wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 21:12:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,679 Commits 12 Branches 184 Tags
ea9f044bcc6f5ccb9dbfc8b2d95a759ec1c52974
Commit Graph

9340 Commits

Author SHA1 Message Date
JacobBarthelmeh
ea9f044bcc spelling fixes and return value fix 2025-02-28 14:34:51 -07:00
JacobBarthelmeh
638d9961d2 passing the rest of the PKCS7 unit tests 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
7c6cd1deea passing a unit test 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
1e254c014d application decryption successful 2025-02-28 14:23:24 -07:00
JacobBarthelmeh
b1b1c15b35 add content stream output callback for VerifySignedData function 2025-02-28 14:23:24 -07:00
Sean Parkinson
4f8a39cbcf Merge pull request #8498 from rizlik/ocsp_fixes 
OCSP openssl compat fixes
 2025-02-28 13:42:50 +10:00
Daniel Pouzzner
f7ddc49487 linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug). 
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().

tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).

move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.

add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().

optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
 2025-02-26 20:55:56 -06:00
Sean Parkinson
0a6a8516f9 Merge pull request #8488 from dgarske/stm32h7s 
Support for STM32H7S (tested on NUCLEO-H7S3L8)
 2025-02-27 10:34:41 +10:00
Sean Parkinson
a0d6afbb04 Merge pull request #8505 from jmalak/ow-fixes 
various fixes for Open Watcom build
 2025-02-27 10:31:19 +10:00
Daniel Pouzzner
183d9b44d1 Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN 
Disable XTS-384 as an allowed use in FIPS mode
 2025-02-26 18:24:12 -06:00
Sean Parkinson
99f25c6399 Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various 
Various fixes and improvements
 2025-02-27 09:40:06 +10:00
David Garske
92ed003a58 Merge pull request #8502 from SparkiDev/pkcs_pad 
PKCS Pad: public API to do PKCS padding
 2025-02-26 15:17:50 -08:00
Sean Parkinson
f204ac8363 PKCS Pad: public API to do PKCS padding 
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
 2025-02-27 08:28:53 +10:00
David Garske
557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"). 2025-02-26 14:00:48 -08:00
kaleb-himes
738462a6f0 Remove redundent gates 2025-02-26 12:03:25 -07:00
kaleb-himes
b8a383469a Disable 192-bit tests in FIPS mode 2025-02-26 11:09:31 -07:00
kaleb-himes
9063093993 Disable XTS-384 as an allowed use in FIPS mode 2025-02-26 07:38:45 -07:00
Tobias Frauenschläger
3d4ec1464b Minor Dilithium fix 
Fix compilation in case caching is enabled.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
af4017132d LMS fixes 
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
9db5499dbd Update CryptoCb API for Dilithium final standard 
Add context and preHash metadata.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
be6888c589 Fixes for Dilithium in TLS handshake 
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Jiri Malak
17a0081261 correct line length to be shorter then 80 characters 2025-02-26 08:02:43 +01:00
Sean Parkinson
9e9efeda28 ARM ASM: available for SHA-384 only too 
Add HAVE_SHA384 to check for whether assembly code is available.
 2025-02-26 16:10:21 +10:00
Jiri Malak
ddfbbc68ac various fixes for Open Watcom build 
- fix build for OS/2
- fix build for Open Watcom 1.9
 2025-02-25 22:52:36 +01:00
David Garske
3557cc764a Merge pull request #8501 from SparkiDev/digest_test_rework 
Digest testing: improve
 2025-02-25 13:03:48 -08:00
Marco Oliverio
dfc5e61508 asn: ocsp: refactor out CERT ID decoding 
It will be reused in d2i_CERT_ID
 2025-02-25 20:20:34 +00:00
David Garske
4eda5e1f7f Merge pull request #8491 from jmalak/winsock-guard 
correct comment for _WINSOCKAPI_ macro manipulation
 2025-02-25 09:51:23 -08:00
Marco Oliverio
c24b7d1041 ocsp: use SHA-256 for responder name if no-sha 2025-02-25 15:42:27 +00:00
Marco Oliverio
8b80cb10d6 ocsp: responderID.ByKey is SHA-1 Digest len 
Check that responderID.ByKey is exactly WC_SHA_DIGEST_SIZE as per RFC
6960. KEYID_SIZE can change across build configuration.
 2025-02-25 15:42:22 +00:00
Reda Chouk
9178c53f79 Fix: Address and clean up code conversion in various files. 2025-02-25 11:17:58 +01:00
Sean Parkinson
6016cc0c97 Digest testing: improve 
Make testing digests consistent.
Add KATs for all digests.
Check unaligned input and output works.
Perform chunking tests for all digests.

Fix Blake2b and Blake2s to checkout parameters in update and final
functions.
Fix Shake256 and Shake128 to checkout parameters in absorb and squeeze
blocks functions.

Add default digest size enums for Blake2b and Blake2s.
 2025-02-25 19:07:20 +10:00
Daniel Pouzzner
0116ab6ca2 Merge pull request #8484 from jmalak/offsetof 
Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
 2025-02-23 14:45:43 -06:00
Jiri Malak
d066e6b9a5 correct comment for _WINSOCKAPI_ macro manipulation 
The issue is with MINGW winsock2.h header file which is not compatible
with Miscrosoft version and handle _WINSOCKAPI_ macro differently
 2025-02-23 11:15:38 +01:00
Jiri Malak
1d1ab2d9ff Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name 
There are the following reasons for this
- it conflicts with the OFFSETOF macro in the OS/2 header (Open Watcom)
- it is compiler-specific and should use the C standard offsetof definition in the header file stddef.h
- it is more transparent unique name
 2025-02-22 09:44:54 +01:00
David Garske
29c3ffb5ee Merge pull request #8435 from JacobBarthelmeh/formatting 
add else case to match with other statements
 2025-02-21 17:21:10 -08:00
JacobBarthelmeh
8ae122584c Merge pull request #8482 from douzzer/20250220-misc-UnalignedWord64 
20250220-misc-UnalignedWord64
 2025-02-20 17:26:44 -07:00
Daniel Pouzzner
a05436066d wolfcrypt/test/test.c: fix return values in camellia_test() (also fixes some false positive -Wreturn-stack-addresses from clang++). 2025-02-20 16:50:24 -06:00
Daniel Pouzzner
41b4ac5599 misc.c: undo changes in 82b50f19c6 "when Intel x64 build, assume able to read/write unaligned" -- provokes sanitizer on amd64, and is not portable (e.g. different behavior on Intel vs AMD). all performance-sensitive word64 reads/writes should be on known-aligned data. 2025-02-20 15:00:22 -06:00
Sean Parkinson
e90e3aa7c6 Intel AVX1/SSE2 ASM: no ymm/zmm regs no vzeroupper 
vzeroupper instruction not needed to be invoked unless ymm or zmm
registers are used.
 2025-02-20 22:35:20 +10:00
Sean Parkinson
82b50f19c6 ML-KEM/Kyber: improvements 
ML-KEM/Kyber:
  MakeKey call generate random once only for all data.
  Allow MakeKey/Encapsulate/Decapsulate to be compiled separately.
  Pull out public key decoding common to public and private key decode.
Put references to FIPS 140-3 into code. Rename variables to match FIPS
140-3.
  Fix InvNTT assembly code for x64 - more reductions.
  Split out ML-KEM/Kyber tests from api.c.

TLSX:
Store the object instead of the private key when WOLFSSL_MLKEM_CACHE_A
is defined or WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ. Faster decapsulation
when A is cached and object stored.
To store private key as normal define
WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY.

misc.c: when Intel x64 build, assume able to read/write unaligned
 2025-02-20 08:14:15 +10:00
David Garske
268326d875 Merge pull request #8408 from rizlik/ocsp-resp-refactor 
OpenSSL Compat Layer: OCSP response improvments
 2025-02-19 11:20:12 -08:00
Daniel Pouzzner
597b839217 Merge pull request #8468 from jmalak/fix-test-c89 
correct test source file to follow C89 standard
 2025-02-19 11:23:48 -06:00
JacobBarthelmeh
373a7d462a Merge pull request #8472 from SparkiDev/ed25519_fix_tests 
Ed25519: fix tests to compile with feature defines
 2025-02-19 09:53:10 -07:00
Sean Parkinson
331a713271 Ed25519: fix tests to compile with feature defines 
ge_operations.c: USe WOLFSSL_NO_MALLOC rather than WOLFSSL_SP_NO_MALLOC.
 2025-02-19 17:41:03 +10:00
Jiri Malak
3c74be333e correct test source file to follow C89 standard 
for OpenSSL interface
 2025-02-18 22:12:11 +01:00
Daniel Pouzzner
258afa5493 wolfcrypt/src/pkcs7.c: in PKCS7_EncodeSigned(), check for error from SetSerialNumber(). 2025-02-17 18:05:04 -06:00
JacobBarthelmeh
3e38bdcd2c Merge pull request #8450 from dgarske/stm32_pka_ecc521 
Fix for STM32 PKA ECC 521-bit support
 2025-02-17 08:27:45 -08:00
Marco Oliverio
a06a8b589c ocsp: minors 2025-02-17 08:59:29 +00:00
Marco Oliverio
c1c9af5cb6 minor: improve indentation of guards 2025-02-17 08:59:29 +00:00
Marco Oliverio
2c2eb2a285 ocsp: improve OCSP response signature validation 
- search for the signer in the CertificateManager if the embedded cert
  verification fails in original asn template.
 2025-02-17 08:59:29 +00:00