WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
11,773 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

3940 Commits (70aa11f0a9037c54b43864ab6de5467ce15517ca)

Author SHA1 Message Date
JacobBarthelmeh d09b947478 update for test case and sha3 2020-05-19 19:27:38 -06:00
JacobBarthelmeh 03ed495f84 free temporary buffer 2020-05-19 19:27:29 -06:00
JacobBarthelmeh 6a7a8fa5b7 updated RSA calls to Xilsecure 2020-05-19 19:27:21 -06:00
David Garske 2033be9aed Fixes for building against older STM32 CubeMX HAL. 2020-05-19 17:42:36 -07:00
David Garske 13e6462ea7 Fixes for build with STM32 Standard Periperal Library (StdPeriLib). 2020-05-19 17:42:36 -07:00
David Garske 99ebae9f7c
Merge pull request #2985 from cconlon/iarwarn 
fix minor IAR warnings in test.c
 2020-05-19 16:42:47 -07:00
Chris Conlon 9efd9afdfb fix minor IAR warnings in test.c 2020-05-19 14:12:13 -06:00
Sean Parkinson adb3bdd26e Curve448 - cast down 2020-05-18 09:07:20 +10:00
toddouska c4fee4ce38
Merge pull request #2969 from julek-wolfssl/fix-lut-cache 
Fix LUT cache implementation
 2020-05-15 15:15:18 -07:00
Jacob Barthelmeh b615dbe9d5 add additional FP_ECC lock sanity check for case where wolfCrypt_Init is not called 2020-05-15 11:50:05 -06:00
toddouska 684654cd25
Merge pull request #2962 from tmael/fips_solaris 
FIPS on Solaris
 2020-05-15 10:15:09 -07:00
toddouska 91bfa31f70
Merge pull request #2968 from dgarske/stm32_hal_v2 
Fixes for STM32 CubeMX HAL with AES GCM
 2020-05-14 10:55:04 -07:00
Tesfa Mael f894d4c0d2 FIPS on Solaris 2020-05-14 10:11:54 -07:00
Juliusz Sosinowicz 24634a02c9 Fix comment 2020-05-14 10:54:45 +02:00
toddouska 88b8ea04f6
Merge pull request #2971 from SparkiDev/sp_cortexm_comment 
Fix SP Cortex-M ASM comments
 2020-05-13 16:30:14 -07:00
JacobBarthelmeh 1876fe1c22 init FP mutex on wolfCrypt init 2020-05-13 13:59:35 -07:00
Sean Parkinson 57756bfa8d Remove unused 4096-bit functions 2020-05-13 10:23:05 +10:00
David Garske 778b5dd9d5 Fixes for STM32 CubeMX HAL with AES GCM. Fix AES GCM authentication header size, which expects size as number of 32-bit values. Fix the authentication size round up logic. Fix to use software for authentication tag if authentication data size is not multiple of 4. Fix to ensure 32-bit aligned buffers are used. 2020-05-12 08:27:43 -07:00
Sean Parkinson 786e21b107 Fix SP Cortex-M ASM comments 2020-05-12 23:28:39 +10:00
Sean Parkinson 479b54e78e Fix div word in SP ARM32 2020-05-12 23:14:57 +10:00
Juliusz Sosinowicz 3d2cbdd3e8 Fix LUT cache implementation 
- Make sure that the cache is actually set (and not just depend on the LRU_count)
- test_wolfSSL_EC should also be run without ECC_SHAMIR
 2020-05-12 13:48:59 +02:00
Sean Parkinson 7c98451f24
Merge pull request #2961 from kaleb-himes/WOLFSSL_EXAMPLES 
Fix failing build for rsa_verify_only example
 2020-05-11 09:31:31 +10:00
JacobBarthelmeh 81dc0ac56f
Merge pull request #2956 from tmael/hkdf 
Check HKDF-Expand length of output <= 255*HashLen
 2020-05-08 16:36:40 -06:00
kaleb-himes 82c86447e7 Fix failing build for rsa_verify_only example 2020-05-08 16:18:30 -06:00
toddouska 6b930d996c
Merge pull request #2958 from julek-wolfssl/ASN_IP_TYPE-without-openssl 
Support IP alternative subject name without OpenSSL
 2020-05-08 13:27:27 -07:00
toddouska 4a44b7b781
Merge pull request #2954 from SparkiDev/sp_rsa_pq_len 
Only use SP for RSA private operations if P and Q half bits
 2020-05-08 08:30:30 -07:00
Juliusz Sosinowicz b5886e0e37 Add option `--enable-ip-alt-name` 
This commit adds the configure option `--enable-ip-alt-name` that enables support for the IP alternative subject name parsing in `wolfcrypt/src/asn.c:DecodeAltNames`.
 2020-05-08 13:20:24 +02:00
Tesfa Mael b39e384cfd Review comment 2020-05-07 13:39:53 -07:00
Juliusz Sosinowicz 9e68de0fb7 Add test certs for ASN_IP_TYPE 2020-05-07 11:52:49 +02:00
Sean Parkinson b331804c27 SP C: Fix array size for cache resistant modexp 2020-05-07 10:00:14 +10:00
Tesfa Mael 2ab478f8fd Check length of output <= 255*HashLen 2020-05-06 15:47:39 -07:00
Sean Parkinson c4af5db4b9 Only use SP for RSA private operations if P and Q half bits 2020-05-07 08:46:48 +10:00
toddouska be3c39ed1c
Merge pull request #2948 from JacobBarthelmeh/SanityChecks 
update armv8 aes gcm sanity checks
 2020-05-06 10:31:09 -07:00
toddouska 5e45767cc3
Merge pull request #2943 from JacobBarthelmeh/Testing 
check on length of unwrap before memmove
 2020-05-05 11:09:06 -07:00
Jacob Barthelmeh 0f6fef8384 update armv8 aes gcm sanity checks 2020-05-05 09:47:05 -06:00
Sean Parkinson 74040c62af
Merge pull request #2944 from dgarske/sp_cacheres 
Fixes for C32/C64 SP math with `WOLFSSL_SP_CACHE_RESISTANT`
 2020-05-05 10:43:00 +10:00
David Garske 174b4d5159 Cleanup of SP with small stack. Expand support for `WOLFSSL_SP_NO_MALLOC`. Fix for evp.c when included directly. 2020-05-04 14:23:32 -07:00
David Garske 8e0f5ef8ce Fixes for `WOLFSSL_SP_CACHE_RESISTANT` with small stack. 2020-05-04 11:22:12 -07:00
David Garske c28ad38b16 Fix for cast issue caused by PR #2900. Applies to `WOLFSSL_SP_CACHE_RESISTANT` and c32/c64 versions only. 2020-05-04 10:49:59 -07:00
Jacob Barthelmeh 082e51d778 check on length of unwrap before memmove 2020-05-04 10:32:05 -06:00
Jacob Barthelmeh 9f735b4d6e sanity check on PemToDer type 2020-05-01 16:41:18 -06:00
toddouska 3944c8eb73
Merge pull request #2935 from ejohnstown/hush-tfm 
Hush TFM Warnings
 2020-05-01 08:26:42 -07:00
John Safranek b6bd86d2b1
TFM Warnings 
When building in VS, the MSC will complain about some constants getting
implicitly promoted to 64-bit. Added some type-casts to hush the warnings.
 2020-04-30 19:43:18 -07:00
toddouska f772bc8d9a
Merge pull request #2923 from dgarske/pic32mz 
Fixes for PIC32MZ crypto hardware cache and large hash
 2020-04-30 16:22:13 -07:00
toddouska a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks 
check on tag length for AES-CCM
 2020-04-30 14:51:20 -07:00
Jacob Barthelmeh 505fbed4df fix AES-CCM tag size check on decryption 2020-04-29 15:15:54 -06:00
Sean Parkinson e9b433a998
Merge pull request #2928 from julek-wolfssl/evp-aes-gcm-fix 
Fix AES-GCM in EVP layer to have compatiblity with OpenSSL
 2020-04-29 09:00:04 +10:00
Jacob Barthelmeh b73e52f33f move AES-CCM tag check into a local function 2020-04-28 14:46:06 -06:00
toddouska f770d28ff0
Merge pull request #2916 from dgarske/testfixes 
Improvements to ECC key decode and tests
 2020-04-28 09:57:44 -07:00
toddouska cb6fc56f3b
Merge pull request #2921 from dgarske/fixes_g++ 
Fixes for G++ and enable-all
 2020-04-28 09:51:34 -07:00
Juliusz Sosinowicz c02c408409 Only 80 characters a line 2020-04-28 12:38:02 +02:00
Jacob Barthelmeh c85a53c631 add macro guard for fips and selftest builds 2020-04-27 15:36:53 -06:00
David Garske 6185e0f477 Remove execute bit on files. 2020-04-27 11:16:02 -07:00
David Garske 327cdefc24 Fix for SP math with `RSA_LOW_MEM`, which was broken in PR #2892. 2020-04-27 08:59:54 -07:00
Juliusz Sosinowicz 01a6dded72 Fix AES-GCM in EVP layer to have compatiblity with OpenSSL 
- Tag checking in AES-GCM is done in Final call
- Reset `WOLFSSL_EVP_CIPHER_CTX` structure after Final call
- Don't zero `ctx->authTag` struct in Init call so that user can get the AES-GCM tag using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag)`
- `ctx->authTag` is only zeroed before authenticated, non-confidential data Update call since this means we are entering a new Udate-Final cycle. This doesn't need to be done in the decrypt case since the tag should be supplied by the user before the final call using `EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag)`
 2020-04-27 15:52:01 +02:00
David Garske 1e726e19a4 Fix for XMALLOC cast. 2020-04-27 06:48:41 -07:00
David Garske 3c93a7b757 Fix `Value stored to 'ret' is never read`. 2020-04-24 11:31:12 -07:00
David Garske a4caa42793 Improve the Base64 line size for `NO_ASN` case. Fix report of unread `ret`. 2020-04-24 11:26:55 -07:00
David Garske 589712f870 PIC32MZ Fix for cache coherency to enable write-through (no write allocation) to resolve descriptor corruption. ZD 10212. 2020-04-24 09:13:28 -07:00
David Garske 0f11369680 PIC32MZ Fix for `WOLFSSL_PIC32MZ_LARGE_HASH`: Only submit to hardware if update data provided matches expected. ZD 10211. 2020-04-24 09:01:51 -07:00
David Garske cfc0aeb857 Fix for RSA and KeyGen only in test.c. 2020-04-24 08:56:31 -07:00
David Garske 41fc208195 Fixes for `isHMAC` checks. 2020-04-24 08:51:56 -07:00
David Garske 5fa7bb5b9f Fix possible unused args. 2020-04-24 07:48:41 -07:00
David Garske 6d025f8c0f Refactor of the EVP `macType` to use `enum wc_HashType` to resolve issues with invalid casting. 2020-04-24 07:43:44 -07:00
David Garske 28b686a8ca * Exposed useful sizes `MAX_X509_HEADER_SZ` and `PEM_LINE_SZ` 
* Refactor the PEM saving code in `test.c`, so its not using large 4K buffer and calculates based on DER.
* Enable ECC key generation test even without `WOLFSSL_KEY_GEN`.
* Added `ECC_KEYGEN_SIZE` macro for ECC key generation testing.
* Refactor ECC DER key generation to use `ECC_BUFSIZE`.
 2020-04-23 16:11:54 -07:00
David Garske 81f959336b Added support for important private key DER using `wc_EccPublicKeyDecode`. Added ECC key generation and decode test case. 2020-04-23 16:07:43 -07:00
David Garske 5376763638
Merge pull request #2913 from SparkiDev/sp_cortexm4_ecc 
Improve performance of SP Cortex M asm
 2020-04-23 09:47:05 -07:00
toddouska 7318121d3a
Merge pull request #2915 from dgarske/async_v4.4.0 
Fixes for async release v4.4.0
 2020-04-23 09:26:08 -07:00
toddouska 54aa50e628
Merge pull request #2912 from SparkiDev/sp_movbe 
Only use Intel instruction movbe when available
 2020-04-23 09:25:02 -07:00
Sean Parkinson 7a0cbe084e Improve performance of SP Cortex M asm 2020-04-23 11:05:42 +10:00
John Safranek a064cb3943 Fix a couple of wolfCrypt test issues found during the long release build test. 2020-04-22 11:30:57 -07:00
David Garske 36a556f927 Resolve issues with the openssl compatibility `CRYPTO_malloc` and `CRYPTO_free`. 2020-04-22 10:15:16 -07:00
John Safranek bf680b4a92
Fix for QAT with Shake256. Fix for XFREE missing semicolon. 2020-04-21 10:38:27 -07:00
John Safranek ccd096e1bb
Memory Leak Fix 
1. In `wolfSSL_d2i_DHparams()`, when setting the internal key on a
   WOLFSSL_KEY, set the flag inSet.
2. Not a leak, but in `wolfSSL_EVP_PKEY_set1_DH()`, only allocate one
   buffer to store the flat key. Saves an alloc, memcpy, and free.
 2020-04-21 10:21:59 -07:00
John Safranek 61f3783111
Fixes to test.c for the following build configurations: 
1. ./configure --disable-rsa --enable-certgen --enable-certreq
2. ./configure --disable-ecc --enable-pkcs7
 2020-04-21 10:21:59 -07:00
John Safranek 7cbf496329
Encrypt key requirements check 
The file wc_encrypt.c offers a function named wc_CryptKey(), which
requires PWDBASED and ASN. Added the check for ASN.
 2020-04-21 10:21:58 -07:00
Jacob Barthelmeh 231c488ddf check on tag length for AES-CCM 2020-04-20 13:44:41 -06:00
JacobBarthelmeh 0cfde0794b
Merge pull request #2848 from julek-wolfssl/wpa-supplicant-openssl-compat 
Added partial support for wpa_supplicant, hostapd, and cjose:
 2020-04-20 12:17:55 -06:00
Sean Parkinson 75c14e4c8e Only use Intel instruction movbe when available 2020-04-20 09:09:45 +10:00
John Safranek f87f09fcd7
Merge pull request #2910 from embhorn/zd10169 
Fix forbidden iv length 0 with AES-GCM
 2020-04-16 16:01:03 -07:00
Eric Blankenhorn 6b3642db36 Fix forbidden iv length 0 with AES-GCM 2020-04-16 13:48:56 -05:00
Juliusz Sosinowicz dd68074104 Fix merge issues 2020-04-16 10:09:15 +02:00
Stanislav Klima eab451339c Fixed dereference after null check. 2020-04-16 09:52:02 +02:00
Sean Parkinson da5d9a923b SP ARM64 - use fewer registers in mont_reduces 2020-04-16 09:20:04 +10:00
Juliusz Sosinowicz 36403c1dad Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat 2020-04-15 16:55:03 +02:00
Stanislav Klima 68a2e03bd4 Fixed resource leak. 2020-04-15 16:27:34 +02:00
Stanislav Klima 1a80975d9e Fixed resource leaks. 2020-04-15 15:47:32 +02:00
Stanislav Klima 74893edaf0 Fix of size constraint for parsing. 2020-04-15 14:36:36 +02:00
Juliusz Sosinowicz 1d3fd5cd07 Code review 
- make `wc_ecc_export_point_der_compressed` a local function
- use `int` for `shortKeySize` in `wc_ecc_import_point_der_ex`
- check for null return value from `wolfSSL_OBJ_nid2obj` and `wolfSSL_d2i_PUBKEY`
- add comments to `ssl.c`
- check `lnlen` in `wolfSSL_OBJ_ln2nid`
 2020-04-15 12:53:38 +02:00
Eric Blankenhorn d9472b895f Fix conflicts after rebase 2020-04-14 15:24:52 -05:00
Eric Blankenhorn 1487917214 Fix EVP_MD_CTX_type to return NID 2020-04-14 14:27:21 -05:00
toddouska 9c1b90170a
Merge pull request #2903 from SparkiDev/test_4096 
Fix testing using 4096 bits keys and parameters
 2020-04-14 09:25:00 -07:00
toddouska 06c6e583c8
Merge pull request #2891 from julek-wolfssl/refactor-evp-functions 
Move EVP functions to evp.c
 2020-04-14 09:22:51 -07:00
Juliusz Sosinowicz dad0bc0159 Keep compatibility with old OPENSSL_EXTRA_X509_SMALL functions 2020-04-14 12:52:23 +02:00
Juliusz Sosinowicz 0b3a331265 Revert wc_OBJ_sn2nid 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 20e669a65a New API 
Add `wc_ecc_import_point_der_ex` for correct importing DER ECC point and keep `wc_ecc_import_point_der` old functionality
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 18093a6b0b Code review changes 
- Don't include `ENABLED_OPENSSLALL` with `ENABLED_WPAS`
- Return length in `wolfSSL_i2d_DHparams`
- Implement `wolfSSL_EC_POINT_mul` with independent multiplication and addition if `ECC_SHAMIR` not defined
- Implment `ASN1_SIMPLE` without `offsetof` by using a dummy struct
- Style fixes
 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 9722082372 Fix `nid2*` and `*2nid` functions 2020-04-14 11:48:14 +02:00
Juliusz Sosinowicz 680a481e61 Test fixes 
Remove redundant macros
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 9ced70edc1 Test fixes 
Free `x509->key.pkey` in `FreeX509
Fix type conversions
Fix memory leaks and use of uninitialized memory
 2020-04-14 11:45:32 +02:00
Juliusz Sosinowicz 73b4d78d5b Added partial support for wpa_supplicant, hostapd, and cjose: 
- Moved `SetECKeyInternal` and `SetECKeyExternal` to `internal.h` to allow usage outside of `ssl.c`
- Added `asn1t.h`
- Implemented the `IMPLEMENT_ASN1_FUNCTIONS` macro for a small subset of ASN1 tags
-- So far only `X509_ALGOR` and `ASN1_BIT_STRING` are supported
- Implemented `BN_mod_add` function
- Allow for setting of `EC_KEY` export form through EC_KEY_set_conv_form
- Implemented `i2o_ECPublicKey`
- Implemented `EC_POINT_copy`
- Implemented deriving DH and ECDH keys in `EVP_PKEY_CTX`. Functions added:
-- `EVP_PKEY_derive_init`
-- `EVP_PKEY_derive_set_peer`
-- `EVP_PKEY_derive`
- Implemented `EVP_PKEY_get0_DH`
- Implemented `X509_ALGOR_new`
- Implemented `X509_ALGOR_free`
- Implemented `X509_ALGOR_set0`
- Implemented `X509_PUBKEY_new`
- Implemented `X509_PUBKEY_free`
- Implemented `X509_PUBKEY_set`
- Implemented `RSA_padding_add_PKCS1_PSS`
- Implemented `RSA_verify_PKCS1_PSS`
- Changed second parameter of `wolfSSL_d2i_PUBKEY` to be constant
- Corrected long names in `asn.h`
- Added `wc_ecc_get_generator` as a way to get the generator point of a curve
- Added `wc_ecc_export_point_der_ex` to export an ECC point in compressed or uncompressed format with one API
- Added `wc_ecc_export_point_der_compressed` to export a point in an `ecc_point` structure in compressed DER format
- Added 'wc_RsaSSL_Verify_ex` which adds the option to choose a padding type
- Added `wc_RsaPad_ex` and `wc_RsaUnPad_ex` to `rsa.h` as `WOLFSSL_LOCAL` functions
- `CopyDecodedToX509` now fills `x509->key` and `x509->algor` when populating x509
- `wolfSSL_EVP_CipherInit` now uses `wc_AesGcmSetExtIV` to set the IV so that it is copied to `ctx->iv` by `wolfSSL_StoreExternalIV`
- Added error checking to `wolfSSL_EVP_PKEY_get_der`
- `wolfSSL_X509_ALGOR_get0` now attempts to return something in all parameters
- Refactored `wolfSSL_EC_KEY_new` to use `*_new` functions when available
- Added `setupPoint` to set the internal point if not yet set
- Always set external point in `wolfSSL_ECPoint_d2i`
- Added compressed point support to `wolfSSL_EC_POINT_point2oct`
- Fix `wolfSSL_EC_POINT_mul` so that it will calculate the full `generator * n + q * m` then OpenSSL does
- Added `WOLFSSL_RSA_GetRNG` helper function to get a `WC_RNG` from `WOLFSSL_RSA`
- Correct short names in `wolfssl_object_info`
- Added all currently supported curves to `wolfssl_object_info`
- Added `oidCurveType` to `oid2nid`
- Add more padding types to `wolfSSL_RSA_public_decrypt`
- Fix `keysize` in `wc_ecc_import_point_der`
- Added tests for new additions
 2020-04-14 11:45:32 +02:00
Sean Parkinson ba401c9bde Fix testing using 4096 bits keys and parameters 
RSA PKCS #1.5 padding for signing is not reliant on a random.
 2020-04-14 12:03:51 +10:00
Sean Parkinson 416f0775d3
Merge pull request #2900 from dgarske/sp_no_malloc 
Added option to build SP small without malloc
 2020-04-14 09:40:11 +10:00
toddouska 3cb0c600ba
Merge pull request #2894 from SparkiDev/ecc_cr_fix 
Change constant time and cache resistant ECC mulmod
 2020-04-13 16:36:22 -07:00
JacobBarthelmeh f309173518
Merge pull request #2899 from embhorn/zd9564 
Adding check for invalid SAN ext with no entries
 2020-04-13 15:31:06 -06:00
toddouska aadec345ab
Merge pull request #2871 from vaintroub/master 
Fix clang warnings (issue #2870)
 2020-04-13 09:02:51 -07:00
David Garske 1f5a7bffaa Build fixes for `WOLFSSL_NO_MALLOC` in wolfCrypt test. 2020-04-13 07:39:06 -07:00
David Garske b01ce168ea Fixes for SP small with no malloc in `sp_256_ecc_mulmod_10` and `sp_384_ecc_mulmod_15`. 2020-04-13 07:19:06 -07:00
toddouska 4748254b60
Merge pull request #2896 from embhorn/zd9916 
Fix wc_KeyPemToDer with PKCS1 and empty key
 2020-04-10 15:38:07 -07:00
David Garske d412ccb6f8 Added new option `WOLFSSL_SP_NO_MALLOC` for building small SP without malloc. Added SP documentation. Added `./configure --enable-sp=yes,nomalloc` supprt. https://github.com/wolfSSL/scripts/pull/79 2020-04-10 11:13:55 -07:00
Eric Blankenhorn 8644fdca7d Update from review 2020-04-10 08:29:31 -05:00
Sean Parkinson ffd06e359f Change constant time and cache resistant ECC mulmod 
Ensure points being operated on change to make constant time.
 2020-04-10 09:28:20 +10:00
toddouska cf8459e518
Merge pull request #2892 from SparkiDev/cppcheck_fixes_4 
Fixes from cppcheck
 2020-04-09 16:01:11 -07:00
Eric Blankenhorn 7d82c4e3f2 Adding check for invalid SAN ext with no entries 2020-04-09 16:49:52 -05:00
Eric Blankenhorn c3e0575914 Fix from review 2020-04-09 12:52:32 -05:00
Juliusz Sosinowicz f6b9b2e0eb Remove redundant guards 2020-04-09 18:26:23 +02:00
Juliusz Sosinowicz 9cbbd164e0 Fix test errors 2020-04-09 14:54:09 +02:00
Eric Blankenhorn 4d6e33b1dd Fix wc_KeyPemToDer with PKCS1 and empty key 2020-04-08 11:34:24 -05:00
Sean Parkinson 411aee6e05 Fixes from cppcheck 
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
 2020-04-08 09:46:22 +10:00
toddouska 9e08efe8e0
Merge pull request #2885 from SparkiDev/sp_x64_ecc_tweak 
Tweak the SP x86_64 ECC assembly
 2020-04-07 14:27:12 -07:00
Juliusz Sosinowicz 4c0ea10e45 Move EVP functions to evp.c 2020-04-07 22:36:50 +02:00
toddouska ebcf86070d
Merge pull request #2883 from miyazakh/esp_aescounter 
add aes counter on esp32
 2020-04-07 13:24:53 -07:00
toddouska 77b75ef3a2
Merge pull request #2881 from dgarske/ecc_asn 
Fixes for building ECC without ASN
 2020-04-07 13:09:37 -07:00
toddouska f742693062
Merge pull request #2867 from SparkiDev/aes-ccm-aesni 
For CCM using AES-NI, do 4 blocks at a time if possible
 2020-04-07 13:03:23 -07:00
Sean Parkinson 9c67bc2864 For CCM using AES-NI, do 4 blocks at a time if possible 2020-04-06 11:11:28 +10:00
Sean Parkinson 7dad0d3965 Tweak the SP x86_64 ECC assembly 
Put back fixes undone in previous commits:
 - Fix casting warning in SP when mp_digit < sp_digit
 - SP fix check for NULL in EC point_new
 2020-04-06 11:02:30 +10:00
Hideki Miyazaki 302e1d6818 add aes counter on esp32 2020-04-04 14:04:44 +09:00
David Garske 1831193c20 * Fixes for building ECC without ASN. 
* Fix to expose `wc_ecc_import_private_key_ex` and its ability to import a private key even when `NO_ASN` is defined.
* Remove execute bit on CSharp files.
 2020-04-03 10:55:31 -07:00
toddouska 8128a269f3
Merge pull request #2876 from SparkiDev/sp_arm64 
Improve speed of AArch64 assembly
 2020-04-02 14:26:48 -07:00
toddouska 86adb7f9c5
Merge pull request #2873 from SparkiDev/aes_small 
Smaller table version of the AES encrypt/decrypt
 2020-04-02 09:50:58 -07:00
toddouska 5df5ab5931
Merge pull request #2862 from dgarske/iar_ropi 
Support for IAR with position independent code (ROPI)
 2020-04-02 09:49:00 -07:00
toddouska 06442c410d
Merge pull request #2861 from dgarske/zynqmp 
Fixes for Xilinx SDK and Zynq UltraScale+ MPSoC
 2020-04-02 09:46:48 -07:00
Sean Parkinson df1819b79f Improve speed of AArch64 assembly 
Improve point_dbl and point_dbl_n for all platforms.
 2020-04-01 15:06:50 +10:00
David Garske 47d1cb8415 Changes to support IAR with position independent code (ROPI). Updated example wolfSSL IAR project to use "ropi" (Position indipendance for code and read-only data). 2020-03-31 08:17:09 -07:00
Martin Akman 568ce62b81 Updates from code review 2020-03-31 18:29:06 +10:00
Sean Parkinson 9339808ea1 Smaller table version of the AES encrypt/decrypt 
Use WOLFSSL_AES_SMALL_TABLES.
Much slower. Decrypt much slower then encrypt.
 2020-03-27 15:53:01 +10:00
toddouska ddb4b5eb89
Merge pull request #2872 from SparkiDev/rsa_pub_fix 
Fix performance of RSA public key ops with TFM
 2020-03-26 11:56:23 -07:00
toddouska 16fa1a4747
Merge pull request #2855 from JacobBarthelmeh/PKCS12 
maintenance to PKCS12 create for outputting encrypted bundles
 2020-03-26 10:41:04 -07:00
Sean Parkinson c82531a41a Fix performance of RSA public key ops with TFM 
Have a constant and non-constant time modular exponentation available in
tfm.c.
Call the non-constant time version explicitly when performing RSA public
key mod exp.
 2020-03-26 17:33:07 +10:00
David Garske a6034a38c7 Fix for building with `WOLFSSL_SMALL_STACK_CACHE` only (no `WOLFSSL_SMALL_STACK`). 2020-03-25 16:04:45 -07:00
Vladislav Vaintroub d57d194de3 Fix clang warnings (issue #2870) 
The warning was "comparison of array 'ecc_sets[i].name' not equal to a null
pointer is always true [-Wtautological-pointer-compare]"

Compiler is correct, ecc_sets[i].name  is an array of size 16, thus
can't be NULL

Also, fix build error on Windows by changing uint8_t to "unsigned char"
(alternative fix could be including stdint.h)
 2020-03-25 23:07:12 +01:00
David Garske 70773f3b3e Added "WOLFSSL_ARMASM" ifdef checks on ARMv8 port files. 2020-03-25 12:54:40 -07:00
Jacob Barthelmeh 59ab600d76 refactor decrypt content with PKCS12 and fix for AES-256 + HMAC SHA256 case 2020-03-24 22:23:44 -06:00
toddouska 26f539400a
Merge pull request #2866 from SparkiDev/curve448_gcc_bug 
Curve448 - 128-bit impl workaround for compiler
 2020-03-24 09:55:43 -07:00
toddouska e66334e56b
Merge pull request #2865 from SparkiDev/sp_cast_fix 
Fix casting warning in SP when mp_digit < sp_digit
 2020-03-24 09:52:26 -07:00
Sean Parkinson c95e7f88aa Curve448 - 128-bit impl workaround for compiler 
Old gcc compilers can keep track of the 128-bit multiplication and left
shift results' size.
Split all multiplication and left shift results into separate variables.
Add/subtract into the correct variable at end.
Don't want variable declarations after statements so reduce doesn't use
'tr' anymore.
 2020-03-24 16:28:14 +10:00
Sean Parkinson a7d265bf46 Fix casting warning in SP when mp_digit < sp_digit 2020-03-24 12:41:25 +10:00
David Garske 7fabd74a90
Merge pull request #2859 from SparkiDev/tfm_ec_invmod_ct 
Constant time EC map to affine for private operations
 2020-03-23 19:16:45 -07:00
David Garske 2706d6d48a Improve the benchmark to use snprintf then printf. Resolve issue showing results with xil_printf. 2020-03-20 12:34:08 -07:00
David Garske 3127a7e9e5 Fixes for building with bare-metal on Xilinx SDK with zynqmp. Added Zynqmp benchmark timer support. 2020-03-20 12:22:47 -07:00
toddouska 9b8752e314
Merge pull request #2858 from SparkiDev/netscape_cert_ext 
Recognise Netscape Certificate Type extension
 2020-03-19 16:33:25 -07:00
toddouska 0c3667ba93
Merge pull request #2857 from SparkiDev/sp_null_check 
SP fix check for NULL in EC point_new
 2020-03-19 16:30:59 -07:00
toddouska 33b95b8ad7
Merge pull request #2854 from JacobBarthelmeh/Certs 
add +1 for string null terminator
 2020-03-19 16:24:42 -07:00
toddouska f4a8430115
Merge pull request #2851 from JacobBarthelmeh/SanityChecks 
add space for null terminator and check on header pointer
 2020-03-19 16:00:57 -07:00
Sean Parkinson 1de07da61f Constant time EC map to affine for private operations 
For fast math, use a constant time modular inverse when mapping to
affine when operation involves a private key - key gen, calc shared
secret, sign.
 2020-03-20 08:59:41 +10:00
Jacob Barthelmeh ce6aeebdb4 fixes for static analysis checks 2020-03-19 16:34:02 -06:00
Sean Parkinson 62a593e72e Recognise Netscape Certificate Type extension 
Checks the bit string is valid but doesn't store or use value.
(Some certificates have this extension as critical)
 2020-03-19 12:43:03 +10:00
Sean Parkinson c776a4219a SP fix check for NULL in EC point_new 2020-03-19 08:56:52 +10:00
Jacob Barthelmeh 09dedfbe17 maintenance to PKCS12 create for outputting encrypted bundles 2020-03-18 12:00:57 -06:00
Jacob Barthelmeh 2bf39307f1 add +1 for string null terminator 2020-03-18 10:25:56 -06:00
toddouska d0767164c8
Merge pull request #2846 from SparkiDev/sp_rsa_priv_fix 
Fix SP RSA private op
 2020-03-17 13:28:11 -07:00
JacobBarthelmeh 9fc8c8e0b6 add space for null terminator and check on header pointer 2020-03-16 15:14:29 -07:00
JacobBarthelmeh 74781a3d45
Merge pull request #2829 from cconlon/pkcs7multioctets 
PKCS7/CMS EnvelopedData support for fragmented encrypted content
 2020-03-16 13:12:23 -06:00
Jacob Barthelmeh 2d950f1ab4 sanity check on IV size 2020-03-15 18:46:11 -06:00
toddouska bcc720ef68
Merge pull request #2773 from SKlimaRA/master 
Coverity issues fixes.
 2020-03-13 10:20:45 -07:00
Sean Parkinson 6321eabf86 Fix SP RSA private op 
tmpa - tmpb can be less than -p.
Need to conditionally add p twice.
C and multiple platform fix.
 2020-03-12 09:33:52 +10:00
toddouska 87ff2fa47d
Merge pull request #2839 from ejohnstown/hmac-init 
HMAC Init
 2020-03-06 11:05:30 -08:00
Chris Conlon 4ad8a2bacb store wc_PKCS7_DecodeEnvelopedData encryptedContentTotalSz in existing variable instead of adding another 2020-03-06 10:50:00 -07:00
John Safranek 9fe2ddacf4
HMAC Init 
1. wc_HmacSetKey() has a check against the hmac's type that assumes one
has called wc_HmacInit() on the object first. In FIPS Ready builds we
do not have wc_HmacInit() in the boundary. This change removes that check
and action when making a FIPS build. The free called doesn't do anything
in the FIPS build case.
2. Initialize the Hmac's macType to WC_HASH_TYPE_NONE. Check the macType
against that rather than 0. There are some build configs where none isn't
0.
 2020-03-05 13:38:02 -08:00
toddouska 59b9483cde
Merge pull request #2837 from SparkiDev/sp_x64_rsa_priv 
Fix SP x64 RSA Private op
 2020-03-05 08:33:11 -08:00
toddouska f24622596f
Merge pull request #2827 from kaleb-himes/ZD9976 
Fix infinite loop with small sha1 inputs. Thanks to Peter W. on ZD997…
 2020-03-05 08:32:14 -08:00
Sean Parkinson 3707eea2f3 Fix SP x64 RSA Private op 
tmpa - tmpb can be less than -p.
Need to conditionally add p twice.
 2020-03-04 15:54:17 +10:00
Chris Conlon 44d2fc55e6 scan-build fixes for wc_PKCS7_DecodeEnvelopedData() 2020-03-03 10:27:22 -07:00
Chris Conlon d8eeefb4b7 initialize explicitOctet to 0 in pwc_PKCS7_DecodeEnvelopedData() 2020-03-02 09:13:11 -07:00
Chris Conlon debb792690 fix PKCS7 encrypted content decoding for streaming API usage 2020-02-28 17:55:19 -07:00
toddouska 805034bca3
Merge pull request #2830 from SparkiDev/sp_ff_x86_64 
Improve performance of RSA/DH ops on x64
 2020-02-28 09:03:22 -08:00
Sean Parkinson 441027a502 Improve performance of RSA/DH ops on x64 
Focus on 3072-bit ops but others improved as well.
 2020-02-28 10:42:37 +10:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
Chris Conlon d21e370822 add support for PKCS7/CMS EnvelopedData with fragmented encrypted content 2020-02-27 14:42:57 -07:00
toddouska c7a2510d97
Merge pull request #2823 from SparkiDev/sp_div_fix 
Fix for SP x64 div
 2020-02-27 12:57:35 -08:00
toddouska b7d0b81443
Merge pull request #2818 from dgarske/rsa_sha3only 
RSA with SHA-3 only and RSA 4096-bit tests
 2020-02-27 12:44:29 -08:00
toddouska 6dabe82c65
Merge pull request #2814 from SparkiDev/curve25519_x64_fix 
Curve25519 x64 asm: Fix negate and add fe_sq_n
 2020-02-27 12:21:53 -08:00
toddouska ed7a5b17d8
Merge pull request #2808 from dgarske/mdk5 
Fix for minor typos in the MDK5 examples
 2020-02-27 12:06:50 -08:00
kaleb-himes d9e221806b Fix infinite loop with small sha1 inputs. Thanks to Peter W. on ZD9976 for the report 2020-02-27 09:39:22 -07:00
Sean Parkinson 2a5d7a2ac3 Fix for SP x64 div 
Check the top half of number being divided to see if it is greater than
or equal.
If it is then the first div_word may crash as the result is more than
64-bits. So subtract modulus from the top to keep value small.
 2020-02-26 10:53:35 +10:00
Martin Akman 3bbd8be5c9 ATECC: Don't init transport key if not used 2020-02-25 22:03:55 +10:00
David Garske da882f3912 Added wolfCrypt RSA 4096-bit test support using `USE_CERT_BUFFERS_4096` build option (`./configure CFLAGS="-DUSE_CERT_BUFFERS_4096"`). 2020-02-23 18:40:13 -08:00
David Garske c8e618a817 Fix build for `WOLFSSL_RSA_VERIFY_ONLY`. 2020-02-23 15:58:28 -08:00
David Garske e80c696d5f Fix for RSA with SHA3 only (resolves warning with unsed RsaMGF1. 2020-02-23 13:54:48 -08:00
Sean Parkinson c9ce065f8a Curve25519 x64 asm: Fix negate and add fe_sq_n 2020-02-21 11:37:45 +10:00
Eric Blankenhorn b74dac6171 Fix WIN test 2020-02-20 17:28:34 -06:00
Eric Blankenhorn b4563e6af3 Fix CFB and OFB 2020-02-20 17:28:34 -06:00
Eric Blankenhorn a64e1540ba Adding EVP support for SHA3 2020-02-20 17:28:34 -06:00
Eric Blankenhorn 95f973a5be Adding test and dox for ERR_print_errors_cb 2020-02-20 17:28:34 -06:00
Eric Blankenhorn 936312f77e Adding ERR_print_errors_cb 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh a0ddb05a07 change evp with cfb1 expect input size in bytes 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 1a96558b6e Adding macro and XTS support functions 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 922b308029 Fix from review 2020-02-20 17:28:33 -06:00
Jacob Barthelmeh b67ade5164 account for cavp build 2020-02-20 17:28:33 -06:00
Eric Blankenhorn 258382048d Fix test failures 2020-02-20 17:28:33 -06:00