Commit Graph

24443 Commits

Author SHA1 Message Date
Anthony Hu 41d8eabb33 Update INSTALL file regarding PQ 2025-02-04 13:28:05 -05:00
JacobBarthelmeh 275becab6f Merge pull request #8406 from julek-wolfssl/krb5-spake-testing
Add spake to kerberos 5 testing
2025-01-31 13:45:36 -07:00
JacobBarthelmeh 4891d1c471 Merge pull request #8400 from ColtonWilley/add_trusted_cert_pem_parsing
Add support for parsing trusted PEM certs
2025-01-31 10:53:51 -07:00
Juliusz Sosinowicz a48f7ce276 Add spake to kerberos 5 testing 2025-01-31 18:28:31 +01:00
JacobBarthelmeh 4abba81315 Merge pull request #8405 from anhu/thanks_tobiasbrunner
Fix some typoes around Kyber and Dilithium
2025-01-31 10:05:14 -07:00
Anthony Hu f86b19dd30 Fix some typoes around Kyber and Dilithium 2025-01-31 10:13:39 -05:00
David Garske e7a0340eea Merge pull request #8395 from SparkiDev/asm32_asm_older_opt
ARM32 ASM: optimize older platform alternatives
2025-01-30 15:47:25 -08:00
Colton Willey cb0779f151 Add trusted cert to generation script and include.am 2025-01-30 15:29:59 -08:00
Sean Parkinson 3f47963802 Merge pull request #8396 from douzzer/20250129-CT-tweaks
20250129-CT-tweaks
2025-01-31 09:10:22 +10:00
JacobBarthelmeh 6181559d83 Merge pull request #8401 from douzzer/20250130-UHAVE_FFDHE_2048
20250130-UHAVE_FFDHE_2048
2025-01-30 15:55:25 -07:00
Colton Willey a0950e97f5 Add tests for trusted certificate banner 2025-01-30 14:42:41 -08:00
Daniel Pouzzner 3a6b33c180 tests/api.c and wolfcrypt/benchmark/benchmark.c: fixes for building with HAVE_FFDHE_3072 and/or HAVE_FFDHE_4096 but without HAVE_FFDHE_2048. 2025-01-30 15:02:02 -06:00
Colton Willey c4288cc334 Add support for parsing PEM certificates with begin trusted cert header/footer, needed for wolfProvider. 2025-01-30 11:34:02 -08:00
JacobBarthelmeh eb7bac3cd0 Merge pull request #8399 from julek-wolfssl/cov-fixes-30-01-2025
Cov fixes
2025-01-30 11:56:36 -07:00
JacobBarthelmeh 9641dc79d9 Merge pull request #8398 from douzzer/20250130-ASCON-unit-test-fixes
20250130-ASCON-unit-test-fixes
2025-01-30 10:57:05 -07:00
Juliusz Sosinowicz c36d23029f dtls: malloc needs to allocate the size of the dereferenced object 2025-01-30 18:32:22 +01:00
Juliusz Sosinowicz 9a8bc248de dtls: remove dead code 2025-01-30 18:32:22 +01:00
Juliusz Sosinowicz 3cd64581eb dtls: better sanitize incoming messages in stateless handling 2025-01-30 18:32:22 +01:00
JacobBarthelmeh f7b76002c2 Merge pull request #8397 from SparkiDev/kyber_no_malloc
ML-KEM/Kyber: build with no malloc
2025-01-30 10:06:13 -07:00
Juliusz Sosinowicz e4b7a53191 api: make sure len doesn't overrun the input buffer 2025-01-30 18:01:51 +01:00
Juliusz Sosinowicz 2865b0c79b api: check fd values as recv and send can't take in negative fd 2025-01-30 18:01:10 +01:00
Juliusz Sosinowicz d91141fe05 api: pass in sizeof(tmp) instead of 1024 to attempt to satisfy Coverity 2025-01-30 18:00:32 +01:00
Juliusz Sosinowicz 2590aebfd9 dtls13: don't overrun hdr->epoch 2025-01-30 17:59:48 +01:00
Daniel Pouzzner 49d2beed1a fixes for gating/tooling around ASCON. 2025-01-30 10:48:23 -06:00
Sean Parkinson b62f5ab722 ML-KEM/Kyber: build with no malloc
ML-KEM/Kyber van now be built with WOLFSSL_NO_MALLOC and all data is on
the stack.
2025-01-30 18:11:55 +10:00
Daniel Pouzzner 0de38040f4 CT tweaks:
in wolfcrypt/src/coding.c, add ALIGN64 to hexDecode[], and add hexEncode[] for use by Base16_Encode();

in wolfcrypt/src/misc.c and wolfssl/wolfcrypt/misc.h:

move ctMask*() up so that min() and max() can use them, and add ctMaskWord32GTE();

add ALIGN64 to kHexChar[];

add CT implementation of CharIsWhiteSpace();

remove min_size_t() and max_size_t() recently added, but only one user (refactored).
2025-01-30 01:24:40 -06:00
Daniel Pouzzner dd7ec129af fixes for gating/tooling around ASCON. 2025-01-30 01:23:26 -06:00
Sean Parkinson 2d06e67a64 ARM32 ASM: optimize older platform alternatives
Make the alternative instructions for architectures less than 7 more
optimal.
2025-01-30 16:58:13 +10:00
Anthony Hu 25c8869541 Merge pull request #8390 from SparkiDev/lms_sha256_192_l1_h20
LMS: Fix SHA-256-192 level 1, height 20
2025-01-29 18:20:50 -05:00
Sean Parkinson 871c05e0e2 Merge pull request #8307 from julek-wolfssl/ascon
Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd
2025-01-30 08:39:59 +10:00
Juliusz Sosinowicz bcde4bdebb ascon: move tests to api.c and introduce framework to split up api.c 2025-01-29 15:50:00 +01:00
Juliusz Sosinowicz cd047a35f2 fixup! Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 2025-01-29 12:21:28 +01:00
Juliusz Sosinowicz b0ab7f0d26 ascon: use individual word64 to help compiler 2025-01-29 11:49:09 +01:00
Juliusz Sosinowicz 78a7d12955 ascon: use lowercase first letters for members 2025-01-29 11:38:31 +01:00
Juliusz Sosinowicz f47bbfc174 ascon: error out when word64 not available 2025-01-29 11:36:33 +01:00
Juliusz Sosinowicz 76e29be1a9 ascon: remove 6 round perm as its not used 2025-01-29 11:33:11 +01:00
Juliusz Sosinowicz 028b5b3cda Fix references to match NIST draft 2025-01-29 11:31:34 +01:00
Juliusz Sosinowicz 3e65b927dd fixup! ascon: added forced permutation unroll 2025-01-29 11:26:04 +01:00
Juliusz Sosinowicz 1018144ece fixup! Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 2025-01-29 11:24:29 +01:00
Juliusz Sosinowicz 0e20cbe210 ascon: move implementation defines to source file 2025-01-29 11:10:44 +01:00
Juliusz Sosinowicz ab5ce46bf3 ascon: move key to start of struct to avoid gaps in the struct 2025-01-29 11:08:16 +01:00
Juliusz Sosinowicz ddcc189094 ascon: fix api naming Deinit -> Clear 2025-01-29 11:07:40 +01:00
Juliusz Sosinowicz c5ad780798 Force experimental flag to enable ascon 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz e4100d977c ascon: added forced permutation unroll 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz 0e7bee9577 ascon-aead: add benchmarking 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz 0309c3a084 Add docs 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz e3a612300b Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd
Implemented based on the NIST Initial Public Draft "NIST SP 800-232 ipd". Testing based on KAT's available at https://github.com/ascon/ascon-c. Added configuration for testing in github action.
2025-01-29 11:02:47 +01:00
Sean Parkinson 08a46f5431 LMS: Fix SHA-256-192 level 1, height 20
Fix parameters for SHA-256-192, Level 1, Height 20, Winternitz: 2, 4, 8
2025-01-29 08:50:43 +10:00
David Garske 45b385ade3 Merge pull request #8389 from douzzer/20250127-fix-disable-tls-config
20250127-fix-disable-tls-config
2025-01-28 09:09:08 -08:00
Daniel Pouzzner 2eb775d5c3 configure.ac: add enable_dtls_mtu, enable_dtlscid, and enable_dtls_frag_ch to features disabled when $ENABLED_TLS" = "no". 2025-01-28 09:46:39 -06:00