wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 03:32:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,020 Commits 12 Branches 184 Tags
dd79ca5d96f16b6d8824b16befca87cbb2bd9a10
Commit Graph

7339 Commits

Author SHA1 Message Date
Daniel Pouzzner
a518f493b5 Merge pull request #7388 from JacobBarthelmeh/x509_cases 
check for critical policy extension when not supported
 2024-04-05 15:59:03 -04:00
JacobBarthelmeh
8b587b563c Merge pull request #7286 from Frauschi/hybrid_signatures 
Improvements to dual algorithm certificates
 2024-04-03 13:37:16 -06:00
David Garske
57603823e3 Merge pull request #7387 from JacobBarthelmeh/sm2 
fix for oss-fuzz sm2 test build
 2024-04-03 10:08:46 -07:00
JacobBarthelmeh
f6a24efe23 Merge pull request #7389 from dgarske/nxp_mmcau_sha256 
Fix the NXP MMCAU HW acceleration for SHA2-256
 2024-04-03 10:39:04 -06:00
David Garske
d7c6d7af44 Fix the NXP MMCAU HW acceleration for SHA2-256. Broken with LMS SHA2 refactor. 2024-04-02 19:32:41 -07:00
JacobBarthelmeh
75da69911c Merge pull request #7369 from dgarske/infineon_modustoolbox 
Support for Infineon Modus Toolbox with wolfSSL
 2024-04-02 17:34:07 -06:00
JacobBarthelmeh
983616afa0 check for critical policy extension when not supported 2024-04-02 16:46:47 -06:00
JacobBarthelmeh
d4f5825fd2 fix for sp build with ecc_map_ex 2024-04-02 11:40:53 -06:00
jordan
b65e42bf4d Used codespell and fixed obvious typos. 2024-04-02 10:19:39 -05:00
Daniel Pouzzner
092dba4593 wolfcrypt/src/asn.c: fix for benign identicalInnerCondition in ParseCertRelative(). 2024-04-01 23:50:05 -05:00
Anthony Hu
10d210ce26 Parenthesis 2024-04-01 19:05:59 -04:00
Anthony Hu
2d532dd6b8 Clean up after another round of analyzer execution. 2024-04-01 18:56:44 -04:00
Anthony Hu
8f599defe0 Add check inspired by original implementation of asn. 2024-04-01 17:37:03 -04:00
Tobias Frauenschläger
136eaae4f1 Improvements to dual alg certificates 
* Support for external keys (CryptoCb interface)
* Support for usage in mutual authentication
* better entity cert parsing
* Fix for Zephyr port to support the feature
* Check key support
* Proper validation of signatures in certificate chains
* Proper validation of peer cert with local issuer signature
	(alt pub key is cached now)
* Support for ECC & RSA as alt keys with PQC as primary
* Support for PQC certificate generation
* Better support for hybrid signatures with variable length signatures
* Support for primary and alternative private keys in a single
  file/buffer
* More API support for alternative private keys

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-04-01 17:37:03 -04:00
Daniel Pouzzner
d930825a92 Merge pull request #7362 from jpbland1/rsa-make-key-no-malloc 
fix wc_MakeRsaKey and wc_RsaKeyToDer to work with WOLFSSL_NO_MALLOC
 2024-03-30 03:19:27 -04:00
John Bland
d8e9e90f9d refactor rawLen to avoid unused warning 2024-03-30 02:12:32 -04:00
Daniel Pouzzner
3f3dd4743a Merge pull request #7365 from rizlik/ecc_cmp_param_cleanup 
wc_ecc_cmp_param cleanup
 2024-03-29 01:48:46 -04:00
David Garske
83dc3dfac1 Add support for the Infineon/Cypress HAL TRNG. 2024-03-28 13:57:26 -07:00
gojimmypi
5bffbdb20c Initialize some Kyber client variables 2024-03-28 09:14:53 -07:00
John Bland
4f51183b45 fix bad indenting 2024-03-28 02:54:49 -04:00
John Bland
305f87561d break out of loop on failure instead of return 2024-03-28 02:54:49 -04:00
John Bland
fb784a2ac9 more changes from PR comments 2024-03-28 02:54:49 -04:00
John Bland
0bd8775eae update based on PR comments 2024-03-28 02:54:49 -04:00
John Bland
d9d3f9a4f4 fix wc_MakeRsaKey and wc_RsaKeyToDer to work with 
WOLFSSL_NO_MALLOC
 2024-03-28 02:54:49 -04:00
Daniel Pouzzner
42a0cb23ac Merge pull request #7364 from gojimmypi/PR-Kyber-Init 
Initialize some Kyber variables
 2024-03-28 00:13:43 -04:00
Marco Oliverio
0a03940f5a wolfcrypt: wc_ecc_cmp_param: check string len before strncmp 
also return -1 on param mismatch.
 2024-03-26 14:59:41 +01:00
gojimmypi
01ae240fe8 Initialize some Kyber variables 2024-03-25 14:08:47 -07:00
Sean Parkinson
d4b1995a2c ASN.1 testing: add tests of bad DER encodings 
Certificates with bad DER encoded ASN.1 added to testing.
Fix comment in asn.c.
 2024-03-22 08:51:17 +10:00
John Safranek
6462986bf2 OCSP Extension Encoding Fix 
1. Removed redundant check for the output being NULL in
   `EncodeOcspRequestExtensions()`. The chuck of code being protected
   only cared about the value of ret, not the pointer. The code was
   supposed to calculate the size of the data without writing it.
 2024-03-19 09:13:28 -07:00
David Garske
790e39ec03 Merge pull request #7350 from JacobBarthelmeh/scan_build_fix 
scan-build fixes for pkcs7
 2024-03-18 12:31:00 -07:00
JacobBarthelmeh
d51bef3d43 fix for memory leak on error 2024-03-19 00:58:32 +07:00
JacobBarthelmeh
b9619c3f0b Merge pull request #7343 from douzzer/20240315-pq-experimental 
20240315-pq-experimental
 2024-03-19 00:54:56 +07:00
JacobBarthelmeh
4751af9b89 scan-build fixes for pkcs7 2024-03-18 22:55:51 +07:00
David Garske
69bc5c1c19 Merge pull request #7345 from JacobBarthelmeh/coverity 
Coverity fixes
 2024-03-18 08:15:59 -07:00
JacobBarthelmeh
36e67af0f8 Merge pull request #7331 from SparkiDev/asn1_templ_issuer_cn 
ASN.1 template: store issuer common name
 2024-03-18 20:27:04 +07:00
Sean Parkinson
638d0b1a9f Regression test fixes 
pkcs7.c: pkcs7->stream must be restored or there will be a leak.
test.c: when compiled for compression, compiler warning about const
 2024-03-18 09:57:22 +10:00
Sean Parkinson
84c42f4a4e ASN.1 template: store issuer common name 
Under certain configurations the certificate issuer's common name is
kept in a DecodedCert. Wasn't implemented in ASN.1 template code.
 2024-03-18 07:06:32 +10:00
JacobBarthelmeh
763c4a074c CID 315823 truncate on cast 2024-03-17 23:54:56 +07:00
JacobBarthelmeh
d71776aced coverity CID 352930, fix for out of bounds write 2024-03-17 23:31:37 +07:00
Daniel Pouzzner
3728cd3dc5 Kyber fixes: 
wolfssl/wolfcrypt/wc_kyber.h: in definition of struct KyberKey, use correct type for devId;

wolfcrypt/src/wc_kyber_poly.c: numerous fixes for bugprone-macro-parentheses and readability-inconsistent-declaration-parameter-name;

tests/api.c: in test_tls13_apis(), add missing defined(HAVE_LIBOQS) gate on inclusion of ":P256_KYBER_LEVEL1" in groupList.
 2024-03-15 16:06:32 -05:00
JacobBarthelmeh
ab8f5f71a0 revert null check in wc_Sha256Update 2024-03-16 02:03:07 +07:00
JacobBarthelmeh
2f43cc1c7b Merge pull request #7332 from SparkiDev/asn_templ_neg_int_check 
ASN.1 parsing: check for badly encode negative INTEGER
 2024-03-15 22:40:55 +07:00
Sean Parkinson
d1b16f2c7b Regression testing fixes 
api.c: z and ret no longer only when !NO_ASN_TIME.
benchmark.c: rsaKey array type has changed and unusual code path needsed
updating.
cmac.c: Zeroization test failed when checkSz was zero as called function
didn't zero out cmac. checkSz is invalid.
test.c: rsaCaCertDerFile used even when NO_ASN_TIME.
test.h: --enable-sp-math only supports DH of 2048 bits and above. Change
default DH parameters to be 2048 bits.
 2024-03-15 13:24:40 +10:00
Sean Parkinson
8684caa304 Merge pull request #7336 from douzzer/20240314-fix-armasm-sha256 
20240314 -- fix -Wconversions in asn.c
 2024-03-15 10:37:14 +10:00
Daniel Pouzzner
25efe6b66a wolfcrypt/src/asn.c: fix -Wconversions in GetASN_BitString(), GetASN_UTF8String(), and GetASN_ObjectId(). 2024-03-14 18:42:50 -05:00
Sean Parkinson
a0befd396f SHA256 ARMv8: fix wc_Sha256Transform 
wc_Sha256Transform() was passing in data to underlying transform
function even though byte reversed data was in sha256->buffer.
 2024-03-15 09:27:15 +10:00
David Garske
b7b6752e2e Merge pull request #7333 from gojimmypi/PR-tfm-mp_sqr 
Enable TFM mp_sqr even when HAVE_ECC disabled
 2024-03-14 12:45:09 -07:00
David Garske
5dff8aa417 Merge pull request #7334 from SparkiDev/macosx_clang_15_asm_fix 
MacOS X Intel ASM clang 15: fix asm to compile without warning
 2024-03-14 10:10:42 -07:00
David Garske
8fd8548142 Merge pull request #7318 from SparkiDev/kyber_1 
Kyber: Implementation in wolfSSL
 2024-03-14 09:57:52 -07:00
Daniel Pouzzner
3fd6af0cd2 Merge pull request #7283 from SparkiDev/lms 
LMS: initial implementation
 2024-03-14 01:48:57 -04:00