- Move _build_ffi.py to scripts/build_ffi.py. Do as little in the global
namespace of the script as possible by putting functionality into functions,
including a new main function.
- Improve feature detection by allowing user_settings.h in addition to
options.h. This is particularly useful on Windows.
- Add the windows directory. This contains subdirectories non_fips and
fips_ready, which each have a user_settings.h. The non_fips user_settings.h is
used by the build script to build on Windows with CMake, when not using
USE_LOCAL_WOLFSSL. The fips_ready user_settings.h is an example user_settings.h
that works with our FIPS Ready code and wolfcrypt-py.
- Improve Windows support. This commit modifies the way we build wolfSSL for
wolfcrypt-py on Windows. Instead of using CMake directly, we use it with
user_settings.h. This is typically how Windows users are building wolfSSL, and
it gets around some shortcoming of wolfSSL's CMake support (e.g. not all
required features are supported). Additionally, USE_LOCAL_WOLFSSL now works
properly on Windows. When using USE_LOCAL_WOLFSSL, it should point to a wolfSSL
source code directory. This works for FIPS bundles, too. Finally, for FIPS on
Windows, we only support DLL builds. The CFFI library (.pyd extension) requires
this DLL to work. build_ffi.py detects this scenario and copies the .dll into
the wolfcrypt package directory. I've modified setup.py to distribute the
.dll with the package.
- Add some missing FIPS gates. Testing against FIPS v2 triggered some errors.
Those are fixed in this commit.
- sign_pss and verify_pss need to digest the data before calling into their
respective wolfCrypt functions. Those wolfCrypt functions expect digests, not
plaintext.
- RsaPrivate make_key should take an optional hash_type parameter for the case
where the key will be used to create PSS signatures.
- test_rsa_pss_sign_verify appears to have been deliberately coded to have the
input plaintext length line up with the digest size, which masked the problem
where we weren't digesting the plaintext. I modified the plaintext so that this
is no longer the case.
Makes things a little bit more like similar APIs.
* Hash type is now set in constructor.
* MGF is set automtically or manually with `set_mgf()`
* Label defaults to empty
Some bad assumptions were made during the creation of our Python AES GCM
code. This is now modified to be more in-line with other libraries. This
is an API breaking change on unreleased code.
This now allows for aad data to be used, varying length of
authentication tags and fixes a bug for multipart.
1. Now unified to a single class AesGcmStream()
2. Used `encrypt()` and `decrypt()` instead of `update()` to avoid
confusion over encryption and aad semantics
3. final tag_bytes is configurable in the constructor
4. `set_aad()` added to add the aad data
5. aad data is cleared after first `encrypt()` or `decrypt()` call due
to quirk in the C API.
6. More tests added
* Fix some path and compiler things for Windows
* Move source code to align better with Python standards
* Have setup.py build wolfSSL and FFI
* Update Python versions in tox
* Add CMake building for Windows build
* Add missing __init__.py for tox
* Make wolfSSL a git submodule
- Detect ECC timing resistance and call wc_ecc_set_rng where appropriate.
- Detect FIPS version and use that information to figure out how to map hash
enum values (see _TYPE_SHA and friends).
- Don't call wc_HmacSetKey in the _Hmac constructor if the key passed to _init
is length 0. This can happen, for example, when the _Hmac object is being
copied. The copy operation copies over the raw memory from the underlying C
object, so it's not important that we call wc_HmacSetKey in this case.
- Removed a unit test that expected importing an ECC public key from a private
key to fail. This does fail in the default wolfSSL version for wolfcrypt-py,
v4.1.0-stable, but we added the feature to be able to import public from
private with wolfSSL PR #2916. As a result, this test fails with v4.8.1-stable.
We should upgrade wolfcrypt-py's default wolfSSL version (and the wolfcrypt-py
version itself) in the near future.
- The array slicing in test_key_encoding was wrong in many places. This likely
stemmed from the author thinking slices were inclusive, but that's only true
for the first element of the slice (e.g. [0:31] is elements 0-30 inclusive, not
elements 0-31 inclusive). This was uncovered by testing with FIPS ready, which
adds -DWOLFSSL_VALIDATE_ECC_IMPORT, causing us to check ECC keys with
wc_ecc_check_key. wc_ecc_check_key kept saying, "hey, that point's not on the
curve." The array slicing problem was the culprit.
- Fixed tests that were doing HMAC with a key less than HMAC_FIPS_MIN_KEY.
Hayden Roche
Hayden Roche
Andrew Hutchings
Daniele Lacamera
David Garske
Chris Conlon
Moisés Guimarães