wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:49:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,254 Commits 12 Branches 184 Tags
4f5bbbdca8f4acc6a4a120ff9f1092fe71bbdca2
Commit Graph

958 Commits

Author SHA1 Message Date
Daniel Pouzzner
cd88a2c7df wolfcrypt/test/test.c: when WOLFSSL_LINUXKM, don't do the large-malloc-incurring wc_scrypt()s in scrypt_test(). 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
dc4b15a265 test.c: fix gating on heap deallocation in hc128_test() to match earlier tweak to gating on allocation. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
b52d50d903 test.c: various improvements and fixes pursuant to dgarske's comments on PR #3244 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
a80b0c1982 test.c: don't exclude prime_test when -DOLD_PRIME_CHECK, but to exclude it when -DWOLFSSL_LINUXKM. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
e8b69f8a6a dh_test(): fix missing casts for XMALLOC(). 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
f440089e92 dh_test(): fix typo (undersized dynamic buffers). 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
f106fea0d8 rsa_no_pad_test(): fix uninited pointer. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
4ea8b46177 dh_test(): refactor remaining bare returns to ERROR_OUT(). 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
2ee218761e dh_test(): missed a spot in last commit. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
ca1a991de5 wolfcrypt/test/test.c: fix an error-path leak in dh_test(), and deal with possible -Wdeclaration-after-statement for XFILE file. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
a7381f8a48 test.c:rsa_test(): fix uninited pointer 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
426de2101a more work on DECLARE_VAR -- proper handling of failed allocations. WIP. 2020-09-23 18:32:16 -05:00
Daniel Pouzzner
9b7c753165 wolfssl/wolfcrypt/types.h: make DECLARE_VAR() et al use heap allocation not only when WOLFSSL_ASYNC_CRYPT but also when WOLFSSL_SMALL_STACK. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
571bf897c4 wolfcrypt/test/test.c: stack->heap refactor for dh_test(). 2020-09-23 18:32:15 -05:00
David Garske
66b59bda9b Fix for expected fail test in openssl_test for partial block. Fix for mp_test with ECC disabled, which uses mp_init_copy. 2020-09-23 18:32:15 -05:00
David Garske
0f8cf32122 Fix for possible leak in openssl_test because EVP free not called with WOLFSSL_SMALL_STACK_CACHE (SHA256/SHA512). Added return code checking to the openssl_test in wolfCrypt test. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
32e30d23c6 wolfcrypt/test/test.c: fix uninitialized values in aesofb_test(). 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
f56c6d1d8f wolfcrypt/test/test.c and wolfssl/test.h: implement DEBUG_STACK_SIZE_VERBOSE, measuring and reporting stack usage separately for each test. to use, ./configure --enable-stacksize && make CFLAGS+=-DDEBUG_STACK_SIZE_VERBOSE; also, remove a throwaway dev pragma that snuck into an earlier commit. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
925afe3b74 cast XMALLOC() return values assiduously, for Visual Studio compatibility. 2020-09-23 18:32:15 -05:00
Daniel Pouzzner
535822f4df wolfcrypt/test/test.c: refactor for stack size and namespace control, allowing embedding of wolfcrypt_test() in kernel module. 2020-09-23 18:32:15 -05:00
toddouska
8753b5b947 Merge pull request #3257 from kojo1/user-mutex 
fix guard, user define mutex
 2020-09-03 15:21:53 -07:00
toddouska
a626ac39f2 Merge pull request #3253 from SparkiDev/chacha20_stream_fix 
ChaCha20: Enable streaming with Intel x86_64 asm
 2020-09-03 15:18:00 -07:00
Sean Parkinson
54c8774103 ChaCha20: Enable streaming with Intel x86_64 asm 2020-08-31 09:06:51 +10:00
David Garske
21d17b17d0 Fix typo in code comment for ECC curve cache. Fix for valgrind report of possible use of uninitialized value with ChaCha/Poly AEAD test. 2020-08-27 12:01:24 -07:00
David Garske
6d5731b8e9 Fixes for HMAC_CTX cleanup not being called to free SHA2 resources with WOLFSSL_SMALL_STACK_CACHE. Added return code checking and cleanup for openssl_test. 2020-08-26 09:45:26 -07:00
David Garske
083f143c89 Fixes for warnings with minimum ECC build. 2020-08-21 15:47:02 -07:00
David Garske
79c0fd3f29 Fix for ECC make key test not waiting for async completion. 2020-08-20 14:25:05 -07:00
David Garske
0011b7b376 Fix possible ECC curve cache leak for custom curves. Fix possible memory leak with wc_DhKeyDecode and WOLFSSL_DH_EXTRA. Fix leak in dh_test with new call to DH key import. 2020-08-20 14:25:05 -07:00
John Safranek
3f6861ee82 FIPS Ready Fix with ECC Timing Resistance 
Commit 6467de5 added some timing resistance to ECC shared secret
agreement. It involved adding an RNG object to the ecc keys so
a random z value can be added to the mix. The older FIPS release
has ECC outside the boundary, so it uses the new ECC code. FIPSv2
has ECC inside the boundary, but all the TLS code checks for that
version of FIPS and leaves out the calls to the new functions as
it is using an older version of ecc.c. FIPS Ready uses the latest
version of ecc.c but compiles as FIPSv2. So, the code outside of
the crypto layer is treating ECC as FIPSv2 and not calling the new
functions, but the crypto layer assumes the RNG should be present,
and errs out on testing.
1. Added a separate option for FIPS Ready to the enable-fips
   configure option. `--enable-fips=ready`. It will treat FIPS
   Ready as the next kind of FIPS release. FIPS Ready will be
   treated like FIPS v3 in the build.
2. Changed the C preprocessor checks for FIPS version 2 to be
   checks for not version 2, with respect to ECC Timing Resistance
   and FIPS builds.
 2020-08-14 10:54:55 -07:00
Sean Parkinson
6467de5a88 Randomize z ordinates in scalar mult when timing resistant 
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
 2020-08-11 16:12:47 +10:00
toddouska
462f4f9e45 Merge pull request #3196 from cconlon/cavpmarvell 
Add fips-check.sh target for marvell-linux-selftest, selftest v2 support
 2020-08-06 10:45:03 -07:00
David Garske
4a167c0f2c Merge pull request #3119 from tmael/do178-fix 
DO-178 fix
 2020-08-05 16:30:00 -07:00
toddouska
a536e8acd6 Merge pull request #3187 from SparkiDev/config_fix_1 
Fixes for different configurations
 2020-08-03 16:41:50 -07:00
toddouska
bfb4b2079b Merge pull request #3163 from dgarske/nrf52 
Fixes for building against latest nRF52 SDK
 2020-08-03 16:33:49 -07:00
Sean Parkinson
d0969ea1ce Fixes for different configurations 
Fix SkipInt() to work with DSA.
Fix protection around SetBitString16Bit() - when WOLFSSL_CERT_GEN and
WOLFSSL_CERT_EXT defined is only use.
WOLFSSL_RSA_VERIFY_ONLY and PSS means testing of PSS won't work.
Fix g++ build around ASN1_SEQUENCE - const variable required to be
initialized.
 2020-08-03 14:55:09 +10:00
David Garske
776b1a2d17 Fix for ED25519 with user_settings.h. Fixes for build warnings. Fix spelling error. Added template for wolfBoot key/sign tools. 2020-07-31 15:17:53 -07:00
Tesfa Mael
4cc7f9e4a9 Check correct returned value 2020-07-30 09:18:45 -07:00
Chris Conlon
c6b4fa3be3 add selftest version for newer 4.1.0 validation 2020-07-29 15:10:47 -06:00
David Garske
9160a126e4 Fixes for running wolfCrypt test/benchmark with SECP256R1 disabled. Improved detection of ECC key generation size. 2020-07-28 11:43:48 -07:00
David Garske
25fcd082d7 Improve the mutex_test test with pthreads. Fixes #3109 2020-07-28 08:19:32 -07:00
David Garske
8417e0b725 Fixes for building against latest nRF52 SDK. Allow nRF5x AES GCM to be enabled (uses software, but ECB is accelerated). Fix in wolfCrypt test for building AES GSM only with NO_AES_DECRYPT. 2020-07-24 15:46:17 -07:00
toddouska
e84defb268 Merge pull request #3044 from dgarske/sniffer_tls13 
TLS v1.3 sniffer support
 2020-07-24 11:46:38 -07:00
David Garske
9268ae1397 Fix line length issues. Add debug msg in test to show number of non-blocking iterations. 
```
$ ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" --enable-debug && make
$ ./wolfcrypt/test/testwolfcrypt
...
ECC non-block sign: 18063 times
ECC non-block verify: 35759 times
ECC      test passed!
```
 2020-07-21 10:41:25 -07:00
David Garske
1b051d9c5b TLS v1.3 sniffer support: 
* Added TLS v1.3 sniffer support using static ephemeral key.
* Add support for using a static ephemeral DH and ECC keys with TLS v1.3 using `WOLFSSL_STATIC_EPHEMERAL`.
* Adds new API's `wolfSSL_CTX_set_ephemeral_key` and `wolfSSL_set_ephemeral_key`.
* Expanded TLS extension support in sniffer.
* Refactor of the handshake hashing code.
* Added parameter checking to the TLS v1.3 key derivations (protects use of "DoTls13Finished" if handshake resources have been free'd).
* Added support for loading DH keys via `wc_DhImportKeyPair` and `wc_DhExportKeyPair`, enabled with `WOLFSSL_DH_EXTRA`.
* Added sniffer documentation `sslSniffer/README.md`.
 2020-07-17 15:22:35 -07:00
David Garske
90ee12f51a Added test case for ECC non-blocking. ./configure --enable-ecc=nonblock --enable-sp=yes,nonblock CFLAGS="-DWOLFSSL_PUBLIC_MP" && make. 2020-07-17 15:13:50 -07:00
Tesfa Mael
890500c1b1 Fix Coverity 2020-07-08 08:20:43 -07:00
Takashi Kojo
fd257ee8b9 fix guard 2020-07-03 05:42:44 +09:00
David Garske
6b1a6309ce Fixes for CryptoCell. Fix for signature wrapper signing to allow larger signing input buffer. Cleanup of some duplicate code. Fix for bad cryptocell ECC make key result check (-9628). Fixes #3059. Thanks Sylwester. 2020-06-18 13:40:30 -07:00
toddouska
248b8c9b62 Merge pull request #3057 from kaleb-himes/FIPSv2_plus_OPENSSLALL 
Resolve issues with FIPSv2 when opensslall set
 2020-06-18 10:12:06 -07:00
kaleb-himes
e2fb4c55b8 Resolve issues with FIPSv2 when opensslall set 2020-06-17 14:03:02 -06:00