wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 22:02:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,284 Commits 12 Branches 184 Tags
ec92f76decbda6d79489bd2da357a688aa1f708f
Commit Graph

9959 Commits

Author SHA1 Message Date
Kareem
ec92f76dec Fix tests when building with PEM support disabled by using DER certs/keys. 2025-09-12 16:11:07 -07:00
Sean Parkinson
dc421a0d4c Merge pull request #9164 from dgarske/keytoder 
Add support for enabling RSA private key to DER without keygen
 2025-09-12 10:36:34 +10:00
David Garske
3e63bc68d4 Add support for enabling RSA private key to DER without keygen. ( new macro WOLFSSL_KEY_TO_DER) 2025-09-11 10:29:31 -07:00
David Garske
c397a27897 Appease IAR compiler possible use of uninitialized variables 2025-09-11 10:27:01 -07:00
David Garske
88586a5a47 Fix for ST-Safe issue with ECC signature R/S parsing needing leading zero pad (ZD 20504) 2025-09-11 10:27:01 -07:00
David Garske
b3aa39ddad Merge pull request #9138 from JacobBarthelmeh/sgx 
update for SGX CPU ID to follow atomics refactor
 2025-09-09 12:18:51 -07:00
Kareem
8e7bcfc5c2 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd20378 2025-09-04 10:16:53 -07:00
Daniel Pouzzner
ee2e63444d wolfcrypt/src/sha512.c: don't remap ByteReverseWords64(), remove ByteReverseWords64_1() inline asm macro, and refactor Sha512FinalRaw() and wc_Sha384FinalRaw() to write directly to the output buffer when possible. 2025-09-03 22:16:15 -05:00
Kareem
37fc63ca39 Allow the keyCertSign bit to be asserted specifically for self-signed CAs. 2025-09-03 11:43:15 -07:00
Ruby Martin
4d5e1d0dfe move pathLegthSet assignment 2025-09-02 10:09:11 -06:00
Daniel Pouzzner
8ed1ce6a8b wolfcrypt/src/wc_mlkem_asm.S: in _mlkem_decompress_5_avx2, use movzwq, not movzxw, for portability. 2025-08-29 14:42:48 -05:00
effbiae
44c403f4c7 replace (f)printf with WOLFSSL_DEBUG_PRINTF 2025-08-29 12:34:22 +10:00
Sean Parkinson
0224ef3d2e Merge pull request #9146 from rlm2002/gh9128_MEM_ZERO 
ForceZero change for WOLFSSL_CHECK_MEM_ZERO
 2025-08-28 22:37:55 +10:00
JacobBarthelmeh
ccf8eebc5f update for cpuid atomic refactor 2025-08-27 16:44:46 -06:00
Ruby Martin
11942e774c do not abort MEM_ZERO check if TEST_ALWAYS_RUN_TO_END is defined 2025-08-27 15:04:49 -06:00
Ruby Martin
1ad8b2897a Force zero with bufferSize instead of length. add void prototype to definitions 2025-08-27 14:56:51 -06:00
David Garske
dac80aad58 Merge pull request #9142 from SparkiDev/mlkem_dec5_oor_fix 
ML-KEM/Kyber: fix out of bouds read
 2025-08-27 07:05:29 -07:00
Sean Parkinson
4ff6f5f10c ML-KEM/Kyber: fix out of bouds read 
Decompose 5-bit values: Don't read 15 bytes when only have 10 bytes
available.
 2025-08-27 14:49:24 +10:00
gojimmypi
797c1d00ac Fix workflow for latest ESP-IDF for espressif examples 2025-08-26 14:38:23 -07:00
David Garske
6ae0ecc5f3 Merge pull request #9133 from AlexLanzano/log-fix 
Fix value comparison typo in if statement
 2025-08-25 14:09:20 -07:00
JacobBarthelmeh
e0913c47ef Merge pull request #9039 from tamasan238/for-pr-1 
Add _new/_delete API for ML-KEM/ML-DSA
 2025-08-25 14:47:07 -06:00
Alex Lanzano
8207053636 Fix value comparison typo in if statement 2025-08-25 13:56:35 -04:00
Daniel Pouzzner
e0383b496a linuxkm/module_hooks.c: implement wc_linuxkm_GenerateSeed_IntelRD, gated on WC_LINUXKM_RDSEED_IN_GLUE_LAYER; 
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();

linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;

wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;

wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
 2025-08-22 21:58:00 -05:00
David Garske
7ab4c6fa14 Merge pull request #9087 from JacobBarthelmeh/dhuk 
initial SAES and DHUK support
 2025-08-21 14:32:20 -07:00
David Garske
da8ffd5762 Merge pull request #8463 from JacobBarthelmeh/sgx 
updating the build with SGX
 2025-08-21 11:06:35 -07:00
JacobBarthelmeh
42c5324962 SAES does not have GCM support, added IV option for CBC wrapping of key 2025-08-21 09:26:40 -06:00
JacobBarthelmeh
658c3d69fb use memset, fix unlock, adjust return value checks 2025-08-20 13:53:27 -06:00
Josh Holtrop
d2f139c9b0 Error from GetShortInt with negative INTEGER values - Add WORD8 case 2025-08-20 09:34:19 -04:00
JacobBarthelmeh
23498c293e cpuid dummy call with sgx and fix assembly SP + SGX build 2025-08-19 14:32:33 -06:00
JacobBarthelmeh
59ac260ae8 add option for building sgx with assembly optimizations 2025-08-19 14:32:33 -06:00
Josh Holtrop
98b6b92a76 Error from GetShortInt with negative INTEGER values 2025-08-19 12:40:48 -04:00
JacobBarthelmeh
fb6375551b updating unwrap/wrap with use of DHUK 2025-08-18 13:38:26 -06:00
Sean Parkinson
43f94a5d7d Merge pull request #9107 from douzzer/20250816-cpuid_get_flags_ex-optimize 
20250816-cpuid_get_flags_ex-optimize
 2025-08-18 22:13:44 +10:00
Sean Parkinson
0ba16a9c5b Merge pull request #9104 from kojiws/export_long_key_orig_asn 
Improve original implementation on SetAsymKeyDer() and the test
 2025-08-18 22:11:25 +10:00
Daniel Pouzzner
39c6c5af6f wolfcrypt/src/cpuid.c, wolfssl/wolfcrypt/cpuid.h: change cpuid_flags_t to a 
regular word32, and use non-atomics for general flag checking, with a new
  implementation of cpuid_get_flags_ex() that is threadsafe by idempotency;

rename strictly-threadsafe cpuid_get_flags_ex() as cpuid_get_flags_atomic()
  (strictly accurate return value), and add cpuid_flags_atomic_t and
  WC_CPUID_ATOMIC_INITIALIZER, used only for internal manipulation of flags in
  cpuid.c where atomicity matters.
 2025-08-16 13:04:28 -05:00
Daniel Pouzzner
10a05ad839 wolfcrypt/src/dilithium.c: fix dilithium_expand_s() to fall through to dilithium_expand_s_c() for s1Len not implemented for USE_INTEL_SPEEDUP. 2025-08-15 09:48:55 -05:00
Juliusz Sosinowicz
ffe3d80f8d Merge pull request #9097 from douzzer/20250812-atomic-cmpxchg 
20250812-atomic-cmpxchg
 2025-08-15 01:14:45 +02:00
Sean Parkinson
228ede7495 Merge pull request #9102 from rlm2002/zd20212 
Remove dead code and check return values.
 2025-08-15 08:21:38 +10:00
Koji Takeda
0a9356e645 Improve original implementation on SetAsymKeyDer() and the test 2025-08-15 00:04:01 +09:00
Daniel Pouzzner
cefeb4cd7e atomics/cpuid_flags fixes from peer review: 
wolfcrypt/src/cpuid.c: cpuid_set_flag() and cpuid_clear_flag() thread safety;

wolfcrypt/src/wc_port.c: comments re __ATOMIC_SEQ_CST and __ATOMIC_ACQUIRE;

wolfssl/wolfcrypt/wc_port.h: single overrideable definitions for WOLFSSL_ATOMIC_COERCE_[U]INT(), and comment cleanup.

also added WOLFSSL_USER_DEFINED_ATOMICS.
 2025-08-14 09:33:14 -05:00
Daniel Pouzzner
bd4e723f9d add cpuid_flags_t, WC_CPUID_INITIALIZER, and cpuid_get_flags_ex(); 
refactor all static flag initializations to use cpuid_get_flags_ex() for race-free dynamics;

refactor cpuid_set_flags() to be race-free;

wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: add
* WOLFSSL_ATOMIC_COERCE_INT()
* WOLFSSL_ATOMIC_COERCE_UINT()
* wolfSSL_Atomic_Uint
* wolfSSL_Atomic_Uint_Init()
* wolfSSL_Atomic_Int_AddFetch()
* wolfSSL_Atomic_Int_SubFetch()
* wolfSSL_Atomic_Int_CompareExchange()
* wolfSSL_Atomic_Uint_FetchAdd()
* wolfSSL_Atomic_Uint_FetchSub()
* wolfSSL_Atomic_Uint_AddFetch()
* wolfSSL_Atomic_Uint_SubFetch()
* wolfSSL_Atomic_Uint_CompareExchange()

wolfcrypt/test/test.c: add to memory_test() tests for all atomic macros and APIs;

.github/workflows/pq-all.yml: don't use -Wpedantic for CC=c++ scenario.
 2025-08-14 08:44:28 -05:00
Sean Parkinson
a1dd7dae6f Merge pull request #9095 from miyazakh/add_sha512_typeproperty 
Add hashtype property to wc_Sha512 structure
 2025-08-14 21:43:06 +10:00
Sean Parkinson
102525c9c9 Merge pull request #9100 from dgarske/cryptocb_only 
Improve some of the build cases around crypto callback only
 2025-08-14 21:41:26 +10:00
Sean Parkinson
034df3d28f Merge pull request #9101 from dgarske/asm_introspection 
Add assembly introspection for RISC-V and PPC32
 2025-08-14 21:38:42 +10:00
Daniel Pouzzner
7fe890d5e7 wolfcrypt/src/coding.c: clean up comment in Base64_Decode(), per peer review. 2025-08-13 18:00:36 -05:00
Daniel Pouzzner
344db9d7f7 wolfcrypt/src/coding.c: in Base64_Decode_nonCT() and Base64_Decode(), remove overly restrictive preamble check on outLen; return BUFFER_E, not BAD_FUNC_ARG, when output buffer is too short (similarly fixed in Base16_Decode()); 
wolfcrypt/test/test.c: add N_BYTE_TEST() and test vectors to test all input and output length scenarios.
 2025-08-13 17:43:33 -05:00
Ruby Martin
dc18f404ca remove dead code in fe_operations.c 2025-08-13 16:34:14 -06:00
Ruby Martin
71c2878780 verify previously unchecked return values 2025-08-13 16:28:36 -06:00
David Garske
53c36f8529 Add assembly introspection for RISC-V and PPC32. 2025-08-13 22:30:15 +01:00
David Garske
d79ca8a746 Improve some of the build cases around crypto callback only 2025-08-13 21:58:53 +01:00