Pass around the algorithm id from the private key so that the WOLFSSL or
WOLFSSL_CTX get the correct key format set.
Use different verification context when self-signed certificate with SM2
and SM3 signature but public key OID is ECC.
api.c: z and ret no longer only when !NO_ASN_TIME.
benchmark.c: rsaKey array type has changed and unusual code path needsed
updating.
cmac.c: Zeroization test failed when checkSz was zero as called function
didn't zero out cmac. checkSz is invalid.
test.c: rsaCaCertDerFile used even when NO_ASN_TIME.
test.h: --enable-sp-math only supports DH of 2048 bits and above. Change
default DH parameters to be 2048 bits.
Initial wolfSSL implementation of LMS.
Changed LMS benchmarking to time making a key and reloading.
SHA-256:
Added wc_Sha256HashBlock to make hashing a block fast.
Fixed assembly code to be able to hash a block from an external
buffer.
Simplified code were possible.
Moved byte reversal decision logic to one place instead of replicating
length checks.
* fix WC_LINUXKM_ROUND_UP_P_OF_2() to not round up values that are already powers of 2, nor values larger than 8192.
linuxkm/lkcapi_glue.c:
* fix gating on km_AesSetKeyCommon().
* small stack refactors of Aes objects in self-test routines.
* change kmalloc/free to malloc/free in self-test routines.
* fix error-path "return"s to "goto exit"s in self-test routines.
* fix memory leak around large_input in aes_xts_128_test().
wolfcrypt/benchmark/benchmark.c:
* smallstack refactors in bench_chacha() and bench_chacha20_poly1305_aead().
* add error handling in bench_chacha().
wolfcrypt/src/chacha20_poly1305.c: smallstack refactor for wc_ChaCha20Poly1305_Encrypt() and wc_ChaCha20Poly1305_Decrypt().
* remove redundant nullness checks covered by WC_ALLOC_VAR() via WC_ALLOC_DO_ON_FAILURE();
* add "exit:" logic to bench_sm4_gcm();
* add missing WC_ALLOC_VAR() in bench_sm4_ccm();
* fix early return in bench_ed448KeySign().
* fix overallocation in WC_DECLARE_ARRAY() macro in the !WOLFSSL_SMALL_STACK path.
* rename WC_INIT_ARRAY() to WC_ALLOC_ARRAY() for clarity (it doesn't initialize any memory).
* rename WC_DECLARE_ARRAY_DYNAMIC_DEC(), WC_DECLARE_ARRAY_DYNAMIC_EXE(), and WC_FREE_ARRAY_DYNAMIC() to WC_DECLARE_HEAP_ARRAY(), WC_ALLOC_HEAP_ARRAY(), and WC_FREE_HEAP_ARRAY(), respectively, also for clarity, and refactor out the duplicate definitions.
* add WC_ALLOC_VAR(), and move the XMALLOC() in smallstack WC_DECLARE_VAR() into it. smallstack WC_DECLARE_VAR() now initializes the pointer to NULL, like smallstack WC_DECLARE_ARRAY(), assuring all pointers are valid upon shortcircuit to cleanup for a failed allocation (see WC_ALLOC_DO_ON_FAILURE below).
* add a new hook "WC_ALLOC_DO_ON_FAILURE" in WC_ALLOC_VAR(), WC_ALLOC_ARRAY(), and WC_DECLARE_ARRAY_DYNAMIC_EXE(), which is invoked when an allocation fails. by default the hook is defined to WC_DO_NOTHING.
* add basic safety to WC_*_HEAP_ARRAY() by recording/detecting allocation state via idx##VAR_NAME.
* add macros WC_ARRAY_OK() and WC_HEAP_ARRAY_OK() to test if allocation succeeded.
* add macros WC_CALLOC_ARRAY() and WC_CALLOC_HEAP_ARRAY() which zero the objects.
* add macro WC_CALLOC_VAR() which zeros the object.
ED448: smallstack refactor of ge448_scalarmult_base().
src/tls.c tests/api.c wolfcrypt/test/test.c: update WC_DECLARE_VAR()s with now-required matching WC_ALLOC_VAR()s.
wolfcrypt/benchmark/benchmark.c:
* no functional changes in default error-free behavior.
* add definition of WC_ALLOC_DO_ON_FAILURE() that prints error message, sets ret, and does goto exit.
* add BENCH_NTIMES and BENCH_AGREETIMES overrideeable macros, to allow fast sanitizer runs and slow high-precision runs.
* smallstack refactor of all declarations of stack arrays of the form foo[BENCH_MAX_PENDING], using WC_DECLARE_ARRAY() (35 in all).
* additional smallstack refactors, using WC_DECLARE_VAR(), for bench_aesxts(), bench_ed448KeyGen(), bench_eccsi*(), and bench_sakke*().
* fixes for various unhandled error conditions around malloc failures.
wolfcrypt/test/test.c: opportunistically constify several (42) static constants, moving them to the readonly data segment.
linuxkm/Makefile: if ENABLED_LINUXKM_BENCHMARKS, add wolfcrypt/benchmark/benchmark.o to WOLFSSL_OBJ_FILES.
linuxkm/Kbuild: enable FPU for benchmark.o, and remove enablement for module_hooks.o.
linuxkm/module_hooks.c: remove inline include of benchmark.c.
* fix null pointer derefs in wc_InitRsaKey_Id() and wc_InitRsaKey_Label() (nullPointerRedundantCheck).
* fix use of wrong printf variant in rsip_vprintf() (wrongPrintfScanfArgNum).
* fix wrong printf format in bench_xmss_sign_verify() (invalidPrintfArgType_sint).
* add missing WOLFSSL_XFREE_NO_NULLNESS_CHECK variants of XFREE() (WOLFSSL_LINUXKM, FREESCALE_MQX, FREESCALE_KSDK_MQX).
* suppress false-positive uninitvar on "limit" in CheckTLS13AEADSendLimit().
* suppress true-but-benign-positive autoVariables in DoClientHello().
* in wolfcrypt/src/ecc.c, refactor ECC_KEY_MAX_BITS() as a local function to resolve true-but-benign-positive identicalInnerCondition.
* refactor flow in wc_ecc_sign_hash_ex() to resolve true-but-benign-positive identicalInnerCondition.
Added a RNG argument to the wc_sphincs_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
Added a RNG argument to the wc_falcon_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
Added a RNG argument to the wc_dilithium_sign_msg method to properly
generate necessary random data using the desired WolfSSL RNG object.
Signed-off-by: Tobias Frauenschläger <t.frauenschlaeger@me.com>
jordan
kaleb-himes
Andras Fekete
Sean Parkinson
Daniel Pouzzner
JacobBarthelmeh
Colton Willey
gojimmypi
David Garske
lealem47
Lealem Amedie
Tobias Frauenschläger
Hideki Miyazaki
Chris Conlon