Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
When functions are inlined, the labels need to be unique.
Putting '%=' on the end of the label ensures that the compilers appends
a unique number to the end.
add file_name and line_number args to wolfssl_log(),
and inside WOLFSSL_DEBUG_CODEPOINTS gates,
add WOLFSSL_MSG_EX2(), WOLFSSL_MSG2(), WOLFSSL_ENTER2(), and WOLFSSL_LEAVE2(), each with file and line args,
and add wrapper macros for WOLFSSL_MSG, WOLFSSL_MSG_EX, WOLFSSL_ENTER, and WOLFSSL_LEAVE, that pass in file and line.
Add implementations of AES for ECB/CBC/CTR/GCM/CCM for RISC-V using
assembly.
Assembly with standard/scalar cryptography/vector cryptographt
instructions.
New compilers with specific optimization levels will produce
non-constant time code for kyber_from_msg().
Add in an optimization blocker that stops the compiler from assuming
anything about the value to be ANDed with KYBER_Q_1_HALF.
1. Add API for importing an RSA private key, `wc_RsaPrivateKeyDecodeRaw()`,
when all you have are the components of the key in raw arrays. Also
recalculates dP and dQ if missing.
2. Add API test for `wc_RsaPrivateKeyDecodeRaw()`.
This commit adds varios fixes for the implementation of hybrid
certificates with two algorithms:
* Support for Certificate Signing Requests (both creating hybrid ones
and also verifying ones)
* Fix for SAN fields in the DecodedCert and PreTBS generation
* Fix related to WOLFSSL_SMALL_STACK
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
Due to recent changes in the logic to decode private keys and to parse
the TLS1.3 CertificateVerify message, some regressions regarding PQC
private keys and hybrid certificates have been introduced:
* Decoding PQC private keys fails as the PKCS8 header of a decoded DER
file is now already removed before parsing the key.
* The key size wasn't properly stored in the context for PQC keys after
decoding a certificate (always the maximum size)
* The two 16-bit size values in case of a hybrid signature in the
CertificateVerify message have been incorrectly decoded as 32-bit
values instead of 16-bit values. This resulted in wrong values,
leading to segmentation faults.
All three regressions are fixed with the changes in this commit.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
