wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 17:52:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,287 Commits 12 Branches 184 Tags
e09e3f60989aba820104a3aaa060c6ffecee55ff
Commit Graph

9576 Commits

Author SHA1 Message Date
David Garske
ed6f853b9c Merge pull request #8763 from douzzer/20250511-fixes 
20250511-fixes
 2025-05-12 08:48:37 -07:00
David Garske
110504acd6 Merge pull request #8761 from douzzer/20250510-SP-dyn-stack-tweaks-and-workaround 
20250510-SP-dyn-stack-tweaks-and-workaround
 2025-05-12 08:48:10 -07:00
Daniel Pouzzner
e19295bb64 wolfssl/wolfcrypt/settings.h: #define WOLFSSL_CURVE25519_BLINDING if defined(NO_CURVED25519_X64); 
wolfcrypt/src/curve25519.c: if defined(NO_CURVED25519_X64), #undef USE_INTEL_SPEEDUP;

wolfcrypt/src/fe_operations.c: fixes for -m32 -Wconversions;

.github/workflows/wolfCrypt-Wconversion.yml: add -m32 scenario;

.wolfssl_known_macro_extras: remove unneeded entry for WOLFSSL_CURVE25519_BLINDING.
 2025-05-11 12:06:23 -05:00
Daniel Pouzzner
001a5ef897 wolfcrypt/test/test.c: in main(), return (exit with) 0 for success and 1 for failure. 2025-05-10 12:08:50 -05:00
Daniel Pouzzner
c967dd2a30 wolfcrypt/src/sp_int.c and wolfssl/wolfcrypt/sp_int.h: add 
MP_INT_SIZEOF_DIGITS() macro, and use it for stack allocations in DECL_SP_INT()
  and DECL_SP_INT_ARRAY();

  refactor _sp_submod() to use DECL_SP_INT() rather than DECL_SP_INT_ARRAY() to
  work around apparent optimizer bug in gcc-15.
 2025-05-10 01:28:17 -05:00
JacobBarthelmeh
8e0aefd321 Merge pull request #8725 from AlexLanzano/no-malloc-support 
Add support for no malloc with `wc_CheckCertSigPubKey`
 2025-05-09 14:23:47 -06:00
David Garske
68b83bfa14 Merge pull request #8711 from JacobBarthelmeh/coverity 
fix for sanity check on --group with unit test app and null sanity check with des decrypt
 2025-05-09 11:41:53 -07:00
Sean Parkinson
9d1bf83a43 Merge pull request #8736 from JacobBarthelmeh/build 
adjust default build with curve25519
 2025-05-09 20:24:53 +10:00
JacobBarthelmeh
6f1fe2e4b9 add sanity check on des cbc decrypt, CID 512990 2025-05-08 13:50:02 -06:00
JacobBarthelmeh
ae4a4236cc fix for index value with curve25519 2025-05-08 13:42:02 -06:00
JacobBarthelmeh
3f9fe491cc adjust C# test and set rng with hpke case 2025-05-07 14:33:15 -06:00
David Garske
72bff7d01e Lint and overlong. 2025-05-07 12:06:11 -07:00
David Garske
760178c7dc Improvements to no malloc support in ConfirmSignature for async and non-blocking. Refactor DSA ASN.1 decode in ConfirmSignature. Cleanup indent in types.h. Move struct CertSignCtx to types.h. Move WC_ENABLE_ASYM_KEY_IMPORT and WC_ENABLE_ASYM_KEY_EXPORT to settings.h. 2025-05-07 12:06:09 -07:00
Alex Lanzano
bc6b5598c5 Add NO_MALLOC support for wc_CheckCertSigPugKey 2025-05-07 12:04:38 -07:00
David Garske
1e3718ea7b Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
JacobBarthelmeh
cbc4cba263 set rng when making a curve25519 key and cast type after shift 2025-05-07 11:45:55 -06:00
JacobBarthelmeh
eae4005884 Merge pull request #8717 from dgarske/renesas_rx_api 
Make wc_tsip_* API's public
 2025-05-07 09:29:05 -06:00
Sean Parkinson
5e5f486a4c Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson
4b73e70515 Merge pull request #8706 from dgarske/win_crypt_rng 
New build option to allow reuse of the windows crypt provider handle …
 2025-05-07 20:55:07 +10:00
Sean Parkinson
112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
Sean Parkinson
d100898e92 Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix 
wc_HKDF_Expand_ex: correctly advance the index
 2025-05-07 08:23:33 +10:00
David Garske
05a3557b2b Merge pull request #8703 from lealem47/zd19592 
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
 2025-05-06 14:42:19 -07:00
David Garske
d04ab3757e New build option WIN_REUSE_CRYPT_HANDLE to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after WC_RESEED_INTERVAL. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing hpke.c to wolfssl VS project. 2025-05-06 14:38:02 -07:00
Juliusz Sosinowicz
d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index 2025-05-06 13:47:54 +02:00
Sean Parkinson
428915e492 Merge pull request #8719 from philljj/coverity_april_2025 
Fix coverity warnings
 2025-05-06 10:11:27 +10:00
Sean Parkinson
dfec168402 Merge pull request #8721 from philljj/coverity_misc 
Coverity misc
 2025-05-06 10:04:53 +10:00
David Garske
c2f1563144 Merge pull request #8726 from kareem-wolfssl/zd19786 
Pass in correct hash type to wolfSSL_RSA_verify_ex.
 2025-05-05 15:38:41 -07:00
David Garske
751dcdf3df Improve the hash wait logic by separating the data input ready from the digest calculation complete. 2025-05-05 14:36:36 -07:00
David Garske
0f4ce03c28 Fixes for NO_AES_192 and NO_AES_256. Added CI test. Fixed bad BUILD_ logic for ADH-AES256-GCM-SHA384. 2025-05-05 14:36:36 -07:00
David Garske
e487685d7d Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads. 2025-05-05 14:36:36 -07:00
David Garske
3d4e89c2ca Make wc_tsip_* API's public. 2025-05-05 14:02:05 -07:00
Kareem
aad15b27a2 Pass in correct hash type to wolfSSL_RSA_verify_ex. 2025-05-05 11:58:26 -07:00
jordan
efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
jordan
baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00
Sean Parkinson
3acf3ef3c5 RISC-V 64-bit: fix raw hash when using crypto instructions 
./configure CC=riscv64-linux-gnu-gcc --host=riscv64 --disable-shared LDFLAGS=--static --enable-riscv-asm=zvkned
Digest state is not always stored in a way that can be directly copied out.
 2025-05-03 08:42:17 +10:00
Daniel Pouzzner
4450167ab0 Merge pull request #8707 from philljj/register_dh 
linuxkm: register dh and ffdhe.
 2025-04-28 23:00:17 -05:00
jordan
f6f3b0a1ee linuxkm: register dh and ffdhe. 2025-04-25 21:21:26 -05:00
David Garske
3a1178f71c Fix for STM32 Hash with NVIC (IRQ) enabled that can cause a DINIS interrupt that does not get cleared. If the HASH NVIC tab has Interrupts enabled it can cause an IRQ to be triggered that is not cleared. This is because the wolfSSL implementation of STM32 Hash does not call the HAL HASH API's and does not use interrupts yet. ZD 19778 2025-04-23 13:55:57 -07:00
JacobBarthelmeh
c22505a71a Merge pull request #8700 from embhorn/rel_fixes_cs 
Fixes from CodeSonar report
 2025-04-23 11:36:15 -06:00
Lealem Amedie
5fe086b388 Skip PKCS8 header check in wc_CreatePKCS8Key with WOLFSSL_NO_ASN_STRICT 2025-04-22 16:58:04 -06:00
Daniel Pouzzner
d4fc8c3791 linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup; 
linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup;

linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds;

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager);

wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
 2025-04-22 16:44:07 -05:00
Eric Blankenhorn
66b9256f86 Fixes from CodeSonar report 2025-04-22 14:43:01 -05:00
Daniel Pouzzner
25cd009a42 Merge pull request #8695 from JacobBarthelmeh/coverity 
null derefernce sanity checks and control flow issue
 2025-04-22 11:37:51 -05:00
Daniel Pouzzner
9e5c064d5d Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse 
Add wc_PKCS12_parse_ex() to keep PKCS8 header
 2025-04-19 01:57:21 -05:00
Daniel Pouzzner
543ba268a4 Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix 
wolfSSL_EVP_PKEY_cmp: only compare the public keys
 2025-04-19 01:51:49 -05:00
JacobBarthelmeh
69a4607f84 null sanity check on arguments in wc_HpkeContextComputeNonce, CID 515543 2025-04-18 16:47:36 -06:00
Daniel Pouzzner
8c0b931459 Merge pull request #8652 from kareem-wolfssl/zd19563_2 
Add some FPKI test OIDs which are currently being used in DoD JITC certificates.
 2025-04-18 14:04:29 -05:00
Koji Takeda
039ff1b460 Add wc_PKCS12_parse_ex() 2025-04-18 06:39:16 +09:00
Kareem
645da33176 Fix unused function warning for wc_AesDecrypt when building with STM32. 
This function is not needed for AES-CCM, as the AES-CCM decrypt function only calls wc_AesEncrypt.
 2025-04-17 14:33:44 -07:00
Kareem
038eab61d0 Add additional FPKI test OIDs. 2025-04-17 11:29:36 -07:00