Commit Graph

11274 Commits

Author SHA1 Message Date
Sean Parkinson 8e14d4a774 Aarch64 AES ASM no hw crypto: no dead code
Fix code so that there is no dead code compiled.
That is, change if checks to #ifdef checks.
2025-12-12 12:31:36 +10:00
Daniel Pouzzner 9201b4e5eb Merge pull request #9515 from anhu/salt_len_min
Note that HMAC_FIPS_MIN_KEY is also salt len min for HKDF
2025-12-11 13:03:06 -06:00
Daniel Pouzzner ef8bf55528 Merge pull request #9495 from SparkiDev/aarch64_no_hw_crypto_asm_aes
Aarch64 no harware crypto assembly AES
2025-12-11 12:46:07 -06:00
Anthony Hu cd4f96924b Better error message too. 2025-12-11 12:23:38 -05:00
Eric Blankenhorn 67b6b284d6 Add checking of size param and clarify usage in doc 2025-12-11 08:27:57 -06:00
Kareem 63976cb09b Fix uninitialized variable, use WOLFSSL_DEBUG_PRINTF macro in Hash_DRBG_Generate to avoid undefined printf reference. 2025-12-10 12:28:54 -07:00
Sean Parkinson 0ab09ab147 PPC32 SHA-256 ASM: support comnpiling for PIC
When compiling for PIC, 30 and 31 are not always available.
Alternative implementation added not using them that puts registers on
the stack.
Small code size version implemented as well.
2025-12-10 16:20:49 +10:00
Sean Parkinson 80b7ea638e Aarch64 no harware crypto assembly AES
Implementations of AES-ECB, AES-CBC, AES-CTR, AES-GCM, AES-XTS with base
instructions and NEON but not using crypto instructions.

Benchmark of AES-ECB added.
Updated AES tests.
2025-12-10 08:55:58 +10:00
Sean Parkinson 886b0c2ec6 Benchmark ECDSA: use digest size instead of key size
The key size can be larger than the maximum digest size supported by the
sign and verify APIs.
Calculate a reasonable digest size for the key size and bound it on the
maximum digest size.
2025-12-05 09:01:12 +10:00
JacobBarthelmeh 5b7480486e Merge pull request #9487 from dgarske/qathash
Fix QAT hash final with no update and fix g++ warnings
2025-12-04 11:35:46 -07:00
David Garske f01c4f10fa Merge pull request #9454 from SparkiDev/rsa_dec_too_small_output_fix
RSA decrypt: don't write past buffer end on error
2025-12-04 10:06:37 -08:00
David Garske 1dfa4d1bcf Merge pull request #9488 from SparkiDev/aes_gcm_4bit_be
AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
2025-12-04 10:06:06 -08:00
Sean Parkinson bff29a8535 ARM32/Thumb2 ASM SHA-256: provide small code size option
WOLFSSL_ARMASM_SHA256_SMALL for Thumb2 and ARM32 using base instructions
compiles implementations that are smaller but slower.
2025-12-04 16:44:37 +10:00
David Garske 45b7fb9e39 Merge pull request #9489 from julek-wolfssl/zd/20860
Fix AKID CA lookup
2025-12-03 08:16:51 -08:00
Juliusz Sosinowicz 995e63f6e1 Fix AKID CA lookup
The `authorityCertIssuer` field refers to the Issuer field of the CA being looked up and not its Subject field.
2025-12-03 10:47:40 +01:00
Sean Parkinson 697bc47d8e AES-GCM, 4-bit table, Big Endian: fast impl of GMULT
Add fast implementation GMULT for big-endian platforms like PowerPC and
PowerPC64.
Speeds up AES-GCM.
2025-12-03 11:22:49 +10:00
David Garske 628c1e5225 Fix g++ compiler implicit cast warnings 2025-12-02 10:54:16 -08:00
David Garske 6deef7c14a QAT fix to properly handle a finish with no update 2025-12-02 09:57:12 -08:00
David Garske dd40417fca Merge pull request #9479 from josepho0918/aes-cbc-mmcau
Prefer ARMASM over MMCAU for AES CBC when both enabled
2025-12-02 07:58:17 -08:00
David Garske a2f46cd9b0 Merge pull request #9470 from lealem47/MLKEM_PUB_HASH_E
ML-KEM: Add check for Pubkey hash mismatch on decoding the dk
2025-12-01 12:49:48 -08:00
Sean Parkinson 6a5e29e21d Merge pull request #9477 from douzzer/20251125-linuxkm-arm-fips-tweaks
20251125-linuxkm-arm-fips-tweaks
2025-11-27 09:03:36 +10:00
Joseph Chen 26206821ff Prefer ARMASM over MMCAU for AES CBC when both enabled 2025-11-26 16:05:05 +08:00
Daniel Pouzzner be1f916028 wolfcrypt/src/aes.c: in the WOLFSSL_ARMASM && GCM_SMALL && !__aarch64__ static C implementation of GCM_gmult_len(), rename to GCM_gmult_len_armasm_C() (incompatible with other implementations);
wolfcrypt/src/aes.c: move FREESCALE_MMCAU implementations later (minimum precedence) for wc_AesEncrypt(), wc_AesDecrypt(), wc_AesSetKeyLocal(), wc_AesSetKey(), and wc_AesSetKeyDirect() (fixes ZD#20862).
2025-11-25 23:01:05 -06:00
Daniel Pouzzner f5543f6b95 wolfcrypt/test/test.c: in wolfcrypt_test_main(), install myFipsCb if applicable, and save failed wolfCrypt retvals to args.return_code to assure error exit. fixes FIPS integrity failure message with wolfEntropy. 2025-11-25 20:21:37 -06:00
Daniel Pouzzner 4fda0883a4 globally rename WC_PIE_RELOC_TABLES to WC_SYM_RELOC_TABLES;
globally replace defined(__PIE__) with defined(WC_CONTAINERIZE_THIS) to decouple containerization from -fPIE;

configure.ac:
* add --enable-kernel-reloc-tables as an alias for --enable-linuxkm-pie;
* always activate ENABLED_ENTROPY_MEMUSE_DEFAULT when KERNEL_MODE_DEFAULTS and not RDSEED/RDRAND, regardless of FIPS presence/version;

linuxkm/Kbuild:
* add -DWC_CONTAINERIZE_THIS to PIE_FLAGS;
* add support for NO_PIE_FLAG, which inhibits -fPIE on ENABLED_LINUXKM_PIE builds, and adds -DWC_NO_PIE_FLAG to PIE_FLAGS;

linuxkm/linuxkm_wc_port.h: add setup for WC_LINUXKM_WOLFENTROPY_IN_GLUE_LAYER;

linuxkm/module_hooks.c: add wc_linuxkm_GenerateSeed_wolfEntropy().
2025-11-25 18:01:25 -06:00
David Garske 0aaa31c438 Merge pull request #9459 from JacobBarthelmeh/async
fix small stack define and warnings for g++ build with async
2025-11-25 14:22:24 -08:00
David Garske 6fc99ac6d8 Merge pull request #9431 from Pushyanth-Infineon/psoc6_aes_support
Enable hardware acceleration for AES on PSoC6.
2025-11-25 13:31:23 -08:00
Sean Parkinson 0afbc1ef08 Merge pull request #9471 from douzzer/20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange
20251124-memory_test-wolfSSL_Atomic_Ptr_CompareExchange
2025-11-25 19:22:22 +10:00
JacobBarthelmeh a83fb4fc42 revert 6bda10a forcing small stack with async 2025-11-25 00:43:04 -07:00
Daniel Pouzzner e459b21744 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: add volatile attribute to wolfSSL_Atomic_Uint_CompareExchange() first arg, for pedantic accuracy;
wolfssl/internal.h and src/ssl.c: add volatile attribute to WOLFSSL_CTX.privateKeyPKey pointer, for pedantic accuracy;

wolfcrypt/test/test.c: in memory_test(), use compatible pointers for all operands in the wolfSSL_Atomic_Ptr_CompareExchange() test, to avoid undefined behavior.
2025-11-24 18:21:09 -06:00
Lealem Amedie eace02115b Address review feedback 2025-11-24 16:57:52 -07:00
Sean Parkinson ea0793f0af Merge pull request #9428 from dgarske/qat_v5.8.4
Migrate wolfAsyncCrypt repo into wolfSSL proper
2025-11-25 09:33:31 +10:00
Sean Parkinson 9c467a916a Merge pull request #9437 from rlm2002/coverity
20251114 Coverity change
2025-11-25 09:26:17 +10:00
Sean Parkinson 86789f92c0 Merge pull request #9446 from dgarske/stm32_castwarn
Fix stm32.c type warnings
2025-11-25 09:22:58 +10:00
Sean Parkinson 76fec60754 Merge pull request #9448 from anhu/p7_unknownExt
unknown extension support in wc_PKCS7_EcdsaVerify
2025-11-25 09:21:47 +10:00
Sean Parkinson c6ecafced2 Merge pull request #9451 from kaleb-himes/ESV-DRBG-Decouple
Esv drbg decouple
2025-11-25 09:19:52 +10:00
David Garske 4ccad17a39 Merge pull request #9465 from SparkiDev/aesgcm_small_armasm
AES-GCM small ARM asm: add back implementation
2025-11-24 15:06:49 -08:00
David Garske 0786aa2585 Merge pull request #9464 from SparkiDev/sp_384_sub_fix
SP Thumb2/ARM32: P-384 sub not needed for small builds
2025-11-24 15:05:43 -08:00
Lealem Amedie f5cb791e39 ML-KEM: Add check for Pubkey hash mismatch on decoding the dk 2025-11-24 10:22:40 -07:00
Joseph Chen 7752df3340 Correct SHA256 final endianness on MMCAU platforms 2025-11-24 16:48:35 +08:00
Sean Parkinson ba47f7f333 AES-GCM small ARM asm: add back implementation
Implementation of GCM mult with length for ARM asm and small GCM was
added to armv8-aes.c but got lost when code pulled back to aes.c.
2025-11-24 11:08:18 +10:00
Sean Parkinson 46c704f51f SP Thumb2/ARM32: P-384 sub not needed for small builds
Don't have an implementation of sp_384_sub when building for small code
size.
2025-11-24 10:45:36 +10:00
Sean Parkinson 23c5678797 RSA decrypt: don't write past buffer end on error
When the decrypted data is bigger than the buffer, the one extra bytes
was being written to.
2025-11-21 12:12:14 +10:00
kaleb-himes 4da42ffae9 Fix typo in header include (capital E) 2025-11-20 09:38:13 -07:00
kaleb-himes dc6fa0ad4e De-couple ESV from DRBG 2025-11-20 09:38:13 -07:00
JacobBarthelmeh b6adf12f83 Merge pull request #9438 from douzzer/20251113-linuxkm-aarch64-fips-tweaks
20251113-linuxkm-aarch64-fips-tweaks
2025-11-19 17:42:45 -07:00
Daniel Pouzzner 06d3d6d3df linuxkm/Kbuild and linuxkm/module_hooks.c: refactor wc_linuxkm_pie_reloc_tab to include ground truth segment tag from ELF metadata.
tweaks for ARM32: recognize R_ARM_* relocations, and add -fno-unwind-tables to PIE_FLAGS.

linuxkm/linuxkm_wc_port.h:
* __PIE__: don't declare static pmd_to_page() unless USE_SPLIT_PMD_PTLOCKS.
* add wc_lkm_refcount_to_int() helper with -Wnested-externs suppressed.

wolfcrypt/src/fe_operations.c: in fe_frombytes() and fe_sq2(), use explicit XMEMSET()s to initialize working vars, rather than implicit, to avoid implicit (unshimmable) memset() calls.

wolfcrypt/src/ge_operations.c: fix gate on _wc_curve25519_dummy() to require CURVED25519_ASM.
2025-11-19 17:21:29 -06:00
JacobBarthelmeh 23a6edcc89 adjust test case to account for AES-GCM key size support with Xilinx afalg 2025-11-19 23:00:13 +00:00
JacobBarthelmeh 96dde5b4a8 Merge pull request #9392 from philljj/bsdkm
bsdkm: initial wolfcrypt FreeBSD kernel module support.
2025-11-19 15:25:21 -07:00
Anthony Hu 668602016c Allow user to prevent wc_PKCS7_EcdsaVerify from erroring out due to extentions we do not know about 2025-11-19 14:36:04 -05:00