Commit Graph

11442 Commits

Author SHA1 Message Date
Sean Parkinson eaadfb12ed Merge pull request #10508 from JacobBarthelmeh/static_analysis_3
devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment
2026-05-28 09:24:56 +10:00
Sean Parkinson 7bcc613bb0 Merge pull request #10478 from embhorn/zd21821
Fixes in SP int and DH
2026-05-28 09:00:41 +10:00
jordan 12d79d8838 wc_port: guard fcntl behind WOLFSSL_KERNEL_MODE. 2026-05-27 14:52:54 -05:00
David Garske e55e8a9842 Merge pull request #10524 from JacobBarthelmeh/sgx
SGX build does not have fcntl.h
2026-05-27 12:06:05 -07:00
JacobBarthelmeh 4e491ed3db Merge pull request #10511 from dgarske/zd21780
Fix minor compile error with `WOLFSSL_DEBUG_MEMORY`
2026-05-27 11:16:19 -06:00
JacobBarthelmeh cd82d7e08d Merge pull request #10529 from SparkiDev/sp_fixes_8
sp_int: fixes and added testing
2026-05-27 10:59:24 -06:00
David Garske 10020f9cc9 Fix minor compile error with WOLFSSL_DEBUG_MEMORY 2026-05-26 11:39:34 -07:00
David Garske 8199fda0a4 Merge pull request #10160 from Roy-Carter/feature/integrate_openssl_comp_fixes
OpenSSL compatibility layer extension
2026-05-26 10:39:14 -07:00
David Garske a3f5260260 Merge pull request #10500 from rizlik/sha224_only
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-26 08:05:47 -07:00
Tobias Frauenschläger 637c07798a Finalize ML-DSA renaming 2026-05-26 14:54:30 +02:00
Sean Parkinson c57a873824 sp_int: fixes and added testing
sp_set_bit(): check i is in range before use.
_sp_div_2(): Use a constant-time clamp as called by a constant-time
function.
_sp_sqr(): static buffer needs to be one larger for when ECC with P-521
is the largest size.

Add tests:
 - Testing negative numbers with mp_read_raidx/mp_to_radix 10/16
 - Testing negative numbers with mp_add_d/mp_sub_d
 - Testing of mp_gcd without mp_lcm
 - More testing of mp_mod_d and when negative numbers are used
 - Check maximum values work for square. Check of _sp_sqr() bug
 - Add testing of mp_add/sub_mod_ct
 - Add testing of mp_cmp_mag
 - Add testing of mp_mulmod/mp_sqrmod
 - Add testing of mp_exch
 - Add testing of mp_to_unsigned_bin_len_ct
 - Add testing of mp_exptmod that uses base-2 windowing method.
 - Add testing of mp_invmod_mont_ct
2026-05-26 13:52:57 +10:00
JacobBarthelmeh 8c0d3b7ea1 SGX build does not have fcntl.h 2026-05-22 23:20:36 -06:00
Roy Carter 56e4612e4e Fix : apply Julek pr notes 2026-05-22 19:01:05 +03:00
Roy Carter c1a507e175 Feature: allow the usage of
wolfSSL_alert_type_string
wolfSSL_alert_desc_string
wolfSSL_EVP_DigestSign
wolfSSL_EVP_DigestVerify

in the openssl compatiility layer for wolfssl
2026-05-22 19:01:04 +03:00
Sean Parkinson 8597d9da83 Merge pull request #10496 from dgarske/fenrir_20260518
Various Fenrir fixes (F-2626, F-585, F-586, F-2638, F-1960, F-599)
2026-05-23 01:28:42 +10:00
Andrew Hutchings 8574fa995f Merge pull request #10470 from JacobBarthelmeh/tropic
fix for tropic port AES key length used
2026-05-21 13:59:48 -07:00
JacobBarthelmeh 0073f3c879 dcp unlock added around aes forcezero, adjust align macro check 2026-05-21 09:34:28 -07:00
JacobBarthelmeh 70288b017f add sanity check on AES key length 2026-05-20 16:02:56 -07:00
David Garske 782787276c Merge pull request #10497 from Frauschi/mldsa_rename
ML-DSA renaming part 2
2026-05-20 11:24:09 -07:00
Tobias Frauenschläger 1dffcffb80 Fix hashType comparison in SLH-DSA 2026-05-20 10:16:37 -07:00
Tobias Frauenschläger 2a30ce3c04 Rename ML-DSA wc_PqcSignatureType entry 2026-05-20 09:06:54 -07:00
Marco Oliverio 408ea84c83 sha256: check no hw accelleartion is enabled with CB_ONLY_SHA256 2026-05-20 11:33:31 +02:00
JacobBarthelmeh 51698759fa 0 memset kop in devcrypto before use 2026-05-20 01:29:34 -07:00
JacobBarthelmeh 26bce72776 fix for devcrypto RSA size used 2026-05-20 01:25:46 -07:00
JacobBarthelmeh 2a05c13db8 fix to use correct struct size for devcrypto memset 2026-05-20 01:25:46 -07:00
JacobBarthelmeh f7d595eec4 fix for Renesas RX64 GetHash on initial state 2026-05-20 01:25:46 -07:00
JacobBarthelmeh 35f61aaa66 explicit cast to word16 before shift with RC2 2026-05-20 01:25:46 -07:00
JacobBarthelmeh a04b68243c clear public/private key buffer after use in tropicsquare port 2026-05-20 01:25:46 -07:00
JacobBarthelmeh 999e1b9f99 In NXP DCP port clear key buffer after use 2026-05-20 01:25:46 -07:00
JacobBarthelmeh 6ac6e5065e fix for tropic port AES key length used 2026-05-20 00:43:36 -07:00
Tobias Frauenschläger 44074fd1df More ML-DSA renaming 2026-05-19 14:09:09 -07:00
David Garske dc56e87522 Merge pull request #10466 from Frauschi/slhdsa_cryptocb
Add CryptoCb support for SLH-DSA
2026-05-19 13:59:40 -07:00
David Garske 9a5bb8eb23 fix(signature): fenrir 2626 enforce min hash strength 2026-05-19 10:06:56 -07:00
David Garske 2fad30e394 fix(qat): fenrir 585 null-check buffers before memcpy 2026-05-19 10:06:56 -07:00
David Garske 0ea4fa0f97 fix(qat): fenrir 586 guard exit memcpy on error path 2026-05-19 10:06:56 -07:00
David Garske a211f74a8d fix(se050): fenrir 2638 zero ed25519 der buffer 2026-05-19 10:06:56 -07:00
David Garske 583bd6bc4e fix(kcapi): fenrir 1960 zero ecdh secret before free 2026-05-19 10:06:56 -07:00
David Garske 66e5b8fd14 fix(stm32): fenrir 599 capture sign from input mp_int 2026-05-19 10:06:55 -07:00
David Garske 583dbaff60 Merge pull request #10488 from padelsbach/lms-xmss-test-sig-cmp
Update LMS and XMSS key advance test
2026-05-19 10:04:12 -07:00
Marco Oliverio 0c8cabedff crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256 2026-05-19 10:22:06 +02:00
David Garske 145a4fac69 Merge pull request #10449 from LinuxJedi/TropicSim
Add TROPIC01 simulator
2026-05-18 16:34:25 -07:00
David Garske be67bf88f7 Merge pull request #10436 from Frauschi/mldsa_rename
Rename Dilithium to canonical ML-DSA (FIPS 204) names
2026-05-18 11:44:21 -07:00
David Garske 1ccd462ea1 Merge pull request #10482 from rlm2002/coverity
13052026 Coverity Fixes
2026-05-18 10:35:42 -07:00
David Garske bc2e842234 Merge pull request #10460 from JacobBarthelmeh/static_analysis
Static analysis fixes/improvements for SECO, devcrypto, ARIA, MD4, MD2
2026-05-18 10:31:37 -07:00
David Garske 4c9116c743 Merge pull request #10462 from kareem-wolfssl/zd21507
Fix alert type for missing cert.  Prevent building with RNG disabled and blinding enabled by default.  Enforce bounds for AES CMAC size in verify.
2026-05-17 22:25:09 -07:00
David Garske d982aa27cc Merge pull request #10467 from JacobBarthelmeh/static_analysis_2
Xilinx/AMD port fixes for sanity checks on return values and psoc6 sanity check on input arg
2026-05-17 22:22:12 -07:00
David Garske 0055eb5e82 Merge pull request #10459 from JacobBarthelmeh/caam
fix for CAAM build
2026-05-17 22:22:05 -07:00
Tobias Frauenschläger 2832df2139 Update C# wrapper to new ML-DSA names 2026-05-16 09:48:35 -05:00
Tobias Frauenschläger fb6b62dd8e Rename Dilithium to canonical ML-DSA (FIPS 204) names
NIST standardized the pre-standardization Dilithium signature scheme as
ML-DSA in FIPS 204. Migrate the provider's user-visible surface to
canonical spellings, with a temporary shim that preserves source-level
backward compatibility for existing consumers.

Renames
-------
* File: wolfcrypt/src/dilithium.c -> wolfcrypt/src/wc_mldsa.c
* New canonical header: wolfssl/wolfcrypt/wc_mldsa.h
* Types: dilithium_key -> MlDsaKey, wc_dilithium_params -> MlDsaParams
* Functions: wc_dilithium_* / wc_Dilithium_* -> wc_MlDsaKey_*
* Build gates: HAVE_DILITHIUM -> WOLFSSL_HAVE_MLDSA,
  WOLFSSL_DILITHIUM_* / WC_DILITHIUM_* -> WOLFSSL_MLDSA_* / WC_MLDSA_*
* Configure flag: --enable-mldsa (legacy --enable-dilithium still works)
* CMake option: WOLFSSL_MLDSA (legacy WOLFSSL_DILITHIUM emits a
  DEPRECATION message)

Backward compatibility
----------------------
wolfssl/wolfcrypt/dilithium.h is now a temporary compatibility shim:
* Forward-translates legacy build gates to canonical (the two sub-gates
  read by certs_test.h are translated in settings.h so the auto-generated
  header is reachable without including dilithium.h; the remainder lives
  in dilithium.h itself).
* Reverse-translates canonical gates back to legacy so unmigrated
  consumer code keying off HAVE_DILITHIUM / WOLFSSL_DILITHIUM_* keeps
  compiling.
* Provides macro / static-inline aliases for the legacy type and
  function names so source-level callers compile unchanged. Sets
  WC_DILITHIUMKEY_TYPE_DEFINED to suppress strict-C99 typedef
  redefinition in asn_public.h.

Two opt-outs are honored: WOLFSSL_NO_DILITHIUM_LEGACY_GATES disables
build-gate translation; WOLFSSL_NO_DILITHIUM_LEGACY_NAMES disables the
symbol aliases. Both are temporary and the shim will be removed in a
future release. doc/dilithium-to-mldsa-migration.md describes the
migration path for downstream consumers.

ABI note
--------
The library now exports wc_MlDsaKey_* instead of wc_dilithium_*.
Pre-built binaries that linked against the legacy symbols need to
recompile against the shim header (which resolves to the new symbols at
compile time) or migrate to the canonical names directly. Source code
keeps building unchanged.

Other changes
-------------
* wolfssl/wolfcrypt/memory.h: drop ML-DSA sub-gate branching for static
  memory pool sizing; WOLFSSL_HAVE_MLDSA builds now pick the larger
  LARGEST_MEM_BUCKET / WOLFMEM_BUCKETS / WOLFMEM_DIST unconditionally.
  Override these macros for small-mem builds.
* gencertbuf.pl + wolfssl/certs_test.h: outer guards migrated to the
  canonical WOLFSSL_HAVE_MLDSA spelling.
* tests/api/test_mldsa.c: adds compile-time API surface validators
  (canonical wc_MlDsaKey_* surface plus legacy alias surface) so
  signature drift produces a build error during make check.
* IDE files (Xcode, INTIME-RTOS, WIN10, VS2022, CSharp wrapper), Zephyr
  CMakeLists.txt, and autotools include.am updated for the rename.
* DYNAMIC_TYPE_DILITHIUM and ML_DSA_PCT_E retained as internal symbols;
  scheduled to be renamed alongside the eventual shim removal.
2026-05-16 09:48:35 -05:00
Ruby Martin 4e0e1891fb remove logically dead code
remove unused total value
2026-05-14 15:28:07 -06:00