wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-30 22:29:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,410 Commits 12 Branches 184 Tags
4237a5765953351f3f8431582f42d2a405c61baa
Commit Graph

499 Commits

Author SHA1 Message Date
John Safranek
8e75de88e8 Test Fixes 
1. AesGcmEncrypt_ex requires the RNG, remove function if RNG disabled.
2. Fix a couple function name changes in the example server.
3. Removed the old FIPS wrapping added to dh.h, was redundant.
4. Move include of random.h in the aes.h file.
5. Fix where ecc.c was being left out of old FIPS builds.
6. Exclude the AES-GCM internal IV test case when building without the RNG.
7. Fix api test where AES-GCM Encrypt was called with a too-long IV in old FIPS mode. Non-FIPS and new FIPS are allowed longer IVs.
 2018-04-13 09:40:09 -07:00
John Safranek
c394020771 FIPS Revalidation 
1. Enabled ECC Cofactor DH for the FIPSv2 build.
2. Updated the wolfCrypt HMAC-SHA-3 test to leave out the set of test cases that use the four-byte key in FIPS mode.
 2018-04-13 09:40:09 -07:00
John Safranek
39ea69dbac AES-GCM 
1. Updated the wolfCrypt GMAC test to leave out the test case with the 15-byte tag when building for FIPS.
2. Replace tabs with spaces.
 2018-04-13 09:40:09 -07:00
John Safranek
a9ee541e3f FIPS Revalidation 
1. Added new AES-GCM Encrypt API for FIPS where the IV is generated internally.
2. Fix the AES-NI guard flags so it can be used when FIPS enabled.
 2018-04-13 09:40:09 -07:00
Eric Blankenhorn
a0d8327320 Coverity fixes 2 (#1493) 
* Coverity fixes for wolfcrypt folder
* Fixes for remaining issues
* Fixes for test files
 2018-04-13 05:35:18 -07:00
David Garske
83bfdb1594 Fix for issue with unique hash types on ctoacrypt FIPS using different values than WC_HASH_TYPE_*. Add new API wc_HashTypeConvert to handle the conversion between enum wc_HashType and int. For FIPS it uses a switch() to convert and for non-FIPS it uses a simple cast. Changed the pwdbased_test to return actual ret instead of adding values (made it difficult to track down error location). 2018-04-11 09:30:30 -07:00
David Garske
a38576146e * Added support for disabling PEM to DER functionality using WOLFSSL_PEM_TO_DER. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests. 
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
 2018-04-09 13:28:15 -07:00
David Garske
c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
David Garske
f9e830bce7 First pass at changes to move PemToDer into asn.c. 2018-04-09 13:28:14 -07:00
David Garske
ede006b3e1 Merge pull request #1479 from JacobBarthelmeh/HardwareAcc 
Fix PIC32 AES-CBC and add test case
 2018-04-05 09:15:08 -07:00
Jacob Barthelmeh
815219b589 fix pic32 AES-CBC and add test case 2018-04-04 16:09:11 -06:00
David Garske
0c898f513d Nitrox V fixes and additions: 
* Added support for ECC, AES-GCM and HMAC (SHA-224 and SHA3).
* Fixes for Nitrox V with TLS.
* ECC refactor for so key based `r` and `s` apply only when building with `WOLFSSL_ASYNC_CRYPT`.
* ECC refactor for `e` and `signK` to use key based pointer for Nitrox V.
* Improved the Nitrox V HMAC to use start, update and final API's instead of caching updates.
* Fix for Intel QuickAssist with unsupported HMAC hash algos using `IntelQaHmacGetType` (such as SHA3).
* Added new API `wc_mp_to_bigint_sz` to zero pad unsigned bin.
* Fix for AES GCM to gate HW use based on IV len in aes.c and remove the gate in test.c.
* Implemented workaround to use software for AES GCM Nitrox V hardware and 13 byte AAD length for TLS.
* New debug option `WOLFSSL_NITROX_DEBUG` to add pending count.
 2018-04-03 09:14:20 -07:00
Takashi Kojo
c60d9ff983 if(ret != 1) error 2018-04-01 13:27:08 +09:00
Takashi Kojo
1c0b84d47d openSSL compatibility, EVP_CipherUpdate, if(inlen == 0)return 1; 2018-04-01 12:13:18 +09:00
David Garske
c9d840ed8d Fix for the HAVE_THEAD_LS case with FP_ECC where starting a new thead and doing ECC operations and not calling wc_ecc_fp_free. Added missing wolfCrypt_Init to API docs. 2018-03-27 14:29:39 -07:00
Chris Conlon
d2aa7d0a37 exclude ecc_import_unsigned test when building for CAVP selftest 2018-03-23 16:31:17 -06:00
David Garske
3bf325290d Base16/64 improvements: 
* Add define `WOLFSSL_BASE16` to explicitly expose base16 support.
* Add `./configure --enable-base16` option (disabled by default in configure, but enabled in coding.h when required internally).
* Added base16 tests in test.c `base16_test`.
* Enabled base64 decode tests when `WOLFSSL_BASE64_ENCODE` is not defined.
 2018-03-22 10:36:56 -07:00
David Garske
59aa893260 Cleanup ECC point import/export code. Added new API wc_ecc_import_unsigned to allow importing public x/y and optional private as unsigned char. Cleanup wc_ecc_sign_hash to move the hardware crypto code into a separate function. Added missing tests for wc_ecc_export_public_raw, wc_ecc_export_private_raw and new test for wc_ecc_import_unsigned. 2018-03-19 13:28:57 -07:00
Sean Parkinson
c4dfa41088 SP improvements 
Tag functions to not be inlined so llvm doesn't make huge builds.
Add sp_mod to support new DH key generation function.
 2018-03-13 14:16:48 +10:00
Jacob Barthelmeh
df1c73c8e5 check for case that BER to DER API is available 2018-03-01 18:00:52 -07:00
toddouska
73dbc8f6e7 Merge pull request #1395 from JacobBarthelmeh/Certs 
Add support for writing multiple OUs, DCs and for writing a unique EKU OID
 2018-02-26 08:39:58 -08:00
Jacob Barthelmeh
f2cbab95b0 change _EncodeName, add test with wc_MakeCertReq, add XMEMSET with Cert init 2018-02-23 17:22:48 -07:00
toddouska
22e55e72c1 Merge pull request #1394 from cconlon/selftest 
Add CAVP-only Self Test for special build
 2018-02-23 15:50:06 -08:00
Jacob Barthelmeh
453aa16e8d Add support for writing multiple OUs, DCs and for writing a unique EKU OID 2018-02-23 10:46:26 -07:00
Chris Conlon
ad53037852 add CAVP selftest option for special build 2018-02-23 10:14:56 -07:00
David Garske
6500c40015 Merge pull request #1386 from JacobBarthelmeh/RSA 
add WC_RSA_NO_PADDING macro and WC_RSA_NO_PAD enum
 2018-02-22 13:34:20 -08:00
Sean Parkinson
6bf5f06397 Fixes from code review 2018-02-22 14:59:19 +10:00
Sean Parkinson
274110a10c Added tests and fixes from testing 2018-02-22 14:58:37 +10:00
Sean Parkinson
76b0464a3b Fixes from review 2018-02-22 08:31:19 +10:00
Jacob Barthelmeh
08e199d78a add support for async with wc_RsaDirect function 2018-02-21 11:09:38 -07:00
Jacob Barthelmeh
7374e2e751 add WC_RSA_NO_PADDING macro and WC_RSA_NO_PAD enum 2018-02-21 10:10:35 -07:00
Sean Parkinson
d09f26a69f Support indefinite length BER encodings in PKCS #7 2018-02-21 08:29:50 +10:00
Jacob Barthelmeh
772651c17a update tests and benchmark for HAVE_AES_DECRYPT 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh
4614bd4e56 scan-build warning and AES key size builds for ARMv8 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh
2a15b3912b revert pkcs7 attrib structure for scep and add more macro guards for AES key size 2018-02-19 17:32:39 -07:00
Jacob Barthelmeh
02753e53a5 add some of AES key size macros to benchmark.c and test.c 2018-02-19 17:28:53 -07:00
Jacob Barthelmeh
7143b09786 pack PKCS7 structure 2018-02-19 17:28:53 -07:00
toddouska
08696449f6 Merge pull request #1349 from JacobBarthelmeh/PKCS7 
pkcs7 attribute parsing
 2018-02-19 15:36:55 -08:00
David Garske
ae5dac8994 Fixes for GCC 7 build errors with evp.c and switch fall through. General EVP code formatting cleanup. Fix for wolfCrypt test un-used var when HAVE_AES_CBC not defined. Fix for async in test_wolfSSL_SESSION with err not being initialized. 2018-02-16 09:32:40 -08:00
David Garske
9ff97997a6 Merge pull request #1360 from SparkiDev/sp_math 
Minimal implementation of MP when using SP.
 2018-02-14 15:49:23 -08:00
toddouska
9a4fe0fe4e Merge pull request #1353 from dgarske/asn_strict 
Added RFC 5280 "must" checks
 2018-02-14 10:01:58 -08:00
John Safranek
e48eb1ded8 added hmac-sha-3 2018-02-12 13:24:06 -08:00
toddouska
95ed1a88ed Merge pull request #1364 from SparkiDev/aesni_authtagsz 
AES-GCM AES-NI code now handles different tag lengths
 2018-02-09 13:19:14 -08:00
Sean Parkinson
35c993e55d AES-GCM AES-NI code now handles different tag lengths 
Encrypt and decrypt code modified.
AES-NI, AVX1 and AVX2 code modified.
Test of 15 byte tag added.
 2018-02-09 17:21:06 +10:00
John Safranek
6907241180 Add AES-GCM Test Case 
Added a new AES-GCM test case where the provided IV is of length 1 byte.
 2018-02-08 11:37:21 -08:00
Sean Parkinson
a3a4f2d59c Minimal implementation of MP when using SP. 
--enable-sp-math to include minimal implementation of MP (only with
--enable-sp.)
Add futher functionality for ECC (conditionally compiled):
- check key
- is point on curve
- API to add and double projective points
- API to map from project to affine
- Uncompress point (including sqrt)
Some configuration options will not work with SP math - configure.ac
detects this and errors out.
Change test code to better support SP sizes only.
 2018-02-08 15:50:17 +10:00
David Garske
d78e45dbb6 Added check to enforce RFC 5280 Sec 4.2: "A certificate MUST NOT include more than one instance of a particular extension". Refactor of the DecodedCert struct to combine bit type options into bit-fields. Fix for wolfCrypt test for error codes to allow -161. 2018-02-07 11:15:22 -08:00
toddouska
0765aa0f20 Merge pull request #1342 from SparkiDev/aes_gcm_sb2 
Improve performance of AES-GCM for AVX1 and AVX2
 2018-02-02 10:56:14 -08:00
toddouska
02ef52c3cd Merge pull request #1340 from dgarske/ecc_pub_import_wcurve 
Adds curve information to public key import for `wc_EccPublicKeyDecode`
 2018-02-02 10:52:06 -08:00
toddouska
d63373066b Merge pull request #1331 from JacobBarthelmeh/Compatibility-Layer 
add comments and better error checking for PKCS8 strip
 2018-02-02 10:50:29 -08:00