Devin AI
f4b770c5ab
Update Kyber APIs to ML-KEM APIs
...
- Change struct KyberKey to struct MlKemKey
- Add backward compatibility typedef for KyberKey
- Add function declarations for new wc_MlKemKey_ functions
- Add backward compatibility #defines to map old wc_KyberKey APIs to new wc_MlKemKey APIs
- Update wc_MlKemKey_Init to take key first and type second
- Create new files wc_mlkem.h and wc_mlkem.c with updated content
- Update internal APIs with lowercase kyberkey to lowercase mlkemkey
Co-Authored-By: sean@wolfssl.com <sean@wolfssl.com >
2025-03-05 22:38:07 +00:00
JacobBarthelmeh
68e483d196
refactor of decode envelop for edge cases
2025-03-05 15:24:02 -07:00
Daniel Pouzzner
9fc7e42554
Merge pull request #8507 from SparkiDev/ct_fixes_3
...
Constant time code: improved implementations
2025-03-05 15:17:23 -06:00
msi-debian
7ea89a62ba
Fix for missing rewind function in zephyr
2025-03-05 12:49:58 -07:00
David Garske
a073868cf0
Merge pull request #8527 from SparkiDev/sp_int_asm_fixes_1
...
SP int: inline asm improvements and mont reduce simplifications
2025-03-04 14:45:16 -08:00
JacobBarthelmeh
b75976692e
spelling fix and code formatting
2025-03-04 14:31:23 -07:00
JacobBarthelmeh
4124c824ca
refactor decrypt content init call
2025-03-04 09:29:36 -07:00
Sean Parkinson
caf801f211
SP int: inline asm improvements and mont reduce simplifications
...
SP int inline asm:
- allow input variables to be either registers or memory for Intel
x86/x64 (minor performance improvement)
- don't have memory in clobber list if output variables are registers
- remove empty clobber line in arm32/thumb2 code for old versions of
gcc
_sp_mont_red():
- simplify the code by not using extra variables
- don't add to j in for loop check.
2025-03-04 16:16:26 +10:00
David Garske
9b16ed5da4
Merge pull request #8518 from lealem47/evp_update_null_cipher
...
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
2025-03-03 14:03:57 -08:00
David Garske
2b099daee0
Merge pull request #8511 from SparkiDev/intel_sha_not_avx1
...
SHA256: Intel flags has SHA but not AVX1 or AVX2
2025-03-03 13:59:10 -08:00
JacobBarthelmeh
fcf88f16e6
spelling fixes and free decrypt structs on error case
2025-03-01 15:43:59 -07:00
JacobBarthelmeh
b781ac6c29
asn to der macro gaurds and co-exist build fix
2025-02-28 15:42:24 -07:00
JacobBarthelmeh
6020bf2368
initialize test variables and fix async build
2025-02-28 14:46:42 -07:00
JacobBarthelmeh
ea9f044bcc
spelling fixes and return value fix
2025-02-28 14:34:51 -07:00
Daniel Pouzzner
50a3be6df7
wolfcrypt/src/sp_int.c. src/ssl_asn1.c. src/internal.c: rename several declarations to avoid shadowing global functions, for the convenience of obsolete (pre-4v8) gcc -Wshadow.
2025-02-28 15:29:58 -06:00
JacobBarthelmeh
638d9961d2
passing the rest of the PKCS7 unit tests
2025-02-28 14:23:24 -07:00
JacobBarthelmeh
7c6cd1deea
passing a unit test
2025-02-28 14:23:24 -07:00
JacobBarthelmeh
1e254c014d
application decryption successful
2025-02-28 14:23:24 -07:00
JacobBarthelmeh
b1b1c15b35
add content stream output callback for VerifySignedData function
2025-02-28 14:23:24 -07:00
Lealem Amedie
22221e5007
Add NULL_CIPHER_TYPE support to wolfSSL_EVP_CipherUpdate
2025-02-28 11:44:30 -07:00
Sean Parkinson
4f8a39cbcf
Merge pull request #8498 from rizlik/ocsp_fixes
...
OCSP openssl compat fixes
2025-02-28 13:42:50 +10:00
Daniel Pouzzner
f7ddc49487
linuxkm/linuxkm_wc_port.h: add #error if the user tries to use the kernel crypto fuzzer with FIPS AES-XTS (kernel bug).
...
src/internal.c: fix shiftTooManyBitsSigned in DefTicketEncCb().
tests/api/test_sha256.c and wolfssl/wolfcrypt/sha256.h: gate raw transform APIs (wc_Sha256Transform(), wc_Sha256FinalRaw()) and tests on !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_AFALG_HASH).
move enum wc_HashFlags from wolfssl/wolfcrypt/hash.h to wolfssl/wolfcrypt/types.h to resolve circular dependency detected by cross-armv7m-armasm-thumb-fips-140-3-dev-sp-asm-all-crypto-only.
add FIPS_VERSION_GE(7,0) gates to new null-arg tests in test_wc_Shake{128,256}_*().
optimize ByteReverseWords() for cases where only one operand is unaligned, and add correct handling of unaligned data in ByteReverseWords64() to resolve unaligned access sanitizer report in cross-aarch64_be-all-sp-asm-unittest-sanitizer.
2025-02-26 20:55:56 -06:00
Sean Parkinson
0a6a8516f9
Merge pull request #8488 from dgarske/stm32h7s
...
Support for STM32H7S (tested on NUCLEO-H7S3L8)
2025-02-27 10:34:41 +10:00
Sean Parkinson
a0d6afbb04
Merge pull request #8505 from jmalak/ow-fixes
...
various fixes for Open Watcom build
2025-02-27 10:31:19 +10:00
Daniel Pouzzner
183d9b44d1
Merge pull request #8509 from kaleb-himes/WCv6.0.0-RC4-CHECKIN
...
Disable XTS-384 as an allowed use in FIPS mode
2025-02-26 18:24:12 -06:00
Sean Parkinson
99f25c6399
Merge pull request #8494 from Laboratory-for-Safe-and-Secure-Systems/various
...
Various fixes and improvements
2025-02-27 09:40:06 +10:00
Sean Parkinson
b104887042
SHA256: Intel flags has SHA but not AVX1 or AVX2
...
Reversal of bytes when IS_INTEL_SHA only is same as when AVX1 or AVX2.
2025-02-27 09:25:13 +10:00
David Garske
92ed003a58
Merge pull request #8502 from SparkiDev/pkcs_pad
...
PKCS Pad: public API to do PKCS padding
2025-02-26 15:17:50 -08:00
Sean Parkinson
f204ac8363
PKCS Pad: public API to do PKCS padding
...
PKCS padding adds length of padding as repeated padding byte.
Use the new function in all places.
2025-02-27 08:28:53 +10:00
David Garske
557abcf76a
Support for STM32H7S (tested on NUCLEO-H7S3L8). It supports hardware crypto for RNG, Hash, AES and PKA. Added future config option for DTLS v1.3. Support DTLS v1.3 only reduce code size (tested with: ./configure --enable-dtls13 --enable-dtls --disable-tlsv12 CFLAGS="-DWOLFSSL_SEND_HRR_COOKIE").
2025-02-26 14:00:48 -08:00
kaleb-himes
738462a6f0
Remove redundent gates
2025-02-26 12:03:25 -07:00
kaleb-himes
b8a383469a
Disable 192-bit tests in FIPS mode
2025-02-26 11:09:31 -07:00
kaleb-himes
9063093993
Disable XTS-384 as an allowed use in FIPS mode
2025-02-26 07:38:45 -07:00
Tobias Frauenschläger
3d4ec1464b
Minor Dilithium fix
...
Fix compilation in case caching is enabled.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
af4017132d
LMS fixes
...
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
key is imported into a reloaded private key.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
9db5499dbd
Update CryptoCb API for Dilithium final standard
...
Add context and preHash metadata.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Tobias Frauenschläger
be6888c589
Fixes for Dilithium in TLS handshake
...
Some fixes to better handle Dilithium keys and signatures in the TLS
handshake.
Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de >
2025-02-26 15:33:59 +01:00
Jiri Malak
17a0081261
correct line length to be shorter then 80 characters
2025-02-26 08:02:43 +01:00
Sean Parkinson
9e9efeda28
ARM ASM: available for SHA-384 only too
...
Add HAVE_SHA384 to check for whether assembly code is available.
2025-02-26 16:10:21 +10:00
Sean Parkinson
4752bd2125
Constant time code: improved implementations
...
Change constant time code to be faster.
2025-02-26 11:52:09 +10:00
Jiri Malak
ddfbbc68ac
various fixes for Open Watcom build
...
- fix build for OS/2
- fix build for Open Watcom 1.9
2025-02-25 22:52:36 +01:00
David Garske
3557cc764a
Merge pull request #8501 from SparkiDev/digest_test_rework
...
Digest testing: improve
2025-02-25 13:03:48 -08:00
Marco Oliverio
dfc5e61508
asn: ocsp: refactor out CERT ID decoding
...
It will be reused in d2i_CERT_ID
2025-02-25 20:20:34 +00:00
David Garske
4eda5e1f7f
Merge pull request #8491 from jmalak/winsock-guard
...
correct comment for _WINSOCKAPI_ macro manipulation
2025-02-25 09:51:23 -08:00
Marco Oliverio
c24b7d1041
ocsp: use SHA-256 for responder name if no-sha
2025-02-25 15:42:27 +00:00
Marco Oliverio
8b80cb10d6
ocsp: responderID.ByKey is SHA-1 Digest len
...
Check that responderID.ByKey is exactly WC_SHA_DIGEST_SIZE as per RFC
6960. KEYID_SIZE can change across build configuration.
2025-02-25 15:42:22 +00:00
Reda Chouk
9178c53f79
Fix: Address and clean up code conversion in various files.
2025-02-25 11:17:58 +01:00
Sean Parkinson
6016cc0c97
Digest testing: improve
...
Make testing digests consistent.
Add KATs for all digests.
Check unaligned input and output works.
Perform chunking tests for all digests.
Fix Blake2b and Blake2s to checkout parameters in update and final
functions.
Fix Shake256 and Shake128 to checkout parameters in absorb and squeeze
blocks functions.
Add default digest size enums for Blake2b and Blake2s.
2025-02-25 19:07:20 +10:00
Daniel Pouzzner
0116ab6ca2
Merge pull request #8484 from jmalak/offsetof
...
Rename OFFSETOF macro to WolfSSL specific WC_OFFSETOF name
2025-02-23 14:45:43 -06:00
Jiri Malak
d066e6b9a5
correct comment for _WINSOCKAPI_ macro manipulation
...
The issue is with MINGW winsock2.h header file which is not compatible
with Miscrosoft version and handle _WINSOCKAPI_ macro differently
2025-02-23 11:15:38 +01:00