Commit Graph

7 Commits

Author SHA1 Message Date
Sean Parkinson a342eba578 Intel x64 ASM: Add new assembly for AES
Support AES-XTS AVX512/VAES
Support AES-GCM AVX512/VAES
Support AES-ECB/CBC/CTR AVX512/VAES/AVX1/AES-NI.
Remove code from aes_asm.S/aes_asm.asm
Add CPU defines for AVX512 and VAES
Updated ASM files with new defines for AVX512.
Added support for printing out the new CPU Id flags in benchmark.
Added new files to Windows projects.
aes.c: Supports ECB/CBC/CTR in assembly. Supports calling AVX512/VAES assembly.
2026-06-23 20:54:59 +10:00
Juliusz Sosinowicz 844852202b .github: bump JavaScript actions to Node.js 24 runtimes
GitHub Actions now emits "Node.js 20 actions are deprecated" warnings:
actions are forced to Node.js 24 by default starting 2026-06-16, and
Node.js 20 is removed from the runners on 2026-09-16. Update every
JavaScript action referenced by the workflows and the local composite
actions to the lowest release that runs on Node.js 24:

  actions/checkout              v4     -> v5
  actions/checkout (SHA pin)    v4.1.7 -> v5
  actions/upload-artifact       v4     -> v6   (v5 still Node.js 20)
  actions/download-artifact     v4     -> v7   (v5/v6 still Node.js 20)
  actions/cache[/restore|/save] v4     -> v5
  actions/setup-python          v5     -> v6
  actions/github-script         v7     -> v8
  docker/setup-buildx-action    v3     -> v4
  docker/build-push-action      v5     -> v7   (v6 still Node.js 20)
  docker/login-action           v3     -> v4
  microsoft/setup-msbuild       v2     -> v3
  open-watcom/setup-watcom      v0     -> v1

Actions already running on Node.js 24 (jwlawson/actions-setup-cmake,
shogo82148/actions-setup-perl, msys2/setup-msys2, dorny/paths-filter)
are left unchanged. These bumps are runtime-only; no workflow uses an
input or output removed by the new majors, and v4-format artifacts
remain compatible across the upload v6 / download v7 backends.
2026-06-15 18:09:04 +00:00
David Garske 7f80896033 CI optimizations
- Skip CI for draft PRs and redundant master-push re-runs; membrowse nightly.
- Add smoke test (8 configs, CFLAGS=-Werror, post-merge tree, fail-fast on conflicts).
- Add wait-for-smoke composite action for downstream CI gating.
- Add check-source-text + bash -n + shellcheck workflow (script in make dist).
- Cache apt-get update in install-apt-deps composite on cache hit.
2026-05-21 13:19:29 -07:00
Josh Holtrop 69fd8dc01f Update from Ubuntu 22.04 to Ubuntu 24.04 for several github workflows 2026-01-20 21:44:56 -05:00
Daniel Pouzzner f767bd2851 .github/workflows/symbol-prefixes.yml: add PQC, --enable-acert, and --with-sys-crypto-policy to configuration;
wolfssl/ssl.h: make sure WOLFSSL_NO_TLS12 is defined in the TLS layer when NO_TLS.
2025-10-09 17:33:14 -05:00
Daniel Pouzzner d1ba8eb9d0 configure.ac: don't add PQC to --enable-all-crypto -- not ready yet.
.github/workflows/symbol-prefixes.yml: count and report total_public_symbols, and use a better pattern to classify refs as defs.
2025-10-09 16:36:14 -05:00
Daniel Pouzzner f1d014aecd add .github/workflows/symbol-prefixes.yml.
configure.ac:
* add ML-KEM, ML-DSA, XMSS, and LMS to --enable-all-crypto when !ENABLED_FIPS.
* swap order of --enable-kyber and --enable-mlkem handler code to put mlkem first.
* add --enable-mldsa hander code.
* remove setup code that was adding -DWOLFSSL_NO_TLS12 and -DNO_OLD_TLS to
  AM_CFLAGS when ENABLED_CRYPTONLY -- NO_OLD_TLS is already defined earlier for
  when ENABLED_CRYPTONLY, and WOLFSSL_NO_TLS12 breaks wc_PRF_TLS(), which is
  inside-the-FIPS-boundary crypto.

linuxkm/linuxkm_wc_port.h:
* adopt the WC_SANITIZE_DISABLE and WC_SANITIZE_ENABLE setup code from
  settings.h (where it didn't belong).
* fix FIPS remapping of wc_InitMutex&friends to InitMutex&friends -- inhibit
  when WOLFSSL_API_PREFIX_MAP.

wolfcrypt/src/ge_operations.c: add _wc_curve25519_dummy() to fix visibility of
curve25519().

wolfcrypt/src/poly1305.c: fix visibility of several unprefixed helper routines.

wolfcrypt/test/test.c: fix gating on tls12_kdf_test() and prf_test() (both
  require !WOLFSSL_NO_TLS12).

wolfssl/internal.h, wolfssl/wolfio.h: add several WOLFSSL_API_PREFIX_MAPs.

wolfssl/wolfcrypt/ge_operations.h: fix visibility of several internal asm
  functions.

wolfssl/wolfcrypt/settings.h: in WOLFSSL_LINUXKM setup, add gates to avoid redef
  warnings for various settings, and remove the setup for
  WC_SANITIZE_{DISABLE,ENABLE} (moved to linuxkm_wc_port.h as noted above).

wolfssl/wolfcrypt/wc_port.h: add WOLFSSL_API_PREFIX_MAPs for InitMutex() and
  friends.
2025-10-09 15:34:08 -05:00