WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
17,412 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

6450 Commits (b87b255d5280604f93bacb2d6170bb7c30169af3)

Author SHA1 Message Date
David Garske 741393e84f
Merge pull request #5291 from kaleb-himes/FRDM-K64-Fixes 
Add necessary includes for cross-builds
 2022-06-28 09:35:06 -07:00
David Garske d4d7e2e5f2
Merge pull request #5294 from SparkiDev/sp_math_all_no_128bit 
SP math all: don't use sp_int_word when SQR_MUL_ASM available
 2022-06-28 07:38:42 -07:00
Sean Parkinson 22336d30e5 SP math all: don't use sp_int_word when SQR_MUL_ASM available 
1. _WIN64 doesn't have 128-bit type but now can use 64-bit sp_int_digit
when assembly code snippets are being used.
2. Fix sp_div() to support values closer to maximum size.
3. Fix builds to work for more configurations.
4. Have ECC uncompressed code keep intermediate values in range of
maximum (x^3 calculation fixed).
5. Fix configuation.ac's check of FIPS for using signed SP Math All.
Default now not signed as intended.
 2022-06-28 15:51:53 +10:00
kaleb-himes 9d11e9092f Add necessary includes for cross-builds 2022-06-27 13:50:27 -06:00
David Garske 94e7eacc5f
Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer 
add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
 2022-06-27 12:34:00 -07:00
David Garske 456e463640
Merge pull request #5283 from SparkiDev/sp_arm32_asm_rework 
SP ASM ARM32: reworked generation using common asm ruby code
 2022-06-27 09:17:20 -07:00
David Garske b84b808b1b
Merge pull request #5167 from ejohnstown/cac-ext 
Add support for some FPKI certificate cases, UUID, FASC-N, PIV extension
 2022-06-27 09:06:15 -07:00
Sean Parkinson 999fa8394e SP ASM ARM32: reworked generation using common asm ruby code 
Add support for ARMv6 and ARMv3.
 2022-06-27 11:19:50 +10:00
Daniel Pouzzner 9211825121 sp_int.c: fix refactor of undefined-semantics shift in _sp_mul(). 2022-06-24 18:04:51 -05:00
Jacob Barthelmeh 49740c5543 initialize variables 2022-06-24 15:21:20 -06:00
Daniel Pouzzner 047c662af8 fix math errors unmasked by change to sp-math-all as default math back end. 2022-06-24 15:56:54 -05:00
Jacob Barthelmeh 1977a13754 improve comment for FPKI additions 2022-06-24 12:04:26 -06:00
David Garske 00b82888bc
Merge pull request #4759 from dgarske/sp_math_default 
Enable wolfSSL SP Math all (sp_int.c) by default
 2022-06-23 16:14:54 -07:00
JacobBarthelmeh 4de90efbe2 clear out PKEY when setting new key 2022-06-23 14:21:53 -07:00
Jacob Barthelmeh 79ea30a957 memory free on failure, spelling, better function name 2022-06-23 13:40:45 -06:00
David Garske 78d3284c3c Fix for FIPS 140-2 and older ACVP math selection. Fix for building with "--disable-sp-math-all --disable-fastmath". Fix for building SAKKE with `HAVE_WOLF_BIGINT`. 2022-06-23 11:10:44 -07:00
Sean Parkinson ee12c12e98 Fixes required to make SP Math default 
fasthugemath means turn on fastmath
Use sp_int_digit and not sp_digit in sp_int.c.
test.c needs to use large static buffer when SP Math used like fastmath.
When building static memroy, SP math all without WOLFSSL_SP_NO_MALLOC is
a valid configuration.
Fix freeing of bigint in sp_int.c.
Cast x to a signed value to negate and then back to unsigned. (For
Windows builds.)
Remove warning about empty file on Windows about integer.obj.
Allow RSA verify only and RSA public only to be used with other public
key algorithms.
If building for FIPS, then older versions of RSA and ECC require SP Math
to support negative numbers.
Get old FIPS files building with SP int.
Disallow --enable-sp-math and --enable-sp-math-all.
When just --enable-sp-math on configuration line then disable SP Math
all.
 2022-06-23 14:15:54 +10:00
Sean Parkinson 8d804f6378
Merge pull request #5260 from dgarske/sp_ecc_nb_hash 
Fix for SP math ECC non-blocking to always check `hashLen`
 2022-06-23 07:59:28 +10:00
David Garske 74d692d6d5 Fix for SP math ECC non-blocking to always check `hashLen`. ZD14141 2022-06-21 15:54:01 -07:00
Chris Conlon 9e1ecf3fb5
Merge pull request #5194 from TakayukiMatsuo/heaphint 2022-06-21 16:39:07 -06:00
Chris Conlon bd536d3c9d
Merge pull request #5229 from miyazakh/sce_example_update 2022-06-21 16:33:54 -06:00
Daniel Pouzzner 69ca1d37c0 fixes for defects identified by wolfssl-multi-test: whitespace, missing void in arg lists, and -Wunused-but-set-variable found by clang-15 (prerelease). 2022-06-20 10:54:55 -05:00
Sean Parkinson 59e19cfd6c
Merge pull request #5258 from dgarske/stm32u5_bench 
Fixes for STM32 Hash/PKA and additional benchmark
 2022-06-20 08:33:25 +10:00
David Garske 390908bccc
Merge pull request #5236 from SparkiDev/mem_zero 
Check memory is zeroized
 2022-06-17 12:01:34 -07:00
David Garske 92fcea39db Fix for DES3 with STM32 and `STM32_CRYPTO_AES_ONLY` (broken in #5223) . Add U5 PKA support and benchmarks. Fix MD5 with `OPENSSL_EXTRA` and `HAVE_MD5_CUST_API`. 2022-06-17 11:50:29 -07:00
David Garske 9c5821569f For STM32 hashing to wait for hash done on block size + 1 word. Updated the STM32U5 benchmarks. Added note about new GCM_TABLE_4BIT. 2022-06-17 09:07:45 -07:00
David Garske e34dda9383 Fix to expose the RSA public DER export function with certgen. The core function `SetRsaPublicKey` was being compiled, but the wrappers `wc_RsaKeyToPublicDer` and `wc_RsaKeyToPublicDer_ex` were not included. 2022-06-16 16:36:17 -07:00
Hideki Miyazaki fe8169c830
Add multi thread use case for RA6M4 
fix devId conflict while using multi threads

update README

Fix TSIP examples bcause of updating user context
 2022-06-17 07:44:12 +09:00
Sean Parkinson 2834c22ce0
Merge pull request #5204 from lealem47/basicConst 
Encoding the X509 Basic Constraint when CA:FALSE
 2022-06-17 08:33:57 +10:00
David Garske 8c0157c035
Merge pull request #5253 from rizlik/clang_uninit 
kdf: fix clang uninitialized.Assign
 2022-06-16 11:06:43 -07:00
John Safranek 8f7db87f01
Merge pull request #5249 from dgarske/rsa_ifc 
Cleanup the RSA consistency check
 2022-06-16 09:14:08 -07:00
Lealem Amedie 5e63740c6c Ensuring that X509 Basic Constraint is set when CA:FALSE 2022-06-16 08:46:52 -07:00
Marco Oliverio 621f4f14af kdf: fix clang uninitialized.Assign 
commit f1ce0cc95d tigger static analyzer warnings
about unitialized assign.
 2022-06-16 13:55:46 +02:00
David Garske 6d2a41b9fd Enable wolfSSL SP Math all (sp_int.c) by default. If `--enable-fastmath` or `USE_FAST_MATH` is set the older `tfm.c` fast math will be used. To use the old `integer.c` heap math use `--enable-heapmath` or `USE_INTEGER_HEAP_MATH`. 2022-06-16 10:57:30 +10:00
Sean Parkinson 8145ee6cef TFM: mp_exptmod_ex didn't handle exceptional cases 
fp_exptmod_ex() changed to match execptional case handling in
fp_exptmod().
 2022-06-16 10:47:00 +10:00
Sean Parkinson 1b29f7353a Check memory is zeroized 
Add a define WOLFSSL_CHECK_MEM_ZERO to turn on code that checks that
memory that must be zeroized before going out of use is zero.
Everytime sensitive data is put into a allocated buffer or stack buffer;
the address, its length and a name is stored to be checked later.
Where the stack buffer is about to go out of use, a call is added to
check that the required parts are zero.

wc_MemZero_Add() adds an address with length and name to a table of
addressed to be checked later.
wc_MemZero_Check() checks that the memory associated with the address is
zeroized where required.
mp_memzero_add() adds mp_int's data pointer with length and name to
table.
mp_memzero_check() checks that the data pointer is zeroized where
required.

Freeing memory will check the address. The length was prepended on
allocation.
Realloction was changed for WOLFSSL_CHECK_MEM_ZERO to perform an
allocate, check, copy, free.
 2022-06-16 10:22:32 +10:00
David Garske 7e1549c684 Cleanup the RSA consistency check. Should only be enabled for FIPS v2 (3389), FIPS v5 or later. Can be forcefully enabled for non-FIPS using `WOLFSSL_RSA_KEY_CHECK`. The existing `WOLFSSL_NO_RSA_KEY_CHECK` macro will also disable it. This change was introduced in PR #4359. 2022-06-15 14:46:23 -07:00
David Garske fb704774a0
Merge pull request #4907 from rizlik/dtls13 
DTLSv1.3 support
 2022-06-15 13:57:02 -07:00
David Garske dab0d5a7b0
Merge pull request #5240 from SparkiDev/sp_armv6 
SP ARM32: support for arch with no ldrd/strd and clz
 2022-06-15 11:28:30 -07:00
Marco Oliverio 9d22e11776 misc.c: introduce w64wrapper to handle 64bit numbers 
as word64 is not always available, introduce an abstract type and companion
operations. They use a word64 if available and fallback on word32[2] otherwise.
 2022-06-15 10:46:42 -07:00
Sean Parkinson e073500e8e SP ARM32 ASM: Improve performance of P-256 mont mul/sqr 2022-06-15 16:39:13 +10:00
Sean Parkinson af4fff80db SP ARM32: support for arch with no ldrd/strd and clz 
Defined WOLFSSL_SP_ARM_ARCH to be less than 7 to use alternative
instructions.
 2022-06-15 12:07:49 +10:00
Sean Parkinson f1ce0cc95d Memory zeroization fixes 
Zeroize secrets in stack buffers and allocated memory.
mp_forcezero to ensure private MP integers are zeroized.
Fix whitespace and add some comments.
 2022-06-15 11:26:11 +10:00
Sean Parkinson ed5470c991
Merge pull request #5239 from dgarske/asn_decode_ext 
Fix for ASN template parsing of extended key usage
 2022-06-15 09:29:44 +10:00
David Garske ed6c9639d6
Merge pull request #5243 from douzzer/20220614-multi-test-fixups 
20220614-multi-test-fixups
 2022-06-14 16:11:44 -07:00
Daniel Pouzzner f414e65d4b linuxkm: eliminate duplicative WOLFSSL_KTHREADS macro (just use WOLFSSL_LINUXKM). 2022-06-14 12:45:30 -05:00
David Garske 7a25b9cd85
Merge pull request #5241 from SparkiDev/wycheproof_sp_arm64_asm 
SP ASM: fixes for Wycheproof tests
 2022-06-14 09:08:15 -07:00
David Garske fb10c90935 Fix for Cube HAL v2 back-to-back DES/DES3. Whitespace. Enable the new FIFO 16 block logic for all hardware that supports it. 2022-06-14 11:48:51 +02:00
David Garske c52c2e5dfb Fixes for STM32H7 hash and crypto. 2022-06-14 11:48:51 +02:00
David Garske ad3f7e1de2 The STM32U5 does not support DES3 or AES 192-bit (only 128/256 bit) 2022-06-14 11:48:51 +02:00