Commit Graph

6261 Commits

Author SHA1 Message Date
Sean Parkinson 7cdf5c7956 SP Aarch64 ECC P256: mont reduce fix
For Montgomery Reduction of P256: Don't set x10 and x11 to words of mu
<< 32. x11 is needed later and there are plenty of registers.
2023-01-30 11:14:12 -08:00
David Garske 420f2f45c1 Merge pull request #6019 from SparkiDev/sp_arm64_cc
SP Aarch64: conditional changed in asm needs "cc"
2023-01-30 11:06:53 -08:00
András Fekete d72ea6101f Merge pull request #6027 from SparkiDev/sp_int_div_small
SP int: div small static code analysis change
2023-01-30 10:34:05 -05:00
Sean Parkinson 0e16d2919f Merge pull request #6022 from douzzer/20230127-fixes
20230127-fixes
2023-01-30 08:46:42 +10:00
Sean Parkinson 08afe6a404 SP int: div small static code analysis change
_sp_div_small: Make it explicit as possible that we only want the bottom
digit of the product subtracted from the bottom word of t. Top digit is
unnecessary and more cycles used if calculated.
2023-01-30 08:40:45 +10:00
David Garske 6e9d956a49 Merge pull request #6021 from kareem-wolfssl/zd15544
Fix for building with ASN template and `NO_ASN_TIME`
2023-01-27 18:19:19 -08:00
Daniel Pouzzner 687bbeb712 wolfcrypt/src/port/arm/armv8-aes.c: harmonize arg validation in aarch64-armasm wc_AesCcm{En,De}crypt() with aes.c -- tolerate null in/out iff inSz==0. 2023-01-27 16:32:13 -06:00
Chris Conlon f14c27f644 Fix SE050 RSA public key loading and RSA/ECC SE050 usage from TLS with WOLF_PRIVATE_KEY_ID 2023-01-27 14:28:47 -07:00
Kareem 4542eb0df1 Fix NO_ASN_TIME support for ASN template, also fix expired certificate unit tests with NO_ASN_TIME defined. 2023-01-27 12:39:53 -07:00
Sean Parkinson f61938a882 SP Aarch64: conditional changed in asm needs "cc"
Add "cc" to asm that changes the conditional flags.
2023-01-27 16:33:06 +10:00
David Garske 06509021ff Merge pull request #6013 from douzzer/20230125-various-fixes
20230125-various-fixes
2023-01-26 15:10:18 -08:00
David Garske 58c2fe1c40 Merge pull request #6011 from SparkiDev/xts_in_place_enc_fix
AES XTS: encrypt not handling in-place properly
2023-01-26 14:04:58 -08:00
Daniel Pouzzner f776371874 wolfcrypt/src/hpke.c: add PRIVATE_KEY_{UNLOCK,LOCK}() wrappers in wc_HpkeSealBase() and wc_HpkeOpenBase();
wolfcrypt/test/test.c: remove PRIVATE_KEY_{UNLOCK,LOCK}() wrappers from hpke_test_single(), and do a smallstack refactor.
2023-01-26 15:00:56 -06:00
Daniel Pouzzner 78cc2c5c3e wolfcrypt/src/port/af_alg/afalg_aes.c: in wc_AesCbc{En,De}crypt(), handle WOLFSSL_AES_CBC_LENGTH_CHECKS as in wolfcrypt/aes.c; in wc_AesGcm{En,De}crypt(), truncate ivSz to WC_SYSTEM_AESGCM_IV if necessary. 2023-01-25 23:36:01 -06:00
David Garske 7e1aecfe4c Merge pull request #6001 from SparkiDev/dsa_sign_sig_size
DSA sign: use mp_to_unsigned_bin_len
2023-01-25 11:59:27 -08:00
David Garske becedd41c9 Merge pull request #6000 from SparkiDev/dsa_force_zero
DSA: Don't force zero MPs on memory allocation failure
2023-01-25 11:59:13 -08:00
Sean Parkinson e9af0136b9 AES XTS: encrypt not handling in-place properly
Fix AES XTS in-place encrypt to work when ciphertext stealing.
2023-01-25 09:32:37 +10:00
Daniel Pouzzner b2c751a9ca wolfcrypt/src/asn.c: fix a maybe-uninitialized found by clang --enable-asn=template. 2023-01-24 14:00:22 -06:00
David Garske a21c3a3c89 Merge pull request #6005 from SparkiDev/ecc_fp_alloc_fail_oob_1
ECC FP_ECC: zeroize when value set
2023-01-24 07:57:53 -08:00
Sean Parkinson a5adfcd5ca ECC FP_ECC: zeroize when value set
accel_fp_mul was zeroizing an uninitialized MP - tk.
Add boolean, indicating to zeroize, that is set when a value is set.
2023-01-24 10:28:49 +10:00
Sean Parkinson e34027ec76 SP EC ASM: mod_mul_norm fix
Handle corner case of overflow in last 32-bit word.
2023-01-24 10:12:32 +10:00
Sean Parkinson 4592f1a5b4 EC scalar mult with SP Math: fix scalar length check
The support curves in SP all have an order length the same as modulus
length. The scalar cannot be larger than the order and so fix the check.
2023-01-24 09:23:19 +10:00
David Garske 4b8ab2550d Merge pull request #6004 from jpbland1/hpke-disable-harden
update hpke to not use rng with ecc when hardening is off
2023-01-23 15:09:30 -08:00
John Bland 44ca98f5b3 add missing NULL checks and remove rng pointer when not needed 2023-01-23 16:03:58 -05:00
David Garske a24a1c8530 Merge pull request #5924 from SparkiDev/ref_cnt_update
Ref count: change to use wolfSSL_Ref
2023-01-23 08:33:37 -08:00
John Bland a36276ca3a update hpke to not use rng with ecc when hardening is off 2023-01-23 11:27:23 -05:00
Sean Parkinson 53dfcd00e2 Ref count: change to use wolfSSL_Ref
Data structures changed:
WOLFSSL_CERT_MANAGER, WOLFSSL_CTX, WOLFSSL_SESSION, WOLFSSL_X509,
WOLFSSL_X509, WOLFSSL_EVP_PKEY, WOLFSSL_BIO, WOLFSSL_X509_STORE
2023-01-23 16:29:12 +10:00
Sean Parkinson 1c4e1f8871 SP DH Exp: check output length for minimum
For DH Exp function in SP, don't assume output length has the minimum
length.
2023-01-23 09:43:58 +10:00
Sean Parkinson 90e24d8ba5 DSA sign: use mp_to_unsigned_bin_len
mp_to_unsigned_len checks length and front pads with zeros.

Return MP_VAL when length is too small in all implemenations.
Make TFM implementation check length.
Add test case.
2023-01-23 09:14:24 +10:00
Sean Parkinson ffe302025e DSA: Don't force zero MPs on memory allocation failure
When memory allocation fails, the MPs are not initialized and force zero
is using invalid values.
2023-01-23 08:33:09 +10:00
Daniel Pouzzner aa776057ff fixes: shellcheck gripes on Docker/OpenWrt/runTests.sh; null pointer derefs and duplicate tests and assigns in src/tls.c and wolfcrypt/src/hpke.c found by cppcheck (nullPointerRedundantCheck, identicalInnerCondition, duplicateAssignExpression). 2023-01-21 00:51:57 -06:00
Daniel Pouzzner d711e4b9f8 Merge pull request #5995 from jpbland1/ech-no-recursion
stop ech from using a recursive function call
2023-01-20 23:47:22 -06:00
John Bland d14d29e32a stop ech from using a recursive function call
update bad return value for when retry_configs is returned, add locks around hkdf functions for private key use
2023-01-20 18:37:19 -05:00
tim-weller-wolfssl cf9b865e33 Update AES-GCM stream decryption setup to allow long IV values (already allowed by encryption APIs) 2023-01-20 20:35:39 +00:00
David Garske 8d89d4a168 Merge pull request #5927 from SparkiDev/sp_math_clz
SP math: use count leading zero instruction
2023-01-20 10:33:18 -08:00
Sean Parkinson 9adea94274 SP math: use count leading zero instruction
To speed up counting bits, use the instruction that counts leading zeros
in a word.

Fix _sp_div_3 to use registers with 0 in them for multiplication result.
2023-01-20 11:56:07 +10:00
David Garske cfe92aa330 Merge pull request #5983 from SparkiDev/sp_int_read_radix_neg
SP int negative: handle negative character properly with read radix
2023-01-19 17:51:07 -08:00
David Garske e72ec4e876 Merge pull request #5976 from SparkiDev/eccsi_hash_check
ECCSI: hash function must have output size as curve size
2023-01-19 17:50:44 -08:00
JacobBarthelmeh fc19aed8c8 Merge pull request #5623 from dgarske/hpke
Adds support for TLS v1.3 Encrypted Client Hello (ECH) and HPKE (Hybrid Public Key Encryption)
2023-01-19 10:03:28 -07:00
David Garske 6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
David Garske 41c35b1249 Fix line length and whitespace issues. Fix macro argument missing parentheses. 2023-01-18 11:10:19 -08:00
Sean Parkinson 11ea6a10e8 ECCSI: hash function must have output size as curve size 2023-01-18 03:54:17 +10:00
Sean Parkinson cdf2036454 SP int negative: handle negative character properly with read radix
SP int when compiled with negative was setting sign too early.
Get sign and set after absolute value read in.
2023-01-18 03:38:23 +10:00
Sean Parkinson b15bc3d236 Merge pull request #5977 from dgarske/kcapi_opensslextra
Fixes for building KCAPI with opensslextra enabled
2023-01-17 02:13:50 +10:00
David Garske 08a988f557 Merge pull request #5973 from philljj/zd15445
EVP_EncryptUpdate should update outl on empty input
2023-01-15 13:45:19 -08:00
jordan 4c35a22e0a Cleanup input checks. 2023-01-14 23:04:29 -06:00
David Garske acf761ea07 Merge pull request #5979 from SparkiDev/sp_int_arm_asm_cc
SP int ARM: Fix div word asm to indicate flags changed
2023-01-14 11:13:23 -08:00
David Garske bf3673c0b2 Merge pull request #5974 from SparkiDev/aessiv_uninit_aes
AES SIV: Allocate memory for AES as late as possbile
2023-01-14 11:13:09 -08:00
Sean Parkinson e6ef66a777 SP int ARM: Fix div word asm to indicate flags changed
"cc" needs to be set in assembly code as a modified register for div
word for ARM64 and ARM32.
2023-01-15 02:05:34 +10:00
David Garske fec4fe6095 Fixes for building KCAPI with opensslextra enabled. 2023-01-13 16:33:55 -08:00