WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
22,145 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

5902 Commits (9ac918c0d45b8f8f6e74185a3bc7fa59e60f3785)

Author SHA1 Message Date
Sean Parkinson 6e49aa7543
Merge pull request #7421 from philljj/update_lms_parms 
Update enum wc_LmsParm for wolfboot support.
 2024-04-24 16:39:10 +10:00
jordan bc00c95fe5 Update enum wc_LmsParm for wolfboot support. 2024-04-23 09:37:07 -05:00
Daniel Pouzzner 5d9154e8c6 wolfcrypt/src/sha{256,512,3}.c add SAVE_VECTOR_REGISTERS() for SHA-2 and SHA-3 vectorized implementations, and add WC_NO_INTERNAL_FUNCTION_POINTERS code paths to fix GOT relocations around implementation function pointers. 2024-04-23 01:31:43 -05:00
Sean Parkinson c3d9fb61a8
Merge pull request #7444 from miyazakh/trackmem_exclusion 
Exclusively tracking mem properties
 2024-04-23 11:08:42 +10:00
David Garske 3a89c452b3
Merge pull request #7454 from lealem47/stm32AesCtr 
Fix for AES CTR on STM32
 2024-04-22 10:04:06 -07:00
Lealem Amedie acc6ff84d8 Move rng seed cb call to wolfcrypt_test 2024-04-19 12:36:20 -06:00
kaleb-himes e835517633 SRTCP 32-bit indices default plus errata 48-bit indices 2024-04-19 12:31:08 -06:00
JacobBarthelmeh 5f9ed54aaa
Merge pull request #7451 from SparkiDev/test_fixes_1 
Fixes from configuration testing
 2024-04-19 10:43:31 -06:00
JacobBarthelmeh c7f852fbbd
Merge pull request #7450 from anhu/reneg_indic 
check for conflicting secure renegotiation macros (settings.h)
 2024-04-19 10:41:26 -06:00
JacobBarthelmeh 9242f611b2
Merge pull request #7449 from lealem47/nginx_stubs 
Adding stubs required for latest nginx
 2024-04-19 10:38:17 -06:00
Sean Parkinson 97d560d9af Fixes from configuration testing 
asn1.c: Allow sample to build without coding (base64 decoding).

set_curves_list(): function for ECC, Ed25519, Ed448 but this block of
code is ECC only. Fixed #ifdef protection.

wolfSSL_CTX_set1_curves_list and wolfSSL_set1_curves_list also available
when Curve25519/Curve448 compiled in but not ECC.
 2024-04-19 08:40:19 +10:00
Lealem Amedie 7a7af18887 Guard with OPENSSL_EXTRA instead of WOLFSSL_NGINX 2024-04-18 16:33:37 -06:00
Anthony Hu 85326da7fc check for conflicting HAVE_RENEGOTIATION_INDICATION and HAVE_SECURE_RENEGOTIATION in settings.h 2024-04-18 17:51:33 -04:00
Daniel Pouzzner e48f06bd53 fixes for WOLFSSL_DUAL_ALG_CERTS: "cannot take address of bit-field ‘altKeyType’" and "‘altPrivateKeyType’" in ProcessBufferTryDecode(), "‘heap’ undeclared" in ProcessBufferCertAltPublicKey(), "‘consumed’ undeclared" in ProcessFile(), "‘keySz’ undeclared" in wolfSSL_CTX_use_PrivateKey_Id(). 2024-04-18 13:49:44 -05:00
Lealem Amedie a1cf316630 Adding stubs required for latest nginx 2024-04-18 12:28:31 -06:00
Hideki Miyazaki dab6726e58
fix tracking mem properties under multi-threads 2024-04-18 15:14:25 +09:00
Daniel Pouzzner b2f594e84b fixes for --enable-32bit CFLAGS=-m32 --enable-fips=v6 (fixes "#error ED448 requires SHAKE256"). 2024-04-17 00:43:41 -05:00
Sean Parkinson 8e9810e87e ssl.c: Move functions out to separate files 
Moved E[CD][25519||448] APIs to pk.c
Move public key PEM APIs to pk.c.
Move wolfSSL loading and using of private keys and certificates to
ssl_load.c
Move PKCS#7 and PKCS#12 APIs to ssl_p7p12.c.
Move session and session cache APIs to ssl_sess.c.
Other minor fixes.
 2024-04-16 10:30:59 +10:00
JacobBarthelmeh 3742c4dd57
Merge pull request #7413 from gojimmypi/PR-PlatformIO-FreeRTOS 
Modify PlatformIO FreeRTOS include path, settings.h
 2024-04-12 14:32:55 -06:00
JacobBarthelmeh 3113e6c855
Merge pull request #7393 from philljj/xmss_w64_settings 
Adjust wc_xmss and wc_lms settings to support wolfboot.
 2024-04-12 14:14:50 -06:00
jordan 6ae99485a1 Additional changes to support wolfboot wc_lms. 2024-04-12 10:51:55 -05:00
gojimmypi b1261f5471 Modify PlatformIO FreeRTOS include path, settings.h 2024-04-11 07:46:35 -07:00
kaleb-himes 0d83d0d199 Make wolfEntropy optional and bring settings.h in sync w/ master 2024-04-09 10:44:17 -06:00
kaleb-himes 2e63ae750d Comments for SP800-38E TODO, wolfEntropy optional setup and remove forced errors api.c 2024-04-09 09:48:33 -06:00
kaleb-himes 8092104396 Address a flush-left in test.c and gt 80 column limit in settings.h 2024-04-09 09:48:33 -06:00
kaleb-himes b7d88e0852 Cleanup duplicate forward dec logic with different macros 2024-04-09 09:48:33 -06:00
kaleb_himes 81f5ac7f6c SRTP-KDF FS Preview 2024-04-09 09:48:33 -06:00
Daniel Pouzzner 2ba12a89df
Merge pull request #7386 from anhu/reseed_public 
Make wc_RNG_DRBG_Reseed() a wolfCrypt API.
 2024-04-05 14:27:26 -04:00
Anthony Hu 3908bc34ed
Merge pull request #7399 from douzzer/20240405-tls-endian-fixes 
20240405-tls-endian-fixes
 2024-04-05 13:40:07 -04:00
Daniel Pouzzner cdf2504612 fixes for non-portable (endian-sensitive) code patterns around word16 in TLS layer. 2024-04-05 10:42:05 -05:00
Daniel Pouzzner 9542843874 wolfssl/wolfcrypt/settings.h: streamline definitions of WOLFSSL_FIPS_VERSION_CODE for the !HAVE_FIPS and !HAVE_FIPS_VERSION cases; add WOLFSSL_FIPS_VERSION2_CODE and fix the incumbent FIPS_VERSION_{LT,LE,EQ,GE,GT} definitions to use it. 2024-04-04 22:27:51 -05:00
kaleb-himes ae2a92e449 add "VERSION3" variants of macros for testing and computing FIPS versions. 2024-04-04 17:39:07 -05:00
jordan 0c22f1f048 wc_xmss_impl requires misc.c functions. 2024-04-03 14:52:05 -05:00
JacobBarthelmeh 8b587b563c
Merge pull request #7286 from Frauschi/hybrid_signatures 
Improvements to dual algorithm certificates
 2024-04-03 13:37:16 -06:00
jordan 79abae8c3d Only require WOLFSSL_W64_WRAPPER if WOLFSSL_XMSS_MAX_HEIGHT greater than 32. 2024-04-03 12:16:03 -05:00
JacobBarthelmeh c768f76d5a
Merge pull request #7315 from fabiankeil/disable-3des-ciphers 
Allow to enable DES3 support without the DES3 ciphers
 2024-04-02 17:48:01 -06:00
JacobBarthelmeh 04ebc966d0
Merge pull request #7385 from philljj/spelling_cleanup 
Used codespell and fixed obvious typos.
 2024-04-02 14:35:51 -06:00
Anthony Hu 598a3bfdcd Make wc_RNG_DRBG_Reseed() a wolfCrypt API. 2024-04-02 12:33:35 -04:00
jordan b65e42bf4d Used codespell and fixed obvious typos. 2024-04-02 10:19:39 -05:00
Eric Blankenhorn e072677379 Fix build error with RECORD_SIZE defined 2024-04-02 10:02:35 -05:00
Tobias Frauenschläger 136eaae4f1 Improvements to dual alg certificates 
* Support for external keys (CryptoCb interface)
* Support for usage in mutual authentication
* better entity cert parsing
* Fix for Zephyr port to support the feature
* Check key support
* Proper validation of signatures in certificate chains
* Proper validation of peer cert with local issuer signature
	(alt pub key is cached now)
* Support for ECC & RSA as alt keys with PQC as primary
* Support for PQC certificate generation
* Better support for hybrid signatures with variable length signatures
* Support for primary and alternative private keys in a single
  file/buffer
* More API support for alternative private keys

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-04-01 17:37:03 -04:00
Daniel Pouzzner 038be95a4a wolfssl/wolfcrypt/types.h: add WC_SAFE_SUM_WORD32(). 
src/internal.c: mitigations for potential integer overflows in figuring allocation sizes.
 2024-03-29 11:45:11 -05:00
Daniel Pouzzner e8e3e9db43
Merge pull request #7285 from anhu/noMagic274 
Get rid of magic number to size structs.
 2024-03-27 23:43:28 -04:00
JacobBarthelmeh e5914effab prepare for release 5.7.0 2024-03-20 19:32:22 +07:00
JacobBarthelmeh b9619c3f0b
Merge pull request #7343 from douzzer/20240315-pq-experimental 
20240315-pq-experimental
 2024-03-19 00:54:56 +07:00
JacobBarthelmeh dd6db025e3 add parenthesis around define value 2024-03-18 21:13:42 +07:00
JacobBarthelmeh 44f3e4a3b7 CID 337219 allocation using untrusted size 2024-03-18 16:04:37 +07:00
Daniel Pouzzner 924887b468 configure.ac and wolfssl/wolfcrypt/settings.h: implement --enable-experimental and add a WOLFSSL_EXPERIMENTAL_SETTINGS gate, and refactor "EXPERIMENTAL" features (all pq) to note and enforce requirement for --enable-experimental and WOLFSSL_EXPERIMENTAL_SETTINGS. 2024-03-15 16:15:26 -05:00
Daniel Pouzzner 3728cd3dc5 Kyber fixes: 
wolfssl/wolfcrypt/wc_kyber.h: in definition of struct KyberKey, use correct type for devId;

wolfcrypt/src/wc_kyber_poly.c: numerous fixes for bugprone-macro-parentheses and readability-inconsistent-declaration-parameter-name;

tests/api.c: in test_tls13_apis(), add missing defined(HAVE_LIBOQS) gate on inclusion of ":P256_KYBER_LEVEL1" in groupList.
 2024-03-15 16:06:32 -05:00
Sean Parkinson d1b16f2c7b Regression testing fixes 
api.c: z and ret no longer only when !NO_ASN_TIME.
benchmark.c: rsaKey array type has changed and unusual code path needsed
updating.
cmac.c: Zeroization test failed when checkSz was zero as called function
didn't zero out cmac. checkSz is invalid.
test.c: rsaCaCertDerFile used even when NO_ASN_TIME.
test.h: --enable-sp-math only supports DH of 2048 bits and above. Change
default DH parameters to be 2048 bits.
 2024-03-15 13:24:40 +10:00