wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 15:39:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,729 Commits 12 Branches 184 Tags
3b552fecc91c2fe171bce39c5cef52bfc29a9659
Commit Graph

445 Commits

Author SHA1 Message Date
tmael
3b552fecc9 Merge pull request #3481 from dgarske/no_ecc 
Fixes for various build configurations
 2020-11-17 17:11:27 -08:00
David Garske
508ba85b69 Fixes for SP math only with ECC check key. Fix SP math when loading an ECC public only and calling wc_ecc_check_key. Fix for missing ecc_check_privkey_gen with SP math only. Applies to: /configure --enable-sp --enable-sp-math CFLAGS="-DWOLFSSL_VALIDATE_ECC_IMPORT". 2020-11-17 08:13:08 -08:00
David Garske
e5a0a264b3 Fix for coverity report with possible use of uninitialized value "err" in WC_ECC_NONBLOCK case. More fixes for building with WOLFSSL_NO_MALLOC. 2020-11-16 12:17:28 -08:00
David Garske
f3b176d7e3 Fix for unused parameter with NO_ASN in ECC. 2020-11-16 12:17:28 -08:00
David Garske
1d531fe13b Peer review fixes. 2020-11-10 09:47:37 -08:00
David Garske
5de80d8e41 Further refactor the minimum ECC key size. Adds --with-eccminsz=BITS option. Fix for FIPSv2 which includes 192-bit support. If WOLFSSL_MIN_ECC_BITS is defined that will be used. 2020-11-10 09:47:37 -08:00
David Garske
c697520826 Disable ECC key sizes < 224 bits by default. Added --enable-eccweakcurves or ECC_WEAK_CURVES to enable smaller key sizes. Currently this option is automatically enabled if WOLFSSL_MIN_ECC_BITS is less than 224-bits. 2020-11-10 09:47:36 -08:00
toddouska
e52efc7a8a Merge pull request #3441 from SparkiDev/ecdsa_vfy_safe 
ECDSA verification: handle doubling of infinity
 2020-11-03 14:47:45 -08:00
toddouska
3cce86d7a8 Merge pull request #3420 from dgarske/small_pk 
ECC memory reductions with key and signature parsing
 2020-11-03 14:42:43 -08:00
Sean Parkinson
32ea0910de ECDSA verification: handle doubling of infinity 2020-10-29 12:12:01 +10:00
David Garske
589057245f Improvement to ECC wc_ecc_rs_raw_to_sig to reduce memory use (avoid the mp_int). Additional test cases. Fixes for previous function changes. 2020-10-23 11:00:46 -07:00
David Garske
0065756efc Improvement to ECC wc_ecc_sig_to_rs to reduce memory use (avoid the mp_int). 2020-10-22 13:34:19 -07:00
David Garske
cb8e625e32 Fix to allow import of private key with ATECC. Its okay to load private key material into ecc_key struct. 2020-10-22 13:26:00 -07:00
Sean Parkinson
00ee24b998 ECC Shamir's Trick: infinity in precomp 
Code now handles generating and having infinity in the precomp.
 2020-10-21 11:58:31 +10:00
Sean Parkinson
f0db2c177e ECC mulmod: some curves can't do order-1 
Change implementation of timing resistant scalar multiplication to use
Joye double-add ladder.
No longer have fake operations being performed therefore can remove the
order adding operations.
Still need to check for boundary condition: order-1 wil not work with
SECP256K1 as it results in an add of order/2 and (order/2)+1 times base
point which are the negatives of each other. The sum is infinity and not
handled by maths.
Added mp_cond_swap_t - Conditionally swap in constant time.
 2020-10-13 09:55:35 +10:00
toddouska
8bc3d33c4e Merge pull request #3360 from SparkiDev/ecc_safe_add 
ECC add points: more cases where add point is a double or infinity
 2020-10-08 14:55:04 -07:00
Sean Parkinson
257551b134 ECC add points: more cases where add point is a double or infinity 
Extract method to perform safe point add (handling double and infinity
result).
Replace all instances of the extracted code.
 2020-10-08 09:26:10 +10:00
Daniel Pouzzner
7fb8457459 fix whitespace. 2020-10-01 14:38:26 -05:00
Daniel Pouzzner
79978f5c7a ecc_check_pubkey_order(): add missing braces. 2020-10-01 14:38:26 -05:00
Daniel Pouzzner
8a6216363d ecc.c: add (void)rng to wc_ecc_mulmod_ex2() to cover WOLFSSL_SP_MATH case. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
92df5692b1 wolfcrypt/src/ecc.c: revert to commit g0fa5af9, which has all the necessary fixes. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
9ab1df690a wolfcrypt/src/ecc.c: fix uncompilable !WOLFSSL_SP_MATH && WOLFSSL_SMALL_STACK_CACHE implementations of ecc_key_tmp_init() and ecc_key_tmp_free() (the latter misnamed ecc_key_tmp_final()). 2020-09-23 18:32:15 -05:00
Sean Parkinson
e539322a88 PKCS#11 fix: Generate ECC key for decrypt/sign or derive 
Add debugging information to PKCS#11.
 2020-09-23 08:30:22 +10:00
Sean Parkinson
6fb1feadc7 ECC mp_jacobi: iterative implementation 
Slightly faster and less stack used.
 2020-09-08 10:05:52 +10:00
David Garske
21d17b17d0 Fix typo in code comment for ECC curve cache. Fix for valgrind report of possible use of uninitialized value with ChaCha/Poly AEAD test. 2020-08-27 12:01:24 -07:00
David Garske
32b46e344d Fix for ECC curve cache without custom curves enabled. 2020-08-27 11:18:55 -07:00
David Garske
fd2aece058 Fix for building ECC_CACHE_CURVE without WOLFSSL_CUSTOM_CURVES. 2020-08-20 16:16:18 -07:00
David Garske
1d55b2f526 Fixes for several memory leaks related to HAVE_WOLF_BIGINT. 2020-08-20 14:25:06 -07:00
David Garske
0011b7b376 Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with wc_DhKeyDecode and WOLFSSL_DH_EXTRA. Fix leak in dh_test with new call to DH key import. 2020-08-20 14:25:05 -07:00
Sean Parkinson
549c47de65 Handle when k is 1 or order + 1 for timing resistant ECC 2020-08-19 10:50:37 -07:00
Sean Parkinson
38b717eb42 Clear MP in ECC to free allocated memory 2020-08-18 17:54:25 -07:00
John Safranek
113753370d Long Test Fixes 
1. Sniffer was trying to log a NULL pointer as a string. Logged a string instead.
2. Few misc fixes in ECC.
 2020-08-18 17:54:25 -07:00
Sean Parkinson
cb5d6a5c12 Check ECC scalar before multiplication 
A k with more bits than in order doesn't work in ECC scalar
multiplication.
Check private key length in wc_ecc_check_key()
Check private key length in ecc_make_pub_ex()
 2020-08-17 08:39:39 -07:00
toddouska
fa146870bd Merge pull request #3155 from julek-wolfssl/openssh-fixes-cherry-picked 
Additional OpenSSL compat stuff for OpenSSH
 2020-08-11 16:32:31 -07:00
Sean Parkinson
6467de5a88 Randomize z ordinates in scalar mult when timing resistant 
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
 2020-08-11 16:12:47 +10:00
Sean Parkinson
0102902445 Add and use a mp_cmp_mag that is constant time. 2020-08-11 16:12:10 +10:00
Sean Parkinson
8b05160349 Reworked ECC mulmod and fix size of k 
When using wc_ecc_mulmod_ex2(), the k size can be fixed to be one bit
longer than order.
 2020-08-11 16:12:10 +10:00
Sean Parkinson
9ef9671886 ECC uses CT vers of addmod, submod and div_2_mod 
The TFM implementations of mp_submod_ct, mp_addmod_ct,
mp_div_2_mod_t are more resilient to side-channels.
 2020-08-11 16:12:10 +10:00
David Garske
f7fcef5f32 Fix for build error / typo for ECC 256-bit non-blocking only. 2020-08-07 16:47:08 -07:00
Juliusz Sosinowicz
1f0d6d5f31 New functions implemented 
- `EC_POINT_is_on_curve`
- `i2d_EC_PUBKEY`
- `i2d_ECPrivateKey`
- `wc_ecc_point_is_on_curve`
 2020-08-06 15:52:11 +02:00
David Garske
6324aec179 Fix for ./configure --enable-sp=yes,nonblock --enable-sp-math CFLAGS="-DWC_ECC_NONBLOCK_ONLY". 2020-07-24 09:30:45 -07:00
David Garske
1559d66261 Fix for WC_ECC_NONBLOCK_ONLY case to also check WC_ECC_NONBLOCK. 2020-07-23 15:41:09 -07:00
David Garske
20ef2daa9f Fix for ECC non-blocking to allow calling without context set and block when WC_ECC_NONBLOCK_ONLY is defined. In FIPS mode we need "blocking". 2020-07-23 14:31:41 -07:00
David Garske
9268ae1397 Fix line length issues. Add debug msg in test to show number of non-blocking iterations. 
```
$ ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" --enable-debug && make
$ ./wolfcrypt/test/testwolfcrypt
...
ECC non-block sign: 18063 times
ECC non-block verify: 35759 times
ECC      test passed!
```
 2020-07-21 10:41:25 -07:00
David Garske
547144bc9c Adds ECC non-blocking sign/verify support when used with SP math. New --enable-sp=nonblock and --enable-ecc=nonblock options. Example ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock. 2020-07-17 15:13:50 -07:00
Eric Blankenhorn
7cc64377d0 Sanity check wc_ecc_import_raw x, y, and key 2020-06-23 08:54:47 -05:00
toddouska
48cd6f36ff Merge pull request #2967 from dgarske/ecc_null 
Fixes for ECC key import
 2020-06-18 10:10:49 -07:00
David Garske
13753d56bb Cleanup in wc_ecc_sign_hash_ex for blinding value to not call free twice (mp_clear already does mp_free). 2020-06-17 17:11:54 -07:00
David Garske
d43d75bf81 Updates to xcode projects to add new files. 
Ran updated iPhone X benchmarks:

```
RNG                330 MB took 1.010 seconds,  326.879 MB/s
AES-128-CBC-enc    920 MB took 1.005 seconds,  915.507 MB/s
AES-128-CBC-dec   6095 MB took 1.000 seconds, 6092.130 MB/s
AES-192-CBC-enc    820 MB took 1.000 seconds,  819.644 MB/s
AES-192-CBC-dec   4860 MB took 1.001 seconds, 4855.794 MB/s
AES-256-CBC-enc    710 MB took 1.005 seconds,  706.419 MB/s
AES-256-CBC-dec   3935 MB took 1.001 seconds, 3930.830 MB/s
AES-128-GCM-enc   1245 MB took 1.003 seconds, 1241.589 MB/s
AES-128-GCM-dec    575 MB took 1.001 seconds,  574.547 MB/s
AES-192-GCM-enc   1235 MB took 1.001 seconds, 1234.343 MB/s
AES-192-GCM-dec    570 MB took 1.003 seconds,  568.521 MB/s
AES-256-GCM-enc   1230 MB took 1.003 seconds, 1226.034 MB/s
AES-256-GCM-dec    570 MB took 1.001 seconds,  569.199 MB/s
3DES                10 MB took 1.386 seconds,    7.213 MB/s
MD5                 95 MB took 1.037 seconds,   91.629 MB/s
SHA                 80 MB took 1.013 seconds,   78.943 MB/s
SHA-256           1625 MB took 1.000 seconds, 1624.565 MB/s
SHA3-224            60 MB took 1.010 seconds,   59.399 MB/s
SHA3-256            60 MB took 1.073 seconds,   55.921 MB/s
SHA3-384            45 MB took 1.042 seconds,   43.195 MB/s
SHA3-512            35 MB took 1.164 seconds,   30.063 MB/s
HMAC-MD5            95 MB took 1.044 seconds,   91.014 MB/s
HMAC-SHA            80 MB took 1.007 seconds,   79.480 MB/s
HMAC-SHA256       1705 MB took 1.001 seconds, 1703.126 MB/s
RSA     2048 public      32800 ops took 1.003 sec, avg 0.031 ms, 32716.405 ops/sec
RSA     2048 private      1200 ops took 1.041 sec, avg 0.868 ms, /33 ops/sec
DH      2048 key gen      2354 ops took 1.000 sec, avg 0.425 ms, 2353.254 ops/sec
DH      2048 agree        2500 ops took 1.013 sec, avg 0.405 ms, 2467.525 ops/sec
ECC      256 key gen     46503 ops took 1.000 sec, avg 0.022 ms, 46502.069 ops/sec
ECDHE    256 agree       14100 ops took 1.005 sec, avg 0.071 ms, 14034.697 ops/sec
ECDSA    256 sign        29600 ops took 1.003 sec, avg 0.034 ms, 29500.554 ops/sec
ECDSA    256 verify      11000 ops took 1.007 sec, avg 0.092 ms, 10921.516 ops/sec
```
 2020-06-12 10:39:26 -07:00
Daniele Lacamera
76ab8bfb6b Added psoc6 ECDSA verification support 2020-06-05 11:30:29 +02:00