wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 15:42:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
26,625 Commits 12 Branches 184 Tags
f1faefed914e113db26a7a9bd96807b34a04afbb
Commit Graph

26625 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
night1rider
f1faefed91 Added callbacks for copy and free to SHA, 224, 384, 512, and SHA3. Also split macros for FREE and COPY Callbacks, and add configure.ac option. 2025-10-20 11:09:35 -06:00
night1rider
0dca3bc24d Setup to be opt-in for copy callback, and also added a outline for a free callback 2025-10-20 10:07:24 -06:00
night1rider
4d6418f31a Add crypto callback support for copy operations (SHA-256) 2025-10-20 10:06:30 -06:00
David Garske
7fa53c8c71 Merge pull request #9289 from philljj/cmac_kdf 
cmac kdf: add NIST SP 800-108, and NIST SP 800-56C two-step.
 2025-10-20 08:33:30 -07:00
jordan
525c212d1c cmac kdf: add NIST SP 800-108, and NIST SP 800-56C two-step. 2025-10-20 08:20:23 -05:00
philljj
aba9ee4015 Merge pull request #9319 from douzzer/20251018-linuxkm-gdwarf-4-g1 
20251018-linuxkm-gdwarf-4-g1
 2025-10-18 14:35:46 -05:00
Daniel Pouzzner
9881c95c46 linuxkm/Kbuild: refactor RENAME_PIE_TEXT_AND_DATA_SECTIONS to automatically derive the list of all ELF sections to rename, rather than enumerating them staticly in the objcopy recipe (motivated by changes expected in kernel 6.19). 2025-10-18 12:07:35 -05:00
Daniel Pouzzner
a36dd35e59 linuxkm: rename FIPS container segments from foo.wolfcrypt to foo_wolfcrypt to avoid getting rearranged by kernel scripts/module.lds klp/kpatch clauses expected in kernel 6.19. 2025-10-18 03:23:38 -05:00
Daniel Pouzzner
2bbc3a0ae2 wolfcrypt/test/test.c: fixes for --disable-sha256, --disable-hmac, --disable-rng, and FIPS gating on RSA-PSS. 2025-10-18 02:05:55 -05:00
Daniel Pouzzner
08f5c3e8b9 configure.ac: in linuxkm setup, use -g1 explicitly unless --enable-debug, whereupon use -g3. also, add -gdwarf-4 to AM_CCASFLAGS. 2025-10-18 01:56:48 -05:00
philljj
c091c8b7ba Merge pull request #9318 from douzzer/20251017-linuxkm-signal-handling-tweaks 
20251017-linuxkm-signal-handling-tweaks
 2025-10-17 21:17:20 -05:00
Daniel Pouzzner
69f236be0a linuxkm/linuxkm_wc_port.h: suppress -Wformat-nonliteral while including kernel headers (needed for kernel <=4.9). 2025-10-17 19:31:17 -05:00
Daniel Pouzzner
6a0be6a7f7 configure.ac: remove -g0 from, and always add -DHAVE_REPRODUCIBLE_BUILD to, reproducible-build AM_CFLAGS, and always add -gdwarf-4 to AM_CFLAGS when ENABLED_LINUXKM; 
.github/workflows/linuxkm.yml: restore as-was, but change from oldconfig to olddefconfig.
 2025-10-17 18:24:32 -05:00
Daniel Pouzzner
d2f819a2f6 linuxkm/module_hooks.c and linuxkm/lkcapi_glue.c: check retval from WC_SIG_IGNORE_BEGIN(). 2025-10-17 18:23:25 -05:00
David Garske
d475985062 Merge pull request #9306 from holtrop/rust-wc-dh 
Rust wrapper: add wolfssl::wolfcrypt::dh module
 2025-10-17 15:41:58 -07:00
Daniel Pouzzner
e142a9629f linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c: tweak gating for verifyCore and my_kallsyms_lookup_name, and use the latter to reach verifyCore on old FIPS. also tweak the In-core integrity hash check failure." message to supply module-update-fips-hash instructions. 2025-10-17 17:12:37 -05:00
Daniel Pouzzner
354c576c96 .github/workflows/linuxkm.yml: comment out --enable-linuxkm-pie config, pending resolution of "dwarf_get_units failed" on Azure kernel 6.14 image. 2025-10-17 15:00:04 -05:00
Daniel Pouzzner
7a43732daa linuxkm/linuxkm_wc_port.h, wolfssl/wolfcrypt/types.h, linuxkm/module_hooks.c, linuxkm/lkcapi_glue.c: 
* add WC_SIG_IGNORE_BEGIN(), WC_SIG_IGNORE_END(), wc_linuxkm_sig_ignore_begin(), wc_linuxkm_sig_ignore_end();
* move WC_CHECK_FOR_INTR_SIGNALS() and WC_RELAX_LONG_LOOP() definitions outside the BUILDING_WOLFSSL gate;
* refactor linuxkm_lkcapi_registering_now as a wolfSSL_Atomic_Int and use it as a mutex for linuxkm_lkcapi_register() and linuxkm_lkcapi_unregister();
* add WC_SIG_IGNORE_BEGIN()...WC_SIG_IGNORE_END() wrappers around all relevant critical spans in linuxkm glue.
 2025-10-17 14:58:21 -05:00
Josh Holtrop
4faa21a74a Rust wrapper: Fix DH::FFDHE_* constant values 2025-10-17 14:46:15 -04:00
Josh Holtrop
8e7f77db76 Rust wrapper: add wolfssl::wolfcrypt::dh module 2025-10-17 14:46:15 -04:00
lealem47
5280bfb89a Merge pull request #9297 from douzzer/20251011-more-fips-optest-tweaks 
20251011-more-fips-optest-tweaks
 2025-10-17 12:44:25 -06:00
David Garske
f492abfe9e Merge pull request #9314 from SparkiDev/silabs_no_hash_raw 
SHA-2: No hash raw
 2025-10-17 10:19:01 -07:00
Daniel Pouzzner
9cf08afbbb fixes for --disable-tls. 2025-10-16 18:50:06 -05:00
Daniel Pouzzner
f508b44f0f configure.ac: in setup for cryptonly, don't set enable_tls13=no or enable_tlsv12=no -- they're needed for crypto-layer KDFs. 2025-10-16 18:50:06 -05:00
Daniel Pouzzner
b924e9a905 linuxkm/module_hooks.c: add sanity check for compiled-in verifyCore, and fix linuxkm_op_test_1() call to use argc==3 arg list. 2025-10-16 18:50:06 -05:00
Daniel Pouzzner
5ee42402ae wolfssl/wolfcrypt/types.h: fix whitespace around WC_SAFE_SUM_*(). 2025-10-16 18:50:06 -05:00
Daniel Pouzzner
6fb547a1ae linuxkm/module_hooks.c: purge fipsMode override (fipsEntry() takes care of this), and add explicit fipsCastStatus[] reset code. 2025-10-16 18:50:06 -05:00
Daniel Pouzzner
e8d9f91868 linuxkm/module_hooks.c and linuxkm/linuxkm_wc_port.h: finish implementation of 
FIPS_OPTEST glue code, including /sys/module/libwolfssl/FIPS_optest_run_code
(FIPS_optest_trig_handler(), plus my_kallsyms_lookup_name() helper).
 2025-10-16 18:50:05 -05:00
Daniel Pouzzner
581e86c178 wolfcrypt/test/test.c: fix error-path uninitialized access defect in ecc_test_buffers(). 2025-10-16 18:50:05 -05:00
Zackery
0d588b446c Merge pull request #9313 from douzzer/20251016-Wnull-dereference 
20251016-Wnull-dereference
 2025-10-16 17:47:23 -06:00
Sean Parkinson
d0909991fb SHA-2: No hash raw 
Implementation of FinalRaw for SE050 was not usable - TLS_hmac did not
produce valid results.
Removed implementations and defining WOLFSSL_NO_HASH_RAW to compile to
not require FinalRaw APIs.
 2025-10-17 07:46:50 +10:00
Daniel Pouzzner
0c4feb0aa6 wolfcrypt/src/asn.c: revert earlier changes in EncodeName(), and add local S390-specific pragma to inhibit false-positive -Wnull-dereference. 2025-10-16 16:10:54 -05:00
Daniel Pouzzner
d6aa157187 fixes for OPENSSL_COEXIST covering OPENSSL_COMPATIBLE_DEFAULTS and WOLFSSL_WPAS: 
* src/ssl.c:wolfSSL_CTX_new_ex()
* src/x509.c:wolfSSL_X509_PUBKEY_set()
 2025-10-16 15:10:16 -05:00
Daniel Pouzzner
6ee660841b fixes/workarounds for -Wnull-dereferences, some true positive, some false 
positive:
* src/pk.c:wolfSSL_RSA_meth_new()
* tests/api.c:test_wolfSSL_PKCS7_certs()
* tests/api.c:test_wolfSSL_X509V3_EXT_get()
* wolfcrypt/src/asn.c:EncodeName()
* wolfcrypt/src/pkcs12.c:wc_i2d_PKCS12()
* wolfcrypt/src/port/af_alg/afalg_aes.c
 2025-10-16 15:10:16 -05:00
David Garske
0727bae09e Merge pull request #9310 from SparkiDev/lms_cast_16bit 
LMS: Cast constants before shifting left
 2025-10-16 12:16:05 -07:00
David Garske
a22d239bfd Merge pull request #9301 from effbiae/set_srp_username 
refactor wolfSSL_CTX_set_srp_username
 2025-10-16 11:32:24 -07:00
David Garske
d88ab84b9f Merge pull request #9311 from SparkiDev/regression_fixes_19 
Regression testing
 2025-10-16 10:56:27 -07:00
Daniel Pouzzner
058686b829 Merge pull request #9305 from dgarske/bench_rsapub 
Fix for benchmark with key gen and "out" not being allocated
 2025-10-16 12:23:23 -05:00
Sean Parkinson
c111c5bacc Regression testing 
x509.c: realloc may fail and therefore need to store result in a
temporary so the old pointer is not lost.

tls.c: free the name if it is not pushed on to the stack of peer CA
names. Failure to push can be from memory allocation failure.

aes.c: Don't compile XTS decrypt functions without HAVE_AES_DECRYPT.

Fix tests to have better pre-processor protection.
 2025-10-16 12:13:32 +10:00
Sean Parkinson
36c953dd8f LMS: Cast constants before shifting left 
Compiling for 16-bit results in some constants type being too small for
shift amount without cast.
 2025-10-16 09:24:48 +10:00
lealem47
832e23a5f7 Merge pull request #9307 from douzzer/20251015-linuxkm-fixes 
20251015-linuxkm-fixes
 2025-10-15 16:26:00 -06:00
Daniel Pouzzner
3746164d60 linuxkm/linuxkm_wc_port.h: don't include wolfssl/wolfcrypt/memory.h (unneeded and out of order). 2025-10-15 17:06:31 -05:00
Zackery
790808b172 Merge pull request #9303 from dgarske/silabs_series2 
Support for detecting SILABS ERF32 Series 2 ECDSA support for P384/P521
 2025-10-15 12:46:44 -06:00
David Garske
0c4f5879d8 Fix for benchmark with key gen and "out" not being allocated because of typo between WOLFSSL_RSA_VERIFY_INLINE and WOLFSSL_RSA_VERIFY_ONLY. 
Reproduced with: `./configure --enable-keygen CFLAGS="-DWOLFSSL_RSA_VERIFY_INLINE" --disable-examples && make && ./wolfcrypt/benchmark/benchmark -rsa`
 2025-10-15 11:25:49 -07:00
Daniel Pouzzner
250e19a682 Merge pull request #9299 from dgarske/bench_rsasz 
Fix for improper sizing on `bench_rsa_helper`
 2025-10-15 11:55:48 -05:00
Eric Blankenhorn
f9b666dd8a Merge pull request #9298 from douzzer/20251014-WC_SAFE_SUM 
20251014-WC_SAFE_SUM
 2025-10-15 11:44:04 -05:00
David Garske
53bbf7f2d7 Merge pull request #9302 from effbiae/wc_FreeRng 
wc_FreeRng called multiple times in wolfSSL_CTX_set_srp_password
 2025-10-15 08:48:17 -07:00
David Garske
91bf738025 Support for detecting SILABS ERF32 Series 2 ECDSA support for P384/P521 2025-10-15 08:33:37 -07:00
effbiae
1de2ad48bd wc_FreeRng called multiple times in wolfSSL_CTX_set_srp_password 2025-10-15 17:43:53 +11:00
effbiae
cadea76e43 refactor wolfSSL_CTX_set_srp_username 2025-10-15 17:15:07 +11:00