1f1a173d56
Fix in SP C impl for small stack
...
Memset correct size and only when pointer is not NULL.
2020-01-08 08:57:20 +10:00
d257003341
Merge pull request #2711 from cconlon/copyright2020
...
update copyright to 2020
2020-01-07 08:40:15 -08:00
190623cbb2
Merge pull request #2705 from dgarske/atecc_leak
...
Fix for possible ECC memory leak when using ATECC and TLS
2020-01-07 08:39:39 -08:00
709d17904a
Merge pull request #2693 from SparkiDev/mp_rand
...
Improve speed of mp_rand
2020-01-07 08:39:11 -08:00
b7ac709617
Merge pull request #2692 from SparkiDev/rsa_gen_modinv
...
Add blinding of mod inverse to RSA key gen
2020-01-07 07:56:38 -08:00
56e57f3216
Refactor Poly1305 AEAD / MAC to reduce duplicate code. Tested with TLS v1.3 interop and AEAD test vectors.
2020-01-07 07:04:01 -08:00
0f0d307b76
Fix to avoid duplicate symbol for CheckRunTimeSettings when SP and TFM are built. Specifically with these build options: USE_FAST_MATH, WOLFSSL_SP and WOLFSSL_SP_MATH.
2020-01-07 05:43:59 -08:00
acfe9717f8
Fix for K64 MMCAU with WOLFSSL_SMALL_STACK_CACHE. Moved random test prior to cipher tests (was getting called first time in GMAC test).
2020-01-07 05:39:17 -08:00
914cd00e40
Merge pull request #2717 from SparkiDev/sp_cortexm_r7
...
Don't use r7 with Cortex-M SP assembly
2020-01-07 05:28:43 -08:00
e0ab92058b
Check CRL extension errors but don't require them
2020-01-07 11:55:07 +01:00
34a462b342
Don't use r7 with Cortex-M SP assembly
...
r7 not available when compiling Cortex-M4 in debug.
2020-01-07 12:53:34 +10:00
d68d5229e1
Refactor wc_ChaCha20Poly1305_Encrypt and wc_ChaCha20Poly1305_Decrypt to use the new ChaChaPoly_Aead context and init/update/final functions.
2020-01-06 17:07:09 -08:00
ce0475a8e0
Merge pull request #2689 from tmael/pkey_freeMutex
...
Free EVP ctx pkey
2020-01-06 23:15:00 +07:00
75637445ee
Improve speed of mp_rand
2020-01-06 09:39:29 +10:00
45c5a2d39c
update copyright to 2020
2020-01-03 15:06:03 -08:00
01c7cc6502
Fixes to avoid declaring any variables mid-function and always initializing.
2019-12-31 11:43:13 -08:00
784d95afbe
Improved state handling.
2019-12-31 10:34:06 -08:00
bff6dcec24
Added support for AAD calc only. Allows Init, UpdateAad and Final sequence. Verfied again with customer test cases.
2019-12-31 08:25:23 -08:00
f01999b322
Peer review feedback.
2019-12-31 08:08:33 -08:00
b901a2cd35
Use byte for bit-field. Line length cleanup.
2019-12-30 18:05:25 -08:00
f58a9e81e9
Cryptocell rsa improvements to sign/verify more digest types
2019-12-30 16:31:30 -08:00
1ee9d182cf
New API's for ChaCha20/Poly1305 AEAD init/update/final:
...
* Provides a context for AEAD to allow "chunked" updates of data then a final calculation for the authentication tag.
* New API's are on by default and can be disabled using NO_CHACHAPOLY_AEAD_IUF.
2019-12-30 15:20:55 -08:00
1bf6eb466f
CRL extensions are optional so ext errors should be skipped
2019-12-30 19:08:59 +01:00
f51d940e34
Fix for ECC memory leak when using ATECC and non SECP256R1 curves for sign, verify or shared secret. Fixes #2701 .
2019-12-30 08:35:30 -08:00
3b7b71c9e0
Merge pull request #2700 from JacobBarthelmeh/HardwareAcc
...
Hardware calls for DSP use
2019-12-27 13:58:43 -08:00
deac82c8ed
Merge pull request #2683 from dgarske/various_items
...
Various cleanups and fixes
2019-12-27 13:53:39 -08:00
95daec5326
Merge pull request #2633 from tmael/cc_310
...
Update Cryptocell readme
2019-12-27 12:58:19 -08:00
78fa84be00
Merge pull request #2649 from SparkiDev/rsa_pubonly
...
Fix RSA public key only builds
2019-12-27 12:55:34 -08:00
dd28f26c44
Merge pull request #2699 from JacobBarthelmeh/Testing
...
big endian changes
2019-12-27 12:52:30 -08:00
b83804cb9d
Correct misspellings and typos from codespell tool
2019-12-24 12:29:33 -06:00
ad9011a863
initial DSP build and success with Debug mode
...
build dps with ARM neon 64
fix for release mode build
add in threading protection and seperate out rng
added callback function and updates to README
update default handle to lock, and add finished handle call
cleanup after veiwing diff of changes
2019-12-23 14:17:58 -07:00
ca59bc2d16
big endian changes
2019-12-23 12:33:59 -07:00
99a7aff31e
Increment pkey references count
2019-12-20 22:38:54 -08:00
48e59eaeb1
Free EVP ctx pkey
2019-12-20 22:38:54 -08:00
9d94b48056
Add blinding of mod inverse to RSA key gen
2019-12-20 12:17:42 +10:00
45d55c8f38
Merge pull request #2676 from SparkiDev/sp_cortexm_perf
...
Improve Cortex-M RSA/DH assembly code performance
2019-12-19 15:03:59 -08:00
51f956490f
Merge pull request #2661 from SparkiDev/parse_cert_rel_fixes
...
Cleanup ParseCertRelative code
2019-12-19 11:03:56 -08:00
3342a19e29
Merge pull request #2578 from cariepointer/ZD-9478-and-9479
...
Add sanity checks for parameters in wc_scrypt and wc_Arc4SetKey
2019-12-19 10:59:05 -08:00
36f697c93d
Fix SP to build for different configurations
...
Was failing:
--enable-sp --enable-sp-math
--enable-sp --enable-sp-math --enable-smallstack
2019-12-19 15:15:19 +10:00
64a1045dc3
Cleanup ParseCertRelative code
...
Fix for case:
- can't find a signer for a certificate with the AKID
- find it by name
Has to error as the signer's SKID is always set for signer and would
have matched the AKID.
Simplify the path length code - don't look up CA twice.
Don't require the tsip_encRsaKeyIdx field in DecodedCert when
!WOLFSSL_RENESAS_TSIP - use local variable.
2019-12-19 08:53:24 +10:00
6922d7031c
Merge pull request #2685 from embhorn/coverity_fixes
...
Coverity fixes
2019-12-18 14:06:48 -08:00
0057eb16f8
Merge pull request #2686 from ejohnstown/crl-skid
...
Check name hash after matching AKID for CRL
2019-12-18 13:48:59 -08:00
573d045437
Merge pull request #2682 from SparkiDev/akid_name_check
...
Check name hash after matching AKID
2019-12-18 13:08:19 -08:00
52893877d7
Fixes from review
2019-12-18 13:25:25 -06:00
6c6d72e4d6
Find CRL Signer By AuthKeyId
...
When looking up the signer of the CRL by SKID/AKID, also verify that the
CRL issuer name matches the CA's subject name, per RFC 5280 section 4.1.2.6.
2019-12-18 10:17:51 -08:00
b89121236f
Merge pull request #2635 from dgarske/async_date
...
Fix for async date check issue
2019-12-18 09:34:08 -08:00
74a8fbcff4
Merge pull request #2666 from SparkiDev/b64_dec_fix
...
Bade64_Decode - check out length (malformed input)
2019-12-18 09:30:41 -08:00
c2e5991b50
Merge pull request #2681 from ejohnstown/crl-skid
...
Find CRL Signer By AuthKeyId
2019-12-18 09:29:17 -08:00
22f0b145d3
Various cleanups and fixes:
...
* Fix for key gen macro name in benchmark.c
* Fix for possible RSA fall-through warning.
* Fix for building `WOLFSSL_STM32_PKA` without `HAVE_ECC`.
* Added option to build RSA keygen without the DER to PEM using `WOLFSSL_NO_DER_TO_PEM`.
* Added options.h includes for test.c and benchmark.c.
* Added printf warning on the math size mismatch in test.c.
* Added support for benchmarking larger sizes.
* TLS benchmarks for HiFive unleashed.
2019-12-18 07:09:26 -08:00
c1218a541b
Check name hash after matching AKID
...
RFC 5280, Section 4.1.2.6:
If the subject is a CA (e.g., the basic constraints extension, as
discussed in Section 4.2.1.9, is present and the value of cA is TRUE),
then the subject field MUST be populated with a non-empty distinguished
name matching the contents of the issuer field (Section 4.1.2.4) in all
certificates issued by the subject CA.
The subject name must match - even when the AKID matches.
2019-12-18 17:57:48 +10:00
Sean Parkinson
toddouska
David Garske
Juliusz Sosinowicz
JacobBarthelmeh
Chris Conlon
Tesfa Mael
Eric Blankenhorn
John Safranek