Commit Graph

2189 Commits

Author SHA1 Message Date
John Safranek 00fd7ff8de Prime Number Testing
1. Added some new ifdef clauses to tfc and integer so that
the prime checking is available when using RSA, DSA, or DH.
A couple functions used were dependent on ECC being enabled.
2018-07-13 17:42:35 -07:00
John Safranek 771e349925 Prime Number Testing
1. Moved a few functions around in tfm.c and integer.c.
2. Added some new ifdef clauses to tfc and integer so that the prime checking is available when using RSA, DSA, or DH.
3. Added an internal version of function wc_DhSetKey and wc_DsaImportParamsRaw that always checks to see if the prime value is prime. Modified the original function to be a wrapper.
2018-07-12 17:22:44 -07:00
John Safranek 997a377310 Prime Number Testing
1. In wc_DhGenerateParams(), changed the call to mp_prime_is_prime() to
mp_prime_is_prime_ex().
2. In wc_MakeDsaParameters(), changed the call to mp_prime_is_prime() to
mp_prime_is_prime_ex().
3. Added wc_CheckProbablePrime_ex in RSA that also takes an RNG to call
mp_prime_is_prime_ex(). If RNG is NULL, call mp_prime_is_prime().
4. Rewrite wc_CheckProbablePrime() in terms of
wc_CheckProbablePrime_ex().
2018-07-12 15:00:13 -07:00
John Safranek d486df50aa fix an error where mp_copy was used instead of mp_sub_d 2018-07-12 11:03:41 -07:00
John Safranek 5908230d20 Prime Number Testing
1. Fixed variable name typo in DH for the FFDHE 8192-bit q value.
2. Updated some error strings in wolfSSL_BN_is_prime_ex().
3. Changed the calls to mp_prime_is_prime_ex() in fp_randprime() and
mp_randprime() so they go back to the 8 rounds of MR, which is more than
adequate in this situation.
2018-07-11 16:24:41 -07:00
John Safranek 0e06f6413d Prime Number Testing
1. Update the function wolfSSL_BN_is_prime_ex to use mp_prime_is_prime_ex.
2. Modified fast and normal mp_prime_is_prime_ex() to use random numbers
that are in the range 2 < a < n-2.
2018-07-10 14:30:53 -07:00
John Safranek f1c3098bdc Prime Number Testing
Made modifications to the primality testing so that the Miller-Rabin tests check against up to 40 random numbers rather than a fixed list of small primes.
2018-07-09 16:33:26 -07:00
toddouska 90cf4ad7ad Merge pull request #1648 from embhorn/pkcb
Add PK_CALLBACK support for RSA/ECC verify to ConfirmSignature
2018-07-09 11:05:48 -07:00
David Garske 32f1b0a9c2 Added separate context for each SignatureCtx verify callback. Added missing ssl info to callback context. 2018-07-06 09:28:46 -07:00
David Garske 9bf8122af7 Merge pull request #1660 from JacobBarthelmeh/ARMv8
adjust macro guards for additional functions
2018-07-06 09:02:35 -07:00
David Garske 3cbcc872c1 Improved PK callback support for ConfirmSignature so certificate verification uses the callbacks. Retained wolfSSL/wolfCrypt isolation (I.E. no wolfSSL references from wolfCrypt). 2018-07-05 14:04:06 -07:00
Jacob Barthelmeh e44cb91a3b keep length value after call to wc_BerToDer 2018-07-05 14:35:35 -06:00
Jacob Barthelmeh c8e118cd12 adjust macro guards for additional functions 2018-07-03 16:52:29 -06:00
toddouska f809a6a17b Merge pull request #1651 from dgarske/pkcs7_dynamic
Added PKCS7 dynamic allocation support
2018-07-02 16:26:03 -07:00
toddouska fbd5a4f67f Merge pull request #1650 from dgarske/fix_armv8_aes
Fix ARMv8 AES code build error
2018-07-02 16:23:32 -07:00
toddouska e17a16a45a Merge pull request #1600 from dgarske/lighttpd
Changes to support Lighttpd 1.4.49
2018-07-02 16:18:41 -07:00
John Safranek cf191a4d96 Fixed a memory leak in the wolfCrypt test for DH key generation. 2018-07-02 13:31:13 -07:00
David Garske fb3d3dce0e Fix for use of unititlized PKCS7.isDynamic case in unit test. Added return code checks for wc_PKCS7_Init. 2018-07-02 09:38:14 -07:00
David Garske 733cb74ea8 Updated all PKCS7 XMALLOC/XFREE to use heap pointer (even small stack). 2018-06-29 15:05:37 -07:00
David Garske 07401d909c Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free. Updated the test examples to use the dynamic method. Add API unit test for wc_PKCS7_New. 2018-06-29 15:04:28 -07:00
toddouska 33b72a3dfe Merge pull request #1647 from ejohnstown/akid-not-crit
Add error case for critical Auth Key ID extension
2018-06-29 10:41:04 -07:00
David Garske 44c4e33290 Fix ARMv8 AES code to use the shared aes.h CTR_SZ and GCM_NONCE_MID_SZ. 2018-06-29 10:22:25 -07:00
toddouska 54f2c3fe18 Merge pull request #1646 from dgarske/stm32l4_iar
Added support for the STM32L4 and fixed mixed enum warnings
2018-06-28 15:34:33 -07:00
John Safranek 6fa92fdd71 Add error case for critical Auth Key ID extension 2018-06-28 13:03:16 -07:00
David Garske 66c2c65444 Changes to support Lighttpd 1.4.49:
* Fix for `wolfSSL_CTX_set_options` to work correctly when no certificate has been set for WOLFSSL_CTX, otherwise this operation fails with `Server missing certificate`.
* Fix for bad argument name `time`.
* Fix for `warning: type of bit-field`: Allowed types for bit-fields are int and unsigned int only.
* Exposed `ERR_remove_thread_state` and `SSL_CTX_set_tmp_ecdh` for lighttpd
* Renamed `WOLFSSL_ERR_remove_thread_state` to `wolfSSL_ERR_remove_thread_state` and setup old name macro.
* Add missing newline on asn1.h.
* Whitespace cleanup in ssl.c.
2018-06-27 19:44:34 -07:00
David Garske 7ae9e4359d Added support for the STM32L4 with AES/SHA hardware acceleration. Fixed a few minor compiler warnings with mis-matched enum types. 2018-06-27 19:40:03 -07:00
Sean Parkinson 7fbe1d3049 Fix support for OCSP and Nginx
Store DER copy of CA certificate with signer when
WOLFSSL_SIGNER_DER_CERT is defined.
Keep the bad issuer error for later when compiling for OpenSSL
compatability.
Authority Info string needs to be passed back with a nul terminator.
2018-06-28 08:48:06 +10:00
toddouska 5d767aa004 Merge pull request #1641 from ejohnstown/rename-inline
Rename INLINE
2018-06-27 09:34:41 -07:00
toddouska 0c74e778dc Merge pull request #1633 from dgarske/bench_3072
Benchmark support for 3072-bit RSA and DH
2018-06-27 07:17:53 -07:00
John Safranek 586874b997 Rename INLINE
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
2018-06-26 15:17:46 -07:00
Chris Conlon d8086ded6a Merge pull request #1639 from ejohnstown/selftest-fixes
netbsd-selftest fix
2018-06-26 15:38:03 -06:00
toddouska d9b5948947 Merge pull request #1605 from dgarske/asyncfsanitize
Fixes for async to resolve runtime fsanitize issues
2018-06-26 14:27:07 -07:00
John Safranek 4151af4b4a A few new functions in AES-GCM and DH don't exist in the netbsd-selftest build of wolfSSL. Option them out of the wolfCrypt self-test. 2018-06-25 17:49:11 -07:00
John Safranek e6c7952f50 Merge master into fipsv2. Resolved a conflict in api.c. 2018-06-22 09:52:26 -07:00
David Garske ed1c56a4fc Benchmark support for 3072-bit RSA and DH when USE_CERT_BUFFERS_3072 is defined. 2018-06-22 09:30:33 -07:00
David Garske 1cb5bbf8ea Fixes for some async issues. Fixes an async issue with BuildMessage. Fixes for PKCS7 tests to not use async since it is not supported. 2018-06-22 09:30:25 -07:00
David Garske 71606dde45 Fixes for a few wolfCrypt test memory leaks. Fix for HMAC with empty input not supported on QuickAssist. 2018-06-22 09:30:25 -07:00
David Garske ec132cd3f4 Fix fsanitize issue for mp_rand. 2018-06-22 09:30:25 -07:00
David Garske 64ba151c35 Experimental fixes for async to resolve runtime fsanitize issues with invalid memory access due to attempting realloc on non NUMA type. Tested with ./configure --with-intelqa=../QAT1.6 --enable-asynccrypt CC="clang -fsanitize=address" --enable-debug --disable-shared --enable-trackmemory CFLAGS="-DWOLFSSL_DEBUG_MEMORY -DWOLFSSL_DEBUG_MEMORY_PRINT" && make and sudo ./tests/unit.test. 2018-06-22 09:30:25 -07:00
toddouska 9d86d323ef Merge pull request #1628 from JacobBarthelmeh/Fuzzer
sanity check on hashing size
2018-06-20 17:46:38 -07:00
Jacob Barthelmeh 777c89a257 sanity check on pointer 2018-06-20 09:37:36 -06:00
toddouska d481a3fb92 Merge pull request #1625 from JacobBarthelmeh/Testing
memory management with test cases
2018-06-19 14:41:18 -07:00
Jacob Barthelmeh d8e278b6b3 revert free on sig and add comment 2018-06-18 18:15:26 -06:00
toddouska e348522353 Merge pull request #1627 from ejohnstown/pkcs7-verify
Fix PKCS7 Sign Verify
2018-06-18 15:32:18 -07:00
toddouska 4e6a88caf9 Merge pull request #1626 from JacobBarthelmeh/UnitTests
fix for implicit declaration error
2018-06-18 15:30:06 -07:00
John Safranek 2fd000532a A length value was set to zero in a situation where the existing value was needed. 2018-06-18 11:48:45 -07:00
Jacob Barthelmeh c98aca32c4 static analysis report fixes 2018-06-15 17:00:45 -06:00
Jacob Barthelmeh bade35bd76 update return value 2018-06-15 16:25:09 -06:00
Jacob Barthelmeh 0f9063d2a9 fix for implicit declaration error 2018-06-15 16:14:22 -06:00
Jacob Barthelmeh a1295b3148 memory management with test cases 2018-06-15 15:43:42 -06:00