Daniel Pouzzner
|
bfeb0ad48e
expand opensslcoexist to all low level crypto APIs.
|
3 weeks ago |
Daniel Pouzzner
|
d85c108952
wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: add WC_FAILURE ("wolfCrypt generic failure") with value -1, for traceable error return of -1 in wolfCrypt.
|
3 weeks ago |
Andras Fekete
|
8ecfe311d8
More spelling fixes
|
2 months ago |
Daniel Pouzzner
|
806df85477
backfill more missing WC_NO_ERR_TRACE()s on error code operands, and refactor away the obsolete GEN_MEM_ERR macro mechanism in wolfcrypt/src/ecc.c.
|
3 months ago |
Daniel Pouzzner
|
b178138d83
src/internal.c: in wolfSSL_ERR_reason_error_string(), add missing error string for SCR_DIFFERENT_CERT_E, and de-gate error strings previously gated on HAVE_HTTP_CLIENT.
|
3 months ago |
Andras Fekete
|
d7a0f49906
Programmatically remove NULL test before XFREE
|
4 months ago |
Andras Fekete
|
a0b2da98e6
Remove `if(ptr) XFREE(ptr)`
|
4 months ago |
Daniel Pouzzner
|
d0e73783f1
wolfcrypt/src/aes.c and wolfssl/wolfcrypt/aes.h: add FIPS_AES_XTS_MAX_BYTES_PER_TWEAK and struct XtsAesStreamData, with improved error checking on streaming AES-XTS APIs;
|
6 months ago |
Daniel Pouzzner
|
6d0f611ab5
AES-XTS: add wc_AesXtsEncryptFinal() and wc_AesXtsDecryptFinal() for API consistency, and add error-checking (block alignment check) to wc_AesXtsEncryptUpdate() and wc_AesXtsDecryptUpdate().
|
7 months ago |
Daniel Pouzzner
|
1469aab109
linuxkm/lkcapi_glue.c: add native test coverage for WOLFSSL_AESXTS_STREAM.
|
7 months ago |
Daniel Pouzzner
|
2fe366cc74
wolfcrypt/test/test.c: add test coverage for WOLFSSL_AESXTS_STREAM.
|
7 months ago |
Daniel Pouzzner
|
4f1f7b3a4d
linuxkm/lkcapi_glue.c: update names of wc_AesXts{En,De}cryptInit().
|
7 months ago |
Daniel Pouzzner
|
f874d8753d
AES-XTS-streaming: refactor API to eliminate caller-supplied tweak_block. instead, caller-supplied iv is used as a readwrite buffer.
|
7 months ago |
Daniel Pouzzner
|
3ad5ec4e0a
make --enable-linuxkm-lkcapi-register require --enable-experimental, except for the known-good --enable-linuxkm-lkcapi-register="xts(aes)".
|
7 months ago |
Daniel Pouzzner
|
70d7b6e48b
add WOLFSSL_AESXTS_STREAM, --enable-aesxts-stream, wc_AesXtsEncryptStart(), wc_AesXtsDecryptStart(), wc_AesXtsEncryptUpdate(), wc_AesXtsDecryptUpdate(), and implement fixes in linuxkm/lkcapi_glue.c to use the streaming API when needed. also added support for 2*192 bit AES-XTS, needed for Linux kernel.
|
7 months ago |
Daniel Pouzzner
|
bc8664164b
linuxkm: move the *SAVE_VECTOR_REGISTERS* code from linuxkm/linuxkm_memory.c to linuxkm/x86_vector_register_glue.c, to move various fidgity/unstable kernel function calls outside the PIE wolfCrypt container.
|
7 months ago |
Daniel Pouzzner
|
4cc27fa58b
rename WC_AES_C_DYNAMIC_FALLBACK to WC_C_DYNAMIC_FALLBACK.
|
7 months ago |
Daniel Pouzzner
|
b1edb08119
linuxkm/linuxkm_wc_port.h:
|
9 months ago |
Daniel Pouzzner
|
63fe12efe3
wolfcrypt/src/aes.c: fix WOLFSSL_AESGCM_STREAM && WC_AES_C_DYNAMIC_FALLBACK: establish AESNI status dynamically at time of wc_AesGcmSetKey(), and stick to it (or return failure) until the next wc_AesGcmSetKey(). this matches the semantics of the Linux kernel in-tree implementation, allowing safe registration of the wolfCrypt AESNI implementation with the LKCAPI.
|
10 months ago |
Daniel Pouzzner
|
10645de648
linuxkm: various tweaks:
|
10 months ago |
Daniel Pouzzner
|
e1ee5e4421
linuxkm: spruce up arch-dependent CFLAGS setup in linuxkm/Kbuild; add "failed:" to error messages in km_AesGcmEncrypt() and km_AesGcmDecrypt().
|
10 months ago |
Daniel Pouzzner
|
f228a85cee
AES-XTS: fix FIPS gating to use defined(HAVE_FIPS), not defined(HAVE_FIPS_VERSION).
|
10 months ago |
Daniel Pouzzner
|
6261108d49
linuxkm: fix line lengths throughout; in linuxkm/lkcapi_glue.c: fix/harmonize error catching, reporting, and error codes; further address peer review feedback.
|
10 months ago |
Daniel Pouzzner
|
1fc67183a5
linuxkm: address peer review:
|
10 months ago |
Daniel Pouzzner
|
957fc7460c
linuxkm/lkcapi_glue.c: refactor AES-CBC, AES-CFB, and AES-GCM glue around struct km_AesCtx with separate aes_encrypt and aes_decrypt Aes pointers, and no cached key, to avoid AesSetKey operations at encrypt/decrypt time.
|
10 months ago |
Daniel Pouzzner
|
b1e5d0f9bb
linuxkm: completion and stabilization of LKCAPI integration for AES-CBC, AES-CFB, AES-GCM, and AES-XTS:
|
10 months ago |
Daniel Pouzzner
|
ec60f91b4a
linuxkm: add linuxkm/lkcapi_glue.c.
|
10 months ago |