2151a1b8a1
review comments
2025-05-12 11:43:56 -06:00
79f214f73c
add new X509 API: wc_Exportx509PubKeyWithSpki
2025-05-09 14:40:20 -06:00
9d1bf83a43
Merge pull request #8736 from JacobBarthelmeh/build
...
adjust default build with curve25519
2025-05-09 20:24:53 +10:00
4f07f6a9c1
Merge pull request #8750 from anhu/crl_RefFree
...
Add missing call to wolfSSL_RefFree in FreeCRL
2025-05-09 08:24:10 +10:00
96c15b3a87
Merge pull request #8751 from douzzer/20250508-linuxkm-lkcapi-ECDH-never-fips_enabled
...
20250508-linuxkm-lkcapi-ECDH-never-fips_enabled
2025-05-08 14:59:48 -05:00
ae4a4236cc
fix for index value with curve25519
2025-05-08 13:42:02 -06:00
0532df5ce1
configure.ac: further fixes+cleanups for curve25519/ed25519 feature setup. now recognizes =asm as an override optionally preventing implicit noasm (linuxkm), and fixes wrong -DHAVE_CURVE25519 added to flags in FIPS builds.
2025-05-08 12:20:05 -05:00
ac7326d272
linuxkm/lkcapi_glue.c: for LINUXKM_LKCAPI_REGISTER_ECDH, always clear fips_enabled (see comment for details).
2025-05-08 12:13:06 -05:00
42fb041890
Add missing call to wolfSSL_RefFree in FreeCRL
2025-05-08 13:11:37 -04:00
7ff4ada692
Merge pull request #8746 from douzzer/20250507-ed25519-noasm
...
20250507-ed25519-noasm
2025-05-08 08:29:04 -07:00
e044ec45b7
.github/workflows/codespell.yml: in skip section, add full paths for new artifacts in examples/asn1/.
2025-05-08 00:41:35 -05:00
2e0ada9836
configure.ac: implement support for --enable-ed25519=noasm, and refactor and improve existing support for --enable-curve25519=noasm.
2025-05-07 23:59:58 -05:00
18818415d9
Merge pull request #8744 from douzzer/20250507-fips-all
...
20250507-fips-all
2025-05-07 13:56:31 -07:00
3f9fe491cc
adjust C# test and set rng with hpke case
2025-05-07 14:33:15 -06:00
d3ce45fbfb
clean up Curve25519/Curve448 dependencies in FIPS builds:
...
configure.ac:
* in FIPS setup, fix sensing of ENABLED_CURVE25519 and ENABLED_CURVE448 to prevent noasm sneaking through, and allow fips=dev to enable them via override;
* enable-all enables ECH only if !FIPS;
* enable-all-crypto enables curve25519/curve448 only if !FIPS;
* QUIC implication of ENABLED_CURVE25519 is inhibited if FIPS;
tests/quic.c: add !HAVE_CURVE25519 paths in test_quic_key_share() to allow FIPS QUIC.
2025-05-07 14:34:35 -05:00
cdeac13c87
Merge pull request #8742 from gojimmypi/pr-espressif-p4-and-hkdf
...
Espressif HAVE_HKDF for wolfssl_test, explicit ESP32P4
2025-05-07 12:30:54 -07:00
1e3718ea7b
Merge pull request #8655 from SparkiDev/asn1_oid_update
...
ASN.1 OIDs and sum: Change algorithm for sum
2025-05-07 11:43:54 -07:00
36d8298602
Merge pull request #8743 from douzzer/20250807-linuxkm-lkcapi-ecdh-fips-5v15
...
20250807-linuxkm-lkcapi-ecdh-fips-5v15
2025-05-07 12:47:03 -05:00
cbc4cba263
set rng when making a curve25519 key and cast type after shift
2025-05-07 11:45:55 -06:00
060d4d5ecc
linuxkm/lkcapi_glue.c: on FIPS kernels <5.15, suspend fips_enabled when registering ecdh-nist-p256 and ecdh-nist-p384 to work around wrong/missing attributes/items in kernel crypto manager.
2025-05-07 11:14:24 -05:00
eae4005884
Merge pull request #8717 from dgarske/renesas_rx_api
...
Make wc_tsip_* API's public
2025-05-07 09:29:05 -06:00
ed2c20a3b2
Espressif HAVE_HKDF for wolfssl_test, explicit ESP32P4
2025-05-07 16:38:05 +02:00
5e5f486a4c
Merge pull request #8732 from dgarske/stm32_hash_status
...
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
2025-05-07 20:56:18 +10:00
4b73e70515
Merge pull request #8706 from dgarske/win_crypt_rng
...
New build option to allow reuse of the windows crypt provider handle …
2025-05-07 20:55:07 +10:00
a69039b40d
Merge pull request #8740 from douzzer/20250506-linuxkm-lkcapi-default-priority-100000
...
20250506-linuxkm-lkcapi-default-priority-100000
2025-05-06 20:04:19 -05:00
112351667a
ASN.1 OIDs and sum: Change algorithm for sum
...
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.
Added bunch of OID names into asn1 example.
2025-05-07 08:32:08 +10:00
d100898e92
Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix
...
wc_HKDF_Expand_ex: correctly advance the index
2025-05-07 08:23:33 +10:00
8a3a5929b8
linuxkm/lkcapi_glue.c: change WOLFSSL_LINUXKM_LKCAPI_PRIORITY from INT_MAX to 100000 to avoid overflows in kernel calculation of priority on constructed algs.
2025-05-06 17:21:35 -05:00
6eb8dfb769
Merge pull request #8668 from gojimmypi/pr-arduino-print
...
Fix Arduino progmem print, AVR WOLFSSL_USER_IO
2025-05-06 14:51:12 -07:00
213c43b0fc
Merge pull request #8715 from padelsbach/ssl-certman-codesonar
...
Speculative fix for CodeSonar overflow issue in ssl_certman.c
2025-05-06 14:49:57 -07:00
1ee954a38c
Merge pull request #8738 from kaleb-himes/refine-module-boundary
...
Refine module boundary based on lab feedback [IG C.K.]
2025-05-06 14:42:57 -07:00
05a3557b2b
Merge pull request #8703 from lealem47/zd19592
...
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
2025-05-06 14:42:19 -07:00
d04ab3757e
New build option `WIN_REUSE_CRYPT_HANDLE` to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after `WC_RESEED_INTERVAL`. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing `hpke.c` to wolfssl VS project.
2025-05-06 14:38:02 -07:00
602f4a7b05
Merge pull request #8739 from douzzer/20250506-fixes-and-test-coverage
...
20250506-fixes-and-test-coverage
2025-05-06 14:27:38 -07:00
982a7600c2
src/tls13.c: in DoTls13ServerHello() WOLFSSL_ASYNC_CRYPT path, fix -Wdeclaration-after-statement caused by fallthrough definition;
...
.github/workflows: update async.yml, multi-arch.yml, multi-compiler.yml, no-malloc.yml, opensslcoexist.yml, and os-check.yml, with -pedantic and related flags, and add --enable-riscv-asm to multi-arch.yml RISC-V scenario;
configure.ac: clarify error message for "SP ASM not available for CPU."
2025-05-06 14:49:32 -05:00
579e22f843
Remove WOLFSSL_NO_FSEEK from known macros
2025-05-06 15:39:18 -04:00
25db14f50c
Fix macro typo.
2025-05-06 10:42:09 -07:00
654812679b
Refine module boundary based on lab feedback [IG C.K.]
2025-05-06 09:33:36 -06:00
d82d8a53ef
wc_HKDF_Expand_ex: correctly advance the index
2025-05-06 13:47:54 +02:00
1c0e5af3a4
Merge pull request #8720 from JacobBarthelmeh/xilinx
...
add macro guards for SHA3 test cases to unit tests
2025-05-06 10:50:01 +10:00
428915e492
Merge pull request #8719 from philljj/coverity_april_2025
...
Fix coverity warnings
2025-05-06 10:11:27 +10:00
dfec168402
Merge pull request #8721 from philljj/coverity_misc
...
Coverity misc
2025-05-06 10:04:53 +10:00
3819c352e8
Merge pull request #8728 from dgarske/qat_4.28
...
Fixes for Intel QuickAssist latest driver (4.28)
2025-05-05 17:48:49 -06:00
219902149e
Fix issue with api.c `test_wolfSSL_OBJ` and `./certs/test-servercert.p12` that uses DES3 and AES-CBC-256.
2025-05-05 15:55:00 -07:00
c2f1563144
Merge pull request #8726 from kareem-wolfssl/zd19786
...
Pass in correct hash type to wolfSSL_RSA_verify_ex.
2025-05-05 15:38:41 -07:00
629d812eb3
Merge pull request #8730 from philljj/linuxkm_pkcs1pad_more
...
linuxkm rsa: add more pkcs1pad sha variants
2025-05-05 16:59:29 -05:00
751dcdf3df
Improve the hash wait logic by separating the data input ready from the digest calculation complete.
2025-05-05 14:36:36 -07:00
0f4ce03c28
Fixes for `NO_AES_192` and `NO_AES_256`. Added CI test. Fixed bad BUILD_ logic for `ADH-AES256-GCM-SHA384`.
2025-05-05 14:36:36 -07:00
e487685d7d
Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads.
2025-05-05 14:36:36 -07:00
6296dfdb1e
Merge pull request #8735 from douzzer/20250502-linuxkm-fixes
...
20250502-linuxkm-fixes
2025-05-05 16:29:00 -05:00
Brett Nicholas
Sean Parkinson
philljj
JacobBarthelmeh
Daniel Pouzzner
Anthony Hu
David Garske
gojimmypi
Lealem Amedie
kaleb-himes
Juliusz Sosinowicz