WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
24,991 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

24991 Commits (29482a3e4d17649c0b66e7c081d2ae05df6979b8)

Author SHA1 Message Date
Marco Oliverio 194db7e844 tests: gate ocsp test on SM2 || SM3 
we don't properly support SM2 and SM3 hash algo id properly yet
 2025-02-27 19:38:46 +00:00
Marco Oliverio 83f5644549 ocsp: Fix OcspEncodeCertID SetAlgoID return check 2025-02-27 19:38:44 +00:00
Marco Oliverio 814f0f8a09 Refactor CERT_ID encoding as per review comments 2025-02-27 12:50:37 +00:00
Sean Parkinson 48300352c6 Test api.c: split out MACs and ciphers 2025-02-27 15:52:39 +10:00
Sean Parkinson 7d0ef5bd42
Merge pull request #8512 from douzzer/20250226-fixes 
20250226-fixes
 2025-02-27 14:48:05 +10:00
Daniel Pouzzner f7ddc49487 linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug). 
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().

tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).

move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.

add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().

optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
 2025-02-26 20:55:56 -06:00
Sean Parkinson 0a6a8516f9
Merge pull request #8488 from dgarske/stm32h7s 
Support for STM32H7S (tested on NUCLEO-H7S3L8)
 2025-02-27 10:34:41 +10:00
Sean Parkinson a0d6afbb04
Merge pull request #8505 from jmalak/ow-fixes 
various fixes for Open Watcom build
 2025-02-27 10:31:19 +10:00
Daniel Pouzzner 183d9b44d1
Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN 
Disable XTS-384 as an allowed use in FIPS mode
 2025-02-26 18:24:12 -06:00
Sean Parkinson c290907228
Merge pull request #8510 from wolfSSL/devin-lifeguard/update-rules-d59f9c48 
Update Devin Lifeguard rules
 2025-02-27 09:40:48 +10:00
Sean Parkinson 99f25c6399
Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various 
Various fixes and improvements
 2025-02-27 09:40:06 +10:00
Sean Parkinson b104887042 SHA256: Intel flags has SHA but not AVX1 or AVX2 
Reversal of bytes when IS_INTEL_SHA only is same as when AVX1 or AVX2.
 2025-02-27 09:25:13 +10:00
David Garske 92ed003a58
Merge pull request #8502 from SparkiDev/pkcs_pad 
PKCS Pad: public API to do PKCS padding
 2025-02-26 15:17:50 -08:00
David Garske 512f928650 Fix cast warnings with g++. 2025-02-26 14:45:23 -08:00
Sean Parkinson f204ac8363 PKCS Pad: public API to do PKCS padding 
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
 2025-02-27 08:28:53 +10:00
devin-ai-integration[bot] 615d7229b0
Update Devin Lifeguard rules 2025-02-26 22:19:57 +00:00
David Garske 307b71c0f4
Merge pull request #8508 from SparkiDev/arm_asm_sha512_384 
ARM ASM: available for SHA-384 only too
 2025-02-26 14:11:27 -08:00
David Garske 557abcf76a Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: `./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE"`). 2025-02-26 14:00:48 -08:00
kaleb-himes 738462a6f0 Remove redundent gates 2025-02-26 12:03:25 -07:00
kaleb-himes b8a383469a Disable 192-bit tests in FIPS mode 2025-02-26 11:09:31 -07:00
Ruby Martin 0c413e75c6 add environment matrix to msys workflow 2025-02-26 09:07:16 -07:00
Ruby Martin 439012dd57 adjust xfopen commands 2025-02-26 09:05:53 -07:00
Ruby Martin 6fed2fe447 include cygwin and msys2 ostypes to oscp-stapling tests 2025-02-26 09:05:53 -07:00
Ruby Martin 57646a88ff check if clientfd != SOCKET_INVALID not 0, add check if USE_WINDOWS_API 
not defined
 2025-02-26 09:03:55 -07:00
Ruby Martin d37e566d5d msys2 build file 2025-02-26 08:10:59 -07:00
kaleb-himes 9063093993 Disable XTS-384 as an allowed use in FIPS mode 2025-02-26 07:38:45 -07:00
Tobias Frauenschläger 75d63071df Fix memory leak in handshake 
Make sure peer dilithium keys are properly freed.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:34:00 +01:00
Tobias Frauenschläger 491e70be7a PSK fix 
Fix compilation in case PSK is enabled, not Session tickets are
disabled.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger 3d4ec1464b Minor Dilithium fix 
Fix compilation in case caching is enabled.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger af4017132d LMS fixes 
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger 9db5499dbd Update CryptoCb API for Dilithium final standard 
Add context and preHash metadata.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Tobias Frauenschläger be6888c589 Fixes for Dilithium in TLS handshake 
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
 2025-02-26 15:33:59 +01:00
Jiri Malak b5ba7a6fcc correct Open Watcom linker extra libraries 2025-02-26 11:03:36 +01:00
Jiri Malak 47d130440d remove now useless __WATCOMC__ macro check 2025-02-26 10:26:28 +01:00
Jiri Malak 17a0081261 correct line length to be shorter then 80 characters 2025-02-26 08:02:43 +01:00
Sean Parkinson 9e9efeda28 ARM ASM: available for SHA-384 only too 
Add HAVE_SHA384 to check for whether assembly code is available.
 2025-02-26 16:10:21 +10:00
Sean Parkinson 4752bd2125 Constant time code: improved implementations 
Change constant time code to be faster.
 2025-02-26 11:52:09 +10:00
Jiri Malak a83cf8584d add new macro __UNIX__ to the list of known macros 2025-02-26 01:22:25 +01:00
Marco Oliverio 07c7b21b10 tests: api: fix test for d2i_CERT_ID refactor 2025-02-25 22:22:43 +00:00
Marco Oliverio 5eef98a5ea ocsp: add OCSP CERT ID encode/decode test 2025-02-25 22:22:43 +00:00
Marco Oliverio 5f05209c77 ocsp: fix wolfSSL_d2i_OCSP_CERTID 2025-02-25 22:22:43 +00:00
Jiri Malak ddfbbc68ac various fixes for Open Watcom build 
- fix build for OS/2
- fix build for Open Watcom 1.9
 2025-02-25 22:52:36 +01:00
David Garske 3557cc764a
Merge pull request #8501 from SparkiDev/digest_test_rework 
Digest testing: improve
 2025-02-25 13:03:48 -08:00
Marco Oliverio dfc5e61508 asn: ocsp: refactor out CERT ID decoding 
It will be reused in d2i_CERT_ID
 2025-02-25 20:20:34 +00:00
David Garske f2c5b4e56a
Merge pull request #8500 from SparkiDev/evp_aes_gcm_test_fix 
test_wolfssl_EVP_aes_gcm: fix for mem fail testing
 2025-02-25 09:56:55 -08:00
David Garske bac6771828
Merge pull request #8499 from SparkiDev/crl_list_fix 
CRL: fix memory allocation failure leaks
 2025-02-25 09:54:55 -08:00
David Garske 4eda5e1f7f
Merge pull request #8491 from jmalak/winsock-guard 
correct comment for _WINSOCKAPI_ macro manipulation
 2025-02-25 09:51:23 -08:00
Daniel Pouzzner 0589a34f91
Merge pull request #8135 from gasbytes/fix-conversion 
Fix conversion on various files
 2025-02-25 10:01:31 -06:00
Marco Oliverio 3bd4b35657 ocsp: support CERT_ID encoding in i2d_OCSP_CERTID 2025-02-25 15:45:11 +00:00
Marco Oliverio 4016120f37 ocsp: populate digest type in cert_to_id 
- Added validation for digest type in `wolfSSL_OCSP_cert_to_id` function.
- Defined `OCSP_DIGEST` based on available hash types.
- Set `hashAlgoOID` in `certId` based on `OCSP_DIGEST`.
- Updated `asn.h` to define `OCSP_DIGEST` and `OCSP_DIGEST_SIZE` based on
  available hash types.
 2025-02-25 15:42:44 +00:00