Commit Graph

210 Commits

Author SHA1 Message Date
Sean Parkinson 19f10cd382 PKCS #11: implement identifying keys by label 2020-11-27 08:31:45 +10:00
David Garske d4c59e369e Merge pull request #3335 from julek-wolfssl/RSA-PSS-padding-in-EVP_Digest-API
Enable RSA-PSS padding in EVP_Digest* API
2020-11-19 09:31:12 -08:00
Sean Parkinson 91d23d3f5a Implement all relevant mp functions in sp_int 2020-11-19 11:58:14 +10:00
Juliusz Sosinowicz a0a3a2b74c Review changes 2020-11-17 19:15:12 +01:00
Juliusz Sosinowicz d18e2d7386 Refactoring and use salt length discover if available 2020-11-17 15:06:35 +01:00
Juliusz Sosinowicz fa03113460 enum wc_HashType switch
switch needs to handle all possible enum values or else the compiler generates warnings
2020-11-17 15:04:57 +01:00
Juliusz Sosinowicz 248dd12993 Enable RSA-PSS padding in EVP_Digest* API 2020-11-17 15:04:57 +01:00
toddouska 63bf5dc56c Merge pull request #3426 from SparkiDev/rsa_pss_fix
RSA-PSS: Handle edge case with encoding message to hash
2020-11-03 14:43:56 -08:00
Sean Parkinson fb2288c46d RSA-PSS: Handle edge case with encoding message to hash
When the key is small relative to the digest (1024-bit key, 64-byte
hash, 61-byte salt length), the internal message to hash is larger than
the output size.
Allocate a buffer for the message when this happens.
2020-10-27 12:39:06 +10:00
John Safranek f5f883597e RSA PSS Fix
1. Change the utility function in wc_encrypt that returns the size of a
   hash to initialize the size to HASH_TYPE_E, like the other utility
   functions.
2. When getting the hash size returns an error, RSA-PSS verify inline
   should return a BAD_FUNC_ARG error.
2020-10-24 13:06:42 -07:00
Daniel Pouzzner 6a7a87545a wc_MakeRsaKey(): add missing allocation failure checks for WOLFSSL_SMALL_STACK. 2020-09-23 18:32:17 -05:00
Daniel Pouzzner 60a686f48c tidying suggested by Sean in review. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner 4f5bbbdca8 rsa.c:wc_CheckProbablePrime(): WOLFSSL_SMALL_STACK refactor 2020-09-23 18:32:16 -05:00
David Garske 26aaf473db Fix for unit.test error with RSA 1024-bit key gen when using ./configure --enable-keygen --enable-sp. Issue started in PR #3119 2020-08-10 12:40:29 -07:00
David Garske 4a167c0f2c Merge pull request #3119 from tmael/do178-fix
DO-178 fix
2020-08-05 16:30:00 -07:00
Sean Parkinson 3ffa4350e8 RSA PSS check input length is hash length
Input is the hash of the message and the hash type is the hash used to
generate the hash/input.
2020-08-03 12:17:03 +10:00
Tesfa Mael cebb283822 DO-178 changes 2020-07-30 09:18:45 -07:00
Eric Blankenhorn 233a5ca6b8 Fix OOB access 2020-05-28 14:14:19 -05:00
Jacob Barthelmeh cd1a50bfb6 add additional sanity check on pointer before free 2020-05-21 11:19:17 -06:00
JacobBarthelmeh 03ed495f84 free temporary buffer 2020-05-19 19:27:29 -06:00
JacobBarthelmeh 6a7a8fa5b7 updated RSA calls to Xilsecure 2020-05-19 19:27:21 -06:00
Sean Parkinson c4af5db4b9 Only use SP for RSA private operations if P and Q half bits 2020-05-07 08:46:48 +10:00
Juliusz Sosinowicz 36403c1dad Merge remote-tracking branch 'wolfSSL/master' into wpa-supplicant-openssl-compat 2020-04-15 16:55:03 +02:00
Juliusz Sosinowicz 73b4d78d5b Added partial support for wpa_supplicant, hostapd, and cjose:
- Moved `SetECKeyInternal` and `SetECKeyExternal` to `internal.h` to allow usage outside of `ssl.c`
- Added `asn1t.h`
- Implemented the `IMPLEMENT_ASN1_FUNCTIONS` macro for a small subset of ASN1 tags
-- So far only `X509_ALGOR` and `ASN1_BIT_STRING` are supported
- Implemented `BN_mod_add` function
- Allow for setting of `EC_KEY` export form through EC_KEY_set_conv_form
- Implemented `i2o_ECPublicKey`
- Implemented `EC_POINT_copy`
- Implemented deriving DH and ECDH keys in `EVP_PKEY_CTX`. Functions added:
-- `EVP_PKEY_derive_init`
-- `EVP_PKEY_derive_set_peer`
-- `EVP_PKEY_derive`
- Implemented `EVP_PKEY_get0_DH`
- Implemented `X509_ALGOR_new`
- Implemented `X509_ALGOR_free`
- Implemented `X509_ALGOR_set0`
- Implemented `X509_PUBKEY_new`
- Implemented `X509_PUBKEY_free`
- Implemented `X509_PUBKEY_set`
- Implemented `RSA_padding_add_PKCS1_PSS`
- Implemented `RSA_verify_PKCS1_PSS`
- Changed second parameter of `wolfSSL_d2i_PUBKEY` to be constant
- Corrected long names in `asn.h`
- Added `wc_ecc_get_generator` as a way to get the generator point of a curve
- Added `wc_ecc_export_point_der_ex` to export an ECC point in compressed or uncompressed format with one API
- Added `wc_ecc_export_point_der_compressed` to export a point in an `ecc_point` structure in compressed DER format
- Added 'wc_RsaSSL_Verify_ex` which adds the option to choose a padding type
- Added `wc_RsaPad_ex` and `wc_RsaUnPad_ex` to `rsa.h` as `WOLFSSL_LOCAL` functions
- `CopyDecodedToX509` now fills `x509->key` and `x509->algor` when populating x509
- `wolfSSL_EVP_CipherInit` now uses `wc_AesGcmSetExtIV` to set the IV so that it is copied to `ctx->iv` by `wolfSSL_StoreExternalIV`
- Added error checking to `wolfSSL_EVP_PKEY_get_der`
- `wolfSSL_X509_ALGOR_get0` now attempts to return something in all parameters
- Refactored `wolfSSL_EC_KEY_new` to use `*_new` functions when available
- Added `setupPoint` to set the internal point if not yet set
- Always set external point in `wolfSSL_ECPoint_d2i`
- Added compressed point support to `wolfSSL_EC_POINT_point2oct`
- Fix `wolfSSL_EC_POINT_mul` so that it will calculate the full `generator * n + q * m` then OpenSSL does
- Added `WOLFSSL_RSA_GetRNG` helper function to get a `WC_RNG` from `WOLFSSL_RSA`
- Correct short names in `wolfssl_object_info`
- Added all currently supported curves to `wolfssl_object_info`
- Added `oidCurveType` to `oid2nid`
- Add more padding types to `wolfSSL_RSA_public_decrypt`
- Fix `keysize` in `wc_ecc_import_point_der`
- Added tests for new additions
2020-04-14 11:45:32 +02:00
Sean Parkinson ba401c9bde Fix testing using 4096 bits keys and parameters
RSA PKCS #1.5 padding for signing is not reliant on a random.
2020-04-14 12:03:51 +10:00
Sean Parkinson 411aee6e05 Fixes from cppcheck
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
2020-04-08 09:46:22 +10:00
Sean Parkinson c82531a41a Fix performance of RSA public key ops with TFM
Have a constant and non-constant time modular exponentation available in
tfm.c.
Call the non-constant time version explicitly when performing RSA public
key mod exp.
2020-03-26 17:33:07 +10:00
toddouska bcc720ef68 Merge pull request #2773 from SKlimaRA/master
Coverity issues fixes.
2020-03-13 10:20:45 -07:00
David Garske c8e618a817 Fix build for WOLFSSL_RSA_VERIFY_ONLY. 2020-02-23 15:58:28 -08:00
David Garske e80c696d5f Fix for RSA with SHA3 only (resolves warning with unsed RsaMGF1. 2020-02-23 13:54:48 -08:00
Stanislav Klima 6f3623f220 Moved infinite loop check to the other bad func arg check. 2020-02-18 09:59:59 +01:00
Stanislav Klima 1a38c26097 Prevent infinite loop. 2020-02-12 13:29:33 +01:00
Sean Parkinson 669d9b1ae4 Fix for rsa key gen blinding - don't call lcm 2020-02-10 08:51:43 +10:00
Chris Conlon b29fe41a35 Merge pull request #2738 from SparkiDev/cppcheck_fixes_3
Changes to clear issues raised by cppcheck
2020-02-03 17:02:40 -07:00
toddouska 6f2230e459 Merge pull request #2774 from SparkiDev/sp_x86_64_asm
Improve performance of SP Intel 64-bit asm
2020-02-03 11:08:17 -08:00
Sean Parkinson 55ea2facdd Changes to clear issues raised by cppcheck 2020-01-30 14:24:32 +10:00
Sean Parkinson 81bebd8e5c Improve performance of SP Intel 64-bit asm
RSA: Only constant time copy out when doing private key op
Improve performance of sp_count_bits
2020-01-30 12:23:38 +10:00
Sean Parkinson b4cadae4e2 Constant time q modinv p in RSA key gen 2020-01-23 14:52:29 -08:00
David Garske 2a5c623c97 Fix for RSA without SHA512 build error. Fix or renew cert PEM to DER. 2020-01-22 08:15:34 -08:00
toddouska d257003341 Merge pull request #2711 from cconlon/copyright2020
update copyright to 2020
2020-01-07 08:40:15 -08:00
toddouska b7ac709617 Merge pull request #2692 from SparkiDev/rsa_gen_modinv
Add blinding of mod inverse to RSA key gen
2020-01-07 07:56:38 -08:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
Tesfa Mael f58a9e81e9 Cryptocell rsa improvements to sign/verify more digest types 2019-12-30 16:31:30 -08:00
toddouska deac82c8ed Merge pull request #2683 from dgarske/various_items
Various cleanups and fixes
2019-12-27 13:53:39 -08:00
toddouska 95daec5326 Merge pull request #2633 from tmael/cc_310
Update Cryptocell readme
2019-12-27 12:58:19 -08:00
Sean Parkinson 9d94b48056 Add blinding of mod inverse to RSA key gen 2019-12-20 12:17:42 +10:00
David Garske 22f0b145d3 Various cleanups and fixes:
* Fix for key gen macro name in benchmark.c
* Fix for possible RSA fall-through warning.
* Fix for building `WOLFSSL_STM32_PKA` without `HAVE_ECC`.
* Added option to build RSA keygen without the DER to PEM using `WOLFSSL_NO_DER_TO_PEM`.
* Added options.h includes for test.c and benchmark.c.
* Added printf warning on the math size mismatch in test.c.
* Added support for benchmarking larger sizes.
* TLS benchmarks for HiFive unleashed.
2019-12-18 07:09:26 -08:00
Eric Blankenhorn 0bb8ae8564 Fixes for new defects in wolfCryot and wolfSSL (excluding test code) 2019-12-13 17:17:13 -06:00
Tesfa Mael 4f8a37ef7b Remove wc_RsaSSL_VerifyInline from Cryptocell 2019-12-05 10:40:21 -08:00
Sean Parkinson 5221c082f1 SP now has support for RSA/DH 4096-bit operations 2019-11-12 12:04:06 +10:00