c2860cb311
Get rid of HC-128
2022-01-17 18:11:54 -05:00
d06cf97d73
Old Compiler Warning Cleanup (GCC 4.0.2)
...
test.c:
1. Removed pragma disabling the warning for unused functions.
2. Fixed the guards around the function that wasn't getting removed from
the build. And matched the guards to the call of the function. The
issue is a test that fails only in a cert 3389 build using Arm
assembly single-precision public keys.
3. Fixed the guards around a couple other functions.
2022-01-16 22:08:35 -08:00
15c5ac880e
PKCS7 Test Output
...
When running the test with PKCS7 enabled, there's an additional option
that will save to disk the generated PKCS7 blobs for by-hand review.
(PKCS7_OUTPUT_TEST_BUNDLES) Fixed a couple compile errors that were
missed with that option enabled.
2022-01-12 14:51:11 -08:00
33f0e2eda5
In the wolfCrypt test, fix a few filenames to use the VPATH versions.
2022-01-12 14:50:43 -08:00
ff0eb5a41e
wolfcrypt/test/test.c: in wolfcrypt_test(), tweak formatting of CheckRunTimeSettings() to resolve invalidPrintfArgType_uint from cppcheck --force.
2022-01-08 01:35:46 -06:00
a4444e6c3e
wolfcrypt/test/test.c: in rsa_oaep_padding_test(), remove accidentally repeated MEMORY_E check.
2022-01-08 01:10:02 -06:00
29fcbb0b19
wolfcrypt/test/test.c: fixes for cppcheck complaints: memleakOnRealloc nullPointerRedundantCheck uninitvar invalidPrintfArgType_uint
2022-01-08 00:33:54 -06:00
7edc916057
wolfcrypt/wolfssl: tests: adding missing wc_Aes*Free()
...
In some Aes implementation this may leak resources
2021-12-30 20:30:33 +01:00
c4e50ef086
fix for libz test with pkcs7
2021-12-23 09:37:09 -08:00
9d137668c7
Merge pull request #4675 from julek-wolfssl/openssh-8.8
...
Fix macro name conflicts with openssh
2021-12-22 08:31:36 -08:00
8435eb4644
Add `WC_` namespace to variable handling defines
2021-12-22 12:16:02 +01:00
dd9b1afb72
Remove magic numbers from `WOLFSSL_ASN_TEMPLATE` code ( #4582 )
...
* pkcs8KeyASN and other misc asn fixes
- Test fixes for testing with `USE_CERT_BUFFERS_1024`
* intASN
* bitStringASN
* objectIdASN
* algoIdASN
* rsaKeyASN
* pbes2ParamsASN
* pbes1ParamsASN
* pkcs8DecASN
* p8EncPbes1ASN
* rsaPublicKeyASN
* dhParamASN
* dhKeyPkcs8ASN
* dsaKeyASN
* dsaPubKeyASN
- Add `wc_SetDsaPublicKey` without header testing
* dsaKeyOctASN
* rsaCertKeyASN
* eccCertKeyASN
* rdnASN
* certNameASN
* digestInfoASN
* otherNameASN
* altNameASN
* basicConsASN
* crlDistASN
* accessDescASN
* authKeyIdASN
* keyUsageASN
* keyPurposeIdASN
* subTreeASN
* nameConstraintsASN
* policyInfoASN
* certExtHdrASN
* certExtASN
* x509CertASN
* reqAttrASN
* strAttrASN
* certReqASN
* eccPublicKeyASN
* edPubKeyASN
* ekuASN
* nameASN
* certExtsASN
* sigASN
* certReqBodyASN_IDX_EXT_BODY
* dsaSigASN
* eccSpecifiedASN
* eccKeyASN
* edKeyASN
* singleResponseASN
* respExtHdrASN
* ocspRespDataASN
* ocspBasicRespASN
* ocspResponseASN
* ocspNonceExtASN
* ocspRequestASN
* revokedASN
* crlASN
* pivASN
* pivCertASN
* dateASN
* `wc_SetDsaPublicKey` was not including `y` in the sequence length
* All index names changed to uppercase
* Shorten names in comments
* Make sure extensions have sequence header when in cert gen
* Fix/refactor size calc in `SetNameEx`
* Pad blocks for encryption
* Add casting for increased enum portability
* Use stack for small ASN types
2021-12-22 11:28:01 +10:00
360a513696
Merge pull request #4553 from SparkiDev/sp_mont_inv_order_fix
...
SP: fix when mont_mul_order is defined
2021-12-20 15:09:08 -08:00
ce4f436d0f
Merge pull request #4587 from SparkiDev/dis_algs_fix_1
...
Disable algorithms: fixes
2021-12-19 20:12:30 -08:00
5172130287
add wc_GetPubKeyDerFromCert(), get pub key DER from DecodedCert
2021-12-15 11:04:52 -07:00
355b779a3e
feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c.
2021-12-11 14:08:04 -06:00
6da0cc1ced
Merge pull request #4600 from dgarske/cust_oid
...
Support for Custom OID in subject and CSR request extension
2021-12-09 11:24:30 +10:00
baee7bace4
Merge pull request #4584 from ethanlooney/nxp_se050_curve25519
...
Added curve25519 support for NXP SE050
2021-12-02 02:47:36 -08:00
9f611e8b80
Merge pull request #4589 from JacobBarthelmeh/native-lwip
...
Native LwIP support update
2021-12-01 10:37:13 -08:00
43ac0d3684
adjust test file for pritnf and test_pass
2021-11-30 16:41:02 -07:00
a33ae21801
whitespace cleanups and portability/pedantic fixes
2021-11-29 23:58:39 -06:00
7221e06ff7
Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio
2021-11-29 15:32:48 -07:00
fb4e39f00a
addressed review comments prt1
2021-11-26 16:03:42 +09:00
b2c0bacb06
Fix Cryptocell ecc
2021-11-24 19:22:40 -08:00
7396a0cb3a
Resolves all peer review comments. Fixes to get Curve25519 working on real hardware. Regression testing fixes for ECC.
2021-11-23 15:03:53 -08:00
7524ededd3
Support for Custom OID in subject and CSR request extension:
...
* Adds new build option `WOLFSSL_CUSTOM_OID` for supplying a custom OID in a CSR
* Fixes in ASN template CSR generation.
* Fix to allow calling `wc_Ed25519PublicKeyToDer` and `wc_Ed448PublicKeyToDer` with NULL output buffer to get length only.
* Refactor of the certificate subject name encoding.
* Refactor of the OID's to consolidate.
* Improvements to the Domain Component API unit test.
ZD 12943
2021-11-23 09:51:13 -08:00
5a72fee3df
Disable algorithms: fixes
...
WOLFSSL_PUBLIC_MP and disable algorithms didn't work because of api.c.
- mp_cond_copy not available unless ECC compiled in
- wc_export_int not available unless ECC compiled in
Enabling only DH and using SP with SP Math didn't work as the DH
parameters were too small.
sp_cmp is needed when only DH.
mp_set_int is was not available in SP math when RSA is not defined.
mp_set is close enough for the use cases.
Configure with SP and SP math but not RSA, DH and ECC didn't configure -
now default to small maths.
2021-11-19 16:56:33 +10:00
7e2fab6f4a
warning with keil build and native lwip want read case
2021-11-18 22:58:50 -07:00
f50fcd918e
support Renesas RA SCE protect mode on RA6M4 evaluation board
2021-11-19 14:22:16 +09:00
33a6b8c779
Merge pull request #4531 from dgarske/cryptocb_aesccm
...
Added crypto callback support for AES CCM
2021-11-16 22:45:11 +10:00
1559e92dca
Add crypto callback AES CCM test case.
2021-11-15 16:22:10 -08:00
a626a4fb02
Fixes for spelling errors.
2021-11-12 10:27:49 -08:00
341bd7bbbc
mp_test: when SP_INT_DIGITS is even calc was wrong
2021-11-10 09:33:14 +10:00
ff3179012d
SP: fix when mont_mul_order is defined
...
Customer configuration that failed:
./configure --enable-cryptonly --enable-ecc --enable-sp=yes,asm
--disable-rsa --disable-dh --disable-sha3 --disable-sha224 --disable-md5
--disable-sha --disable-pkcs12 --disable-memory --disable-chacha
--disable-poly1305 --disable-sha512 --disable-sha384 --disable-aesgcm
--disable-aescbc --disable-aes --disable-rng CFLAGS="-DNO_SIG_WRAPPER
-DWOLFSSL_PUBLIC_MP -DECC_USER_CURVES -DNO_ECC_SIGN -DNO_ECC_DHE
-DNO_ECC_KEY_EXPORT"
2021-11-09 17:50:21 +10:00
03d5c4e6d3
test.c: fix whitespace.
2021-11-08 18:24:42 -06:00
95bed1cdfd
test.c: smallstack refactors for idea_test(), ed448_test(), and verifyBundle() (fixes various error-dependent leaks too).
2021-11-08 17:35:10 -06:00
f8565f26e2
fixes for --disable-harden.
2021-11-08 17:35:10 -06:00
27d4bb304c
test.c add smallstack refactor of pkcs7enveloped_run_vectors().
2021-11-08 17:35:10 -06:00
26cc534dd2
wolfcrypt/test/test.c: fix memory leaks in pkcs7signed_run_[SingleShot]Vectors() added in smallstack refactor.
2021-11-08 17:35:10 -06:00
8b3048a0ea
wolfcrypt/test/test.c: smallstack refactors for pkcs7authenveloped_run_vectors(), pkcs7signed_run_vectors(), and pkcs7signed_run_SingleShotVectors(); typographic&whitespace cleanup.
2021-11-08 17:35:10 -06:00
dd833807d8
Merge pull request #4523 from dgarske/nxp_se050_fixes
...
Fixes for NXP SE050 ECC create and key store id
2021-11-09 08:56:03 +10:00
5a4577eb6c
Merge pull request #4541 from SparkiDev/mp_hexchar_asm
...
SP, TFM: fixes
2021-11-08 14:49:02 -08:00
dc911b94e7
SP, TFM: fixes
...
HexCharToByte must be cast to a signed char as a char is unsigned on
some platforms.
Redefine the __asm__ and __volatile__ for ICC and KEIL in sp_int.c
mp_test: don't use large bit lengths if unsupported.
2021-11-05 11:49:24 +10:00
d8faa22194
Fix for `ecc_def_curve_test` test changes.
2021-11-04 11:54:09 -07:00
60a86157c7
Fix building with NO_ECC_KEY_EXPORT.
2021-11-03 16:03:26 -07:00
b84edb5c67
Fixes for NXP SE050 testing with hardware.
2021-11-03 12:47:07 -07:00
8a8a6cf17f
Merge pull request #4515 from kareem-wolfssl/zd13006
...
wc_scrypt: Check for underflow in blocksSz calculation.
2021-10-29 08:23:37 -07:00
39c9fa96bc
wc_scrypt: Code review feedback.
2021-10-28 15:02:53 -07:00
c162196b27
Add x509 name attributes and extensions to DER parsing and generation
...
- Postal Code
- Street Address
- External Key Usage
- Netscape Certificate Type
- CRL Distribution Points
- Storing full Authority Key Identifier information
- Add new certificates to `certs/test` for testing
- Update WOLFSSL_ASN_TEMPLATE to match new features
2021-10-28 14:50:53 +02:00
75df6508e6
Add a read enable for private keys when in FIPS mode.
2021-10-26 20:24:29 -05:00
85a8c06062
linuxkm: add DEBUG_VECTOR_REGISTER_ACCESS (debug feature switch), ASSERT_SAVED_VECTOR_REGISTERS, and ASSERT_RESTORED_VECTOR_REGISTERS macros, and move the fallback no-op definitions of the SAVE_VECTOR_REGISTERS and RESTORE_VECTOR_REGISTERS to types.h. also fixed several ASCII TAB characters in types.h.
2021-10-26 20:24:28 -05:00
31f13a7f41
wolfcrypt/test/test.c: when HAVE_FIPS, wrap wc_MakeRsaKey() calls in infinite iteration while ret == PRIME_GEN_E, to inhibit nondeterministic failure mode from FIPS-limited _CheckProbablePrime() iteration.
2021-10-26 20:24:28 -05:00
c0778e5ad9
gate access to wc_Sha512.devId on !NO_SHA2_CRYPTO_CB.
2021-10-26 20:24:28 -05:00
0f407b4bfc
test.c: fix indirection flubs in _ASYNC_CRYPT parts of ecc_test_sign_vectors().
2021-10-26 20:24:27 -05:00
b77000bcfb
add smallstack codepath to ecc_test_sign_vectors(), and add missing rc2.h include to linuxkm/module_exports.c.template.
2021-10-26 20:24:27 -05:00
67db7b7f32
fixes for issues identified by Jenkins run:
...
Makefile.am: clean .build_params file;
ecc.c: fix misplaced gat #endif in wc_ecc_shared_secret_gen_sync();
move AM_CFLAGS+=-include /.build_params to before AC_SUBST([]AM_CFLAGS);
fix new unused-label defect in wc_ecc_shared_secret_gen_sync();
fix integer.[ch] mp_exch() to return int not void (sp_exch() and TFM mp_exch() can both fail on allocations);
fix NO_INLINE ForceZero() prototype;
ecc.c: add missing if (err == MP_OKAY) in build_lut();
wolfcrypt/test/test.c: revert "rename hkdf_test to wc_hkdf_test to eliminate namespace collision", restoring unconditional static qualifier, to fix crash at return from main() on Xilinx Zynq ARM test;
ecc.c: refactor build_lut() flow control to fix uninited variable scenario found by scan-build;
WOLFCRYPT_ONLY and OPENSSL_EXTRA: fix gating to allow successful build with --enable-all-crypto, and add configure error if crypt-only and opensslall are combined.
2021-10-26 20:24:27 -05:00
87578262aa
wolfcrypt smallstack refactors:
...
rsa.c: wc_CompareDiffPQ()
dh.c: wc_DhGenerateParams()
dsa.c: wc_MakeDsaKey() wc_MakeDsaParameters()
srp.c: wc_SrpGetVerifier() wc_SrpSetPrivate() wc_SrpGetPublic()
ecc.c: build_lut() wc_ecc_mulmod_ex() wc_ecc_mulmod_ex2() wc_ecc_shared_secret_gen_sync()
test.c: GenerateNextP() dh_generate_test() GenerateP()
2021-10-26 20:24:27 -05:00
2bf711341b
wolfcrypt/test/test.c: use HAVE_FIPS_VERSION, not FIPS_VERSION.
2021-10-26 20:24:26 -05:00
8de8af8b43
wolfcrypt/test/test.c: disable hmac_md5_test() for FIPS 140-3, and rename hkdf_test to wc_hkdf_test to eliminate namespace collision.
2021-10-26 20:24:26 -05:00
b673622322
FIPS 140-3 misc fixes including fixes for rebase errors.
2021-10-26 20:24:26 -05:00
b615309a7b
update FFDHE4096 test with the updated usage
2021-10-26 20:24:26 -05:00
b00b95ef6c
Cofactor flag in wolfcrypt test needed a guard.
2021-10-26 20:24:26 -05:00
f53a4db4e7
Unwind a few changes adding guards so it'll build with old FIPS.
2021-10-26 20:24:26 -05:00
aa3fb6f0d0
Update visibility on a SP math function for DH.
2021-10-26 20:24:26 -05:00
04ffd2ab45
Fixes:
...
1. When enabling FIPSv5 in configure, enable WOLFSSL_WOLFSSH.
2. Appropriate size selection of DH private keys.
2021-10-26 20:24:26 -05:00
3eaeaf3a57
Add sign/verify PCT to ECC.
2021-10-26 20:24:25 -05:00
908ec9b14a
Modify ffdhe to not return addresses.
2021-10-26 20:24:25 -05:00
c0e6a55aaa
Skip the small key DH test for SP and FFDHE builds.
2021-10-26 20:24:25 -05:00
2de6b3b2bd
Move the KDF functions into their own source file.
2021-10-26 20:24:25 -05:00
f78887d2ab
Add 'static' to the test vector arrays for the SSH KDF test.
2021-10-26 20:24:25 -05:00
a967cbcb7b
56Ar3 Testing Updates
...
1. Add PCTs for ECC and FFC.
2. Update the public key checks for ECC and FFC.
2021-10-26 20:24:25 -05:00
976402e04b
RNG Update
...
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
as a default callback.
2. Modify all the tests and examples to use the default seed callback if
the seed callback is enabled.
2021-10-26 20:24:25 -05:00
c47e354eed
Add callback option for RNG seeding.
2021-10-26 20:24:25 -05:00
c7ea896759
Add prototype for the ssh-kdf test in the wolfCrypt test.
2021-10-26 20:24:24 -05:00
de4af35f89
KDF Update
...
1. Move wolfSSH's KDF into wolfCrypt.
2021-10-26 20:24:24 -05:00
5810e45cb7
fix CAVP selftest v2 build error in test.c
2021-10-26 10:33:05 -06:00
905683c98c
Merge pull request #4496 from dgarske/sniffer_keywatch
...
Fix for sniffer key watch callback
2021-10-26 09:55:17 +10:00
e4da9c6f48
Fix for sniffer key callback. Fix for building sniffer without RSA. Fix for wolfCrypt test cert ext without RSA.
2021-10-22 14:29:06 -07:00
5859779ddf
Check-in non-FIPS specific porting changes for OE22
...
Fix no new line
Change comment style in testsuite.c
Add include for proper socket header in wolfio.h
Add dc_log_printf support to benchmark application
Pull in changes for examples
Refector NETOS check in test.c
Fix format and remove settings used only for validation testing
Implement peer review feedback
Address last items noted in peer review
Add new README to include.am
Adjust comment style on TODO
Gate changes in client and server properly
Add static on customer feedback
Fix settings include
Update latest peer feedback
2021-10-22 15:01:14 -06:00
864f913454
Make several changes to support OpenSSH 8.5p1.
...
- Permit more wolfSSL_EC_POINT_* functions for FIPS builds. This requires one
workaround in wolfSSL_EC_POINT_mul where wc_ecc_get_generator isn't available.
- Permit more AES-GCM code in EVP code for FIPS v2 builds. It's unclear why this
code wasn't already available.
- Add EVP_CIPHER_CTX_get_iv to the compatibility layer.
- Clear any existing AAD in the EVP_CIPHER_CTX for AES-GCM when we receive the
EVP_CTRL_GCM_IV_GEN control command. OpenSSL does this, and OpenSSH is relying
on this behavior to use AES-GCM correctly.
- Modify ecc_point_test in testwolfcrypt so that it doesn't fail when doing a
FIPS build with HAVE_COMP_KEY defined.
2021-10-20 11:00:42 -07:00
892685ac59
Merge pull request #4472 from utzig/ksdk-port-koblitz
...
nxp: ksdk: add support for Koblitz curves
2021-10-19 21:14:38 -07:00
d880403207
SP int: handle even modulus with exponentiation
...
Fix testing of mp_int to only call when implementation included.
2021-10-20 08:21:26 +10:00
d297a06c25
Fix for wolfCrypt test with custom curves without Brainpool. Tested all changes on NXP K82 LTC.
2021-10-19 13:12:12 -07:00
498884eadb
Fix for missing `dhKeyFile` and `dhKeyPubFile` with file system enabled, `WOLFSSL_DH_EXTRA` and `USE_CERT_BUFFERS_2048` set.
2021-10-19 13:06:37 -07:00
97883d78ac
Minor STM32F1 fixes
...
* Not all STM32 RTCs support subseconds in the time struct, so this is
now ifdef'd using the only obvious define which exists when subseconds
exist.
* Let wc_GenerateSeed detect STM32's without RNG correctly.
* wolfCrypt test was attempting to use variables that don't exist when
both WOLFSSL_SMALL_STACK and WC_NO_RNG is defined.
2021-10-12 16:20:36 +01:00
854512105f
Merge pull request #4314 from SparkiDev/libkcapi
...
KCAPI: add support for using libkcapi for crypto (Linux Kernel)
2021-10-07 21:23:05 -07:00
e0abcca040
KCAPI: add support for using libkcapi for crypto (Linux Kernel)
...
RSA, DH and ECC not testable as no Linux Kernel driver to use.
ECC implementation is customer specific.
2021-10-08 09:07:22 +10:00
9d2082f7e1
Fixes and improvements for crypto callbacks with TLS (mutual auth) ( #4437 )
...
* This PR resolves issues with using TLS client authentication (mutual auth) with crypto callbacks. The TLS client auth will not be sent without a private key being set. The solution is to allow setting a public key only if crypto callbacks is enabled and a devId is set.
* Fix to allow using crypto callbacks with TLS mutual authentication where a private key is not available.
* Fix for ED25519 sign when only a private key is loaded.
* Fix to enable crypto callbacks for ED25519 and Curve25519 in TLS by using the _ex init functions.
* Fix for wc_PemToDer return code where a PKCS8 header does not exist.
* Remove duplicate logs in DoCertificateVerify.
* Doxygen API updates: Added crypto callback help and updated use_PrivateKey with info about public key use.
* * Added crypto callback tests for TLS client and server with mutual auth for RSA, ECC and ED25519.
* Enhanced the API unit test TLS code to allow setting CA, cert and key.
* Revert ED25519 changes. Opt to calculate public key directly when required for signing in the TLS crypto callback test. Build configuration fixes.
* Fix to use proper devId in `ProcessBufferTryDecode`.
* Various build fixes due to changes in PR. G++ issue with `missing-field-initializers`. Unused api.c func with DTLS and session export. Duplicate `eccKeyPubFile` def.
* Added crypto callback TLS tests at WOLFSSL object level. Fix for ED25519/ED448 with client mutual auth where the private key is not set till WOLFSSL object. Fix issues with `wolfSSL_CTX_GetDevId` where devId is set on WOLFSSL object. Enable the `_id` API's for crypto callbacks.
* Proper fix for `eccKeyPubFile` name conflict. Was causing RSA test to fail (expected DER, not PEM).
2021-10-07 11:12:06 +10:00
33cb823148
Remove legacy NTRU and OQS ( #4418 )
...
* Remove NTRU and OQS
* Keep the DTLS serialization format backwards compatible.
* Remove n from mygetopt_long() call.
* Fix over-zealous deletion.
* Resolve problems found by @SparkiDev
2021-09-24 08:37:53 +10:00
83e0e19e03
linuxkm feature additions:
...
add build-time support for module signing using native Linux facility;
add support for alternative licenses using WOLFSSL_LICENSE macro;
improve load-time kernel log messages;
add support for sp-math-all asm/AVX2 acceleration;
add error-checking and return in SAVE_VECTOR_REGISTERS();
implement support for x86 accelerated crypto from interrupt handlers, gated on WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED:
* wolfcrypt_irq_fpu_states
* am_in_hard_interrupt_handler()
* allocate_wolfcrypt_irq_fpu_states()
* free_wolfcrypt_irq_fpu_states()
* save_vector_registers_x86()
* restore_vector_registers_x86()
add WOLFSSL_LINUXKM_SIMD, WOLFSSL_LINUXKM_SIMD_X86, and WOLFSSL_LINUXKM_SIMD_ARM macros for more readable gating.
2021-09-20 10:27:13 -05:00
4380e8b94a
Merge pull request #4391 from JacobBarthelmeh/Sniffer
...
add sanity check on buffer size
2021-09-16 09:36:48 -07:00
71e8d3ca3c
Merge pull request #4358 from SparkiDev/arm_sha512_crypto
...
AARCH64 SHA512: implementation using crypto instructions added
2021-09-15 09:51:09 -07:00
17c2e9e1cd
AARCH64 SHA512: implementation using crypto instructions added
...
Use --enable-armasm=sha512-crypto or define WOLFSSL_ARMASM_CRYPTO_SHA512
to use SHA512 cryptographic instructions.
Checks system register for the feature before using the SHA512
instructions.
Added SHA512 input data alignment test.
Add support for SHA512/224 and SHA512/256 to ARM port.
2021-09-15 12:05:48 +10:00
142c7a9892
cppcheck fixes and a config fix
...
./configure --disable-rsa --disable-ecc --disable-dsa
--enable-curve25519 --disable-ed25519 --disable-curve448
--disable-ed448 --enable-cryptonly
suites.c, testsuite.c: ensure port is an integer for snprintf.
unit.c: make memFailCount an integer for printf.
aes.c:
Reduce variable scope.
Check aes is not NULL before use in GHASH implementations.
XTS check sz is greater than or equal to a AES_BLOCK_SIZE rather than
0 as another block is processed.
wc_AesXtsEncrypt, wc_AesXtsEncrypt - simplify braces and ifdefs
wc_AesEcbEncrypt - subtracting from sz is unnecessary as is unused
after.
asn.c:
StoreKey, StoreEccKey - compiler doesn't see ret != 0 when publicKey
is NULL.
DecodeAuthInfo - count is not used when after break.
DecodeSubtree - don't use min and max as variables (already macros).
SetEccPublicKey - initialize pubSz and set sz regardless for
compiler's sake.
wc_EncodeName_ex - use unique variable 'namesASN'; ret isn't set after
last check.
SetEccPublicKey - simplify code by using else rather than check ret
wasn't set.
DecodeAsymKey - ret not modified in non-template implementaiton.
SetAsymKeyDer - ret still at initialized value here.
DecodeResponseData - ensure dataASN is freed when single->next->status
failed to allocate.
test.c:
curve255519_der_test() can't be compiled when NO_ASN is defined.
types.h:
cast to the appropriate type in EXIT_TEST
test.h
don't return anything when THREAD_RETURN is void and EXIT_TEST is for
threading with stack size.
2021-09-14 16:08:26 +10:00
33028de0de
SRP test; increase size of N
...
SHA512 digest was sometimes too big for the 1024-bit N.
Increase N to 1536 bits to ensure no intermittent fails.
2021-09-13 09:18:26 +10:00
602ec188ad
sanity checks on ed25519 private key decode
2021-09-10 21:51:18 -06:00
ae4766ae96
add sanity check on buffer size
2021-09-10 16:49:42 -06:00
35cef831bf
Fix for missing heap hint with RSA PSS and `WOLFSSL_PSS_LONG_SALT` ( #4363 )
...
* Fix for missing heap hint with RSA PSS and `WOLFSSL_PSS_LONG_SALT`. This fix will only allocate buffer if it exceeds the local buffer. Added `wc_RsaPSS_CheckPadding_ex2` to support heap hint if required. Fixed asn.c build issue with `NO_CERTS`. Fixed several spelling errors in asn.c. ZD12855.
* Improve the dynamic memory NULL checking in `wc_RsaPSS_CheckPadding_ex2` with `WOLFSSL_PSS_LONG_SALT` defined.
2021-09-03 15:42:31 +10:00
a9a1158f46
Remove test cases not supported by ARM64_ASM in FIPS mode - OE25 ( #4342 )
2021-09-03 08:37:34 +10:00
56843fbefd
Add support for EVP_sha512_224/256 ( #4257 )
2021-09-02 14:05:07 +10:00
9b6cf56a6e
Expanded support for Curve25519/Curve448 and TLS v1.3 sniffer ( #4335 )
...
* Fixes for building with Ed/Curve25519 only. Fix for IoT safe demo to exit after running once. Added `WOLFSSL_DH_EXTRA` to `--enable-all` and `--enable-sniffer`. Cleanup uses of `==` in configure.ac. Various spelling fixes.
* Fix for sniffer with TLS v1.3 session tickets.
* Fix for ASN Template Ed25519 key export (missing version / not setting OID correctly).
* Add key import/export support for Curve25519/Curve448. Refactor of the 25519/448 ASN code to combine duplicate code.
* Refactor of Curve25519 code. Improved public key export to handle generation when only private is set. Improved private scalar buffer sizing.
* Fix for static ephemeral loading of file buffer.
* Added sniffer Curve25519 support and test case.
* Fix for sniffer to not use ECC for X25519 if both are set.
* Fix Curve448 public export when only private is set.
* Fix for `dh_generate_test` for small stack size.
* Reduce stack size use on new asymmetric DER import/export functions. Cleanup pub length calc.
* Fix invalid comment.
2021-09-01 09:28:24 +10:00
cb3f42482b
Merge pull request #4332 from dgarske/zd12791
...
Improve CRL error codes
2021-08-25 13:57:46 -07:00
700b1c56c1
Improve CRL error codes. Add `--enable-crl=io` option. ZD 12791
2021-08-24 11:12:12 -07:00
9c541568fc
Merge pull request #4313 from SparkiDev/rsa_vfy_only
...
SP RSA verify only: fix to compile
2021-08-23 14:42:56 -07:00
dbb03cb5a3
SP RSA verify only: fix to compile
...
Configurations:
./configure --disable-asn --disable-filesystem --enable-cryptonly
--disable-dh --disable-sha224 --disable-ecc CFLAGS=-DWOLFSSL_PUBLIC_MP
--enable-rsavfy --enable-sp=small2048 --enable-sp-math
./configure --disable-asn --disable-filesystem --enable-cryptonly
--disable-dh --disable-sha224 --disable-ecc CFLAGS=-DWOLFSSL_PUBLIC_MP
--enable-rsavfy --enable-sp=2048 --enable-sp-math
./configure --disable-asn --disable-filesystem --enable-cryptonly
--disable-dh --disable-sha224 --disable-ecc CFLAGS=-DWOLFSSL_PUBLIC_MP
--enable-rsavfy --enable-sp=small2048 --enable-sp-math-all
./configure --disable-asn --disable-filesystem --enable-cryptonly
--disable-dh --disable-sha224 --disable-ecc CFLAGS=-DWOLFSSL_PUBLIC_MP
--enable-rsavfy --enable-sp=small2048 --enable-sp-math --enable-sp-asm
./configure --disable-asn --disable-filesystem --enable-cryptonly
--disable-dh --disable-sha224 --disable-ecc CFLAGS=-DWOLFSSL_PUBLIC_MP
--enable-rsavfy --enable-sp=2048 --enable-sp-math --enable-sp-asm
2021-08-20 13:16:58 +10:00
e7ef48d2b7
Merge pull request #3869 from SparkiDev/asn1_template
...
ASN1 Template: stricter and simpler DER/BER parsing/construction
2021-08-19 12:47:04 -07:00
3226e69649
--enable-linuxkm-pie (FIPS Linux kernel module) ( #4276 )
...
* Adds `--enable-linuxkm-pie` and associated infrastructure, to support FIPS mode in the Linux kernel module.
* Adds `tests/api.c` missing (void) arglist to `test_SSL_CIPHER_get_xxx()`.
2021-08-19 09:15:52 -07:00
17a569d4dd
SRP test: use proper SRP hash type for g++
2021-08-19 11:40:43 +10:00
d486b89c61
ASN1 Template: stricter and simpler DER/BER parsing/construction
...
Reduce debug output noise
2021-08-19 11:32:41 +10:00
c5f9e55567
Fixes for CMAC compatibility layer with AES CBC disabled. CMAC code cleanups. Fixes for "make check" with AES CBC disabled.
2021-08-18 11:30:18 -07:00
d6f5f815e1
Fix for `srp_test_digest` return code checking. Added GCC-ARM TLS server example.
2021-08-17 11:12:40 -07:00
89904ce82e
Fixes for building without AES CBC and support for PKCS7 without AES CBC.
2021-08-17 10:47:19 -07:00
e1f603301b
Fixes for SRP with heap hint.
2021-08-17 10:45:50 -07:00
9066ab6051
SRP test: increase size of N to support larger digests
...
Test all digests supported by SRP.
2021-08-17 09:15:07 +10:00
b4131f355e
Add a test/example for parsing the date from a certificate
2021-08-06 14:51:57 +02:00
f1377ed861
Merge pull request #4215 from lealem47/Md2HashTest
...
Added wc_Md2Hash() unit testing to test.c
2021-08-03 16:51:05 -06:00
71cf55a947
Added wc_Md2Hash() unit testing to test.c
2021-07-28 13:45:02 -06:00
d49d8a9286
Merge pull request #4204 from SparkiDev/ecies_sec1
...
ECIES: SEC.1 and ISO 18033 support
2021-07-27 09:43:53 -07:00
31dde4706e
ECIES: Support SEC 1 and ISO 18033
...
Default is SEC 1.
To use old ECIES implementation: --enable-eccencrypt=old or define
WOLFSSL_ECIES_OLD
To use ISO-18033 implememtation: --enable-eccencrypt=iso18033 or
define WOLFSSL_ECIES_ISO18033
Support passing NULL for public key into wc_ecc_decrypt().
Support not having public key in privKey passed into wc_ecc_encrypt() -
public key is calculated and stored in priKey.
Add decrypt KAT test for ECIES.
2021-07-27 09:30:53 +10:00
9f99253a8b
Merge pull request #4219 from SparkiDev/math_neg_mod_2d
...
Maths: mp_mod_2d supports negative value now
2021-07-23 08:40:56 -07:00
ffd69f6426
Merge pull request #4141 from kaleb-himes/FIPS_ANDROID_v454
...
Changes to support Android app with wolfCrypt module v4.5.4
2021-07-21 11:23:42 -06:00
ed6e173fc3
Maths: mp_mod_2d supports negative value now
...
SRP: don't clear an mp_int that hasn't been initialized
2021-07-20 18:33:55 +10:00
4df6fb74b0
fix sanitizer-detected uninitialized/null data accesses: wc_SrpComputeKey(), XChaCha20Poly1305_test().
2021-07-19 16:29:43 -05:00
5e8da2348f
ED: add --enable-ed25519-stream and --enable-ed448-stream to configure.ac, disabled by default, and add them to --enable-all and --enable-all-crypto lists, along with --enable-aesgcm-stream; report AES-GCM and ED* streaming API options in feature summary rendered at end;
...
refactor ED routines to pivot on WOLFSSL_ED*_PERSISTENT_SHA and WOLFSSL_ED*_STREAMING_VERIFY macros, with sha state in the key struct only when WOLFSSL_ED*_PERSISTENT_SHA, otherwise on the stack as before;
add ed*_hash_init() and ed*_hash_free() local helpers;
ED* peer review: fix line lengths, remove superfluous retval checks, tweaks for efficiency, and add ED448_PREHASH_SIZE to ed448.h.
2021-07-16 13:49:47 -05:00
9b43e57ccf
ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final();
...
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;
track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;
add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;
add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.
add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;
add macro asserts near top of ed*.h to assure the required hash functions are available;
fix {NO,HAVE}_ED*_{SIGN,VERIFY};
wolfcrypt/test/test.c: add missing key initializations in ed*_test();
wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
2021-07-16 13:49:47 -05:00
f408eeb5bb
Implement peer review suggestions
2021-07-16 09:57:11 -06:00
af98e64b88
Merge pull request #4208 from dgarske/leaks
...
Fixes for possible leaks with ECCSI and DH test
2021-07-16 08:59:11 +10:00
6458a8cedd
Merge pull request #4187 from SparkiDev/sp_math_mod_red_fix
...
SP math: montgomery reduction edge case
2021-07-15 14:33:26 +07:00
fbbb290d9e
Fixes for possible leaks with `HAVE_WOLF_BIGINT` used by async in ECCSI and DH test. Fixes for GCC `-fsanitize=address` with `--enable-all`.
2021-07-14 14:57:32 -07:00
b5eef78cdb
Merge pull request #4176 from SparkiDev/sp_math_read_bin_max
...
SP math all: allow reading of bin up to max digit size
2021-07-14 16:03:32 +07:00
08ebd34f31
SP math: montgomery reduction edge case
...
4 and 6 word specific implementations now handle rare overflow correctly
in last mul-add of loop.
2021-07-06 10:03:24 +10:00
43f8c5ba1b
Merge pull request #4121 from JacobBarthelmeh/PKCS7
...
wc_PKCS7_DecodeCompressedData optionally handle a packet without cont…
2021-07-01 17:03:56 -07:00
dc7beab784
address errors with `-fsanitize=undefined`
...
- fix null dereferences or undefined `memcpy` calls
- fix alignment in `myCryptoDevCb`
- fix default dtls context assignment
- add align configure option to force data alignment
TESTED:
`./configure CFLAGS=-fsanitize=undefined\ -DWOLFSSL_GENERAL_ALIGNMENT=1 --enable-all`
2021-06-30 21:58:30 -07:00
4cff893c5f
SP math all: allow reading of bin up to max digit size
2021-07-01 14:29:58 +10:00
80480e5d1f
Merge pull request #4163 from lealem47/rsa-test
...
Rsa test
2021-06-25 13:12:58 -07:00
729fea6b71
unused variable fix in rsa_oaep_padding_test fix
2021-06-25 08:39:44 -06:00
5038a27cda
add test cases and set content oid with decode encrypted data
2021-06-25 21:16:01 +07:00
873f10b0cf
Simplifying rsa_test() by extracting sections as separate functions
2021-06-24 20:47:14 -06:00
8592053856
Regression test fixes
...
./configure --enable-all --disable-rsa
./configure --disable-chacha --disable-asm
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
--enable-cryptonly (and ed25519, curve448, ed448)
./configure --disable-tls13 --enable-psk --disable-rsa --disable-ecc
--disable-dh C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
./configure --disable-oldtls --enable-psk -disable-rsa --disable-dh
-disable-ecc --disable-asn C_EXTRA_FLAGS=-DWOLFSSL_STATIC_PSK
--enable-lowresource --enable-singlethreaded --disable-asm
--disable-errorstrings --disable-pkcs12 --disable-sha3 --disable-sha224
--disable-sha384 --disable-sha512 --disable-sha --disable-md5
-disable-aescbc --disable-chacha --disable-poly1305 --disable-coding
Various build combinations with WOLFSSL_SP_MATH and WOLFSSL_SP_MATH_ALL
2021-06-25 09:18:06 +10:00
2fb80ceb59
Merge pull request #4133 from dgarske/crypto_cb_25519
...
Adds crypto callback support for Ed/Curve25519 and SHA2-512/384
2021-06-18 09:47:30 +10:00
18fc1b7e63
Merge pull request #4006 from elms/refactor_pointer_manipulation
2021-06-17 16:37:03 -07:00
258e0c10da
Merge pull request #4142 from elms/fix/memtest
...
test: Fix memtest callbacks
2021-06-17 14:01:21 -07:00
5440b6c63c
Fix for intel asm SHA512 where `HAVE_INTEL_AVX1` or `HAVE_INTEL_AVX2` is defined, but `USE_INTEL_SPEEDUP` is not. Fix for scan-build error with test.c ret not used.
2021-06-17 13:50:09 -07:00
ad59b8af45
test: Fix memtest callbacks
2021-06-17 10:15:11 -07:00
b6ec698a83
Fix for FIPS case with hkdf_test.
2021-06-17 08:15:44 -07:00
14b845a9a5
Fixes for wolfCrypt HMAC test without SHA1/SHA2. Added NO RNG option to cube pack configuration template.
2021-06-17 08:15:44 -07:00
b29fa9bd33
Changes to support Android app with wolfCrypt module v4.5.4
2021-06-17 08:11:40 -06:00
98147de422
Fix for wolfCrypt test not calling init for ed25519 tests.
2021-06-16 16:44:28 -07:00
15d761a0c2
Added ED25519 and Curve25519 crypto callback support.
2021-06-16 11:49:24 -07:00
9c24731e3c
Added SHA2-384/512 crypto callback support.
2021-06-16 11:49:24 -07:00
3a885aba23
Refactor pointer manipulation to be independent of datatype width
...
Tested with `./configure CFLAGS="-DNO_64BIT" --disable-sha512
--disable-sha384 --enable-harden` on a 64-bit machine
2021-06-15 21:08:49 -07:00
b9715432f8
SP math all: sp_cmp handling of negative values
2021-06-15 09:44:06 +10:00
77df7d8630
Merge pull request #3968 from elms/pedantic_cleanup
...
Fixes for some `-pedantic` errors
2021-06-14 13:46:39 -07:00
3180ec96a5
Merge pull request #3963 from dgarske/nxp_ltc_rsa
...
Fixes for NXP LTC ECC/RSA
2021-06-14 08:29:24 +10:00
3ecb8d5a3e
Merge pull request #4062 from dgarske/dh_key
...
DH Key and Params Export cleanups and Apache httpd fixes
2021-06-10 20:54:32 +10:00
c6c7dfd5db
Merge pull request #4053 from SparkiDev/cppcheck_fixes_6
...
cppcheck: fixes from reviewing report
2021-06-09 12:51:30 -07:00
50dca86dcf
Merge pull request #3878 from JacobBarthelmeh/ECC
...
add deterministic k generation for ECC sign
2021-06-09 09:47:19 +10:00
9b215c5138
Fixes for DH Pub key import/export and new test case. Improve `wc_DhParamsToDer`.
2021-06-08 09:27:30 -07:00
6db0b42c7f
* Refactor of DH key and param exports code (moved into asn.c) enabled with `WOLFSSL_DH_EXTRA`.
...
* Cleanup `WOLFSSL_DH_EXTRA` macro logic and do not allow with FIPS v1 or v2.
* Fixes for httpd (if `SSL_CONF_FLAG_FILE` is defined it is used to indicate support for `SSL_CONF_CTX_set_flags` and `SSL_CONF_cmd_value_type`).
* Add Curve448 and ED448 key type to `enum wc_PkType`.
* Expand `dh_ffdhe_test` to include 4096 bit.
2021-06-08 09:27:26 -07:00
5c01613acb
Add GCC extension to bypass select `-pedantic` warnings
...
Add wrapper macro for `__extension__` to suppress pedantic warnings
2021-06-07 15:38:15 -07:00
94831eadf1
Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag
2021-06-01 11:38:17 -06:00
3deb635155
skip memory callback tests with `STATIC_MEMORY` and `LINUXKM`
2021-05-27 14:46:45 -07:00
7a98c517e4
Fixes for some `-pedantic` errors
...
Some of the API with callbacks may not be compatible with pedantic
2021-05-27 14:46:45 -07:00
64ae0a827c
Fixes for RSA with NXP LTC. The invmod function must reduce if A > B. Added RSA Key Generation acceleration.
2021-05-25 15:58:22 -07:00
ceadb62d5b
Add support for running `wolfcrypt/test/testwolfcrypt` on Dolphin emulator
2021-05-20 21:07:50 +02:00
2c6285ccba
cppcheck: fixes from reviewing report
2021-05-20 17:55:06 +10:00
e247161b2e
Merge pull request #3992 from embhorn/zd12169
...
Allow parsing spaces in Base64_SkipNewline
2021-05-07 14:30:24 -07:00
ea2e2994af
Reversing hunk in test.c for DEOS (suspect that was in error).
2021-04-30 14:21:23 -07:00
f9a9b139ed
Fix a build err
2021-04-29 16:44:51 -07:00
cdede0515c
Allow parsing spaces in Base64_SkipNewline
2021-04-28 10:30:16 -05:00
bbda833909
Merge pull request #3720 from elms/deos/project_files
...
DEOS: Add project files for shared library
2021-04-23 15:44:33 -07:00
57f4adf438
DEOS: updated memory and add DTLS
...
Tested: DDC-I 9.2.0r94156 and OpenArbor on PPC hardware
2021-04-16 15:39:19 -07:00
03cfc3dc8f
addressed review comments part1
2021-04-14 11:15:23 +09:00
ad6f8e4246
added and modified compatibility layer APIs for Qt v5.15.2 part1
2021-04-12 18:34:07 +09:00
160faa851c
add deterministic k generation for ECC sign
2021-04-12 16:33:14 +08:00
86fe77d776
Merge pull request #3924 from dgarske/sp_math_all
...
Sp math all fixes
2021-04-07 16:21:58 -07:00
eb37953061
Fix for `WOLFSSL_SP_MATH_ALL` typo. Plus a few other minor ones.
2021-04-05 11:31:55 -07:00
9a86f133c8
additional fixes for reports with test cases
2021-04-05 21:26:52 +07:00
75abeebaf7
free memory in test case
2021-04-05 21:26:22 +07:00
1b832bf8fa
SHA-3: Improve SHAKE256 change to support longer output
...
Added tests for 1 complete block output and longer from NIST's CAVP
tests vectors.
2021-03-26 14:59:12 +10:00
08ea90ad94
Merge pull request #3905 from dgarske/sp_nb_sync
...
SP ECC: Fix for non-blocking test and synchronization of changes
2021-03-25 10:35:30 +10:00
a6851a44af
Fix for ECC non-blocking test R/S values not zero padded causing occasstional wolfCrypt test failures with `./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP"`.
2021-03-23 17:32:36 -07:00
1643bec05f
Merge pull request #3862 from kaleb-himes/WIN32_WCE_PORTING
...
_WIN32_WCE port of wolfCrypt - OE12
2021-03-23 14:40:48 -07:00
7cacfc53e6
ECCSI/SAKKE: fix for g++
...
Cast XMALLOC return.
2021-03-19 10:49:34 +10:00
a363077b1e
Merge pull request #3841 from SparkiDev/aes_gcm_stream
...
AES GCM: implement streaming
2021-03-18 14:36:55 -07:00
df2e0905e0
Merge pull request #3874 from dgarske/cryptocb_devctx
...
Fixes for for crypto callbacks (SHA1, HMAC and CMAC)
2021-03-16 21:26:50 +07:00
35659be06f
AES GCM: implement streaming
...
Updated EVP layer to use streaming API when enabled.
Assembly for x64 updated to include streaming.
2021-03-16 16:39:49 +10:00
3ac03d3d66
Merge pull request #3805 from JacobBarthelmeh/copyright
...
update copyright date to 2021
2021-03-15 16:16:50 -07:00
7a020e4bb6
Fix for FIPS and CMAC init.
2021-03-12 14:23:34 -08:00
697d34c80d
Fix for for crypto callback `devCtx` on symmetric algorithms (missing for SHA1 and CMAC). Fix for HMAC to use devId for hashing. Fixes for CMAC crypto callbacks and testing.
2021-03-12 11:49:25 -08:00
a55e94cf6f
ECCSI and SAKKE: add support
...
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
2021-03-12 09:31:22 +10:00
c729318ddd
update copyright date
2021-03-11 13:42:46 +07:00
16d55b0b86
_WIN32_WCE port of wolfCrypt - OE12
...
Add user_settings.h for OE12
Restrict LPCWSTR typecast to be WINCE specific
2021-03-10 17:02:21 -07:00
72eebd6e75
Merge pull request #3795 from JacobBarthelmeh/CAAM
...
Addition of QNX CAAM driver
2021-03-10 15:04:21 -08:00
25228cb6c0
Merge pull request #3798 from dgarske/no_hash
...
wolfcrypt: Fixes for building without hash or rng
2021-03-05 08:16:34 +10:00
7983734dcb
Merge pull request #3786 from tmael/cc310_ecc_importkey
...
Add Cryptocell wc_ecc_import_x963_ex
2021-03-04 13:59:54 -08:00
79ec07f5e1
adjustment after rebase
2021-03-03 18:45:40 +07:00
69a0b643be
removing some magic numbers
2021-03-03 18:45:40 +07:00
749425e1e8
first pre alpha code for QNX + CAAM
...
manual run of RNG init and JDKEK print
job ring does initial rng
is successful on some red key blob operations
caam red key blob test pass
ecdsa sign/verify
ecdsa ecdh/sign/verify with black secure key
ecdsa ecdh/sign/verify with black secure key
initial cmac addition
initial cmac addition
black blob encap
black keys with cmac
add invalidate memory
refactoring and clean up
more code cleanup
add files for dist and remove some printf's
remove unneeded macro guard
use resource manager
2021-03-03 18:45:40 +07:00
9d4d36f7fe
Fix hasty copy/paste with `privSz2`.
2021-03-01 16:02:51 -08:00
14faf16955
Dismiss unused warnings for dh_test.
2021-03-01 10:14:28 -08:00
bc585e85b6
Dismiss unused warnings for rsa_test.
2021-02-25 11:23:21 -08:00
5cc8979309
Review feedback for unused `pubSz2.
2021-02-24 15:09:51 -08:00
3a3c0be43f
Fixes for build warnings for CryptoCell with ECC and RSA.
2021-02-24 15:05:27 -08:00
49a0f70c24
Fix errors from last commit.
2021-02-24 14:19:13 -08:00
9ebdc8d61c
Additional fixes for building without RNG. Fix for possible use of `key->dp == NULL` in `wc_ecc_export_ex`.
2021-02-24 13:21:54 -08:00
bf63b41465
Fixes for building without hash. If all hash algorithms are disabled `wc_HashAlg` could report empty union. ZD 11585.
2021-02-24 11:04:03 -08:00
3cdbc242b4
Merge pull request #3803 from dgarske/zd11759
...
Fix misplaced endif and brace
2021-02-24 09:04:38 +10:00
7a71ec4692
Merge pull request #3802 from tmael/pkcs8err
...
Fix PKCS8 build config
2021-02-23 13:42:17 -08:00
363185669a
Merge pull request #3776 from cconlon/pkcs7testfix
...
fix wolfCrypt PKCS#7 test when PKCS7_OUTPUT_TEST_BUNDLES is defined
2021-02-23 11:58:00 -08:00
244accece1
Merge pull request #3799 from SparkiDev/sp_gcd_protect
...
SP int: fix guard around sp_gcm and sp_lcm
2021-02-23 11:53:25 -08:00
6cc137dce0
Fix misplaced endif and brace.
2021-02-23 10:22:59 -08:00
b199c2e444
Fix PKCS8 test
2021-02-23 09:33:14 -08:00
22349e0539
Merge pull request #3800 from dgarske/zd11759
...
Fixes for warnings in Windows and failing `wc_BufferKeyEncrypt` test
2021-02-23 17:07:14 +10:00
b5239f97c4
Fixes for warnings in Windows. Fix for failing `wc_BufferKeyEncrypt` with PBKDF disabled. ZD 11759.
2021-02-22 16:51:17 -08:00
3ac40be091
Merge pull request #3797 from tmael/builderr
...
Correct a build error with a non-standard configurations
2021-02-22 16:33:01 -08:00
d2f9f4c4ce
SP int: fix guard around sp_gcm and sp_lcm
2021-02-23 10:21:32 +10:00
243c3ceacc
Fix build err
2021-02-22 13:36:21 -08:00
451b8ede51
tests: fix preprocessor test for gcd/lcm
...
Fixes `--enable-valgrind --enable-fpecc --enable-ecc` build
2021-02-22 09:53:55 -08:00
c7b1dc8f94
Fix Cryptocell ECC tests
2021-02-19 16:39:45 -08:00
8d7c61cf10
prep for Async release
2021-02-19 11:51:23 -07:00
4da0328e1a
fix wolfCrypt PKCS#7 test when PKCS7_OUTPUT_TEST_BUNDLES is defined
2021-02-18 12:14:48 -07:00
10be54054e
Minor fixes for build errors and bad macro names.
2021-02-18 10:55:47 -08:00
c62b48f7d0
Fixes for building with RSA public or verify only. Fixes issue with reserved "div" keyword as variable name. ZD11585
2021-02-18 07:47:00 -08:00
64bc4b663d
SP fixes: even mod testing, ECC compilation with SP
...
Even mod inversion will sometimes work with integer.c.
Don't call SP code to perform ECC ops unless WOLFSSL_HAVE_SP_ECC is
defined.
2021-02-10 14:38:58 +10:00
75d0496f77
Merge pull request #3722 from SparkiDev/sp_clang_fix
...
test.c: don't check key NULL when not small stack
2021-02-09 16:07:04 -08:00
47d5f6f624
Merge pull request #3714 from SparkiDev/sp_int_rsavfy
2021-02-09 07:28:40 -08:00
5818923762
Merge pull request #3723 from douzzer/AesCcmEncrypt-zero-inSz-null-in
...
AES-CCM null payload buffers with inSz zero
2021-02-09 17:22:03 +10:00
763f388471
SP int: get rsavfy and rsapub working again
2021-02-09 09:58:23 +10:00
7a583d5b4b
aesccm_test(): test for (and require) BAD_FUNC_ARG when in or out pointer to wc_AesCcm{En,De}crypt() is null and inSz > 0.
2021-02-08 16:43:38 -06:00
b8a019dedd
AES-CCM: allow null payload buffers in wc_AesCcmEncrypt() and wc_AesCcmDecrypt() when inSz is zero, and add to aesccm_test() a test for this, tolerating early BAD_FUNC_ARG (for FIPS and arch-specific 3rd party code), and a test for the zero-length string, that must succeed.
2021-02-08 16:34:09 -06:00
c17597a4fb
build: arbitrary path for `make check`
...
To support builds in other directories, unit.test and wolfcrypt test
must be aware of the source and build directory.
2021-02-05 12:10:32 -08:00
93ea355217
build: fix `make distcheck`
...
Need to check if `unit.test` was run from make process and set
different path to run unit test executable.
Writing files in the dist is not allowed during distcheck so write
files to subdirectory used build during distmake
2021-02-05 07:25:07 -08:00
c4afce76f7
test.c: don't check key NULL when not small stack
2021-02-05 14:57:00 +10:00
5577a2215f
Merge pull request #3708 from JacobBarthelmeh/Testing
2021-02-01 10:11:16 -08:00
a7066a9be2
add stdint to test.c if using non blocking ecc test
2021-02-01 23:07:03 +07:00
fd01f79f86
add guard for rsa public only
2021-01-31 23:43:53 +07:00
d14f4f8451
wolfcrypt/test/test.c: smallstack refactor of openssl test routines.
2021-01-30 00:01:15 -06:00
d0b20f90d5
wolfcrypt/test/test.c: use HEAP_HINT, not NULL, for XREALLOC() too.
2021-01-29 20:16:51 -06:00
a332cf36b5
add DYNAMIC_TYPE_AES and DYNAMIC_TYPE_CMAC to enum in types.h, and use these where appropriate;
...
in test.c: use use HEAP_HINT, not NULL in XMALLOC/XFREE calls;
fix a couple typos in aes_test() re WOLFSSL_ASYNC_CRYPT;
add various missing WOLFSSL_SMALL_STACK_STATIC qualifiers;
and streamline old smallstack refactor on-stack declarations declarations to use the much neater [1] construct.
2021-01-29 17:17:31 -06:00
0f6ae330da
wolfcrypt: smallstack refactors of AES code for lkm compatibility with --enable-aesgcm=table.
2021-01-28 22:51:28 -06:00
f91dcb950c
Merge pull request #3670 from dgarske/keil
...
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
2021-01-25 14:57:05 -08:00
05e1ee1694
Cleanup to use fixed sizes from defines for `DECLARE_VAR`. Resolves issue with Visual Studio and using a variable (even const) to declare an array size.
2021-01-25 09:14:12 -08:00
46aee19de3
Fix for Visual Studio issue with non-cost in array declaration.
2021-01-22 10:44:38 -08:00
1ee40ad7bd
Fix to always init the variable (not just when from heap). Cleanup of the `DECLARE_` uses to make sure all allocations succeeded.
2021-01-21 17:12:29 -08:00
fd8527c15e
Fix FIPS compile errors
2021-01-21 15:27:42 -06:00
17f101ef13
Fix for ARM Keil MDK compiler issue with `DECLARE_VAR_INIT`.
2021-01-20 16:57:30 -08:00
5b7e6ccc14
Merge pull request #3613 from SparkiDev/sp_rand_prime_len
...
SP rand_prime: fix length check
2021-01-18 15:23:15 -08:00
563e3c6b60
Merge pull request #3628 from SparkiDev/even_mp_test
...
RSA/DH test: even number error check fixup
2021-01-18 13:39:54 -08:00
cd0670cbd7
RSA: verify only build fixes
...
configuration: --disable-ecc --disable-dh --disable-aes --disable-aesgcm
--disable-sha512 --disable-sha384 --disable-sha --disable-poly1305
--disable-chacha --disable-md5 --disable-sha3 --enable-cryptonly
--disable-inline --enable-rsavfy --disable-asn --disable-oaep
--disable-rng --disable-filesystem --enable-sp=rsa2048 --enable-sp-math
Fixes to make code build again.
2021-01-06 11:58:15 +10:00
10722fba14
RSA/DH test: even number error check fixup
...
Configuration: --enable-sp=3072
Test only enabled when SP is used.
Return codes checked are those we expect from SP.
Code, with configuration, is compiled so that 2048-bit operations are
not going to SP and the error returns were not correct.
2021-01-06 09:39:24 +10:00
40ab08be45
SP rand_prime: fix length check
...
-ve length indicates to use a BBS prime (last two bits set)
2021-01-04 12:31:59 +10:00
a2dec7ce9c
test.c: work around toolchain/ecosystem bug on aarch64 linux 4.14.0-xilinx-v2018.3.
2020-12-30 20:03:13 -06:00
3d88676ff1
test.c: add WOLFSSL_TEST_SUBROUTINE macro to qualify all previously global subtest handlers, defaulting to the empty string. this restores the version<=4.5 test.c namespace allowing end users to call the tests directly piecemeal. --enable-linuxkm[-defaults] sets -DWOLFSSL_TEST_SUBROUTINE=static for extra namespace hygiene.
2020-12-30 16:12:08 -06:00
fbcfc6adbf
test.c: rehab fail codes in ecc_test_curve_size().
2020-12-28 21:56:39 -06:00
d5dd35c739
add --enable-trackmemory=verbose, and add WOLFSSL_TEST_MAX_RELATIVE_HEAP_{BYTES,ALLOCS} and -m/-a (runtime counterparts) to wolfcrypt_test(). also add -h to wolfcrypt_test() to print available options.
2020-12-23 12:03:06 -06:00
f06361ddf6
add WOLFSSL_SMALL_STACK_STATIC macro, and use it to conditionally declare const byte vectors in test.c static for stack depth control -- currently only enabled for linuxkm, but should be compatible with any target with a TLB (virtual memory).
2020-12-22 17:12:57 -06:00
56071ac21f
Fix for Cryptocell tests
2020-12-22 16:23:16 -06:00
ea3c385021
Merge pull request #3579 from SparkiDev/sp_math_all_4096
...
SP math all: enable 4096-bit support by default for x64
2020-12-18 14:14:36 -08:00
7f5a85ae85
Reduce stack usage
2020-12-18 13:15:50 +10:00
ce0a2f3bc9
Fixes for Cavium Nitrox and Intel QuickAssist.
2020-12-17 15:53:28 -08:00
420a040774
fix WOLFSSL_ASYNC_CRYPT usage in test.c, test_wolfSSL_OBJ_ln() in api.c
2020-12-17 11:08:36 -07:00
b0464c93e2
Merge pull request #3542 from SparkiDev/sp_mod_odd
...
SP: ensure modulus/prime is odd before performing RSA/DH/ModExp ops
2020-12-16 08:51:10 -08:00
6dc06993bf
SP: ensure modulus/prime is odd before performing RSA/DH/ModExp ops
2020-12-16 21:49:09 +10:00
972d6cfefc
Base64: Cache attack resistant decode
2020-12-15 17:22:02 +10:00
bd871280d7
Merge pull request #3497 from elms/erf32/se_acceleration
...
ERF32: HW acceleration
2020-12-14 15:43:15 -08:00
2804cb2521
wolfcrypt/test/test.c: more smallstack refactoring in aes_test().
2020-12-11 14:17:25 -06:00
53c6d33695
test.c:aes_test(): add WOLFSSL_SMALL_STACK codepaths for WOLFSSL_AESNI test.
2020-12-11 14:16:44 -06:00
1c0df61247
wolfssl/test.h and wolfcrypt/test/test.c: add STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(), recognize macro WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES, and add to wolfcrypt_test() runtime settability of relative cumulative stack depth assert threshold using "-s stacksize".
2020-12-11 14:16:44 -06:00
525382fb13
test.c:pkcs7authenveloped_run_vectors(): small stack refactor, and reenable for WOLFSSL_LINUXKM.
2020-12-11 14:16:44 -06:00
f47cdfcaed
wolfcrypt/test/test.c: fix skipped initialization warned by LLVM11 scan-build.
2020-12-10 14:16:21 -06:00
f49e9bf954
dsa.c, srp.c, wolfcrypt/test/test.c: smallstack refactors: wc_DsaExportKeyRaw(), wc_DsaSign(), wc_SrpSetKey(), ecc_test_cdh_vectors(), ecc_test_custom_curves().
2020-12-10 14:16:21 -06:00
f7bf0a78fb
test.c:ecc_test_curve_size(): use a macro, not a static const size_t, for size of exportBuf, to make MS Visual Studio happy.
2020-12-10 14:16:21 -06:00
e6b587772f
fix pointer type clash in wolfSSL_BN_mod_word(); restore accidentally removed WOLFSSL_KEY_GEN gate in dsa_test().
2020-12-10 14:16:21 -06:00
ad2cb67047
wolfcrypt/test/test.c: _SMALL_STACK refactors of dsa_test(), srp_test(), openssl_pkey1_test(), and ecc_test_curve_size(); add missing FIPS gates.
2020-12-10 14:16:20 -06:00
93fc37f87b
SiLabs: add cleanup and address PR comments
2020-12-09 16:28:39 -08:00
620fe2da14
SiLabs: Fix tests and wc_ecc_import_private_key
2020-12-08 12:22:35 -08:00
44243278a5
SiLabs: renable ecc_ssh_test and disable AES non-12Byte IV
2020-12-07 15:04:00 -08:00
0d87dfa493
EVP_Cipher should return length written.
2020-12-01 18:36:36 +01:00
099ed25da8
SiLabs: fixing compiler warnings and better error checking
2020-11-30 21:01:49 -08:00
9f7ef0b3e6
SiLabs: Add ECC hardware acceleration support
2020-11-30 21:01:49 -08:00
79c31a5f2c
SiLbs: SHA and AES-{GCM,CBC} hardware acceleration using se_manager
2020-11-30 21:01:49 -08:00
165cb443e7
Micrium v5.8 support
...
* OS error type change from uc OS3 to v5
* detect if network or TCP is available
* XMEMCMP change workaround
2020-11-30 16:32:30 -08:00
91d23d3f5a
Implement all relevant mp functions in sp_int
2020-11-19 11:58:14 +10:00
de6f1c1ae2
Merge pull request #3508 from JacobBarthelmeh/DH
...
fix for no filesystem build with DH test case
2020-11-18 16:15:42 -08:00
9bde34ef5b
Merge pull request #3438 from douzzer/harmonize-CCM8-cipher-names
...
add "CCM8" variants to cipher_names "CCM-8" ciphers, for OpenSSL compat
2020-11-18 15:52:52 -08:00
9cdbff8ee7
fix for no filesystem build with DH test case
2020-11-17 18:27:32 +07:00
710cb7c9f5
Fixes for ECC tests with `WOLFSSL_NO_MALLOC` defined.
2020-11-16 12:17:30 -08:00
e5a0a264b3
Fix for coverity report with possible use of uninitialized value "err" in `WC_ECC_NONBLOCK` case. More fixes for building with `WOLFSSL_NO_MALLOC`.
2020-11-16 12:17:28 -08:00
40387ab0a0
Fixes for building with `WOLFSSL_NO_MALLOC` and/or `NO_ASN_CRYPT` defined.
2020-11-16 12:17:28 -08:00
c7bb602a30
Merge pull request #3482 from douzzer/scan-build-fixes-20201110
...
scan-build fixes -- 1 null deref, 34 unused results
2020-11-12 07:45:45 -08:00
68ebca8573
wolfcrypt/test/test.c: fix typos in aesgcm_test() malloc checks.
2020-11-11 22:47:47 -06:00
5fe1586688
fix 34 deadcode.DeadStores detected by llvm11 scan-build.
2020-11-11 13:04:14 -06:00
1d531fe13b
Peer review fixes.
2020-11-10 09:47:37 -08:00
5de80d8e41
Further refactor the minimum ECC key size. Adds `--with-eccminsz=BITS` option. Fix for FIPSv2 which includes 192-bit support. If `WOLFSSL_MIN_ECC_BITS` is defined that will be used.
2020-11-10 09:47:37 -08:00
b13848e568
Fix tests to handle ECC < 224 not enabled.
2020-11-10 09:47:37 -08:00
4b1a779fcc
tests: fix for fips-test -Wunused-variable on "rng"
2020-11-09 11:54:49 -06:00
b76ac0b842
Merge pull request #3442 from SparkiDev/config_fix_2
...
Configuration fixes
2020-11-03 14:48:49 -08:00
3cce86d7a8
Merge pull request #3420 from dgarske/small_pk
...
ECC memory reductions with key and signature parsing
2020-11-03 14:42:43 -08:00
320afab227
Configuration fixes
...
--enable-sp --enable-sp-asm --disable-fastmath:
cpuid.h - check for WOLFSSL_SP_ASM as well
-enable-curve448 --enable-ed448 --disable-rsa --disable-dh
--enable-tls13 --disable-ecc --enable-certgen --enable-keygen:
api.c - certificate loaded that was RSA but RSA disabled
--enable-sp --enable-sp-asm --enable-sp-math:
cpuid.c - check for WOLFSSL_SP_ASM as well
--disable-shared --disable-ecc --disable-dh --enable-cryptonly
--enable-rsavfy --disable-asn --disable-rng --disable-filesystem:
test.c - rsa_test()
'CC=clang -fsanitize=address' '-enable-distro' '--enable-stacksize':
testsuit.c - echoclient_test_wrapper needs to free ECC FP cache when
it is in a separate thread
2020-10-29 16:21:06 +10:00
931eea30f5
Merge pull request #3397 from cconlon/rc2
...
RC2 ECB/CBC and PKCS#12 Integration
2020-10-28 15:06:47 -07:00
589057245f
Improvement to ECC `wc_ecc_rs_raw_to_sig` to reduce memory use (avoid the mp_int). Additional test cases. Fixes for previous function changes.
2020-10-23 11:00:46 -07:00
a7b325f542
Merge pull request #3414 from kabuobeid/wolfrand_build_fix
...
Fix wolfrand build failure.
2020-10-22 22:54:05 -07:00
42583b5270
Fix wolfrand build failure, caused by defining NO_ASN without NO_CERTS.
2020-10-22 14:48:37 -07:00
c910c94824
rename API wc_XChaCha20Poly1305_{encrypt,decrypt}_oneshot to wc_XChaCha20Poly1305_{Encrypt,Decrypt} for consistency; remove stray debugging printf in XChaCha20Poly1305_test().
2020-10-21 14:36:46 -05:00
99b76241bd
wolfcrypt/test/test.c: remove debugging printf in XChaCha20Poly1305_test().
2020-10-21 14:08:41 -05:00
f65947ae09
rename wc_XChaCha_init() to wc_XChacha_SetKey() for consistency, and add a counter argument to provide for future random access scenarios; refactor wc_Chacha_purge_current_block() to use a dummy wc_Chacha_Process() call for intrinsically correct counter dynamics.
2020-10-21 14:08:41 -05:00
6142c22948
add wc_XChaCha_init(), wc_XChaCha20Poly1305_Init(), wc_XChaCha20Poly1305_encrypt_oneshot(), wc_XChaCha20Poly1305_decrypt_oneshot(), and wc_Poly1305_EncodeSizes64(). also, remove redundant arg check (typo) in wc_Poly1305Update().
2020-10-21 14:08:41 -05:00
7c38be407c
Merge pull request #3398 from dgarske/async_test
...
Fixes for `--enable-asynccrypt` tests
2020-10-20 15:13:51 -07:00
fbd98be7af
Fixes for `--enable-asynccrypt` tests after PR #3244 .
2020-10-16 15:55:17 -07:00
4364700c01
DH Fix
...
These changes fix several fuzz testing reports. (ZD 11088 and ZD 11101)
1. In GetDhPublicKey(), the DH Pubkey is owned by the SSL session. It
doesn't need to be in the check for weOwnDh before freeing. There
could be a chance it leaks.
2. In GeneratePublicDh() and GeneratePrivateDh(), the size of the
destination buffer should be stored at the location pointed to by the
size pointer. Check that before writing into the destination buffer.
3. Ensure the size of the private and public key values are in the size
value before generating or getting the DH keys.
2020-10-16 15:35:23 -07:00
d4bbe529fb
switch RC2 struct name to Rc2 for consistent camel case across algorithms
2020-10-16 15:19:47 -06:00
a6923ff100
initial implementation of RC2-CBC
2020-10-16 12:02:16 -06:00
4c75037bdb
initial implementation of RC2-ECB
2020-10-16 12:00:56 -06:00
aeeeb666a7
Maintenance Fixes
...
1. The test_wolfSSL_X509V3_EXT_print() test was using stderr for output,
changed to stdout.
2. A call to XFREAD wasn't typecasting its output to the size of the
variable getting the output in decodedCertCache_test().
2020-10-09 15:01:32 -07:00
29d4de6307
fix pkcs7compressed_test() (test gated on HAVE_LIBZ), broken by PR#3244.
2020-10-09 12:42:14 -05:00
c69e9927fa
Merge pull request #3354 from SparkiDev/mac_arm_asm_2
...
ARM ASM ChaCha20: Fix calc of left over bytes
2020-10-08 14:49:33 -07:00
d9eaeb4a3b
Fix NTRU + QSH build
2020-10-08 09:13:00 -06:00
f76165a3fa
ARM ASM ChaCha20: Fix calc of left over bytes
2020-09-30 15:57:33 +10:00
dbf18b8532
Test ECC-521 Only
...
Update benchmark and wolfcrypt test to support using only ECC-521 in a custom curve list.
2020-09-28 09:22:24 -07:00
c798c7f396
DH EXTRA test: Disable DH test unless not FIPS or FIPS > 2
...
statickeys/dh-ffdhe2048.der is an alternate format that is supported
when WOLFSSL_DH_EXTRA is defined.
The decoding is not supported when FIPS and FIPS version is less than 3.
Fix test to not use file unless not FIPS or FIPS > 2.
2020-09-25 11:41:59 +10:00
62bbef2f2e
wolfcrypt/test/test.c: add missing gating for -DBENCH_EMBEDDED.
2020-09-23 18:32:16 -05:00
2609fa9aeb
test.c:rsa_test(): fix cpp gating for clearing of keypub buffer.
2020-09-23 18:32:16 -05:00
5f972d2ae6
test.c: now that sp math is fixed and working in linuxkm, reenable prime_test() for WOLFSSL_LINUXKM, and add a small stack refactor for it.
2020-09-23 18:32:16 -05:00
8f130f3642
test.c: tweaks to accommodate clang's belligerent -Wparentheses-equality.
2020-09-23 18:32:16 -05:00
447a238e8e
test.c: missed a _SMALL_STACK spot in rsa_ecc_certgen_test().
2020-09-23 18:32:16 -05:00
5bfb5a3a83
test.c: fix missed spot in rsa_certgen_test(), and do another _SMALL_STACK refactor of a missed object in rsa_ecc_certgen_test().
2020-09-23 18:32:16 -05:00
fdf87fe152
test.c: another missed spot.
2020-09-23 18:32:16 -05:00
ebca451c93
test.c: missed a spot -- inadvertently unused return value.
2020-09-23 18:32:16 -05:00
80961ea913
test.c:ecc_decode_test(): WOLFSSL_SMALL_STACK refactor
2020-09-23 18:32:16 -05:00
dbe0273bf4
test.c: additional WOLFSSL_SMALL_STACK refactoring, covering --enable-sp-math and various missed spots.
2020-09-23 18:32:16 -05:00
cd88a2c7df
wolfcrypt/test/test.c: when WOLFSSL_LINUXKM, don't do the large-malloc-incurring wc_scrypt()s in scrypt_test().
2020-09-23 18:32:16 -05:00
dc4b15a265
test.c: fix gating on heap deallocation in hc128_test() to match earlier tweak to gating on allocation.
2020-09-23 18:32:16 -05:00
b52d50d903
test.c: various improvements and fixes pursuant to dgarske's comments on PR #3244
2020-09-23 18:32:16 -05:00
a80b0c1982
test.c: don't exclude prime_test when -DOLD_PRIME_CHECK, but to exclude it when -DWOLFSSL_LINUXKM.
2020-09-23 18:32:16 -05:00
e8b69f8a6a
dh_test(): fix missing casts for XMALLOC().
2020-09-23 18:32:16 -05:00
f440089e92
dh_test(): fix typo (undersized dynamic buffers).
2020-09-23 18:32:16 -05:00
f106fea0d8
rsa_no_pad_test(): fix uninited pointer.
2020-09-23 18:32:16 -05:00
4ea8b46177
dh_test(): refactor remaining bare returns to ERROR_OUT().
2020-09-23 18:32:16 -05:00
2ee218761e
dh_test(): missed a spot in last commit.
2020-09-23 18:32:16 -05:00
ca1a991de5
wolfcrypt/test/test.c: fix an error-path leak in dh_test(), and deal with possible -Wdeclaration-after-statement for `XFILE file`.
2020-09-23 18:32:16 -05:00
a7381f8a48
test.c:rsa_test(): fix uninited pointer
2020-09-23 18:32:16 -05:00
426de2101a
more work on DECLARE_VAR -- proper handling of failed allocations. WIP.
2020-09-23 18:32:16 -05:00
9b7c753165
wolfssl/wolfcrypt/types.h: make DECLARE_VAR() et al use heap allocation not only when WOLFSSL_ASYNC_CRYPT but also when WOLFSSL_SMALL_STACK.
2020-09-23 18:32:15 -05:00
571bf897c4
wolfcrypt/test/test.c: stack->heap refactor for dh_test().
2020-09-23 18:32:15 -05:00
66b59bda9b
Fix for expected fail test in `openssl_test` for partial block. Fix for `mp_test` with ECC disabled, which uses `mp_init_copy`.
2020-09-23 18:32:15 -05:00
0f8cf32122
Fix for possible leak in `openssl_test` because EVP free not called with `WOLFSSL_SMALL_STACK_CACHE` (SHA256/SHA512). Added return code checking to the openssl_test in wolfCrypt test.
2020-09-23 18:32:15 -05:00
32e30d23c6
wolfcrypt/test/test.c: fix uninitialized values in aesofb_test().
2020-09-23 18:32:15 -05:00
f56c6d1d8f
wolfcrypt/test/test.c and wolfssl/test.h: implement DEBUG_STACK_SIZE_VERBOSE, measuring and reporting stack usage separately for each test. to use, ./configure --enable-stacksize && make CFLAGS+=-DDEBUG_STACK_SIZE_VERBOSE; also, remove a throwaway dev pragma that snuck into an earlier commit.
2020-09-23 18:32:15 -05:00
925afe3b74
cast XMALLOC() return values assiduously, for Visual Studio compatibility.
2020-09-23 18:32:15 -05:00
535822f4df
wolfcrypt/test/test.c: refactor for stack size and namespace control, allowing embedding of wolfcrypt_test() in kernel module.
2020-09-23 18:32:15 -05:00
8753b5b947
Merge pull request #3257 from kojo1/user-mutex
...
fix guard, user define mutex
2020-09-03 15:21:53 -07:00
a626ac39f2
Merge pull request #3253 from SparkiDev/chacha20_stream_fix
...
ChaCha20: Enable streaming with Intel x86_64 asm
2020-09-03 15:18:00 -07:00
54c8774103
ChaCha20: Enable streaming with Intel x86_64 asm
2020-08-31 09:06:51 +10:00
21d17b17d0
Fix typo in code comment for ECC curve cache. Fix for valgrind report of possible use of uninitialized value with ChaCha/Poly AEAD test.
2020-08-27 12:01:24 -07:00
6d5731b8e9
Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with `WOLFSSL_SMALL_STACK_CACHE`. Added return code checking and cleanup for `openssl_test`.
2020-08-26 09:45:26 -07:00
083f143c89
Fixes for warnings with minimum ECC build.
2020-08-21 15:47:02 -07:00
79c0fd3f29
Fix for ECC make key test not waiting for async completion.
2020-08-20 14:25:05 -07:00
0011b7b376
Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with `wc_DhKeyDecode` and `WOLFSSL_DH_EXTRA`. Fix leak in `dh_test` with new call to DH key import.
2020-08-20 14:25:05 -07:00
3f6861ee82
FIPS Ready Fix with ECC Timing Resistance
...
Commit 6467de5
2020-08-14 10:54:55 -07:00
6467de5a88
Randomize z ordinates in scalar mult when timing resistant
...
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
2020-08-11 16:12:47 +10:00
462f4f9e45
Merge pull request #3196 from cconlon/cavpmarvell
...
Add fips-check.sh target for marvell-linux-selftest, selftest v2 support
2020-08-06 10:45:03 -07:00
4a167c0f2c
Merge pull request #3119 from tmael/do178-fix
...
DO-178 fix
2020-08-05 16:30:00 -07:00
a536e8acd6
Merge pull request #3187 from SparkiDev/config_fix_1
...
Fixes for different configurations
2020-08-03 16:41:50 -07:00
bfb4b2079b
Merge pull request #3163 from dgarske/nrf52
...
Fixes for building against latest nRF52 SDK
2020-08-03 16:33:49 -07:00
d0969ea1ce
Fixes for different configurations
...
Fix SkipInt() to work with DSA.
Fix protection around SetBitString16Bit() - when WOLFSSL_CERT_GEN and
WOLFSSL_CERT_EXT defined is only use.
WOLFSSL_RSA_VERIFY_ONLY and PSS means testing of PSS won't work.
Fix g++ build around ASN1_SEQUENCE - const variable required to be
initialized.
2020-08-03 14:55:09 +10:00
776b1a2d17
Fix for ED25519 with user_settings.h. Fixes for build warnings. Fix spelling error. Added template for wolfBoot key/sign tools.
2020-07-31 15:17:53 -07:00
4cc7f9e4a9
Check correct returned value
2020-07-30 09:18:45 -07:00
c6b4fa3be3
add selftest version for newer 4.1.0 validation
2020-07-29 15:10:47 -06:00
9160a126e4
Fixes for running wolfCrypt test/benchmark with SECP256R1 disabled. Improved detection of ECC key generation size.
2020-07-28 11:43:48 -07:00
25fcd082d7
Improve the `mutex_test` test with pthreads. Fixes #3109
2020-07-28 08:19:32 -07:00
8417e0b725
Fixes for building against latest nRF52 SDK. Allow nRF5x AES GCM to be enabled (uses software, but ECB is accelerated). Fix in wolfCrypt test for building AES GSM only with `NO_AES_DECRYPT`.
2020-07-24 15:46:17 -07:00
e84defb268
Merge pull request #3044 from dgarske/sniffer_tls13
...
TLS v1.3 sniffer support
2020-07-24 11:46:38 -07:00
9268ae1397
Fix line length issues. Add debug msg in test to show number of non-blocking iterations.
...
```
$ ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" --enable-debug && make
$ ./wolfcrypt/test/testwolfcrypt
...
ECC non-block sign: 18063 times
ECC non-block verify: 35759 times
ECC test passed!
```
2020-07-21 10:41:25 -07:00
1b051d9c5b
TLS v1.3 sniffer support:
...
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
2020-07-17 15:22:35 -07:00
90ee12f51a
Added test case for ECC non-blocking. `./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" && make`.
2020-07-17 15:13:50 -07:00
890500c1b1
Fix Coverity
2020-07-08 08:20:43 -07:00
fd257ee8b9
fix guard
2020-07-03 05:42:44 +09:00
6b1a6309ce
Fixes for CryptoCell. Fix for signature wrapper signing to allow larger signing input buffer. Cleanup of some duplicate code. Fix for bad cryptocell ECC make key result check (-9628). Fixes #3059 . Thanks Sylwester.
2020-06-18 13:40:30 -07:00
248b8c9b62
Merge pull request #3057 from kaleb-himes/FIPSv2_plus_OPENSSLALL
...
Resolve issues with FIPSv2 when opensslall set
2020-06-18 10:12:06 -07:00
e2fb4c55b8
Resolve issues with FIPSv2 when opensslall set
2020-06-17 14:03:02 -06:00
6bb73fb25d
Fix ED448 calls to use context and correct variable name
...
Added basic test of OpenSSL compatability APIs:
- wolfSSL_ED25519_generate_key
- wolfSSL_ED25519_sign
- wolfSSL_ED25519_verify
- wolfSSL_ED2448_generate_key
- wolfSSL_ED448_sign
- wolfSSL_ED448_verify
2020-06-17 10:05:50 +10:00
29bdc7d8b5
Merge pull request #3015 from tmael/cov-fix
...
Coverity fix in wolfSSL 4.4.0
2020-06-10 17:07:47 -07:00
e993cb6cc0
Merge pull request #2942 from dgarske/tls13_on
...
Enable TLS v1.3 by default
2020-06-09 13:30:02 -07:00
d543e305f1
Fix optimized AES-CCM - counter
...
AES-NI optimized 4 block at a time was not incrementing counter
poprerly.
2020-06-08 10:48:19 +10:00
4d8cf5b571
Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF).
2020-06-04 15:31:18 -07:00
6176f8537f
Typecast to fix conversion loses
2020-06-02 22:06:14 -07:00
d5241bbcc6
Coverity fix
2020-06-02 15:35:27 -07:00
dc1472692a
Merge pull request #3011 from dgarske/nomalloc
...
Fixes for using static memory with no malloc
2020-06-02 11:46:29 -07:00
7ce7d244f8
Fix for using static memory AES GCM test.
2020-05-28 15:12:01 -07:00
896fcd9aec
add WOLFSSL_ATECC6088A, Trust&GO support, PIC32 HAL compatibility, 608A expansions
2020-05-27 16:49:29 -06:00
d09b947478
update for test case and sha3
2020-05-19 19:27:38 -06:00
6a7a8fa5b7
updated RSA calls to Xilsecure
2020-05-19 19:27:21 -06:00
9efd9afdfb
fix minor IAR warnings in test.c
2020-05-19 14:12:13 -06:00
f894d4c0d2
FIPS on Solaris
2020-05-14 10:11:54 -07:00
9e68de0fb7
Add test certs for ASN_IP_TYPE
2020-05-07 11:52:49 +02:00
a1489d981c
Merge pull request #2930 from JacobBarthelmeh/SanityChecks
...
check on tag length for AES-CCM
2020-04-30 14:51:20 -07:00
c85a53c631
add macro guard for fips and selftest builds
2020-04-27 15:36:53 -06:00
1e726e19a4
Fix for XMALLOC cast.
2020-04-27 06:48:41 -07:00
cfc0aeb857
Fix for RSA and KeyGen only in test.c.
2020-04-24 08:56:31 -07:00
Anthony Hu
John Safranek
Daniel Pouzzner
Marco Oliverio
JacobBarthelmeh
David Garske
Juliusz Sosinowicz
Juliusz Sosinowicz
Chris Conlon
Sean Parkinson
Daniele Lacamera
Hideki Miyazaki
Tesfa Mael
Kareem
kaleb-himes
Hayden Roche
Andrew Hutchings
Anthony Hu
TakayukiMatsuo
Lealem Amedie
Elms
Eric Blankenhorn
toddouska
Takashi Kojo