wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 10:32:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
27,104 Commits 12 Branches 184 Tags
cd3e81a656f2fd07ad2fa6d475a2cdf726e7bfa4
Commit Graph

10234 Commits

Author SHA1 Message Date
JacobBarthelmeh
b42e9a9410 Merge pull request #9529 from SparkiDev/dsa_pg_sp_int_fix 
DSA Parameter Generation: init g earlier
 2025-12-16 14:52:45 -07:00
JacobBarthelmeh
75fdf959c1 Merge pull request #9514 from kareem-wolfssl/zd20936 
Fix uninitialized variable, fix potentially undefined printf reference in HASH_DRBG_Generate.
 2025-12-16 14:48:17 -07:00
Sean Parkinson
85d40c8e9b Merge pull request #9522 from JacobBarthelmeh/time 
tie in use of check_time with x509 store
 2025-12-16 08:24:49 +10:00
Kareem
968662063d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-15 14:06:18 -07:00
Daniel Pouzzner
b9368d7a3d Merge pull request #9516 from embhorn/gh3665 
Add checking of size param and clarify usage in doc
 2025-12-15 10:49:57 -06:00
Sean Parkinson
dacb3425cd DSA Parameter Generation: init g earlier 
Ensure dsa->g is initialized with other mp_ints so that it can be
cleared at the end regardless of failures.

Don't clear tmp or tmp2 if allocation or initialization failed as you
will access uninitialized data.
 2025-12-15 09:12:11 +10:00
JacobBarthelmeh
5099e6e315 add macro guard on use of time_t 2025-12-12 16:42:19 -07:00
Kareem
2d4e589a8d Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:45 -07:00
Kareem
3797c03e6c Merge remote-tracking branch 'upstream/master' into zd20936 2025-12-12 11:37:34 -07:00
night1rider
cf42d14e10 Fix wc_CmacFree() and wc_CMAC_Grow() to use correct heap pointer from internal Aes structure 2025-12-12 11:14:16 -07:00
JacobBarthelmeh
e1bbb71878 tie in use of check_time with x509 store 2025-12-12 09:22:23 -07:00
Sean Parkinson
8e14d4a774 Aarch64 AES ASM no hw crypto: no dead code 
Fix code so that there is no dead code compiled.
That is, change if checks to #ifdef checks.
 2025-12-12 12:31:36 +10:00
Daniel Pouzzner
9201b4e5eb Merge pull request #9515 from anhu/salt_len_min 
Note that HMAC_FIPS_MIN_KEY is also salt len min for HKDF
 2025-12-11 13:03:06 -06:00
Daniel Pouzzner
ef8bf55528 Merge pull request #9495 from SparkiDev/aarch64_no_hw_crypto_asm_aes 
Aarch64 no harware crypto assembly AES
 2025-12-11 12:46:07 -06:00
Anthony Hu
cd4f96924b Better error message too. 2025-12-11 12:23:38 -05:00
Eric Blankenhorn
67b6b284d6 Add checking of size param and clarify usage in doc 2025-12-11 08:27:57 -06:00
Kareem
63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Sean Parkinson
80b7ea638e Aarch64 no harware crypto assembly AES 
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
 2025-12-10 08:55:58 +10:00
Sean Parkinson
886b0c2ec6 Benchmark ECDSA: use digest size instead of key size 
The key size can be larger than the maximum digest size supported by the
sign and verify APIs.
Calculate a reasonable digest size for the key size and bound it on the
maximum digest size.
 2025-12-05 09:01:12 +10:00
JacobBarthelmeh
5b7480486e Merge pull request #9487 from dgarske/qathash 
Fix QAT hash final with no update and fix g++ warnings
 2025-12-04 11:35:46 -07:00
David Garske
f01c4f10fa Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix 
RSA decrypt: don't write past buffer end on error
 2025-12-04 10:06:37 -08:00
David Garske
1dfa4d1bcf Merge pull request #9488 from SparkiDev/aes_gcm_4bit_be 
AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
 2025-12-04 10:06:06 -08:00
Sean Parkinson
bff29a8535 ARM32/Thumb2 ASM SHA-256: provide small code size option 
WOLFSSL_ARMASM_SHA256_SMALL for Thumb2 and ARM32 using base instructions
compiles implementations that are smaller but slower.
 2025-12-04 16:44:37 +10:00
David Garske
45b7fb9e39 Merge pull request #9489 from julek-wolfssl/zd/20860 
Fix AKID CA lookup
 2025-12-03 08:16:51 -08:00
Juliusz Sosinowicz
995e63f6e1 Fix AKID CA lookup 
The `authorityCertIssuer` field refers to the Issuer field of the CA being looked up and not its Subject field.
 2025-12-03 10:47:40 +01:00
Sean Parkinson
697bc47d8e AES-GCM, 4-bit table, Big Endian: fast impl of GMULT 
Add fast implementation GMULT for big-endian platforms like PowerPC and
PowerPC64.
Speeds up AES-GCM.
 2025-12-03 11:22:49 +10:00
David Garske
628c1e5225 Fix g++ compiler implicit cast warnings 2025-12-02 10:54:16 -08:00
David Garske
6deef7c14a QAT fix to properly handle a finish with no update 2025-12-02 09:57:12 -08:00
David Garske
dd40417fca Merge pull request #9479 from josepho0918/aes-cbc-mmcau 
Prefer ARMASM over MMCAU for AES CBC when both enabled
 2025-12-02 07:58:17 -08:00
David Garske
a2f46cd9b0 Merge pull request #9470 from lealem47/MLKEM_PUB_HASH_E 
ML-KEM: Add check for Pubkey hash mismatch on decoding the dk
 2025-12-01 12:49:48 -08:00
Sean Parkinson
6a5e29e21d Merge pull request #9477 from douzzer/20251125-linuxkm-arm-fips-tweaks 
20251125-linuxkm-arm-fips-tweaks
 2025-11-27 09:03:36 +10:00
Joseph Chen
26206821ff Prefer ARMASM over MMCAU for AES CBC when both enabled 2025-11-26 16:05:05 +08:00
Daniel Pouzzner
be1f916028 wolfcrypt/src/aes.c: in the WOLFSSL_ARMASM && GCM_SMALL && !__aarch64__ static C implementation of GCM_gmult_len(), rename to GCM_gmult_len_armasm_C() (incompatible with other implementations); 
wolfcrypt/src/aes.c: move FREESCALE_MMCAU implementations later (minimum precedence) for wc_AesEncrypt(), wc_AesDecrypt(), wc_AesSetKeyLocal(), wc_AesSetKey(), and wc_AesSetKeyDirect() (fixes ZD#20862).
 2025-11-25 23:01:05 -06:00
Daniel Pouzzner
f5543f6b95 wolfcrypt/test/test.c: in wolfcrypt_test_main(), install myFipsCb if applicable, and save failed wolfCrypt retvals to args.return_code to assure error exit. fixes FIPS integrity failure message with wolfEntropy. 2025-11-25 20:21:37 -06:00
Daniel Pouzzner
4fda0883a4 globally rename WC_PIE_RELOC_TABLES to WC_SYM_RELOC_TABLES; 
globally replace defined(__PIE__) with defined(WC_CONTAINERIZE_THIS) to decouple containerization from -fPIE;

configure.ac:
* add --enable-kernel-reloc-tables as an alias for --enable-linuxkm-pie;
* always activate ENABLED_ENTROPY_MEMUSE_DEFAULT when KERNEL_MODE_DEFAULTS and not RDSEED/RDRAND, regardless of FIPS presence/version;

linuxkm/Kbuild:
* add -DWC_CONTAINERIZE_THIS to PIE_FLAGS;
* add support for NO_PIE_FLAG, which inhibits -fPIE on ENABLED_LINUXKM_PIE builds, and adds -DWC_NO_PIE_FLAG to PIE_FLAGS;

linuxkm/linuxkm_wc_port.h: add setup for WC_LINUXKM_WOLFENTROPY_IN_GLUE_LAYER;

linuxkm/module_hooks.c: add wc_linuxkm_GenerateSeed_wolfEntropy().
 2025-11-25 18:01:25 -06:00
David Garske
0aaa31c438 Merge pull request #9459 from JacobBarthelmeh/async 
fix small stack define and warnings for g++ build with async
 2025-11-25 14:22:24 -08:00
David Garske
6fc99ac6d8 Merge pull request #9431 from Pushyanth-Infineon/psoc6_aes_support 
Enable hardware acceleration for AES on PSoC6.
 2025-11-25 13:31:23 -08:00
Sean Parkinson
0afbc1ef08 Merge pull request #9471 from douzzer/20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange 
20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange
 2025-11-25 19:22:22 +10:00
JacobBarthelmeh
a83fb4fc42 revert 6bda10a forcing small stack with async 2025-11-25 00:43:04 -07:00
Daniel Pouzzner
e459b21744 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: add volatile attribute to wolfSSL_Atomic_Uint_CompareExchange() first arg, for pedantic accuracy; 
wolfssl/internal.h and src/ssl.c: add volatile attribute to WOLFSSL_CTX.privateKeyPKey pointer, for pedantic accuracy;

wolfcrypt/test/test.c: in memory_test(), use compatible pointers for all operands in the wolfSSL_Atomic_Ptr_CompareExchange() test, to avoid undefined behavior.
 2025-11-24 18:21:09 -06:00
Lealem Amedie
eace02115b Address review feedback 2025-11-24 16:57:52 -07:00
Sean Parkinson
ea0793f0af Merge pull request #9428 from dgarske/qat_v5.8.4 
Migrate wolfAsyncCrypt repo into wolfSSL proper
 2025-11-25 09:33:31 +10:00
Sean Parkinson
9c467a916a Merge pull request #9437 from rlm2002/coverity 
20251114 Coverity change
 2025-11-25 09:26:17 +10:00
Sean Parkinson
86789f92c0 Merge pull request #9446 from dgarske/stm32_castwarn 
Fix stm32.c type warnings
 2025-11-25 09:22:58 +10:00
Sean Parkinson
76fec60754 Merge pull request #9448 from anhu/p7_unknownExt 
unknown extension support in wc_PKCS7_EcdsaVerify
 2025-11-25 09:21:47 +10:00
Sean Parkinson
c6ecafced2 Merge pull request #9451 from kaleb-himes/ESV-DRBG-Decouple 
Esv drbg decouple
 2025-11-25 09:19:52 +10:00
David Garske
4ccad17a39 Merge pull request #9465 from SparkiDev/aesgcm_small_armasm 
AES-GCM small ARM asm: add back implementation
 2025-11-24 15:06:49 -08:00
David Garske
0786aa2585 Merge pull request #9464 from SparkiDev/sp_384_sub_fix 
SP Thumb2/ARM32: P-384 sub not needed for small builds
 2025-11-24 15:05:43 -08:00
Lealem Amedie
f5cb791e39 ML-KEM: Add check for Pubkey hash mismatch on decoding the dk 2025-11-24 10:22:40 -07:00
Joseph Chen
7752df3340 Correct SHA256 final endianness on MMCAU platforms 2025-11-24 16:48:35 +08:00