Commit Graph

4438 Commits

Author SHA1 Message Date
Daniel Pouzzner f73fc23282 ecc.c: add smallstack codepaths to ecc_mul2add(). 2020-12-11 14:16:44 -06:00
David Garske cb8c6608f3 Merge pull request #3558 from douzzer/fix-mp_mod_2d-sub-byte-clearing
fix mp_mod_2d() for DIGIT_BIT != sizeof(mp_digit)*8
2020-12-11 08:43:51 -08:00
Sean Parkinson 3e8e7aa17f Merge pull request #3550 from douzzer/sp-math-all-sp-word-typo
sp_int.c: fix typos in _sp_mul_4() and _sp_sqr_4().
2020-12-11 16:16:48 +10:00
Daniel Pouzzner ef1284165f wolfcrypt/src/integer.c: fix sub-byte clearing step of mp_mod_2d() to work when DIGIT_BIT != sizeof(mp_digit)*8. 2020-12-10 23:50:30 -06:00
Sean Parkinson a075540343 Merge pull request #3552 from tmael/shiftNeg
Check shift value
2020-12-11 10:19:27 +10:00
Tesfa Mael 9042843e42 Fix shift and clear digits 2020-12-10 16:13:30 -08:00
toddouska 2c652151ac Merge pull request #3510 from SparkiDev/sp_modinv_nct
SP modinv: add non-constant time modinv
2020-12-10 16:06:12 -08:00
Daniel Pouzzner f277339528 add explicit casts to XMALLOC()s, even for (void *), to avoid warnings in C++ and MSVC/MSVS builds, and to avoid false positives on simple text searches. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner f47cdfcaed wolfcrypt/test/test.c: fix skipped initialization warned by LLVM11 scan-build. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner 741098c108 sp_int.c, srp.c: fixes for 5 deadcode.DeadStores found by LLVM11 scan-build. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner f49e9bf954 dsa.c, srp.c, wolfcrypt/test/test.c: smallstack refactors: wc_DsaExportKeyRaw(), wc_DsaSign(), wc_SrpSetKey(), ecc_test_cdh_vectors(), ecc_test_custom_curves(). 2020-12-10 14:16:21 -06:00
Daniel Pouzzner 1fc2c7714c hmac.c: include wc_port.h rather than settings.h, to pick up WOLFSSL_LINUXKM namespace tweaks. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner f7bf0a78fb test.c:ecc_test_curve_size(): use a macro, not a static const size_t, for size of exportBuf, to make MS Visual Studio happy. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner 89e6b1eebc wc_ecc_mulmod_ex(): be more careful freeing temp key. 2020-12-10 14:16:21 -06:00
Daniel Pouzzner e6b587772f fix pointer type clash in wolfSSL_BN_mod_word(); restore accidentally removed WOLFSSL_KEY_GEN gate in dsa_test(). 2020-12-10 14:16:21 -06:00
Daniel Pouzzner cbc190f13c wolfcrypt/src/ecc.c: smallstack refactors of wc_ecc_mulmod_ex() and mp_sqrtmod_prime(). 2020-12-10 14:16:21 -06:00
Daniel Pouzzner ad2cb67047 wolfcrypt/test/test.c: _SMALL_STACK refactors of dsa_test(), srp_test(), openssl_pkey1_test(), and ecc_test_curve_size(); add missing FIPS gates. 2020-12-10 14:16:20 -06:00
Daniel Pouzzner 5286cb1a46 optimize domain check in wolfcrypt/src/integer.c and wolfcrypt/src/tfm.c. 2020-12-10 14:16:20 -06:00
toddouska b93109cf1c Merge pull request #3540 from SparkiDev/int_toradix_fix
MP integer: fix map string for toradix and read_radix
2020-12-10 12:01:45 -08:00
toddouska cd3b91a8fe Merge pull request #3536 from SparkiDev/arm64_rev
ByteReverseWord32 AARCH64: Use proper instruction - REV32
2020-12-10 11:59:00 -08:00
Tesfa Mael 4bd49d2b28 Update with a proper check 2020-12-09 17:05:56 -08:00
Sean Parkinson 2862a9ce56 SP modinv: add non-constant time modinv
Can only be used in ECC verify - sign operation must be constant time.
Not used for small code.
2020-12-10 09:24:22 +10:00
Tesfa Mael 44903ff8ae Check shift value 2020-12-09 15:04:28 -08:00
Chris Conlon 21625ab0c2 Merge pull request #3533 from JacobBarthelmeh/PKCS7
fix for PKCS7 decompress
2020-12-09 14:00:42 -07:00
Daniel Pouzzner 2de261c2de sp_int.c: fix typos in _sp_mul_4() and _sp_sqr_4(). 2020-12-09 12:10:46 -06:00
toddouska f31b41fcca Merge pull request #3495 from haydenroche5/httpd
Add OpenSSL compatibility functions for latest version of Apache httpd
2020-12-09 09:55:13 -08:00
toddouska b7aa0ebf57 Merge pull request #3458 from julek-wolfssl/EVP_Cipher-api
EVP_Cipher should return length written.
2020-12-09 09:52:44 -08:00
toddouska 367f28b917 Merge pull request #3443 from SparkiDev/tls13_psk_no_dhe
TLS 1.3: PSK only
2020-12-09 09:45:34 -08:00
toddouska 6c62899ea8 Merge pull request #3535 from SparkiDev/sp_fixes_4
SP: change implicit casting downs to be explicit
2020-12-09 09:25:57 -08:00
toddouska 0b78137dfa Merge pull request #3537 from SparkiDev/sp_int_configs
SP math all: fixes for configurations that don't specify size
2020-12-09 09:16:46 -08:00
Sean Parkinson d34b0072a2 ARM: identify ARM CPU for Thumb and Cortex
Better detailed check of CPU architecture for 32-bit byte reversal asm
2020-12-09 08:54:18 +10:00
Jacob Barthelmeh bc50b7b836 fix order of arguments with PKCS7 decompression 2020-12-08 23:11:59 +07:00
Jacob Barthelmeh 081cea7405 set optional limit on max decompression buffer size 2020-12-08 20:16:27 +07:00
Sean Parkinson dbe4ce0e24 SP: Get RSA verify only to build with DH
Fix configuration: --enable-rsavfy --enable-sp --enable-cryptonly
[--enable-sp-asm]
2020-12-07 09:46:14 +10:00
Sean Parkinson 9bbef90546 MP integer: fix map string for toradix and read_radix 2020-12-07 09:12:53 +10:00
Sean Parkinson 281ba96bd0 SP math all: fixes for configurations that don't specify size 2020-12-04 16:47:11 +10:00
Sean Parkinson d475463c91 Merge pull request #3528 from JacobBarthelmeh/Testing
fix build with ARM64 SP, FP_ECC and WC_NO_CACHE_RESISTANT
2020-12-04 12:17:24 +10:00
Sean Parkinson a72393eb33 ByteReverseWord32 AARCH64: Use proper instruction - REV32 2020-12-04 12:05:33 +10:00
Sean Parkinson 56cb4c8ea7 SP: change implicit casting downs to be explicit 2020-12-04 11:52:39 +10:00
Hayden Roche bca43654df Make changes to OCSP ASN code.
- Use OcspEntry in OcspResponse instead of CertStatus. OcspEntry is more
  analogous to an OCSP SingleResponse, which contains issuer name and key
  hashes. Correspondingly, remove these hashes from OcspResponse, since they'll
  now be stored per SingleResponse in an OcspEntry.
- Add a hashAlgoOID to OcspEntry (corresponds to hashAlgorithm in CertId in RFC
  6960). This makes OcspEntry more closely resemble an OCSP SingleResponse.
- Change WOLFSSL_OCSP_CERTID to map to OcspEntry. OcspEntry contains all the
  information that an OCSP CertID contains, and is a better fit than
  OcspRequest.
- Add a pointer to the raw CertId in an OCSP SingleResponse to OcspEntry, along
  with a size field to indicate how many bytes the CertId occupies. This will
  be used in an OpenSSL compatibility function, i2d_OCSP_CERTID, which yields
  the raw bytes of the CertId.
2020-12-03 11:22:43 -06:00
Jacob Barthelmeh fbf56bcf96 fix for PKCS7 decompress 2020-12-03 18:57:25 +07:00
toddouska 69d642206d Merge pull request #3513 from SparkiDev/ecc_vfy_r_s_check
ECC verify: validate r and s before any use
2020-12-02 14:33:38 -08:00
toddouska 36b73b738b Merge pull request #3526 from SparkiDev/aes_prefetch
AES: When not X86_64, PreFetch*() not used
2020-12-02 13:28:58 -08:00
toddouska d75a983766 Merge pull request #3527 from SparkiDev/ecc_safe
ECC add and dbl point: always use safe add and dbl
2020-12-02 13:28:10 -08:00
Sean Parkinson 3d9b4f10f0 AES: When not X86_64, PreFetch*() not used
When WC_INLINE is defined then compiler doesn't mind. Otherwise, this is
a warning.
2020-12-02 09:04:48 +10:00
Juliusz Sosinowicz 0d87dfa493 EVP_Cipher should return length written. 2020-12-01 18:36:36 +01:00
Sean Parkinson 9b5b9fd85d OCSP: Handle extensions in singleResponse 2020-12-01 16:41:20 +10:00
JacobBarthelmeh 42a63e8cc8 fix build with ARM64 SP, FP_ECC and WC_NO_CACHE_RESISTANT 2020-11-29 20:26:55 -08:00
Sean Parkinson 6bb38a1066 ECC add and dbl point: always use safe add and dbl
Can be using basepoint or public key at any time. Can't tell difference.
Always use the safe versions.
For private key operations, only working on the basepoint and will never
do any timinig different operations.
No impact on performance.
2020-11-30 11:44:50 +10:00
Sean Parkinson 35acfa0f42 SP ECC: check the length of public key ordinates and private key
Do quick bit length check before loading the MP integers into fixed size
arrays.
Changed ECC to use SP key check function if SP enabled and not only with
SP Math.
2020-11-27 08:49:30 +10:00