Commit Graph

24 Commits

Author SHA1 Message Date
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Daniel Pouzzner 83e9a0780f wolfcrypt/src/wc_lms.c: fix leak in wc_LmsKey_Reload(). 2025-12-18 11:09:37 -06:00
effbiae 7a3db09ddd automated small stack compress 2025-10-11 11:40:30 +11:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Sean Parkinson d05790ed89 LMS: Allow state to be saved with private key
Defining WOLFSSL_WC_LMS_SERIALIZE_STATE will have the state serialized
before the private key data.
Lots of memory used but means fast reload times. That means that the key
can be reloaded for each sign.
2025-06-24 20:46:41 +10:00
David Garske c4428a432f Merge pull request #8912 from SparkiDev/lms_sha256_192_w_fix
LMS SHA-256_192: fix parameters
2025-06-23 15:35:02 -07:00
David Garske d4c827bc5e Fix for building LMS with verify only. Added tests for LMS/XMSS verify only. New wc_LmsKey_GetKid references key->priv_raw that is not available. 2025-06-23 11:12:53 -07:00
Sean Parkinson f36f86ee98 LMS SHA-256_192: fix parameters
Winternitz bits needs to be one larger when only 192 bit hash.
2025-06-23 08:16:05 +10:00
Sean Parkinson 640b060792 LMS: Key ID fixup
Fix implementation for extracting from private key data.
Add implementation that gets Key ID from wc_LmsKey.
2025-06-05 10:25:47 +10:00
Daniel Pouzzner 90f30fd15e Merge pull request #8623 from SparkiDev/lms_kid_from_privraw
LMS: add API to get Key ID from raw private key
2025-04-17 00:49:08 -05:00
Daniel Pouzzner c401f5caf2 move the newly added wolfcrypt/src/wolfssl_sources.h to wolfssl/wolfcrypt/libwolfssl_sources.h, and likewise for wolfssl_sources_asm.h; revert changes to IDE/ project files. 2025-04-04 18:44:12 -05:00
Daniel Pouzzner 217440c885 Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h,
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
  sources to include them at the top.

  wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
  conditionally, config.h.  settings.h and wc_port.h are unconditionally
  included at the top of types.h.

  wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.

Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
  files.

Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
  wolfssl/wolfcrypt/settings.h to allow coverage testing.

In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
  them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.

Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.

Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
  for clarity.
2025-04-04 16:51:04 -05:00
Sean Parkinson fafc333e93 LMS: add API to get Key ID from raw private key
Always last 16 bytes of private key.
2025-04-02 16:05:11 +10:00
Tobias Frauenschläger af4017132d LMS fixes
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-26 15:33:59 +01:00
Sean Parkinson 08a46f5431 LMS: Fix SHA-256-192 level 1, height 20
Fix parameters for SHA-256-192, Level 1, Height 20, Winternitz: 2, 4, 8
2025-01-29 08:50:43 +10:00
David Garske f61d276f3b Merge pull request #8362 from JacobBarthelmeh/copyright
update copyright date to 2025
2025-01-21 16:23:49 -08:00
JacobBarthelmeh 2c24291ed5 update copyright date 2025-01-21 09:55:03 -07:00
Anthony Hu 4ca65f0ce7 Better guarding for LMS SHA256_256 vs LMS SHA256_192 2025-01-10 17:24:05 -05:00
Daniel Pouzzner d85c108952 wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: add WC_FAILURE ("wolfCrypt generic failure") with value -1, for traceable error return of -1 in wolfCrypt.
configure.ac: add OPENSSL_EXTRA to --enable-wolfsentry.

linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, wolfssl/ssl.h: accommodate backward dependencies for wolfSSL_X509_NAME_add_entry_by_NID, wolfSSL_X509_NAME_free, and wolfSSL_X509_NAME_new_ex.

linuxkm/lkcapi_glue.c: if CONFIG_CRYPTO_MANAGER, assert match of CONFIG_CRYPTO_FIPS and HAVE_FIPS.

src/ssl_crypto.c, wolfcrypt/src/wc_lms.c, wolfcrypt/src/wc_lms_impl.c, wolfcrypt/src/wc_xmss.c, wolfcrypt/test/test.c: add missing casts for XMALLOC()s.

src/ssl_crypto.c: in wolfSSL_AES_decrypt(), fix gate for wc_AesDecryptDirect() return type.

wolfcrypt/test/test.c: smallstack refactor in test_dilithium_decode_level().

tests/api.c: fix uninited vars and "embedding a directive within macro arguments is not portable" in test_wc_dilithium_der().
2024-11-21 21:59:26 -06:00
Sean Parkinson ae46f52a66 LMS: SHA-256/192 parameters
Add support for parameter sets with SHA-256/192.
2024-10-16 07:15:18 +10:00
Daniel Pouzzner c36ab59f24 fixes for defects identified by nightly testing:
* ecc.c: in wc_ecc_free(), fix gating around handling for key->sign_k to resolve memory leak, and in wc_ecc_gen_deterministic_k(), fix -Wconversion.

* test.c: add missing mp_free()s to ecdsa_test_deterministic_k_rs() and ecc521_test_deterministic_k().

* wc_HashType: change several occurrences of int to enum wc_HashType, including ecc_key.hashType and API wc_ecc_set_deterministic_ex(), to resolve C++ warnings.

* fixes for various C++ warnings/errors in crypto and TLS layers and test and benchmark code -- implicit casts, negative initializers for unsigned type, jumped initializers, and missing enums in switch()es.
2024-07-17 18:07:08 -05:00
Sean Parkinson e47f1d4190 LMS, XMSS: move code into wolfCrypt
Move implementations of LMS and XMSS into wolfCrypt and use by default.
2024-05-03 15:43:22 +10:00
Sean Parkinson 6c8df33191 LMS: initial implementation
Initial wolfSSL implementation of LMS.
Changed LMS benchmarking to time making a key and reloading.
SHA-256:
  Added wc_Sha256HashBlock to make hashing a block fast.
Fixed assembly code to be able to hash a block from an external
buffer.
  Simplified code were possible.
Moved byte reversal decision logic to one place instead of replicating
length checks.
2024-03-07 11:43:16 +10:00
jordan 67bef21185 Add LMS/HSS wolfCrypt hooks. 2023-07-06 10:55:53 -05:00