Commit Graph

6488 Commits

Author SHA1 Message Date
Hideki Miyazaki 15725400a7 addressed review comments 5 2022-07-15 13:46:30 +09:00
Hideki Miyazaki fd885d89eb Added multi thread use case
Improve not to use forward declaration struct definition

 - include ssl.h rather than forward declaration struct to resolve struct name
 - to include ssl.h, it needs to avoid cyclic reference for crypt structure. therefore, Sha and Aes definitions are moved to another header file
2022-07-14 17:25:21 +09:00
David Garske 08488b0fae Merge pull request #5318 from embhorn/gh5314
Fix typos and bad macro names
2022-07-05 12:34:35 -07:00
John Safranek ded3f4e9b6 Merge pull request #5284 from julek-wolfssl/dtls-good-ch-cb
DTLS 1.3: additions for event driven server in wolfssl-examples
2022-07-05 10:14:59 -07:00
David Garske 1c009e8f91 Merge pull request #5311 from SparkiDev/ed_check_pubkey
Ed25519/Ed448: assume public key is not trusted
2022-07-05 09:25:50 -07:00
Eric Blankenhorn 394f36a0d7 Fix typos and bad macro names 2022-07-05 10:31:11 -05:00
Juliusz Sosinowicz 4caffee590 ForceZero the private key on import error 2022-07-05 13:44:31 +02:00
Sean Parkinson 4a962b7fb2 Ed25519/448: improvements
Check lengths of buffers in import functions.
priv/pub key set flag set on success only.
2022-07-05 09:02:05 +10:00
Andrew Hutchings f8c67345d6 Use the correct mutex type for embOS
OS_MUTEX_Lock() is acutally a non-blocking mutex lock, for
wc_LockMutex() we need a blocking mutex. Switch to this.
2022-07-04 15:59:36 +01:00
Juliusz Sosinowicz c6aa4fc526 DTLS 1.3: allow the server to operate without maintaining state 2022-07-04 11:08:39 +02:00
Daniel Pouzzner b16c2a2aef fix clang-analyzer-deadcode.DeadStores in sp_div(). 2022-07-01 23:49:58 -05:00
Daniel Pouzzner 5819332f89 Merge pull request #5312 from dgarske/fips_v5dev
FIPS in core hash using SHA2-256 and SHA2-384
2022-07-01 23:25:52 -05:00
David Garske b9be5c2c24 Update to FIPS v5-ready will use latest master. Support for FIPS in core hash using SHA2-256 and SHA2-384 in fips_test.h. Fixes for MATH_INT_T. Fix error: ‘tls13_kdf_test’ declared ‘static’ but never defined. 2022-07-01 15:40:21 -07:00
David Garske bb68766bda For ED255219 and ED448 if importing private only and public key is already set then check it. 2022-07-01 14:13:45 -07:00
Kareem 90749b7f88 Don't declare tls13_kdf_test if TLS 1.3 is not enabled, to avoid unused function warning. 2022-07-01 13:22:16 -07:00
Kareem 96aedc2f47 Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx. 2022-07-01 13:18:33 -07:00
Kareem 7a7d8d170d Pass in and check output length in SetCurve. 2022-07-01 13:18:33 -07:00
David Garske bd75e1d6a4 Merge pull request #5307 from kareem-wolfssl/miscfixes2
Fix a couple of STM32 bugs, and add some missing mutex frees.
2022-07-01 09:46:22 -07:00
David Garske 0459e83a59 Merge pull request #5310 from SparkiDev/memusage_fix_1
TLS memusage: reduce usage
2022-07-01 09:13:05 -07:00
Sean Parkinson 2c943282f0 Ed25519/Ed448: assume public key is not trusted
In defense against attack, assume the imported public key is not trusted
and check it matches the private key if set.
Added APIs that allow application to explicitly trust public key.
Original APIs default to not trusting public key.
2022-07-01 09:05:43 -07:00
Sean Parkinson b9a8f18a97 Merge pull request #5300 from douzzer/20220629-multi-test-fixes
20220629-multi-test-fixes
2022-07-01 16:22:05 +10:00
Sean Parkinson 7d58dc5678 TLS memusage: reduce usage
Reduce the amount allocated to reduce maximum overall dynamic memory
usage.
Rework ServerKeyExchange by extracting the handling of the signed data.
2022-07-01 14:24:59 +10:00
Kareem 7555cd0685 Fix a couple of STM32 bugs, and add some missing mutex frees. 2022-06-30 16:11:16 -07:00
David Garske 402a4dafd4 Merge pull request #5306 from kareem-wolfssl/ltc_ed235519
Fix missing return checks in KSDK ED25519 code.
2022-06-30 16:06:45 -07:00
Daniel Pouzzner b7ec529f61 wolfcrypt/src/siphash.c: in wc_SipHash(), use FALL_THROUGH macro, not /* fall-through */. 2022-06-30 17:07:35 -05:00
Chris Conlon 867a1f7afa Merge pull request #5289 from TakayukiMatsuo/tls13 2022-06-30 15:49:53 -06:00
Kareem 13beadbfc3 Fix missing return checks in KSDK ED25519 code. 2022-06-30 13:35:00 -07:00
TakayukiMatsuo ba19737627 Add support for TLS1.3 2022-06-30 23:00:05 +09:00
David Garske e8e35c9a92 Merge pull request #5301 from SparkiDev/aes_gcm_word_ct
AES-GCM: make word implementation of GMULT constant time
2022-06-29 20:26:33 -07:00
Sean Parkinson 8b93d4510d AES-GCM: make word implementation of GMULT constant time
If performance is impacted then define: AES_GCM_GMULT_NCT
2022-06-30 09:29:04 +10:00
Sean Parkinson 0159f17692 SP int math; submod fix
Fix for sp_submod() to reduce by modulus when a or b are equal to
modulus as well as when greater.
2022-06-30 08:53:25 +10:00
Daniel Pouzzner 5adf7e4eb7 wolfcrypt/src/asn.c wc_BuildEccKeyDer(): fix for clang-analyzer-deadcode.DeadStores. 2022-06-28 19:14:58 -05:00
Daniel Pouzzner 90aaeb283e wolfcrypt/src/siphash.c: add missing !WOLFSSL_NO_ASM clause in gate around inline asm. 2022-06-28 18:19:58 -05:00
Daniel Pouzzner ce61653a9a wolfcrypt/src/asn.c: fixes for ARM portability (GetASN_Items()), unintended fallthrough (OidFromId()), and uninitialized variable (DecodeSubjInfoAcc()). 2022-06-28 18:18:42 -05:00
David Garske f51c29d3ca Merge pull request #5293 from SparkiDev/asnt_setecc
ASN template: Handle HAVE_OID_ENCODING
2022-06-28 15:45:13 -07:00
Sean Parkinson 092b37f709 Merge pull request #5287 from haydenroche5/aes_ctr_clear_left_on_iv_set
Clear the leftover byte count in Aes struct when setting IV.
2022-06-29 08:30:01 +10:00
David Garske 741393e84f Merge pull request #5291 from kaleb-himes/FRDM-K64-Fixes
Add necessary includes for cross-builds
2022-06-28 09:35:06 -07:00
David Garske d4d7e2e5f2 Merge pull request #5294 from SparkiDev/sp_math_all_no_128bit
SP math all: don't use sp_int_word when SQR_MUL_ASM available
2022-06-28 07:38:42 -07:00
Sean Parkinson 22336d30e5 SP math all: don't use sp_int_word when SQR_MUL_ASM available
1. _WIN64 doesn't have 128-bit type but now can use 64-bit sp_int_digit
when assembly code snippets are being used.
2. Fix sp_div() to support values closer to maximum size.
3. Fix builds to work for more configurations.
4. Have ECC uncompressed code keep intermediate values in range of
maximum (x^3 calculation fixed).
5. Fix configuation.ac's check of FIPS for using signed SP Math All.
Default now not signed as intended.
2022-06-28 15:51:53 +10:00
Sean Parkinson 3c3a90c988 ASN template: Handle HAVE_OID_ENCODING
When HAVE_OID_ENCODING is defined, the named curve OID is encoded rather
than the full OID.
Use SetCurve to get the OID encoding in ASN template implemenation.
2022-06-28 09:04:42 +10:00
kaleb-himes 9d11e9092f Add necessary includes for cross-builds 2022-06-27 13:50:27 -06:00
David Garske 94e7eacc5f Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer
add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
2022-06-27 12:34:00 -07:00
David Garske 456e463640 Merge pull request #5283 from SparkiDev/sp_arm32_asm_rework
SP ASM ARM32: reworked generation using common asm ruby code
2022-06-27 09:17:20 -07:00
David Garske b84b808b1b Merge pull request #5167 from ejohnstown/cac-ext
Add support for some FPKI certificate cases, UUID, FASC-N, PIV extension
2022-06-27 09:06:15 -07:00
Sean Parkinson 999fa8394e SP ASM ARM32: reworked generation using common asm ruby code
Add support for ARMv6 and ARMv3.
2022-06-27 11:19:50 +10:00
Hayden Roche 10dfd8d129 Clear the leftover byte count in Aes struct when setting IV.
Setting the key already does this. The same needs to be done when setting the
IV.
2022-06-26 15:56:05 +04:00
Daniel Pouzzner 9211825121 sp_int.c: fix refactor of undefined-semantics shift in _sp_mul(). 2022-06-24 18:04:51 -05:00
Jacob Barthelmeh 49740c5543 initialize variables 2022-06-24 15:21:20 -06:00
Daniel Pouzzner 047c662af8 fix math errors unmasked by change to sp-math-all as default math back end. 2022-06-24 15:56:54 -05:00
Jacob Barthelmeh 1977a13754 improve comment for FPKI additions 2022-06-24 12:04:26 -06:00