feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
5,086 Commits 28 Branches 172 Tags
b3721c68088bb01a7089b43cd5d93b51e4e4fac3
Commit Graph

978 Commits

Author SHA1 Message Date
toddouska
2368d49678 Merge pull request #572 from ejohnstown/pathlen 
CA Certificate Path Length Checking
 2016-09-21 14:36:24 -07:00
John Safranek
a42bd30278 CA Certificate Path Length Checking 
1. Check the path length between an intermediate CA cert and its
   signer's path length.
2. Always decode the path length if present and store it in the decoded
   certificate.
3. Save the path length into the signer list.
4. Path length capped at 127.
5. Added some test certs for checking CA path lengths.
 2016-09-20 21:36:37 -07:00
John Safranek
65a7978dec Merge pull request #567 from toddouska/rng 
RDSEED enhancements
 2016-09-20 12:09:01 -07:00
toddouska
0718aba655 fix comment typo 2016-09-19 13:28:14 -07:00
toddouska
485d814aed Merge pull request #563 from JacobBarthelmeh/ARMv8 
ARMv8 : AES-GCM constraint fix
 2016-09-19 09:30:08 -07:00
Jacob Barthelmeh
6d73175b22 Benchmark App : fixed some invalid set key sizes 2016-09-17 15:07:38 -06:00
toddouska
c51444bec5 update rdseed to 64bit get, more retries, fallback to /dev/urandom on failure 2016-09-16 18:54:47 -07:00
Jacob Barthelmeh
f755591316 ARMv8 : AES-GCM constraint fix 2016-09-16 19:43:47 +00:00
toddouska
c85b3b84d9 Merge pull request #554 from JacobBarthelmeh/ARMv8 
ARMv8 : AES-CTR/CBC/GCM speed ups and refactor AES
 2016-09-16 09:34:24 -07:00
John Safranek
03ebb4825e Merge pull request #552 from toddouska/aesca 
prevent compiler from optimzing out PreFetch Td4
 2016-09-16 09:16:07 -07:00
Jacob Barthelmeh
6d82cba29c ARMv8 : AES-CTR/CBC/GCM speed ups and refactor AES 2016-09-15 22:50:00 +00:00
toddouska
c1ac0c0f8c Merge pull request #545 from ejohnstown/ems 
Extended Master Secret
 2016-09-15 11:25:41 -07:00
toddouska
8cdaa06127 prevent compiler from optimzing out PreFetch Td4 2016-09-15 10:02:30 -07:00
toddouska
dc337946d5 make sure rsa rng is null on init 2016-09-14 14:33:08 -07:00
John Safranek
7410b5784f Merge pull request #548 from toddouska/nocache 
add WC_NO_CACHE_RESISTANT option for old code paths
 2016-09-14 10:24:29 -07:00
Jacob Barthelmeh
109642fef4 aes.c : check ILP32 macro defined 2016-09-14 09:33:48 -06:00
toddouska
b6937626b4 don't require uneeded temp with WC_NO_CACHE_RESISTANT 2016-09-13 17:01:50 -07:00
toddouska
7b3fc558ec add WC_NO_CACHE_RESISTANT option for old code path 2016-09-13 16:45:15 -07:00
John Safranek
b77c350153 Merge pull request #547 from toddouska/mathca 
Remove timing resistant cache key bit monitor leaks
 2016-09-13 14:34:23 -07:00
toddouska
05d78dc2ce Merge pull request #544 from cconlon/rsafix 
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
 2016-09-13 11:24:03 -07:00
toddouska
46a0ee8e69 switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor 2016-09-13 11:10:10 -07:00
John Safranek
0477d5379e Merge pull request #546 from toddouska/aesca 
AES T table cache preload.
 2016-09-13 11:05:28 -07:00
toddouska
6ef9e79ff5 switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor 2016-09-13 09:13:39 -07:00
toddouska
6ae1a14c9f do aes cache line stride by bytes, not word32s 2016-09-12 21:09:08 -07:00
toddouska
c6256211d6 compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round 2016-09-12 13:04:30 -07:00
toddouska
97a64bcc7c remove unique aes last round Te table, pre fetch Te tables during software aes encrypt 2016-09-12 12:03:37 -07:00
Chris Conlon
a149d83bff include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys 2016-09-09 16:11:56 -06:00
toddouska
fc54c53f38 Merge pull request #543 from JacobBarthelmeh/ARMv8 
ARMv8 : increase performance with SHA256
 2016-09-09 10:23:44 -07:00
Jacob Barthelmeh
3ec66dd662 ARMv8 : sanity checks and change constraint type 2016-09-09 00:27:40 +00:00
Jacob Barthelmeh
f4e604dec3 verify case with unexpected input 2016-09-08 15:32:09 -06:00
Jacob Barthelmeh
79af4d30e0 ARMv8 : increase performance with SHA256 2016-09-08 18:00:24 +00:00
toddouska
baebec4ca4 Merge pull request #538 from JacobBarthelmeh/ARMv8 
initial ARMv8 instructions
 2016-09-07 09:20:14 -07:00
Jacob Barthelmeh
09b29cb1d4 ARMv8 AES: remove extra memcpy during encrypt/decrypt 2016-09-02 22:55:17 +00:00
Chris Conlon
5bf8806655 add wc_Sha384/512GetHash() functions 2016-09-01 15:05:27 -06:00
Jacob Barthelmeh
41912b92c6 initial ARMv8 instructions 2016-09-01 18:10:06 +00:00
John Safranek
963b9d4c4d OCSP Fixes 
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
 2016-09-01 09:58:34 -07:00
Chris Conlon
a0b02236b8 Merge pull request #527 from danielinux/master 
Support for Frosted OS
 2016-08-31 10:07:25 -06:00
David Garske
6a70403547 Fix for "not used" devId in benchmark. 2016-08-29 11:01:16 -07:00
David Garske
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
toddouska
bd312cb766 Merge pull request #533 from dgarske/dg_fixes 
Fixes for HMAC/small stack heap and disable RSA warnings
 2016-08-26 14:30:55 -07:00
David Garske
bf23b2f9d1 Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup. 2016-08-26 12:35:47 -07:00
David Garske
925e5e3484 Fixes typo issue with heap in hmac and small stack enabled. Fixed "never read" scan-build warnings with typeH and verify when RSA is disabled. 2016-08-26 10:33:01 -07:00
David Garske
a9278fe492 Added check for GetLength result in asn GetIntRsa function. Fixed return code in random.c for "wolfAsync_DevCtxInit" due to copy/paste error. Added RSA wc_RsaCleanup to make sure allocated tmp buffer is always free'd. Eliminated invalid RSA key type checks and "RSA_CHECK_KEYTYPE". 2016-08-23 11:31:15 -07:00
Daniele Lacamera
3d3f8c9dd3 Support for Frosted OS 2016-08-18 14:56:14 +02:00
David Garske
3e6be9bf2c Fix in "wc_InitRsaKey_ex" for normal math so mp_init isn't called to defer allocation. 2016-08-15 14:07:16 -06:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
dgarske
b38218a0b9 Merge pull request #524 from kaleb-himes/certs-buffs-and-tests 
cert updates, new buffers, new test with buffers
 2016-08-14 08:39:37 -07:00
kaleb-himes
da18e463ed remove constraints on inclusion of certs_test.h 2016-08-12 17:00:22 -06:00
kaleb-himes
03295ec6d7 update certs, extend ntru to 1000 days, add der formatted ecc, new ecc buffer test 
changes from first review

move to 256 bit defines
 2016-08-12 13:00:52 -06:00
Jacob Barthelmeh
b502d9dcf7 help static analysis tools 2016-08-10 14:23:27 -06:00