Commit Graph

10464 Commits

Author SHA1 Message Date
Daniel Pouzzner c4131659cc Merge pull request #9767 from SparkiDev/sp_thumb2_mont_sub_reg_fix
Thumb2 SP ASM: mont_sub fix
2026-02-13 11:35:36 -06:00
David Garske 16ba668ebe Merge pull request #9632 from jackctj117/CSR-signing
Add wc_SignCert_cb API for external signing callbacks
2026-02-13 09:07:37 -08:00
Sean Parkinson e48c867f6f Thumb2 SP ASM: mont_sub fix
Always use all the parameters and always use the parameter name and not
the assumed register.
2026-02-13 11:49:21 +10:00
David Garske 49ed1fa21f Merge pull request #9684 from SparkiDev/ecc_import_pub_check_fix
ECC: import point, always do some checks
2026-02-11 21:53:03 -08:00
David Garske 1b0b4b1444 Merge pull request #9756 from SparkiDev/arm_asm_fixes_1
ARM assembly fixes
2026-02-11 21:51:51 -08:00
Sean Parkinson 2f53add6a5 Merge pull request #9758 from LinuxJedi/lxj-fixes
Minor fixes to EVP and PKCS12 code
2026-02-12 08:01:28 +10:00
Sean Parkinson 1847c6e778 Merge pull request #9721 from dgarske/x25519_nb
Add X25519 non-blocking support and async example improvements
2026-02-12 07:56:58 +10:00
David Garske bc12b7563f Peer review improvements 2026-02-10 14:51:51 -08:00
Andrew Hutchings 54e8e80e81 Added integer overflow protection to PKCS12
PKCS12_ConcatenateContent() could overflow.
2026-02-10 15:53:29 +00:00
Andrew Hutchings 6b4fd431da Fix leak in PKCS12 error path 2026-02-10 15:47:10 +00:00
Andrew Hutchings a8d844003e Fix potential buffer overflow in EVP
It is potentially possible on a 32bit system to get realloc to overflow
with several of the EVP functions.
2026-02-10 14:49:20 +00:00
Sean Parkinson 2b370f8ecb ARM assembly fixes
armv8-32-aes-asm*: Fix #define protection around L_AES_ARM32_ecb_td4.
armv8-curve25519_c.c: Fix definition of fe_invert_nct to match
prototype.
2026-02-10 16:20:20 +10:00
Daniel Pouzzner 51f5f8799d src/ssl_api_pk.c: fix -Wmaybe-uninitialized in check_cert_key_dev() (defect introduced in #9723);
wolfcrypt/test/test.c: fix error-path memory leaks in srtpkdf_test(), and properly gate out incompatible SRTP_KDF_LONG_KEY test on old FIPS (defect introduced in #9733);

.wolfssl_known_macro_extras: get into lexical order and remove unneeded WC_RSA_DIRECT.
2026-02-06 13:06:10 -06:00
David Garske 19bb7198a2 Peer review fixes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:24:31 -08:00
David Garske 78bba7e90f Fix for TLS with WOLFSSL_SMALL_CERT_VERIFY 2026-02-05 21:55:32 -08:00
Daniel Pouzzner 25db90afe7 Merge pull request #9741 from kareem-wolfssl/variousFixes
Various fixes
2026-02-05 20:32:12 -06:00
Daniel Pouzzner 8e6ebdb8ac Merge pull request #9723 from SparkiDev/ssl_split_cert
Split out code form ssl.c and pk.c
2026-02-05 18:21:36 -06:00
Daniel Pouzzner 1d871879df Merge pull request #9726 from Frauschi/pkcs11_pqc_prep
PKCS#11 PQC preparation work
2026-02-05 16:50:25 -06:00
Daniel Pouzzner a6ee93c84c Merge pull request #9739 from holtrop-wolfssl/rust-crate-fips-support
Rust wrapper: add FIPS support
2026-02-05 16:49:58 -06:00
Daniel Pouzzner 681d09fc3c Merge pull request #9714 from philljj/bsdkm_crypto_accel
bsdkm: x86 crypto acceleration support.
2026-02-05 16:48:03 -06:00
Daniel Pouzzner 2a32e108d0 Merge pull request #9656 from jackctj117/PKCS7-signing
Add PKCS7 ECC raw sign callback support
2026-02-05 16:46:27 -06:00
Daniel Pouzzner 6d7cb87965 Merge pull request #9733 from SparkiDev/srtp_kdf_ctr_fix
SRTP-KDF: use two bytes of index
2026-02-05 16:21:38 -06:00
jackctj117 cfcd384c4c Address copilot feedback 2026-02-05 12:12:16 -07:00
jackctj117 d774825ab8 Address copilot feedback 2026-02-05 11:57:33 -07:00
David Garske 8c30cfb0da Add tests for async with static memory. Fix issue with mixed-declaration in SP ECC non-blocking. 2026-02-05 09:43:31 -08:00
David Garske 6a4415911b Merge pull request #9727 from miyazakh/tsip_rm_asn_original
Renesas RX72N : Remove WOLFSSL_ASN_ORIGINAL from user_settings.h
2026-02-05 08:42:59 -08:00
David Garske 4d3925d526 Add X25519 non-blocking support for key gen and shared secret
## Summary
- Add non-blocking (incremental) Curve25519 key generation and shared secret via `WC_X25519_NONBLOCK`, modeled after the existing ECC non-blocking pattern (`WC_ECC_NONBLOCK`)
- Implement `curve25519_nb()` and `fe_inv__distinct_nb()` in `fe_low_mem.c` as state-machine variants that return `FP_WOULDBLOCK` to yield after each field multiply
- Add `wc_curve25519_set_nonblock()` API to attach/detach non-blocking context to a key
- Integrate X25519 non-blocking with TLS 1.2/1.3 key share generation and shared secret in `tls.c` and `internal.c` (behind `WC_X25519_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW`)
- Add `--enable-curve25519=nonblock` configure option (auto-enables `--enable-asynccrypt` and `--enable-asynccrypt-sw`)
- Add X25519 async software dispatch cases in `async.c` and types in `async.h`
- Fix async guard in `curve25519.c` to require `WOLFSSL_ASYNC_CRYPT_SW` (matching other algorithms)
- Overhaul `examples/async/` client/server: non-blocking I/O via `WOLFSSL_USER_IO`, standalone `Makefile`, X25519/ECC mode selection, CI-friendly ready-file sync
- Add `examples/configs/user_settings_curve25519nonblock.h` and CI coverage in `os-check.yml` and new `async-examples.yml` workflow
- Add wolfcrypt test and API test coverage for X25519 non-blocking
2026-02-04 21:28:52 -08:00
David Garske c7ed5ff179 Merge pull request #9740 from douzzer/20260204-linuxkm-with-global-replace-etc
20260204-linuxkm-with-global-replace-etc
2026-02-04 19:07:06 -08:00
Kareem 4bb4648282 Ensure lru_count does not overflow. 2026-02-04 15:33:15 -07:00
Chris Conlon 3753f69a50 Merge pull request #9728 from padelsbach/aia-updates
Extend AIA interface
2026-02-04 15:11:02 -07:00
Daniel Pouzzner 10d4b1dd92 wolfcrypt/src/aes.c: fix -Wunused-variable in wc_AesSetKey(). 2026-02-04 14:14:57 -06:00
Josh Holtrop f9cea09f5b Rust wrapper: add FIPS support 2026-02-04 14:32:05 -05:00
Paul Adelsbach 08c1397cc1 Enable 8 combined OCSP and URLs instead of 1 of each 2026-02-04 11:04:46 -08:00
Hideki Miyazaki c74a95c8d0 rm WOLFSSL_ASN_ORIGINAL from user_settings.h
- update signed ca cert (rsa/ecc)
 - update compiler options for v3.06.00
2026-02-05 00:08:35 +09:00
jackctj117 8b5bd3b3b1 Add wc_SignCert_cb API for external signing callbacks 2026-02-03 12:58:12 -07:00
Sameeh Jubran 425dc1372d cryptocb: add AES CryptoCB key import support and tests
Add CryptoCB-based AES key import support to enable Secure Element
offload without exposing raw AES key material to wolfCrypt.

When WOLF_CRYPTO_CB_AES_SETKEY is defined, wolfCrypt invokes a CryptoCB
callback during AES key setup. Behavior is determined by the callback
return value:

- If callback returns 0: Key is imported to the device (aes->devCtx).
  Key is NOT copied to wolfCrypt RAM; GCM H/M tables are NOT generated.
  Full hardware offload is assumed.

- If callback returns CRYPTOCB_UNAVAILABLE: Device does not support
  SetKey. Normal software path is used; key is copied to devKey for
  optional encrypt/decrypt acceleration.

- Any other error: Propagated to the caller.

Key points:
- Add wc_CryptoCb_AesSetKey() callback for AES key import
- Update AES SetKey paths to call CryptoCB and branch on return value
- Skip GCM H/M table generation when callback succeeded (devCtx set)
- Preserve existing behavior when devId is INVALID_DEVID or
  WOLF_CRYPTO_CB_AES_SETKEY is not defined

Testing:
- Add unit test for CryptoCB AES SetKey (verifies key isolation when
  callback succeeds)
- Add end-to-end AES-GCM offload test (SetKey, Encrypt, Decrypt, Free
  via CryptoCB)
- Tests use a mock SE with software AES to validate routing

Enable with: CPPFLAGS="-DWOLF_CRYPTO_CB_AES_SETKEY -DWOLF_CRYPTO_CB_FREE"

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-02-03 16:59:02 +02:00
Sean Parkinson b1d3529419 SRTP-KDF: use two bytes of index
One byte of index creates up to 4096 bytes for a key.
Increase output size to match specification.
2026-02-03 11:01:11 +10:00
jordan 8ae27c75e4 bsdkm: x86 crypto acceleration support. 2026-02-02 12:00:22 -06:00
Sean Parkinson 565ac4c101 ECC: import point, always do some checks when untrusted
Always check for infinity and, when B param available, whether the point
is on the curve when point is untrusted.
Change TLS code to treat points from peer as untrusted on import.
2026-02-02 16:12:19 +10:00
Sean Parkinson 5924524920 SHA-3: harden against glitch attack
Check loop counts to ensure glitching didn't change number of times loop
was performed.
2026-02-02 15:54:55 +10:00
Daniel Pouzzner 8719df2666 wolfcrypt/src/aes.c: in wc_AesGcmSetKey(), don't VECTOR_REGISTERS_POP() until after GCM_generate_m0_*(). 2026-01-30 17:33:30 -06:00
Tobias Frauenschläger 90be76cb94 Misc fixes and improvements regarding PKCS#11 2026-01-29 18:39:15 +01:00
Tobias Frauenschläger f59a27cdc6 Support PKCS#11 ECDSA verify with stored key 2026-01-29 18:39:04 +01:00
Tobias Frauenschläger 55946d5bdf Add support for PKCS#11 version 3.2 2026-01-29 18:38:10 +01:00
Tobias Frauenschläger ee16b9506f Add support for PKCS#11 Version 3.0 and 3.1 2026-01-29 18:38:03 +01:00
Sean Parkinson be4584784c Split out code form ssl.c and pk.c
Move EC and RSA code out of pk.c into separate file.

Move out of ssl.c into separate files:
  - Certificate APIs
  - CRL/OCSP APIs
  - Public Key APIs
  - ECH

Internal Certificate Manager APIs pulled out into ssl_certman.c.
d2i and i2d WOLFSSL_EVP_PKEY APIs pulled out into evp_pk.c.

Fix formatting.
2026-01-29 18:49:56 +10:00
jackctj117 6d6d0ab088 Add PKCS7 ECC raw sign callback support 2026-01-28 14:44:00 -07:00
Sean Parkinson bc9e37118e Regression test fixes
Mostly combinations of NO_WOLFSSL_CLIENT, NO_WOLFSSL_SERVER and
WOLFSSL_NO_CLIENT_AUTH were failing.
Added configurations to CI loop.

wc_AesGcmDecryptFinal: use WC_AES_BLOCK_SIZE to satisfy compiler.
2026-01-28 07:37:29 +10:00
JacobBarthelmeh f7b5f00973 Merge pull request #9710 from rlm2002/xChaCha20_Poly1305_unitTest
Unit test updates for XChacha20-Poly1305
2026-01-27 13:56:16 -07:00
JacobBarthelmeh 4f84be8e66 Merge pull request #9715 from dgarske/rsa_key_parsing
Fix for RSA private key parsing (allowing public) and RSA keygen no malloc support
2026-01-27 13:11:14 -07:00