WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
22,788 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

22788 Commits (d5016d451f5d3dd1e017d69f54349d90e577e5cc)

Author SHA1 Message Date
David Garske 51f19f42c6
Merge pull request #7574 from douzzer/20240522-quantum-safe-linuxkm 
20240522-quantum-safe-linuxkm
 2024-05-24 07:35:01 -07:00
David Garske 76e7d8627f
Merge pull request #7584 from Frauschi/zephyr_fix 
Zephyr fix for XSTRNCASECMP
 2024-05-24 07:32:53 -07:00
Tobias Frauenschläger 30eb26bd79 Zephyr fix for XSTRNCASECMP 
The macro missed the third argument for wc_strncasecmp().

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-05-24 11:49:58 +02:00
gasbytes 3f96d14b32 80 characters limit fix 2024-05-24 00:12:38 +02:00
gasbytes 12a5cb45fb separating two x509_store xmalloc checks 2024-05-23 23:04:00 +02:00
Ruby Martin 078fb66b29 Negative tests for all NULL arguments 2024-05-23 14:16:17 -06:00
Ruby Martin b8838dca44 Tests all NULL argument cases 2024-05-23 13:36:48 -06:00
aidan garske 3670bfb9ae Revert change from PR #7570 2024-05-23 12:34:59 -07:00
Tobias Frauenschläger d28dd602e5
Various fixes for dual algorithm certificates (#7577) 
This commit adds varios fixes for the implementation of hybrid
certificates with two algorithms:
* Support for Certificate Signing Requests (both creating hybrid ones
  and also verifying ones)
* Fix for SAN fields in the DecodedCert and PreTBS generation
* Fix related to WOLFSSL_SMALL_STACK

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-05-23 15:03:55 -04:00
Anthony Hu b98e4e0093
Merge pull request #7576 from Frauschi/pqc_private_key_fix 
Fix PQC and hybrid certificate regressions
 2024-05-23 15:03:16 -04:00
Chris Conlon e05dbd531e
Merge pull request #7570 from jackctj117/test 
Code Coverage for hpke.c test case HAVE_CURVE448 using test.c
 2024-05-23 11:49:37 -06:00
Chris Conlon 688ae60cd9
Merge pull request #7573 from aidangarske/hpke_sha512_test 
Add test for HPKE for Curve448
 2024-05-23 11:46:30 -06:00
David Garske ff6e6848de
Merge pull request #7578 from Frauschi/stm32h5_aes 
Add support for STM32H5 AES hardware acceleration
 2024-05-23 10:38:44 -07:00
David Garske 40db521f8b
Merge pull request #7575 from josepho0918/cmac 
Simplify CMAC verification logic
 2024-05-23 10:37:57 -07:00
Tobias Frauenschläger 9a58301ab1 Fix PQC and hybrid certificate regressions 
Due to recent changes in the logic to decode private keys and to parse
the TLS1.3 CertificateVerify message, some regressions regarding PQC
private keys and hybrid certificates have been introduced:
* Decoding PQC private keys fails as the PKCS8 header of a decoded DER
  file is now already removed before parsing the key.
* The key size wasn't properly stored in the context for PQC keys after
  decoding a certificate (always the maximum size)
* The two 16-bit size values in case of a hybrid signature in the
  CertificateVerify message have been incorrectly decoded as 32-bit
  values instead of 16-bit values. This resulted in wrong values,
  leading to segmentation faults.

All three regressions are fixed with the changes in this commit.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-05-23 16:01:28 +02:00
Sean Parkinson 023f604213
Merge pull request #7572 from douzzer/20240522-sha256-avx1-IS_INTEL_SHA 
20240522-sha256-avx1-IS_INTEL_SHA
 2024-05-23 22:37:54 +10:00
Tobias Frauenschläger 82642c1ee1 Add support for STM32H5 AES hardware acceleration 
Tested with STM32H573i discovery board.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
 2024-05-23 12:22:11 +02:00
Joseph Chen 8a7e3ba52e Simplify CMAC verification logic 2024-05-23 15:12:10 +08:00
Daniel Pouzzner 5c497c62e7 initial linuxkm compatibility (no asm yet) for wc_kyber, wc_xmss, and wc_lms, and smallstack refactors for kyber512_kat(), kyber768_kat(), kyber1024_kat(), and kyber_test(). 2024-05-23 00:15:32 -05:00
Ruby Martin f2492da6a4 include negative test comment and BAD_FUNC_ARG 2024-05-22 16:20:20 -06:00
Jack Tjaden 14068fb7f3 Removed returns & check next case for ret 2024-05-22 15:58:09 -06:00
Ruby Martin 159981f442 include negative test comment and BAD_FUNC_ARG 2024-05-22 15:23:38 -06:00
Daniel Pouzzner 110f4ec737 wolfcrypt/src/sha256.c: in WC_NO_INTERNAL_FUNCTION_POINTERS code path (linuxkm), fix oversight whereby Transform_Sha256_AVX1_Sha() was used on targets with false IS_INTEL_SHA(intel_flags). the former SHA256_AVX1 method id is now split into SHA256_AVX1_SHA and SHA256_AVX1_NOSHA, with corresponding fixes in Sha256_SetTransform(), inline_XTRANSFORM() and inline_XTRANSFORM_LEN(). 2024-05-22 15:39:46 -05:00
David Garske 24f581fe13
Merge pull request #7557 from cconlon/jniSessionCerts 
Update --enable-jni to define SESSION_CERTS for wolfJSSE
 2024-05-22 13:08:00 -07:00
aidan garske fe5cc9589b Add HPKE Curve448 test case, however HPKE does not support 448 yet, so expect bad function argument return code. 2024-05-22 12:49:56 -07:00
Jack Tjaden 1a000ef94c single_test and BAD_FUNC_ARG fix 2024-05-22 13:13:56 -06:00
Jack Tjaden 52b6c361f9 test.c code coverage test hpke.c 2024-05-22 11:51:44 -06:00
David Garske cb0048dbb1
Merge pull request #7567 from embhorn/gh7564 
Fix doc for wolfSSL_CTX_EnableOCSP
 2024-05-22 08:46:20 -07:00
David Garske 425dd1986b
Merge pull request #7568 from lealem47/fips_pkcallback 
Fix building FIPS v5 with PK callbacks
 2024-05-22 08:45:58 -07:00
Ruby Martin fe9882769e Test case for wc_HpkeGenerateKeyPair() NULL argument 2024-05-22 09:13:31 -06:00
Sean Parkinson 32c5acca22
Merge pull request #7566 from douzzer/20240521-fix-overshifts 
20240521-fix-overshifts
 2024-05-22 07:42:49 +10:00
Eric Blankenhorn 314afc9e10 Fix doc for wolfSSL_CTX_EnableOCSP 2024-05-21 16:12:23 -05:00
Lealem Amedie ba5cc9bdaf Fix building FIPS v5 with PK callbacks 2024-05-21 15:07:32 -06:00
Daniel Pouzzner c5ce984966 wolfcrypt/src/wc_xmss_impl.c:wc_xmssmt_sign_next_idx(): use (XmssIdx)1, not (word32)1, for a shift-by-height operand; 
src/ssl.c:set_curves_list(): don't attempt to enable curves that are out-of-range for word32 disabled.
 2024-05-21 13:57:40 -05:00
David Garske caaa9feb64
Merge pull request #7551 from gojimmypi/PR-DSA-SHA1 
Add settings.h check: DSA needs SHA1
 2024-05-21 08:47:10 -07:00
David Garske 603b5d1795
Merge pull request #7563 from josepho0918/mqx_v5 
Always use old I/O for MQXv5
 2024-05-21 08:19:15 -07:00
Sean Parkinson 87b71c429a
Merge pull request #7562 from gojimmypi/PR-ssl_load-correction 
Correct warning message file name in ssl_load.c
 2024-05-21 22:14:24 +10:00
Joseph Chen ed321cd640 Always use old I/O for MQXv5 2024-05-21 10:00:40 +08:00
gojimmypi 543a746ddc Add settings check to disable DSA when SHA-1 is disabled 2024-05-20 17:58:25 -07:00
gojimmypi 84032fa24c Correct error message file name in ssl_load.c 2024-05-20 17:20:39 -07:00
Sean Parkinson 43b2c80862
Merge pull request #7552 from dgarske/ecies_own_salt 
Add option for using a custom salt for ourselves
 2024-05-21 09:19:12 +10:00
Sean Parkinson 095906f37a
Merge pull request #7561 from kaleb-himes/SRTP-KDF-MAINTENANCE 
Address periodic CAST failures observed in unit.test by pre-empting CASTs
 2024-05-21 09:16:23 +10:00
David Garske 7d4e601902
Merge pull request #6623 from bigbrett/FIPS-TLS-benchmark-CAST-fix 
Fix benchmark failure on FIPS builds
 2024-05-20 14:07:59 -07:00
kaleb-himes a22956d881 Address periodic CAST failures observed in unit.test by pre-empting the CASTs 2024-05-20 16:35:50 -04:00
Brett Nicholas c6db51b8a0 fixed formatting 2024-05-20 12:47:30 -06:00
David Garske fc172e9abd
Merge pull request #7559 from gojimmypi/PR-PlatformIO-FreeRTOS 
Update PlatformIO README and Examples
 2024-05-20 09:36:23 -07:00
David Garske 0987bf4c1a
Merge pull request #7544 from josepho0918/iar 
Expand supported attributes for IAR
 2024-05-20 09:34:55 -07:00
David Garske 5a0594d257 Match `wc_ecc_ctx_set_kdf_salt` argument names between header and implementation. 2024-05-20 08:38:23 -07:00
Sean Parkinson b8aec63e14
Merge pull request #7560 from douzzer/20240518-XtsAesStreamData 
20240518-XtsAesStreamData
 2024-05-20 08:33:41 +10:00
Daniel Pouzzner d0e73783f1 wolfcrypt/src/aes.c and wolfssl/wolfcrypt/aes.h: add FIPS_AES_XTS_MAX_BYTES_PER_TWEAK and struct XtsAesStreamData, with improved error checking on streaming AES-XTS APIs; 
wolfcrypt/test/test.c and linuxkm/lkcapi_glue.c: update AES-XTS streaming calls to use struct XtsAesStreamData;

linuxkm/lkcapi_glue.c: add handling for CONFIG_CRYPTO_MANAGER*.
 2024-05-18 22:00:00 -05:00