Commit Graph

80 Commits

Author SHA1 Message Date
Tobias Frauenschläger c3289f8aa9 Enable and use ML-KEM by default
* Enable ML-KEM by default in build systems (autoconf and CMake)
* Only allow three to-be-standardized hybrid PQ/T combinations by
  default
* Use X25519MLKEM768 as the default KeyShare in the ClientHello (if user
  does not override that). When Curve25519 is disabled, then either
  WOLFSSL_SECP384R1MLKEM1024 or WOLFSSL_SECP256R1MLKEM768 is used as
  default depending on the ECC configuration
* Disable standalone ML-KEM in supported groups by default (enable with
  --enable-tls-mlkem-standalone)
* Disable extra OQS-based hybrid PQ/T curves by default and gate
  behind --enable-experimental (enable with --enable-extra-pqc-hybrids)
* Reorder the SupportedGroups extension to reflect the preferences
* Reorder the preferredGroup array to also reflect the same preferences
* Add async support for ML-KEM hybrids
2026-03-18 10:48:16 +01:00
Daniel Pouzzner 2ad5afaf4d wolfcrypt/src/wc_slhdsa.c: fixes for uninited data reads in slhdsakey_wots_sign_chain_x4_*() and slhdsakey_wots_pk_from_sig_x4;
CMakeLists.txt, cmake/functions.cmake, cmake/options.h.in: fixes for -DWOLFSSL_SLHDSA.
2026-03-10 17:51:18 -05:00
David Garske 1047aaa881 Merge pull request #9796 from JacobBarthelmeh/copyright
update Copyright year
2026-02-19 08:47:30 -08:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
Anthony Hu 6bc2c6f071 Merge branch 'master' into cmake_HSC 2026-02-06 13:11:55 -05:00
Anthony Hu 22b25dcde3 Add HAVE_SECRET_CALLBACK to cmake. 2026-02-04 10:26:40 -05:00
Tobias Frauenschläger 540b51eb28 CMake fixes and improvements
* Minor fixes to the CMakeLists.txt
* Add more options to the CMake infrastructure already present in the
  autoconf infrastructure
* An autoconf build now also generates and installs files required to
  consume the installed wolfssl library via CMake.
* Added test for autoconf-CMake interworking

Work is mostly done by Codex and Curser.
2026-02-02 10:26:58 +01:00
Tobias Frauenschläger 14ce7956f1 Increase test coverage
* More PQC configurations
* More CMake setups
* Fix various bugs uncovered by these tests

Added some missing feature additions to CMake to make the example
`user_settings_all.` config file work for the CI test.
2026-01-23 09:27:16 +01:00
Tobias Frauenschläger 99bde324aa Build systems improvements
* Add `WOLFSSL_USER_SETTINGS` to CMake `options.h.in`
* Add CMake support for Dilithium
* Add user_settings.h support for aes_asm.S
* Add PKCS#11 support to CMake
* Minor ARM assembly port fixes
2026-01-05 15:46:58 +01:00
Sean Parkinson 9c1462a9ec Aarch64 asm: convert to generated
Algorithms now generated:
  SHA-256
  SHA-512
  ChaCha20
  Poly1305
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM + streaming
  AES-XTS
  AES SetKey

ARM32 asm algorithms generated now too:
  SHA-256
  SHA-512
  ChaCha20
  AES-ECB
  AES-CBC
  AES-CTR
  AES-GCM
  AES-XTS
  AES SetKey

Removed use of ARM specific implementations of algorithms. (armv8-aes.c)
2025-10-21 17:03:39 +10:00
Ruby Martin 0e6e040039 formatting remove whitespace
format whitespace so tabs are 4 spaces

format character count to be 80 characters or less per line

remove bracket
2025-08-19 17:08:53 -06:00
Ruby Martin 27d03fce7a additional check for ARM ASM Inline option
append thumb2 files, append inline c files with BUILD_ARMASM_INLINE

add all asm files. move curve25519 files under BUILD_CURVE25519

include remaining files
2025-08-18 15:41:43 -06:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
gojimmypi 380e068df6 Introduce CMakePresets.json and CMakeSettings.json 2025-06-20 11:24:58 -07:00
Anthony Hu a3c3996c08 256/192 2025-04-07 10:43:10 -04:00
Anthony Hu 6cd1d7f3c9 Fix building ML-KEM and LMS with cmake 2025-04-07 10:43:10 -04:00
Sean Parkinson a7690ca24b ML-KEM/Kyber: finish name change 2025-03-10 08:37:14 +10:00
Tobias Frauenschläger af4017132d LMS fixes
* Add support for CMake
* Add support for Zephyr
* Make sure the internal key state is properly handled in case a public
  key is imported into a reloaded private key.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2025-02-26 15:33:59 +01:00
JacobBarthelmeh 2c24291ed5 update copyright date 2025-01-21 09:55:03 -07:00
Daniel Pouzzner ee4366acc5 Merge pull request #8162 from redbaron/find-threads
CMAKE: look for pthreads when importing wolfSSL if required
2024-12-11 14:36:04 -06:00
Daniel Pouzzner d257a59087 add support for WOLFSSL_NO_OPTIONS_H:
* activate WOLFSSL_NO_OPTIONS_H in linuxkm/Kbuild for in-module test.o and benchmark.o.
* refine explanatory comments in settings.h re WOLFSSL_USE_OPTIONS_H, WOLFSSL_NO_OPTIONS_H, and WOLFSSL_CUSTOM_CONFIG.
* add safety catch to options.h/options.h.in to inhibit inclusion if defined(WOLFSSL_NO_OPTIONS_H).
* for good measure, add explicit check for WOLFSSL_NO_OPTIONS_H to wolfcrypt/benchmark/benchmark.c and wolfcrypt/test/test.c.
2024-12-10 13:02:37 -06:00
Daniel Pouzzner aa18bbca55 assorted cleanups and refactors for C89 conformance, codespell and check-source-text, and consistent heap shim usage.
.github/workflows/codespell.yml: remove */README_jp.txt from "skip" list.

IDE/Renesas/cs+/Projects/t4_demo/README_jp.txt: convert from SHIFT_JIS to UTF-8.

cmake/options.h.in: use "#cmakedefine HAVE_PTHREAD 1" to avoid conflict with config.h.

configure.ac: add --enable-c89, and remove !ENABLED_OPENSSLEXTRA dependency from AM_CONDITIONAL([BUILD_CRYPTONLY],...).

wolfcrypt/src/asn.c: refactor SetOthername() for efficiency, and add PRAGMA_GCC to suppress false positive -Wstringop-overflow associated with -fstack-protector.

wolfssl/wolfcrypt/rsa.h: add WC_ prefixes to RSA_PKCS1_PADDING_SIZE and RSA_PKCS1_OAEP_PADDING_SIZE, and define unprefixed compat aliases only if !OPENSSL_COEXIST.

wolfssl/wolfcrypt/types.h:

  #ifdef WOLF_C89, #define WC_BITFIELD unsigned;
  enhance WOLF_ENUM_DUMMY_LAST_ELEMENT() to include the line number, to construct unique labels given a per-filename argument, to accommodate anonymous enums.

examples/asn1/asn1.c:
examples/client/client.c:
examples/pem/pem.c:
examples/server/server.c:
wolfcrypt/src/sp_dsp32.c:
wolfcrypt/src/wc_port.c:
wolfssl/test.h:

  use XMALLOC/XREALLOC/XFREE consistently, not malloc/realloc/free.

wolfcrypt/benchmark/benchmark.c:
wolfcrypt/src/memory.c:
wolfcrypt/test/test.c:
wolfssl/wolfcrypt/mem_track.h:
wolfssl/wolfcrypt/settings.h:
wolfssl/wolfcrypt/types.h:

  annotate intentional native heap access with "/* native heap */".

wolfcrypt/src/asn.c:
wolfssl/callbacks.h:
wolfssl/openssl/ec.h:
wolfssl/openssl/ssl.h:
wolfssl/wolfcrypt/hpke.h:
wolfssl/wolfcrypt/types.h:

  fix enum trailing commas.

wolfssl/openssl/ec.h:
wolfssl/openssl/evp.h:
wolfssl/openssl/rsa.h:
wolfssl/openssl/ssl.h:

  use WC_BITFIELD in bitfield elements, not byte or word16, to allow for pedantic C89 conformant builds.

wolfssl/openssl/ec.h:
wolfssl/openssl/evp.h:
wolfssl/openssl/pem.h:
wolfssl/openssl/ssl.h:
wolfssl/wolfcrypt/logging.h:
avoid variadic macros wherever possible, and where unavoidable, #ifdef WOLF_NO_VARIADIC_MACROS, define them with empty arg lists, rather than ..., to support Watcom compiler.

wolfssl/wolfcrypt/settings.h: if defined(__WATCOMC__), define WOLF_NO_VARIADIC_MACROS.
2024-11-07 22:36:24 -06:00
Maxim Ivanov 0319eb098d CMAKE: look for pthreads when importing wolfSSL if required
All required dependencies of a package must also be found in the
package configuration file. Consumers of wolfSSL can't know
if it was built with or without threads support. This change
adds find_package(Threads) lookup in the file used for
find_package(wolfssl) if wolfSSL was built with threads support.
2024-11-07 21:42:11 +00:00
Daniel Pouzzner cf95fdc071 Globally remap & refactor conflicting symbols to allow -DOPENSSL_EXTRA -DOPENSSL_COEXIST, or equivalently, --enable-opensslextra --enable-opensslcoexist.
No functional changes.

Several compat symbols that were formerly enums are now macros.

All library source is refactored to use only native symbols in all code gated in with --enable-all-crypto --enable-opensslextra.

wolfcrypt/test/test.c is similarly refactored to use only native symbols.

examples/ and tests/ are unmodified except for header setup to disable OPENSSL_COEXIST and TEST_OPENSSL_COEXIST.
2024-10-31 00:10:21 -05:00
Brett Nicholas 32ebaea158 add uintptr_t to config.h fixing curl cmake build error 2024-09-26 10:31:31 -06:00
Eric Blankenhorn a75c73cdef Add cmake support for WOLFSSL_CUSTOM_CURVES 2024-09-11 10:45:21 -05:00
Daniel Pouzzner a3fb5029f8 clean up trailing whitespace and misplaced CRLFs, add missing final newlines, remove stray UTF8 nonprintables (BOMs) and ASCIIfy stray homoglyphs (spaces and apostrophes), guided by expanded coverage in wolfssl-multi-test check-source-text. 2024-09-05 14:52:18 -05:00
Tobias Frauenschläger aee446f3e5 Build SHA3 assembly with INTEL_SPEEDUP
Make sure the file `sha3_asm.S` is compiled when `WOLFSSL_INTEL_ASM` is
enabled using CMake.

Signed-off-by: Tobias Frauenschläger <tobias.frauenschlaeger@oth-regensburg.de>
2024-08-01 16:31:18 +02:00
Tobias Frauenschläger e2b642d4ab WolfSSL Kyber and CMake fixes
* Make sure wc_kyber implementation is compiled using CMake (also for
  Zephyr)
* Fix compilation issue when Liboqs is also enabled
* Fix WOLFSSL_INTEL_ASM and WOLFSSL_ARM_ASM CMake options

Signed-off-by: Tobias Frauenschläger
<tobias.frauenschlaeger@oth-regensburg.de>
2024-07-24 09:55:29 +02:00
JacobBarthelmeh 684fef2429 add no stub and ex data cmake options 2024-06-18 10:20:18 -06:00
David Garske fda8b4f64f Fix for CMake single threaded. https://github.com/wolfSSL/wolfssl/issues/7609#issuecomment-2154327463 2024-06-07 06:59:59 -07:00
David Garske eb8f26926d Move the options.h.in template for cmake into new location. Added note about adding new options. 2024-06-03 15:38:36 -07:00
oltolm f744043db1 change the way "wolfssl/options.h.in" is generated 2024-05-16 18:55:27 +02:00
David Garske 1d1800a3bd Merge pull request #7380 from oltolm/yesno
make "yes;no" cmake options boolean instead of string
2024-05-15 15:18:42 -07:00
gojimmypi 216925a946 Introduce cmake get/set_wolfssl_definitions; Add Kyber and OQS 2024-04-30 08:41:46 -07:00
oltolm 78b8ea3646 make "yes;no" cmake options boolean instead of string 2024-04-01 16:20:11 +02:00
Faraz Fallahi 3c6651e1e2 PlayStation compatibility 2024-02-27 12:28:31 -08:00
Daniel Pouzzner 2b33079d50 Merge pull request #7188 from innolectric/innolectric
Innolectric CMake changes
2024-02-05 16:08:58 -05:00
David Garske 06a32d3437 Merge pull request #7097 from lealem47/removeUserCrypto
Remove user-crypto functionality and Intel IPP support
2024-01-09 17:33:28 -08:00
Lealem Amedie 837452b1ca Remove user-crypto functionality and Intel IPP support 2023-12-27 12:24:19 -07:00
Tobias Frauenschläger 755c385b1f Liboqs: use WolfSSL RNG
Improve the interface to liboqs by properly configuring and using the
RNG provided by WolfSSL from within liboqs.

Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
2023-12-16 12:40:25 +01:00
Lealem Amedie de4bd42de0 Enable cURL and QUIC from CMake 2023-12-08 15:57:29 -07:00
Lealem Amedie 846b91ea1b Enable DTLS-SRTP in CMake 2023-11-20 15:58:59 -07:00
Mikhail Paulyshka 944c7e175b cmake: add WOLFSSL_X86_64_BUILD_ASM option 2023-11-08 09:18:07 +01:00
Mikhail Paulyshka 7adddc5fb8 cmake/functions: do not try to build x86_64 assembler on non-AMD64 platforms 2023-11-08 09:18:07 +01:00
gojimmypi 5830f921fa ARIA cipher cmake (#6600)
* ARIA Cipher CMake support
2023-09-19 10:57:02 -07:00
Andras Fekete 25f542adb4 Clean up compile errors 2023-08-01 15:46:18 -04:00
Iyán Méndez Veiga fd091a745c Include all post-quantum algorithm files in cmake
GH-5407 already included falcon.c, but now we also add sphincs.c,
dilithium.c and ext_kyber.c to avoid undefined reference errors.
2023-07-11 17:57:00 +02:00
Andras Fekete f58ae30b50 Add in CMake flags 'HPKE', 'HKDF', 'ECH' 2023-06-22 11:03:36 -04:00
Lealem Amedie 34c12789c9 CMake: add option to enable asio 2023-05-24 12:46:11 -06:00