Add WOLF_CRYPTO_CB_ONLY_SHA256: when set, the SHA-256 software.
wc_Sha256FinalRaw is reduced to a stub returning NO_VALID_DEVID, and
sha256.h force-defines WOLFSSL_NO_HASH_RAW so the constant-time TLS HMAC
path falls back to its backend-opaque variant.
Incompatible with
WOLFSSL_SHA224, which aliases the SHA-256 statics; #error guard added.
Add wc_swdev support for SHA-256 for testing.
Offload ML-DSA operations onto a PKCS#11 token via the cryptoCb
interface:
* Key generation
* Signature generation
* Signature verification
* Key import
Both the pure and pre-hash versions are supported. Not yet supported are
the pre-hash versions that also offload the hashing onto the token.
This also fixes casting errors introduced in #9780 due to usage of
uintptr_t, which is unavailable without including stdint.h on some
platforms. Use the wolfssl own wc_ptr_t instead.
wolfcrypt/src/chacha.c and wolfssl/wolfcrypt/chacha.h: implement USE_ARM_CHACHA_SPEEDUP gate;
wolfcrypt/src/kdf.c: in wc_SSH_KDF(), add early return if _HashInit() fails (fixes _HashFree() of uninited _hash);
wolfcrypt/src/sha256.c: initialize sha256->W in ARMASM variant of wc_InitSha256_ex(), and pass sha256->heap to XMALLOC/XFREE consistently.
Implementation of FinalRaw for SE050 was not usable - TLS_hmac did not
produce valid results.
Removed implementations and defining WOLFSSL_NO_HASH_RAW to compile to
not require FinalRaw APIs.
- Introduced conditional compilation for PSoC6 crypto support across SHA1, SHA2, SHA3 implementations.
- Ensured proper mutex locking for concurrent access to hardware resources during hash operations.
- Added public key creation functionality if only private key is provided in ECDSA verify function (psoc6_ecc_verify_hash_ex).
- Updated ECC parameter size handling to fix incorrect endianness conversions in psoc6_ecc_verify_hash_ex().
- Added README for PSOC6 port.
rename WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS to WOLFSSL_USE_SAVE_VECTOR_REGISTERS, and wherever appropriate, replace defined(WOLFSSL_LINUXKM) with defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS).
rename WC_WANT_FLAG_DONT_USE_AESNI to WC_WANT_FLAG_DONT_USE_VECTOR_OPS.
rename lkm_printf() to wc_km_printf().
replace WOLFSSL_LINUXKM gates on kernel-incompatible includes with header-specific gates NO_STRING_H, NO_STDINT_H, NO_LIMITS_H, NO_CTYPE_H, NO_STDLIB_H
remove low level threading setup section of wolfssl/internal.h, which duplicated existing logic in wc_port.h, except for off-topic WOLFSSL_APACHE_MYNEWT TLS-layer setup, which is preserved, and a defined(__NT__) clause, which is now merged into the existing section in wc_port.h.
refactor all static flag initializations to use cpuid_get_flags_ex() for race-free dynamics;
refactor cpuid_set_flags() to be race-free;
wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: add
* WOLFSSL_ATOMIC_COERCE_INT()
* WOLFSSL_ATOMIC_COERCE_UINT()
* wolfSSL_Atomic_Uint
* wolfSSL_Atomic_Uint_Init()
* wolfSSL_Atomic_Int_AddFetch()
* wolfSSL_Atomic_Int_SubFetch()
* wolfSSL_Atomic_Int_CompareExchange()
* wolfSSL_Atomic_Uint_FetchAdd()
* wolfSSL_Atomic_Uint_FetchSub()
* wolfSSL_Atomic_Uint_AddFetch()
* wolfSSL_Atomic_Uint_SubFetch()
* wolfSSL_Atomic_Uint_CompareExchange()
wolfcrypt/test/test.c: add to memory_test() tests for all atomic macros and APIs;
.github/workflows/pq-all.yml: don't use -Wpedantic for CC=c++ scenario.
update wolfcrypt/src/port/af_alg, wolfcrypt/src/port/devcrypto, and wolfcrypt/src/port/kcapi to include libwolfssl_sources.h;
remove a slew of includes across lib sources made redundant by libwolfssl_sources.h.