Fix handling of counter to support incrementing across all bytes in
ARM32 crypto asm.
Added test cases for wrapping of counter when 2 blocks are being
encrypted to check assembly alternative path.
Fix handling of counter to support incrementing across all bytes in ARM
crypto asm.
Added test cases for wrapping of counter.
Extracted ARM ASM for AES-CTR.
Use ASM to created encrypted temporary block.
OpenSSL compat expects ASN_SELF_SIGNED_E when a self signed cert can't be verified. This is useful when translating the error with GetX509Error into a X509_V_ERR_* error.
* PSA: set AES key bits, define PSA_ALG_NONE/PSA_KEY_ID_NULL if needed
* Zephyr: add TimeNowInMilliseconds() for tls13.c, clock_settime() for test.c, update CMakeLists.txt
* Skip including unistd.h for Zephyr in benchmark.c
* Zephyr: update README, add nRF5340dk support to wolfssl_test sample app
* Zephyr: add wolfCrypt benchmark sample app
* Zephyr: add nRF5340 support to tls_thread sample app
* PSA: use specific hash algo with psa_sign/verify_hash()
* Zephyr: add support for PSA Crypto API with PK callbacks to wolfssl_tls_threaded sample app
* Zephyr: add new files to zephyr/include.am
Also:
* added HAVE_FALCON guards as needed.
* corrected minor falcon bugs as I found them.
* handling OID sum collision between DILITHIUM_LEVEL5 and DILITHIUM_AES_LEVEL3
Tested with the following commands:
examples/server/server -v 4 -l TLS_AES_256_GCM_SHA384 \
-c ~/tmp/dilithium_aes_level5_entity_cert.pem \
-k ~/tmp/dilithium_aes_level5_entity_key.pem \
-A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5
examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \
-c ~/tmp/dilithium_aes_level5_entity_cert.pem \
-k ~/tmp/dilithium_aes_level5_entity_key.pem \
-A ~/tmp/dilithium_aes_level5_root_cert.pem --pqc P521_KYBER_LEVEL5
with permutations of SHAKE,AES variants and levels 2,3,5
Add support for parsing and verifying certificates with RSA-PSS
signatures. Including check PSS parameters in key with those in
signature algorithm.
Add support for parsing private RSA PSS key.
Add support for parsing public RSA PSS key.
added numerous missing _SMALL_STACK code paths (PK objects on the stack);
in settings.h, enable WOLFSSL_SMALL_STACK_STATIC by default when WOLFSSL_SMALL_STACK is defined (NO_WOLFSSL_SMALL_STACK_STATIC to override);
fixes for unsafe strcat()s in tests/quic.c;
fix for unsafe macro WOLFSSL_IS_QUIC();
fix to exclude quic from enable-all when enable-linuxkm (quic needs opensslextra, and opensslextra currently only works in-kernel in cryptonly builds);
fix for signed/unsigned clash in wolfSSL_quic_receive().
wc_CertNew() and wc_CertFree() is for use by ABI type aplications, and
others, for having wolfCrypt perform the new/free of the certification
structure w/o the application needing too, and more importantly, needing
to contain knowledge of the structure.
David Garske
Juliusz Sosinowicz
Sean Parkinson
Daniel Pouzzner
Lealem Amedie
Juliusz Sosinowicz
TakayukiMatsuo
Eric Blankenhorn
John Safranek
Anthony Hu
Uriah Pollock
Chris Conlon