Commit Graph

739 Commits

Author SHA1 Message Date
Tobias Frauenschläger 987a705318 Fix stack tracking in wolfCrypt benchmark 2026-03-16 18:33:55 +01:00
Daniel Pouzzner aeb4c042fd wolfcrypt/benchmark/benchmark.c: smallstack (WC_*_VAR*()) refactor for bench_slhdsa(). 2026-03-11 10:21:55 -05:00
Daniel Pouzzner bfe0b21829 Merge pull request #9765 from night1rider/zephyr-4_3_0-posix-fix
Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample.
2026-03-10 22:28:43 -05:00
night1rider 0442918391 Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample. Replace removed Kconfig options (PTHREAD_IPC, POSIX_CLOCK, NET_SOCKETS_POSIX_NAMES) with version-conditional config fragments and fix min/max macro collision with Zephyr's sys/util.h. 2026-03-10 14:23:47 -06:00
Sean Parkinson 39b34333d6 FIPS 205, SLH-DSA: implementation
Adding implementation of SLH-DSA.
Included optimizations for Intel x64.
Some tests added.
2026-03-09 19:06:34 +10:00
Daniel Pouzzner f376ae210e Implement Linux kernel module offline integrity hash calculation:
Add:

* linuxkm/linuxkm-fips-hash.c
* linuxkm/linuxkm-fips-hash-wrapper.sh
* linuxkm/linuxkm_memory.h

Move from linuxkm/module_hooks.c to linuxkm/linuxkm_memory.c:
* reloc_layouts[]
* find_reloc_tab_offset()
* the body of wc_linuxkm_normalize_relocations() as wc_reloc_normalize_text()
* most of updateFipsHash() as wc_fips_generate_hash()

Move from linuxkm/linuxkm_wc_port.h to linuxkm/linuxkm_memory.h:
* struct wc_linuxkm_pie_reloc_tab_ent
* enum wc_reloc_dest_segment
* enum wc_reloc_type

linuxkm/Makefile:
* Update GENERATE_RELOC_TAB recipe to populate new fields in struct wc_reloc_table_ent.
* Add targets:
  * libwolfssl-user-build/src/.libs/libwolfssl.so
  * linuxkm-fips-hash
  * module-with-matching-fips-hash
  * module-with-matching-fips-hash-no-sign
* Add support for alternate target module name, via LIBWOLFSSL_NAME make variable.

linuxkm/linuxkm_wc_port.h and linuxkm/module_hooks.c:
* Fixes to make linuxkm-pie work with CONFIG_KASAN.
* Implement WC_LINUXKM_STACK_DEBUG:
  * wc_linuxkm_stack_bottom()
  * wc_linuxkm_stack_top()
  * wc_linuxkm_stack_current()
  * wc_linuxkm_stack_left()
  * wc_linuxkm_stack_hwm_prepare()
  * wc_linuxkm_stack_hwm_measure_rel()
  * wc_linuxkm_stack_hwm_measure_total()

wolfssl/wolfcrypt/settings.h:
* When WOLFSSL_KERNEL_MODE, make sure WOLFSSL_GENERAL_ALIGNMENT is at least SIZEOF_LONG.
* When WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE, make sure WOLFSSL_BASE16 is defined.

configure.ac and wolfcrypt/benchmark/benchmark.c: Disable scrypt when KERNEL_MODE_DEFAULTS, due to excessive memory requirements.
2026-02-20 11:09:37 -06:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Marco Oliverio b767d8218a wolfcrypt: benchmark: use WC_USE_DEVID to benchmark ed25519 if defined 2026-02-11 15:25:28 +01:00
jordan 8ae27c75e4 bsdkm: x86 crypto acceleration support. 2026-02-02 12:00:22 -06:00
Daniel Pouzzner b487287abf wolfcrypt/benchmark/benchmark.c: smallstack refactor of bench_mlkem_encap() 2025-12-26 12:45:26 -06:00
Daniel Pouzzner ef8bf55528 Merge pull request #9495 from SparkiDev/aarch64_no_hw_crypto_asm_aes
Aarch64 no harware crypto assembly AES
2025-12-11 12:46:07 -06:00
Sean Parkinson 80b7ea638e Aarch64 no harware crypto assembly AES
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
2025-12-10 08:55:58 +10:00
Sean Parkinson 886b0c2ec6 Benchmark ECDSA: use digest size instead of key size
The key size can be larger than the maximum digest size supported by the
sign and verify APIs.
Calculate a reasonable digest size for the key size and bound it on the
maximum digest size.
2025-12-05 09:01:12 +10:00
JacobBarthelmeh a83fb4fc42 revert 6bda10a forcing small stack with async 2025-11-25 00:43:04 -07:00
David Garske 76abc43812 Put unused fix in correct location. 2025-10-27 10:25:31 -07:00
David Garske d62b1068d2 Fixed issue with SiLibs AES Direct (required by DTLS v1.3). ZD 20695 2025-10-24 11:58:56 -07:00
Sean Parkinson dc45a6f340 Benchmark: add cycle counts for asym ops
Added million of cycles per op information.
Getting cycle count for Aarch64 now too.
2025-10-23 08:43:05 +10:00
JacobBarthelmeh 4daab8a813 Merge pull request #9284 from SparkiDev/aarch64_asm_gen
Aarch64 asm: convert to generated
2025-10-22 11:10:27 -06:00
Sean Parkinson 8533bc803b AES: Improve CFB and OFB and add tests
Improve performance of CFB and OFB.
Only have one implementation that is used by OFB encrypt and decrypt.

Update AES testing in unit.test.

Update benchmarking of CFB and OFb to include decrypt.
2025-10-22 12:19:56 +10:00
Sean Parkinson 9c1462a9ec Aarch64 asm: convert to generated
Algorithms now generated:
  SHA-256
  SHA-512
  ChaCha20
  Poly1305
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM + streaming
  AES-XTS
  AES SetKey

ARM32 asm algorithms generated now too:
  SHA-256
  SHA-512
  ChaCha20
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM
  AES-XTS
  AES SetKey

Removed use of ARM specific implementations of algorithms. (armv8-aes.c)
2025-10-21 17:03:39 +10:00
Andrew Hutchings 00c936c29e Only change WC_BENCH_MAX_LINE_LEN when we need to 2025-10-20 18:58:16 +01:00
Andrew Hutchings d87ca70048 Fix mixed declaration / code 2025-10-18 06:18:29 +01:00
Andrew Hutchings 01dc28ad31 Seperate AES alloc / dealloc phases 2025-10-18 06:13:40 +01:00
Andrew Hutchings 65bb68b6c0 Move heap/stack tracking to before init phase
Start tracking during the setup of the algo, so we can capture the
memory usage of the algo init functions.
2025-10-18 06:13:36 +01:00
Andrew Hutchings 036c66c777 Benchmark memory tracking
This adds heap and stack tracking to wolfCrypt bench so that it is
possible to see RAM usage. It also adds support for stack tracking in
microcontrollers (tested on STM32).
2025-10-18 06:09:01 +01:00
David Garske d88ab84b9f Merge pull request #9311 from SparkiDev/regression_fixes_19
Regression testing
2025-10-16 10:56:27 -07:00
Sean Parkinson c111c5bacc Regression testing
x509.c: realloc may fail and therefore need to store result in a
temporary so the old pointer is not lost.

tls.c: free the name if it is not pushed on to the stack of peer CA
names. Failure to push can be from memory allocation failure.

aes.c: Don't compile XTS decrypt functions without HAVE_AES_DECRYPT.

Fix tests to have better pre-processor protection.
2025-10-16 12:13:32 +10:00
David Garske 0c4f5879d8 Fix for benchmark with key gen and "out" not being allocated because of typo between WOLFSSL_RSA_VERIFY_INLINE and WOLFSSL_RSA_VERIFY_ONLY.
Reproduced with: `./configure --enable-keygen CFLAGS="-DWOLFSSL_RSA_VERIFY_INLINE" --disable-examples && make && ./wolfcrypt/benchmark/benchmark -rsa`
2025-10-15 11:25:49 -07:00
David Garske 75097f3e09 Fix for improper sizing on bench_rsa_helper 2025-10-14 16:41:27 -07:00
effbiae 6bda10abd0 define WOLFSSL_SMALL_STACK in tests and benchmark for ASYNC 2025-10-11 11:40:30 +11:00
effbiae 7a3db09ddd automated small stack compress 2025-10-11 11:40:30 +11:00
Daniel Pouzzner 7ea66aeffe refactor WOLFSSL_LINUXKM gates as generic WOLFSSL_KERNEL_MODE gates where appropriate:
rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).

rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.

rename lkm_printf() to wc_km_printf().

replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H

remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
2025-09-29 16:59:12 -05:00
Kareem 23f595586d Fix building with --enable-keygen --enable-rsavfy. 2025-09-18 16:21:08 -07:00
Daniel Pouzzner e0383b496a linuxkm/module_hooks.c: implement wc_linuxkm_GenerateSeed_IntelRD, gated on WC_LINUXKM_RDSEED_IN_GLUE_LAYER;
add WC_GENERATE_SEED_DEFAULT, which defaults to wc_GenerateSeed if not overridden, and replace wc_GenerateSeed with WC_GENERATE_SEED_DEFAULT in various calls to wc_SetSeed_Cb();

linuxkm/linuxkm_wc_port.h: if FIPS <v6 and RDSEED, define WC_LINUXKM_RDSEED_IN_GLUE_LAYER and define WC_GENERATE_SEED_DEFAULT wc_linuxkm_GenerateSeed_IntelRD;

wolfcrypt/test/test.c: update rng_seed_test() with gating and vectors for FIPS v5 with HAVE_AMD_RDSEED or HAVE_INTEL_RDSEED;

wolfssl/wolfcrypt/types.h: add WC_HAVE_VECTOR_SPEEDUPS helper macro, and enlarge fallthrough definition coverage for DISABLE_VECTOR_REGISTERS.
2025-08-22 21:58:00 -05:00
Sean Parkinson 648a057147 ML-DSA/Dilithium: Intel x64 ASM
Optimize code knowing it is for Intel x64.
Change signing to calculate one polynomial at a time so that if it isn't
valid then we fail early.
Other minor improvements.
Move the SHA-3 4 blocks at a time assembly into SHA-3 asm file.
Make constants in assembly the same length (front pad with zeros).
2025-08-07 14:01:50 +10:00
Daniel Pouzzner 034cbb9b97 tests/api.c: fix -Wuninitialized-const-pointer in test_wolfSSL_CertManagerAPI();
wolfcrypt/benchmark/benchmark.c:

* use WC_RELAX_LONG_LOOP() as default definition of TEST_SLEEP(), and remove WC_RELAX_LONG_LOOP() from bench_stats_sym_finish()/bench_stats_asym_finish_ex();
* when WOLFSSL_LINUXKM but !WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS., properly wrap kernel_fpu_begin...end around floating point ops.
2025-08-05 17:05:36 -05:00
Daniel Pouzzner 1152d612a6 wolfcrypt/benchmark/benchmark.c: smallstack refactors for bench_mlkem() and bench_dilithiumKeySign(), and globally replace stray uses of fprintf(stderr, ...) with printf(...) for portability. 2025-07-31 11:30:42 -05:00
Daniel Pouzzner c353052e54 linuxkm/linuxkm_wc_port.h:
* move enum wc_svr_flags out of BUILDING_WOLFSSL guard;
* add DISABLE_VECTOR_REGISTERS() and REENABLE_VECTOR_REGISTERS() definitions for !BUILDING_WOLFSSL;
* add #include <linux/spinlock.h> to !WOLFSSL_LINUXKM_USE_MUTEXES implementation to fix compilation (and add usability) to caller code;

linuxkm/lkcapi_sha_glue.c: in wc_linuxkm_drbg_ctx_clear(), fix error-path deallocation of locked object;

wolfcrypt/benchmark/benchmark.c:

* in FIPS v6+ builds, and FIPS linuxkm v5+, check retval from wc_AesEncryptDirect() and wc_AesDecryptDirect();
* add WC_RELAX_LONG_LOOP() in bench_stats_sym_finish() and bench_stats_asym_finish_ex();

wolfcrypt/test/test.c: fix rng_seed_test() with correct test vectors for the relevant combinations of features, and gate the test out if there are user override defines for ENTROPY_SCALE_FACTOR or SEED_BLOCK_SZ.
2025-07-30 22:15:05 -05:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
David Garske 59061aebec Fix issue with benchmark help options and descriptions not lining up due to new -aead_set_key added in #8160 on April 14, 2025. 2025-07-02 14:58:11 -07:00
Sean Parkinson d05790ed89 LMS: Allow state to be saved with private key
Defining WOLFSSL_WC_LMS_SERIALIZE_STATE will have the state serialized
before the private key data.
Lots of memory used but means fast reload times. That means that the key
can be reloaded for each sign.
2025-06-24 20:46:41 +10:00
David Garske b9455bc94b Fixes issue with cert gen, no malloc and crypto callback causing wolfssl/wolfcrypt/asn.h:1375:18: error: use of undeclared identifier 'WC_MAX_DIGEST_SIZE. Fixed netcat issue in openssl.test causing server open check to fail on some platforms. Fixed clang-tidy report in benchmark.c where XFTELL could return negative (error) and wasn't handled. 2025-06-20 16:34:46 -07:00
Daniel Pouzzner 5abe5df498 Merge pull request #8760 from miyazakh/benchmark_up
Guard some benchmark tests by NO_SW_BENCH
2025-05-16 12:42:59 -05:00
David Garske a1b644202c Merge pull request #8759 from anhu/index_idx
Rename variable index to idx to avoid conflicting declaration.
2025-05-15 11:01:27 -07:00
Anthony Hu a814683684 Rename variable index to idx to avoid conflicting declaration. 2025-05-14 18:26:37 -04:00
Alex Lanzano 88ae4266cf Don't define PQC option strings in benchmark if WOLFSSL_BENCHMARK_ALL is defined
This fixes the 'defined but not used' build issue in benchmark.c if any PQC algos are enabled
and WOLFSSL_BENCHMARK_ALL is defined.
2025-05-14 08:54:59 -04:00
Hideki Miyazaki 9b7a95e338 gurd tests NO_SW_BENCH 2025-05-14 14:52:51 +09:00
Kaleb Himes 6b66149edb Merge branch 'master' into OE8-CHECK-IN 2025-04-14 15:24:28 -06:00
JacobBarthelmeh 5ecacfd8eb Merge pull request #8577 from SparkiDev/x64-branch-32b
Intel x86_64, gcc, icc: put branches on 32 byte boundary
2025-04-03 10:53:46 -06:00
Daniel Pouzzner ddf7d5b6f1 Merge pull request #8584 from dgarske/stm32_aesgcm
Fixes for STM32H7S AES GCM. Cleanups for STM32 AES GCM.
2025-03-26 10:57:18 -05:00