wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-29 12:03:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,594 Commits 13 Branches 184 Tags
048a7f4c57f6ab8c3c9c8bade9b9519fb455ced7
Commit Graph

2493 Commits

Author SHA1 Message Date
Chris Conlon def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske f4b0261ca7 Fix to not do prime test on DH key the server loaded. Now it will only do the prime test on the peer's provided public DH key using 8 miller rabbins. Refactored the fast math miller rabin function to reuse mp_int's, which improved peformance for mp_prime_is_prime_ex from 100ms to 80ms. Normal math mp_prime_is_prime_ex is ~40ms (as-is). Added test for wc_DhSetCheckKey. 2018-10-30 11:20:07 -07:00
Sean Parkinson ab458db504 Review comment changes 
Add heap as a device initialization parameter.
Allocate slot info pointer wiht device heap pointer.
ForceZero user pin on token finalization.
Add comments to structure definitions.
 2018-10-30 15:56:31 +10:00
David Garske ba90674357 Merge pull request #1897 from WolfWalter/fix_sigrs_length 
ATECC508 reference PK callback fix for signature length
 2018-10-29 08:54:46 -07:00
Wolf Walter a47eeec145 fixed sigRs length 
atmel_ecc_sign and atmel_ecc_verify expect sigRS length to be 64 Byte (32 Byte each).
 2018-10-26 16:43:03 +02:00
David Garske 153c7cc684 Fix for unused variable in new fast-rsa function wc_RsaPublicKeyDecode_ex. 2018-10-25 11:12:33 -07:00
David Garske 86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects HAVE_PK_CALLBACKS on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API wc_RsaPublicKeyDecode_ex for parsing an RSA public key for the modulus and exponent. Changed wolfSSL_CTX_SetTmpEC_DHE_Sz to support a size == 0 for using the long-term private key's size. Changed ECDHE_SIZE so it can be overridden and build-time. Added tests for wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. 2018-10-25 09:15:23 -07:00
toddouska 22aa01a547 Merge pull request #1881 from SparkiDev/pkcs7_no_si 
Return error when attempting to verify signed data without signers
 2018-10-22 15:00:55 -07:00
toddouska 878b5925fc Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
toddouska 42fecee77b Merge pull request #1859 from SparkiDev/pkcs7-cons 
Support constructed OCTET_STRING in PKCS#7 signed data
 2018-10-22 14:52:50 -07:00
Sean Parkinson 7551e49fed Improvements for PKCS#11 library 2018-10-18 17:31:17 +10:00
Sean Parkinson 67bb558025 Return error when attempting to verify signed data without signers 2018-10-18 13:44:13 +10:00
toddouska 7391f4db90 Merge pull request #1815 from dgarske/atecc508_fixes 
Fixes for ATECC508A
 2018-10-17 08:35:09 -07:00
David Garske 0d7d8f54e0 Added support for ECC private key with PKCS8 parsing. Fix is to attempt pkcs8 parse for -----BEGIN EC PRIVATE KEY----- and if parse fails to treat as normal private key. ZD 4379. 2018-10-16 16:56:42 -07:00
David Garske e53694b351 Fix for shared secret callback for client side, where it was not using the provided peer's public key. Fix for ATECC508A to put it into idle mode after operations to prevent watchdog fault mode (can be disabled by defining WOLFSSL_ATECC508A_NOIDLE). Fixes for callbacks to support using software for non P-256 curves (can be disabled by defining WOLFSSL_ATECC508A_NOSOFTECC). 2018-10-15 16:01:04 -07:00
David Garske bd57f5b385 Fix to resolve possible buffer overflow with atmel_get_rev_info when using byte. 2018-10-15 14:17:43 -07:00
David Garske 177bf49fa6 Updates to the atmel.c code to allow easier customization of the hardware interface. 2018-10-15 14:17:43 -07:00
David Garske bb737ec99d Fixes for building against latest CryptoAuthLib. Refactor to eliminate the atcatls function calls, since these have been removed from latest CryptoAuthLib. Cleanup of the slot assignment handling. 2018-10-15 14:17:43 -07:00
David Garske d67cb9e875 Added new build option for Microchip CryptoAuthLib (--enable-cryptoauthlib). Build fixes with WOLFSSL_ATECC508A enabled. 2018-10-15 14:17:43 -07:00
David Garske ba9f21bad6 Improvements to the ATECC508A README.md. 2018-10-15 14:17:42 -07:00
David Garske c51c607e96 Fix to use inLen for raw public key copy. No need to throw an error for other curve types as this function may be used for software only import/export. In the TLS case with only SECP256R1 there are other places where an error will be thrown. 2018-10-15 14:17:42 -07:00
David Garske 53c2264327 Fix for checking the inLen when setting raw public key len for hardware. Finished the ATECC508A ECC functions to support native TLS with the WOLFSSL_ATECC508A option and SECP256R1. Added slot type for alloc/free. Added helper functions for setting the PK callbacks and custom content. Updated the README.md with build options. Added support for overriding the ATECC_MAX_SLOT. Added overridable define for encryption slot number ATECC_SLOT_I2C_ENC. Added new build option WOLFSSL_ATECC_PKCB for using just the reference PK callbacks. 2018-10-15 14:17:42 -07:00
David Garske 7074625048 Added slot callbacks. Improvements for the Atmel time support. Fix to make sure read encryption key is cleared from stack buffer. 2018-10-15 14:17:42 -07:00
David Garske e78ddfce75 Fix for wc_ecc_import_x963_ex to handle ATECC508A raw public key. Cleanup of the ATECC508A encryption key support. Added new macro ATCA_TLS_GET_ENC_KEY to allow setting your own function at build-time for getting the encryption key. 2018-10-15 14:17:42 -07:00
David Garske be318abbc2 Fixes for building with WOLFSSL_ATECC508A with latest atca. 2018-10-15 14:17:42 -07:00
David Garske 5904a97378 Added comments in aes.c for locating software implementation of algorithm using Software AES. 2018-10-12 10:48:26 -07:00
David Garske 6fbeae8f11 Fixes for building with WC_ASYNC_NO_SHA256. Improvements with WC_ASYNC_NO_HASH or WC_ASYNC_ENABLE_ECC to avoid unnecessary memory allocations. 2018-10-12 10:44:26 -07:00
Hideki Miyazaki 1a34b9da03 Added NO_RSA condition for build failure 2018-10-12 11:02:01 +09:00
Hideki Miyazaki 63878f32ab Fixed tests failures on jenkins 2018-10-11 21:43:39 +09:00
Hideki Miyazaki b736012214 Fixed disable Option Test on jenkins 2018-10-11 19:40:35 +09:00
Hideki Miyazaki e774bfcf60 Tweaked message in Usage 2018-10-11 18:06:02 +09:00
Hideki Miyazaki b4b180c1b9 Added Japanese messages that are enabled by option switch 2018-10-11 15:42:50 +09:00
toddouska 7a02832547 Merge pull request #1849 from dgarske/asn_piv 
Added ASN certificate PIV and GZIP support
 2018-10-08 09:32:19 -07:00
Hideki Miyazaki 67cab29d81 fixed typo 2018-10-04 21:02:22 -07:00
David Garske 319096e7e7 Fix indent for error case. 2018-10-04 16:07:35 -07:00
David Garske 0ec9b28402 Added GZIP compression tests. Added new wc_Compress_ex API to support GZIP compression option. 2018-10-03 16:29:45 -07:00
Tesfa f83ea9a9d5 Fixed MINGW32 build errors 2018-10-03 13:58:51 -07:00
David Garske c619bfebda Add test for NIST PIV case. 2018-10-02 17:08:27 -07:00
David Garske f0350c1efb Refactor of the wc_ParseCertPIV to support detection of Identiv format header. Added flag to indicate Identiv type. Added wolfCrypt test for wc_ParseCertPIV function with Identiv PIV template. 2018-10-02 17:01:56 -07:00
David Garske 0c72dee315 Fixes for building with ./configure --enable-asn=nocrypt. Added wolfCrypt test template for certpiv_test, pending test PIV certs to use. 2018-10-02 15:18:57 -07:00
David Garske 680a863054 Added support for building with certificate parsing only. ./configure --enable-asn=nocrypt. Added new API for parsing PIV format certificates wc_ParseCertPIV with WOLFSSL_CERT_PIV build option. Added wc_DeCompress_ex with ability to decompress GZIP. Moved the ZLIB error codes into wolfCrypt. 2018-10-02 15:18:56 -07:00
Sean Parkinson 0829af7a05 Support constructed OCTET_STRING in PKCS#7 signed data 2018-10-03 07:51:37 +10:00
David Garske cfba86d3ab Further cleanup of the Base64 and Base16 encoding start/min value. 2018-10-02 14:38:08 -07:00
David Garske be2f68d183 Cleanup of the base64 decode start hex 0x2b. 2018-10-02 08:33:45 -07:00
David Garske 6d18f58f81 Merge pull request #1848 from JacobBarthelmeh/Benchmark 
changes to benchmark app
 2018-09-26 15:10:20 -07:00
Chris Conlon d30c45a79c Merge pull request #1637 from ghoso/openssl_compat201805 
OpenSSL Compatibility APIs 2018/06
 2018-09-26 14:54:14 -06:00
Kaleb Himes 5cd428eaa8 Merge pull request #1853 from dgarske/mp_add_d 
Fixes for missing `mp_add_d`
 2018-09-26 13:50:14 -06:00
JacobBarthelmeh fc81467715 Merge pull request #1851 from dgarske/lighttpd_fix 
Lighttpd fixes
 2018-09-26 13:24:16 -06:00
Jacob Barthelmeh d0abc10fe9 update RSA keygen benchmark and test with asynccrypt 2018-09-26 13:10:05 -06:00
Chris Conlon 8ccd715f31 Merge branch 'master' into openssl_compat201805 2018-09-26 11:06:26 -06:00