* don't disable URI validation when defined(WOLFSSL_FPKI).
* return immediately with ASN_ALT_NAME_E when URI contains an unexpected '/', as in asn_orig.c DecodeAltNames(), fixing OOB read defect.
wolfcrypt/src/asn_orig.c: fix URI validation gating (ignore WOLFSSL_FPKI) in DecodeAltNames().
tests/api/test_certman.c: fix uriSan in test_wolfSSL_X509_check_host_URI_SAN_not_DNS_match() (make it a URI).
tests/api.c: align gating in test_wolfSSL_URI() with new dynamics (URIs validated regardless of defined(WOLFSSL_FPKI)).
* Fixes frivolous ASSERT_SAVED_VECTOR_REGISTERS() in sp_#_div_#(),
* Adds "force off unneeded vector register save/restore." macro masking to all archs, and
* Removes now-unused x86 SSE2 asm implementations of sp_#_get_from_table_#().
Fixed left shifts to be on unsigned types.
Mod exp change to correctly get the highest indeces of exponent -
corrected in some places and now the same in all.
wolfssl/wolfcrypt/settings.h: add WC_NO_GLOBAL_OBJECT_POINTERS implicitly in WC_SYM_RELOC_TABLES section of WOLFSSL_LINUXKM setup.
wolfssl/wolfcrypt/wolfmath.h, wolfcrypt/src/wolfmath.c, wolfcrypt/src/sp_int.c, wolfcrypt/src/sakke.c: when WC_NO_GLOBAL_OBJECT_POINTERS, use static local wc_off_on_addr rather than global in wolfmath.c.
wolfcrypt/src/sakke.c:
* in wc_DeriveSakkeSSV(), initialize a[] with explicit XMEMSET() rather than " = {0}", to avoid unmaskable implicit memset() emitted by compiler.
* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS()).
linuxkm/module_exports.c.template: add includes for eccsi.h and sakke.h.
configure.ac:
* tweak enable-all-crypto setup to make enable_eccsi unconditional alongside enable_fpecc;
* move enable_sakke to be conditional only on !FIPS.
* notably this activates ECCSI and SAKKE on kernel all-crypto builds.
wolfcrypt/test/test.c: WC_*_VAR*() refactors for eccsi_test() and sakke_test().
wolfcrypt/src/sp_x86_64.c:
* fix ASSERT_SAVED_VECTOR_REGISTERS() in C wrappers: add where missing for implementations that use AVX2, and remove frivolous checks for ones that don't.
* refactor vector save-restore with a single locally tracked save in sp_RsaPublic_#(), sp_RsaPrivate_#(), sp_ecc_mulmod_add_#(), sp_ecc_mulmod_base_add_#(), sp_ecc_make_key_#(), and sp_#_calc_s_#().
* fix feature test in sp_ModExp_Fp_star_1024(), sp_Pairing_1024(), and sp_Pairing_gen_precomp_1024(), to properly gate on IS_INTEL_AVX2(cpuid_flags) and SAVE_VECTOR_REGISTERS2() == 0.
wolfcrypt/src/{dh.c,dsa.c,ecc.c,eccsi.c,rsa.c,sp_int.c}:
* remove all vector register provisions (SAVE_VECTOR_REGISTERS(), RESTORE_VECTOR_REGISTERS(), ASSERT_SAVED_VECTOR_REGISTERS());
* add explicit WC_CHECK_FOR_INTR_SIGNALS() and WC_RELAX_LONG_LOOP() to the lengthy loops in wc_DhGenerateParams(), wc_MakeDsaParameters(), ecc_sign_hash_sw(), and wc_MakeRsaKey().
wolfssl/wolfcrypt/{error-crypt.h,logging.h,memory.h}:
* make wc_backtrace_render() and wc_backtrace_set_fp() available whenever defined(WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES);
* add support for DEBUG_VECTOR_REGISTERS_BACKTRACE_ON_FAIL, activating backtraces on vector register errors.
* also improve the debugging format from the DEBUG_VECTOR_REGISTER_ACCESS variants of SAVE_VECTOR_REGISTERS() and friends.
linuxkm/lkcapi_{dh,ecdh,ecdsa,rsa}_glue.c: harmonize PK driver names with AES, SHA, and DRBG, notably adding AVX2 annotation when enabled.
wolfcrypt/src/{sp_x86_64_asm.S,sp_x86_64_asm.asm}: synchronize with wolfssl/scripts#581 (removes SSE2 implementations of sp_#_get_from_table_#(), which no longer have users).
Not all RISC-V chips allow unaligned reads and writes with basic
assembly instructions like lw/sw.
Add alternative assembly that is turned on with:
WOLFSSL_RISCV_ASM_NO_UNALIGNED.
Add defense-in-depth checks to wc_ed{25519,448}_check_key() and
ed{25519,448}_verify_msg_final_with_sha() that reject the identity
point and other small-order public keys. Honest EdDSA key generation
never produces such keys, but wolfSSL previously accepted them on
import and verification. The guard runs at both entry points so it
holds even when a key is imported with trusted=1. New tests are gated
on !HAVE_FIPS || FIPS_VERSION3_GE(7,0,0).
Remove outdated RFC, refactor into single error case, guard against negative/0 len and NULL *data pointer, don't set ownStatus until status is confirmed non-NULL.
Enable all-zero shared secret check for Curve448/25519 by default. Ensure post_handshake_auth extension was sent before accepting post-handshake CertificateRequest message.
sp_set_bit(): check i is in range before use.
_sp_div_2(): Use a constant-time clamp as called by a constant-time
function.
_sp_sqr(): static buffer needs to be one larger for when ECC with P-521
is the largest size.
Add tests:
- Testing negative numbers with mp_read_raidx/mp_to_radix 10/16
- Testing negative numbers with mp_add_d/mp_sub_d
- Testing of mp_gcd without mp_lcm
- More testing of mp_mod_d and when negative numbers are used
- Check maximum values work for square. Check of _sp_sqr() bug
- Add testing of mp_add/sub_mod_ct
- Add testing of mp_cmp_mag
- Add testing of mp_mulmod/mp_sqrmod
- Add testing of mp_exch
- Add testing of mp_to_unsigned_bin_len_ct
- Add testing of mp_exptmod that uses base-2 windowing method.
- Add testing of mp_invmod_mont_ct