Commit Graph

48 Commits

Author SHA1 Message Date
Tobias Frauenschläger 4d259da60a PQC: CryptoCb support for KEM algorithm Kyber
Add support for crypto callback and device id for all three Kyber PQC KEM
function calls.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-18 17:02:49 +01:00
Tobias Frauenschläger 8e6d151403 PQC: CryptoCb support for signature algorithms
Add initial support of the crypto callback API to the two PQC signature
algorithms Dilithium and Falcon. This ultimatelly enables the usage of
external hardware modules (e.g. secure elements) for these algorithms.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2024-01-18 17:02:38 +01:00
David Garske d9ac8b5422 Peer review fixes. Fix issues with Tls13HKDFExpandKeyLabel. Fix crypto callback line lengths. 2023-12-22 14:16:59 -08:00
David Garske fb5eab8f79 Fix one shot hash routines to attempt offloading to crypto callbacks. Fix random.c health test to use devId. Fix FIPS unused "ssl". 2023-12-19 11:20:56 -08:00
David Garske 205403ebb2 Add more information in the DEBUG_CRYPTOCB. 2023-12-18 17:11:16 -08:00
David Garske 434526c345 Expand WOLFSSL_NO_CRL_DATE_CHECK to the process cert CRL next date check. Fix typo for DEBUG_CRYPTOCB. Add comments for wc_ValidateDate arguments. Improve linker script example for FIPS to put stdlib before FIPS and not force KEEP. 2023-12-07 14:45:16 -08:00
billphipps 7a6e851a82 Corrected print format string. 2023-08-25 13:59:23 -04:00
billphipps d7f8cc55d8 Update wolfcrypt/src/cryptocb.c
Correction
2023-08-25 11:24:47 -04:00
billphipps 27bc7219e5 Correct cryptocb cmd debug message 2023-08-25 11:16:15 -04:00
billphipps 10adca1a45 Add CryptoCb features (#6636)
* Update to support invoking cryptocb during un/register.
2023-07-27 13:16:43 -07:00
Andras Fekete 266307da6c Add in ARIA wrappers
Address PR comments + other cleanup


Addressing PR comments


Minor change


Make sure the last line gets output as well


Add in ARIA SHA256 session to internal structure


Add in ARIA SHA384 session to internal structure


Add necessary function for ARIA to extract key


Fix unit tests


Rename HAVE_ARIAGCM to HAVE_ARIA


Move aria.* to wolfcrypt/port/aria


Separate out aria-crypt init functions


Adding in ECC+SHA callbacks


Avoid using AC_CHECK_FILE


Rename Aria to wc_Aria


Don't need special cases


Addressing PR comments


Code cleanup


C89 support


Remove TODO


Add documentation about buffer size


Clean up header files


Use ARIA_DEVID by default if available


Dummy update call to make MagicCrypto happy


Fix for detecting what algo type to use


Documentation


Use the appropriate sign/verify


Collect MagicCrypto functions together (and avoid leaks)


Fall back on other implementations on failure


Fix issue when compiling without CRYPTOCB


Addressing PR comments


Better cleanup


Addressing PR comments


Cleaner exit in case of error
2023-07-06 16:09:23 -04:00
Sean Parkinson e954110cc5 CryptoCb, PKCS#11: add RSA key size lookup
wc_RsaEncryptSize(): assumed a key size of 2048 when using hardware key.
Added callback to do lookup and implemented for PKCS#11.
If lookup not supported then assumes 2048 bits.
2023-05-24 11:42:52 +10:00
JacobBarthelmeh 07c41c5498 add macro guard on test case 2023-05-10 15:51:39 -07:00
JacobBarthelmeh bab35c4de2 add WOLF_CRYPTO_CB_FIND macro to guard find device ID callback 2023-05-10 15:28:19 -07:00
David Garske 61dfbf5ef2 Fixes and improvements for building with low footprint. Fix for ASN template with RSA verify only (was missing mp_leading_bit). Fix to allow disabling DRBG with crypto callbacks enabled. Updated the wolfTPM user_settings.h template with low resource option. 2023-05-02 16:51:41 -07:00
JacobBarthelmeh ccb9bdd903 set dev ID with signature check (#6318)
* set dev ID with signature check

* refactor devId use and add API to set devId in WOLFSSL_CERT_MANAGER structure

* add api.c call to set devid with WOLFSSL_CERT_MANAGER

* resolving devID CRL issue and CM pointer

* add device find callback

* add simple test case
2023-04-26 11:19:00 -07:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Daniel Pouzzner 69ca1d37c0 fixes for defects identified by wolfssl-multi-test: whitespace, missing void in arg lists, and -Wunused-but-set-variable found by clang-15 (prerelease). 2022-06-20 10:54:55 -05:00
David Garske 802e3127c0 Merge pull request #5145 from JacobBarthelmeh/caam
CAAM support with QNX i.MX8, add AES-CTR crypto callback
2022-06-03 15:24:10 -07:00
JacobBarthelmeh ad49aea17d fix for setting AES-CCM decrypt nonce with crypto callback 2022-05-25 13:59:56 -07:00
JacobBarthelmeh c0d7f3b2e6 add support for i.MX8 with QNX CAAM 2022-04-27 02:27:05 -07:00
David Garske ed58cfdc0f Add DEBUG_CRYPTOCB and wc_CryptoCb_InfoString to help with debugging crypto callbacks. 2022-04-22 12:20:55 -07:00
JacobBarthelmeh 55b42dd85a Add SECO use and expand cryptodev 2022-03-17 12:04:52 -06:00
Sean Parkinson 33a6b8c779 Merge pull request #4531 from dgarske/cryptocb_aesccm
Added crypto callback support for AES CCM
2021-11-16 22:45:11 +10:00
Daniel Pouzzner 0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
David Garske 82c106be80 Added crypto callback support for AES CCM. 2021-11-02 09:53:55 -07:00
Daniel Pouzzner c0778e5ad9 gate access to wc_Sha512.devId on !NO_SHA2_CRYPTO_CB. 2021-10-26 20:24:28 -05:00
David Garske 15d761a0c2 Added ED25519 and Curve25519 crypto callback support. 2021-06-16 11:49:24 -07:00
David Garske 9c24731e3c Added SHA2-384/512 crypto callback support. 2021-06-16 11:49:24 -07:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
Jacob Barthelmeh 749425e1e8 first pre alpha code for QNX + CAAM
manual run of RNG init and JDKEK print

job ring does initial rng

is successful on some red key blob operations

caam red key blob test pass

ecdsa sign/verify

ecdsa ecdh/sign/verify with black secure key

ecdsa ecdh/sign/verify with black secure key

initial cmac addition

initial cmac addition

black blob encap

black keys with cmac

add invalidate memory

refactoring and clean up

more code cleanup

add files for dist and remove some printf's

remove unneeded macro guard

use resource manager
2021-03-03 18:45:40 +07:00
Sean Parkinson 5ca8e8f87c PKCS#11: Label fixes and add support for checking private key
Check private key matches the public key passed in.
Need to use a new API to pass in the token to use to perform PKCS #11
operations with.
2020-11-27 08:37:16 +10:00
David Garske 64b081f3c9 Improve the SHA256 crypto callback for ASN, so a wc_Sha/wcSha256 context exists for certificate hashing. 2020-10-30 12:18:19 -07:00
kaleb-himes 970391319b Add or later verbage to LICENSING and sync header license versions 2020-06-30 12:13:13 -06:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
John Safranek 989c964a95 Synchronous Cavium OCTEON Support for Sniffer
1. Add configure option for sync IntelQA that uses the crypto callback API.
2. Make a synchonous copy of the quickassist files.
3. Tie in the crypto device to the sniffer.
4. When making a sniffer build, define static DH enabled.
5. The readme files in the Cavium were being added to the distro optionally, changed to always add the readme files.
6. Added an include of the cavium_octeon header in the wc_ports.c.
7. Updated the Cavium OCTEON callback for AES-GCM.
8. Add the global tag to the list of crypto callback function pointers.
9. Add an accessor to the OCTEON crypto callback module to return the device ID of the OCTEON device.
10. Add a new version of ssl_SetWatchKeyCallback which takes an additional parameter of a device ID. This ID is used to set up the wolfSSL_CTXs in the sniffer session trackers.
11. Update the benchmark to use sync OCTEON and QAT.
2019-10-23 09:58:10 -07:00
David Garske 58fe2781f1 Fix for wc_CryptoCb_AesCbcEncrypt with improper find device logic. Fix for HMAC scan-build with ret. Cleanup of HMAC formatting. 2019-07-02 14:08:59 -07:00
David Garske d5f3fa2ff8 Added DES3 Crypto callback support. 2019-07-02 10:15:53 -07:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske 68c04a95e0 Refactor of the crypto callback return code for cases when unavailable to use new error code CRYPTOCB_UNAVAILABLE. Retains support for original NOT_COMPILED_IN error code. Added new CRYPTO_CB_VER define for helping applications handle/detect changes to crypto callback interface (currently no way to determine changes at build-time between release cycles). 2019-03-08 16:50:45 -08:00
David Garske e7b23646a5 Updates to HMAC crypto callback support to capture raw KEY and require hmac struct. 2019-02-12 16:03:10 -08:00
David Garske 88d3abb1e6 Added Crypto callback HMAC support. 2019-02-12 16:03:10 -08:00
David Garske 18d5b3393c Correct NULL cryptocb case. 2019-02-12 16:03:10 -08:00
David Garske 891abe130a Added Crypto callback support for ASN CalcHashId. Added arg checking to cryptocb functions. 2019-02-12 16:03:10 -08:00
Sean Parkinson 743f8b576f Add support for random and getting entropy (seed) with PKCS#11
Getting the seed from a device has been added.
If the HASH_DRBG is available, PKCS#11 will be used for generating the
seed.
Otherwise, all generated random data will come from PKCS#11 device.
2019-01-25 08:01:30 +10:00
David Garske 357e0c9d15 Fixes for better backwards compatibility. 2019-01-18 06:54:48 -08:00
David Garske ee45cfdbcb Refactor and rename of cryptodev to cryptocb. Refactor API names from wc_CryptoDev to use wc_CryptoCb. Backwards compatibility is retained for anyone using old WOLF_CRYPTO_DEV name. Added comment about fall-through case when CryptoCb return NOT_COMPILED_IN. 2019-01-17 11:01:14 -08:00