Sean Parkinson
24cd46f1f1
Fixes from code review
2017-02-17 11:05:29 -08:00
David Garske
d625645338
Refactor to combine ECC-CDH with existing “wc_ecc_shared_secret()” and use flag to perform cofactor computation on private key. Added new API “wc_ecc_set_flags()” and flag “WC_ECC_FLAG_COFACTOR” to indicate key should use cofactor. Added NIST CAVS test vector for ECC CDH Primitive with P-256.
2017-02-16 16:30:30 -08:00
David Garske
39607984f7
Added ECC Cofactor DH (ECC-CDH) support with new “wc_ecc_cdh()” and “wc_ecc_cdh_ex()” API’s. Enable using “HAVE_ECC_CDH” define.
2017-02-16 13:17:08 -08:00
Jacob Barthelmeh
6c55701725
c89 build with ECC compresed key
2017-02-10 10:09:45 -07:00
David Garske
4f53761faf
Fix naming for integer.c min/max local variables to resolve reported “error: declaration of 'min' shadows a global declaration”.
2017-02-09 15:52:25 -08:00
Jacob Barthelmeh
e307f3e89d
free decoded cert with small stack build
2017-02-09 16:06:34 -07:00
toddouska
c022614e07
Merge pull request #742 from dgarske/fix_asn_getlen
...
Improved ASN error checking
2017-02-09 13:05:26 -08:00
Chris Conlon
93642cfcb9
PKCS7: fix optional UserKeyingMaterial encoding
2017-02-09 12:04:19 -07:00
David Garske
321392998d
Additional ASN checks for GetSequence and GetSet. Cleanup of the buffer space check error to use BUFFER_E.
2017-02-09 09:50:06 -08:00
Jacob Barthelmeh
b6b3021def
gcc-6 uninitialized warning with srp build
2017-02-08 16:49:58 -07:00
toddouska
ef38ab8fc5
Merge pull request #701 from JacobBarthelmeh/mutex
...
better compatibility with printing errors to a file
2017-02-08 11:12:17 -08:00
dgarske
c074ab273f
Merge pull request #740 from toddouska/ocsp
...
Fix OCSP signature leading zero, certdecode free on parse failure. Add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted. Add user clock skew defines for date skew before checks (WOLFSSL_AFTER_DATE_CLOCK_SKEW=# and WOLFSSL_BEFORE_DATE_CLOCK_SKEW=#).
2017-02-07 18:46:31 -08:00
Jacob Barthelmeh
993a604124
remove extern variables and use error queue instead
2017-02-07 17:16:22 -07:00
David Garske
8f1c2965af
Fix build warning in asn.c with “potentially uninitialized local variable 'length' used”.
2017-02-07 13:34:27 -08:00
toddouska
468df109b6
add WOLFSSL_NO_OCSP_OPTIONAL_CERTS to skip optional OCSP certs, responder issuer must still be trusted
2017-02-07 13:31:59 -08:00
David Garske
19204ab1ac
Fix comment.
2017-02-07 11:07:48 -08:00
David Garske
3a1921e107
Fixes to ASN GetLength changes. Additional GetLength checks in PKCS7 and PKCS12.
2017-02-07 10:59:34 -08:00
David Garske
0286d157a7
First pass at cleanup of the GetLength function handling of 0 length value. Added some asn.c build option comments.
2017-02-06 20:05:04 -08:00
toddouska
7ddeb1afd9
add user clock skew defines for date skew before checks
2017-02-06 16:30:48 -08:00
toddouska
f938a75780
fix OCSP signature leading zero, certdecode free on parse failure
2017-02-06 14:10:38 -08:00
Jacob Barthelmeh
53bebb4785
add error code for wolfCrypt_Cleanup
2017-02-06 14:51:55 -07:00
Jacob Barthelmeh
0f91542cf4
add peek error node function to make use of debug mutex
2017-02-03 11:52:36 -07:00
Jacob Barthelmeh
e8110e773e
reduction of mp_jacobi stack usage
2017-02-02 17:13:26 -07:00
jrblixt
b11265dbf5
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into unitTest_api_dev
2017-01-31 14:34:58 -07:00
jrblixt
de9f05f3c5
Update sha256.c function punctuation.
2017-01-31 14:33:21 -07:00
Kaleb Himes
af355f7472
updates for TIRTOS build following release 3.10.0
2017-01-31 13:15:45 -08:00
Jacob Barthelmeh
0b8730f0b6
check bounds of buffer and get file buffer size
2017-01-27 15:14:25 -07:00
Jacob Barthelmeh
fc899029fb
account for unaligned memory when computing optimum size and update static memory tests
2017-01-27 10:50:47 -07:00
jrblixt
3ca087e850
Merge branch 'master' of https://github.com/wolfSSL/wolfssl into unitTest_api_dev
2017-01-26 12:48:03 -07:00
John Safranek
d93f856081
Minor Cleanups
...
1. Removed the execute bit from a few C source files.
2. Changed a couple letters in Moises's name in tfm.h to
the non-extended/accented versions of "e" and "a".
2017-01-25 14:17:17 -08:00
David Garske
b7c3a340c1
Fix issue with wc_ecc_verify_hash_ex when not using SHAMIR and using static memory. Fixes issue #722 .
2017-01-23 09:12:03 -08:00
dgarske
008a69f185
Merge pull request #721 from ejohnstown/cleanups-for-multicast
...
Small Fixes for Multicast
2017-01-22 13:19:10 -08:00
Chris Conlon
4d83ef1c23
Merge pull request #712 from moisesguimaraes/fixes-ocsp-lookup
...
fixes CA matching when using NO_SKID
2017-01-20 16:15:12 -07:00
John Safranek
497313978f
Multicast
...
1. Opt-out the wolfmath code if not using big integers.
2. Opt-in a few functions when using lean PSK and DTLS.
3. Add a couple (void)heap to hush the compiler for
usused variables in lean PSK.
4. Add include limits.h to internal.h if CHAR_BIT isn't
defined. This is mainly for DTLS with lean PSK.
2017-01-20 11:59:28 -08:00
toddouska
835e3b7953
Merge pull request #719 from dgarske/fix_aes_no_dec
...
Fixes for building with NO_AES_DECRYPT
2017-01-19 08:52:32 -08:00
toddouska
e86d59b3f7
Merge pull request #718 from dgarske/fix_ecc_comp_err
...
Fix scan-build warning with err not being read with HAVE_COMP_KEY defined
2017-01-19 08:50:44 -08:00
toddouska
18b78795fb
Merge pull request #716 from dgarske/fix_no_asn_time
...
Fix build with NO_ASN_TIME
2017-01-19 08:43:50 -08:00
David Garske
1afe613512
Fixes for building with NO_AES_DECRYPT. Added new HAVE_AESGCM_DECRYPT to allow AES GCM Decrypt with NO_AES_DECRYPT defined, since GCM uses only encrypt routine. Only allow TLS AES if NO_AES_DECRYPT is not defined.
2017-01-18 15:56:18 -08:00
David Garske
b3721c6808
Fix scan-build warning with err not being read with HAVE_COMP_KEY defined. Okay to always call wc_ecc_curve_free, since DECLARE_CURVE_SPECS does a memset.
2017-01-18 14:05:32 -08:00
toddouska
31981cc365
Merge pull request #711 from cconlon/ecc
...
add ECC export raw, sig to (R,S), helper functions
2017-01-18 09:27:42 -08:00
toddouska
58f1fd2cc9
Merge pull request #704 from SparkiDev/memfail
...
Fixes from failure testing
2017-01-17 12:53:56 -08:00
jrblixt
c5bd24c1b7
Added changes Chris requested.
...
Moved error-crypt.h location and corrected FIPS return code.
Made requested changes to printf where 0 == 0.
2017-01-17 13:51:17 -07:00
toddouska
a00bdb0de7
Merge pull request #714 from wolfSSL/fix_intelasm_debug
...
Fixed issue with intelasm and debug with SHA256
2017-01-17 12:50:17 -08:00
toddouska
2281560f1a
Merge pull request #710 from JacobBarthelmeh/staticmemory
...
pass heap hint to temporary public ECC key
2017-01-17 12:15:45 -08:00
David Garske
a0dc8dc8f9
Fix build with NO_ASN_TIME. Kaleb, add to future build options tests.
2017-01-17 10:35:48 -08:00
David Garske
1aeab91828
Fixed issue with intelasm and debug with SHA256 due to stack variable W_K alignment. Removed obsolete DEBUG_XMM code.
2017-01-13 15:50:04 -08:00
Chris Conlon
00fed61d36
Merge pull request #709 from JacobBarthelmeh/PKCS12
...
heap hint with PKCS7
2017-01-12 09:34:20 -07:00
Jacob Barthelmeh
75e3b5a297
pass heap hint to temporary public ECC key
2017-01-12 09:10:25 -07:00
Moisés Guimarães
86a3039e0b
fixes CA matching when using NO_SKID
2017-01-12 13:56:38 -02:00
Sean Parkinson
ba1315a499
Fixes from failure testing
2017-01-12 16:22:35 +10:00