feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
18,190 Commits 28 Branches 172 Tags
b42631c721246fed4fe566fd06a8f6f1b7cbd051
Commit Graph

422 Commits

Author SHA1 Message Date
David Garske
b42631c721 Fix for ESP32 wolfcrypt_test entry point. 2022-09-23 13:58:49 -07:00
Anthony Hu
bcf4dbe697 Changes inspired by Feedback from Sean. 
Define WOLFSSL_HAVE_KYBER when HAVE_LIBOQS is defined.
Fix some misleading debug output.
Fix benchmarking logic.
 2022-09-13 10:07:28 -04:00
Anthony Hu
a2635be9e6 wolfCrypt support for external Kyber implementations (liboqs and pqm4) 2022-09-13 10:07:28 -04:00
Sean Parkinson
8c1e2c52e7 Kyber: Add option to build Kyber API 
wolfSSL Kyber implementation not included.
Added tests and benchmarking.
 2022-09-13 10:07:27 -04:00
David Garske
9c88d8ac2c Merge pull request #5547 from JacobBarthelmeh/mcux 
Port to RT685 with FreeRTOS
 2022-09-07 12:54:54 -07:00
Sean Parkinson
f153e65102 SHA-3: check BMI1 availablity for ASM 
Added benchmarking of SHAKE128 and SHAK256.
 2022-09-05 14:11:02 +10:00
Anthony Hu
10ce703d71 Add sphincs to wolfCrypt. 
Note that we will not support sphincs in TLS so nothing above wolfcrypt changes.
 2022-09-02 11:53:55 -04:00
JacobBarthelmeh
b3fa6f654e no realloc, adjustable static test size, fsl RTC 2022-08-26 09:15:33 -06:00
David Garske
60437bba6e Merge pull request #5378 from anhu/dilithium 
Initial commit to add Dilithium NIST PQC winner.
 2022-08-12 09:29:42 -07:00
Chris Conlon
c66a21c40a Add Zephyr support for nRF5340 with CryptoCell-312, PSA Crypto fixes (#5418) 
* PSA: set AES key bits, define PSA_ALG_NONE/PSA_KEY_ID_NULL if needed
* Zephyr: add TimeNowInMilliseconds() for tls13.c, clock_settime() for test.c, update CMakeLists.txt
* Skip including unistd.h for Zephyr in benchmark.c
* Zephyr: update README, add nRF5340dk support to wolfssl_test sample app
* Zephyr: add wolfCrypt benchmark sample app
* Zephyr: add nRF5340 support to tls_thread sample app
* PSA: use specific hash algo with psa_sign/verify_hash()
* Zephyr: add support for PSA Crypto API with PK callbacks to wolfssl_tls_threaded sample app
* Zephyr: add new files to zephyr/include.am
 2022-08-11 17:42:05 -07:00
Anthony Hu
82a900b438 Initial commit to add Dilithium NIST PQC winner. 
Also:

* added HAVE_FALCON guards as needed.
* corrected minor falcon bugs as I found them.
* handling OID sum collision between DILITHIUM_LEVEL5 and DILITHIUM_AES_LEVEL3

Tested with the following commands:

examples/server/server -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
    -c ~/tmp/dilithium_aes_level5_entity_cert.pem \
    -k ~/tmp/dilithium_aes_level5_entity_key.pem \
    -A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5

with permutations of SHAKE,AES variants and levels 2,3,5
 2022-08-11 11:38:31 -04:00
David Garske
53e0483e47 Support for Infineon AURIX IDE. Fixes for Aurix compiler warnings. 2022-08-02 16:53:47 -07:00
Daniel Pouzzner
3ac04fa3ee wolfcrypt/benchmark/benchmark.c: fix gating for #include <unistd.h>. 2022-07-28 09:28:36 -05:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Daniel Pouzzner
b64949d564 wolfcrypt/benchmark/benchmark.c: fix gating for #include <errno.h>, and add #include <unistd.h> for _exit(). 2022-07-11 23:15:43 -05:00
Daniel Pouzzner
ccc5952369 global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked; 
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
 2022-07-11 22:28:09 -05:00
Chris Conlon
364bf482eb adjust wolfCrypt test/benchmark Android log TAG name, reset malloc/free counts in memcb_test() 2022-06-13 09:42:02 -06:00
David Garske
5672e2a885 Fixes for buffers when testing with Intel QAT hardware and fsanitize=address: 
* PKCS7 should use allocated buffer for RSA.
* PKCS7 small stack typo for `keyAlgArray` size in `wc_PKCS7_AddRecipient_KTRI`.
* Fix for use of `free`, which should be `XFREE` in api.c.
* Cleanup old RSA benchmarking MDK5/WINCE code no longer needed with `WC_DECLARE_ARRAY_DYNAMIC_DEC` and `WC_DECLARE_ARRAY_DYNAMIC_EXE`.
 2022-06-01 12:07:57 -07:00
Sean Parkinson
fab9e29513 benchmark.c: fix Jenkins failure where byte, word32 not defined 2022-05-24 12:10:01 +10:00
Hayden Roche
fd535242a0 Fix main signature in benchmark.c. 
If `NO_CRYPT_BENCHMARK` is defined, the main function is `int main()`, but it
should be `int main(void)`.
 2022-05-17 14:28:43 -07:00
Chris Conlon
b76c70d969 Merge pull request #5120 from dgarske/v5.3.0_cubepack 2022-05-08 07:50:20 -06:00
David Garske
bc877dab2a Changes to support v5.3.0 cube pack for ST. 2022-05-06 15:49:11 -07:00
Daniel Pouzzner
99b44f15ef fix various -Wdeclaration-after-statement, with and without --enable-smallstack. 2022-05-06 13:34:32 -05:00
Daniel Pouzzner
4e02d7e404 fix clang-tidy-Customer-CFG-7 readability-redundant-preprocessor. 2022-04-26 10:20:26 -05:00
Eric Blankenhorn
b543aa0148 Fix for mingw builds 2022-04-22 14:35:46 -05:00
Sean Parkinson
284ebacc57 Merge pull request #4916 from JacobBarthelmeh/hsm 
Add SECO use and expand cryptodev
 2022-04-07 10:21:32 +10:00
JacobBarthelmeh
a338b4c933 refactor SHA grew function, revert benchmark devid, increase SHA_CTX size, add AES ECB cryptocb test 2022-04-05 14:45:18 -07:00
John Safranek
0ee01f08bc Merge pull request #4984 from douzzer/20220325-multi-test-cleanup 
20220325 multi-test fixes
 2022-03-25 15:06:34 -07:00
David Garske
07f9ca60ac Fix for async without threading. ./configure --enable-asynccrypt --enable-all CFLAGS="-DWC_NO_ASYNC_THREADING". 2022-03-25 12:43:04 -07:00
Sean Parkinson
fd66f6bcec SP ASM improvements 
Change Karatsuba implementations for x86_64.
Fix ECC code to better handle corner cases.
Add 'lower' versions of functions wehn an input is known to be less than m.
Add mont_add/dbl/tpl/sub for P384.
Change ECC point add to be cache-attack resistant.
Change mod_exp to be cache-attack resistant.
 2022-03-25 10:04:25 +10:00
Jacob Barthelmeh
090932b65c FIPS benchmark of cmac and ecb 2022-03-17 12:04:52 -06:00
JacobBarthelmeh
55b42dd85a Add SECO use and expand cryptodev 2022-03-17 12:04:52 -06:00
Anthony Hu
fbfb1fee91 Add Post-quantum KEM benchmark for STM32 2022-03-15 14:49:40 -04:00
David Garske
570daa6a7f Enable support for STM32U585 and PQ on M4 2022-03-10 14:19:01 -05:00
David Garske
3fdb6f0a4a Only use pthreads if supported in config. 2022-02-25 13:05:04 -08:00
David Garske
e3e1426b91 Improve benchmark threading macros and text output. Thread protections on variables. Fixes for testing with async. 2022-02-25 10:51:19 -08:00
Sean Parkinson
56adf831a3 Benchmark: support multi-threaded testing 2022-02-25 14:12:03 +10:00
Sean Parkinson
2eb044dc60 SP: Add support for P521 2022-02-23 14:51:47 +10:00
David Garske
4f1aa9a475 Fix benchmark input/output arguments. Cleanup line length and whitespace. 2022-02-09 13:13:42 -08:00
Anthony Hu
9ea40f3a9c Purge IDEA cipher 2022-01-31 15:29:25 -05:00
Anthony Hu
b957a6e872 Purge Rabbit cipher 2022-01-28 13:13:53 -05:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
David Garske
609d6442b1 Merge pull request #4753 from SparkiDev/siphash 
Add SipHash algorithm
 2022-01-19 18:51:44 -08:00
Sean Parkinson
a6485a228d Add SipHash algorithm 2022-01-20 09:41:18 +10:00
Hayden Roche
62b07d8806 Add AES-SIV (RFC 5297). 
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
 2022-01-19 14:32:33 -08:00
Anthony Hu
c2860cb311 Get rid of HC-128 2022-01-17 18:11:54 -05:00
David Garske
84df7a50dc Minor build warning fixes. Possible benchmark unused bench_pq_asym_algs. Fix if RSA enabled and WOLFSSL_SP_MATH set and WOLFSSL_HAVE_SP_RSA is not. 2022-01-04 15:38:35 -08:00
David Garske
9d137668c7 Merge pull request #4675 from julek-wolfssl/openssh-8.8 
Fix macro name conflicts with openssh
 2021-12-22 08:31:36 -08:00
Juliusz Sosinowicz
8435eb4644 Add WC_ namespace to variable handling defines 2021-12-22 12:16:02 +01:00
Anthony Hu
7d4c13b9a4 --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC 
AKA: The Great Rename of December 2021
 2021-12-20 11:48:03 -05:00