feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity
5,086 Commits 28 Branches 172 Tags
b3721c68088bb01a7089b43cd5d93b51e4e4fac3
Commit Graph

978 Commits

Author SHA1 Message Date
David Garske
dd52af0872 ECC cleanup / fixes. Improvements to ECC with fast math enabled to avoid mp_clear on stack variables. Refactor of ECC failure cleanup (fixes possible mem leaks with small stack enabled). Refactor of "fp_is*" response checks to use FP_YES or FP_NO. Pulled libtom enhancement/cleanup of fp_isprime. Fix for compressed keys import with custom curves (still having some issues though). 2016-06-21 15:27:51 -07:00
David Garske
aa1a405dd1 Fixes for compressed keys. Fix to fast math "mp_cnt_lsb" to return proper value, which fixes "mp_jacobi", which fixes "mp_sqrtmod_prime", which fixes compressed keys for 224-bit key. Removed workarounds for compressed keys. Added new configure option "--enable-compkey". Fixed issue with normal math and custom curves where "t2" could be free'd and used. Fixed issue with mp_dump in integer.c, with not allocating correctly sized buffer for toradix. 2016-06-21 14:06:02 -07:00
toddouska
de4448c59b Merge pull request #452 from dgarske/fixeccscanbuildwarning 
Fixes scan-build warning in ecc.c line 2208
 2016-06-20 09:09:21 -07:00
David Garske
3789d9913c Fixes scan-build warning "wolfcrypt/src/ecc.c:2208:6: warning: Use of memory after it is freed". This is due to a rebase issue with static memory changes after the new ECC custom curves changes. The precomp[] is init to NULL at top so cleanup can always be done at end (shouldn't be done in middle). 2016-06-18 22:35:52 -07:00
David Garske
eb1d8d5df6 Fix for NID names on NIST prime 192 and 256 curves. Cleanup of the memcpy/memset in .i files to use portable names. 2016-06-17 15:59:25 -07:00
David Garske
6da166d83b Enhancement / cleanup of the "wc_ecc_make_key_ex" API so it can be used with "keysize" or "dp" and allows compatibility with existing "wc_ecc_make_key". Note: "wc_ecc_make_key_ex" was not previously public, so changing it at this point is okay. 2016-06-16 10:38:15 -07:00
David Garske
d55663eaee Added ECC API's for using custom curves that are not in the "ecc_sets" list. Added wolfCrypt test to validate/demonstrate custom curve using BRAINPOOL256R1. Exposed "wc_ecc_make_key_ex" and added "wc_ecc_import_x963_ex" / "wc_ecc_import_raw_ex" API's that accept "const ecc_set_type*" for custom curve. Internally use "ECC_CUSTOM_IDX" (-1) to define custom curve is used. Added "--enable-ecccustcurves" option to configure.ac. 2016-06-16 10:09:41 -07:00
David Garske
69b6ac504f Fixes for ecc heap errors after rebase. 2016-06-16 06:46:22 -07:00
David Garske
237193fdee Fixed scan-build warning about "len" being used un-initialized in ecc_mul2add. Cleanup of the "mu" variable handling. 2016-06-15 08:41:51 -07:00
David Garske
7c5483ba0b Performance improvements in fp_mulmod, fp_submod and fp_submod to handle ALT_ECC_SIZE better. Revert fp_clear to fp_add_d, since it isn't required and slows it down. 2016-06-15 08:41:51 -07:00
David Garske
5703e5eadb ECC changes to support custom curves. Added new "WOLFSSL_CUSTOM_CURVES" option to support non-standard ECC curves in ecc_is_point and ecc_projective_dbl_point. Refactor to load and pass curve "a" parameter down through ECC functions. Relocated mp_submod and added mp_addmod. Refactor to pass mp variable directly (not pointer) for montgomery variable. Fix in mp_jacobi to also handle case of a == 0. Cleanup of *_ecc_mulmod and wc_ecc_make_key_ex error handling. Cleanup of ecc_map for handling normal, fast and alt_ecc math for optimization of performance and allowing reduced ecc_size. 2016-06-15 08:41:51 -07:00
David Garske
bb17bac018 Updated the naming for the ECC curve sets. Additional comments for each curve parameter. 2016-06-14 16:56:22 -07:00
David Garske
87c00eb3f3 Math updates from libtom. Fixes in mp_read_radix for to include char 36 and clear the destination before checks. Fix to clear tmp value on fp_sub_d and fp_add_d. Fixes in assembly for x86-32 INNERMUL, PPC32 INNERMUL and PROPCARRY and x86-64 SQRADD. Added mp_isneg. Refactor of mp_iszero, mp_iseven, mp_isodd and mp_isneg to check using MP_YES or MP_NO. Changed fp_read_unsigned_bin "b" arg to const. Removal of the "register" on stack variables to let compiler determine best optimization. 2016-06-14 16:56:22 -07:00
Jacob Barthelmeh
03de8e3464 prepare for version 3.9.6 2016-06-14 14:35:12 -06:00
toddouska
a156cedabc Merge pull request #435 from JacobBarthelmeh/staticmemory 
Staticmemory
 2016-06-10 17:03:49 -07:00
Jacob Barthelmeh
707714dd38 threaded fixes with static memory 2016-06-10 15:35:02 -06:00
Jacob Barthelmeh
3d3591a227 typdef gaurd / error out on bad mutex init / handle no maxHa or maxIO set 2016-06-10 14:13:27 -06:00
Jacob Barthelmeh
2bda6c6449 16 byte aligned static memory 2016-06-10 11:15:54 -06:00
David Garske
b3068ffef5 Added new public "wc_GetTime" API for getting seconds from the asn.c XTIME. Added new "./configure --enable-base64encode" to enable Base64 encoding (now enabled by default for "x86_64"). 2016-06-09 16:26:39 -07:00
Jacob Barthelmeh
8be5409bc5 static method func / ocsp callbacks / heap test / alpn free func / remove timing resistant constraint 2016-06-09 11:36:31 -06:00
Jacob Barthelmeh
e214086dce tlsx with static memory / account for session certs size 2016-06-08 09:18:43 -06:00
toddouska
c48db891d1 Merge pull request #433 from ejohnstown/aes-cmac 
Aes cmac
 2016-06-07 16:48:46 -07:00
Jacob Barthelmeh
738373038b clean up staticmemory with crl 2016-06-06 17:50:54 -06:00
Jacob Barthelmeh
e1edadafe1 ocsp with static memory, remove unused function 2016-06-06 16:19:33 -06:00
Jacob Barthelmeh
db90594909 adjust pointer cast, ssl rng with fips and unused param 2016-06-06 14:32:49 -06:00
Jacob Barthelmeh
e085be9485 fix index to check for sperator value 2016-06-06 10:34:35 -06:00
Jacob Barthelmeh
2feee8856e revise static memory and update heap hint 2016-06-04 19:03:48 -06:00
Jacob Barthelmeh
104ff12e76 add staticmemory feature 2016-06-04 19:01:23 -06:00
John Safranek
61801e06df add benchmark for AES-CMAC 2016-05-25 16:12:19 -07:00
John Safranek
ae093ded8f add standalone AES-CMAC generate and verify functions 2016-05-25 09:22:39 -07:00
John Safranek
9bf4598772 use constant for Cmac type 2016-05-24 16:46:04 -07:00
John Safranek
dbfd5dffaf added parameter checks 2016-05-24 11:21:06 -07:00
John Safranek
b3d068dc40 Merge pull request #418 from toddouska/dyntickets 
Dyntickets
 2016-05-24 11:00:14 -07:00
John Safranek
c0cbc97b06 add AES-CMAC 2016-05-23 17:50:36 -07:00
toddouska
9ab5ec4a36 Merge pull request #428 from dgarske/eccmathfixes 
Fixed bug with "ecc_projective_add_point"
 2016-05-23 11:46:54 -07:00
David Garske
5eb7768d00 Added missing wolfCrypt_Init() to wolfCrypt tests. 2016-05-22 18:18:06 -07:00
David Garske
15cd06b7ca Fixed bug with "ecc_projective_add_point" that was not protecting the case where Q == R and using the R variable directly for the result. Now if Q == R then swap P and Q and using a local x,y,z, is only required when used with ALT_ECC_SIZE. 2016-05-22 17:31:36 -07:00
toddouska
504081e602 Merge pull request #421 from ejohnstown/limit-country-code 
Limit Country Name size
 2016-05-19 16:05:15 -07:00
David Garske
c1507957c4 Added a benchmark for ECC encrypt/decrypt when enabled via "HAVE_ECC_ENCRYPT" or "--enable-eccencrypt --enable-hkdf". 2016-05-19 11:42:00 -07:00
John Safranek
bae0fe9b63 MakeCertReq() was not checking return codes correctly for the SetFoo() 
functions.
 2016-05-18 15:14:23 -07:00
John Safranek
5c8daa0ac6 1. SetName() should return error if country code isn't 2 bytes. 
2. MakeCert() was not checking return codes correctly for the SetFoo()
    functions.
3. Added error code for invalid country code length.
 2016-05-18 15:04:40 -07:00
John Safranek
03e6f7cca3 RFC 5280 Appendix A.1 states that the Country Name in a certificate 
shall have a size of 2 octets. Restrict country name length to 2 or 0.
 2016-05-18 10:39:18 -07:00
toddouska
1ea01a7ad8 Merge branch 'master' of https://github.com/NickolasLapp/wolfssl into dyntickets 2016-05-13 09:07:55 -07:00
David Garske
2ad9d41641 Performance improvement for fast math mp_clear to use fp_zero (memset) instead of fp_clear(ForceZero). Added new mp_forcezero function for clearing/free'ing sensitive private key data. Changed ECC and RSA to use mp_forcezero to explicitly handle private key clearing. 2016-05-12 11:50:34 -07:00
David Garske
440956f8d4 Fixed new issue with ecc_projective_add_point not free'ing the local x, y, z if fast math was disabled. Formatting cleanup in integer.c. 2016-05-11 08:47:30 -07:00
David Garske
d71d0f2cb4 Fix with fast math disabled so ecc_projective_add_point uses temp local variable for x,y,z result. 2016-05-09 13:29:25 -07:00
David Garske
880b2e454b Refactor of the ecc_projective_add_point and ecc_projective_dbl_point functions to eliminate duplicate versions. Modified new single functions to work with normal, fast and alt_ecc_size math options. Careful use of mp_clear to retain original performance. 2016-05-09 09:51:11 -07:00
David Garske
1b602d783c Fast math correction of "sizeof" to use (). Updates to tfm and ecc comments. 2016-05-09 09:51:11 -07:00
David Garske
5cbc4bdf29 Added new "WOLFSSL_DEBUG_MATH", which enables use of "mp_dump" to display information about an mp_int. 2016-05-09 09:51:11 -07:00
David Garske
a4782fcf01 Fix in fast math version of ecc_projective_dbl_point to use a local for x,y,z since ecc_point fp_int's are reduced size and cause math issues with ALT_ECC_SIZE enabled. Added local stack variable cleanups for ecc_projective_add_point. 2016-05-09 09:51:11 -07:00