WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
25,515 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

9644 Commits (master)

Author SHA1 Message Date
Koji Takeda ff1baf0ae7 Apply stronger salt length for PBES2 2025-06-14 00:45:03 +09:00
David Garske c5e63b84ca
Merge pull request #8840 from douzzer/20250605-linuxkm-DRBG-multithread-round-1 
20250605-linuxkm-DRBG-multithread-round-1
 2025-06-12 13:17:54 -07:00
David Garske 2fc1110a13
Merge pull request #8587 from lealem47/gh8574 
Fix bug in ParseCRL_Extensions
 2025-06-12 12:09:52 -07:00
David Garske bfdce3a345
Merge pull request #8832 from SparkiDev/aarch64_xfence 
Aarch64 XFENCE
 2025-06-12 11:53:55 -07:00
David Garske 6571f42cb9
Merge pull request #8867 from JacobBarthelmeh/rng 
Improvements to RNG and compatibility layer
 2025-06-11 14:31:53 -07:00
Sean Parkinson d66863d0ac Aarch64 XFENCE 
Use sb instruction instead of isb if available.
 2025-06-11 09:29:20 +10:00
JacobBarthelmeh ae87afa677
Merge pull request #8857 from miyazakh/tsip_fix 
fix TSIP TLS example program
 2025-06-10 16:26:34 -06:00
JacobBarthelmeh 47cf634965 add a way to restore previous pid behavior 2025-06-10 16:12:09 -06:00
JacobBarthelmeh 31490ab813 add sanity checks on pid with RNG 2025-06-10 14:37:11 -06:00
JacobBarthelmeh 047f0bb5fc
Merge pull request #8847 from gojimmypi/pr-platformio-cert-bundles 
Improve PlatformIO Certificate Bundle Support
 2025-06-10 10:23:07 -06:00
Sean Parkinson cb90b78688 ML-DSA: fix tests for different configs 
Setting the private key into SSL object requires signing to be
available.
Only enable the parameters that are compiled in.
 2025-06-10 20:44:27 +10:00
Koji Takeda 0260ff789b Clarify supported PKCS12 encryption algorithms 2025-06-09 12:03:47 +09:00
Hideki Miyazaki 0404447bd8 fix typo 2025-06-07 12:46:22 +09:00
Hideki Miyazaki 1f8efc3c14 fix TSIP example 
fix Client Certificate Verify using RSA sign/verify
 2025-06-07 12:38:18 +09:00
Daniel Pouzzner ae15693fa8 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_generate() and wc_linuxkm_drbg_seed(), check retval from wc_LockMutex(). 
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), restore smallstack path for digest[], but use non-smallstack path for WOLFSSL_LINUXKM.
 2025-06-07 07:07:20 +04:00
gojimmypi 3254f56d32
Improve PlatformIO Certificate Bundle Support 2025-06-06 15:48:07 -07:00
JacobBarthelmeh ae7509e746
Merge pull request #8813 from gojimmypi/espressif-mlkem-support 
Adjust Espressif Examples for Post Quantum ML-KEM
 2025-06-06 11:41:59 -06:00
JacobBarthelmeh 9ffca6b39c
Merge pull request #8822 from kojiws/support_cert_aes_cbc_on_pkcs12_export 
Support PBE_AES(256|128)_CBC certificate encryptions on wc_PKCS12_create()
 2025-06-06 11:35:13 -06:00
Daniel Pouzzner 4572dcf9f9 tests/api/test_x509.c: in test_x509_rfc2818_verification_callback(), add dependency on HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES; 
wolfcrypt/test/test.c: in lms_test(), fix -Wdeclaration-after-statement;

add .github/workflows/no-tls.yml;

.github/workflows/pq-all.yml: add smallstack scenario.
 2025-06-06 17:18:50 +04:00
JacobBarthelmeh c207e2d198
Merge pull request #8838 from miyazakh/fsp_fix2 
Fix Renesas SCE on RA6M4
 2025-06-05 09:43:05 -06:00
Daniel Pouzzner dbc34352c7 linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_seed(), prefix the supplied seed with the CPU ID of each DRBG, to avoid duplicate states; 
wolfcrypt/src/random.c: in Hash_DRBG_Generate(), always put digest[] on the stack even in WOLFSSL_SMALL_STACK configuration (it's only 32 bytes);

configure.ac: default smallstackcache on when linuxkm-defaults.
 2025-06-05 16:31:46 +04:00
Sean Parkinson 640b060792 LMS: Key ID fixup 
Fix implementation for extracting from private key data.
Add implementation that gets Key ID from wc_LmsKey.
 2025-06-05 10:25:47 +10:00
Lealem Amedie 02a49693e2 Fix bug in ParseCRL_Extensions 2025-06-04 10:23:53 -06:00
Koji Takeda 7c33096398 Support PBE_AES256_CBC and PBE_AES128_CBC cert encryption on wc_PKCS12_create() 2025-06-04 16:43:30 +09:00
Hideki Miyazaki e633dd7537 trailing whitespace 2025-06-04 13:41:01 +09:00
Hideki Miyazaki 6d2a8b3f4c ready-for-use flag fix 2025-06-04 13:41:01 +09:00
JacobBarthelmeh c1b683f307 add clang-tidy lint comment to avoid false positive 2025-06-03 14:44:01 -06:00
gojimmypi a9db6d08f7
Adjust Espressif Examples for Post Quantum ML-KEM 2025-06-02 15:11:53 -07:00
gojimmypi 1aa97a9070
Correct Espressif default time setting 2025-06-02 15:04:49 -07:00
Daniel Pouzzner a6e9bd73e4
Merge pull request #8803 from dgarske/csr_nomalloc 
Refactor to support CSR generation and signing with `WOLFSSL_NO_MALLOC`
 2025-05-30 18:05:25 -05:00
Daniel Pouzzner dd6e6015ea wolfcrypt/src/wc_mlkem.c: add setup for WC_MLKEM_NO_ASM. 2025-05-30 14:51:52 -05:00
Daniel Pouzzner 8f347e68f5 wolfcrypt/src/wc_mlkem_poly.c and configure.ac: add support for WC_MLKEM_NO_ASM, and add gates to support WC_SHA3_NO_ASM; 
wolfcrypt/src/sha3.c and wolfssl/wolfcrypt/sha3.h: BlockSha3() now always WOLFSSL_LOCAL (never static) to support calls from MLKEM implementation.
 2025-05-30 13:31:40 -05:00
David Garske 165f868be1 Fix for `warning: ‘free’ called on unallocated object ‘buf’`. 2025-05-29 17:15:55 -07:00
Daniel Pouzzner 245042a342 add WC_SHA3_NO_ASM, mainly for the benefit of linuxkm-defaults and KASAN compatibility. 2025-05-29 16:21:34 -05:00
Daniel Pouzzner b9ef6c583a wolfcrypt/test/test.c: in test_dilithium_decode_level(), on early malloc failure, stay in the flow to assure cleanup; 
.wolfssl_known_macro_extras: remove unneeded entry for WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC.
 2025-05-28 12:48:36 -05:00
David Garske 482f2bdd2a Refactor to support CSR generation and signing with `WOLFSSL_NO_MALLOC`. Also for DSA. Don't test no malloc with ECC custom curves. 2025-05-27 14:51:16 -07:00
Daniel Pouzzner 8179367412
Merge pull request #8798 from dgarske/mldsa_nosign 
Fix for ML-DSA with `WOLFSSL_DILITHIUM_NO_SIGN`
 2025-05-27 14:44:44 -05:00
David Garske 607d7489bc Add no malloc support for Dilithium tests. Fixes for `WOLFSSL_DILITHIUM_NO_ASN1`. 2025-05-22 14:34:34 -07:00
David Garske d0085834cd Fix for ML-DSA with `WOLFSSL_DILITHIUM_NO_SIGN`. ZD 19948. 2025-05-22 12:36:46 -07:00
David Garske cc78e3f5d1 Fix for older STM32Cube HAL that does not support `hcryp->Init.HeaderWidthUnit`. ZD 19926. 2025-05-21 16:42:52 -07:00
Sean Parkinson 9fdb40caa4
Merge pull request #8790 from philljj/fix_coverity 
coverity: misc fixes
 2025-05-22 08:40:59 +10:00
Sean Parkinson 85a4e34705
Merge pull request #8782 from kojiws/support_aes_cbc_pkcs12_export 
Support PBE_AES(256|128)_CBC key encryptions on wc_PKCS12_create()
 2025-05-22 08:39:11 +10:00
Daniel Pouzzner e2def987d4 wolfcrypt/src/siphash.c: for WC_SIPHASH_NO_ASM, don't define WOLFSSL_NO_ASM if it's already defined. 2025-05-21 10:03:10 -05:00
Daniel Pouzzner a01fb2a61c wolfcrypt/src/siphash.c: honor WC_SIPHASH_NO_ASM; configure.ac: add -DWC_SIPHASH_NO_ASM when ENABLED_LINUXKM. 2025-05-20 13:03:58 -05:00
jordan c619c19a1d asn: add underflow check to idx. 2025-05-19 19:04:27 -05:00
Koji Takeda 3666851589 Support PBE_AES256_CBC and PBE_AES128_CBC key encryption on wc_PKCS12_create() 2025-05-19 22:26:46 +09:00
Ruby Martin 7ae2c24ac4 add NULL reference checks to RSA functions 2025-05-16 14:00:35 -06:00
Daniel Pouzzner e67536cb15
Merge pull request #8775 from rlm2002/coverity 
Coverity: address uninitialized scalar variable issues
 2025-05-16 14:44:38 -05:00
Daniel Pouzzner 5abe5df498
Merge pull request #8760 from miyazakh/benchmark_up 
Guard some benchmark tests by NO_SW_BENCH
 2025-05-16 12:42:59 -05:00
Ruby Martin e998a4c2fc fix off-by-one error in asn.c 2025-05-16 08:26:19 -06:00