wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 03:52:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
23,141 Commits 12 Branches 184 Tags
0c24aff1835c3333add42b783d94de953f8c3e6f
Commit Graph

1684 Commits

Author SHA1 Message Date
Daniel Pouzzner
98f8ab085e configure.ac: when FIPS_VERSION==dev, unlock features to allow user-forced enablement/disablement. also, add line breaks for clarity on the similar clauses in the v5* section. 2024-08-09 14:38:22 -05:00
Daniel Pouzzner
5f6067c3e1 add --enable-debug-trace-errcodes=backtrace. 
* uses libbacktrace to enhance existing "ERR TRACE" messages with backtraces, rendered in same format as the sanitizers.
* adds wc_backtrace_render() and some related callbacks to wolfcrypt/src/logging.c.
* adds an overrideable WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE to the WC_ERR_TRACE() mechanism in wolfssl/wolfcrypt/error-crypt.h.
 2024-08-08 09:00:42 -05:00
Daniel Pouzzner
9aa0742baa Merge pull request #7798 from dgarske/asn_macros 
ASN macro simplification

merged with github CI tests failing due to unrelated upstream changes (same tests all previously succeeded on this PR, with only 25d14f1937 added in the meantime).

supplementary testing with `wolfssl-multi-test.sh ... super-quick-check` after rebase on then-current `master` 15e99c8eff.
 2024-08-02 16:36:50 -05:00
Sean Parkinson
ebb49b6e68 RISC-V ChaCha20: assembly implementations 
ChaCha20:
  scalar and vector implementations
  vector implementations doing 6, 4, 2, 1 block at a time.
  scalar implemetations using roriw and pack
  vector implementations using VROR_VI and roriw.

RISC-V SHA-256: avoid using s0 if it can be helped.
 2024-08-01 17:51:59 +10:00
Sean Parkinson
407b78962e Merge pull request #7811 from lealem47/removeNULL 
Remove HAVE_NULL_CIPHER from --enable-openssh
 2024-07-31 21:55:13 +10:00
David Garske
20f7d6f9f4 ASN macro simplification. Added new --enable-asn=all and WOLFSSL_ASN_ALL option. Added granular macros for ASN features like: WOLFSSL_ASN_CA_ISSUER, WOLFSSL_ASN_PARSE_KEYUSAGE, WOLFSSL_ASN_TIME_STRING, WOLFSSL_OCSP_PARSE_STATUS. 2024-07-30 10:35:20 -07:00
Lealem Amedie
fb3185bb72 Remove HAVE_NULL_CIPHER from --enable-openssh 2024-07-30 10:46:56 -06:00
David Garske
4b9d89d387 Fix autoconf issue with == 2024-07-24 09:10:25 -07:00
David Garske
007f9ea39d Fix to restore --enable-asn=original. Fixes for building with ASN original (old). Add the new limit checks for alt names and subtree to the old ASN code. 2024-07-24 08:28:25 -07:00
Daniel Pouzzner
367508f498 wolfcrypt/src/asn.c: in EccSpecifiedECDomainDecode(), in calls to DataToHexString(), cast curve->size to word32 to resolve -Wconversion. 
wolfcrypt/src/dh.c: in GeneratePrivateDh186(), add explicit suppression of uninitvar for "cBuf" arg that isn't fully initialized.

wolfcrypt/test/test.c: in mp_test_param(), explicitly initialize "buffer" to avoid uninitvar warning.

configure.ac: in FIPS builds, don't include enable_cryptocb in --enable-all or --enable-all-crypto.  (they can still be enabled explicitly in FIPS builds with --enable-cryptocb, but the combination is not currently supported.)
 2024-07-22 18:21:36 -05:00
Andras Fekete
c3d30e7987 Fix the actual definition of the ECC_MIN_KEY_SZ 2024-07-19 16:01:56 -04:00
David Garske
0eeae4da8c Merge pull request #6460 from embhorn/mosquitto_osp 
Add support for Mosquitto OSP
 2024-07-19 07:49:32 -07:00
Sean Parkinson
e6fcd488a6 Merge pull request #7685 from dgarske/renesas_rx_tsip 
Renesas RX TSIP ECDSA support
 2024-07-19 10:53:00 +10:00
Eric Blankenhorn
7aad09fc87 Rebase for mosquitto 2024-07-16 07:37:33 -05:00
Daniel Pouzzner
475ec7b680 Merge pull request #7550 from bandi13/addEnableProvider 
Add enable provider
 2024-07-15 12:08:03 -05:00
Andras Fekete
5b1e6db9a5 Allow user to override required flags 2024-07-15 09:46:36 -04:00
JacobBarthelmeh
203f65a636 prepare for release 5.7.2 2024-07-08 09:47:46 -06:00
Sean Parkinson
1fd9f2af91 KYBER/ML-KEM: make ML-KEM available 
Added ML-KEM instead of Kyber implementation with WOLFSSL_ML_KEM.
Tests added from NIST for ML-KEM operations.
 2024-07-04 23:51:23 +10:00
Andras Fekete
7cc42d446e Update the true minimum ECC key size default 
The discrepancy shows up when trying to compile with FIPS
 2024-07-03 11:50:04 -04:00
Andras Fekete
e340e41db3 Add --enable-wolfprovider 2024-07-02 15:57:53 -04:00
Andras Fekete
43b62c8ccf Make sure the ECC_MIN_SZ is set even when set to default 2024-07-02 15:57:53 -04:00
David Garske
e81e18859b Support for Renesas RX TSIP with ECDSA and Crypto Callbacks. 
Fix building ECC with NO_ASN (`./configure --enable-cryptonly --disable-rsa --disable-asn --disable-examples`).
 2024-06-25 17:43:16 -07:00
kaleb-himes
a1645d684a 448 streaming base on ENABLED flag and below FIPS section 2024-06-21 15:54:04 -04:00
Daniel Pouzzner
38c7327660 Merge pull request #7622 from SparkiDev/ml-dsa 
Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87
 2024-06-19 13:32:35 -04:00
Sean Parkinson
3e3a00dafd Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 
Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
 2024-06-19 21:27:01 +10:00
Daniel Pouzzner
2c69e4a56b add --debug-code-points and WOLFSSL_DEBUG_CODEPOINTS, 
add file_name and line_number args to wolfssl_log(),

and inside WOLFSSL_DEBUG_CODEPOINTS gates,

add WOLFSSL_MSG_EX2(), WOLFSSL_MSG2(), WOLFSSL_ENTER2(), and WOLFSSL_LEAVE2(), each with file and line args,

and add wrapper macros for WOLFSSL_MSG, WOLFSSL_MSG_EX, WOLFSSL_ENTER, and WOLFSSL_LEAVE, that pass in file and line.
 2024-06-15 00:54:39 -05:00
Andras Fekete
372f57e528 Address PR suggestions 2024-06-12 14:22:10 -04:00
Andras Fekete
211742bfe0 liboqs depends on pthreads now 2024-06-12 13:45:57 -04:00
Kaleb Himes
9f9a82e469 Merge pull request #7637 from lealem47/armasm_fips 
Force inline ASM for armv7 with FIPS
 2024-06-12 07:53:37 -06:00
Lealem Amedie
b7d32d0609 Force inline ASM for armv7 with FIPS 2024-06-11 13:32:46 -06:00
Daniel Pouzzner
b3e8f0ad24 add --enable-debug-trace-errcodes, WOLFSSL_DEBUG_TRACE_ERROR_CODES, WC_ERR_TRACE(), WC_NO_ERR_TRACE(), support/gen-debug-trace-error-codes.sh. also add numerous deployments of WC_NO_ERR_TRACE() to inhibit frivolous/misleading errcode traces when -DWOLFSSL_DEBUG_TRACE_ERROR_CODES. 2024-06-08 16:39:53 -05:00
David Garske
b69482ffac Merge pull request #7569 from SparkiDev/riscv_aes_asm 
AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM
 2024-06-06 08:11:31 -07:00
Sean Parkinson
acd604db3d AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM 
Add implementations of AES for ECB/CBC/CTR/GCM/CCM for RISC-V using
assembly.
Assembly with standard/scalar cryptography/vector cryptographt
instructions.
 2024-06-06 13:16:00 +10:00
David Garske
7fadd4ed9f Merge pull request #7595 from JacobBarthelmeh/static 
Pull in some staticmemory features
 2024-05-30 16:31:54 -07:00
David Garske
bb57c1de94 Merge pull request #7603 from lealem47/detect_cut 
Fix cut detection in configure.ac
 2024-05-30 15:42:55 -07:00
Lealem Amedie
ecef3c214c Fix cut detection in configure.ac 2024-05-30 16:09:04 -06:00
JacobBarthelmeh
ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
JacobBarthelmeh
511c403631 account for yes/no options 2024-05-29 15:59:51 -06:00
JacobBarthelmeh
6cca3a0d92 tie in static memory debug callback 2024-05-29 15:50:14 -06:00
JacobBarthelmeh
288fe430f5 tying in lean staticmemory build with --enable-staticmemory=small 2024-05-29 15:50:11 -06:00
Chris Conlon
8f1029f86d Update --enable-jni to define SESSION_CERTS for wolfJSSE 2024-05-17 15:08:37 -06:00
David Garske
15af87af8f Merge pull request #7555 from lealem47/forceSHA3 
Force SHA3 on with FIPS V5
 2024-05-17 12:30:20 -07:00
David Garske
391431c7d8 Merge pull request #7539 from bandi13/fixConversionPart2 
Fix conversion part2
 2024-05-17 12:29:46 -07:00
Lealem Amedie
54bf7fd5d9 Force SHA3 on with FIPS V5 2024-05-17 11:03:18 -06:00
Andras Fekete
412447ac41 Enable OPTION_CHECKING by default 
This should halt `./configure` when an option is passed that is not recognized.
 2024-05-15 16:54:55 -04:00
Andras Fekete
0eb11ff466 Standard way to set defaults 2024-05-15 15:19:42 -04:00
Andras Fekete
b83d8f0cf6 Make sure MAX_ECC_BITS >= MIN_ECC_BITS 2024-05-15 15:19:13 -04:00
Andras Fekete
35ef7f4093 There is no default defined. Expected to be unset 2024-05-15 15:16:24 -04:00
Daniel Pouzzner
4331bc092b configure.ac: on armasm, disable ENABLED_AESXTS_STREAM by default (not implemented). 2024-05-14 19:24:27 -05:00
Daniel Pouzzner
3ad5ec4e0a make --enable-linuxkm-lkcapi-register require --enable-experimental, except for the known-good --enable-linuxkm-lkcapi-register="xts(aes)". 2024-05-14 19:11:39 -05:00