Ruby Martin
00c773e1b5
remove dead code in MakeSignature()
2026-02-20 14:38:12 -07:00
Andrew Hutchings
0c19fb17d6
Merge pull request #9745 from dgarske/stm32_hmac
...
Support for STM32 HMAC hardware
2026-02-20 14:30:31 +00:00
David Garske
41614d10ed
Add STM32 hardware HMAC support
2026-02-19 09:11:02 -08:00
David Garske
f1e8c1b886
Merge pull request #9787 from holtrop-wolfssl/fix-integrity-only-cipher-nonce-calculation
...
Fix integrity-only cipher nonce calculation
2026-02-19 09:05:24 -08:00
David Garske
936d20afbe
Merge pull request #9799 from SparkiDev/arm64_aes_dec_fix
...
ARM64 AES ASM base: TD4 is only 256 bytes long
2026-02-19 08:50:48 -08:00
David Garske
1047aaa881
Merge pull request #9796 from JacobBarthelmeh/copyright
...
update Copyright year
2026-02-19 08:47:30 -08:00
Andrew Hutchings
17680a2359
Fix leak in PKCS7 RSA-OAEP
2026-02-19 11:42:21 +00:00
Andrew Hutchings
4551926dad
Fix inverted logic in Sphincs and Falcon
2026-02-19 11:40:36 +00:00
Sean Parkinson
88451a71b3
ARM64 AES ASM base: TD4 is only 256 bytes long
...
Pre-fetch fewer entries of TD4, than TD, as it is only 256 bytes long.
2026-02-19 09:31:00 +10:00
Sean Parkinson
3a1aa8310e
Merge pull request #9780 from mattia-moffa/20260216-pkcs-ecdh-fixes
...
Fix PKCS11 object leak in Pkcs11ECDH
2026-02-19 08:46:30 +10:00
David Garske
c5bbe798ec
Merge pull request #9760 from SparkiDev/mldsa_small_matrix_mul_reduce
...
ML-DSA/Dilithium: reduce vector when small build
2026-02-18 14:40:40 -08:00
David Garske
eceb55ebeb
Merge pull request #9795 from LinuxJedi/static-fixes2
...
Static analysis fixes
2026-02-18 12:07:26 -08:00
David Garske
2971c7024b
Merge pull request #9671 from SparkiDev/aes_gcm_arm32_hw_crypto_set_key_unaligned
...
ARM32 HW Crypto: AES-GCM set key unaligned key
2026-02-18 10:54:42 -08:00
David Garske
7efefc7b22
Merge pull request #9792 from SparkiDev/sp_c_rsa_pub_only
...
SP C - RSA public only build with DH
2026-02-18 10:01:53 -08:00
Andrew Hutchings
4e37d99d07
Fix OCSP key-based responder ID lookup when SM2/SM3 is enabled.
...
When WOLFSSL_SM2 and WOLFSSL_SM3 are both defined, KEYID_SIZE becomes 32
(WC_SM3_DIGEST_SIZE) but OCSP_RESPONDER_ID_KEY_SZ remains 20 (SHA-1 per
RFC 6960). The guard (int)KEYID_SIZE == OCSP_RESPONDER_ID_KEY_SZ in
OcspFindSigner() and OcspRespIdMatch() evaluated to false (32 != 20),
completely disabling key-based OCSP responder ID matching. This caused
OCSP stapling to fail with BAD_CERTIFICATE_STATUS_ERROR (-406) against
any server using a key-based responder ID (e.g. login.live.com).
Fix by comparing only OCSP_RESPONDER_ID_KEY_SZ bytes for the responder
ID match, and zero-padding the 20-byte key hash to KEYID_SIZE before
passing to CA lookup functions that compare the full KEYID_SIZE.
2026-02-18 18:01:33 +00:00
Andrew Hutchings
43aad1e4d7
Fix SM4 TLS 1.3 decrypt auth tag and SM2 cert verification
...
- Fix SM4 GCM/CCM TLS 1.3 decrypt to read auth tag from input buffer
instead of output buffer, consistent with all other AEAD ciphers
(src/tls13.c)
- Fix SM4_BLOCK_SIZE typo (was SM$_BLOCK_SIZE) in TicketEncDec SM4-GCM
decrypt path (src/internal.c)
- Fix SM2 certificate signature verification for certs using
id-ecPublicKey (ECDSAk) with SM2-with-SM3 signature algorithm.
OpenSSL creates SM2 cert signatures without the standard
distinguishing identifier in the ZA hash. The SM2k code path already
handled this correctly (idSz=0), but the ECDSAk + CTC_SM3wSM2 path
was incorrectly using CERT_SIG_ID_SZ (16), causing ASN_SIG_CONFIRM_E
(-155) when verifying non-self-signed SM2 certs (wolfcrypt/src/asn.c)
- Regenerate expired SM2 test certificates via certs/sm2/gen-sm2-certs.sh
They had expired.
2026-02-18 18:01:33 +00:00
JacobBarthelmeh
a156ed7bc7
update Copyright year
2026-02-18 09:52:21 -07:00
David Garske
0dd5009db0
Merge pull request #9768 from anhu/wc_CheckPrivateKey
...
wc_CheckPrivateKey returns NOT_COMPILED_IN for certain gating flags
2026-02-18 08:01:53 -08:00
Sean Parkinson
63b9d13db8
Merge pull request #9790 from bigbrett/sp-rsa-unused-var
...
Fix macro protection in SP code for RSA_LOW_MEM
2026-02-18 16:36:04 +10:00
Mattia Moffa
817523df72
Adjust execution flow
2026-02-18 03:52:47 +01:00
Sean Parkinson
6b46754800
SP C - RSA public only build with DH
...
Fix build to compile when RSA public only but DH included.
2026-02-18 12:26:00 +10:00
Brett Nicholas
140f9aafe2
test-fix
2026-02-17 15:54:12 -07:00
Brett Nicholas
2c7eb9bc12
fix macro protection for sp_*_cond_add_* in ARM SP asm to prevent unused function warning when used with RSA_LOW_MEM
2026-02-17 15:33:14 -07:00
Anthony Hu
50fbf7f721
wc_CheckPrivateKey() returns NOT_COMPILED_IN for certain gating flags
2026-02-17 17:02:08 -05:00
David Garske
5960a365de
Merge pull request #9776 from Pushyanth-Infineon/fix_psoc6_sha_includes
...
Fix missing header includes and conditional compilation issue for PSoC6 port.
2026-02-17 10:12:00 -08:00
David Garske
a0a76254a5
Merge pull request #9783 from SparkiDev/aes_clang_volatile
...
AES clang: make x volatile in pre-fetch functions
2026-02-17 10:10:56 -08:00
Mattia Moffa
1707acee36
Bind PKCS11 ECC key duration to ECC object
2026-02-17 16:42:13 +01:00
Andrew Hutchings
8042f767ed
Fix issues found in static analysis
...
- Fix missing cleanup on error in wc_XChaCha20Poly1305_crypt_oneshot:
change early return to goto out so ForceZero and free are called
- Fix memory leak in wc_DeCompressDynamic: free tmp buffer before
early return on avail_out size check failure
- Fix unconditional mutex unlock in PQC sign functions (falcon,
sphincs, dilithium): only call unlock when lock was acquired
- Remove dead oqssig NULL checks in falcon sign/verify that are
unreachable after the preceding SIG_TYPE_E assignment
2026-02-17 15:20:36 +00:00
Josh Holtrop
2be175fa35
Fix integrity-only cipher nonce calculation
2026-02-16 21:30:03 -05:00
Sean Parkinson
299e7bd097
AES clang: make x volatile in pre-fetch functions
...
Latest version of clang with optimization turned right up will make the
pre-fetch functions return 0.
The pre-fetch functions are there to ensure tables are all in cache not
to calculate a value.
2026-02-17 08:44:24 +10:00
David Garske
d81bb7234a
Merge pull request #9778 from LinuxJedi/exp-fixes
...
Fixes to big-endian bugs found in Curve448 and Blake2S
2026-02-16 14:30:47 -08:00
David Garske
cf4bf83ab2
Merge pull request #9762 from rizlik/bench_ed25519_use_devid
...
wolfcrypt: benchmark: use WC_USE_DEVID to benchmark ed25519 if defined
2026-02-16 13:49:53 -08:00
David Garske
be9f3853fa
Merge pull request #9764 from lealem47/wolfEntropy_arm32
...
wolfEntropy: Add ARM Generic Timer virtual counter as time src
2026-02-16 13:00:26 -08:00
Pushyanth Kamatham
b395eef455
Fix missing header includes and conditional compilation issue in PSoC6 crypto hardware acceleration port.
...
Guard the `aes->left = 0` assignment to enable when WOLFSSL_AES_CFB is defined.
2026-02-17 02:26:52 +05:30
Mattia Moffa
cd51786512
Fix PKCS11 object leak in Pkcs11ECDH
2026-02-16 18:56:34 +01:00
Andrew Hutchings
451cb45670
Fix Blake2s overlapping writes
...
We are copying from a 32bit buffer, so are overlapping writes. This
could cause damage the hash on big-endian platforms.
2026-02-16 16:08:27 +00:00
Andrew Hutchings
180c66ba70
Fix curve448
...
`wc_curve448_check_public` can get into an infinite loop in the
big-endian code path.
2026-02-16 15:56:41 +00:00
Daniel Pouzzner
1c92c74116
Merge pull request #9631 from padelsbach/crl-generation
...
Add CRL generation code
2026-02-13 21:59:52 -06:00
Paul Adelsbach
81ae472e50
Add CRL generation code
2026-02-13 10:54:47 -08:00
Daniel Pouzzner
c4131659cc
Merge pull request #9767 from SparkiDev/sp_thumb2_mont_sub_reg_fix
...
Thumb2 SP ASM: mont_sub fix
2026-02-13 11:35:36 -06:00
David Garske
16ba668ebe
Merge pull request #9632 from jackctj117/CSR-signing
...
Add wc_SignCert_cb API for external signing callbacks
2026-02-13 09:07:37 -08:00
Sean Parkinson
e48c867f6f
Thumb2 SP ASM: mont_sub fix
...
Always use all the parameters and always use the parameter name and not
the assumed register.
2026-02-13 11:49:21 +10:00
Lealem Amedie
d9b934323a
Check if _POSIX_C_SOURCE is defined
2026-02-12 18:13:29 -07:00
Lealem Amedie
17287cd595
wolfEntropy: Add ARM Generic Timer virtual counter as time src
2026-02-12 18:13:29 -07:00
David Garske
49ed1fa21f
Merge pull request #9684 from SparkiDev/ecc_import_pub_check_fix
...
ECC: import point, always do some checks
2026-02-11 21:53:03 -08:00
David Garske
1b0b4b1444
Merge pull request #9756 from SparkiDev/arm_asm_fixes_1
...
ARM assembly fixes
2026-02-11 21:51:51 -08:00
Sean Parkinson
2f53add6a5
Merge pull request #9758 from LinuxJedi/lxj-fixes
...
Minor fixes to EVP and PKCS12 code
2026-02-12 08:01:28 +10:00
Sean Parkinson
1847c6e778
Merge pull request #9721 from dgarske/x25519_nb
...
Add X25519 non-blocking support and async example improvements
2026-02-12 07:56:58 +10:00
Marco Oliverio
b767d8218a
wolfcrypt: benchmark: use WC_USE_DEVID to benchmark ed25519 if defined
2026-02-11 15:25:28 +01:00
Sean Parkinson
895fb2936d
ML-DSA/Dilithium: reduce vector when small build
...
Ensure the matrix multiplication result has values reduced to the
correct range. Only an issue for small builds.
2026-02-11 09:47:45 +10:00