WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
25,234 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

9557 Commits (ed2c20a3b2317f49b51daf54eb537304b0ded9a6)

Author SHA1 Message Date
Sean Parkinson 5e5f486a4c
Merge pull request #8732 from dgarske/stm32_hash_status 
Fix for STM32 hash status check logic (also fix NO_AES_192 and NO_AES_256)
 2025-05-07 20:56:18 +10:00
Sean Parkinson 4b73e70515
Merge pull request #8706 from dgarske/win_crypt_rng 
New build option to allow reuse of the windows crypt provider handle …
 2025-05-07 20:55:07 +10:00
Sean Parkinson d100898e92
Merge pull request #8737 from julek-wolfssl/wc_HKDF_Expand_ex-fix 
wc_HKDF_Expand_ex: correctly advance the index
 2025-05-07 08:23:33 +10:00
David Garske 05a3557b2b
Merge pull request #8703 from lealem47/zd19592 
Attempt wolfssl_read_bio_file in read_bio even when XFSEEK is available
 2025-05-06 14:42:19 -07:00
David Garske d04ab3757e New build option `WIN_REUSE_CRYPT_HANDLE` to allow reuse of the windows crypt provider handle. Seeding happens on any new RNG or after `WC_RESEED_INTERVAL`. If using threads make sure wolfSSL_Init() or wolfCrypt_Init() is called before spinning up threads. ZD 19754. Fixed minor implicit cast warnings in internal.c. Add missing `hpke.c` to wolfssl VS project. 2025-05-06 14:38:02 -07:00
Juliusz Sosinowicz d82d8a53ef wc_HKDF_Expand_ex: correctly advance the index 2025-05-06 13:47:54 +02:00
Sean Parkinson 428915e492
Merge pull request #8719 from philljj/coverity_april_2025 
Fix coverity warnings
 2025-05-06 10:11:27 +10:00
Sean Parkinson dfec168402
Merge pull request #8721 from philljj/coverity_misc 
Coverity misc
 2025-05-06 10:04:53 +10:00
David Garske c2f1563144
Merge pull request #8726 from kareem-wolfssl/zd19786 
Pass in correct hash type to wolfSSL_RSA_verify_ex.
 2025-05-05 15:38:41 -07:00
David Garske 751dcdf3df Improve the hash wait logic by separating the data input ready from the digest calculation complete. 2025-05-05 14:36:36 -07:00
David Garske 0f4ce03c28 Fixes for `NO_AES_192` and `NO_AES_256`. Added CI test. Fixed bad BUILD_ logic for `ADH-AES256-GCM-SHA384`. 2025-05-05 14:36:36 -07:00
David Garske e487685d7d Fix for STM32 Hashing status bit checking logic. ZD 19783. The digest calculation was indicating "not busy" before digest result (DCIS) was finished. This did not show up on most systems because the computation is usually done by the time it reads. 2025-05-05 14:36:36 -07:00
Kareem aad15b27a2 Pass in correct hash type to wolfSSL_RSA_verify_ex. 2025-05-05 11:58:26 -07:00
jordan efd5405d0e coverity: fix check_after_deref, assignment_where_comparison_intended, uninit vars, return values, etc. 2025-05-05 13:18:29 -05:00
jordan baa7efa8af Fix coverity uninit var warnings, add missing priv key ForceZero. 2025-05-05 13:14:39 -05:00
Sean Parkinson 3acf3ef3c5 RISC-V 64-bit: fix raw hash when using crypto instructions 
./configure CC=riscv64-linux-gnu-gcc --host=riscv64 --disable-shared LDFLAGS=--static --enable-riscv-asm=zvkned
Digest state is not always stored in a way that can be directly copied out.
 2025-05-03 08:42:17 +10:00
Daniel Pouzzner 4450167ab0
Merge pull request #8707 from philljj/register_dh 
linuxkm: register dh and ffdhe.
 2025-04-28 23:00:17 -05:00
jordan f6f3b0a1ee linuxkm: register dh and ffdhe. 2025-04-25 21:21:26 -05:00
David Garske 3a1178f71c Fix for STM32 Hash with NVIC (IRQ) enabled that can cause a DINIS interrupt that does not get cleared. If the HASH NVIC tab has Interrupts enabled it can cause an IRQ to be triggered that is not cleared. This is because the wolfSSL implementation of STM32 Hash does not call the HAL HASH API's and does not use interrupts yet. ZD 19778 2025-04-23 13:55:57 -07:00
JacobBarthelmeh c22505a71a
Merge pull request #8700 from embhorn/rel_fixes_cs 
Fixes from CodeSonar report
 2025-04-23 11:36:15 -06:00
Lealem Amedie 5fe086b388 Skip PKCS8 header check in wc_CreatePKCS8Key with WOLFSSL_NO_ASN_STRICT 2025-04-22 16:58:04 -06:00
Daniel Pouzzner d4fc8c3791 linuxkm/: null out pointers with PTR_ERR()-encoded values before jumping to cleanup; 
linuxkm/lkcapi_rsa_glue.c: in km_rsa_init(), implement error-path cleanup;

linuxkm/module_hooks.c: nix CONFIG_MODULE_SIG requirement in WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE builds;

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, define WOLFSSL_ASN_INT_LEAD_0_ANY if LINUXKM_LKCAPI_REGISTER (required for kernel 5.10 crypto manager);

wolfcrypt/src/memory.c: add WC_NO_ERR_TRACE() to mock error returns in SAVE_VECTOR_REGISTERS2_fuzzer().
 2025-04-22 16:44:07 -05:00
Eric Blankenhorn 66b9256f86 Fixes from CodeSonar report 2025-04-22 14:43:01 -05:00
Daniel Pouzzner 25cd009a42
Merge pull request #8695 from JacobBarthelmeh/coverity 
null derefernce sanity checks and control flow issue
 2025-04-22 11:37:51 -05:00
Daniel Pouzzner 9e5c064d5d
Merge pull request #8679 from kojiws/keep_header_on_pkcs12_parse 
Add wc_PKCS12_parse_ex() to keep PKCS8 header
 2025-04-19 01:57:21 -05:00
Daniel Pouzzner 543ba268a4
Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix 
wolfSSL_EVP_PKEY_cmp: only compare the public keys
 2025-04-19 01:51:49 -05:00
JacobBarthelmeh 69a4607f84 null sanity check on arguments in wc_HpkeContextComputeNonce, CID 515543 2025-04-18 16:47:36 -06:00
Daniel Pouzzner 8c0b931459
Merge pull request #8652 from kareem-wolfssl/zd19563_2 
Add some FPKI test OIDs which are currently being used in DoD JITC certificates.
 2025-04-18 14:04:29 -05:00
Koji Takeda 039ff1b460 Add wc_PKCS12_parse_ex() 2025-04-18 06:39:16 +09:00
Kareem 645da33176 Fix unused function warning for wc_AesDecrypt when building with STM32. 
This function is not needed for AES-CCM, as the AES-CCM decrypt function only calls wc_AesEncrypt.
 2025-04-17 14:33:44 -07:00
Kareem 038eab61d0 Add additional FPKI test OIDs. 2025-04-17 11:29:36 -07:00
Kareem 00a6c3953c Add some FPKI test OIDs which are currently being used in DoD JITC certificates. 2025-04-17 11:10:35 -07:00
Daniel Pouzzner 5b3e19c1b6
Merge pull request #8686 from miyazakh/oid_collision 
fix OID collision
 2025-04-17 00:54:04 -05:00
Daniel Pouzzner 90f30fd15e
Merge pull request #8623 from SparkiDev/lms_kid_from_privraw 
LMS: add API to get Key ID from raw private key
 2025-04-17 00:49:08 -05:00
David Garske 404fafd598
Merge pull request #8677 from SparkiDev/regression_fixes_17 
Regression test fixes
 2025-04-16 20:20:28 -07:00
David Garske a66fb123b4
Merge pull request #8684 from SparkiDev/lms_max_levels_1 
LMS: fix for when WOLFSSL_LMS_MAX_LEVELS is 1
 2025-04-16 20:19:40 -07:00
David Garske a9e2146f06
Merge pull request #8675 from SparkiDev/entropy_memuse_fix 
Entropy MemUse: fix for when block size less than update bits
 2025-04-16 20:18:22 -07:00
Hideki Miyazaki 62f7ff9ec2 fix OID collision 
fix qt jenkins failure
 2025-04-17 11:55:03 +09:00
Sean Parkinson 62f28759d8 LMS: fix for when WOLFSSL_LMS_MAX_LEVELS is 1 2025-04-17 11:19:41 +10:00
Sean Parkinson a34284e0a2 Entropy MemUse: support for custom hi res time 
Call the custom high resolution time function when
CUSTOM_ENTROPY_TIMEHIRES is defined with the function name.
 2025-04-17 09:30:29 +10:00
Juliusz Sosinowicz 290dbaa18e wolfSSL_EVP_PKEY_cmp: only compare the public keys 2025-04-16 18:14:09 +02:00
Sean Parkinson 3ac05dea09 Regression test fixes 
dtls13.c: LowResTimer() not available when NO_ASN_TIME is defined.
api.c: Add certificate and key to use for when only Ed25519 or Ed448.
asn.c: Casts needed for g++ compile.
mem_track.c: Casts needed for g++ compile.
 2025-04-16 21:46:48 +10:00
Sean Parkinson 5e8d018ff7
Merge pull request #8659 from kojiws/improve_mldsa_priv_key_import 
Improve ML-DSA private key import and the test
 2025-04-16 18:21:00 +10:00
Koji Takeda 1646a4b274 Reflect review 2025-04-16 13:46:39 +09:00
Sean Parkinson b1aa11d42e Entropy MemUse: fix for when block size less than update bits 
When the block size is less than the number of update bits, adding the
update value will make the index larger than ENTROPY_NUM_WORDS.
The update bits, ENTROPY_NUM_UPDATES_BITS, should be less than or equal
to ENTROPY_BLOCK_SZ but is not practical.
Add extra elements to the entropy state to accomadate this.
 2025-04-16 10:30:37 +10:00
Daniel Pouzzner 6bf93c93d4
Merge pull request #8594 from julek-wolfssl/nss 
Implement AES-CTS in wolfCrypt
 2025-04-15 18:35:52 -05:00
Daniel Pouzzner fbc6190752
Merge pull request #8160 from kaleb-himes/OE8-CHECK-IN 
OE8 check in
 2025-04-15 18:13:44 -05:00
JacobBarthelmeh d9fd1072a2
Merge pull request #8672 from SparkiDev/asm_fixes_1 
Various fixes for Aarch64/ARM32/Thumb2 ASM
 2025-04-15 14:56:32 -06:00
Sean Parkinson cf1f8e14ff Various fixes for Aarch64/ARM32/Thumb2 ASM 
cpuid.c: hwcaps not used.
thumb2-*: ldm -> LDM
sp_arm32.c: No register assignment, fix sp_*_from_bin
sp_armthumb.c: fix sp_*_from_bin
sp_cotexm.c: fix line lengths, fix sp_*_from_bin
 2025-04-15 17:00:06 +10:00
Daniel Pouzzner b000d7382f
Merge pull request #8671 from SparkiDev/poly1305_aarch64_asm_fix 
Poly1305 Aarch64 ASM: fix
 2025-04-14 22:36:39 -05:00