wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-04 00:15:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,164 Commits 12 Branches 184 Tags
bc5b297d332edbae430a2d4652c23b6d4e828a31
Commit Graph

1996 Commits

Author SHA1 Message Date
Daniel Pouzzner
bd4e723f9d add cpuid_flags_t, WC_CPUID_INITIALIZER, and cpuid_get_flags_ex(); 
refactor all static flag initializations to use cpuid_get_flags_ex() for race-free dynamics;

refactor cpuid_set_flags() to be race-free;

wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: add
* WOLFSSL_ATOMIC_COERCE_INT()
* WOLFSSL_ATOMIC_COERCE_UINT()
* wolfSSL_Atomic_Uint
* wolfSSL_Atomic_Uint_Init()
* wolfSSL_Atomic_Int_AddFetch()
* wolfSSL_Atomic_Int_SubFetch()
* wolfSSL_Atomic_Int_CompareExchange()
* wolfSSL_Atomic_Uint_FetchAdd()
* wolfSSL_Atomic_Uint_FetchSub()
* wolfSSL_Atomic_Uint_AddFetch()
* wolfSSL_Atomic_Uint_SubFetch()
* wolfSSL_Atomic_Uint_CompareExchange()

wolfcrypt/test/test.c: add to memory_test() tests for all atomic macros and APIs;

.github/workflows/pq-all.yml: don't use -Wpedantic for CC=c++ scenario.
 2025-08-14 08:44:28 -05:00
Sean Parkinson
102525c9c9 Merge pull request #9100 from dgarske/cryptocb_only 
Improve some of the build cases around crypto callback only
 2025-08-14 21:41:26 +10:00
Daniel Pouzzner
344db9d7f7 wolfcrypt/src/coding.c: in Base64_Decode_nonCT() and Base64_Decode(), remove overly restrictive preamble check on outLen; return BUFFER_E, not BAD_FUNC_ARG, when output buffer is too short (similarly fixed in Base16_Decode()); 
wolfcrypt/test/test.c: add N_BYTE_TEST() and test vectors to test all input and output length scenarios.
 2025-08-13 17:43:33 -05:00
David Garske
d79ca8a746 Improve some of the build cases around crypto callback only 2025-08-13 21:58:53 +01:00
Daniel Pouzzner
e6c6ef64df Merge pull request #9047 from miyazakh/rz_update 
Update Renesas RZ examples
 2025-08-08 23:27:35 -05:00
David Garske
5a8b86da5d Merge pull request #9054 from gojimmypi/pr-please-use-debug-wolfssl 
Please use DEBUG_WOLFSSL not WOLFSSL_DEBUG
 2025-08-07 07:42:42 -07:00
Hideki Miyazaki
d1bf35b209 add sha224_test() call to cryptocb test 2025-08-07 08:14:26 +09:00
gojimmypi
7c9327a36b Please use DEBUG_WOLFSSL not WOLFSSL_DEBUG 2025-08-05 12:19:30 -07:00
JacobBarthelmeh
040e2102a8 Merge pull request #9049 from kojiws/import_mldsa_seed_pkcs8_reapply 
Reapply - Import ML-DSA's seed from PKCS8 file
 2025-08-01 14:34:09 -06:00
Hideki Miyazaki
a63bb12f6b Move devId from internal to public 
- addressed code review by devin
 2025-08-01 16:58:16 +09:00
Koji Takeda
09deacbe8f Revert "Merge pull request #9045 from douzzer/20250730-revert-PR9000" 
This reverts commit 70af2be5ab, reversing
changes made to 46347173b2.
 2025-07-31 14:14:51 +09:00
Daniel Pouzzner
c353052e54 linuxkm/linuxkm_wc_port.h: 
* move enum wc_svr_flags out of BUILDING_WOLFSSL guard;
* add DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS() definitions for !BUILDING_WOLFSSL;
* add #include <linux/spinlock.h> to !WOLFSSL_LINUXKM_USE_MUTEXES implementation to fix compilation (and add usability) to caller code;

linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_ctx_clear(), fix error-path deallocation of locked object;

wolfcrypt/benchmark/benchmark.c:

* in FIPS v6+ builds, and FIPS linuxkm v5+, check retval from wc_AesEncryptDirect() and wc_AesDecryptDirect();
* add WC_RELAX_LONG_LOOP() in bench_stats_sym_finish() and bench_stats_asym_finish_ex();

wolfcrypt/test/test.c: fix rng_seed_test() with correct test vectors for the relevant combinations of features, and gate the test out if there are user override defines for ENTROPY_SCALE_FACTOR or SEED_BLOCK_SZ.
 2025-07-30 22:15:05 -05:00
Hideki Miyazaki
9b7caac3ef Update RZ examples 
- Use xSPI0 boot mode
 - Update FSP from v1.3 to v2.0.0
 - Simplify UART
 - Migrate new User Ctx
 - Update README
 - Fix SCE TLS on RA6M4
 2025-07-31 11:04:06 +09:00
Daniel Pouzzner
d0bf9c4b3c Revert "Disable exporting dilithium DER tests without WOLFSSL_ASN_TEMPLATE" 
This reverts commit bbcdfe92e0.
 2025-07-30 15:39:53 -05:00
JacobBarthelmeh
46347173b2 Merge pull request #9034 from holtrop/allow-pkcs7-without-x963-kdf 
Allow building with HAVE_PKCS7 set and HAVE_X963_KDF unset
 2025-07-30 10:05:09 -06:00
JacobBarthelmeh
36912c3af8 Merge pull request #9000 from kojiws/import_mldsa_seed_pkcs8 
Import ML-DSA's seed from PKCS8 file
 2025-07-29 16:02:36 -06:00
Josh Holtrop
df7e105fb7 Allow building with HAVE_PKCS7 set and HAVE_X963_KDF unset 2025-07-29 11:46:44 -04:00
Josh Holtrop
26a4ea93eb Allow building with HAVE_PKCS7 set and HAVE_AES_KEYWRAP unset 2025-07-28 12:40:35 -04:00
Koji Takeda
bbcdfe92e0 Disable exporting dilithium DER tests without WOLFSSL_ASN_TEMPLATE 2025-07-28 21:46:28 +09:00
Albert Ribes
2e25c65129 wolfcrypt test: Fix build on 32 bit machines 
Declare a 64 bit variable using W64LIT to avoid warnings on 32 bit
machines
 2025-07-21 10:34:19 +02:00
Daniel Pouzzner
2c341a5806 Merge pull request #8990 from JacobBarthelmeh/license 
updating license from GPLv2 to GPLv3

(linuxkm tweak to `MODULE_LICENSE("GPL")` to follow.)
 2025-07-14 16:14:39 -05:00
Ruby Martin
e65647faa8 xmemset rng before test runs 2025-07-10 16:17:53 -06:00
JacobBarthelmeh
629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
David Garske
5d89ca6706 Fix build issue with ML-DSA 44 only. Fix --enable-mlkem=all to enable features (keygen/enc/dec) to match --enable-dilithium behavior and allow uses like: --enable-mlkem=all,512,small. Fix issue building mem track with missing PRINT_HEAP_ADDRESS (reproduced with --enable-trackmemory=verbose --enable-stacksize=verbose). 
```
wolfcrypt/src/dilithium.c:6696:21: error: expected expression before '}' token
 6696 |                     }
      |
```
 2025-07-09 15:06:41 -07:00
JeremiahM37
88da86e900 ML DSA Static Memory Fix 2025-07-08 17:51:42 -06:00
Daniel Pouzzner
bdd2056645 wolfcrypt/test/test.c: fix gate in dh_test() (fixes disable-sha256). 2025-07-03 10:19:07 -05:00
David Garske
295d90655b Merge pull request #8929 from SparkiDev/regression_fixes_18 
Regression testing
 2025-06-27 08:44:43 -07:00
Sean Parkinson
f1cb4d579c Regression testing 
Fixes to get WOLFSSL_PUBLIC_MP testing passing.
Fix DH constant time agreement:
  - implement constant time encoding to big-endian byte array in TFM
- only force x to be zero for SP math as others implementations ensure
unused words are zero
- exponentiate in constant time to the smallest number of words
possible
- no need to encode into separate buffer anymore as encoding is
constant time and front padded
- make requested_sz be the maximum size for the parameters and check
against agreeSz
- update agreeSz to be the maximum valid size instead of filling all
the buffer which may be many times too big
- fix SP result to front pad when doing constant time
 2025-06-26 21:21:05 +10:00
Daniel Pouzzner
6fb1c54c29 Merge pull request #8854 from dgarske/renesas_rx_tsip_aesctr 
Added Renesas RX TSIP AES CTR support
 2025-06-25 22:20:03 -05:00
David Garske
ad9d068174 Fix issues with crypto callbacks and HAVE_ECC_DHE. Fix issues with ecc_onlycb_test. 2025-06-24 09:41:33 -07:00
Sean Parkinson
d05790ed89 LMS: Allow state to be saved with private key 
Defining WOLFSSL_WC_LMS_SERIALIZE_STATE will have the state serialized
before the private key data.
Lots of memory used but means fast reload times. That means that the key
can be reloaded for each sign.
 2025-06-24 20:46:41 +10:00
Sean Parkinson
f36f86ee98 LMS SHA-256_192: fix parameters 
Winternitz bits needs to be one larger when only 192 bit hash.
 2025-06-23 08:16:05 +10:00
Sean Parkinson
7289687b44 ECC configuration fixes 
When ECC verify only and with no RNG.
 2025-06-19 13:37:43 +10:00
David Garske
74de689941 Merge pull request #8875 from kareem-wolfssl/zd20035 
Fix SRP wolfCrypt test on lower FP_MAX/SP_INT_BITS configs
 2025-06-18 08:59:09 -07:00
David Garske
7e864c177d Merge pull request #8886 from douzzer/20250617-prime_test-uninited-wc_FreeRng 
20250617-prime_test-uninited-wc_FreeRng
 2025-06-17 11:31:53 -07:00
Kareem
fe5ae0cbdf Restore 128-byte SRP test using safe prime N for the case where 192 bytes is too large for the fast/SP math config. 2025-06-17 11:30:11 -07:00
Kareem
a035b045a4 Only run SRP tests with at least 3072 bits. 
The SRP buffers are 192 bytes, so they need a minimum of 3072 bits.
If the bit size is too low, wc_SrpGetVerifier will return MP_VAL as the buffers won't fit.
 2025-06-17 11:30:11 -07:00
Daniel Pouzzner
d28045daa8 wolfcrypt/test/test.c: fix prime_test() uninitialized data access by wc_FreeRng(). 2025-06-17 09:31:19 -05:00
Juliusz Sosinowicz
9a576d9e2e Fix CI failures 2025-06-16 19:07:58 +02:00
Sean Parkinson
cb90b78688 ML-DSA: fix tests for different configs 
Setting the private key into SSL object requires signing to be
available.
Only enable the parameters that are compiled in.
 2025-06-10 20:44:27 +10:00
Daniel Pouzzner
4572dcf9f9 tests/api/test_x509.c: in test_x509_rfc2818_verification_callback(), add dependency on HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES; 
wolfcrypt/test/test.c: in lms_test(), fix -Wdeclaration-after-statement;

add .github/workflows/no-tls.yml;

.github/workflows/pq-all.yml: add smallstack scenario.
 2025-06-06 17:18:50 +04:00
Sean Parkinson
640b060792 LMS: Key ID fixup 
Fix implementation for extracting from private key data.
Add implementation that gets Key ID from wc_LmsKey.
 2025-06-05 10:25:47 +10:00
Daniel Pouzzner
a6e9bd73e4 Merge pull request #8803 from dgarske/csr_nomalloc 
Refactor to support CSR generation and signing with `WOLFSSL_NO_MALLOC`
 2025-05-30 18:05:25 -05:00
Daniel Pouzzner
b9ef6c583a wolfcrypt/test/test.c: in test_dilithium_decode_level(), on early malloc failure, stay in the flow to assure cleanup; 
.wolfssl_known_macro_extras: remove unneeded entry for WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC.
 2025-05-28 12:48:36 -05:00
David Garske
482f2bdd2a Refactor to support CSR generation and signing with WOLFSSL_NO_MALLOC. Also for DSA. Don't test no malloc with ECC custom curves. 2025-05-27 14:51:16 -07:00
David Garske
607d7489bc Add no malloc support for Dilithium tests. Fixes for WOLFSSL_DILITHIUM_NO_ASN1. 2025-05-22 14:34:34 -07:00
Daniel Pouzzner
401868908a add .github/workflows/smallStackSize.yml; 
smallstack refactors in
* wolfcrypt/src/asn.c : wc_GetSubjectPubKeyInfoDerFromCert(),
* wolfcrypt/src/dilithium.c : dilithium_sign_with_seed_mu(),
* wolfcrypt/src/ecc.c : wc_ecc_mulmod_ex2(),
* wolfcrypt/src/wc_mlkem.c : mlkemkey_decapsulate(),
* and wolfcrypt/src/wc_mlkem_poly.c : mlkem_gen_matrix_k*_avx2() and mlkem_get_noise_k2_avx2();

wolfcrypt/test/test.c: in TEST_PASS(), fix STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK to honor TEST_ALWAYS_RUN_TO_END.
 2025-05-15 15:28:11 -05:00
Daniel Pouzzner
001a5ef897 wolfcrypt/test/test.c: in main(), return (exit with) 0 for success and 1 for failure. 2025-05-10 12:08:50 -05:00
David Garske
760178c7dc Improvements to no malloc support in ConfirmSignature for async and non-blocking. Refactor DSA ASN.1 decode in ConfirmSignature. Cleanup indent in types.h. Move struct CertSignCtx to types.h. Move WC_ENABLE_ASYM_KEY_IMPORT and WC_ENABLE_ASYM_KEY_EXPORT to settings.h. 2025-05-07 12:06:09 -07:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00