called
This will make debugging and tracing back from logs much easier
2024-01-15 10:07:00 -05:00
JacobBarthelmeh 5fc71161e9 add crl rsa pss for asn=original 2024-01-11 16:50:16 -07:00
Sean Parkinson 49d258f01a Merge pull request #7124 from SKlimaRA/SKlimaRA/tls13SessionTicketDoubleFree
fixed double free happening during EvictSessionFromCache
2024-01-12 09:09:29 +10:00
Sean Parkinson 9137ed671e Merge pull request #7107 from ejohnstown/fips-script
FIPS Script
2024-01-12 05:07:04 +10:00
Stanislav Klima 909b437571 cleared ticket and ticketNonce 2024-01-11 19:59:12 +01:00
Stanislav Klima e63c50b1f3 fixed double free happening during EvictSessionFromCache 2024-01-11 19:52:03 +01:00
Sean Parkinson 8c6de41eb9 Merge pull request #7051 from JacobBarthelmeh/mb
fix and enhancement for AES-GCM use with Xilsecure
2024-01-12 03:44:43 +10:00
Sean Parkinson 5e8fca420e Merge pull request #7127 from dgarske/cryptocb_defhash
Fix for crypto callbacks to allow invalid devId for non _ex single shot hash functions
2024-01-11 11:22:26 +10:00
David Garske 340aed5498 Fix for crypto callbacks to allow invalid devId for non _ex single shot hash functions. 2024-01-10 15:33:10 -08:00
John Safranek d9751aa103 FIPS Script
1. Update fips-check.sh for checking out v5.2.0.1 of the fips.c file.
2024-01-10 15:12:59 -08:00
Sean Parkinson 06d7b14af1 Merge pull request #7122 from julek-wolfssl/curl-deps
Add curl dependencies
2024-01-11 01:35:07 +10:00
David Garske a2cfa35dc1 Merge pull request #7123 from bandi13/liberationFromGitHooks
Since no one uses this, we should remove commit hooks
2024-01-09 23:03:08 -08:00
David Garske 06a32d3437 Merge pull request #7097 from lealem47/removeUserCrypto
Remove user-crypto functionality and Intel IPP support
2024-01-09 17:33:28 -08:00
Andras Fekete f3761ed28e Since no one uses this, we should remove commit hooks 2024-01-09 20:31:44 -05:00
Juliusz Sosinowicz cae231b557 Add curl dependencies 2024-01-09 22:47:59 +01:00
JacobBarthelmeh cd07e32b13 update crl files and add in compat support for RSA-PSS 2024-01-08 16:38:11 -08:00
billphipps 5631bc9b2d Merge pull request #7118 from douzzer/20240107-fix-linuxkm-commercial-POC
20240107-fix-linuxkm-commercial-POC
2024-01-07 14:33:06 -05:00