This adds STM32 HAL support for:
* SHA384
* SHA512 (with -224 and -256)
* SHA3 (all variants apart from SHAKE)
The partial FIFO block calculations have been adjusted based in the
STM32 code to support the larger hash sizes.
This should work with other chips such as the STM32U5xx, but is not
enabled for that yet.
This adds support for the STM32MP13 HAL, tested on the STM32MP135F MPU.
Using the HAL this modifies our previous RNG, AES-CBC, AES-GCM, HASH,
ECDSA and DES3 ST HAL acceleration to work with the MPU. It also works
around bugs found in the AES-GCM code of the HAL.
The HAL does not appear to have support for MD5 HASH at the moment, so
this has been given a flag to disable it on this MPU.
configure.ac: add OPENSSL_EXTRA to --enable-wolfsentry.
linuxkm/linuxkm_wc_port.h, linuxkm/module_hooks.c, wolfssl/ssl.h: accommodate backward dependencies for wolfSSL_X509_NAME_add_entry_by_NID, wolfSSL_X509_NAME_free, and wolfSSL_X509_NAME_new_ex.
linuxkm/lkcapi_glue.c: if CONFIG_CRYPTO_MANAGER, assert match of CONFIG_CRYPTO_FIPS and HAVE_FIPS.
src/ssl_crypto.c, wolfcrypt/src/wc_lms.c, wolfcrypt/src/wc_lms_impl.c, wolfcrypt/src/wc_xmss.c, wolfcrypt/test/test.c: add missing casts for XMALLOC()s.
src/ssl_crypto.c: in wolfSSL_AES_decrypt(), fix gate for wc_AesDecryptDirect() return type.
wolfcrypt/test/test.c: smallstack refactor in test_dilithium_decode_level().
tests/api.c: fix uninited vars and "embedding a directive within macro arguments is not portable" in test_wc_dilithium_der().
```
Start wolf tsip crypt Test
simple crypt test by using TSIP
sha_test() passed
sha256_test() passed
tsip_aes_cbc_test() passed
tsip_aes256_test() passed
tsip_rsa_test(2048) passed
tsip_rsa_SignVerify_test(2048) passed
End wolf tsip crypt Test
```
* Fix for `TlsSessionCacheGetAndLock` that was not checking the sessionIDSz, so could return a pointer to an invalid session (if 0's). Resolves issue with `test_wolfSSL_CTX_sess_set_remove_cb` test.
* Fix cast warning with `HAVE_EX_DATA` in Windows VS.
* Fix openssl_extra without PKCS12.
* Refactor the EX data crypto and session API's to gate on `HAVE_EX_DATA_CRYPTO`.
* Grouped the EX data API's in ssl.h
* Moved API's in ssl.h to separate the compatibility ones from ours.
Cryptodev has two sections for the session info struct, cipher and hash.
Our debug mode was using hash for the output even if we were using
cipher, so would output random data. Simple 'if' statement to do the
correct thing.
Andrew Hutchings
Juliusz Sosinowicz
JacobBarthelmeh
András Fekete
Brett Nicholas
Daniel Pouzzner
David Garske
Colton Willey
night1rider
kaleb-himes
gojimmypi
Andras Fekete
Reda Chouk