WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
25,311 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

9588 Commits (6790c95e944bc4cdc707914215760f8ca94d6025)

Author SHA1 Message Date
Andrew Hutchings 6790c95e94
Merge pull request #8745 from dgarske/stm32_crypt_header_width 
Fix edge case issue with STM32 AES GCM auth padding
 2025-05-15 16:51:52 +01:00
Daniel Pouzzner c201006a26 wolfcrypt/src/sp_int.c: move setup for -Wno-array-bounds when WOLFSSL_SP_DYN_STACK, to follow sp_int.h include. 2025-05-14 18:20:08 -05:00
Daniel Pouzzner 55bbd84445 wolfssl/wolfcrypt/sp_int.h and wolfcrypt/src/sp_int.c: add WOLFSSL_SP_DYN_STACK macro to orthogonalize gnarly setup logic, and refactor to use it throughout; refactor several more sp_int stack-allocated data buffers as sp_int_digit[]s rather than char[]s. 2025-05-14 15:39:37 -05:00
David Garske 49d9bfa160
Merge pull request #8758 from bigbrett/exportx509pubkey-api 
Added new ASN X509 API: `wc_GetSubjectPubKeyInfoDerFromCert`
 2025-05-14 12:28:45 -07:00
Brett Nicholas 40c9a03ebe rename function args to match implementation 2025-05-14 11:31:36 -06:00
David Garske 6270429089 Fix STM32MP13x STM32 AES GCM. 2025-05-14 10:27:01 -07:00
David Garske 7a936d731d Fix edge case issue with STM32 AES GCM auth padding. Issue introduced in PR #8584. Fixes ZD 19783 
Added way to override STM_CRYPT_HEADER_WIDTH.
 2025-05-14 10:27:01 -07:00
Daniel Pouzzner 8035667d9b wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add WOLFSSL_DEBUG_PRINTF_FN and WOLFSSL_DEBUG_PRINTF_FIRST_ARGS, and update refactored wolfssl_log(), for C89 compat. 2025-05-14 03:21:28 -05:00
Daniel Pouzzner c5021c0690 wolfcrypt/src/ecc.c: fix identicalInnerCondition in ecc_mulmod(). 2025-05-14 03:18:35 -05:00
Daniel Pouzzner 55460a5261 wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add 
WOLFSSL_DEBUG_PRINTF() macro adapted from wolfssl_log(), refactor
  wolfssl_log() to use it, and move printf setup includes/prototypes from
  logging.c to logging.h;

src/ssl_load.c: add source_name arg and WOLFSSL_DEBUG_CERTIFICATE_LOADS clauses
  to ProcessBuffer() and ProcessChainBuffer(), and pass reasonable values from
  callers;

remove expired "Baltimore CyberTrust Root" from certs/external/ca_collection.pem
  and certs/external/baltimore-cybertrust-root.pem.
 2025-05-13 20:30:48 -05:00
Brett Nicholas 2151a1b8a1 review comments 2025-05-12 11:43:56 -06:00
David Garske ed6f853b9c
Merge pull request #8763 from douzzer/20250511-fixes 
20250511-fixes
 2025-05-12 08:48:37 -07:00
David Garske 110504acd6
Merge pull request #8761 from douzzer/20250510-SP-dyn-stack-tweaks-and-workaround 
20250510-SP-dyn-stack-tweaks-and-workaround
 2025-05-12 08:48:10 -07:00
Daniel Pouzzner e19295bb64 wolfssl/wolfcrypt/settings.h: #define WOLFSSL_CURVE25519_BLINDING if defined(NO_CURVED25519_X64); 
wolfcrypt/src/curve25519.c: if defined(NO_CURVED25519_X64), #undef USE_INTEL_SPEEDUP;

wolfcrypt/src/fe_operations.c: fixes for -m32 -Wconversions;

.github/workflows/wolfCrypt-Wconversion.yml: add -m32 scenario;

.wolfssl_known_macro_extras: remove unneeded entry for WOLFSSL_CURVE25519_BLINDING.
 2025-05-11 12:06:23 -05:00
Daniel Pouzzner 001a5ef897 wolfcrypt/test/test.c: in main(), return (exit with) 0 for success and 1 for failure. 2025-05-10 12:08:50 -05:00
Daniel Pouzzner c967dd2a30 wolfcrypt/src/sp_int.c and wolfssl/wolfcrypt/sp_int.h: add 
MP_INT_SIZEOF_DIGITS() macro, and use it for stack allocations in DECL_SP_INT()
  and DECL_SP_INT_ARRAY();

  refactor _sp_submod() to use DECL_SP_INT() rather than DECL_SP_INT_ARRAY() to
  work around apparent optimizer bug in gcc-15.
 2025-05-10 01:28:17 -05:00
Brett Nicholas 79f214f73c add new X509 API: wc_Exportx509PubKeyWithSpki 2025-05-09 14:40:20 -06:00
JacobBarthelmeh 8e0aefd321
Merge pull request #8725 from AlexLanzano/no-malloc-support 
Add support for no malloc with `wc_CheckCertSigPubKey`
 2025-05-09 14:23:47 -06:00
David Garske 68b83bfa14
Merge pull request #8711 from JacobBarthelmeh/coverity 
fix for sanity check on --group with unit test app and null sanity check with des decrypt
 2025-05-09 11:41:53 -07:00
Sean Parkinson 9d1bf83a43
Merge pull request #8736 from JacobBarthelmeh/build 
adjust default build with curve25519
 2025-05-09 20:24:53 +10:00
JacobBarthelmeh 6f1fe2e4b9 add sanity check on des cbc decrypt, CID 512990 2025-05-08 13:50:02 -06:00
JacobBarthelmeh ae4a4236cc fix for index value with curve25519 2025-05-08 13:42:02 -06:00
JacobBarthelmeh 3f9fe491cc adjust C# test and set rng with hpke case 2025-05-07 14:33:15 -06:00
David Garske 72bff7d01e Lint and overlong. 2025-05-07 12:06:11 -07:00
David Garske 760178c7dc Improvements to no malloc support in ConfirmSignature for async and non-blocking. Refactor DSA ASN.1 decode in ConfirmSignature. Cleanup indent in types.h. Move `struct CertSignCtx` to types.h. Move `WC_ENABLE_ASYM_KEY_IMPORT` and `WC_ENABLE_ASYM_KEY_EXPORT` to settings.h. 2025-05-07 12:06:09 -07:00
Alex Lanzano bc6b5598c5 Add NO_MALLOC support for wc_CheckCertSigPugKey 2025-05-07 12:04:38 -07:00
David Garske 1e3718ea7b
Merge pull request #8655 from SparkiDev/asn1_oid_update 
ASN.1 OIDs and sum: Change algorithm for sum
 2025-05-07 11:43:54 -07:00
JacobBarthelmeh cbc4cba263 set rng when making a curve25519 key and cast type after shift 2025-05-07 11:45:55 -06:00
JacobBarthelmeh eae4005884
Merge pull request #8717 from dgarske/renesas_rx_api 
Make wc_tsip_* API's public
 2025-05-07 09:29:05 -06:00
Sean Parkinson 5e5f486a4c
Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson 4b73e70515
Merge pull request #8706 from dgarske/win_crypt_rng 
New build option to allow reuse of the windows crypt provider handle …
 2025-05-07 20:55:07 +10:00
Sean Parkinson 112351667a ASN.1 OIDs and sum: Change algorithm for sum 
New sum algorithm has no clashes at this time.
Old algorithm enabled by defining: WOLFSSL_OLD_OID_SUM.
New oid_sum.h file generated with scripts/asn1_oid_sum.pl.

Added bunch of OID names into asn1 example.
 2025-05-07 08:32:08 +10:00
Sean Parkinson d100898e92
Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix 
wc_HKDF_Expand_ex: correctly advance the index
 2025-05-07 08:23:33 +10:00
David Garske 05a3557b2b
Merge pull request #8703 from lealem47/zd19592 
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
 2025-05-06 14:42:19 -07:00
David Garske d04ab3757e New build option `WIN_REUSE_CRYPT_HANDLE` to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after `WC_RESEED_INTERVAL`. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing `hpke.c` to wolfssl VS project. 2025-05-06 14:38:02 -07:00
Juliusz Sosinowicz d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index 2025-05-06 13:47:54 +02:00
Sean Parkinson 428915e492
Merge pull request #8719 from philljj/coverity_april_2025 
Fix coverity warnings
 2025-05-06 10:11:27 +10:00
Sean Parkinson dfec168402
Merge pull request #8721 from philljj/coverity_misc 
Coverity misc
 2025-05-06 10:04:53 +10:00
David Garske c2f1563144
Merge pull request #8726 from kareem-wolfssl/zd19786 
Pass in correct hash type to wolfSSL_RSA_verify_ex.
 2025-05-05 15:38:41 -07:00
David Garske 751dcdf3df Improve the hash wait logic by separating the data input ready from the digest calculation complete. 2025-05-05 14:36:36 -07:00
David Garske 0f4ce03c28 Fixes for `NO_AES_192` and `NO_AES_256`. Added CI test. Fixed bad BUILD_ logic for `ADH-AES256-GCM-SHA384`. 2025-05-05 14:36:36 -07:00
David Garske e487685d7d Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads. 2025-05-05 14:36:36 -07:00
David Garske 3d4e89c2ca Make wc_tsip_* API's public. 2025-05-05 14:02:05 -07:00
Kareem aad15b27a2 Pass in correct hash type to wolfSSL_RSA_verify_ex. 2025-05-05 11:58:26 -07:00
jordan efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
jordan baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00
Sean Parkinson 3acf3ef3c5 RISC-V 64-bit: fix raw hash when using crypto instructions 
./configure CC=riscv64-linux-gnu-gcc --host=riscv64 --disable-shared LDFLAGS=--static --enable-riscv-asm=zvkned
Digest state is not always stored in a way that can be directly copied out.
 2025-05-03 08:42:17 +10:00
Daniel Pouzzner 4450167ab0
Merge pull request #8707 from philljj/register_dh 
linuxkm: register dh and ffdhe.
 2025-04-28 23:00:17 -05:00
jordan f6f3b0a1ee linuxkm: register dh and ffdhe. 2025-04-25 21:21:26 -05:00
David Garske 3a1178f71c Fix for STM32 Hash with NVIC (IRQ) enabled that can cause a DINIS interrupt that does not get cleared. If the HASH NVIC tab has Interrupts enabled it can cause an IRQ to be triggered that is not cleared. This is because the wolfSSL implementation of STM32 Hash does not call the HAL HASH API's and does not use interrupts yet. ZD 19778 2025-04-23 13:55:57 -07:00