wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 20:02:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,880 Commits 12 Branches 184 Tags
v5.8.2-stable
Commit Graph

9799 Commits

Author SHA1 Message Date
JacobBarthelmeh
2c90d1585a Merge pull request #8897 from anhu/compat_additions 
Compatibility layer additions for X.509 extensions and RSA PSS
 2025-07-15 10:52:33 -06:00
JacobBarthelmeh
9430c8a5a1 Merge pull request #9003 from embhorn/cov_531298 
Fix blake2b_final coverity reports
 2025-07-14 16:20:19 -06:00
Daniel Pouzzner
2c341a5806 Merge pull request #8990 from JacobBarthelmeh/license 
updating license from GPLv2 to GPLv3

(linuxkm tweak to `MODULE_LICENSE("GPL")` to follow.)
 2025-07-14 16:14:39 -05:00
Eric Blankenhorn
9c2ea12563 Fix blake2 final coverity issue 2025-07-14 15:04:15 -05:00
Eric Blankenhorn
efdca85aec Fix blake2 final coverity issue 2025-07-14 14:53:37 -05:00
Daniel Pouzzner
d90394efa6 wolfcrypt/src/asn.c and wolfssl/wolfcrypt/asn.h: add 
WC_ASN_RUNTIME_DATE_CHECK_CONTROL, with accessors wc_AsnSetSkipDateCheck()
(WOLFSSL_TEST_VIS) and wc_AsnGetSkipDateCheck() (WOLFSSL_LOCAL).  use this to
permafix test_wolfSSL_CRL_duplicate_extensions() in api.c, which has an
expiring-soon handcrafted certificate in it.
 2025-07-11 11:25:25 -05:00
David Garske
70bdd9f990 Merge pull request #8989 from rlm2002/zd20212 
xmemset rng before test runs
 2025-07-11 08:58:30 -07:00
David Garske
a36f9085c1 Fix for compat wolfSSL_RSA_sign and wolfSSL_RSA_verify to support RSA PSS with custom salt and mgf1 hash type. Adds compat API's for i2d_PrivateKey_bio , BN_ucmp and X509v3_get_ext_by_NID. ZD 20059 2025-07-11 08:51:51 -07:00
JacobBarthelmeh
388eea3cf2 Merge pull request #8976 from holtrop/decode-encrypted-key-package 
Add wc_PKCS7_DecodeEncryptedKeyPackage()
 2025-07-10 17:08:06 -06:00
Sean Parkinson
046e46a67f Merge pull request #8825 from kareem-wolfssl/zd19911 
Fix parsing RPK with no parameters.
 2025-07-11 08:36:55 +10:00
David Garske
8d68977e33 Merge pull request #8985 from sebastian-carpenter/GH-issue-8951 
improper access of sp_int_minimal using sp_int
 2025-07-10 15:21:20 -07:00
Ruby Martin
e65647faa8 xmemset rng before test runs 2025-07-10 16:17:53 -06:00
JacobBarthelmeh
629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Kareem
362f0a2cfd Ensure only one of the RPK algorithm parameters are set. 2025-07-10 12:43:14 -07:00
Josh Holtrop
3ce8c6e4fa Remove WOLFSSL_API for wc_PKCS7_DecodeEncryptedKeyPackage() in source file 2025-07-10 15:29:31 -04:00
Josh Holtrop
f776c95e54 Remove do/while(0) loop in wc_PKCS7_DecodeEncryptedKeyPackage(); use if-else if chain 2025-07-10 15:25:57 -04:00
Kareem
2df674bd59 Correct RPK parsing. As per RFC7250 section 3, the algorithm parameters are optional. 2025-07-10 12:03:18 -07:00
Sebastian Carpenter
a00cfcb55f improper access of sp_int_minimal using sp_int 
related thread: https://bugzilla.redhat.com/show_bug.cgi?id=2047439

also found sp_uint8 that was not updated to sp_sign_t
 2025-07-10 10:42:30 -06:00
Daniel Pouzzner
b4137fe2f8 linuxkm/lkcapi_sha_glue.c: add interruptibility and additional relaxation where possible, and fix a leaked lock scenario, in get_drbg_n(), wc_linuxkm_drbg_seed(), wc_mix_pool_bytes(), and wc_crng_reseed(); 
wolfcrypt/src/asn.c: add a couple static attributes missed on the previous round of fixups.
 2025-07-10 10:59:57 -05:00
philljj
ed6d189f1a Merge pull request #8980 from douzzer/20250706-linuxkm-fixes 
20250706-linuxkm-fixes
 2025-07-10 10:34:59 -05:00
Josh Holtrop
6d51b73626 Shorten some wc_PKCS7_DecodeEncryptedKeyPackage() comment lines to less than 80 characters 2025-07-10 08:10:59 -04:00
David Garske
b2143a815f Merge pull request #8965 from SparkiDev/ppc32_sha256_spe 
PPC32 ARM ASM SHA-256: SPE impl, tidy up original
 2025-07-09 17:00:26 -07:00
Sean Parkinson
98adb330ef Merge pull request #8981 from dgarske/mldsa 
Fix build issue with ML-DSA 44 only
 2025-07-10 09:41:36 +10:00
David Garske
7ba6f836c4 Merge pull request #8972 from SparkiDev/sp_int_8_bit_fix 
SP int: fix 8 bit words and sp_clamp_ct
 2025-07-09 16:30:33 -07:00
David Garske
cf35abccb8 Merge pull request #8963 from SparkiDev/sp_int_type_fix 
CodeQL: o is larger type and could cause issues
 2025-07-09 16:30:01 -07:00
David Garske
ae19c55182 Merge pull request #8966 from SparkiDev/arm32_aes_asm_fixup_bne 
ARM 32-bit ASM AES: fixup 32-bit code to not use B.EQ
 2025-07-09 16:29:46 -07:00
Daniel Pouzzner
01e8815762 wolfssl/wolfcrypt/settings.h: add #define WOLFSSL_NO_PUBLIC_FFDHE and #undef HAVE_PUBLIC_FFDHE to WOLFSSL_LINUXKM setup to avoid .data.rel.ro.local functions in dh.c; 
linuxkm/linuxkm_wc_port.h: only use kvrealloc() on kernel >=6.11 -- the version in 5.15-6.10 is incompatible (oldsize arg).  also, restore use of kvmalloc on 4.12+, but with XREALLOC undefined, suitable for cryptonly modules; add #include <linux/sched.h> even on __PIE__ objects to make cond_sched() available;

wolfcrypt/src/asn.c: harmonize gate around definitions of BEGIN_DSA_PRIV and END_DSA_PRIV;

wolfcrypt/src/asn.c: in EccSpecifiedECDomainDecode(), work around "const char[]" types in WOLFSSL_ECC_CURVE_STATIC struct ecc_set_type on FIPS <6;

wolfcrypt/src/asn.c, wolfcrypt/src/wc_xmss.c, wolfssl/wolfcrypt/wc_lms.h: add comments to new WOLFSSL_NAMES_STATIC slots explaining where the size comes from.
 2025-07-09 18:22:18 -05:00
Daniel Pouzzner
7c6afeb106 add linuxkm/wolfcrypt.lds module linker script, explicitly grouping wolfcrypt sections together; 
linuxkm/Kbuild: add linker script flag, containerize several more previously-missed ELF sections, and add a test verifying no sections were missed;

linuxkm/linuxkm_memory.c: remove obsolete lkm_realloc() shim and unneeded my__show_free_areas() wrapper;

linuxkm/linuxkm_wc_port.h: add new mapping from realloc() to native kvrealloc(), and gate out a slew of headers when __PIE__ to avoid polluting wolfCrypt objects with various unneeded header-implemented functions with associated awkward symbols references;

linuxkm/lkcapi_glue.c: harmonize gate for REGISTER_ALG_OPTIONAL();

linuxkm/module_hooks.c: add "ERROR:" prefixes on pr_err()s; add wc_RunAllCast_fips() at shutdown to send confidence verification to the kernel log; remove section bounds checks now that layout is unreliable;

wolfssl/wolfcrypt/settings.h: for WOLFSSL_LINUXKM && HAVE_LINUXKM_PIE_SUPPORT, #define WOLFSSL_ECC_CURVE_STATIC and WOLFSSL_NAMES_STATIC;

wolfssl/wolfcrypt/types.h: refactor the typedef for wcchar from a pointer to a char[];

wolfcrypt/src/wc_xmss.c and wolfssl/wolfcrypt/wc_lms.h: add WOLFSSL_NAMES_STATIC code paths for struct wc_XmssString and struct wc_LmsParamsMap;

wolfcrypt/src/asn.c: add WOLFSSL_NAMES_STATIC code paths for struct CertNameData, and add static attribute to a slew of wcchars not used or declared outside asn.c.
 2025-07-09 18:22:18 -05:00
David Garske
3c00e26274 Merge pull request #8974 from rlm2002/coverity_fix 
Coverity: Check values
 2025-07-09 16:12:42 -07:00
David Garske
5d89ca6706 Fix build issue with ML-DSA 44 only. Fix --enable-mlkem=all to enable features (keygen/enc/dec) to match --enable-dilithium behavior and allow uses like: --enable-mlkem=all,512,small. Fix issue building mem track with missing PRINT_HEAP_ADDRESS (reproduced with --enable-trackmemory=verbose --enable-stacksize=verbose). 
```
wolfcrypt/src/dilithium.c:6696:21: error: expected expression before '}' token
 6696 |                     }
      |
```
 2025-07-09 15:06:41 -07:00
Josh Holtrop
c83a452a3c Check for NULL pkiMsg in wc_PKCS7_DecodeEncryptedKeyPackage() 2025-07-09 14:41:58 -04:00
Josh Holtrop
d2ab6edbab Add wc_PKCS7_DecodeEncryptedKeyPackage() 2025-07-09 13:38:11 -04:00
Ruby Martin
6de2557748 check buflen is less than BLAKE2B_BLOCKBYTES * 2 2025-07-09 10:00:28 -06:00
Ruby Martin
7b7c658668 add null check to wc_Des_CbcEncrypt 2025-07-09 09:59:46 -06:00
David Garske
703bd6d0ba Merge pull request #8975 from JeremiahM37/mldsa_static_mem 
ML-DSA Static Memory Fix
 2025-07-09 08:22:51 -07:00
Sean Parkinson
d6a72e2480 PPC32 ARM ASM SHA-256: SPE impl, tidy up original 
Implement using SPE instructions that allow for 64-bit registers as a
vector of 2 32-bit values.
Tidy up original implementation to not use stack.
 2025-07-09 18:34:33 +10:00
JeremiahM37
88da86e900 ML DSA Static Memory Fix 2025-07-08 17:51:42 -06:00
Sean Parkinson
f0041cd761 SP int: fix 8 bit words and sp_clamp_ct 
Need to cast to sp_size_t as it may be bigger than the word type
sp_int_digit.
 2025-07-07 18:43:29 +10:00
Hideki Miyazaki
ee8be22a3f Fix Qt nightly jenkins failure 
PBKDF1 encrpted key
 2025-07-07 15:10:41 +09:00
Daniel Pouzzner
a40b56ccb5 Merge pull request #8964 from douzzer/20250703-linuxkm-fixes 
20250703-linuxkm-fixes

Note, final commit reviewed by @SparkiDev, and earlier commit reviewed by @philljj.
 2025-07-04 08:45:55 -05:00
Daniel Pouzzner
ef3a1a28d9 linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, and wolfcrypt/src/wc_port.c: fixes for spinlocks on CONFIG_ARM64; 
wolfcrypt/src/wc_port.c: include random.h, for Entropy_Init().
 2025-07-03 22:09:34 -05:00
Sean Parkinson
d1893dbdec ARM 32-bit ASM AES: fixup 32-bit code to not use B.EQ 
Changes made for Green Hills Aarch64 got into the 32-bit code.
 2025-07-04 11:37:06 +10:00
Daniel Pouzzner
688bc168de wolfcrypt/src/random.c: small stack refactor of noise[] in wc_Entropy_Get(). 2025-07-03 18:30:46 -05:00
David Garske
fb691fac94 Merge pull request #8947 from SparkiDev/mldsa_openssl_der 
ML-DSA/Dilithium: support OpenSSL format
 2025-07-03 16:10:55 -07:00
Sean Parkinson
41eef2ef71 CodeQL: o is larger type and could cause issues 
Make 'o' sp_size_t as the callers are passing 0 or explicit cast to
sp_size_t
 2025-07-04 09:04:39 +10:00
Sean Parkinson
519d1430d0 ML-DSA/Dilithium: support OpenSSL format 
Support DER private key format.
 2025-07-04 07:54:26 +10:00
David Garske
3fe84bf3c0 Merge pull request #8961 from douzzer/20250703-fixes-for-multi-test-reports 
20250703-fixes-for-multi-test-reports
 2025-07-03 11:07:46 -07:00
JacobBarthelmeh
01de7cc04b Merge pull request #8955 from anhu/signed 
Explicitly declare dilithium_coeff_eta2[] as signed
 2025-07-03 10:25:46 -06:00
JacobBarthelmeh
7abaa131d3 Merge pull request #8954 from dgarske/asm_introspection 
Added introspection for Intel and ARM assembly speedups
 2025-07-03 10:22:19 -06:00
philljj
c0837cb073 Merge pull request #8943 from douzzer/20250617-linuxkm-get_random_bytes 
20250617-linuxkm-get_random_bytes
 2025-07-03 11:22:08 -05:00