John Safranek
|
ef62fab4ea
Update
|
3 vuotta sitten |
John Safranek
|
13871cf547
Set RC10 to be the default v5 FIPS build.
|
3 vuotta sitten |
John Safranek
|
0d465cf42f
Add AES-OFB to FIPSv5 build as v5-RC10 (5,2)
|
3 vuotta sitten |
Daniel Pouzzner
|
97557ed29b
linuxkm: add --enable-benchmark switch (default yes) and BUILD_BENCHMARK conditional to configure.ac to allow build with testwolfcrypt but without benchmark; change gate in wolfcrypt/benchmark/include.am from `if !BUILD_LINUXKM` to `if BUILD_BENCHMARK`.
|
3 vuotta sitten |
Daniel Pouzzner
|
59ec9fc285
configure.ac: refactor setup for --enable-reproducible-build; remove mutex between --enable-sp-math and --enable-sp-math-all (they can now coexist); whitespace cleanup.
|
3 vuotta sitten |
Sean Parkinson
|
dd833807d8
Merge pull request #4523 from dgarske/nxp_se050_fixes
|
3 vuotta sitten |
David Garske
|
2abb2eae7d
Changed NXP SE050 to not use symmetric offloading by default. If desired use `WOLFSSL_SE050_HASH` and `WOLFSSL_SE050_CRYPT`.
|
3 vuotta sitten |
Jacob Barthelmeh
|
ac5e9e5e7c
bump to dev version and touch up readme
|
3 vuotta sitten |
Jacob Barthelmeh
|
d869c60605
prepare for release v5.0.0
|
3 vuotta sitten |
Juliusz Sosinowicz
|
a6be157628
Gate new AKID functionality on `WOLFSSL_AKID_NAME`
|
3 vuotta sitten |
Daniel Pouzzner
|
3a80ba6744
configure.ac: fixes for --enable-fips logic.
|
3 vuotta sitten |
Daniel Pouzzner
|
d527b25034
configure.ac: FIPS: remap "ready" to be ready flavor of 140-3 (i.e. v5-ready); add v3-ready for ready flavor of 140-2.
|
3 vuotta sitten |
Daniel Pouzzner
|
073bef579b
linuxkm: add missing #ifdef OPENSSL_EXTRA around openssl includes in module_exports.c.template, and add an assert to configure.ac disallowing linuxkm+opensslextra.
|
3 vuotta sitten |
John Safranek
|
75df6508e6
Add a read enable for private keys when in FIPS mode.
|
3 vuotta sitten |
Daniel Pouzzner
|
490a1238a8
configure.ac: refactor AC_CHECK_FILES brought in by rebase, to fix warning.
|
3 vuotta sitten |
Daniel Pouzzner
|
61df408d70
configure.ac: fix handling of ENABLED_FIPS->REPRODUCIBLE_BUILD_DEFAULT=yes; take JNI back out of from enable-all feature set because it adds -DNO_ERROR_QUEUE to flags; fix typo in FIPS test for --with-max-rsa-bits setup.
|
3 vuotta sitten |
Daniel Pouzzner
|
1f6eb4648e
configure.ac: remove WOLFSSL_VALIDATE_ECC_IMPORT and WOLFSSL_VALIDATE_ECC_KEYGEN from enable-all and enable-all-crypto feature sets.
|
3 vuotta sitten |
Daniel Pouzzner
|
fb49d814c5
configure.ac and autogen.sh: fix warnings in configure.ac, and enable WARNINGS=all,error in autogen.sh. also, remove --verbose to avoid obscuring warning output.
|
3 vuotta sitten |
Daniel Pouzzner
|
0231446006
configure.ac: don't warn about loading real async files if async.c is present and non-empty.
|
3 vuotta sitten |
Daniel Pouzzner
|
f9627e4b14
configure.ac: for --enable-fips, make v5 an alias for v5-RC8 (alias to be updated after newer lab-approved snapshots are tagged), and add v5-ready and a placeholder v5-REL.
|
3 vuotta sitten |
Daniel Pouzzner
|
1c27654300
configure.ac and wolfssl/wolfcrypt/types.h: don't change wc_HashType for FIPS <= v2 (reverts commit 56843fbefd as it affected that definition); add -DWOLFSSL_NOSHA512_224 -DWOLFSSL_NOSHA512_256 to FIPS v2 and v3.
|
3 vuotta sitten |
Daniel Pouzzner
|
22f947edd6
configure.ac and wolfssl/wolfcrypt/asn_public.h: add --enable-fips=v5-RC8 for use with WCv5.0-RC8 codebase; add HAVE_FIPS_VERSION_MINOR, and refactor main $ENABLED_FIPS switch to set HAVE_FIPS_VERSION and if applicable HAVE_FIPS_VERSION_MINOR for use in subsequent tests and the main FIPS setup code; in asn_public.h, use HAVE_FIPS_VERSION_MINOR to exclude declaration of wc_RsaKeyToPublicDer() when building FIPS WCv5.0-RC8.
|
3 vuotta sitten |
Daniel Pouzzner
|
8c3cbf84f9
add missing gating around WOLFSSL_NO_SHAKE256, WOLFSSL_NOSHA512_224, and WOLFSSL_NOSHA512_256.
|
3 vuotta sitten |
Daniel Pouzzner
|
7b40cd6cef
configure.ac: fips tweaks: add --enable-fips=disabled to allow non-fips build in a fips tree, for convenient testing; add ENABLED_SHAKE256=no override to fipsv5 setup; don't add an RSA_MAX_SIZE setting to AM_CFLAGS when FIPS, to avoid a conflict with old rsa.h.
|
3 vuotta sitten |
Daniel Pouzzner
|
19b33d5a76
configure.ac: don't include rc2 in enable-all or enable-all-crypto (memory leaks).
|
3 vuotta sitten |
Daniel Pouzzner
|
9e3fb73567
configure.ac: improvement for enable-all and enable-all-crypto:
|
3 vuotta sitten |
Daniel Pouzzner
|
67db7b7f32
fixes for issues identified by Jenkins run:
|
3 vuotta sitten |
Daniel Pouzzner
|
947a0d6a2f
autotools/Makefiles: enable reproducible build by default for FIPS, and add -DHAVE_REPRODUCIBLE_BUILD to AM_CFLAGS;
|
3 vuotta sitten |
Daniel Pouzzner
|
cdcb8fb9da
configure.ac: revert change (AC_MSG_NOTICE reverted to AC_MSG_ERROR) for "FIPS source tree used for non-FIPS build"; in enable_all set, move enable_stunnel and enable_tcpdump to the !ENABLED_LINUXKM_DEFAULTS section.
|
3 vuotta sitten |
Daniel Pouzzner
|
64bfe81ff5
configure.ac: test for cryptonly && opensslextra, if so error "mutually incompatible".
|
3 vuotta sitten |