wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 09:32:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,462 Commits 12 Branches 184 Tags
f061e19ecb8a43692b840c44c2dc84bcffae18a4
Commit Graph

8176 Commits

Author SHA1 Message Date
David Garske
f061e19ecb Merge pull request #8403 from miyazakh/keytype_tsip 
Revert TSIP_KEY_TYPE as TSIP TLS definition
 2025-02-04 15:21:27 -08:00
David Garske
743655b9ce Merge pull request #8402 from gojimmypi/pr-espressif-build-improvement 
Improve Espressif make and cmake for ESP8266 and ESP32 series
 2025-02-04 14:05:32 -08:00
David Garske
f0b3c2955e Merge pull request #8412 from SparkiDev/mlkem_kyber_small_mem 
ML-KEM/Kyber: small memory usage
 2025-02-04 11:45:01 -08:00
Sean Parkinson
316177a7f1 ML-KEM/Kyber: small memory usage 
Options to compile ML-KEM/Kyber to use less dynamic memory.
Only available with C code and has small performance trade-off.
 2025-02-04 10:51:56 +10:00
gojimmypi
71a982e6b7 sync with upstream 2025-02-03 16:13:05 -08:00
JacobBarthelmeh
4891d1c471 Merge pull request #8400 from ColtonWilley/add_trusted_cert_pem_parsing 
Add support for parsing trusted PEM certs
 2025-01-31 10:53:51 -07:00
Hideki Miyazaki
6555da9448 revert TSIP_KEY_TYPE as TSIP TLS definition 2025-01-31 14:13:36 +09:00
David Garske
e7a0340eea Merge pull request #8395 from SparkiDev/asm32_asm_older_opt 
ARM32 ASM: optimize older platform alternatives
 2025-01-30 15:47:25 -08:00
Sean Parkinson
3f47963802 Merge pull request #8396 from douzzer/20250129-CT-tweaks 
20250129-CT-tweaks
 2025-01-31 09:10:22 +10:00
Colton Willey
c4288cc334 Add support for parsing PEM certificates with begin trusted cert header/footer, needed for wolfProvider. 2025-01-30 11:34:02 -08:00
Sean Parkinson
b62f5ab722 ML-KEM/Kyber: build with no malloc 
ML-KEM/Kyber van now be built with WOLFSSL_NO_MALLOC and all data is on
the stack.
 2025-01-30 18:11:55 +10:00
Daniel Pouzzner
0de38040f4 CT tweaks: 
in wolfcrypt/src/coding.c, add ALIGN64 to hexDecode[], and add hexEncode[] for use by Base16_Encode();

in wolfcrypt/src/misc.c and wolfssl/wolfcrypt/misc.h:

move ctMask*() up so that min() and max() can use them, and add ctMaskWord32GTE();

add ALIGN64 to kHexChar[];

add CT implementation of CharIsWhiteSpace();

remove min_size_t() and max_size_t() recently added, but only one user (refactored).
 2025-01-30 01:24:40 -06:00
Sean Parkinson
2d06e67a64 ARM32 ASM: optimize older platform alternatives 
Make the alternative instructions for architectures less than 7 more
optimal.
 2025-01-30 16:58:13 +10:00
Anthony Hu
25c8869541 Merge pull request #8390 from SparkiDev/lms_sha256_192_l1_h20 
LMS: Fix SHA-256-192 level 1, height 20
 2025-01-29 18:20:50 -05:00
Juliusz Sosinowicz
cd047a35f2 fixup! Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 2025-01-29 12:21:28 +01:00
Juliusz Sosinowicz
b0ab7f0d26 ascon: use individual word64 to help compiler 2025-01-29 11:49:09 +01:00
Juliusz Sosinowicz
78a7d12955 ascon: use lowercase first letters for members 2025-01-29 11:38:31 +01:00
Juliusz Sosinowicz
f47bbfc174 ascon: error out when word64 not available 2025-01-29 11:36:33 +01:00
Juliusz Sosinowicz
76e29be1a9 ascon: remove 6 round perm as its not used 2025-01-29 11:33:11 +01:00
Juliusz Sosinowicz
028b5b3cda Fix references to match NIST draft 2025-01-29 11:31:34 +01:00
Juliusz Sosinowicz
3e65b927dd fixup! ascon: added forced permutation unroll 2025-01-29 11:26:04 +01:00
Juliusz Sosinowicz
0e20cbe210 ascon: move implementation defines to source file 2025-01-29 11:10:44 +01:00
Juliusz Sosinowicz
ddcc189094 ascon: fix api naming Deinit -> Clear 2025-01-29 11:07:40 +01:00
Juliusz Sosinowicz
e4100d977c ascon: added forced permutation unroll 2025-01-29 11:02:47 +01:00
Juliusz Sosinowicz
e3a612300b Initial ASCON hash256 and AEAD128 support based on NIST SP 800-232 ipd 
Implemented based on the NIST Initial Public Draft "NIST SP 800-232 ipd". Testing based on KAT's available at https://github.com/ascon/ascon-c. Added configuration for testing in github action.
 2025-01-29 11:02:47 +01:00
Sean Parkinson
08a46f5431 LMS: Fix SHA-256-192 level 1, height 20 
Fix parameters for SHA-256-192, Level 1, Height 20, Winternitz: 2, 4, 8
 2025-01-29 08:50:43 +10:00
Sean Parkinson
f8bc819fb5 ASM, SP, C regeneration 
Fix spaces at start of copyright line in .asm files.
Changed generation of X25519 and Ed448 code to better match changes
already in C code. Fixed formatting in places.
 2025-01-28 14:47:33 +10:00
JacobBarthelmeh
edd8355576 Merge pull request #8326 from gasbytes/patch-rng-health-test-heap-hint 
Fix missing heap hint in RNG health test XMALLOC call
 2025-01-27 13:49:53 -08:00
David Garske
127e7e9109 Merge pull request #8379 from douzzer/20250125-aarch64-armasm-AES-ECB-fix 
20250125-aarch64-armasm-AES-ECB-fix
 2025-01-27 10:07:36 -08:00
David Garske
e1534a3c8a Merge pull request #8344 from SparkiDev/poly1305_arm32_neon 
Poly1305 ARM32 NEON: add implementation
 2025-01-27 07:52:50 -08:00
Daniel Pouzzner
34dddf0d11 wolfcrypt/src/aes.c: in _AesEcbEncrypt() and _AesEcbDecrypt(), implement missing iteration for AES_encrypt_AARCH64() and AES_decrypt_AARCH64(). 2025-01-25 16:23:41 -06:00
Daniel Pouzzner
f7abd7cb25 opensslcoexist fixes: add WOLFSSL_EVP_MD_FLAG_XOF, and use WC_MD4_BLOCK_SIZE, not MD4_BLOCK_SIZE. 2025-01-24 20:14:39 -06:00
Daniel Pouzzner
e6b87c2e54 src/ssl.c: work around false positive from scan-build in wolfSSL_writev(), long ago annotated with PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\""). 
wolfcrypt/src/misc.c: fix typo, max_size_t_() -> max_size_t().
 2025-01-24 17:55:55 -06:00
Daniel Pouzzner
1b338abb2d fix wolfSSL_read_ex() prototype with size_t sz, not int sz, for consistency with OpenSSL; 
fix internal functions wolfSSL_read_internal() and ReceiveData() to likewise accept size_t sz;

add negative sz checks where needed to other functions that call wolfSSL_read_internal() and ReceiveData();

add min_size_t() and max_size_t() to misc.c/misc.h.
 2025-01-24 16:16:43 -06:00
Daniel Pouzzner
93ac482772 linuxkm/module_hooks.c: in wolfssl_init(), #ifdef HAVE_FIPS, wc_RunAllCast_fips(); 
wolfcrypt/src/aes.c: add missing parens in GHASH_ONE_BLOCK_SW() to mollify clang-tidy;

wolfssl/wolfcrypt/fips_test.h: add FIPS_CAST_AES_ECB;

wolfssl/wolfcrypt/settings.h: #ifdef WOLFSSL_LINUXKM, #undef HAVE_LIMITS_H.
 2025-01-24 16:09:43 -06:00
David Garske
20ae10fd8c Merge pull request #8360 from philljj/dual_alg_mldsa 
Update ssl code for ML_DSA.
 2025-01-24 11:55:04 -08:00
David Garske
2e87dfc207 Merge pull request #8345 from JacobBarthelmeh/python_update 
Python update to 3.12.6
 2025-01-24 11:37:10 -08:00
David Garske
7ad4131b13 Merge pull request #8343 from anhu/maxq_pkcs11 
New additions for MAXQ with wolfPKCS11
 2025-01-24 11:34:27 -08:00
Anthony Hu
18396c4740 New additions for MAXQ with wolfPKCS11 
- Support using MAXQ for:
    - AES-ECB
    - AES-CCM
    - AES-CBC
    - ECC Key Generation and ECDH
- in wc_ecc_import_private_key_ex():
    - check to make sure devId is not invalid before calling wc_MAXQ10XX_EccSetKey().
    - This is because the raspberry pi sometimes need to sign stuff.
- in aes_set_key() and ecc_set_key():
    - delete a key in case it already exists; ignore error since it might not exist.
    - unlock, lock the HW mutex around ECDSA_sign() because it needs access to rng
- in wolfSSL_MAXQ10XX_CryptoDevCb:
    - allow maxq1065 to call the crypto callback.
    - do not set the key during signing; use pre provisioned one instead (DEVICE_KEY_PAIR_OBJ_ID)
 2025-01-24 13:53:27 -05:00
JacobBarthelmeh
69be9aa211 fix to not stomp on sz with XOF function, restore comment, remove early XFREE call 2025-01-24 11:40:53 -07:00
Sean Parkinson
ecacbae3a0 Poly1305 ARM32 NEON: add implementation 
Add assembly for Poly1305 using ARM32 NEON instruction set.

For Poly1305 ARM32 Base:
  Change name from poly1305_blocks_arm32_16 to poly1305_arm32_blocks_16

poly1305.c:
  ARM32 NEON - buffer up to 4 blocks
  x86_64 - only calculate powers of r once after key is set.
test.c: poly1305 testing with multiple updates.
benchmark: chacha20-poly1305 now uses AAD
 2025-01-24 13:28:46 +10:00
JacobBarthelmeh
2eb42f1cea adjust behavior when calling non XOF digest final function with XOF digest type 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
fc563f2e20 cast data input to const and resolve overlong line length 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
49c515ac58 add some unit test cases 2025-01-23 16:30:08 -07:00
JacobBarthelmeh
28bed8d634 fix for SN (short name) of digests to match expected values 2025-01-23 16:30:07 -07:00
JacobBarthelmeh
d8a9aaad16 add key mismatch error 2025-01-23 16:30:07 -07:00
JacobBarthelmeh
3b23a05157 flush out x509 object stack deep copy and md get flag 2025-01-23 16:30:07 -07:00
JacobBarthelmeh
f9e289881b stub out all functions needed for Python port update 2025-01-23 16:30:07 -07:00
JacobBarthelmeh
0ebb5f7238 add short name WC_SN macros 2025-01-23 16:30:07 -07:00
Lealem Amedie
161da6046c Skip MQX InitMutex call if FIPS module is in Init Mode 2025-01-23 14:00:00 -07:00