WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
23,280 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

1696 Commits (f749ca387d799c37aad802caea221faae5fd8869)

Author SHA1 Message Date
Sean Parkinson 652158fcac Dilithium: Support FIPS 204 Draft 
Compile with WOLFSSL_DILITHIUM_FIPS204_DRAFT to get code that implements
the FIPS-204 August 2023 DRAFT.
Alternatively, --enable-dilithium=draft or
--enable-dilithium=fips204-draft
 2024-08-28 11:02:01 +10:00
Sean Parkinson 60f438f0c3 Dilithum, Kyber: Update to final specification 
FIPS 203 and FIPS 204 final specification changes.
 2024-08-26 17:42:27 +10:00
David Garske 4f4fb4bd0a
Merge pull request #7888 from douzzer/20240820-configure-silent 
20240820-configure-silent
 2024-08-20 05:35:23 -07:00
Daniel Pouzzner 0becc347b1 configure.ac: inhibit options.h reminder message when --quiet. 2024-08-20 00:25:15 -05:00
suzuki toshiya e417091f61 [configure.ac] spell out RFC 5322 "date" format for POSIX-conforming "date" with no extension. 
Following to the advice by Daniel Pouzzner (see the discussion in the issue #7874),
no need to invoke "env" command to set LC_TIME.

* IEEE Std 1003.1-2024 does not request the "-R" option:
	https://pubs.opengroup.org/onlinepubs/9799919799/

* Default "date" in Solaris 11.4 does not support "-R":
	https://docs.oracle.com/cd/E88353_01/html/E37839/date-1.html
* Default "date" in HP-UX 11.22 does not support "-R":
	https://man.freebsd.org/cgi/man.cgi?query=date&apropos=0&sektion=0&manpath=HP-UX+11.22&arch=default&format=html
* Default "date" in AIX 7 does not support "-R":
	https://www.ibm.com/docs/en/aix/7.3?topic=d-date-command
 2024-08-18 15:50:54 +09:00
Daniel Pouzzner b412e5f24e
Merge pull request #7879 from dgarske/options_h 
Improve wolfssl/options.h issues
 2024-08-16 23:54:54 -05:00
Daniel Pouzzner 9a693f5e65
Merge pull request #7876 from mpsuzuki/fix-config-stray-redirect 
Using ">>" with no command in configure can be ambigious for some ancient /bin/sh.
 2024-08-16 15:38:39 -05:00
David Garske a9be38eaf0 Improve wolfssl/options.h issues. Fixes #7853. 2024-08-15 15:49:43 -07:00
David Garske 1190d1bafe
Merge pull request #7873 from SparkiDev/riscv-poly1305-asm 
RISC-V 64 ASM: Add Poly1305 implementation
 2024-08-15 09:40:06 -07:00
suzuki toshiya bbdf7fc1b0 [configure.ac] ">>" without preceding command does not work in traditional Bourne shell. 2024-08-15 13:59:16 +09:00
Sean Parkinson 3ade7a875e RISC-V 64 ASM: Add Poly1305 implementation 
Implementation using standard and vector instructions.
 2024-08-15 09:01:34 +10:00
Brett Nicholas 8df5d61179 add optional cryptocb test disable macro to wolfCrypt tests 2024-08-12 15:16:33 -06:00
Daniel Pouzzner 98f8ab085e configure.ac: when FIPS_VERSION==dev, unlock features to allow user-forced enablement/disablement. also, add line breaks for clarity on the similar clauses in the v5* section. 2024-08-09 14:38:22 -05:00
Daniel Pouzzner 5f6067c3e1 add --enable-debug-trace-errcodes=backtrace. 
* uses libbacktrace to enhance existing "ERR TRACE" messages with backtraces, rendered in same format as the sanitizers.
* adds wc_backtrace_render() and some related callbacks to wolfcrypt/src/logging.c.
* adds an overrideable WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE to the WC_ERR_TRACE() mechanism in wolfssl/wolfcrypt/error-crypt.h.
 2024-08-08 09:00:42 -05:00
Daniel Pouzzner 9aa0742baa
Merge pull request #7798 from dgarske/asn_macros 
ASN macro simplification

merged with github CI tests failing due to unrelated upstream changes (same tests all previously succeeded on this PR, with only 25d14f1937 added in the meantime).

supplementary testing with `wolfssl-multi-test.sh ... super-quick-check` after rebase on then-current `master` 15e99c8eff.
 2024-08-02 16:36:50 -05:00
Sean Parkinson ebb49b6e68 RISC-V ChaCha20: assembly implementations 
ChaCha20:
  scalar and vector implementations
  vector implementations doing 6, 4, 2, 1 block at a time.
  scalar implemetations using roriw and pack
  vector implementations using VROR_VI and roriw.

RISC-V SHA-256: avoid using s0 if it can be helped.
 2024-08-01 17:51:59 +10:00
Sean Parkinson 407b78962e
Merge pull request #7811 from lealem47/removeNULL 
Remove HAVE_NULL_CIPHER from --enable-openssh
 2024-07-31 21:55:13 +10:00
David Garske 20f7d6f9f4 ASN macro simplification. Added new `--enable-asn=all` and `WOLFSSL_ASN_ALL` option. Added granular macros for ASN features like: `WOLFSSL_ASN_CA_ISSUER`, `WOLFSSL_ASN_PARSE_KEYUSAGE`, `WOLFSSL_ASN_TIME_STRING`, `WOLFSSL_OCSP_PARSE_STATUS`. 2024-07-30 10:35:20 -07:00
Lealem Amedie fb3185bb72 Remove HAVE_NULL_CIPHER from --enable-openssh 2024-07-30 10:46:56 -06:00
David Garske 4b9d89d387 Fix autoconf issue with `==` 2024-07-24 09:10:25 -07:00
David Garske 007f9ea39d Fix to restore `--enable-asn=original`. Fixes for building with ASN original (old). Add the new limit checks for alt names and subtree to the old ASN code. 2024-07-24 08:28:25 -07:00
Daniel Pouzzner 367508f498 wolfcrypt/src/asn.c: in EccSpecifiedECDomainDecode(), in calls to DataToHexString(), cast curve->size to word32 to resolve -Wconversion. 
wolfcrypt/src/dh.c: in GeneratePrivateDh186(), add explicit suppression of uninitvar for "cBuf" arg that isn't fully initialized.

wolfcrypt/test/test.c: in mp_test_param(), explicitly initialize "buffer" to avoid uninitvar warning.

configure.ac: in FIPS builds, don't include enable_cryptocb in --enable-all or --enable-all-crypto.  (they can still be enabled explicitly in FIPS builds with --enable-cryptocb, but the combination is not currently supported.)
 2024-07-22 18:21:36 -05:00
Andras Fekete c3d30e7987 Fix the actual definition of the ECC_MIN_KEY_SZ 2024-07-19 16:01:56 -04:00
David Garske 0eeae4da8c
Merge pull request #6460 from embhorn/mosquitto_osp 
Add support for Mosquitto OSP
 2024-07-19 07:49:32 -07:00
Sean Parkinson e6fcd488a6
Merge pull request #7685 from dgarske/renesas_rx_tsip 
Renesas RX TSIP ECDSA support
 2024-07-19 10:53:00 +10:00
Eric Blankenhorn 7aad09fc87 Rebase for mosquitto 2024-07-16 07:37:33 -05:00
Daniel Pouzzner 475ec7b680
Merge pull request #7550 from bandi13/addEnableProvider 
Add enable provider
 2024-07-15 12:08:03 -05:00
Andras Fekete 5b1e6db9a5 Allow user to override required flags 2024-07-15 09:46:36 -04:00
JacobBarthelmeh 203f65a636 prepare for release 5.7.2 2024-07-08 09:47:46 -06:00
Sean Parkinson 1fd9f2af91 KYBER/ML-KEM: make ML-KEM available 
Added ML-KEM instead of Kyber implementation with WOLFSSL_ML_KEM.
Tests added from NIST for ML-KEM operations.
 2024-07-04 23:51:23 +10:00
Andras Fekete 7cc42d446e Update the true minimum ECC key size default 
The discrepancy shows up when trying to compile with FIPS
 2024-07-03 11:50:04 -04:00
Andras Fekete e340e41db3 Add --enable-wolfprovider 2024-07-02 15:57:53 -04:00
Andras Fekete 43b62c8ccf Make sure the ECC_MIN_SZ is set even when set to default 2024-07-02 15:57:53 -04:00
David Garske e81e18859b Support for Renesas RX TSIP with ECDSA and Crypto Callbacks. 
Fix building ECC with NO_ASN (`./configure --enable-cryptonly --disable-rsa --disable-asn --disable-examples`).
 2024-06-25 17:43:16 -07:00
kaleb-himes a1645d684a 448 streaming base on ENABLED flag and below FIPS section 2024-06-21 15:54:04 -04:00
Daniel Pouzzner 38c7327660
Merge pull request #7622 from SparkiDev/ml-dsa 
Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87
 2024-06-19 13:32:35 -04:00
Sean Parkinson 3e3a00dafd Dilithium/ML-DSA: Implementation of ML-DSA-44/65/87 
Impemented FIPS 204 (Draft) Module-Lattice-Based Signature Standard.
Implementation include making a key, signing and verification.
Make key API added.
Updated liboqs calls to use ML-DSA implementation instead of Dilithium.
 2024-06-19 21:27:01 +10:00
Daniel Pouzzner 2c69e4a56b add --debug-code-points and WOLFSSL_DEBUG_CODEPOINTS, 
add file_name and line_number args to wolfssl_log(),

and inside WOLFSSL_DEBUG_CODEPOINTS gates,

add WOLFSSL_MSG_EX2(), WOLFSSL_MSG2(), WOLFSSL_ENTER2(), and WOLFSSL_LEAVE2(), each with file and line args,

and add wrapper macros for WOLFSSL_MSG, WOLFSSL_MSG_EX, WOLFSSL_ENTER, and WOLFSSL_LEAVE, that pass in file and line.
 2024-06-15 00:54:39 -05:00
Andras Fekete 372f57e528 Address PR suggestions 2024-06-12 14:22:10 -04:00
Andras Fekete 211742bfe0 liboqs depends on pthreads now 2024-06-12 13:45:57 -04:00
Kaleb Himes 9f9a82e469
Merge pull request #7637 from lealem47/armasm_fips 
Force inline ASM for armv7 with FIPS
 2024-06-12 07:53:37 -06:00
Lealem Amedie b7d32d0609 Force inline ASM for armv7 with FIPS 2024-06-11 13:32:46 -06:00
Daniel Pouzzner b3e8f0ad24 add --enable-debug-trace-errcodes, WOLFSSL_DEBUG_TRACE_ERROR_CODES, WC_ERR_TRACE(), WC_NO_ERR_TRACE(), support/gen-debug-trace-error-codes.sh. also add numerous deployments of WC_NO_ERR_TRACE() to inhibit frivolous/misleading errcode traces when -DWOLFSSL_DEBUG_TRACE_ERROR_CODES. 2024-06-08 16:39:53 -05:00
David Garske b69482ffac
Merge pull request #7569 from SparkiDev/riscv_aes_asm 
AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM
 2024-06-06 08:11:31 -07:00
Sean Parkinson acd604db3d AES RISC-V 64-bit ASM: ECB/CBC/CTR/GCM/CCM 
Add implementations of AES for ECB/CBC/CTR/GCM/CCM for RISC-V using
assembly.
Assembly with standard/scalar cryptography/vector cryptographt
instructions.
 2024-06-06 13:16:00 +10:00
David Garske 7fadd4ed9f
Merge pull request #7595 from JacobBarthelmeh/static 
Pull in some staticmemory features
 2024-05-30 16:31:54 -07:00
David Garske bb57c1de94
Merge pull request #7603 from lealem47/detect_cut 
Fix cut detection in configure.ac
 2024-05-30 15:42:55 -07:00
Lealem Amedie ecef3c214c Fix cut detection in configure.ac 2024-05-30 16:09:04 -06:00
JacobBarthelmeh ebdc8b9a32 rename of macros, add descriptions, minor fixes 2024-05-30 14:48:52 -06:00
JacobBarthelmeh 511c403631 account for yes/no options 2024-05-29 15:59:51 -06:00