WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
18,226 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

6761 Commits (cec6341e23a3c4bde26ccd7153365c82b1223031)

Author SHA1 Message Date
TakayukiMatsuo c7de58ebaf Add code to fallback to S/W if TSIP cannot handle 2022-09-15 11:16:37 +09:00
Sean Parkinson ad39e8f77d Kyber: fix OQS memory leak 2022-09-15 09:18:47 +10:00
JacobBarthelmeh 3cafde2519
Merge pull request #5589 from SparkiDev/sp_mac_m1_asm 
SP; Mac M1 failure fix
 2022-09-13 16:35:57 -06:00
Eric Blankenhorn 1a0073b558 Add WOLFSSL_ATECC_TFLXTLS for Atmel port 2022-09-13 11:04:58 -05:00
Sean Parkinson 62c415fd50 Kyber: fixes 
Don't define WOLFSSL_HAVE_KYBER unless configured.
Only compile code in ext_kyber.c when WOLFSSL_HAVE_KYBER defined.
Include config.h and settings in ext_kyber.c. This allowed
HAVE_VISIBILITY to be defined.
Cleanup kyber.h.
 2022-09-13 10:07:28 -04:00
Anthony Hu bcf4dbe697 Changes inspired by Feedback from Sean. 
Define WOLFSSL_HAVE_KYBER when HAVE_LIBOQS is defined.
Fix some misleading debug output.
Fix benchmarking logic.
 2022-09-13 10:07:28 -04:00
Anthony Hu a2635be9e6 wolfCrypt support for external Kyber implementations (liboqs and pqm4) 2022-09-13 10:07:28 -04:00
Sean Parkinson 8c1e2c52e7 Kyber: Add option to build Kyber API 
wolfSSL Kyber implementation not included.
Added tests and benchmarking.
 2022-09-13 10:07:27 -04:00
Sean Parkinson 38418b31f1
Merge pull request #5197 from JacobBarthelmeh/OCSP 
RSA-PSS with OCSP and add simple OCSP response der verify test case
 2022-09-13 15:10:00 +10:00
Sean Parkinson 99d60a0781 SP; Mac M1 failure fix 
Give the compiler a hint that mask needs special attention.
 2022-09-13 13:54:06 +10:00
JacobBarthelmeh e867f0d312
Merge pull request #5574 from haydenroche5/ecc_nb_tls 
Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer.
 2022-09-12 16:24:00 -06:00
JacobBarthelmeh 2eee35ef8f
Merge pull request #5582 from SparkiDev/small_stack_cache_fix 
Small Stack Cache: make work again
 2022-09-12 09:53:10 -06:00
Sean Parkinson e0a47ca6c1 Small Stack Cache: make work again 
Fix Small Stack Cache option so that it works with various options
including ALT_ECC_SIZE.
Allow ALT_ECC_SIZE when SP math all or SP math is compiled in.
 2022-09-12 10:52:34 +10:00
Sean Parkinson 2c4c7ba6da ARM v7a ASM: 128-bit registers not supported 
Cortex-A5 - Cortex-A9 only support 64-bit wide NEON.
Remove use of WOLFSSL_ARM_ARCH_NO_VREV.
Use WOLFSSL_ARM_ARCH_NEON_64BIT to indicate to use 64-bit NEON registers
and not 128-bit NEON registers.
 2022-09-12 10:00:18 +10:00
JacobBarthelmeh fa6bc79f8b
Merge pull request #5578 from douzzer/20220909-fixes 
20220909-fixes
 2022-09-09 16:37:35 -06:00
JacobBarthelmeh 460b6f1ecc
Merge pull request #5577 from tmael/vx_entropy 
Improves entropy with VxWorks
 2022-09-09 15:51:24 -06:00
Tesfa Mael 82781043c4 Add entropy to VxWorks 2022-09-09 12:44:56 -07:00
Daniel Pouzzner 3bd91c6ab8 wolfcrypt/src/pkcs7.c: revert 57a7430b6a, which broke SCEP use case, and redo using a simple stack variable initialization approach. 2022-09-09 10:09:14 -05:00
Sean Parkinson 0db0032b31 ARM32 ASM: vrev not always available 
Provide alternative assembly instructions to vrev when
WOLFSSL_ARM_ARCH_NO_VREV is defined.
 2022-09-09 10:19:17 +10:00
JacobBarthelmeh 200ca9db4b
Merge pull request #5572 from tim-weller-wolfssl/zd14615-config-updates 
Configuration consistency fixes for RSA keys and way to force disable of private keys
 2022-09-08 13:19:11 -06:00
Hayden Roche 226a8b676d Add support for non-blocking ECDHE/ECDSA in TLS/DTLS layer. 
This requires the async code.
 2022-09-08 11:34:59 -07:00
David Garske e49efbc101
Merge pull request #5544 from haydenroche5/async_sw 
Migrate async names from "test" to "software."
 2022-09-08 10:18:26 -07:00
JacobBarthelmeh f49d84e17a fix typo and pipe ocsp response creation to /dev/null 2022-09-08 09:02:31 -07:00
Tim Weller 1b90d4fad2 Configuration consistency fixes and addition of new config option to disable private key 
Add way to disable private keys in wolfcrypt (settings). Make RSA integer usage match structure configuration.
 2022-09-08 09:36:18 -05:00
JacobBarthelmeh 9d6e157fc5 add asn template version 2022-09-07 16:15:19 -07:00
Sean Parkinson 5dc1732036 Fix define name 
WOLFSSL_ARMASM_NO_CRYPTO -> WOLFSSL_ARMASM_NO_HW_CRYPTO
 2022-09-08 08:39:00 +10:00
Daniel Pouzzner ef7377d64c fix whitespace and line length. 2022-09-07 15:30:32 -05:00
Daniel Pouzzner 57a7430b6a wolfcrypt/src/pkcs7.c: in wc_PKCS7_DecryptKtri(), refactor handling of OAEP keys to fix uninited value access detected by clang-analyzer-core.UndefinedBinaryOperatorResult; fix whitespace. 2022-09-07 15:14:26 -05:00
JacobBarthelmeh 28a82237d9 RSA-PSS signed OCSP responses 2022-09-07 13:12:43 -07:00
David Garske 9c88d8ac2c
Merge pull request #5547 from JacobBarthelmeh/mcux 
Port to RT685 with FreeRTOS
 2022-09-07 12:54:54 -07:00
Sean Parkinson 05634e286d SP math: fix build configuration with opensslall 
./configure '--disable-shared' '--enable-keygen' '--enable-certgen'
'--enable-certreq' '--enable-certext' '--enable-ocsp' '--enable-crl'
'--enable-pwdbased' '--enable-opensslall' '--enable-pkcs7'
'--enable-pkcs12' '--enable-sp' '--enable-sp-math' '--disable-rsa'
'--disable-dh' '--enable-ecc'
 2022-09-07 15:42:33 +10:00
David Garske 12680a967a
Merge pull request #5560 from douzzer/20220906-fixes 
20220906-fixes
 2022-09-06 17:56:33 -07:00
Sean Parkinson 7d67ffac69 Fixup assembly to compile with ARMv7a 2022-09-07 09:30:06 +10:00
Sean Parkinson 805b0eb606 ARM ASM: ARMv7a with NEON instructions 
Change to build assembly code for ARMv7a with NEON instruction set.
./configure -host=armv7a --enable-armasm
Added ARM32 SHA-256 NEON only implementation.
 2022-09-07 09:29:56 +10:00
David Garske 602116c3f2
Merge pull request #5558 from embhorn/zd14776 
Fix warning in DecodeAltNames
 2022-09-06 16:00:02 -07:00
Chris Conlon 761fde31ad
Merge pull request #5478 from miyazakh/rsaesoaep 2022-09-06 15:45:40 -06:00
Daniel Pouzzner bf29d6b2c7 wolfcrypt/test/test.c: refactor shake256_absorb_test() and shake256_test() to use a single buffer for "large_input", malloc()ed when WOLFSSL_SMALL_STACK, to stay within stack limits of all-max-func-stack-2k; move a couple declarations in openssl_test() to resolve declaration-after-statement. 2022-09-06 13:28:57 -05:00
David Garske d72b401e8e
Merge pull request #5545 from icing/evp_chacha 
Add ChaCha20 as available cipher in the EVP API.
 2022-09-06 10:42:54 -07:00
Eric Blankenhorn dcf215d52c Fix warning in DecodeAltNames 2022-09-06 11:33:30 -05:00
David Garske 7b0128f9ac
Merge pull request #5541 from SparkiDev/ecc_sign_k_nondyn 
ECC sign_k: don't have it dynamically allocated
 2022-09-06 07:52:45 -07:00
Stefan Eissing 5927c4063a Removing FIXME comments after the fixing has been done. doh. 2022-09-06 10:06:02 +02:00
Stefan Eissing 9f47999002 Add ChaCha20 as available cipher in the EVP API. 
- wire the wc_ChaCha_* implementation into the EVP API
  as `wolfSSL_EVP_chacha20`
- follow IV conversions of OpenSSL
- add test case
- have QUIC support use this for header protection when
  CHACHA20_POLY1305 has been negotiated in the handshake.
 2022-09-06 10:06:02 +02:00
David Garske 31b8edd192
Merge pull request #5552 from SparkiDev/ed_make_key_fixes 
Ed make public key wasn't checking whether private key set
 2022-09-05 16:13:41 -07:00
Sean Parkinson f153e65102 SHA-3: check BMI1 availablity for ASM 
Added benchmarking of SHAKE128 and SHAK256.
 2022-09-05 14:11:02 +10:00
Sean Parkinson f807c70637 Ed make public key wasn't checking whether private key set 
Ed25519 and Ed448 make public key APIs now check whether the private key
was set.
The private key and public key flags setting and clearing also updated.
Testing of unset private key and calling make public key added for
Ed25519 and Ed448.
 2022-09-05 12:21:51 +10:00
Sean Parkinson 4ac113d135 ECDSA sign_k allocated when not WOLFSSL_NO_MALLOC 
Fix up other WOLFSSL_NO_MALLOC issues.
 2022-09-05 10:56:17 +10:00
Satoshi Yamaguchi b52d193ee3 Fix an implicit type conversion 2022-09-03 23:56:54 +09:00
David Garske aa036b6ea4
Merge pull request #5532 from anhu/sphincs 
Add sphincs to wolfCrypt.
 2022-09-02 11:56:11 -07:00
David Garske 4a8a11315b
Merge pull request #5536 from SparkiDev/sha3_x64 
SHA-3 improvements
 2022-09-02 09:46:14 -07:00
Anthony Hu 10ce703d71 Add sphincs to wolfCrypt. 
Note that we will not support sphincs in TLS so nothing above wolfcrypt changes.
 2022-09-02 11:53:55 -04:00
Hayden Roche 959386422e Migrate async names from "test" to "software." 
See async PR 52.
 2022-09-01 17:53:18 -07:00
Sean Parkinson cef590131a ECC sign_k: don't have it dynamically allocated 2022-09-02 09:18:42 +10:00
Stefan Eissing 65ca72c5a2
Improve EVP support for CHACHA20_POLY1305 (#5527) 
* Add test case for OpenSSLs capability to init a evp context partially in several calls.
* EVP handling of CHACHA20_POLY1305 improvment
- save key at ctx for Init()s without IV
- reuse stored key for Init()s with new IV, reusing ctx
- free and zero key on ctx clenaup
* Adding type cast to XMALLOC to force compiler compatibility.
* EVP: using same DYNAMIC_TYPE in alloc and free of chacha20_poly1305 key.
Co-authored-by: Stefan Eissing <stefan.eissing@greenbytes.de>
 2022-09-01 13:23:42 -07:00
David Garske 0222833f7e
Merge pull request #5535 from douzzer/20220831-analyzer-coddling 
20220831-analyzer-coddling
 2022-09-01 07:40:11 -07:00
Daniel Pouzzner 8ccef9f0d3
Merge pull request #5531 from embhorn/zd14665 
Check return from call to wc_Time
 2022-09-01 09:35:49 -05:00
Satoshi Yamaguchi 85776f0069 Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API 2022-09-01 18:00:43 +09:00
Sean Parkinson ce8959ea77 SHA-3 improvements 
Add x86_64 assembly code:
  - BMI2
  - AVX2 (using ymm, slower than BMI2)
  - AVX2 of 4 similtaneous hashes
Add SHAKE128 functions and tests.
Add Absorb and Squeeze functions for SHAKE128 and SHAK256 and tests.
Add doxygen for SHA-3 and SHAKE functions.
Update other generated x86_64 assembly files to include settings.h.
 2022-09-01 17:11:58 +10:00
Daniel Pouzzner ea3959f2f6 analyzer coddling: 
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;

in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;

in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
 2022-08-31 22:56:08 -05:00
David Garske fe583faf32
Merge pull request #5501 from haydenroche5/ecc_non_block 
Add support for non-blocking ECC key gen and shared secret gen for P-256/384/521.
 2022-08-31 18:31:28 -07:00
Hayden Roche 41207f5d9b Add support for non-blocking ECC key gen and shared secret gen for 
P-256/384/521.

New functions:

- sp_ecc_make_key_256_nb
- sp_ecc_make_key_384_nb
- sp_ecc_make_key_521_nb
- sp_ecc_secret_gen_256_nb
- sp_ecc_secret_gen_384_nb
- sp_ecc_secret_gen_521_nb

This commit also tweaks the testing for ECDSA testing in test.c. Instead of
testing with one of P-256/384/521, we test with all that are available.
 2022-08-31 14:34:26 -07:00
Eric Blankenhorn 5a25525b2e Check return from call to wc_Time 2022-08-31 15:20:07 -05:00
JacobBarthelmeh 29f2dee991 handeling DER to internal of an OCSP response with no optional certificates 2022-08-29 15:25:50 -07:00
JacobBarthelmeh ad0fd15a0d static analysis fix from infer 2022-08-26 14:55:42 -07:00
JacobBarthelmeh ce2cf3439d subject info. acc. should contain a CA repo entry not OCSP 2022-08-26 14:39:20 -07:00
David Garske e88bd66501
Merge pull request #5514 from julek-wolfssl/wolfSSL_EVP_MD_CTX_copy_ex-leak 
Cleanup output object in wolfSSL_EVP_MD_CTX_copy_ex before copy
 2022-08-26 11:08:17 -07:00
JacobBarthelmeh b3fa6f654e no realloc, adjustable static test size, fsl RTC 2022-08-26 09:15:33 -06:00
Juliusz Sosinowicz 2fb3f58c03 Cleanup output object in wolfSSL_EVP_MD_CTX_copy_ex before copy 2022-08-26 13:07:45 +02:00
Sean Parkinson 8b2719cc83 SP math: don't modify sign in sp_div 
Not need to modify sign of a and d in sp_div().
Signs cached at start and used to calculate sign result.
 2022-08-26 08:47:49 +10:00
Sean Parkinson bd13fcc92a AES-CTR ARM32 ASM: Fix 128-bit counter increment 
Include hash.h to sp_int.h for when no public key algorithms compiled in
- need WC_MAX_DIGEST_SIZE.
 2022-08-25 14:54:00 +10:00
David Garske 9b12011d71
Merge pull request #5499 from SparkiDev/aes_ctr_arm32_asm 
AES-CTR ARM32 crypto ASM fix
 2022-08-24 09:59:49 -07:00
Sean Parkinson d087cbea1b Rework sp_div to work around static analysis error 
Fix _sp_exptmod_mont_ext() to handle when number of bits in exponent is
a multiple of the window size.
 2022-08-24 12:31:21 +10:00
Sean Parkinson 9228354d29 AES-CTR ARM32 crypto ASM fix 
Fix handling of counter to support incrementing across all bytes in
ARM32 crypto asm.
Added test cases for wrapping of counter when 2 blocks are being
encrypted to check assembly alternative path.
 2022-08-24 10:51:56 +10:00
David Garske 3b6124cf34
Merge pull request #5497 from douzzer/20220823-fixits 
20220823-fixits
 2022-08-23 13:45:02 -07:00
Daniel Pouzzner 8f70f98640 wolfcrypt/src/asn.c: refactor _SMALL_STACK code path in ParseCRL_Extensions() to fix memory leaks and heap-use-after-free. 2022-08-23 13:52:42 -05:00
David Garske cab6ecd130
Merge pull request #5404 from JacobBarthelmeh/PKCS7 
fix for not having default pkcs7 signed attributes
 2022-08-23 11:04:17 -07:00
David Garske 48463f6d54
Merge pull request #5388 from lealem47/crlPrint 
Adding X509_CRL_print() function
 2022-08-22 17:16:19 -07:00
Lealem Amedie f9ca944106 Addressing some more feedback 2022-08-22 14:47:11 -07:00
Lealem Amedie 91a7b8067c Addressing some PR feedback 2022-08-22 12:04:15 -07:00
David Garske b9d9dc02bb
Merge pull request #5476 from julek-wolfssl/session-buffers 
Remove WOLFSSL_SESSION_TYPE_REF buffers from WOLFSSL_SESSION
 2022-08-22 11:59:39 -07:00
David Garske 36facf52c9
Merge pull request #5490 from TakayukiMatsuo/no_rsa 
Fixed build errors raised when NO_RSA is defined
 2022-08-22 10:07:39 -07:00
David Garske ce5a749fcb
Merge pull request #5489 from SparkiDev/aes_ctr_arm_asm 
AES-CTR ARM crypto ASM fix
 2022-08-22 09:28:22 -07:00
Lealem Amedie 8f4b467f47 Fixing line lengths and SMALL_STACK code path 2022-08-22 09:17:23 -07:00
David Garske 689d45eb59
Merge pull request #5425 from SparkiDev/ecc_sp_uncomp_ret 
ECC SP uncompress: use error return
 2022-08-22 09:00:52 -07:00
Juliusz Sosinowicz 0dbd0ffb4e
Merge pull request #5483 from embhorn/zd14659 2022-08-22 14:28:29 +02:00
Juliusz Sosinowicz e565d0d7de Refactor and code review 
- Refactor object hashing into one function
- Allow multiple WOLFSSL_ASSERT_SIZEOF_GE in one function
 2022-08-22 14:19:48 +02:00
Sean Parkinson c7d28e3bb9 ECC SP uncompress: use error return 2022-08-22 16:21:30 +10:00
TakayukiMatsuo 48e7035af8 Fix build error when NO_RSA is defined 2022-08-22 14:03:19 +09:00
Sean Parkinson f7a8d4a44a AES-CTR ARM crypto ASM fix 
Fix handling of counter to support incrementing across all bytes in ARM
crypto asm.
Added test cases for wrapping of counter.

Extracted ARM ASM for AES-CTR.
Use ASM to created encrypted temporary block.
 2022-08-22 10:36:48 +10:00
Lealem Amedie 2a65220527 Adding X509_CRL_print() function 2022-08-19 12:21:35 -07:00
David Garske 1d0e83bd1a
Merge pull request #5474 from julek-wolfssl/zd14644-2 
Match OpenSSL self signed error return.
 2022-08-19 06:46:26 -07:00
Eric Blankenhorn 3d8562f07b Fixes for build and runtime issues 2022-08-19 08:12:04 -05:00
Hideki Miyazaki d494894268
Add to parse RSA ES OAEP Oid 2022-08-18 06:43:31 +09:00
David Garske b9c9ad0339 Fixes for RSA PSS with `--enable-asynccrypt` in `ConfirmSignature`. 2022-08-17 08:20:06 -07:00
Juliusz Sosinowicz 008e947fec Match OpenSSL self signed error return. 
OpenSSL compat expects ASN_SELF_SIGNED_E when a self signed cert can't be verified. This is useful when translating the error with GetX509Error into a X509_V_ERR_* error.
 2022-08-17 12:40:16 +02:00
John Safranek be2a6cbeb9
Merge pull request #5420 from Uriah-wolfSSL/ms_abi 
Ms abi
 2022-08-16 09:21:14 -07:00
David Garske 55eb460d1a
Merge pull request #5403 from SparkiDev/ecc_import_priv_order 
ECC import priv: validate priv is less than order
 2022-08-15 21:36:46 -07:00
Anthony Hu 52ed047a44 Fix a mismatched decl and impl 2022-08-15 12:13:05 -04:00
Sean Parkinson 23a01b3276 SP: CT from_mp when sp_digit bits equal mp_digit bits. 
Made constant time copy of values from an mp_int int array of sp_digit.
Stops OOB writes when mp_int is bigger than it should be.
 2022-08-15 09:02:24 -07:00
Anthony Hu 5e7cff71fd Initialize the Enc memberss of CertName struct. 
Tested by reproducing the problem in an example and confirming fix makes problem
go away.
 2022-08-15 11:43:33 -04:00
Uriah Pollock 7e00b32c71 Corrected line spacing incorrect arg passings. 2022-08-14 20:16:42 -05:00