wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 04:52:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,940 Commits 12 Branches 184 Tags
3338ea9ef7df8fb53bb31dd753913dca93ccd8fa
Commit Graph

4940 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
3338ea9ef7 Added ecc.c documentation for WOLFSSL_VALIDATE_ECC_IMPORT. Note: Add this define to enable checks for Jenkins (after this is merged). 2017-01-09 15:01:17 -08:00
David Garske
0722f4d20f Fixes to reduce stack usage with ECC_CACHE_CURVE disabled (same as previous code). Added USE_ECC_B_PARAM macro (enabled with ECC_CACHE_CURVE or HAVE_COMP_KEY). Fixed bug with WOLFSSL_VALIDATE_ECC_KEYGEN defined and args to ecc_check_pubkey_order. Fixed counts for DECLARE_CURVE_SPECS(). Fixed wc_ecc_import_point_der to use curve cache. Enhance wc_ecc_check_key to support ECC_CACHE_CURVE for b or load using read_radix. Enhance to expose wc_ecc_is_point with all required mp_int* args directly. 2017-01-09 11:15:13 -08:00
David Garske
07ce995b12 Fix issue with imported key not having a reset key->r, key->s and key->state, which was causing wc_ecc_encrypt to fail. 2016-12-30 12:24:03 -08:00
David Garske
6cc1fd293e Fixed issue with stack increase with curve cache disabled. Fixed issue with missing wc_ecc_curve_free() in wc_ecc_verify_hash_ex() causing mem leak. Changed ecc_curve_spec_cache to be allocated per curve. Added new wc_ecc_curve_cache_free() API to release all curve cache memory. Moved ecc_curve_spec struct and ecc_curve_load_mask enum to ecc.c. Add missing wc_ecc_fp_free() to wolfCrypt test. Added ecc.c comment for FP_ECC. 2016-12-21 12:31:02 -08:00
David Garske
57571cb45e Fix merge issues with ECC HAVE_COMP_KEY after rebase. 2016-12-16 14:20:00 -08:00
David Garske
f990775451 Fix issue with ECC_SHAMIR disabled due to curve->b remnant from async branch. 2016-12-16 11:53:33 -08:00
David Garske
f1ead30987 New ECC curve cache feature to improve performance. Disabled by default and enabled using ./configure CFALGS="-DECC_CACHE_CURVE" or #define ECC_CACHE_CURVE. Added internal ECC states. Combined wc_ecc_mulmod_ex versions for timing rest / not. Tested with all math, timing, FP variants and NXP LTC and ECC508A hardware. Pulled in from latest async branch. Added new ECC_MAX_SIG_SIZE enum to help with sizing the sign buffer. 
Performance Increases with ECC_CACHE_CURVE enabled:
* Key Gen 4.2%
* Key Agree, 4.0%
* Sign 6.8%
* Verify 5.8%
 2016-12-16 11:32:59 -08:00
toddouska
a9e7c4081f Merge pull request #660 from ejohnstown/win-renegotiation 
Enable secure renegotiation by default for Windows library build.
 2016-12-15 16:17:15 -08:00
Kaleb Himes
7b948fe04d Merge pull request #667 from JacobBarthelmeh/SGX 
add Windows build for SGX
 2016-12-15 16:23:29 -07:00
toddouska
ec90d72412 Merge pull request #666 from cconlon/chachafix 
fix CertificateRequest cert type for ECDSA ChaCha suites
 2016-12-15 12:08:08 -08:00
toddouska
01d8201284 Merge pull request #665 from cconlon/certs 
add missing certs and keys to certs/include.am
 2016-12-15 12:03:12 -08:00
toddouska
d0533c6dad Merge pull request #664 from cconlon/pkcs7 
PKCS#7/CMS expansion
 2016-12-15 12:01:00 -08:00
dgarske
9d94474133 Merge pull request #668 from ejohnstown/handshake-size 
Fail on redundant handshake message data
 2016-12-15 11:41:53 -08:00
toddouska
6959c21fdd Merge pull request #663 from dgarske/stm32_iar 
Fixes to build STM32 with IAR
 2016-12-15 11:26:43 -08:00
John Safranek
be65f26dd2 If there is a badly formed handshake message with extra data at the 
end, but the correct size with the extra data, send a decode_error
alert and fail the handshake.
 2016-12-14 16:02:29 -08:00
Chris Conlon
33f21e8b8d set correct cert type in CertificateRequest when using ChaCha suite with ECDSA 2016-12-14 11:34:10 -07:00
Jacob Barthelmeh
e16f2c0722 add Windows build for SGX 2016-12-14 10:41:52 -07:00
Chris Conlon
41f6863970 add missing certs and keys to certs/include.am 2016-12-14 09:46:41 -07:00
Chris Conlon
55554b79a9 PKCS#7: fix use after free in wc_DecodeKtri 2016-12-14 09:15:45 -07:00
Chris Conlon
e5d1e3ae10 PKCS#7: only output test bundles when PKCS7_OUTPUT_TEST_BUNDLES is defined 2016-12-13 15:27:46 -07:00
David Garske
f70860a9af Make sure NO_64BIT is defined. 2016-12-13 12:18:21 -08:00
David Garske
fd9a94b2bd Fixes to build STM32 with IAR. 2016-12-13 10:24:55 -08:00
Chris Conlon
dad0cfda92 add EnvelopedData ECC support, refactor pkcs7 2016-12-13 09:40:54 -07:00
dgarske
483e461c49 Merge pull request #647 from kaleb-himes/RIOT_OS 
RIOT OS support, test scripts will be submitted to RIOT-OS repository
 2016-12-10 19:13:19 -08:00
kaleb-himes
6c7e1785aa EXIT_TEST macro added for cleaner implementation and maintenance 2016-12-09 19:39:36 -07:00
kaleb-himes
1748045d52 use NO_WRITEV for portability 2016-12-09 19:12:25 -07:00
Chris Conlon
5006306bb8 PKCS#7: add support for optional unprotectedAttributes with EncryptedData 2016-12-09 17:02:57 -07:00
Chris Conlon
abf18858a8 refactor PKCS#7 functionality into separate functions for Enveloped and EncryptedData 2016-12-09 17:02:57 -07:00
Chris Conlon
b5eb8dce2f add PKCS#7/CMS EncryptedContent support 2016-12-09 16:57:31 -07:00
John Safranek
e80331e03a fix Windows debug build warning with secure renegotiation 2016-12-09 14:31:21 -08:00
John Safranek
7fa825fde0 Enable secure renegotiation by default for Windows library build. 2016-12-09 13:39:00 -08:00
kaleb-himes
e3b57211d5 undo whitespace modification 2016-12-09 14:36:06 -07:00
kaleb-himes
fc9d689bc6 fastmath works with RIOT_OS if defined TFM_NO_ASM 2016-12-09 14:34:14 -07:00
toddouska
b0b80bed78 Merge pull request #657 from cconlon/x963kdf 
add ANSI-X9.63-KDF support [SEC1]
 2016-12-09 13:29:41 -08:00
toddouska
ad2b0810c6 Merge pull request #648 from cconlon/keywrap 
add AES key wrap support, RFC 3394
 2016-12-09 13:23:39 -08:00
kaleb-himes
7a76baa83e restore .am and gitignore 2016-12-09 13:13:43 -07:00
kaleb-himes
c957107d76 merge with master and remove RIOT_Make directory, keep changes for working on Mac OS X 2016-12-09 13:11:45 -07:00
kaleb-himes
9e17b2b0aa Merge branch 'master' of https://github.com/wolfssl/wolfssl into RIOT_OS 2016-12-09 13:09:25 -07:00
John Safranek
8b1a6d4c70 Merge pull request #658 from kaleb-himes/sniffer 
Prevent forcezero from running on freed memory
 2016-12-09 09:04:01 -08:00
Chris Conlon
33e840b01b add AES key wrap support, RFC 3394 2016-12-09 09:30:56 -07:00
dgarske
fdbb142699 Merge pull request #659 from toddouska/distcheck 
fix nxp distcheck filename typo
 2016-12-09 08:04:02 -08:00
toddouska
d2ed611757 fix nxp distcheck filename typo 2016-12-08 16:52:12 -08:00
toddouska
6cfb8e30b2 Merge pull request #591 from dgarske/STM32_CUBEMX 
STM32 F2/F4 CubeMX and Std Peripheral Library hardware crypto support
 2016-12-08 16:36:43 -08:00
toddouska
ab7849be0d Merge pull request #655 from JacobBarthelmeh/ARMv8 
ARMv8
 2016-12-08 16:34:19 -08:00
Chris Conlon
2db7bf0dc0 use static digest for X9.63 KDF, add smallstack support 2016-12-08 17:28:53 -07:00
toddouska
5da564d03c Merge pull request #656 from SparkiDev/hashes 
Get the hash of the handshake messages rather than finalize.
 2016-12-08 16:23:28 -08:00
kaleb-himes
d2b5a9538d Prevent forcezero from running on freed memory 2016-12-08 15:11:41 -07:00
Sean Parkinson
289acd088a Remove state save and restore 2016-12-08 15:21:04 +10:00
Sean Parkinson
ea1a03d538 Get the hash of the handshake messages rather than finalize. 
Inconsistency between SHA256 and SHA384/SHA512 when getting hash.
More handshake messages can be added after this operation.
 2016-12-08 15:21:04 +10:00
Chris Conlon
a5b267087f add ANSI-X9.63-KDF support [SEC1] 2016-12-07 20:26:09 -07:00