feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
7,421 Commits 28 Branches 172 Tags
3c684886adcfc4fa0a0557e665e17f73b5eb0e04
Commit Graph

362 Commits

Author SHA1 Message Date
David Garske
3c684886ad Fixes to resolve building --enable-tls13 --disable-ecc --enable-curve25519 --enable-ed25519. 2018-04-25 07:54:53 -07:00
toddouska
1ddccf63dc Merge pull request #1496 from JacobBarthelmeh/Compatibility-Layer 
Compatibility layer
 2018-04-24 13:33:33 -07:00
Takashi Kojo
bf950198f2 api.c: option conditions 2018-04-18 13:02:40 +09:00
Takashi Kojo
56af3a5b36 add HMAC SHA2 2018-04-18 08:47:39 +09:00
toddouska
09706a4ed2 Merge pull request #1488 from SparkiDev/tls13_perf 
Changes for interop and performance
 2018-04-16 09:16:13 -07:00
Jacob Barthelmeh
f9eda5d790 free test certificate after use 2018-04-13 09:16:22 -06:00
Eric Blankenhorn
a0d8327320 Coverity fixes 2 (#1493) 
* Coverity fixes for wolfcrypt folder
* Fixes for remaining issues
* Fixes for test files
 2018-04-13 05:35:18 -07:00
Sean Parkinson
0b47811c46 Changes for interop and performance 
Changes made to test.h to allow interop of PSK with OpenSSL.
Changes to allow server to pre-generate key share and perform other
operations at later time.
Fix ChaCha20 code header to have bigger state to support assembly code
for AVX1.
Fix Curve25519 code to use define instead.
Change Curve25519 to memset all object data on init.
Change Poly1305 to put both sizes into one buffer to avoid a second call
to wc_Poly1305Update().
Added WOLFSSL_START and WOLFSSL_END API and calls to show time of
protocol message function enter and leave to analyse performance
differences.
Moved Curve25519 code in KeyShare extension out of general ECC code.
 2018-04-13 12:01:20 +10:00
Jacob Barthelmeh
cfaed48f90 adjust GetInt call with ASN1 integer to big number 2018-04-12 14:40:20 -06:00
Jacob Barthelmeh
df06707496 Handle larger values with ASN1 INTEGER structure 2018-04-12 14:07:29 -06:00
David Garske
ce6728951f Added a new --enable-opensslall option, which ensures all openssl features are enabled. Documented and tested building the various open source defines we support in our build. 2018-04-11 13:54:07 -07:00
David Garske
a38576146e * Added support for disabling PEM to DER functionality using WOLFSSL_PEM_TO_DER. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests. 
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
 2018-04-09 13:28:15 -07:00
David Garske
6de8348918 Fixes for various build configurations. Added --enable-enckeys option to enable support for encrypted PEM private keys using password callback without having to use opensslextra. Moved ASN CryptKey function to wc_encrypt.c as wc_CryptKey. Fixup some missing heap args on XMALLOC/XFREE in asn.c. 2018-04-09 13:28:15 -07:00
David Garske
c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
David Garske
21833e245f Fix TLS 1.3 with ECC disabled and CURVE25519 enabled. Resolves issue with using ./configure --disable-ecc --enable-curve25519 --enable-ed25519 --enable-tls13. Refactor TLSX_KeyShare_GenEccKey to support either ECC or CURVE25519. Fix for PemToDer to handle ED25519 without ECC enabled. 2018-04-09 10:10:08 -07:00
David Garske
c288d0815d Added support for building and using PKCS7 without RSA (assuming ECC is enabled). 2018-04-03 09:26:57 -07:00
jrblixt
1cd6075b9d Nightly build fix. 2018-03-27 16:54:14 -06:00
Chris Conlon
c08f5b86cf Merge pull request #1444 from jrblixt/unitTest_api_addPkcs-PR03162018 
Unit test functions for PKCS#7.
 2018-03-23 10:00:33 -06:00
jrblixt
316a2b9fb4 Review changes: Chris. 2018-03-22 15:35:25 -06:00
Jacob Barthelmeh
df6ea54cd5 add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build 2018-03-20 15:06:35 -06:00
jrblixt
2788183e79 Known config. tests fix. 2018-03-20 14:35:26 -06:00
jrblixt
1aba6e9b44 Prepare for PR. 2018-03-16 17:07:28 -06:00
Jacob Barthelmeh
e0afec0600 fix RSA macro, tickets without server, and add test case 2018-03-08 14:36:43 -07:00
toddouska
442430d39e Merge pull request #1392 from ejohnstown/rsa-decrypt-check 
RSA Decrypt Bounds Checking
 2018-02-26 12:19:37 -08:00
John Safranek
a49553df6a RSA Decrypt Bounds Checking 
1. Added some bounds checking on the ciphertext passed into the RSA decrypt function. NIST SP 800-56B specifies that the ciphertext shouldn't be a number larger than the modulus.
2. Added an API test to check that the direct RSA decrypt function returns an error with a "bad" message.
3. Added an ifndef guard to disable the bounds check. Default is to keep the bounds check.
4. RSA Decrypt bounds check only checked the first time into wc_RsaFunction().
 2018-02-23 17:04:05 -08:00
JacobBarthelmeh
89390180a0 Merge branch 'master' into Compatibility-Layer 2018-02-22 15:24:31 -07:00
Jacob Barthelmeh
fd7ffc992f fix for unused variables 2018-02-21 11:19:49 -07:00
Jacob Barthelmeh
2a15b3912b revert pkcs7 attrib structure for scep and add more macro guards for AES key size 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh
c9525d9c1d add opensslextra=x509small build option 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh
f569645212 add wolfSSL_SHA256 function 2018-02-16 16:57:45 -07:00
Jacob Barthelmeh
a651b08afa add wolfSSL_AES_ecb_encrypt function 2018-02-16 15:08:31 -07:00
JacobBarthelmeh
223edab6d9 Merge pull request #1378 from dgarske/evp_gcc7_async_test 
Fixes a few build errors with EVP/wolfCrypt test and async API test hang
 2018-02-16 13:11:36 -07:00
David Garske
ae5dac8994 Fixes for GCC 7 build errors with evp.c and switch fall through. General EVP code formatting cleanup. Fix for wolfCrypt test un-used var when HAVE_AES_CBC not defined. Fix for async in test_wolfSSL_SESSION with err not being initialized. 2018-02-16 09:32:40 -08:00
Jacob Barthelmeh
488a795747 add wolfSSL_PEM_read_bio_RSAPrivateKey function 2018-02-15 22:34:50 -07:00
John Safranek
d8eff923f1 Merge pull request #1372 from JacobBarthelmeh/UnitTests 
clear error node queue after test case and initialize logging buffer
 2018-02-15 08:40:45 -08:00
David Garske
9ff97997a6 Merge pull request #1360 from SparkiDev/sp_math 
Minimal implementation of MP when using SP.
 2018-02-14 15:49:23 -08:00
Jacob Barthelmeh
c1b1fbaf7e clear error node queue after test case 2018-02-14 13:55:43 -07:00
Jacob Barthelmeh
c09e55c749 add check for having ECC enabled when testing with ECC certificate 2018-02-12 09:59:35 -07:00
toddouska
d827e93af9 Merge pull request #1329 from JacobBarthelmeh/PKCS12 
PKCS12 reverse order that certificates are compared for keypair
 2018-02-09 13:15:07 -08:00
Sean Parkinson
a3a4f2d59c Minimal implementation of MP when using SP. 
--enable-sp-math to include minimal implementation of MP (only with
--enable-sp.)
Add futher functionality for ECC (conditionally compiled):
- check key
- is point on curve
- API to add and double projective points
- API to map from project to affine
- Uncompress point (including sqrt)
Some configuration options will not work with SP math - configure.ac
detects this and errors out.
Change test code to better support SP sizes only.
 2018-02-08 15:50:17 +10:00
Jacob Barthelmeh
62b8c0c3fd add test case for order of certificates with PKCS12 parse 2018-02-07 16:52:39 -07:00
toddouska
d63373066b Merge pull request #1331 from JacobBarthelmeh/Compatibility-Layer 
add comments and better error checking for PKCS8 strip
 2018-02-02 10:50:29 -08:00
Takashi Kojo
162326dfcb fix shadow global 2018-01-22 01:19:45 +09:00
Jacob Barthelmeh
1428934ad5 add comments and better error checking for PKCS8 strip 2018-01-19 16:53:12 -07:00
toddouska
2efe7f6d96 Merge pull request #1319 from JacobBarthelmeh/Compatibility-Layer-Part5 
Compatibility layer part4
 2018-01-19 14:49:12 -08:00
John Safranek
9654f19075 RSA Key Gen Test Fix 
A recent change to the RSA key generation process is capping the number of attempts of finding a probable prime to a multiple of the prime's size, in FIPS builds. This means it might fail once in a while. (It could also fail for a couple other reasons but this is the most likely.) The API is changed to retry key generation until it succeeds. Non-FIPS builds keep trying until they find a prime.
 2018-01-18 12:20:25 -08:00
Jacob Barthelmeh
19288ea127 casting values, update names, g++ build 2018-01-17 12:18:00 -07:00
Jacob Barthelmeh
676e2f1f63 add comments and remove 2999 bit rsa key test for now 2018-01-17 11:19:21 -07:00
Jacob Barthelmeh
bf57da1914 static analysis fixes, free buffer return in test case, fips build 2018-01-17 09:28:25 -07:00
Takashi Kojo
56efe657fc save iPad, oPad. test long key 2018-01-16 14:57:53 -07:00