wolfssl

mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-04 07:00:52 +02:00

Author	SHA1	Message	Date
Sean Parkinson	1aa79af41e	Multiple volatile variables in a C statement undefined Undefined behaviour when there are multiple volatile variables accessed in the one C statement. Changes to introduce non-volatile temporaries, split statement or make variable non-volatile.	2026-01-13 15:08:50 +10:00
Daniel Pouzzner	48cb84df0d	Merge pull request #9645 from SparkiDev/curve25519_invert_nct_x64_asm_fix Curve25519 x64 ASM: nct invert needs vzeroupper	2026-01-12 16:57:00 -06:00
Sean Parkinson	ffe304643e	Curve25519 x64 ASM: nct invert needs vzeroupper When ymm registers used, vzeroupper is required at end.	2026-01-13 08:38:23 +10:00
David Garske	7e0a8551e9	Merge pull request #9638 from douzzer/20260109-rng_bank-fixes 20260109-rng_bank-fixes	2026-01-12 08:25:23 -08:00
Sean Parkinson	84ca4a05fa	Merge pull request #9628 from miyazakh/fix_crlnumber Fix CRL Number hex string buffer overflow in CRL parser	2026-01-12 08:52:57 +10:00
Daniel Pouzzner	902164ca03	wolfcrypt/src/rng_bank.c: fixes for typography and s/wc_FreeRng(rng2)/wc_rng_free(rng2)/ in random_bank_test(); wolfcrypt/src/rng_bank.c: tweaks to silence benign Coverity CHECKED_RETURN.	2026-01-09 18:17:09 -06:00
Daniel Pouzzner	a043b7a8d6	wolfcrypt/src/rng_bank.c, wolfssl/wolfcrypt/rng_bank.h, wolfcrypt/test/test.c: * add WC_RNG_BANK_STATIC to WC_RNG_BANK_SUPPORT, supporting WOLFSSL_NO_MALLOC; * in random_bank_test(), fix gate around _NO_VECTOR_OPS sha256.sha_method test (WOLFSSL_SMALL_STACK_CACHE, and USE_INTEL_SPEEDUP not WC_HAVE_VECTOR_SPEEDUPS); * in definition of struct wc_rng_bank_inst, accommodate WOLFSSL_NO_ATOMICS builds; wolfssl/wolfcrypt/random.h: in definition of struct WC_RNG, add gate to avoid empty union in !HAVE_HASHDRBG configs.	2026-01-09 17:52:37 -06:00
Daniel Pouzzner	a091ed9151	Merge pull request #9590 from philljj/fips_bsdkm Fips bsdkm	2026-01-09 17:51:11 -06:00
David Garske	2d3941056b	Merge pull request #9630 from gasbytes/signedAttribsCount-fix Increment signedAttribsCount with the right number of attributes it encoded	2026-01-09 10:06:01 -08:00
Hideki Miyazaki	d4760b148d	addressed review comments	2026-01-09 09:10:49 +09:00
Hideki Miyazaki	d052128830	addressed review comments	2026-01-09 09:01:14 +09:00
Daniel Pouzzner	d555c1aaaa	Merge pull request #9619 from rlm2002/coverity 20260106 Coverity fixes	2026-01-08 15:03:43 -06:00
David Garske	9fe3b195e1	Merge pull request #9605 from Frauschi/build_system_fixes Build systems improvements	2026-01-08 13:00:57 -08:00
Reda Chouk	9c7b586565	Increment signedAttribsCount with the right number of attributes it encoded	2026-01-08 20:46:47 +01:00
David Garske	133d29dcef	Merge pull request #9626 from rizlik/name_contraints_fixes asn: MatchBaseName fixes	2026-01-08 10:56:53 -08:00
David Garske	f57484d1b3	Merge pull request #9616 from douzzer/20251230-persistent-drbg 20251230-persistent-drbg	2026-01-08 10:54:45 -08:00
Hideki Miyazaki	08876e278a	Fix CRL Number hex string buffer overflow in CRL parser	2026-01-08 17:25:19 +09:00
Sean Parkinson	883ceecf8a	ChaCha20 Aarch64 ASM fix: 256-bit case fixed Fixed the 256-bits at a time crypt assembly code. Add a chunking test for ChaCha20.	2026-01-08 18:01:15 +10:00
Daniel Pouzzner	0059f1647e	move WC_RNG_BANK_SUPPORT implementation from wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h to new files wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h; wolfcrypt/src/rng_bank.c: * add wc_local_rng_bank_checkout_for_bankref, wc_BankRef_Release(), wc_rng_bank_new(), and wc_rng_bank_free(); * in wc_rng_bank_checkin(), take a struct wc_rng_bank_inst *rng_inst and NULL it before return; in wc_rng_bank_init(), add a devId arg, and handle devId in wc_rng_bank_inst_reinit(); * add WC_RNG_BANK_INST_LOCK_* and use them in wc_rng_bank_checkout() and wc_rng_bank_checkin(); * fix order of operations in wc_rng_bank_checkout() re DISABLE_VECTOR_REGISTERS(); wolfcrypt/src/random.c: * refactor per-instance salting for wc_rng_bank_inst: remove changes in Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(), and in wc_rng_bank_init() and wc_rng_bank_inst_reinit(), use wc_InitRngNonce_ex() and pass the wc_rng_bank_inst pointer as the nonce; * simplify the WC_RNG_BANK_SUPPORT variant of wc_RNG_GenerateBlock() -- delegate to wc_local_rng_bank_checkout_for_bankref() and remove supplementary error checking; * in wc_FreeRng(), call wc_BankRef_Release() when WC_DRBG_BANKREF, and in wc_BankRef_Release(), fix refcount flub (not wolfSSL_RefFree, rather wolfSSL_RefDec); * streamline the WOLFSSL_LINUXKM wc_GenerateSeed(); wolfcrypt/test/test.c: add random_bank_test(); linuxkm/lkcapi_sha_glue.c: use WC_RNG_BANK_INST_TO_RNG() opportunistically; configure.ac: add --enable-amdrdseed as a synonym for --enable-amdrand; linuxkm/linuxkm_wc_port.h: when LINUXKM_LKCAPI_REGISTER_HASH_DRBG_DEFAULT, don't include get_random_bytes() in struct wolfssl_linuxkm_pie_redirect_table; add various comments for clarity.	2026-01-07 22:54:07 -06:00
Daniel Pouzzner	c1d2828daf	wolfcrypt/src/random.c, wolfssl/wolfcrypt/random.h, wolfssl/wolfcrypt/wc_port.h, linuxkm/lkcapi_sha_glue.c: fixes from autotesting: * refactor to eliminate recursion in wc_RNG_GenerateBlock(); * refactor enum wc_rng_bank_flags as word32 and macros; * fix -Wconversions, -Wunused, and stray EINVAL in wc_rng_bank_init(); * make struct wc_rng_bank_inst a top-level definition for C++ compat; * fix several bugprone-macro-parentheses.	2026-01-07 22:54:07 -06:00
Daniel Pouzzner	3c15be6610	wolfcrypt/src/random.c and wolfssl/wolfcrypt/random.h: implement WC_RNG_BANK_SUPPORT: * add WC_DRBG_BANKREF status code; * add `struct wc_rng_bank bankref` to struct WC_RNG, and move status slot out from HAVE_HASHDRBG gate; add WC_DRBG_MAX_SALT_SZ, and add saltSz and salt slots to struct DRBG_internal; * add salt handling to Hash_df(), Hash_DRBG_Instantiate(), and _InitRng(); * add types: * enum wc_rng_bank_flags * struct wc_rng_bank * add implementations: * wc_rng_bank_init() * wc_rng_bank_set_affinity_handlers() * wc_rng_bank_fini() * wc_rng_bank_checkout() * wc_rng_bank_checkin() * wc_rng_bank_inst_reinit() * wc_rng_bank_seed() * wc_rng_bank_reseed() * wc_InitRng_BankRef() * wc_rng_new_bankref() * WC_RNG_BANK_INST_TO_RNG() * in wc_RNG_GenerateBlock() and wc_FreeRng(), add WC_RNG_BANK_SUPPORT sections; wolfcrypt/src/random.c: in WC_VERBOSE_RNG messages, add "ERROR: " prefixes to text to assure pickup by autotesting. also fixed line lengths.	2026-01-07 22:54:07 -06:00
Daniel Pouzzner	32b1598db1	wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: in wolfSSL_RefFree() and wolfSSL_RefWithMutexFree(), zero the refcount (valid refcount objects are initialized to count of 1); add wolfSSL_RefCur().	2026-01-07 22:54:06 -06:00
Daniel Pouzzner	f1dd234ac9	wolfcrypt/src/error.c, wolfssl/wolfcrypt/error-crypt.h: add BUSY_E and ALREADY_E.	2026-01-07 22:54:06 -06:00
Ruby Martin	6090ddb3f3	initialize hmac_copy add WC_CALLOC_VAR_EX function, replace WC_ALLOC_VAR_EX in tests	2026-01-07 15:43:16 -07:00
David Garske	5c2c4599ed	Merge pull request #9537 from SparkiDev/aarch64_darwin_addr_calc_fix ARM64 ASM: Darwin specific address calc fix	2026-01-07 09:50:05 -08:00
Marco Oliverio	94dc7ae9ad	asn: MatchBaseName fixes	2026-01-07 17:53:43 +01:00
David Garske	cf9016b29f	Merge pull request #9622 from SparkiDev/rsa_pkcs15_verify_bounds_check RSA PKCS#1.5 verify: bounds check input	2026-01-07 08:26:24 -08:00
David Garske	84aeeb655f	Merge pull request #9580 from SparkiDev/curve25519_smul_improv Curve25519 improvements	2026-01-07 08:25:41 -08:00
David Garske	19f7b946f5	Merge pull request #9621 from SparkiDev/mlkem_check_pub MLKEM: check public key when decoding	2026-01-07 08:24:51 -08:00
David Garske	dd8d2a2d4d	Merge pull request #9575 from SparkiDev/dilithium_16_bit_fixes MLDSA/Dilithium: fix 16-bit int issues	2026-01-07 08:24:22 -08:00
David Garske	b5d3c87876	Merge pull request #9603 from SparkiDev/ppc32_sha256_asm_reg PPC32 ASM: alternative C code with registers prepended	2026-01-07 08:23:55 -08:00
David Garske	315ebf5be6	Merge pull request #9615 from SparkiDev/arm32_aes_block_inline AES ARM32/Thumb2: option to inline block	2026-01-07 08:21:51 -08:00
Sean Parkinson	80a0f6bb32	RSA PKCS#1.5 verify: bounds check input As long as NO_RSA_BOUNDS_CHECK is not defined, the input range is checked for verification.	2026-01-07 17:49:50 +10:00
Sean Parkinson	2a08fbe3ed	MLKEM: check public key when decoding Check that the public key values are less than Q when decoding.	2026-01-07 13:11:15 +10:00
Sean Parkinson	b293a1cc5c	Merge pull request #9591 from rlm2002/coverity 20251229 Coverity Dereference before Null check	2026-01-06 20:25:01 +10:00
Sean Parkinson	a1089ba9f2	AES ARM32/Thumb2: option to inline block Branching to a common block encrypt/decrypt may work for assembly but not always for C code. Added option, for assembly and inline assembly, to inline block encrypt/decrypt: WOLFSSL_ARMASM_AES_BLOCK_INLINE.	2026-01-06 11:24:21 +10:00
Sean Parkinson	38241227a2	Curve25519 improvements Add non-constant time implemenations of mod_inv for x64 and Aarch64 assembly. Generate base point table, with better formatting, for double smul with a script. Increase Bi table size to 32 entries for 64-bit asm. Minor improvements to double smul. WOLFSSL_CURVE25519_NOT_USE_ED25519 to not use ed25519 base smul in curve25519 base smul.	2026-01-06 10:24:21 +10:00
jordan	842511b0ef	wolfcrypt test: fix ecc521 err msg.	2026-01-05 12:25:53 -06:00
Tobias Frauenschläger	99bde324aa	Build systems improvements * Add `WOLFSSL_USER_SETTINGS` to CMake `options.h.in` * Add CMake support for Dilithium * Add user_settings.h support for aes_asm.S * Add PKCS#11 support to CMake * Minor ARM assembly port fixes	2026-01-05 15:46:58 +01:00
Sean Parkinson	99692003d4	PPC32 ASM: alternative C code with registers prepended C implementation with registers prepended with letter 'r'.	2026-01-05 21:12:10 +10:00
Daniel Pouzzner	cb78341886	Merge pull request #7586 from kareem-wolfssl/gh7197 Keep RNG seed file descriptor open until the RNG is freed.	2025-12-30 15:57:25 -06:00
philljj	5fa06818c0	Merge pull request #9595 from douzzer/20251229-linuxkm-rng-wolfentropy 20251229-linuxkm-rng-wolfentropy	2025-12-30 14:50:53 -06:00
Daniel Pouzzner	0621615b15	wolfcrypt/src/random.c: remove WC_VERBOSE_RNG messaging from wc_RNG_TestSeed(), which is called by test code with expected failure, and move it to _InitRng() and PollAndReSeed(), where it's always expected to succeed.	2025-12-30 13:27:31 -06:00
Daniel Pouzzner	299ca1cfef	fixes from peer review: added comments for clarity, and remove errant condition added in _InitRng().	2025-12-30 12:13:15 -06:00
JacobBarthelmeh	7a2e1c1dd0	Merge pull request #9585 from dgarske/add-missing-api-docs Add missing API documentation	2025-12-30 09:37:22 -07:00
Daniel Pouzzner	450b0b46c6	wolfcrypt/src/random.c and wolfssl/wolfcrypt/settings.h: add WC_VERBOSE_RNG messages, and activate by default when WOLFSSL_KERNEL_MODE.	2025-12-29 20:55:36 -06:00
Anthony Hu	48ebe99372	Validate asn date based on position of Z (#8603 )	2025-12-29 16:01:22 -06:00
Ruby Martin	39056bb262	move null check to prevent dereference before null check issue add new scope, whitespace	2025-12-29 10:55:13 -07:00
David Garske	5b5686c53c	Peer review improvements.	2025-12-29 08:37:51 -08:00
jordan	e4996c317e	bsdkm: fips support.	2025-12-28 10:16:53 -06:00

1 2 3 4 5 ...

10402 Commits