589057245f
Improvement to ECC `wc_ecc_rs_raw_to_sig` to reduce memory use (avoid the mp_int). Additional test cases. Fixes for previous function changes.
2020-10-23 11:00:46 -07:00
a7b325f542
Merge pull request #3414 from kabuobeid/wolfrand_build_fix
...
Fix wolfrand build failure.
2020-10-22 22:54:05 -07:00
42583b5270
Fix wolfrand build failure, caused by defining NO_ASN without NO_CERTS.
2020-10-22 14:48:37 -07:00
c910c94824
rename API wc_XChaCha20Poly1305_{encrypt,decrypt}_oneshot to wc_XChaCha20Poly1305_{Encrypt,Decrypt} for consistency; remove stray debugging printf in XChaCha20Poly1305_test().
2020-10-21 14:36:46 -05:00
99b76241bd
wolfcrypt/test/test.c: remove debugging printf in XChaCha20Poly1305_test().
2020-10-21 14:08:41 -05:00
f65947ae09
rename wc_XChaCha_init() to wc_XChacha_SetKey() for consistency, and add a counter argument to provide for future random access scenarios; refactor wc_Chacha_purge_current_block() to use a dummy wc_Chacha_Process() call for intrinsically correct counter dynamics.
2020-10-21 14:08:41 -05:00
6142c22948
add wc_XChaCha_init(), wc_XChaCha20Poly1305_Init(), wc_XChaCha20Poly1305_encrypt_oneshot(), wc_XChaCha20Poly1305_decrypt_oneshot(), and wc_Poly1305_EncodeSizes64(). also, remove redundant arg check (typo) in wc_Poly1305Update().
2020-10-21 14:08:41 -05:00
7c38be407c
Merge pull request #3398 from dgarske/async_test
...
Fixes for `--enable-asynccrypt` tests
2020-10-20 15:13:51 -07:00
fbd98be7af
Fixes for `--enable-asynccrypt` tests after PR #3244 .
2020-10-16 15:55:17 -07:00
4364700c01
DH Fix
...
These changes fix several fuzz testing reports. (ZD 11088 and ZD 11101)
1. In GetDhPublicKey(), the DH Pubkey is owned by the SSL session. It
doesn't need to be in the check for weOwnDh before freeing. There
could be a chance it leaks.
2. In GeneratePublicDh() and GeneratePrivateDh(), the size of the
destination buffer should be stored at the location pointed to by the
size pointer. Check that before writing into the destination buffer.
3. Ensure the size of the private and public key values are in the size
value before generating or getting the DH keys.
2020-10-16 15:35:23 -07:00
d4bbe529fb
switch RC2 struct name to Rc2 for consistent camel case across algorithms
2020-10-16 15:19:47 -06:00
a6923ff100
initial implementation of RC2-CBC
2020-10-16 12:02:16 -06:00
4c75037bdb
initial implementation of RC2-ECB
2020-10-16 12:00:56 -06:00
aeeeb666a7
Maintenance Fixes
...
1. The test_wolfSSL_X509V3_EXT_print() test was using stderr for output,
changed to stdout.
2. A call to XFREAD wasn't typecasting its output to the size of the
variable getting the output in decodedCertCache_test().
2020-10-09 15:01:32 -07:00
29d4de6307
fix pkcs7compressed_test() (test gated on HAVE_LIBZ), broken by PR#3244.
2020-10-09 12:42:14 -05:00
c69e9927fa
Merge pull request #3354 from SparkiDev/mac_arm_asm_2
...
ARM ASM ChaCha20: Fix calc of left over bytes
2020-10-08 14:49:33 -07:00
d9eaeb4a3b
Fix NTRU + QSH build
2020-10-08 09:13:00 -06:00
f76165a3fa
ARM ASM ChaCha20: Fix calc of left over bytes
2020-09-30 15:57:33 +10:00
dbf18b8532
Test ECC-521 Only
...
Update benchmark and wolfcrypt test to support using only ECC-521 in a custom curve list.
2020-09-28 09:22:24 -07:00
c798c7f396
DH EXTRA test: Disable DH test unless not FIPS or FIPS > 2
...
statickeys/dh-ffdhe2048.der is an alternate format that is supported
when WOLFSSL_DH_EXTRA is defined.
The decoding is not supported when FIPS and FIPS version is less than 3.
Fix test to not use file unless not FIPS or FIPS > 2.
2020-09-25 11:41:59 +10:00
62bbef2f2e
wolfcrypt/test/test.c: add missing gating for -DBENCH_EMBEDDED.
2020-09-23 18:32:16 -05:00
2609fa9aeb
test.c:rsa_test(): fix cpp gating for clearing of keypub buffer.
2020-09-23 18:32:16 -05:00
5f972d2ae6
test.c: now that sp math is fixed and working in linuxkm, reenable prime_test() for WOLFSSL_LINUXKM, and add a small stack refactor for it.
2020-09-23 18:32:16 -05:00
8f130f3642
test.c: tweaks to accommodate clang's belligerent -Wparentheses-equality.
2020-09-23 18:32:16 -05:00
447a238e8e
test.c: missed a _SMALL_STACK spot in rsa_ecc_certgen_test().
2020-09-23 18:32:16 -05:00
5bfb5a3a83
test.c: fix missed spot in rsa_certgen_test(), and do another _SMALL_STACK refactor of a missed object in rsa_ecc_certgen_test().
2020-09-23 18:32:16 -05:00
fdf87fe152
test.c: another missed spot.
2020-09-23 18:32:16 -05:00
ebca451c93
test.c: missed a spot -- inadvertently unused return value.
2020-09-23 18:32:16 -05:00
80961ea913
test.c:ecc_decode_test(): WOLFSSL_SMALL_STACK refactor
2020-09-23 18:32:16 -05:00
dbe0273bf4
test.c: additional WOLFSSL_SMALL_STACK refactoring, covering --enable-sp-math and various missed spots.
2020-09-23 18:32:16 -05:00
cd88a2c7df
wolfcrypt/test/test.c: when WOLFSSL_LINUXKM, don't do the large-malloc-incurring wc_scrypt()s in scrypt_test().
2020-09-23 18:32:16 -05:00
dc4b15a265
test.c: fix gating on heap deallocation in hc128_test() to match earlier tweak to gating on allocation.
2020-09-23 18:32:16 -05:00
b52d50d903
test.c: various improvements and fixes pursuant to dgarske's comments on PR #3244
2020-09-23 18:32:16 -05:00
a80b0c1982
test.c: don't exclude prime_test when -DOLD_PRIME_CHECK, but to exclude it when -DWOLFSSL_LINUXKM.
2020-09-23 18:32:16 -05:00
e8b69f8a6a
dh_test(): fix missing casts for XMALLOC().
2020-09-23 18:32:16 -05:00
f440089e92
dh_test(): fix typo (undersized dynamic buffers).
2020-09-23 18:32:16 -05:00
f106fea0d8
rsa_no_pad_test(): fix uninited pointer.
2020-09-23 18:32:16 -05:00
4ea8b46177
dh_test(): refactor remaining bare returns to ERROR_OUT().
2020-09-23 18:32:16 -05:00
2ee218761e
dh_test(): missed a spot in last commit.
2020-09-23 18:32:16 -05:00
ca1a991de5
wolfcrypt/test/test.c: fix an error-path leak in dh_test(), and deal with possible -Wdeclaration-after-statement for `XFILE file`.
2020-09-23 18:32:16 -05:00
a7381f8a48
test.c:rsa_test(): fix uninited pointer
2020-09-23 18:32:16 -05:00
426de2101a
more work on DECLARE_VAR -- proper handling of failed allocations. WIP.
2020-09-23 18:32:16 -05:00
9b7c753165
wolfssl/wolfcrypt/types.h: make DECLARE_VAR() et al use heap allocation not only when WOLFSSL_ASYNC_CRYPT but also when WOLFSSL_SMALL_STACK.
2020-09-23 18:32:15 -05:00
571bf897c4
wolfcrypt/test/test.c: stack->heap refactor for dh_test().
2020-09-23 18:32:15 -05:00
66b59bda9b
Fix for expected fail test in `openssl_test` for partial block. Fix for `mp_test` with ECC disabled, which uses `mp_init_copy`.
2020-09-23 18:32:15 -05:00
0f8cf32122
Fix for possible leak in `openssl_test` because EVP free not called with `WOLFSSL_SMALL_STACK_CACHE` (SHA256/SHA512). Added return code checking to the openssl_test in wolfCrypt test.
2020-09-23 18:32:15 -05:00
32e30d23c6
wolfcrypt/test/test.c: fix uninitialized values in aesofb_test().
2020-09-23 18:32:15 -05:00
f56c6d1d8f
wolfcrypt/test/test.c and wolfssl/test.h: implement DEBUG_STACK_SIZE_VERBOSE, measuring and reporting stack usage separately for each test. to use, ./configure --enable-stacksize && make CFLAGS+=-DDEBUG_STACK_SIZE_VERBOSE; also, remove a throwaway dev pragma that snuck into an earlier commit.
2020-09-23 18:32:15 -05:00
925afe3b74
cast XMALLOC() return values assiduously, for Visual Studio compatibility.
2020-09-23 18:32:15 -05:00
535822f4df
wolfcrypt/test/test.c: refactor for stack size and namespace control, allowing embedding of wolfcrypt_test() in kernel module.
2020-09-23 18:32:15 -05:00
8753b5b947
Merge pull request #3257 from kojo1/user-mutex
...
fix guard, user define mutex
2020-09-03 15:21:53 -07:00
a626ac39f2
Merge pull request #3253 from SparkiDev/chacha20_stream_fix
...
ChaCha20: Enable streaming with Intel x86_64 asm
2020-09-03 15:18:00 -07:00
54c8774103
ChaCha20: Enable streaming with Intel x86_64 asm
2020-08-31 09:06:51 +10:00
21d17b17d0
Fix typo in code comment for ECC curve cache. Fix for valgrind report of possible use of uninitialized value with ChaCha/Poly AEAD test.
2020-08-27 12:01:24 -07:00
6d5731b8e9
Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with `WOLFSSL_SMALL_STACK_CACHE`. Added return code checking and cleanup for `openssl_test`.
2020-08-26 09:45:26 -07:00
083f143c89
Fixes for warnings with minimum ECC build.
2020-08-21 15:47:02 -07:00
79c0fd3f29
Fix for ECC make key test not waiting for async completion.
2020-08-20 14:25:05 -07:00
0011b7b376
Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with `wc_DhKeyDecode` and `WOLFSSL_DH_EXTRA`. Fix leak in `dh_test` with new call to DH key import.
2020-08-20 14:25:05 -07:00
3f6861ee82
FIPS Ready Fix with ECC Timing Resistance
...
Commit 6467de5
2020-08-14 10:54:55 -07:00
6467de5a88
Randomize z ordinates in scalar mult when timing resistant
...
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
2020-08-11 16:12:47 +10:00
462f4f9e45
Merge pull request #3196 from cconlon/cavpmarvell
...
Add fips-check.sh target for marvell-linux-selftest, selftest v2 support
2020-08-06 10:45:03 -07:00
4a167c0f2c
Merge pull request #3119 from tmael/do178-fix
...
DO-178 fix
2020-08-05 16:30:00 -07:00
a536e8acd6
Merge pull request #3187 from SparkiDev/config_fix_1
...
Fixes for different configurations
2020-08-03 16:41:50 -07:00
bfb4b2079b
Merge pull request #3163 from dgarske/nrf52
...
Fixes for building against latest nRF52 SDK
2020-08-03 16:33:49 -07:00
d0969ea1ce
Fixes for different configurations
...
Fix SkipInt() to work with DSA.
Fix protection around SetBitString16Bit() - when WOLFSSL_CERT_GEN and
WOLFSSL_CERT_EXT defined is only use.
WOLFSSL_RSA_VERIFY_ONLY and PSS means testing of PSS won't work.
Fix g++ build around ASN1_SEQUENCE - const variable required to be
initialized.
2020-08-03 14:55:09 +10:00
776b1a2d17
Fix for ED25519 with user_settings.h. Fixes for build warnings. Fix spelling error. Added template for wolfBoot key/sign tools.
2020-07-31 15:17:53 -07:00
4cc7f9e4a9
Check correct returned value
2020-07-30 09:18:45 -07:00
c6b4fa3be3
add selftest version for newer 4.1.0 validation
2020-07-29 15:10:47 -06:00
9160a126e4
Fixes for running wolfCrypt test/benchmark with SECP256R1 disabled. Improved detection of ECC key generation size.
2020-07-28 11:43:48 -07:00
25fcd082d7
Improve the `mutex_test` test with pthreads. Fixes #3109
2020-07-28 08:19:32 -07:00
8417e0b725
Fixes for building against latest nRF52 SDK. Allow nRF5x AES GCM to be enabled (uses software, but ECB is accelerated). Fix in wolfCrypt test for building AES GSM only with `NO_AES_DECRYPT`.
2020-07-24 15:46:17 -07:00
e84defb268
Merge pull request #3044 from dgarske/sniffer_tls13
...
TLS v1.3 sniffer support
2020-07-24 11:46:38 -07:00
9268ae1397
Fix line length issues. Add debug msg in test to show number of non-blocking iterations.
...
```
$ ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" --enable-debug && make
$ ./wolfcrypt/test/testwolfcrypt
...
ECC non-block sign: 18063 times
ECC non-block verify: 35759 times
ECC test passed!
```
2020-07-21 10:41:25 -07:00
1b051d9c5b
TLS v1.3 sniffer support:
...
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
2020-07-17 15:22:35 -07:00
90ee12f51a
Added test case for ECC non-blocking. `./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" && make`.
2020-07-17 15:13:50 -07:00
890500c1b1
Fix Coverity
2020-07-08 08:20:43 -07:00
fd257ee8b9
fix guard
2020-07-03 05:42:44 +09:00
6b1a6309ce
Fixes for CryptoCell. Fix for signature wrapper signing to allow larger signing input buffer. Cleanup of some duplicate code. Fix for bad cryptocell ECC make key result check (-9628). Fixes #3059 . Thanks Sylwester.
2020-06-18 13:40:30 -07:00
248b8c9b62
Merge pull request #3057 from kaleb-himes/FIPSv2_plus_OPENSSLALL
...
Resolve issues with FIPSv2 when opensslall set
2020-06-18 10:12:06 -07:00
e2fb4c55b8
Resolve issues with FIPSv2 when opensslall set
2020-06-17 14:03:02 -06:00
6bb73fb25d
Fix ED448 calls to use context and correct variable name
...
Added basic test of OpenSSL compatability APIs:
- wolfSSL_ED25519_generate_key
- wolfSSL_ED25519_sign
- wolfSSL_ED25519_verify
- wolfSSL_ED2448_generate_key
- wolfSSL_ED448_sign
- wolfSSL_ED448_verify
2020-06-17 10:05:50 +10:00
29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix
...
Coverity fix in wolfSSL 4.4.0
2020-06-10 17:07:47 -07:00
e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on
...
Enable TLS v1.3 by default
2020-06-09 13:30:02 -07:00
d543e305f1
Fix optimized AES-CCM - counter
...
AES-NI optimized 4 block at a time was not incrementing counter
poprerly.
2020-06-08 10:48:19 +10:00
4d8cf5b571
Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF).
2020-06-04 15:31:18 -07:00
6176f8537f
Typecast to fix conversion loses
2020-06-02 22:06:14 -07:00
d5241bbcc6
Coverity fix
2020-06-02 15:35:27 -07:00
dc1472692a
Merge pull request #3011 from dgarske/nomalloc
...
Fixes for using static memory with no malloc
2020-06-02 11:46:29 -07:00
7ce7d244f8
Fix for using static memory AES GCM test.
2020-05-28 15:12:01 -07:00
896fcd9aec
add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions
2020-05-27 16:49:29 -06:00
d09b947478
update for test case and sha3
2020-05-19 19:27:38 -06:00
6a7a8fa5b7
updated RSA calls to Xilsecure
2020-05-19 19:27:21 -06:00
9efd9afdfb
fix minor IAR warnings in test.c
2020-05-19 14:12:13 -06:00
f894d4c0d2
FIPS on Solaris
2020-05-14 10:11:54 -07:00
9e68de0fb7
Add test certs for ASN_IP_TYPE
2020-05-07 11:52:49 +02:00
a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks
...
check on tag length for AES-CCM
2020-04-30 14:51:20 -07:00
c85a53c631
add macro guard for fips and selftest builds
2020-04-27 15:36:53 -06:00
1e726e19a4
Fix for XMALLOC cast.
2020-04-27 06:48:41 -07:00
cfc0aeb857
Fix for RSA and KeyGen only in test.c.
2020-04-24 08:56:31 -07:00
5fa7bb5b9f
Fix possible unused args.
2020-04-24 07:48:41 -07:00
28b686a8ca
* Exposed useful sizes `MAX_X509_HEADER_SZ` and `PEM_LINE_SZ`
...
* Refactor the PEM saving code in `test.c`, so its not using large 4K buffer and calculates based on DER.
* Enable ECC key generation test even without `WOLFSSL_KEY_GEN`.
* Added `ECC_KEYGEN_SIZE` macro for ECC key generation testing.
* Refactor ECC DER key generation to use `ECC_BUFSIZE`.
2020-04-23 16:11:54 -07:00
81f959336b
Added support for important private key DER using `wc_EccPublicKeyDecode`. Added ECC key generation and decode test case.
2020-04-23 16:07:43 -07:00
7318121d3a
Merge pull request #2915 from dgarske/async_v4.4.0
...
Fixes for async release v4.4.0
2020-04-23 09:26:08 -07:00
a064cb3943
Fix a couple of wolfCrypt test issues found during the long release build test.
2020-04-22 11:30:57 -07:00
36a556f927
Resolve issues with the openssl compatibility `CRYPTO_malloc` and `CRYPTO_free`.
2020-04-22 10:15:16 -07:00
61f3783111
Fixes to test.c for the following build configurations:
...
1. ./configure --disable-rsa --enable-certgen --enable-certreq
2. ./configure --disable-ecc --enable-pkcs7
2020-04-21 10:21:59 -07:00
231c488ddf
check on tag length for AES-CCM
2020-04-20 13:44:41 -06:00
0cfde0794b
Merge pull request #2848 from julek-wolfssl/wpa-supplicant-openssl-compat
...
Added partial support for wpa_supplicant, hostapd, and cjose:
2020-04-20 12:17:55 -06:00
6b3642db36
Fix forbidden iv length 0 with AES-GCM
2020-04-16 13:48:56 -05:00
36403c1dad
Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat
2020-04-15 16:55:03 +02:00
9c1b90170a
Merge pull request #2903 from SparkiDev/test_4096
...
Fix testing using 4096 bits keys and parameters
2020-04-14 09:25:00 -07:00
06c6e583c8
Merge pull request #2891 from julek-wolfssl/refactor-evp-functions
...
Move EVP functions to evp.c
2020-04-14 09:22:51 -07:00
20e669a65a
New API
...
Add `wc_ecc_import_point_der_ex` for correct importing DER ECC point and keep `wc_ecc_import_point_der` old functionality
2020-04-14 11:48:14 +02:00
9ced70edc1
Test fixes
...
Free `x509->key.pkey` in `FreeX509
Fix type conversions
Fix memory leaks and use of uninitialized memory
2020-04-14 11:45:32 +02:00
ba401c9bde
Fix testing using 4096 bits keys and parameters
...
RSA PKCS #1.5 padding for signing is not reliant on a random.
2020-04-14 12:03:51 +10:00
416f0775d3
Merge pull request #2900 from dgarske/sp_no_malloc
...
Added option to build SP small without malloc
2020-04-14 09:40:11 +10:00
1f5a7bffaa
Build fixes for `WOLFSSL_NO_MALLOC` in wolfCrypt test.
2020-04-13 07:39:06 -07:00
cf8459e518
Merge pull request #2892 from SparkiDev/cppcheck_fixes_4
...
Fixes from cppcheck
2020-04-09 16:01:11 -07:00
411aee6e05
Fixes from cppcheck
...
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
2020-04-08 09:46:22 +10:00
4c0ea10e45
Move EVP functions to evp.c
2020-04-07 22:36:50 +02:00
1831193c20
* Fixes for building ECC without ASN.
...
* Fix to expose `wc_ecc_import_private_key_ex` and its ability to import a private key even when `NO_ASN` is defined.
* Remove execute bit on CSharp files.
2020-04-03 10:55:31 -07:00
62a593e72e
Recognise Netscape Certificate Type extension
...
Checks the bit string is valid but doesn't store or use value.
(Some certificates have this extension as critical)
2020-03-19 12:43:03 +10:00
2c6eb7cb39
Add Curve448, X448, Ed448 implementations
2020-02-28 09:30:45 +10:00
b7d0b81443
Merge pull request #2818 from dgarske/rsa_sha3only
...
RSA with SHA-3 only and RSA 4096-bit tests
2020-02-27 12:44:29 -08:00
da882f3912
Added wolfCrypt RSA 4096-bit test support using `USE_CERT_BUFFERS_4096` build option (`./configure CFLAGS="-DUSE_CERT_BUFFERS_4096"`).
2020-02-23 18:40:13 -08:00
b74dac6171
Fix WIN test
2020-02-20 17:28:34 -06:00
b4563e6af3
Fix CFB and OFB
2020-02-20 17:28:34 -06:00
a64e1540ba
Adding EVP support for SHA3
2020-02-20 17:28:34 -06:00
a0ddb05a07
change evp with cfb1 expect input size in bytes
2020-02-20 17:28:33 -06:00
b67ade5164
account for cavp build
2020-02-20 17:28:33 -06:00
258382048d
Fix test failures
2020-02-20 17:28:33 -06:00
64dcf5740a
Fix for AES_XTS
2020-02-20 17:28:33 -06:00
d7c1b9561f
fix for cfb1 mode and add EVP tests
2020-02-20 17:28:33 -06:00
d6be24c4f7
add 192/256 key size tests of EVP cfb8
2020-02-20 17:28:33 -06:00
d4428ebc0c
add EVP cfb1 test and update some EVP code
2020-02-20 17:28:32 -06:00
887eeb3c47
add EVP tests for cfb128
2020-02-20 17:28:32 -06:00
9d61ba6c62
initial cfb1/cfb8 support added
2020-02-20 17:28:32 -06:00
9c4e0807e2
Adding EVP_aes_###_xts tests (not complete)
2020-02-20 17:28:32 -06:00
16ce670897
Revert "Testing aes_*_xts"
...
This reverts commit 776eeb756c70b052849323d7645622a3f1d2b76a.
2020-02-20 17:28:32 -06:00
3197d67e62
Testing aes_*_xts
2020-02-20 17:28:32 -06:00
df0d5f3b08
add EVP_aes_*_ofb implementation and tests, add support for inline with OFB
2020-02-20 17:28:32 -06:00
e837894578
add AES-OFB mode
2020-02-20 17:28:32 -06:00
fbedabe601
OpenSSH changes
...
- increase FP_MAX_BITS for OpenSSH
- Add helpful loggin API (names are self-explanatory)
-- wolfSSL_GetLoggingCb
-- WOLFSSL_IS_DEBUG_ON
- Define WOLFSSL_EC_METHOD as an alias of WOLFSSL_EC_GROUP
- Add wolfSSL_EC_GROUP_method_of which really just returns the group itself
- Add wolfSSL_EC_METHOD_get_field_type which gets the curve type of the WOLFSSL_EC_GROUP(remember that WOLFSSL_EC_METHOD is an alias of WOLFSSL_EC_GROUP for now)
- Modify Base64_Decode so that it accepts arbitrary PEM line length
- Modify PemToDer so that it accepts private keys with a custom -----BEGIN * PRIVATE KEY----- header
2020-02-18 21:37:06 +01:00
b29fe41a35
Merge pull request #2738 from SparkiDev/cppcheck_fixes_3
...
Changes to clear issues raised by cppcheck
2020-02-03 17:02:40 -07:00
55ea2facdd
Changes to clear issues raised by cppcheck
2020-01-30 14:24:32 +10:00
5677a96c80
Fixes to resolve `openssl_pkey1_test` with updated test buffer sizes.
2020-01-29 06:51:47 -08:00
5aabebddd8
Fix more 3072-bit cert buffer edge case builds (certext/certgen).
2020-01-29 06:43:35 -08:00
3f1c3392e5
Fixes for build with opensslextra and 3072-bit cert buffers. Adds 3072-bit RSA public key der. Eliminates duplicate 3072-bit client cert/key.
2020-01-29 06:37:06 -08:00
945d34533c
Merge pull request #2727 from JacobBarthelmeh/Windows
...
update to ECC key parsing custom curves for Windows
2020-01-23 13:57:06 -08:00
b022b651b3
wolfCrypt test fixes for hard coded "256" byte buffers to support 3072-bit RSA. Requires PR #2755
2020-01-22 10:04:53 -08:00
e3e862c8b6
Test case fixes for sig wrapper test and DH.
2020-01-21 22:25:11 -08:00
4d9dbc9ec3
Adds 3072-bit RSA tests using `USE_CERT_BUFFERS_3072`.
2020-01-21 22:16:54 -08:00
66daac4c94
Merge pull request #2709 from JacobBarthelmeh/Testing
...
set chacha20 similar to aes-ctr when handling leftover stream and add…
2020-01-17 15:05:24 -08:00
989f3d3684
Fix for FREE_VAR call on `sharedA`.
2020-01-14 14:35:20 -08:00
22f49d8597
Fixes for building with ECC sign/verify only.
2020-01-13 15:35:08 -08:00
8974827fbe
Added `WOLFSSL_ECC_CURVE_STATIC` build option to allow using fixed arrays for ECC parameters. This is enabled by default on Windows. Fixed several compiler warnings. Fixed build macro for `key->deallocSet`.
2020-01-13 07:15:17 -08:00
6b4551c012
Merge pull request #2654 from cariepointer/qt-512-513
...
Add Qt 5.12 and 5.13 support
2020-01-10 17:34:23 -07:00
99d657af4f
adjust test cases
2020-01-10 10:31:56 -07:00
0c25588ad1
adjust TEST_SMALL_CHACHA_CHUNKS size and add more tests
2020-01-09 17:13:57 -07:00
51f44cb09b
Merge pull request #2719 from dgarske/nxp_k64_mmcau
...
Fixes for NXP K64
2020-01-09 14:57:11 -08:00
99045a2fea
Merge pull request #2723 from SparkiDev/rsa_vfy_only_fix
...
Rsa vfy only fix
2020-01-09 14:55:10 -08:00
11a0b117f8
Merge pull request #2706 from dgarske/chapoly_aead_iuf
...
New API's for ChaCha20/Poly1305 AEAD init/update/final
2020-01-09 14:49:26 -08:00
b27ec58d20
Fix RSA verify only build
2020-01-08 10:18:37 +10:00
acfe9717f8
Fix for K64 MMCAU with `WOLFSSL_SMALL_STACK_CACHE`. Moved random test prior to cipher tests (was getting called first time in GMAC test).
2020-01-07 05:39:17 -08:00
d68d5229e1
Refactor `wc_ChaCha20Poly1305_Encrypt` and `wc_ChaCha20Poly1305_Decrypt` to use the new `ChaChaPoly_Aead` context and init/update/final functions.
2020-01-06 17:07:09 -08:00
45c5a2d39c
update copyright to 2020
2020-01-03 15:06:03 -08:00
bff6dcec24
Added support for AAD calc only. Allows Init, UpdateAad and Final sequence. Verfied again with customer test cases.
2019-12-31 08:25:23 -08:00
f01999b322
Peer review feedback.
2019-12-31 08:08:33 -08:00
b901a2cd35
Use `byte` for bit-field. Line length cleanup.
2019-12-30 18:05:25 -08:00
1ee9d182cf
New API's for ChaCha20/Poly1305 AEAD init/update/final:
...
* Provides a context for AEAD to allow "chunked" updates of data then a final calculation for the authentication tag.
* New API's are on by default and can be disabled using NO_CHACHAPOLY_AEAD_IUF.
2019-12-30 15:20:55 -08:00
deac82c8ed
Merge pull request #2683 from dgarske/various_items
...
Various cleanups and fixes
2019-12-27 13:53:39 -08:00
95daec5326
Merge pull request #2633 from tmael/cc_310
...
Update Cryptocell readme
2019-12-27 12:58:19 -08:00
78fa84be00
Merge pull request #2649 from SparkiDev/rsa_pubonly
...
Fix RSA public key only builds
2019-12-27 12:55:34 -08:00
dd28f26c44
Merge pull request #2699 from JacobBarthelmeh/Testing
...
big endian changes
2019-12-27 12:52:30 -08:00
b83804cb9d
Correct misspellings and typos from codespell tool
2019-12-24 12:29:33 -06:00
ca59bc2d16
big endian changes
2019-12-23 12:33:59 -07:00
6922d7031c
Merge pull request #2685 from embhorn/coverity_fixes
...
Coverity fixes
2019-12-18 14:06:48 -08:00
22f0b145d3
Various cleanups and fixes:
...
* Fix for key gen macro name in benchmark.c
* Fix for possible RSA fall-through warning.
* Fix for building `WOLFSSL_STM32_PKA` without `HAVE_ECC`.
* Added option to build RSA keygen without the DER to PEM using `WOLFSSL_NO_DER_TO_PEM`.
* Added options.h includes for test.c and benchmark.c.
* Added printf warning on the math size mismatch in test.c.
* Added support for benchmarking larger sizes.
* TLS benchmarks for HiFive unleashed.
2019-12-18 07:09:26 -08:00
69a0c1155f
Review comment
2019-12-17 17:36:38 -08:00
af5c98a6a8
Fixes in wolfCrypt test
2019-12-16 10:22:42 -06:00
f2115b2c2b
Merge pull request #2652 from ejohnstown/maintenance-error
...
Maintenance: Error Strings
2019-12-13 15:03:32 -08:00
8450c4ae39
Merge pull request #2643 from ejohnstown/maintenance-prime
...
Maintentance: Prime
2019-12-06 18:50:51 -08:00
ee13dfd878
Add Qt 5.12 and 5.13 support
...
Co-Authored-By: aaronjense <aaron@wolfssl.com>
Co-Authored-By: MJSPollard <mpollard@wolfssl.com>
Co-Authored-By: Quinn Miller <quinnmiller1997@users.noreply.github.com>
Co-Authored-By: Tim Parrish <timparrish@users.noreply.github.com>
2019-12-06 14:27:01 -07:00
19a4371d48
Maintenance: Error Strings
...
1. One of the error string was >80 bytes long. Shortened it.
2. The function that copies an error string to an output array needs to
ensure the string is still null terminated.
3. Added a check to the wolfCrypt test to see that error strings aren't
>= 80 bytes long.
2019-12-06 09:53:39 -08:00
2528121925
Fix RSA public key only builds
...
Client side only and no client auth
2019-12-06 20:42:27 +10:00
bd8a612d6c
Merge pull request #2624 from ejohnstown/maintenance-ASN1
...
Maintenance: ASN.1
2019-12-05 16:16:42 -08:00
6d40c20f2c
Merge pull request #2609 from JacobBarthelmeh/Compatibility-Layer
...
Fix for EVP CipherUpdate decrypt and add test case
2019-12-05 16:12:26 -08:00
2c0fda4168
Maintentance: Prime
...
1. Revisited the option enables around the wolfCrypt prime test. Added a
check for key generation to the check for public MP.
2019-12-05 12:23:42 -08:00
4f8a37ef7b
Remove wc_RsaSSL_VerifyInline from Cryptocell
2019-12-05 10:40:21 -08:00
44fc3e14b1
Maintenance: ASN.1
...
1. Fix some preprocessor flag checking for function EncodePolicyOID. It
also needs to be available for OpenSSL Compatibility.
2. Fix for a name string for a test that can get left in or out
incorrectly.
2019-12-04 10:26:37 -08:00
e1ebb39296
Merge pull request #2618 from ejohnstown/maintenance-prime
...
Maintenance: Prime
2019-11-27 14:06:23 -08:00
ff85cc7740
Merge pull request #2622 from SparkiDev/ber_to_der_rework
...
Rework BER to DER to not be recursive
2019-11-27 14:05:36 -08:00
776f4af7f6
Rework BER to DER to not be recursive
2019-11-27 10:20:32 +10:00
55540c6bd3
Replace a compile option check around some filenames for certificate testing.
2019-11-25 16:13:01 -08:00
3432a8a1fc
Maintenance: Prime
...
1. Prime test should return NO for 1. (ex function, normal math and fast
math)
2. Call mp_init() on the k value for the primality test case in the
wolfCrypt test.
2019-11-22 13:02:59 -08:00
481da3dcc1
Maintenance: Prime
...
1. Added a test case for checking "1" as a prime number to the wolfCrypt
test.
2. Allow the wolfCrypt prime test for SP builds.
3. Modify the prime test to use mp_mul rather than mp_mul_d, as the SP
math library doesn't export sp_mul_d.
2019-11-22 11:39:19 -08:00
ffb3dfd6ec
Fixes for minor test.c build configuration issues.
2019-11-22 07:01:10 -08:00
1eb1755f07
add another evp decrypt test case
2019-11-20 12:29:22 -07:00
1ba366920c
Merge pull request #2581 from SparkiDev/ecc_fixes_add
...
Add deterministic ECDSA sig gen. Fix corner cases for add point.
2019-11-20 09:12:28 -08:00
5de27443d0
Merge pull request #2596 from dgarske/mqx_fio_cleanup
...
Support for MQX 5.0 and cleanup of the MQX includes
2019-11-19 11:49:03 -08:00
c6dac64438
Merge pull request #2594 from ejohnstown/maintenance-BLAKE2
...
Maintenance BLAKE2
2019-11-18 17:05:01 -08:00
1542482cd5
Cleanup of the MQX file headers for STDIO. Cleanup of fio.h and nio.h includes to use wc_port.h. ZD 9453.
2019-11-18 12:14:34 -08:00
b780982aa4
Adds "devId" crypto device and "heap" context for Hash wrappers and PBKDF
...
* Adds new hash wrapper init `wc_HashInit_ex`.
* Adds new PBKDF2 API `wc_PBKDF2_ex`.
ZD 9494 (using PBKDF2)
2019-11-18 11:26:56 -08:00
14c986360d
Maintenance BLAKE2
...
1. Remove BLAKE2 support from HMAC.
2. Update doxy header for HMAC with removal of BLAKE2 and addition of SHA-3.
2019-11-18 10:45:30 -08:00
cc880e39ae
Add deterministic ECDSA sig gen. Fix corner cases for add point.
...
In verify, two points are added and they may either be the same point
(different z) or result in infinity.
If they are the same point then a double needs to be performed instead.
Detection of infinity added.
Calculation of wc_ecc_sig_size fixed to handle wehn there are more bits
in the order than in the modulus.
2019-11-14 12:49:45 +10:00
76e7e7349b
Merge pull request #2575 from tmael/valgrind_dhtest
...
Fix memory leak in dh_test
2019-11-13 11:28:04 -08:00
46bc8e092a
Merge pull request #2582 from ejohnstown/abi-current
...
ABI
2019-11-13 11:24:45 -08:00
682cf6deac
wolfSSL ABI
...
Hide the RNG and ecc_key allocators from FIPS mode builds.
2019-11-11 15:16:39 -08:00
68e4014c3f
memset DhKeys
2019-11-11 09:43:10 -08:00
99ee4a407d
Fix mem leak for valgrind
2019-11-08 12:09:46 -08:00
c69b6fb6d1
wolfSSL ABI
...
1. Add a blank #define WOLFSSL_ABI to tag functions as part of the ABI
to remind developers there are rules about those functions specifically.
2. Added allocators and deallocators for WC_RNG objects and ecc_key
objects so they don't have to be used on the stack.
3. Add tests for the new allocators.
2019-11-07 13:03:12 -08:00
0fe5d40507
Merge pull request #2568 from aaronjense/iar-build-fix
...
Fix changed sign warning for IAR build
2019-11-06 15:47:15 -08:00
ba34b0d09f
Merge pull request #2547 from SparkiDev/rsa_pss_salt_len
...
Compile options for larger salt lengths in RSA-PSS
2019-11-06 13:03:15 -08:00
ea77cd743e
Fix changed sign warning for IAR build
2019-11-06 09:59:31 -08:00
35ec2bc6d4
Compile options for larger salt lengths in RSA-PSS
...
Salt length larger than the hash size allowed in RSA-PSS.
Passing -2 to PSS pad function uses maximum salt length.
Passing -2 to PSS un-pad function makes it discover salt length.
2019-11-04 14:27:02 +10:00
7623777857
Add scrypt API that takes iterations rather than cost
...
iterations = 1 << cost but matches APIs in other products and standard
2019-11-01 10:15:42 +10:00
6bc16a4acb
Merge pull request #2532 from aaronjense/mp-public-defines
...
Fix for configure used in wolfssl-examples/signature/rsa_vfy_only.…
2019-10-29 08:46:03 -07:00
140796d2aa
Merge pull request #2504 from ejohnstown/sync-octeon
...
Synchronous OCTEON Sniffer Support
2019-10-28 12:25:57 -07:00
34c37c58f4
Fixes for configure used in wolfssl-examples/signature/rsa_vfy_only and fix for wrong WOLFSSL_MP_PUBLIC defines.
...
./configure CFLAGS=-DWOLFSSL_PUBLIC_MP --disable-asn --disable-filesystem --enable-static --enable-shared --enable-cryptonly --enable-sp=smallrsa2048 --enable-sp-math --disable-dh --disable-ecc --disable-sha224 --enable-rsavfy
2019-10-28 09:50:59 -06:00
b80b10b980
Merge pull request #2498 from danielinux/stm32wb55
...
Support for STM32_PKA accelerator
2019-10-24 15:41:08 -07:00
025754e774
Fixed alignment/padding for hash. ECC tests passing on target.
2019-10-24 20:32:47 +02:00
17f44d4d29
OCTEON Sync
...
1. Add attributes to the OCTEON functions so they aren't optimized.
2. Disable the same test cases for OCTEON as we do QAT in sync.
2019-10-24 10:00:20 -07:00
b8f4b1a712
QAT Header Hiding
...
For the sync QAT, the QAT headers are included into the library after it
has been built and is being used. The actual headers should only be used
when building wolfSSL and should be hidden from the user.
1. Most of the functions in the sync QAT and OCTEON headers don't need
to be exported. Move all of that into the source files. Only export the
init and deinit functions.
2. Remove inline from the OCTEON support functions.
3. Remove the AES-ECB files for sync OCTEON as unused.
4. Configure defaults to OCTEON2 build, can be overridden with variable.
2019-10-23 09:58:11 -07:00
1ad23334bf
Sync Sniffer API Cleanup
...
1. Switched the IntelQa sync API back to local.
2. Added two functions to setup and cleanup the IntelQA device.
3. Changed the Octeon functions to match the IntelQa functions.
4. Updated sniffer, wolfcryptest, and benchmark.
2019-10-23 09:58:11 -07:00
54f0b1a44a
Sync QAT Fixes
...
1. The QAT callback's worker functions need to copy the IV into the AES IV register. QAT doesn't update it automatically.
2. Update the GMAC test to set its device to INVALID_DEVID.
3. Always allocate NUMA buffers before running crypto operation and store the results.
4. The QAT does not like non-multiple of 4 iv lenths, and aad lengths. Or 0. Remove a few test cases for those.
5. QAT wasn't getting a pointer to store the auth tag for GCM. Then store it.
2019-10-23 09:58:11 -07:00
825f311959
add OCTEON and QAT to wolfCrypt test, update SHA-1 to reset ret when it will do the software sha
2019-10-23 09:58:10 -07:00
09a0859865
fix for fortress and no sha build with encrypted keys
2019-10-21 09:37:24 -06:00
5c07391f1b
Various fixes for asynchronous mode:
...
* Fix for AES CBC issue with IV (QAT only).
* Fix for test cases with QAT.
* Remove poorly placed debug for AES CFB.
2019-10-15 11:18:55 -07:00
d7fe000cfe
M68K (coldfire MCF5441X) wolfcrypt build and examples
...
fix for make dist and cleanup makefile
add aes file to Makefile
macro guards and entropy warning
add AES to build
2019-10-11 14:56:34 -06:00
901ee627fc
Fixes from using cppcheck tool
...
Various fixes for uninitialized variable use.
sniffer.c: close file when seek fails
tls.c: fix QSH_GET_SIZE macro
wolfio.c: uIPGenerateCookie: use the parameter, _ctx, instead of self
referencing.
wolfssl_adds.c: check for equivalent to XBADFILE to indicate error.
SP: change right shift of signed value to unsigned
sp_int.h: define 128-bit types
types.h: change a XMALLOC define to not use (,,) - cppcheck doesn't like
it and is unnecessary.
2019-10-01 09:22:00 +10:00
b92509144b
Merge pull request #2475 from dgarske/qat_key
...
Fixes and improvements for async
2019-09-20 10:44:33 -07:00
33a83cdba0
Merge pull request #2436 from miyazakh/Renesas_TSIP_Port
...
Support renesas tsip
2019-09-19 14:44:33 -06:00
2dbf3f81fc
Merge pull request #2474 from SparkiDev/sp_int_prime
...
Add support for prime checking to sp_int.c
2019-09-19 13:44:22 -07:00
6aecdf59c1
Fixes for async build and tests.
2019-09-19 12:30:05 -07:00
5c6f6fdb7d
Renesas TSIP Support
...
merged from private repo
removed unneccessary #include
make line as 80 characters
added simple tls server
Disable TLS-linked API use when being SERVER SIDE, still use certificate verify API
Added utility tools, generate signature arrays etc
added vars to store tsip hmac keys
fix build failure when disabling dc_printf
2019-09-19 11:18:52 +09:00
0bc16d47e2
Add support for prime checking to sp_int.c
...
This allows SP to support:
- DH parameter checking
- DH parameter generation
- RSA key generation
Improved performance of sp_mod operation.
Reworked some functions to have one exit point (return statement).
Fixed sp_sub_d().
Changed tests to perform 2048-bit RSA key generation only when using SP
math.
Fixed Intel x86_64 C file to not have DH specific functions available
unless WOLFSSL_HAVE_SP_DH is defined.
Fixed tfm to return an error when t is not the correct size in
fp_isprime_ex().
2019-09-19 09:08:15 +10:00
82d531562c
Fixed build warnings due to esp-idf update
...
Fixed server application TLS communicatio failure
2019-09-09 08:25:02 +09:00
b19e785c2c
Merge pull request #2418 from dgarske/sha3_keccak256
...
Added support for older KECCAK256
2019-09-03 15:42:05 -07:00
492ce6ac91
Merge pull request #2414 from dgarske/pkcs8_asn1
...
Added support for loading a PKCS8 ASN.1 formatted private key
2019-09-03 15:36:31 -07:00
2ba6c66d44
Fix ECC key load test
...
When using the configure options '--enable-certgen --enable-certext CPPFLAGS=-DWOLFSSL_VALIDATE_ECC_IMPORT', the ecc_decode_test() will fail the "good" test case. It is using the point (1, 1) in the test, and that fails the key validation. Changed the good key to one of the keys we have in the certs directory. The additional validation checks that the point is on the curve, and is validated in FIPS mode.
2019-08-22 14:18:59 -07:00
154930d128
Added support for older KECCAK256 used by Ethereum. Uses existing hash flag API's.
...
To use add build flag `CFLAGS="-DWOLFSSL_HASH_FLAGS"`.
Example:
```c
wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256);
```
2019-08-20 16:14:37 -07:00
24bfea1ad2
Fixes for various build options (!NO_RSA, HAVE_ECC, NO_PKCS8, NO_PKCS12). Added new `NO_CHECK_PRIVATE_KEY` to allow reduce code size when not required.
2019-08-20 10:38:08 -07:00
3e1c103c78
Added support for loading a PKCS8 ASN.1 formatted private key (not encrypted).
2019-08-16 16:09:00 -07:00
2a22179068
Specialized mod exponentiation for base 2 in tfm.c and integer.c
2019-08-02 15:50:08 +10:00
4f0fd2c2f9
Merge pull request #2302 from SparkiDev/ecc_pubkey_check
...
Add checks of public key for ECC and curve25519
2019-08-01 11:50:02 -07:00
d4ab1c7e86
Merge pull request #2383 from SparkiDev/sp_dh_2
...
Special implementation of mod exp when base is 2 in SP
2019-07-30 16:02:38 -07:00
e3653a7a07
Various spelling corrections.
2019-07-29 08:14:07 -07:00
23af4e92f3
Special implementation of mod exp when base is 2 in SP
2019-07-29 12:58:07 +10:00
4778dac49f
Add checks of public key for ECC and curve25519
2019-07-29 10:42:44 +10:00
7e79e3a6bf
fix for build with disable filesystem
2019-07-17 16:28:58 -06:00
David Garske
John Safranek
Kareem Abuobeid
Daniel Pouzzner
toddouska
Chris Conlon
kaleb-himes
Sean Parkinson
Tesfa Mael
Takashi Kojo
JacobBarthelmeh
Juliusz Sosinowicz
Eric Blankenhorn
Carie Pointer
Aaron Jense
Daniele Lacamera
Hideki Miyazaki