Commit Graph

24623 Commits (3bd4b35657d411cf50e0ba9c98ebcad4c9e96259)

Author SHA1 Message Date
Marco Oliverio 3bd4b35657 ocsp: support CERT_ID encoding in i2d_OCSP_CERTID 2025-02-25 15:45:11 +00:00
Marco Oliverio 4016120f37 ocsp: populate digest type in cert_to_id
- Added validation for digest type in `wolfSSL_OCSP_cert_to_id` function.
- Defined `OCSP_DIGEST` based on available hash types.
- Set `hashAlgoOID` in `certId` based on `OCSP_DIGEST`.
- Updated `asn.h` to define `OCSP_DIGEST` and `OCSP_DIGEST_SIZE` based on
  available hash types.
2025-02-25 15:42:44 +00:00
Marco Oliverio 740fb6bafc test: gate ocsp test when SHA-1 is disabled
tests blobs contains sha-1 hashes in certificate status
2025-02-25 15:42:35 +00:00
Marco Oliverio 78ca784826 test: ocsp: fix output file name in script 2025-02-25 15:42:30 +00:00
Marco Oliverio c24b7d1041 ocsp: use SHA-256 for responder name if no-sha 2025-02-25 15:42:27 +00:00
Marco Oliverio 8b80cb10d6 ocsp: responderID.ByKey is SHA-1 Digest len
Check that responderID.ByKey is exactly WC_SHA_DIGEST_SIZE as per RFC
6960. KEYID_SIZE can change across build configuration.
2025-02-25 15:42:22 +00:00
Daniel Pouzzner a85641574d
Merge pull request #8493 from Laboratory-for-Safe-and-Secure-Systems/pqc_clang_tidy
PQC Clang-tidy fixes
2025-02-24 15:37:05 -06:00
JacobBarthelmeh 146d17d134
Merge pull request #8496 from embhorn/mosquitto_cert_update
Add cert update to workflow
2025-02-24 11:14:33 -07:00
Eric Blankenhorn 0256b426f0 Add cert update to workflow 2025-02-24 11:26:19 -06:00
Sean Parkinson a756010a4d
Merge pull request #8492 from douzzer/20250221-fix-Kbuild-EXPORT_SYMBOL_NS_GPL
20250221-fix-Kbuild-EXPORT_SYMBOL_NS_GPL
2025-02-24 22:37:29 +10:00
Tobias Frauenschläger fd8f6e168b PQC Clang-tidy fixes
Fixes two clang-tidy warnings in error cases.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-24 09:28:23 +01:00
Daniel Pouzzner c9cf4137e7 linuxkm/Kbuild and linuxkm/module_exports.c.template: refactor using .ONESHELL, and in recipe for generating linuxkm/module_exports.c, render the namespace with a literal, with or without quotes as dictated by target kernel version. remove EXPORT_SYMBOL_NS_Q(), which didn't work right on old (pre-6.13) kernels with namespace support.
wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM section, define NO_OLD_WC_NAMES, OPENSSL_COEXIST, etc., to avoid collisions with in-tree crypto in application sources that include both wolfssl and linux kernel native headers.
2025-02-23 15:35:33 -06:00
Daniel Pouzzner 011ade4966 .wolfssl_known_macro_extras: fix unneeded and out-of-order entries (LC_ALL=C order). 2025-02-23 15:35:33 -06:00
Daniel Pouzzner 0116ab6ca2
Merge pull request #8484 from jmalak/offsetof
Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
2025-02-23 14:45:43 -06:00
Jiri Malak 1d1ab2d9ff Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
There are the following reasons for this
- it conflicts with the OFFSETOF macro in the OS/2 header (Open Watcom)
- it is compiler-specific and should use the C standard offsetof definition in the header file stddef.h
- it is more transparent unique name
2025-02-22 09:44:54 +01:00
David Garske 29c3ffb5ee
Merge pull request #8435 from JacobBarthelmeh/formatting
add else case to match with other statements
2025-02-21 17:21:10 -08:00
David Garske 865f96aafd
Merge pull request #7821 from Laboratory-for-Safe-and-Secure-Systems/pqc_hybrid_kex
Add more PQC hybrid key exchange algorithms
2025-02-21 11:28:55 -08:00
JacobBarthelmeh 5fc7d9f5f2
Merge pull request #8483 from gojimmypi/pr-fips-readme
Update README.md to reflect FIPS 140-3 validated Certificate #4718
2025-02-21 11:00:31 -07:00
Tobias Frauenschläger c899f79cfa Update key share group ranking algorithm
In case no user group ranking is set, all groups are now ranked equally
instead of the order in the `preferredGroup` array. This is the
behavior already indicated in the comment header of the function.

This change is necessary for applications that do not set their own
group ranking (via `wolfSSL_CTX_set_groups()` for example). When such an
application creates a TLS server and receives a ClientHello message with
multiple key shares, now the first key share is selected instead of the
one with the lowest index in the `preferredGroup` array.

Recent browsers with PQC support place two key shares in their
ClientHello message: a hybrid PQC + X25519 one and at least one
classic-only one. The hybrid one is the first one, indicating a
preference. Without this change, however, always the classic-only key
share has been selected, as these algorithms have a lower index in the
`preferredGroup` array compared to the PQC hybrids.

Tested using a patched version of NGINX.

This change also results in a different selection of a key share group
in case of a HelloRetryRequest message. For the tests, where static
ephemeral keys are used (`WOLFSSL_STATIC_EPHEMERAL`), an additional
check is necessary to make sure the correct key is used for the ECDH
calculation.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-21 18:44:51 +01:00
Tobias Frauenschläger 89491c7e36 Improvements for PQC hybrid key exchange
Add support for X25519 and X448 based hybrid PQC + ECC key exchange
groups. Furthermore, two new combinations with SECP curves are added to
match OQS combinations.

This also incorporates the changed order of X25519 and X448 based
combinations to place the PQC material before the ECDH material. This is
motivated by the necessity to always have material of a FIPS approved
algorithm first.

Also, codepoints are updated to reflect the latest draft standards for
pure ML-KEM and some of the hybrids. With these changes and based on the
recent additions to both enable ML-KEM final and draft versions
simultaneously, a WolfSSL TLS server is now compatible with all recent
browsers that support either the draft version of ML-KEM (Chromium based
browsers and Firefox < version 132; only when the draft version is
enabled in the build) or the final version already (Firefox > version 132).

In the process of extending support, some code and logic cleanup
happened. Furthermore, some memory leaks within the hybrid code path have
been fixed.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-21 18:44:40 +01:00
David Garske 6271d5b5a4
Merge pull request #8485 from jmalak/cmake-build
fix failing build if not found standard threads support
2025-02-21 09:38:33 -08:00
JacobBarthelmeh c3d5fa6748
Merge pull request #8481 from cconlon/jniDTLS13
Enable DTLS 1.3 by default in `--enable-jni` build
2025-02-21 10:02:49 -07:00
Jiri Malak 000f32a5a4 fix failing tests build if not found standard threads support
Threads::Threads is not defined, if support not found for some reason
if custom threads support is used then it happen always
of cause some tests relates to standard threads support then it fails during build, but build is started and only some tests fail
2025-02-21 09:24:15 +01:00
JacobBarthelmeh 8ae122584c
Merge pull request #8482 from douzzer/20250220-misc-UnalignedWord64
20250220-misc-UnalignedWord64
2025-02-20 17:26:44 -07:00
gojimmypi 4c7538e5ac
Update README.md to reflect FIPS 140-3 validated Certificate #4718 2025-02-20 15:12:18 -08:00
Daniel Pouzzner a05436066d wolfcrypt/test/test.c: fix return values in camellia_test() (also fixes some false positive -Wreturn-stack-addresses from clang++). 2025-02-20 16:50:24 -06:00
Daniel Pouzzner 8aa2799aeb wolfssl/wolfcrypt/types.h: don't define HAVE_EMPTY_AGGREGATES when defined(__cplusplus) (fixes #8478). 2025-02-20 16:49:48 -06:00
JacobBarthelmeh 781d85284c
Merge pull request #8479 from SparkiDev/intel_vzeroupper
Intel AVX1/SSE2 ASM: no ymm/zmm regs no vzeroupper
2025-02-20 15:37:01 -07:00
Chris Conlon 9892ae0cb3 Enable DTLS 1.3 by default in --enable-jni build 2025-02-20 15:05:56 -07:00
Daniel Pouzzner 41b4ac5599 misc.c: undo changes in 82b50f19c6 "when Intel x64 build, assume able to read/write unaligned" -- provokes sanitizer on amd64, and is not portable (e.g. different behavior on Intel vs AMD). all performance-sensitive word64 reads/writes should be on known-aligned data. 2025-02-20 15:00:22 -06:00
JacobBarthelmeh 01808bebca
Merge pull request #8474 from philljj/coverity_feb_2025
coverity: fix test_dtls warnings.
2025-02-20 10:35:47 -07:00
JacobBarthelmeh 619a41f9da
Merge pull request #8476 from philljj/coverity_null_check
coverity: dereference before null check.
2025-02-20 10:33:58 -07:00
Sean Parkinson e90e3aa7c6 Intel AVX1/SSE2 ASM: no ymm/zmm regs no vzeroupper
vzeroupper instruction not needed to be invoked unless ymm or zmm
registers are used.
2025-02-20 22:35:20 +10:00
jordan 95e26f5b27 coverity: dereference before null check. 2025-02-19 23:23:41 -05:00
David Garske 93000e5f14
Merge pull request #8467 from SparkiDev/kyber_improv_2
ML-KEM/Kyber: improvements
2025-02-19 16:42:42 -08:00
Sean Parkinson 82b50f19c6 ML-KEM/Kyber: improvements
ML-KEM/Kyber:
  MakeKey call generate random once only for all data.
  Allow MakeKey/Encapsulate/Decapsulate to be compiled separately.
  Pull out public key decoding common to public and private key decode.
Put references to FIPS 140-3 into code. Rename variables to match FIPS
140-3.
  Fix InvNTT assembly code for x64 - more reductions.
  Split out ML-KEM/Kyber tests from api.c.

TLSX:
Store the object instead of the private key when WOLFSSL_MLKEM_CACHE_A
is defined or WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ. Faster decapsulation
when A is cached and object stored.
To store private key as normal define
WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY.

misc.c: when Intel x64 build, assume able to read/write unaligned
2025-02-20 08:14:15 +10:00
JacobBarthelmeh 539056e749
Merge pull request #8475 from embhorn/gh8473
Fix QUIC callback failure
2025-02-19 14:00:47 -07:00
David Garske 268326d875
Merge pull request #8408 from rizlik/ocsp-resp-refactor
OpenSSL Compat Layer: OCSP response improvments
2025-02-19 11:20:12 -08:00
Daniel Pouzzner 597b839217
Merge pull request #8468 from jmalak/fix-test-c89
correct test source file to follow C89 standard
2025-02-19 11:23:48 -06:00
Eric Blankenhorn 66ed35c910 Fix QUIC callback failure 2025-02-19 10:56:44 -06:00
JacobBarthelmeh 373a7d462a
Merge pull request #8472 from SparkiDev/ed25519_fix_tests
Ed25519: fix tests to compile with feature defines
2025-02-19 09:53:10 -07:00
jordan 6f1c31a816 coverity: fix macro warning. 2025-02-19 11:29:45 -05:00
jordan 9a1d60100f coverity: fix test_dtls warnings. 2025-02-19 09:38:15 -05:00
Sean Parkinson 331a713271 Ed25519: fix tests to compile with feature defines
ge_operations.c: USe WOLFSSL_NO_MALLOC rather than WOLFSSL_SP_NO_MALLOC.
2025-02-19 17:41:03 +10:00
JacobBarthelmeh 393c92c3eb
Merge pull request #8464 from kaleb-himes/SRTP-WIN-PORTING
Porting to Windows 11 MSVS 2022
2025-02-18 16:16:14 -07:00
Jiri Malak 3c74be333e correct test source file to follow C89 standard
for OpenSSL interface
2025-02-18 22:12:11 +01:00
JacobBarthelmeh 48f1c3b57d
Merge pull request #8465 from douzzer/20250217-fix-test-c89
20250217-fix-test-c89
2025-02-18 08:44:17 -08:00
David Garske ff70cdf9d8
Merge pull request #8466 from douzzer/20250217-fixes
20250217-fixes
2025-02-17 19:39:38 -08:00
Daniel Pouzzner 258afa5493 wolfcrypt/src/pkcs7.c: in PKCS7_EncodeSigned(), check for error from SetSerialNumber(). 2025-02-17 18:05:04 -06:00
Daniel Pouzzner 65f38df74d tests/api.c: refactor several C89-incompatible dynamically constructed arrays using static const. 2025-02-17 17:47:36 -06:00