wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 14:12:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,880 Commits 12 Branches 184 Tags
v5.8.2-stable
Commit Graph

25880 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
decea12e22 Merge pull request #9012 from JacobBarthelmeh/release 
prepare for release 5.8.2
v5.8.2-stable 		2025-07-17 14:59:24 -07:00
JacobBarthelmeh
c34e6ab8d9 prepare for release 5.8.2 2025-07-17 10:26:19 -06:00
JacobBarthelmeh
fa1842e56d Merge pull request #9011 from douzzer/20250717-linuxkm-include-am 
20250717-linuxkm-include-am
 2025-07-17 08:56:40 -06:00
Daniel Pouzzner
c8a9e9ea12 linuxkm/include.am: add linuxkm/wolfcrypt.lds to EXTRA_DIST. 2025-07-17 08:40:55 -05:00
philljj
8bde512676 Merge pull request #9007 from douzzer/20250715-linuxkm-portability-fixes 
20250715-linuxkm-portability-fixes
 2025-07-16 21:02:55 -05:00
Daniel Pouzzner
8d1289c1d7 linuxkm/Kbuild: --rename-section .rodata.cst16=.rodata.wolfcrypt 2025-07-16 16:54:20 -05:00
Daniel Pouzzner
01313cc0c8 linuxkm/x86_vector_register_glue.c: 
* refactor the save_vector_registers_x86() algorithm to depend directly on preempt_count(), and use local_bh_enable() and preempt_disable() directly, to mitigate glitchiness around irq_fpu_usable() and crypto_simd_usable();

* eliminate the WC_FPU_ALREADY_FLAG kludge.

* improve the error and warning messages, and add some additional checks and messages for unexpected states; add VRG_PR_ERR_X and VRG_PR_WARN_X for pr_*_once() semantics on regular builds, but unlimited messages when WOLFSSL_LINUXKM_VERBOSE_DEBUG.

linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c:

* move the spinlock-based implementation of wc_LockMutex() from linuxkm_wc_port.h to module_hooks.c, due to numerous stuboorn direct external symbol references;

* extensively refactor the kernel header #include strategy, keeping many more superfluous headers out of __PIE__ objects, and fixing unavoidable static header functions with grafted __always_inline attributes;

* add version exceptions for RHEL 9.5.

linuxkm/Kbuild:

* on x86 with CONFIG_MITIGATION_{RETPOLINE,RETHUNK}, use inline rethunks rather than none;

* refactor check for "Error: section(s) missed by containerization." using `readelf --sections --syms`, for 100% coverage, more informative error output, and suppression of false positives on printk-related cruft;

configure.ac and linuxkm/lkcapi_sha_glue.c: use LINUXKM_LKCAPI_[DONT_]REGISTER_{SHA,HMAC}_ALL to represent --enable-linuxkm-lkcapi-register=[-]all-{sha,hmac}, which allows alg families (notably SHA1) to be masked out piecemeal;

linuxkm/lkcapi_rsa_glue.c: in linuxkm_test_pkcs1pad_driver(), mitigate unused args when LINUXKM_AKCIPHER_NO_SIGNVERIFY.
 2025-07-16 13:09:03 -05:00
JacobBarthelmeh
2c90d1585a Merge pull request #8897 from anhu/compat_additions 
Compatibility layer additions for X.509 extensions and RSA PSS
 2025-07-15 10:52:33 -06:00
Anthony Hu
c341a9fc05 FIPS > 2 2025-07-15 07:59:20 -04:00
JacobBarthelmeh
e06f1bbf02 Merge pull request #9005 from douzzer/20250714-linuxkm-MODULE_LICENSE 
20250714-linuxkm-MODULE_LICENSE
 2025-07-14 17:23:22 -06:00
JacobBarthelmeh
9430c8a5a1 Merge pull request #9003 from embhorn/cov_531298 
Fix blake2b_final coverity reports
 2025-07-14 16:20:19 -06:00
Daniel Pouzzner
049e88b525 linuxkm/module_hooks.c: use MODULE_LICENSE("GPL"). 2025-07-14 16:30:13 -05:00
Daniel Pouzzner
2c341a5806 Merge pull request #8990 from JacobBarthelmeh/license 
updating license from GPLv2 to GPLv3

(linuxkm tweak to `MODULE_LICENSE("GPL")` to follow.)
 2025-07-14 16:14:39 -05:00
JacobBarthelmeh
91321fccec Merge pull request #8992 from douzzer/20250710-WC_ASN_RUNTIME_DATE_CHECK_CONTROL 
20250710-WC_ASN_RUNTIME_DATE_CHECK_CONTROL
 2025-07-14 15:08:35 -06:00
Eric Blankenhorn
9c2ea12563 Fix blake2 final coverity issue 2025-07-14 15:04:15 -05:00
Eric Blankenhorn
efdca85aec Fix blake2 final coverity issue 2025-07-14 14:53:37 -05:00
philljj
1f71e6d246 Merge pull request #8998 from douzzer/20250712-linuxkm-all-aes-sha-hmac 
20250712-linuxkm-all-aes-sha-hmac
 2025-07-14 14:19:09 -05:00
philljj
bbc5dc528b Merge pull request #9001 from douzzer/20250714-linuxkm-fix-page-flags-h 
20250714-linuxkm-fix-page-flags-h
 2025-07-14 12:59:26 -05:00
Daniel Pouzzner
80c9212dd9 linuxkm/linuxkm_wc_port.h, linuxkm/lkcapi_aes_glue.c, configure.ac: fix LKCAPI on kernel 5.4 (sunrise version for LKCAPI), and add all-aes, all-sha, all-hmac, and their negations, to --enable-linuxkm-lkcapi-register. 2025-07-14 12:39:41 -05:00
Daniel Pouzzner
ee3b459e16 linuxkm/linuxkm_wc_port.h: refactor the fix for folio_flags()/const_folio_flags() text segment spam -- inhibiting inclusion of linux/page-flags.h breaks on some kernel configs. 2025-07-14 10:27:35 -05:00
JacobBarthelmeh
99d26f0347 Merge pull request #8977 from BridgerVoss/new_settings 
FREESCALE forced algorithm HAVE_ECC moved to IDE/MQX/user_settings.h
 2025-07-14 09:05:56 -06:00
philljj
607d5d798b Merge pull request #8994 from douzzer/20250711-linuxkm-distro-fix 
20250711-linuxkm-distro-fix
 2025-07-11 13:01:51 -05:00
Daniel Pouzzner
d90394efa6 wolfcrypt/src/asn.c and wolfssl/wolfcrypt/asn.h: add 
WC_ASN_RUNTIME_DATE_CHECK_CONTROL, with accessors wc_AsnSetSkipDateCheck()
(WOLFSSL_TEST_VIS) and wc_AsnGetSkipDateCheck() (WOLFSSL_LOCAL).  use this to
permafix test_wolfSSL_CRL_duplicate_extensions() in api.c, which has an
expiring-soon handcrafted certificate in it.
 2025-07-11 11:25:25 -05:00
David Garske
70bdd9f990 Merge pull request #8989 from rlm2002/zd20212 
xmemset rng before test runs
 2025-07-11 08:58:30 -07:00
David Garske
a36f9085c1 Fix for compat wolfSSL_RSA_sign and wolfSSL_RSA_verify to support RSA PSS with custom salt and mgf1 hash type. Adds compat API's for i2d_PrivateKey_bio , BN_ucmp and X509v3_get_ext_by_NID. ZD 20059 2025-07-11 08:51:51 -07:00
Daniel Pouzzner
0001bf7983 linuxkm/patches/: in regen-patches.sh, structure the pathnames to mollify kernel scripts/checkpatch.pl; 
tweak WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-6v15.patch (mostly whitespace) to mollify scripts/checkpatch.pl.
 2025-07-11 10:42:43 -05:00
Daniel Pouzzner
1e3966f06d linuxkm/include.am: add kernel patches to EXTRA_DIST. 2025-07-11 10:42:43 -05:00
JacobBarthelmeh
388eea3cf2 Merge pull request #8976 from holtrop/decode-encrypted-key-package 
Add wc_PKCS7_DecodeEncryptedKeyPackage()
 2025-07-10 17:08:06 -06:00
Sean Parkinson
046e46a67f Merge pull request #8825 from kareem-wolfssl/zd19911 
Fix parsing RPK with no parameters.
 2025-07-11 08:36:55 +10:00
David Garske
8d68977e33 Merge pull request #8985 from sebastian-carpenter/GH-issue-8951 
improper access of sp_int_minimal using sp_int
 2025-07-10 15:21:20 -07:00
Ruby Martin
e65647faa8 xmemset rng before test runs 2025-07-10 16:17:53 -06:00
David Garske
4d4228caa1 Merge pull request #8815 from kareem-wolfssl/zd19929 
Fix wolfSSL_BIO_new_connect's handling of IPV6 addresses.
 2025-07-10 15:17:39 -07:00
JacobBarthelmeh
629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Kareem
362f0a2cfd Ensure only one of the RPK algorithm parameters are set. 2025-07-10 12:43:14 -07:00
Josh Holtrop
3ce8c6e4fa Remove WOLFSSL_API for wc_PKCS7_DecodeEncryptedKeyPackage() in source file 2025-07-10 15:29:31 -04:00
Josh Holtrop
f776c95e54 Remove do/while(0) loop in wc_PKCS7_DecodeEncryptedKeyPackage(); use if-else if chain 2025-07-10 15:25:57 -04:00
Kareem
f942990113 Fix building unit tests with --enable-rpk --disable-rsa. 
Exact configure line used:
 ./configure --enable-kyber --enable-mlkem --enable-dilithium --enable-dtls --enable-dtls13 --enable-dtls-frag-ch --enable-debug --enable-debug-trace-errcodes \
CFLAGS="-DHAVE_RPK -DWOLFSSL_DER_LOAD -DWOLFSSL_LOGGINGENABLED_DEFAULT=1" --disable-rsa
 2025-07-10 12:03:18 -07:00
Kareem
2df674bd59 Correct RPK parsing. As per RFC7250 section 3, the algorithm parameters are optional. 2025-07-10 12:03:18 -07:00
David Garske
047d1bd69f Merge pull request #8986 from kareem-wolfssl/pskYml 
Fix missing comma in psk.yml
 2025-07-10 11:50:08 -07:00
philljj
c7ff47d5ee Merge pull request #8984 from douzzer/20250710-linuxkm-crng-fixes 
20250710-linuxkm-crng-fixes
 2025-07-10 13:32:17 -05:00
Kareem
aa3a325add Fix missing comma in psk.yml 2025-07-10 10:52:11 -07:00
Kareem
c9d451e857 Fix wolfSSL_BIO_new_connect's handling of IPV6 addresses. 2025-07-10 10:33:46 -07:00
Sebastian Carpenter
a00cfcb55f improper access of sp_int_minimal using sp_int 
related thread: https://bugzilla.redhat.com/show_bug.cgi?id=2047439

also found sp_uint8 that was not updated to sp_sign_t
 2025-07-10 10:42:30 -06:00
Daniel Pouzzner
b4137fe2f8 linuxkm/lkcapi_sha_glue.c: add interruptibility and additional relaxation where possible, and fix a leaked lock scenario, in get_drbg_n(), wc_linuxkm_drbg_seed(), wc_mix_pool_bytes(), and wc_crng_reseed(); 
wolfcrypt/src/asn.c: add a couple static attributes missed on the previous round of fixups.
 2025-07-10 10:59:57 -05:00
philljj
ed6d189f1a Merge pull request #8980 from douzzer/20250706-linuxkm-fixes 
20250706-linuxkm-fixes
 2025-07-10 10:34:59 -05:00
Daniel Pouzzner
ae48ee408e Merge pull request #8983 from philljj/linuxkm_make_rsa_again 
Linuxkm make rsa again
 2025-07-10 09:29:29 -05:00
Josh Holtrop
6d51b73626 Shorten some wc_PKCS7_DecodeEncryptedKeyPackage() comment lines to less than 80 characters 2025-07-10 08:10:59 -04:00
Josh Holtrop
3f65846e67 Document BAD_FUNC_ARG return value for wc_PKCS7_DecodeEncryptedKeyPackage() 2025-07-10 08:07:32 -04:00
Sean Parkinson
783ab14afb Merge pull request #8982 from dgarske/x509_ref 
Fix possible memory leak with X509 reference counter when using x509small
 2025-07-10 20:37:57 +10:00
Daniel Pouzzner
f49e583721 linuxkm/Kbuild: skip "section(s) missed by containerization" test unless KERNEL_ARCH_X86; 
linuxkm/linuxkm_wc_port.h: fixes for legacy kernels, particularly: when building TLS stack (!WOLFCRYPT_ONLY), use the best heap with a functioning realloc(), else use kvmalloc() and friends if available, even if kvrealloc() is unavailable.  also, provide for XMALLOC_USER and XMALLOC_OVERRIDE;

linuxkm/lkcapi_glue.c: recognize the new CONFIG_CRYPTO_SELFTESTS_FULL alongside the old CONFIG_CRYPTO_MANAGER_EXTRA_TESTS;

linuxkm/linuxkm_memory.c: restore my__show_free_areas() in case it's still needed.
 2025-07-10 00:57:51 -05:00