wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-05-04 13:44:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
21,682 Commits 13 Branches 184 Tags
d5142d8553389de5caa359c9cc8638c39f5f06dc
Commit Graph

21682 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JacobBarthelmeh 7592559fd3 rename argument, fix warnings on casts 2024-02-02 14:50:50 -07:00
Daniel Pouzzner d1e0b37467 Merge pull request #7202 from julek-wolfssl/bio-include-ssl 
If bio.h is included first then it can't include options.h on its own
 2024-02-02 16:00:47 -05:00
Daniel Pouzzner 6230c29194 Merge pull request #7190 from SparkiDev/tls13_hrrcookie_fix 
TLS 1.3, HRR Cookie: send cookie back in new ClientHello
 2024-02-02 15:05:00 -05:00
Juliusz Sosinowicz 31bfac43ea Update github actions 
Many of these updates should also speed up some steps
 2024-02-02 20:14:28 +01:00
David Garske 32aecf4c35 Merge pull request #7180 from douzzer/20240126-LINUXKM_LKCAPI_REGISTER 
20240126-LINUXKM_LKCAPI_REGISTER
 2024-02-02 11:12:35 -08:00
Juliusz Sosinowicz 5b5d6481de Fix write_dup with chacha-poly 2024-02-02 19:47:25 +01:00
Juliusz Sosinowicz 188a69e649 test_wolfSSL_OPENSSL_hexstr2buf: test was always skipped 2024-02-02 18:29:15 +01:00
Juliusz Sosinowicz be90fe073e tfm and integer: skip whitespace at end in radix read 2024-02-02 14:38:40 +01:00
Juliusz Sosinowicz 7ebb8cd007 Update radix tests 2024-02-02 12:09:50 +01:00
Juliusz Sosinowicz d3b0a26b3b If bio.h is included first then it can't include options.h on its own 
When EXTERNAL_OPTS_OPENVPN is defined, we should be including options.h internally. When bio.h is included first, we don't include options.h and we don't pass the `#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)` guard.
 2024-02-02 11:02:39 +01:00
Sean Parkinson c8b0aac144 SHA-256 Aarch64: fix alignments on loads and stores 
Input buffer must be loaded with a byte alignment.
Fix other loads and stores to be consistent.
 2024-02-02 12:41:12 +10:00
Daniel Pouzzner 10645de648 linuxkm: various tweaks: 
* configure.ac: in linuxkm-lkcapi-register section, force ENABLED_AESGCM_STREAM=yes if ENABLED_AESGCM is yes and there is asm or FIPS in the picture.
* linuxkm/module_hooks.c: in updateFipsHash(), if DEBUG_LINUXKM_PIE_SUPPORT || WOLFSSL_LINUXKM_VERBOSE_DEBUG, print the base16 hash to the kernel log.
* linuxkm/lkcapi_glue.c:
  * implement KATs for AES-CBC, AES-CFB, and AES-GCM.
  * clean out extraneous code and macro usage inherited from test/test.c.
  * add post-registration crypto_tfm_alg_driver_name() tests for AES-CBC, AES-CFB, and AES-GCM.
 2024-02-01 19:04:02 -06:00
Lealem Amedie 63f7298be2 Default to ASN TEMPLATE library 2024-02-01 14:52:06 -07:00
JacobBarthelmeh ed4b87eb37 fix for clang-tidy null dereference error 2024-02-01 14:26:13 -07:00
JacobBarthelmeh 5fbadbb215 fix warning with test case 2024-02-01 11:50:51 -07:00
JacobBarthelmeh 8d0dc7a568 fix asn original build, vs warning, and add test cases 2024-02-01 11:50:51 -07:00
JacobBarthelmeh bf23357c8c refactor streaming and additional comments 2024-02-01 11:50:51 -07:00
JacobBarthelmeh c843064681 update macro guard 2024-02-01 11:50:51 -07:00
JacobBarthelmeh 75762d44b6 PKCS7 streaming with encode/sign 2024-02-01 11:50:51 -07:00
Juliusz Sosinowicz 335c51987e openssh 9.6p1 fixes 
- wolfSSL_DSA_set0_key: allow setting just the public key
- radix16: allow skipping the end of line whitespace
- Add openssh action
 2024-02-01 11:39:56 +01:00
Daniel Pouzzner f9bf96d9ba Merge pull request #7187 from SparkiDev/sha256_intel_instrs 
SHA-256: Implementation using Intel instructions
 2024-01-31 19:15:43 -05:00
Daniel Pouzzner 1fda249468 Merge pull request #7189 from philljj/fix_static_nomalloc_build 
Fix WOLFSSL_NO_MALLOC build.
 2024-01-31 18:46:48 -05:00
Sean Parkinson f48eb638da TLS 1.3, HRR Cookie: send cookie back in new ClientHello 
Make it mandatory that the cookie is sent back in new ClientHello when
seen in a HelloRetryRequest.
 2024-02-01 07:49:37 +10:00
Daniel Pouzzner 3064d725b9 Merge pull request #7193 from bandi13/fixOpenWRTTests 
Snapshots disappear after a while. Versioned releases stay.
 2024-01-31 16:38:55 -05:00
Anthony Hu dfc10741a5 Adding unknown extension callback to CertManager 2024-01-31 16:27:07 -05:00
Andras Fekete 65902308e8 Snapshots disappear after a while. Versioned releases stay. 2024-01-31 16:02:41 -05:00
Daniel Pouzzner 75bd1af110 Merge pull request #7179 from philljj/fix_ext_xmss_sigsleft 
Fix ext_xmss SigsLeft.
 2024-01-31 14:33:18 -05:00
David Garske 9e47703402 Template for TLS v1.2 only. 2024-01-31 10:13:31 -08:00
Daniel Pouzzner e1ee5e4421 linuxkm: spruce up arch-dependent CFLAGS setup in linuxkm/Kbuild; add "failed:" to error messages in km_AesGcmEncrypt() and km_AesGcmDecrypt(). 2024-01-31 11:49:46 -06:00
Daniel Pouzzner f228a85cee AES-XTS: fix FIPS gating to use defined(HAVE_FIPS), not defined(HAVE_FIPS_VERSION). 2024-01-30 17:16:37 -06:00
jordan 7ddf20851d Fix WOLFSSL_NO_MALLOC build. 2024-01-30 09:00:02 -06:00
Juliusz Sosinowicz 48b99b0f10 Merge pull request #7185 from JacobBarthelmeh/zephyr 
only download parts of zephyr sdk needed for test
 2024-01-30 14:46:57 +01:00
Sean Parkinson 492490f7e6 SHA-256: Implementation using Intel instructions 
Detects Intel SHA-256 instructions available for CPU.
Preferences implementation using Intel instructions.
 2024-01-30 23:17:05 +10:00
Sean Parkinson f7507f14cb Merge pull request #7186 from douzzer/20240129-fix-wc_RsaFunction_ex 
20240129-fix-wc_RsaFunction_ex
 2024-01-30 23:14:52 +10:00
Daniel Pouzzner 3d3c07944e wolfcrypt/src/ecc.c: fix logic around WOLF_CRYPTO_CB_ONLY_ECC in wc_ecc_shared_secret(), _ecc_make_key_ex(), wc_ecc_sign_hash(), and wc_ecc_verify_hash() (defects reported by -Wreturn-type, -Wmaybe-uninitialized around err, and a failure of ecc_onlycb_test()). 2024-01-29 22:30:33 -06:00
Daniel Pouzzner 67bbe1e1bb wolfcrypt/src/rsa.c: in wc_RsaFunction_ex(), if defined(WOLF_CRYPTO_CB_ONLY_RSA), add clause to return NO_VALID_DEVID if key->devId == INVALID_DEVID. fixes "control reaches end of non-void function" in PRB-single-flag.txt. 2024-01-29 22:00:20 -06:00
Daniel Pouzzner 11e8a89f67 wolfcrypt/src/aes.c: coddle XCode (clang) to clear frivolous -Wparentheses-equality. 2024-01-29 17:58:13 -06:00
Daniel Pouzzner 6261108d49 linuxkm: fix line lengths throughout; in linuxkm/lkcapi_glue.c: fix/harmonize error catching, reporting, and error codes; further address peer review feedback. 2024-01-29 17:48:31 -06:00
David Garske de91add3d9 Merge pull request #7182 from SparkiDev/armv8_32_align_chacha20_asm 
ARMv8 32 bit ChaCha20 ASM: loading from in/out
 2024-01-29 14:59:56 -08:00
JacobBarthelmeh 920abd8b46 only download parts of zephyr sdk needed for test 2024-01-29 15:02:58 -07:00
David Garske de4a6f9e00 Merge pull request #7167 from SparkiDev/rsa_dec_check_d 
RSA Decryption: check private value after decryption
 2024-01-29 14:01:27 -08:00
David Garske a6326bd80a Merge pull request #7183 from SparkiDev/regression_fixes_9 
Regression testing fixes
 2024-01-29 07:42:34 -08:00
David Garske 60de159707 Merge pull request #7176 from danielinux/iotsafe-sha384 
IoT-Safe sha384+sha512 support
 2024-01-29 07:35:50 -08:00
Sean Parkinson 13591dcae8 Regression testing fixes 
internal.c: NO_CERT, privateKeySz not used.
./configure --disable-shared --disable-asn --disable-rsa --disable-ecc
--enable-psk

sp_int.c: fix when sp_gcm is available
./configure --disable-shared  --disable-shared --disable-ecc
--disable-dh --disable-aes --disable-aesgcm --disable-sha512
--disable-sha384 --disable-sha --disable-poly1305 --disable-chacha
--disable-md5 --disable-sha3 --enable-cryptonly --disable-inline
--enable-rsavfy --disable-asn --disable-oaep --disable-rng
--disable-filesystem --enable-sp=rsa2048 --disable-sp-asm
--enable-sp-math
 2024-01-29 23:05:46 +10:00
Daniel Pouzzner 856c9a9a7f wolfcrypt/src/port/arm/armv8-aes.c: revert changes in a0415ce855. 2024-01-29 00:17:19 -06:00
Daniel Pouzzner 1fc67183a5 linuxkm: address peer review: 
* support AES_ENCRYPTION_AND_DECRYPTION only if WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS is defined, and define it in linuxkm_wc_port.h if LINUXKM_LKCAPI_REGISTER.
* fix a typo in km_AesInitCommon().
* remove #if 0 code in lkcapi_glue.c.
 2024-01-28 23:58:46 -06:00
Sean Parkinson 4585c6d508 ARMv8 32 bit ChaCha20 ASM: loading from in/out 
Input and output buffers come from the application and are not
necessarily alighed.
Use instructions that allow unaligned access to these buffers.
 2024-01-29 11:03:40 +10:00
Daniel Pouzzner 957fc7460c linuxkm/lkcapi_glue.c: refactor AES-CBC, AES-CFB, and AES-GCM glue around struct km_AesCtx with separate aes_encrypt and aes_decrypt Aes pointers, and no cached key, to avoid AesSetKey operations at encrypt/decrypt time. 2024-01-27 23:16:02 -06:00
Daniel Pouzzner 8ae031a5ed linuxkm/linuxkm_wc_port.h: improve my_memcpy(), my_memset(), and my_memmove() (CONFIG_FORTIFY_SOURCE workarounds) with copy-by-words codepaths. 2024-01-27 23:12:37 -06:00
Daniel Pouzzner 82d94dab68 linuxkm: move "#undef HAVE_PTHREAD" from linuxkm/module_hooks.c to wolfssl/wolfcrypt/settings.h. 2024-01-27 23:10:12 -06:00