Commit Graph

201 Commits

Author SHA1 Message Date
David Garske a7379fa811 Merge pull request #10355 from miyazakh/rx72n_fix_usersettings
[Renesas RX72N] Fix SP_MATH and SP_MATH_ALL conflict in user_settings.h
2026-05-05 11:48:32 -07:00
Tobias Frauenschläger 9393d62591 Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
Replace the liboqs-based pre-standardization SPHINCS+ implementation
with the native FIPS 205 SLH-DSA implementation across the
certificate / ASN.1 / X.509 layers, and add SLH-DSA-rooted test
certificates plus TLS 1.3 .conf scenarios that exercise the new
verification path. All liboqs SPHINCS+ code is removed.

This enables SLH-DSA for certificate chain authentication: CA
certificates signed with SLH-DSA, certificate signature verification
against an SLH-DSA root. TLS 1.3 entity authentication via
CertificateVerify with SLH-DSA will be added in a follow-up PR.

Follows RFC 9909 (X.509 Algorithm Identifiers for SLH-DSA) and
NIST FIPS 205. Supports both SHAKE and SHA-2 parameter families
across all twelve standardized variants.

DER codec:
- New PrivateKeyDecode, PublicKeyDecode, KeyToDer, PrivateKeyToDer,
  PublicKeyToDer with RFC 9909 encoding (bare OCTET STRING containing
  4*n raw bytes = SK.seed || SK.prf || PK.seed || PK.root, no nested
  wrapper). OID auto-detection across all twelve SHAKE / SHA-2 variants.
- PublicKeyDecode raw-bytes fast path mirrors wc_Falcon_PublicKeyDecode
  and wc_Dilithium_PublicKeyDecode so callers (notably
  wolfssl_x509_make_der and ConfirmSignature, which pass the raw
  BIT STRING contents stashed by StoreKey) decode correctly. Honours
  the caller's *inOutIdx start offset.
- Error paths in Private/PublicKeyDecode preserve params/flags/
  inOutIdx and only ForceZero the buffer half each helper actually
  writes; skip the wipe entirely on BAD_LENGTH_E (no bytes touched).
- ImportPublic uses |= on flags so a Private-then-Public import
  sequence retains FLAG_PRIVATE.

OID dispatch:
- 12 standardized NIST OIDs (6 SHAKE + 6 SHA-2) per RFC 9909. The
  pre-standardization OID-collision mechanism is removed since NIST
  OIDs do not collide.
- wc_SlhDsaOidToParam / wc_SlhDsaOidToCertType return NOT_COMPILED_IN
  (rather than -1) for recognised SLH-DSA OIDs whose parameter set
  isn't built; wc_IsSlhDsaOid recognises both. The x509 dispatch
  surfaces this as a precise diagnostic instead of the generic
  "No public key found".
- wc_GetKeyOID picks a placeholder parameter from whatever variant is
  compiled in and #errors at compile time if none is.
- asn_orig.c EncodeCert / EncodeCertReq accept SHA-2 SLH-DSA keyTypes
  alongside SHAKE.

Tests and fixtures:
- Test cert chain in certs/slhdsa/: SLH-DSA-SHAKE-128s and
  SLH-DSA-SHA2-128s self-signed roots that sign reused ML-DSA-44
  entity keys (server + client), plus the gen script
  (gen-slhdsa-mldsa-certs.sh, OpenSSL >= 3.5).
- New TLS 1.3 .conf scenarios under tests/suites.c dispatch:
  test-tls13-slhdsa-shake.conf, test-tls13-slhdsa-sha2.conf, and a
  wrong-CA negative test test-tls13-slhdsa-fail.conf.
- DER round-trip and on-disk decode tests; bench_slhdsa_*_key.der
  fixtures regenerated with wolfSSL's own encoder so the codec is
  pinned to RFC 9909.
- New unit test test_wc_slhdsa_x509_i2d_roundtrip exercises the raw
  PublicKeyDecode entry point that wolfssl_x509_make_der relies on.
- test_wc_slhdsa_check_key now tests both Public-then-Private and
  Private-then-Public import orderings.

Build / ABI:
- DYNAMIC_TYPE_SPHINCS = 98 kept as RESERVED with a tombstone comment
  for ABI stability; new code should use DYNAMIC_TYPE_SLHDSA (107).
- All build system / IDE project files updated; SPHINCS+ sources,
  headers, and test data removed.
- Dead bench_slhdsa_*_key arrays removed from gencertbuf.pl and
  certs_test.h; the .der files on disk drive the decode tests.
2026-04-30 18:32:07 +02:00
Hideki Miyazaki 3725f139ff Fix SP_MATH and SP_MATH_ALL conflict 2026-04-30 15:42:05 +09:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Hideki Miyazaki c74a95c8d0 rm WOLFSSL_ASN_ORIGINAL from user_settings.h
- update signed ca cert (rsa/ecc)
 - update compiler options for v3.06.00
2026-02-05 00:08:35 +09:00
Hideki Miyazaki ba63d81441 add .gitignore to include.am 2025-12-24 06:36:08 +09:00
Hideki Miyazaki 75fad16f20 addressed code review comments 2025-12-24 05:59:09 +09:00
Hideki Miyazaki fc583d068f add SK-S7G2 support
Update README based on copilot suggestion
2025-12-20 10:32:09 +09:00
Hideki Miyazaki 090d89acbc add RA6M4/tools folder to include.am 2025-12-10 10:18:26 +09:00
Hideki Miyazaki 13809256ef minor update README 2025-09-12 17:54:49 +09:00
David Garske f1ef484076 Merge pull request #9150 from miyazakh/update_fsp_v610
Update Renesas FSP version on RA6M4
2025-09-09 12:26:03 -07:00
Hideki Miyazaki 815f2ce9db Update Renesas FSP version on RA6M3 example 2025-09-06 19:12:24 +09:00
Hideki Miyazaki e2fe74502f Add wolfSSL/Debug folder as include
- remove BSP_WarmStart() due to duplicate
2025-08-30 09:28:09 +09:00
Hideki Miyazaki 295a11d0f7 update Readme 2025-08-30 09:24:46 +09:00
Hideki Miyazaki 53ae865184 Addressed code review 2025-08-06 19:13:20 +09:00
Hideki Miyazaki 8e6b13822b fix trailing whitespace, adding files to am and know macro 2025-08-01 17:36:23 +09:00
Hideki Miyazaki a63bb12f6b Move devId from internal to public
- addressed code review by devin
2025-08-01 16:58:16 +09:00
Hideki Miyazaki 9b7caac3ef Update RZ examples
- Use xSPI0 boot mode
 - Update FSP from v1.3 to v2.0.0
 - Simplify UART
 - Migrate new User Ctx
 - Update README
 - Fix SCE TLS on RA6M4
2025-07-31 11:04:06 +09:00
Hideki Miyazaki 5e77253577 Addressed code review comments 2025-07-23 07:44:30 +09:00
Hideki Miyazaki cc123d7c3a Make properties related to SCE TLS hidden
- Fix RSA Crypt callback
 - Eliminate WOLFSSL_LOCAL
2025-07-17 18:16:40 +09:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Hideki Miyazaki b60a05f45e Fix TSIP port using crypto callback
- Add unit test using cb
2025-07-03 08:23:24 +09:00
David Garske 41591e7eb9 Fixes for TSIP AES CTR unit tests and handling of invalid cases. 2025-06-24 09:41:33 -07:00
David Garske 191165a021 Test case created by @miyazakh. 2025-06-24 09:41:33 -07:00
Hideki Miyazaki eeb3961b6f fix trailing whitespace 2025-06-07 14:23:59 +09:00
Hideki Miyazaki 1f8efc3c14 fix TSIP example
fix Client Certificate Verify using RSA sign/verify
2025-06-07 12:38:18 +09:00
Hideki Miyazaki 4aea2a1cd2 Update README to add SEGGER_RTT control block 2025-06-04 13:41:01 +09:00
Hideki Miyazaki 8445e66ceb Update signed certificate 2025-06-04 13:41:01 +09:00
Hideki Miyazaki aef224d53e fix cs+ failure 2025-04-03 07:57:42 +09:00
Hideki Miyazaki d56b623958 Trailing white-space 2025-02-05 07:03:45 +09:00
Hideki Miyazaki 77f3b45af0 update key_data 2025-02-05 00:11:55 +09:00
JacobBarthelmeh 2c24291ed5 update copyright date 2025-01-21 09:55:03 -07:00
Daniel Pouzzner ed18bf3deb In wolfcrypt/src/port/ and IDE/, replace remaining uses of AES_BLOCK_SIZE with WC_AES_BLOCKSIZE for compatibility with OPENSSL_COEXIST.
Automated replacement with
```
git ls-files -z wolfcrypt/src/port/ IDE/ | xargs -0 pcre2grep -l '[^_]AES_BLOCK_SIZE' | xargs sed --regexp-extended --in-place 's/([^_])AES_BLOCK_SIZE/\1WC_AES_BLOCK_SIZE/g'
```

Checked for mis-transformations with
```
git ls-files -z | xargs -0 pcre2grep '[^-[()+*/[:space:]]WC_AES_BLOCK_SIZE' | less
```

Checked for residual hits with
```
git ls-files -z | xargs -0 pcre2grep '[^_]AES_BLOCK_SIZE' | less
```

Deliberately excluded:
* ChangeLog.md -- do not alter history.
* doc/ -- do not confuse documentation with newly prefixed macro, because AES_BLOCK_SIZE is available unless -DOPENSSL_COEXIST.
* tests/api.c -- the unit tests deliberately use compatibility names, and are not compatible with -DOPENSSL_COEXIST.
* wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs -- false positive hits on C# names.
* wrapper/CSharp/wolfCrypt-Test/wolfCrypt-Test.cs -- false positive hits on C# names.
* reference in wolfssl/wolfcrypt/aes.h that defines AES_BLOCK_SIZE when -UOPENSSL_COEXIST.
* reference in wolfssl/wolfcrypt/settings.h that defines WC_AES_BLOCK_SIZE for old FIPS when -UWC_AES_BLOCK_SIZE.
2024-12-21 10:28:18 -06:00
Daniel Pouzzner 67800c3a22 Merge pull request #8292 from JacobBarthelmeh/xsocktlen
set dk-s7g2 socklent
2024-12-21 00:01:33 -06:00
Hideki Miyazaki 39c11c269f Fix RA6M jankins failure 2024-12-18 07:37:21 +09:00
JacobBarthelmeh 6442689d22 set dk-s7g2 socklent 2024-12-13 17:01:58 -07:00
David Garske 401a64d112 Improve stdarg.h around uses of var_arg. Cleanup warning for XFREE/XMALLOC redef. 2024-11-22 08:11:32 -08:00
David Garske c5e43280b9 Fix for RX TSIP AES GCM 128 unit test resultP/C sizes causing failure. 2024-11-20 13:48:05 -08:00
David Garske d109f38cbd Fixes for RSA TSIP RSA Sign/Verify. Tested on RX72N EnvisionKit. Added THREADX threading support.
```
Start wolf tsip crypt Test

 simple crypt test by using TSIP
 sha_test() passed
 sha256_test() passed
 tsip_aes_cbc_test()  passed
 tsip_aes256_test()  passed
 tsip_rsa_test(2048) passed
 tsip_rsa_SignVerify_test(2048) passed

End wolf tsip crypt Test
```
2024-11-20 13:08:26 -08:00
Daniel Pouzzner ae0d73d9fd Merge pull request #8122 from miyazakh/tsip_rsa_private_enc
Implement TSIP RSA Public Enc/Private Dec
2024-11-16 16:12:51 -06:00
Daniel Pouzzner aa18bbca55 assorted cleanups and refactors for C89 conformance, codespell and check-source-text, and consistent heap shim usage.
.github/workflows/codespell.yml: remove */README_jp.txt from "skip" list.

IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt: convert from SHIFT_JIS to UTF-8.

cmake/options.h.in: use "#cmakedefine HAVE_PTHREAD 1" to avoid conflict with config.h.

configure.ac: add --enable-c89, and remove !ENABLED_OPENSSLEXTRA dependency from AM_CONDITIONAL([BUILD_CRYPTONLY],...).

wolfcrypt/src/asn.c: refactor SetOthername() for efficiency, and add PRAGMA_GCC to suppress false positive -Wstringop-overflow associated with -fstack-protector.

wolfssl/wolfcrypt/rsa.h: add WC_ prefixes to RSA_PKCS1_PADDING_SIZE and RSA_PKCS1_OAEP_PADDING_SIZE, and define unprefixed compat aliases only if !OPENSSL_COEXIST.

wolfssl/wolfcrypt/types.h:

  #ifdef WOLF_C89, #define WC_BITFIELD unsigned;
  enhance WOLF_ENUM_DUMMY_LAST_ELEMENT() to include the line number, to construct unique labels given a per-filename argument, to accommodate anonymous enums.

examples/asn1/asn1.c:
examples/client/client.c:
examples/pem/pem.c:
examples/server/server.c:
wolfcrypt/src/sp_dsp32.c:
wolfcrypt/src/wc_port.c:
wolfssl/test.h:

  use XMALLOC/XREALLOC/XFREE consistently, not malloc/realloc/free.

wolfcrypt/benchmark/benchmark.c:
wolfcrypt/src/memory.c:
wolfcrypt/test/test.c:
wolfssl/wolfcrypt/mem_track.h:
wolfssl/wolfcrypt/settings.h:
wolfssl/wolfcrypt/types.h:

  annotate intentional native heap access with "/* native heap */".

wolfcrypt/src/asn.c:
wolfssl/callbacks.h:
wolfssl/openssl/ec.h:
wolfssl/openssl/ssl.h:
wolfssl/wolfcrypt/hpke.h:
wolfssl/wolfcrypt/types.h:

  fix enum trailing commas.

wolfssl/openssl/ec.h:
wolfssl/openssl/evp.h:
wolfssl/openssl/rsa.h:
wolfssl/openssl/ssl.h:

  use WC_BITFIELD in bitfield elements, not byte or word16, to allow for pedantic C89 conformant builds.

wolfssl/openssl/ec.h:
wolfssl/openssl/evp.h:
wolfssl/openssl/pem.h:
wolfssl/openssl/ssl.h:
wolfssl/wolfcrypt/logging.h:
avoid variadic macros wherever possible, and where unavoidable, #ifdef WOLF_NO_VARIADIC_MACROS, define them with empty arg lists, rather than ..., to support Watcom compiler.

wolfssl/wolfcrypt/settings.h: if defined(__WATCOMC__), define WOLF_NO_VARIADIC_MACROS.
2024-11-07 22:36:24 -06:00
David Garske 02c2f445d9 Cleanup unused variables and function (void). 2024-11-05 09:45:01 -08:00
David Garske 6b02d7879a Add public decrypt and private encrypt. Cleanups. 2024-11-05 09:24:00 -08:00
Andras Fekete 8612f15d2e Don't modify Renesas config files 2024-11-01 12:59:01 -04:00
Andras Fekete 8b81d6e099 Simple word fix 2024-11-01 12:59:01 -04:00
Andras Fekete b8253ac4c5 Final set of spelling fixes 2024-11-01 12:59:01 -04:00
Hideki Miyazaki b409967f3b fix spaces 2024-10-30 07:47:40 +09:00
Hideki Miyazaki 32c1f8bbd7 implement TSIP RSA Public Enc/Private Dec 2024-10-29 20:09:22 +09:00
Hideki Miyazaki ba1cd85934 check Root CA by TSIP before adding it to ca-table 2024-10-23 18:02:56 +09:00
Hideki Miyazaki 3f0a17b331 Update TSIP driver version to v1.21
Use ASN_TEMPLATE
Extracting YEAR and MONTH from __DATE__
2024-09-21 06:23:59 +09:00