wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 05:22:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,768 Commits 12 Branches 184 Tags
3f7ced3ed55ea7db5c6e02294de05776efeabc16
Commit Graph

2572 Commits

Author SHA1 Message Date
Chris Conlon
85e0c203ea ignore pkcs7 test files 2018-11-06 18:35:12 -08:00
Chris Conlon
0b3930e24f save and set PKCS7 isDynamic flag in wc_PKCS7_Init 2018-11-06 18:35:12 -08:00
Chris Conlon
13b30a6a21 add CMS EnvelopedData PasswordRecipientInfo support 2018-11-06 18:35:12 -08:00
Chris Conlon
dbb5bb7570 add CMS EnvelopedData KEKRecipientInfo support 2018-11-06 18:35:12 -08:00
Chris Conlon
ec07fe492e misc CMS fixes from review and valgrind 2018-11-06 18:35:11 -08:00
Chris Conlon
1f8c4c2613 merge CMS changes with master 2018-11-06 18:35:11 -08:00
Chris Conlon
7841434744 add support for multiple certificates in CMS SignedData certificates field 2018-11-06 18:35:11 -08:00
Chris Conlon
897c6b455f move CMS signed attribute OIDs into BuildSignedAttributes() 2018-11-06 18:35:11 -08:00
Chris Conlon
a25a637270 add CMS signingTime attribute support for SignedData 2018-11-06 18:35:11 -08:00
Chris Conlon
56f1b68442 use SetContentType() to set SignedData content type 2018-11-06 18:35:11 -08:00
Chris Conlon
ce1381dc9a add contentType check to CMS compressed tests 2018-11-06 18:35:11 -08:00
Chris Conlon
6a06a3b63b add CMS CompressedData test using FirmwarePkgData 2018-11-06 18:35:11 -08:00
Chris Conlon
c51cf4472e add support for CMS CompressedData content type 2018-11-06 18:35:11 -08:00
Chris Conlon
32b70dd56c add support for FirmwarePkgData in CMS SignedData EncapsulatedContentInfo 2018-11-06 18:35:11 -08:00
Chris Conlon
2a60fbd766 add support for SubjectKeyIdentifier in CMS SignedData SignerInfo 2018-11-06 18:35:11 -08:00
Chris Conlon
70ca95b357 add support for custom contentType with CMS SignedData type 2018-11-06 18:35:11 -08:00
toddouska
bdf07e64cf Merge pull request #1901 from dgarske/rsa_nonblock 
Added RSA non-blocking support
 2018-11-06 16:39:43 -08:00
toddouska
5d8f4351ff Merge pull request #1903 from dgarske/dhkeycheck 
Speed improvements for DH public key prime checking
 2018-11-06 16:35:27 -08:00
toddouska
144ff68cfb Merge pull request #1882 from SparkiDev/pkcs11_lib 
Improvements for PKCS#11 library
 2018-11-06 08:53:57 -08:00
toddouska
2c7ff56a3e Merge pull request #1907 from JacobBarthelmeh/Testing 
infer and g++ build fixes
 2018-11-06 08:48:28 -08:00
David Garske
95092696bf Fix to make sure mp_toradix and mp_radix_size are included for OPENSSL_EXTRA. 2018-11-06 08:38:47 -08:00
kaleb-himes
92d6dc36af Fix pre-processor checks in wolfCrypt test for unique configuration 2018-11-02 15:22:11 -06:00
David Garske
6372c3d6e1 * Added RSA non-blocking support enabled with WC_RSA_NONBLOCK. Adds new wc_RsaSetNonBlock function for enabling / non-block context. Added wolfCrypt test function rsa_nb_test to validate. Result is: RSA non-block sign: 8200 times and RSA non-block verify: 264 times 
* Signature wrapper improvements to eliminate mallocs/frees unless small stack is used. If small stack is used only one allocation is done based on actual max (was previously was allocating too much and in the encoding case was reallocating a second buffer).
 2018-11-02 12:41:23 -07:00
John Safranek
98291f8465 Update comment in dh.c. 2018-11-02 11:38:52 -07:00
JacobBarthelmeh
1ffc1108a6 Merge pull request #1906 from cconlon/selftest-fixes 
fixes for CAVP selftest build errors
 2018-11-01 11:31:39 -06:00
Jacob Barthelmeh
a953a3141e infer and g++ build fixes 2018-11-01 09:59:35 -06:00
Sean Parkinson
81650d6cef Fix for subtract 
Added cortex-m support using umull for faster implementation.
 2018-11-01 15:21:51 +10:00
Jacob Barthelmeh
cc3ccbaf0c add test for degenerate case and allow degenerate case by default 2018-10-30 17:04:33 -06:00
Chris Conlon
def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske
f4b0261ca7 Fix to not do prime test on DH key the server loaded. Now it will only do the prime test on the peer's provided public DH key using 8 miller rabbins. Refactored the fast math miller rabin function to reuse mp_int's, which improved peformance for mp_prime_is_prime_ex from 100ms to 80ms. Normal math mp_prime_is_prime_ex is ~40ms (as-is). Added test for wc_DhSetCheckKey. 2018-10-30 11:20:07 -07:00
Sean Parkinson
ab458db504 Review comment changes 
Add heap as a device initialization parameter.
Allocate slot info pointer wiht device heap pointer.
ForceZero user pin on token finalization.
Add comments to structure definitions.
 2018-10-30 15:56:31 +10:00
David Garske
ba90674357 Merge pull request #1897 from WolfWalter/fix_sigrs_length 
ATECC508 reference PK callback fix for signature length
 2018-10-29 08:54:46 -07:00
Wolf Walter
a47eeec145 fixed sigRs length 
atmel_ecc_sign and atmel_ecc_verify expect sigRS length to be 64 Byte (32 Byte each).
 2018-10-26 16:43:03 +02:00
David Garske
153c7cc684 Fix for unused variable in new fast-rsa function wc_RsaPublicKeyDecode_ex. 2018-10-25 11:12:33 -07:00
David Garske
86758f9640 Fixes for key size detection when using PK callbacks (HSM) and no private key has been loaded (affects HAVE_PK_CALLBACKS on server side only when no dummy private key is loaded). Fix for possible leak during ECC min key size failure with small stack. Added new API wc_RsaPublicKeyDecode_ex for parsing an RSA public key for the modulus and exponent. Changed wolfSSL_CTX_SetTmpEC_DHE_Sz to support a size == 0 for using the long-term private key's size. Changed ECDHE_SIZE so it can be overridden and build-time. Added tests for wolfSSL_CTX_SetTmpEC_DHE_Sz and wolfSSL_SetTmpEC_DHE_Sz. 2018-10-25 09:15:23 -07:00
toddouska
22aa01a547 Merge pull request #1881 from SparkiDev/pkcs7_no_si 
Return error when attempting to verify signed data without signers
 2018-10-22 15:00:55 -07:00
toddouska
878b5925fc Merge pull request #1877 from dgarske/pkcs8_ec 
Added support for ECC private key with PKCS8 encoding
 2018-10-22 14:59:10 -07:00
toddouska
42fecee77b Merge pull request #1859 from SparkiDev/pkcs7-cons 
Support constructed OCTET_STRING in PKCS#7 signed data
 2018-10-22 14:52:50 -07:00
Sean Parkinson
7551e49fed Improvements for PKCS#11 library 2018-10-18 17:31:17 +10:00
Sean Parkinson
67bb558025 Return error when attempting to verify signed data without signers 2018-10-18 13:44:13 +10:00
toddouska
7391f4db90 Merge pull request #1815 from dgarske/atecc508_fixes 
Fixes for ATECC508A
 2018-10-17 08:35:09 -07:00
David Garske
0d7d8f54e0 Added support for ECC private key with PKCS8 parsing. Fix is to attempt pkcs8 parse for -----BEGIN EC PRIVATE KEY----- and if parse fails to treat as normal private key. ZD 4379. 2018-10-16 16:56:42 -07:00
David Garske
e53694b351 Fix for shared secret callback for client side, where it was not using the provided peer's public key. Fix for ATECC508A to put it into idle mode after operations to prevent watchdog fault mode (can be disabled by defining WOLFSSL_ATECC508A_NOIDLE). Fixes for callbacks to support using software for non P-256 curves (can be disabled by defining WOLFSSL_ATECC508A_NOSOFTECC). 2018-10-15 16:01:04 -07:00
David Garske
bd57f5b385 Fix to resolve possible buffer overflow with atmel_get_rev_info when using byte. 2018-10-15 14:17:43 -07:00
David Garske
177bf49fa6 Updates to the atmel.c code to allow easier customization of the hardware interface. 2018-10-15 14:17:43 -07:00
David Garske
bb737ec99d Fixes for building against latest CryptoAuthLib. Refactor to eliminate the atcatls function calls, since these have been removed from latest CryptoAuthLib. Cleanup of the slot assignment handling. 2018-10-15 14:17:43 -07:00
David Garske
d67cb9e875 Added new build option for Microchip CryptoAuthLib (--enable-cryptoauthlib). Build fixes with WOLFSSL_ATECC508A enabled. 2018-10-15 14:17:43 -07:00
David Garske
ba9f21bad6 Improvements to the ATECC508A README.md. 2018-10-15 14:17:42 -07:00
David Garske
c51c607e96 Fix to use inLen for raw public key copy. No need to throw an error for other curve types as this function may be used for software only import/export. In the TLS case with only SECP256R1 there are other places where an error will be thrown. 2018-10-15 14:17:42 -07:00
David Garske
53c2264327 Fix for checking the inLen when setting raw public key len for hardware. Finished the ATECC508A ECC functions to support native TLS with the WOLFSSL_ATECC508A option and SECP256R1. Added slot type for alloc/free. Added helper functions for setting the PK callbacks and custom content. Updated the README.md with build options. Added support for overriding the ATECC_MAX_SLOT. Added overridable define for encryption slot number ATECC_SLOT_I2C_ENC. Added new build option WOLFSSL_ATECC_PKCB for using just the reference PK callbacks. 2018-10-15 14:17:42 -07:00