JacobBarthelmeh
fbaabbe2e9
Merge pull request #8230 from douzzer/20241126-FIPS-OPENSSL_COEXIST
...
20241126-FIPS-OPENSSL_COEXIST
2024-11-27 11:33:06 -07:00
Juliusz Sosinowicz
e9a4f7de5f
Merge pull request #8226 from ColtonWilley/x509_store_fix_get_objects
...
Fix wolfSSL_X509_STORE_get0_objects to handle no CA
2024-11-27 10:29:06 +01:00
Daniel Pouzzner
b65d3fff56
fixes for OPENSSL_COEXIST with FIPS and with/without TEST_OPENSSL_COEXIST.
2024-11-26 19:38:32 -06:00
JacobBarthelmeh
5e13fc2c84
Merge pull request #7410 from SparkiDev/sp_arm_big_endian
...
SP: big-endian support
2024-11-26 17:05:53 -07:00
JacobBarthelmeh
d620e937f0
Merge pull request #8229 from bigbrett/pqc-macro-protection-quickfix
...
PQC macro protection quickfixes
2024-11-26 17:02:17 -07:00
András Fekete
e7d801e8d0
Merge pull request #8228 from douzzer/20241126-WC_NO_COMPAT_AES_BLOCK_SIZE
...
20241126-WC_NO_COMPAT_AES_BLOCK_SIZE
2024-11-26 15:48:41 -05:00
JacobBarthelmeh
70d595478c
Merge pull request #8227 from douzzer/20241125-linuxkm-aarch64-pie
...
20241125-linuxkm-aarch64-pie
2024-11-26 13:31:01 -07:00
Brett Nicholas
1283325f65
wolfhsm-mldsa-fixes
2024-11-26 12:26:01 -08:00
Daniel Pouzzner
c6df620f81
wolfssl/wolfcrypt/aes.h: #define WC_NO_COMPAT_AES_BLOCK_SIZE in OPENSSL_COEXIST builds. see comment in source code with usage instructions.
2024-11-26 13:09:39 -06:00
David Garske
29dc0f5d0b
Merge pull request #8223 from LinuxJedi/STM32MP1
...
Initial support for STM32MP13 HAL
2024-11-26 09:34:04 -08:00
Andrew Hutchings
5d0ee8c9f3
Initial support for STM32MP13 HAL
...
This adds support for the STM32MP13 HAL, tested on the STM32MP135F MPU.
Using the HAL this modifies our previous RNG, AES-CBC, AES-GCM, HASH,
ECDSA and DES3 ST HAL acceleration to work with the MPU. It also works
around bugs found in the AES-GCM code of the HAL.
The HAL does not appear to have support for MD5 HASH at the moment, so
this has been given a flag to disable it on this MPU.
2024-11-26 14:15:57 +00:00
Daniel Pouzzner
7dcec3e62f
linuxkm: work around aarch64 dependency on alt_cb_patch_nops for enable-linuxkm-pie (FIPS support).
2024-11-26 00:12:29 -06:00
JacobBarthelmeh
ea8c7c8322
Merge pull request #8214 from bandi13/fixDockerWarnings
...
Use proper capitalization
2024-11-25 16:43:24 -07:00
JacobBarthelmeh
02432990dc
Merge pull request #8210 from night1rider/devcrypto-authtag-error
...
/dev/crypto auth error fix/adjustment for benchmark
2024-11-25 16:42:58 -07:00
Colton Willey
5460ba815b
Fix wolfSSL_X509_STORE_get0_objects to handle case where no CA has been loaded
2024-11-25 14:51:29 -08:00
David Garske
71abfa3b15
Merge pull request #8216 from douzzer/20241122-opensslcoexist-expansion
...
20241122-opensslcoexist-expansion
2024-11-25 14:22:03 -08:00
night1rider
02e6ec0c86
devcrypto auth error fix/adjustment
2024-11-25 14:43:12 -07:00
Daniel Pouzzner
fc7ba562d7
Merge pull request #8215 from kaleb-himes/SRTP-KDF-SCRIPT
...
Add SRTP-KDF (v6.0.0) to checkout scipt
2024-11-25 13:07:05 -06:00
kaleb-himes
8fbff480d7
Pickup asm changes since 5.7.4 release
2024-11-25 10:58:04 -07:00
David Garske
40154e18ab
Merge pull request #8219 from gojimmypi/pr-arduino-5.7.4
...
Update Arduino files for wolfssl 5.7.4
2024-11-25 09:37:21 -08:00
gojimmypi
560d89ed44
Update Arduino files for wolfssl 5.7.4
2024-11-23 13:26:46 -08:00
Daniel Pouzzner
bfeb0ad48e
expand opensslcoexist to all low level crypto APIs.
2024-11-22 19:27:56 -06:00
kaleb-himes
6791d3f759
Add SRTP-KDF (v6.0.0) to checkout scipt
2024-11-22 14:01:24 -07:00
Andras Fekete
93f865f2d4
Use proper capitalization
2024-11-22 15:39:57 -05:00
JacobBarthelmeh
033a2a08e9
Merge pull request #8212 from bandi13/fixTestFailure
...
Fix Renesas test
2024-11-22 10:42:21 -07:00
JacobBarthelmeh
6dd00abb74
Merge pull request #7771 from aidangarske/InitSuites_Orderadj
...
`InitSuites` changes to order making `BUILD_TLS_AES_256_GCM_SHA384` be prioritized over `BUILD_TLS_AES_128_GCM_SHA256`
2024-11-22 10:15:32 -07:00
JacobBarthelmeh
c5d7dc3df6
Merge pull request #8211 from douzzer/20241121-fixes
...
20241121-fixes
2024-11-22 09:49:59 -07:00
David Garske
401a64d112
Improve stdarg.h around uses of var_arg. Cleanup warning for XFREE/XMALLOC redef.
2024-11-22 08:11:32 -08:00
Andras Fekete
942c3a07ee
Fix Renesas test
...
In PR #8182 this line was accidentally wrapped in `#ifdef OPENSSL_EXTRA`
2024-11-22 09:57:55 -05:00
Daniel Pouzzner
d85c108952
wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: add WC_FAILURE ("wolfCrypt generic failure") with value -1, for traceable error return of -1 in wolfCrypt.
...
configure.ac: add OPENSSL_EXTRA to --enable-wolfsentry.
linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, wolfssl/ssl.h: accommodate backward dependencies for wolfSSL_X509_NAME_add_entry_by_NID, wolfSSL_X509_NAME_free, and wolfSSL_X509_NAME_new_ex.
linuxkm/lkcapi_glue.c: if CONFIG_CRYPTO_MANAGER, assert match of CONFIG_CRYPTO_FIPS and HAVE_FIPS.
src/ssl_crypto.c, wolfcrypt/src/wc_lms.c, wolfcrypt/src/wc_lms_impl.c, wolfcrypt/src/wc_xmss.c, wolfcrypt/test/test.c: add missing casts for XMALLOC()s.
src/ssl_crypto.c: in wolfSSL_AES_decrypt(), fix gate for wc_AesDecryptDirect() return type.
wolfcrypt/test/test.c: smallstack refactor in test_dilithium_decode_level().
tests/api.c: fix uninited vars and "embedding a directive within macro arguments is not portable" in test_wc_dilithium_der().
2024-11-21 21:59:26 -06:00
Daniel Pouzzner
92f587c84f
Merge pull request #8209 from gasbytes/patch-wc-no-err-trace
...
Adding missing checks missing initialization of sp_int/mp_int
2024-11-21 18:34:11 -06:00
JacobBarthelmeh
03bafdfa36
Merge pull request #8208 from dgarske/engine_compat
...
Fixes from compatibility header decoupling (make install)
2024-11-21 16:40:15 -07:00
Reda Chouk
378519d7fb
Adding missing checks missing initialization of sp_int/mp_int initialization (
...
in case of MEMORY_E).
removed printf (added for previous debugging)
2024-11-21 23:55:34 +01:00
David Garske
3444d5c526
Fixes from compatibility header decoupling PR #8182 . Fixes issue with wolfEngine and wolfProvider. Change behavior for openssl compatibility headers to be installed unless --enable-opensslextra=noinstall is used. Removed dependency on X509 small with SESSION_CERTS, KEEP_PEER_CERTS and KEEP_OUR_CERT.
2024-11-21 12:09:57 -08:00
David Garske
39d4832b0b
Merge pull request #8207 from bigbrett/dilithium-nightly-fixes
...
dilithium fixes for FIPS 204 draft mode
2024-11-21 11:41:52 -08:00
Brett Nicholas
cceeb776f7
gate dilithium OID autodetection on FIPS 204 draft mode
2024-11-21 09:38:11 -08:00
Brett Nicholas
30f372ce16
add autogenerated error trace headers to gitignore
2024-11-21 09:38:11 -08:00
Brett Nicholas
e31b15875b
fix buffer overflow due to uninitialized idx variable
2024-11-21 09:38:11 -08:00
JacobBarthelmeh
04932dd97d
Merge pull request #8206 from dgarske/rx_tsip
...
Fixes for RSA TSIP RSA Sign/Verify
2024-11-21 09:30:48 -07:00
Daniel Pouzzner
2710b57df8
Merge pull request #8204 from JacobBarthelmeh/socket
...
change optval type to match system
2024-11-21 09:57:10 -06:00
JacobBarthelmeh
c06f65a8ac
Merge pull request #8182 from dgarske/no_compat_headers
...
Support for building without wolfssl/openssl header files
2024-11-20 21:33:18 -07:00
David Garske
6be70f9230
Fix for size increase on X509 small. Fix for CRL test with NO_RSA.
2024-11-20 15:54:02 -08:00
David Garske
96a0619d70
Enable compat layer with HAVE_WEBSERVER (--enable-webserver).
2024-11-20 14:24:11 -08:00
David Garske
c5e43280b9
Fix for RX TSIP AES GCM 128 unit test resultP/C sizes causing failure.
2024-11-20 13:48:05 -08:00
David Garske
7bf0533c48
Fix for building with HAVE_SECRET_CALLBACK only.
2024-11-20 13:33:10 -08:00
David Garske
d109f38cbd
Fixes for RSA TSIP RSA Sign/Verify. Tested on RX72N EnvisionKit. Added THREADX threading support.
...
```
Start wolf tsip crypt Test
simple crypt test by using TSIP
sha_test() passed
sha256_test() passed
tsip_aes_cbc_test() passed
tsip_aes256_test() passed
tsip_rsa_test(2048) passed
tsip_rsa_SignVerify_test(2048) passed
End wolf tsip crypt Test
```
2024-11-20 13:08:26 -08:00
JacobBarthelmeh
be70bea687
Merge pull request #8202 from LinuxJedi/fix-cryptodev-debug
...
Fix cryptodev debug output
2024-11-20 14:00:05 -07:00
David Garske
ef67b1c06a
Support for building without wolfssl/openssl header files. ZD 18465
...
* Fix for `TlsSessionCacheGetAndLock` that was not checking the sessionIDSz, so could return a pointer to an invalid session (if 0's). Resolves issue with `test_wolfSSL_CTX_sess_set_remove_cb` test.
* Fix cast warning with `HAVE_EX_DATA` in Windows VS.
* Fix openssl_extra without PKCS12.
* Refactor the EX data crypto and session API's to gate on `HAVE_EX_DATA_CRYPTO`.
* Grouped the EX data API's in ssl.h
* Moved API's in ssl.h to separate the compatibility ones from ours.
2024-11-20 12:32:32 -08:00
JacobBarthelmeh
b3e8fa7922
change optval type to match system
2024-11-20 09:34:11 -07:00
Andrew Hutchings
f5e6e17c7c
Fix cryptodev debug output
...
Cryptodev has two sections for the session info struct, cipher and hash.
Our debug mode was using hash for the output even if we were using
cipher, so would output random data. Simple 'if' statement to do the
correct thing.
2024-11-20 06:41:58 +00:00