wolfssl

Author	SHA1	Message	Date
Daniel Pouzzner	8de00d7651	fix benign clang-analyzer-deadcode.DeadStores in pq crypto files introduced in 9a58301ab1.	2024-05-24 14:24:02 -05:00
Juliusz Sosinowicz	a5154b22f1	Merge pull request #7583 from gasbytes/patch-segv separating two x509_store xmalloc checks	2024-05-24 19:58:29 +02:00
gasbytes	063e48014a	fix tabs and spaces	2024-05-24 17:52:54 +02:00
David Garske	3b5517692e	Merge pull request #7582 from aidangarske/hpke_test_fix Revert change from PR #7570	2024-05-24 07:35:39 -07:00
David Garske	51f19f42c6	Merge pull request #7574 from douzzer/20240522-quantum-safe-linuxkm 20240522-quantum-safe-linuxkm	2024-05-24 07:35:01 -07:00
David Garske	76e7d8627f	Merge pull request #7584 from Frauschi/zephyr_fix Zephyr fix for XSTRNCASECMP	2024-05-24 07:32:53 -07:00
Tobias Frauenschläger	30eb26bd79	Zephyr fix for XSTRNCASECMP The macro missed the third argument for wc_strncasecmp(). Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>	2024-05-24 11:49:58 +02:00
gasbytes	3f96d14b32	80 characters limit fix	2024-05-24 00:12:38 +02:00
gasbytes	12a5cb45fb	separating two x509_store xmalloc checks	2024-05-23 23:04:00 +02:00
aidan garske	3670bfb9ae	Revert change from PR #7570	2024-05-23 12:34:59 -07:00
Tobias Frauenschläger	d28dd602e5	Various fixes for dual algorithm certificates (#7577 ) This commit adds varios fixes for the implementation of hybrid certificates with two algorithms: * Support for Certificate Signing Requests (both creating hybrid ones and also verifying ones) * Fix for SAN fields in the DecodedCert and PreTBS generation * Fix related to WOLFSSL_SMALL_STACK Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>	2024-05-23 15:03:55 -04:00
Anthony Hu	b98e4e0093	Merge pull request #7576 from Frauschi/pqc_private_key_fix Fix PQC and hybrid certificate regressions	2024-05-23 15:03:16 -04:00
Chris Conlon	e05dbd531e	Merge pull request #7570 from jackctj117/test Code Coverage for hpke.c test case HAVE_CURVE448 using test.c	2024-05-23 11:49:37 -06:00
Chris Conlon	688ae60cd9	Merge pull request #7573 from aidangarske/hpke_sha512_test Add test for HPKE for Curve448	2024-05-23 11:46:30 -06:00
David Garske	ff6e6848de	Merge pull request #7578 from Frauschi/stm32h5_aes Add support for STM32H5 AES hardware acceleration	2024-05-23 10:38:44 -07:00
David Garske	40db521f8b	Merge pull request #7575 from josepho0918/cmac Simplify CMAC verification logic	2024-05-23 10:37:57 -07:00
Tobias Frauenschläger	9a58301ab1	Fix PQC and hybrid certificate regressions Due to recent changes in the logic to decode private keys and to parse the TLS1.3 CertificateVerify message, some regressions regarding PQC private keys and hybrid certificates have been introduced: * Decoding PQC private keys fails as the PKCS8 header of a decoded DER file is now already removed before parsing the key. * The key size wasn't properly stored in the context for PQC keys after decoding a certificate (always the maximum size) * The two 16-bit size values in case of a hybrid signature in the CertificateVerify message have been incorrectly decoded as 32-bit values instead of 16-bit values. This resulted in wrong values, leading to segmentation faults. All three regressions are fixed with the changes in this commit. Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>	2024-05-23 16:01:28 +02:00
Sean Parkinson	023f604213	Merge pull request #7572 from douzzer/20240522-sha256-avx1-IS_INTEL_SHA 20240522-sha256-avx1-IS_INTEL_SHA	2024-05-23 22:37:54 +10:00
Tobias Frauenschläger	82642c1ee1	Add support for STM32H5 AES hardware acceleration Tested with STM32H573i discovery board. Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>	2024-05-23 12:22:11 +02:00
Joseph Chen	8a7e3ba52e	Simplify CMAC verification logic	2024-05-23 15:12:10 +08:00
Daniel Pouzzner	5c497c62e7	initial linuxkm compatibility (no asm yet) for wc_kyber, wc_xmss, and wc_lms, and smallstack refactors for kyber512_kat(), kyber768_kat(), kyber1024_kat(), and kyber_test().	2024-05-23 00:15:32 -05:00
Jack Tjaden	14068fb7f3	Removed returns & check next case for ret	2024-05-22 15:58:09 -06:00
Daniel Pouzzner	110f4ec737	wolfcrypt/src/sha256.c: in WC_NO_INTERNAL_FUNCTION_POINTERS code path (linuxkm), fix oversight whereby Transform_Sha256_AVX1_Sha() was used on targets with false IS_INTEL_SHA(intel_flags). the former SHA256_AVX1 method id is now split into SHA256_AVX1_SHA and SHA256_AVX1_NOSHA, with corresponding fixes in Sha256_SetTransform(), inline_XTRANSFORM() and inline_XTRANSFORM_LEN().	2024-05-22 15:39:46 -05:00
David Garske	24f581fe13	Merge pull request #7557 from cconlon/jniSessionCerts Update --enable-jni to define SESSION_CERTS for wolfJSSE	2024-05-22 13:08:00 -07:00
aidan garske	fe5cc9589b	Add HPKE Curve448 test case, however HPKE does not support 448 yet, so expect bad function argument return code.	2024-05-22 12:49:56 -07:00
Jack Tjaden	1a000ef94c	single_test and BAD_FUNC_ARG fix	2024-05-22 13:13:56 -06:00
Jack Tjaden	52b6c361f9	test.c code coverage test hpke.c	2024-05-22 11:51:44 -06:00
David Garske	cb0048dbb1	Merge pull request #7567 from embhorn/gh7564 Fix doc for wolfSSL_CTX_EnableOCSP	2024-05-22 08:46:20 -07:00
David Garske	425dd1986b	Merge pull request #7568 from lealem47/fips_pkcallback Fix building FIPS v5 with PK callbacks	2024-05-22 08:45:58 -07:00
Sean Parkinson	32c5acca22	Merge pull request #7566 from douzzer/20240521-fix-overshifts 20240521-fix-overshifts wolfEntropy1	2024-05-22 07:42:49 +10:00
Eric Blankenhorn	314afc9e10	Fix doc for wolfSSL_CTX_EnableOCSP	2024-05-21 16:12:23 -05:00
Lealem Amedie	ba5cc9bdaf	Fix building FIPS v5 with PK callbacks	2024-05-21 15:07:32 -06:00
Daniel Pouzzner	c5ce984966	wolfcrypt/src/wc_xmss_impl.c:wc_xmssmt_sign_next_idx(): use (XmssIdx)1, not (word32)1, for a shift-by-height operand; src/ssl.c:set_curves_list(): don't attempt to enable curves that are out-of-range for word32 disabled.	2024-05-21 13:57:40 -05:00
David Garske	caaa9feb64	Merge pull request #7551 from gojimmypi/PR-DSA-SHA1 Add settings.h check: DSA needs SHA1	2024-05-21 08:47:10 -07:00
David Garske	603b5d1795	Merge pull request #7563 from josepho0918/mqx_v5 Always use old I/O for MQXv5	2024-05-21 08:19:15 -07:00
Sean Parkinson	87b71c429a	Merge pull request #7562 from gojimmypi/PR-ssl_load-correction Correct warning message file name in ssl_load.c	2024-05-21 22:14:24 +10:00
Joseph Chen	ed321cd640	Always use old I/O for MQXv5	2024-05-21 10:00:40 +08:00
gojimmypi	543a746ddc	Add settings check to disable DSA when SHA-1 is disabled	2024-05-20 17:58:25 -07:00
gojimmypi	84032fa24c	Correct error message file name in ssl_load.c	2024-05-20 17:20:39 -07:00
Sean Parkinson	43b2c80862	Merge pull request #7552 from dgarske/ecies_own_salt Add option for using a custom salt for ourselves	2024-05-21 09:19:12 +10:00
Sean Parkinson	095906f37a	Merge pull request #7561 from kaleb-himes/SRTP-KDF-MAINTENANCE Address periodic CAST failures observed in unit.test by pre-empting CASTs	2024-05-21 09:16:23 +10:00
David Garske	7d4e601902	Merge pull request #6623 from bigbrett/FIPS-TLS-benchmark-CAST-fix Fix benchmark failure on FIPS builds	2024-05-20 14:07:59 -07:00
kaleb-himes	a22956d881	Address periodic CAST failures observed in unit.test by pre-empting the CASTs	2024-05-20 16:35:50 -04:00
Brett Nicholas	c6db51b8a0	fixed formatting	2024-05-20 12:47:30 -06:00
David Garske	fc172e9abd	Merge pull request #7559 from gojimmypi/PR-PlatformIO-FreeRTOS Update PlatformIO README and Examples	2024-05-20 09:36:23 -07:00
David Garske	0987bf4c1a	Merge pull request #7544 from josepho0918/iar Expand supported attributes for IAR	2024-05-20 09:34:55 -07:00
David Garske	5a0594d257	Match `wc_ecc_ctx_set_kdf_salt` argument names between header and implementation.	2024-05-20 08:38:23 -07:00
Sean Parkinson	b8aec63e14	Merge pull request #7560 from douzzer/20240518-XtsAesStreamData 20240518-XtsAesStreamData	2024-05-20 08:33:41 +10:00
Daniel Pouzzner	d0e73783f1	wolfcrypt/src/aes.c and wolfssl/wolfcrypt/aes.h: add FIPS_AES_XTS_MAX_BYTES_PER_TWEAK and struct XtsAesStreamData, with improved error checking on streaming AES-XTS APIs; wolfcrypt/test/test.c and linuxkm/lkcapi_glue.c: update AES-XTS streaming calls to use struct XtsAesStreamData; linuxkm/lkcapi_glue.c: add handling for CONFIG_CRYPTO_MANAGER*.	2024-05-18 22:00:00 -05:00
Daniel Pouzzner	5c6218696b	wolfcrypt/src/misc.c: fix -Wconversions in CopyString(); src/ssl.c: fix missing semicolon in wolfSSL_CTX_check_private_key().	2024-05-18 02:31:58 -05:00

1 2 3 4 5 ...

22483 Commits