Ed25519 and Ed448 need to enable certs.
If no system CA certs can't be parsed,
wolfSSL_CTX_load_system_CA_certs() will fail. Don't try test if RSA and
ECC are not enabled.
Fix benchmark.c so that e is defined when WOLFSSL_BENCHMARK_ALL defined.
MAX_LENGTH_SZ is 4 and supports lengths up to 2^24 - one byte for length
and 3 bytes of length.
(new gcc compiler fix)
Don't ForceZero the output buffer before free.
ForceZero it when encryption fails.
ShrinkInputBuffer needs to zeroize input buffer even if not currently
encrypting as it may be using the buffer on wolfSSL object reuse.
Fix SP to zeroize the whole buffer.
Fix DH to check cBuf when WOLFSSL_CHECK_MEM_ZERO defined.
For the CMake and autotools flows, enabling user_settings.h will define the
macro WOLFSSL_USER_SETTINGS_ASM. This will cause the generated
user_settings_asm.h to be included in the .S assembly files. If the user is
building without autotools or CMake, these files will include user_settings.h
directly, unless WOLFSSL_USER_SETTINGS_ASM is defined.
* Fix api.c build error with `NO_FILESYSTEM` and `WOLFSSL_CERT_EXT`.
* Fix for building tests/suites.c with static memory (missing `LARGEST_MEM_BUCKET`).
* Always expose `wc_ecc_set_rng` for compatibility.
For sqr and mul (28/32 bits) the sums of products can exceed maximum
64-bit signed value. Handle last sum value, that may cause overflow,
separately.
Fix formatting of overflow last line.
Added new x86 assembly for AES.
AES-CBC decrypt only 4 blocks at a time (not 6 or 8) due to reduces
register count.
GCM implementation for AVX2, AVX1 and AESNI only.
Disabled looking for other assembly files for x86.
For user_settings.h builds, .S assembly files need to include user_settings.h
in order to get the defines used by the build. However, a user_settings.h may
contain code only understood by a C compiler and not the assembler (e.g. a
typedef). This commit makes it so our autotools and CMake builds produce a file
user_settings_asm.h when doing a user_settings.h build. This generated header
contains only the preprocessor directives from the user_settings.h. As a result,
it can be safely included by our assembly code files.
* add Versal specific glue
The same structure of an "XSecure client" is used throughout the API's,
therefor define it once and re-use in all clients.
* integrate Versal AES-GCM engine
* integrate Versal SHA3-384 engine
* add versal support to tests
- There's no intermediate-hash API for Versal.
* add specific test with large AAD
Test only with `n*16 byte` wide chunks of AAD, so it gets processed in the
hardware engine.
* add specific test with misaligned AES-GCM arguments
* integrate Versal RSA engine
* disable failing RSA test-case when Xilinx Crypto is enabled
* introduce define `WOLFSSL_XILINX_CRYPT_VERSAL`
* integrate Versal TRNG engine
* allow using Versal TRNG w/o wolfcrypt DRBG
Versal TRNG already provides a HRNG mode which does the same as the
wolfcrypt DRBG implementation.
* add support for user-supplied nonce to Versal TRNG
* add `wc_XsecureErrorToString()` to map PLM error codes to messages.
* integrate Versal EcDSA engine
* update tests to work with Versal EcDSA
If deterministic K is enabled, the tests failed here since the Versal
EcDSA engine doesn't support the SECP256R1 curve yet.
* Xilinx crypto engines like aligned memory very much
Make this a default choice, not via the user configuration.
* add Xilinx-specific `WOLFSSL_MSG()` equivalent
`WOLFSSL_XIL_MSG()` does the same as `WOLFSSL_MSG()` besides waiting for
1 second before printing to stdout, since the PLM maybe prints to same and
outputs would be mixed up.
This waiting can be disabled by defining `WOLFSSL_XIL_MSG_NO_SLEEP`.
* add option to enable DPA CounterMeasures in AES-GCM crypto engine
* add "command mode" to Xilinx bare-metal example
* update Xilinx default user settings
* add script to execute benchmarks
* add scripts to create graphics
* add Vitis 2022.1 example projects
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
