e9187f5f00
Wycheproof fixes/changes
...
Allow Chachac20-Poly1305 to take an empty msg.
Allow AES-SIV to have an empty nonce.
Don't allow the length to be malleable. Must use the smallest number of
bytes to represent value.
ECDSA and DSA signature values are positive.
Add Sha512-224 and Sha512-256 OIDs.
ASN template - ensure the ECDSA/DSA signature uses all data.
Curve25519/Curve448 - WOLFSSL_ECDHX_SHARED_NOT_ZERO means shared secret
can't be 0.
Curve25519/Curve448 - check public value is less than order.
ECC - x or y may be zero but not both.
Ed25519/Ed448 - check S is less than order.
Ed448 - ge_p3_dbl can be simplified for ASM.
Prime check (integer.c/tfm.c/sp_int.c): Don't allow negative values and
make sure random candidate doesn't have bits higher than those in a set
when bits not a multiple of 8.
RSA: support Sha512-224 and Sha512-256.
RSA: Fix check for invalid in decryption. Affects plaintexts 256 bytes
and longer.
RSA: Don't allow base be larger than modulus.
RSA: Check small ciphertext (1 or 0) on decrypt when not using OAEP.
RSA: WOLFSSL_RSA_DECRYPT_TO_0_LEN allows decrypted value to be 0.
SP math all: fix div to handle large a and d when checking size of
remainder.
SP math all: set sign of result in sp_mod_2d()
2022-04-06 15:35:01 +10:00
a338b4c933
refactor SHA grew function, revert benchmark devid, increase SHA_CTX size, add AES ECB cryptocb test
2022-04-05 14:45:18 -07:00
4f5aa81031
Merge pull request #5000 from ejohnstown/tls13-wctest
...
Add TLSv1.3 KDF to wolfCrypt Test
2022-04-05 10:45:35 -07:00
6a3f98627e
Merge pull request #5013 from anhu/wc_CheckCertSigPubKey
...
Add new public API wc_CheckCertSigPubKey()
2022-04-05 09:48:08 -07:00
eefc0f2f57
Add TLSv1.3 KDF to wolfCrypt Test
...
Added a test for the TLSv1.3 KDF to the wolfcrypt test. It uses 6
different test cases from the CAVP tests. A set of 8 session keys are
generated using multiple exporters.
2022-04-05 08:56:15 -07:00
b2a2a8af4a
fix whitespace.
2022-04-05 08:09:48 -05:00
df9335ee0a
Merge pull request #4988 from tmael/sp_loop
...
Fixes for Diab C89 and armclang
2022-04-05 08:20:47 +10:00
8dd07bbb73
Merge pull request #5011 from dgarske/ecc_key_decode
...
Fix to check if `wc_EccPublicKeyToDer` has enough output buffer space
2022-04-05 08:03:03 +10:00
c3a9520eb5
Merge pull request #5016 from dgarske/async_fixes
...
Fixes for async in wolfCrypt test
2022-04-05 07:56:08 +10:00
f39bd5e02b
Merge pull request #5014 from dgarske/kcapi_ecc_import
2022-04-04 14:08:29 -07:00
9b5ad6f218
Merge pull request #4968 from miyazakh/cryptonly
...
add WOLF_CRYPTO_CB_ONLY_RSA and WOLF_CRYPTO_CB_ONLY_ECC
2022-04-04 08:31:41 -07:00
757c93c6d5
Merge pull request #4945 from kaleb-himes/ZD13795
...
Fix for ZD13795 and also remove all-caps parameter
2022-04-04 08:25:10 -07:00
8e4abb0011
addressed code review comment
2022-04-02 09:18:28 +09:00
ae3996fd0e
fix codebase for -Wvla -Wdeclaration-after-statement; fix some whitespace.
2022-04-01 14:44:10 -05:00
bd0e222fec
Merge pull request #5012 from julek-wolfssl/evp-enc-dec-block
...
Implement `EVP_EncodeBlock` and `EVP_DecodeBlock`
2022-04-01 12:24:23 -07:00
6ec0c22a28
Fixes for async in wolfCrypt test.
2022-04-01 12:04:31 -07:00
ded168f238
Add check for buffer space in wc_EccPublicKeyToDer. Refactor SetEccPublicKey to put public key directly into output buffer and eliminate small stack. Fixes ZD 13904.
2022-04-01 11:46:27 -07:00
9c572efa40
Disable the public key check in import private key for KCAPI. Fix type warning in KCAPI AES.
2022-04-01 11:27:17 -07:00
edea6428d9
Add new public API wc_CheckCertSigPubKey()
2022-04-01 11:40:25 -04:00
6dffa8a13d
Implement EVP_EncodeBlock and EVP_DecodeBlock
2022-04-01 13:29:40 +02:00
4db45cea4e
Fixes to build with diab and armclang
2022-03-31 20:48:28 -07:00
99af84f1e2
Whitespace cleanups.
2022-04-01 09:36:53 +09:00
d3a379adac
add WOLF_CRYPTO_CB_ONLY_RSA and WOLF_CRYPTO_CB_ONLY_ECC
2022-04-01 09:36:52 +09:00
b45cd921b6
Merge pull request #5005 from dgarske/renesas_spell
2022-03-31 17:44:04 -06:00
7b21cd8cf0
Merge pull request #5001 from dgarske/kcapi_ecc
...
KCAPI ECC/AES optimizations to further reduce page memory use
2022-04-01 08:36:23 +10:00
79444fdb56
Merge pull request #4997 from dgarske/qat_eckg
...
Support for Intel QuickAssist ECC KeyGen acceleration
2022-04-01 08:32:21 +10:00
61f6b5e29c
Peer review feedback.
2022-03-31 10:04:23 -07:00
064888bb2a
Add KCAPI ECC support for using a private key id.
2022-03-31 09:05:03 -07:00
f8007b2d8f
Further KCAPI AES/ECC memory optimizations. Adds KCAPI_USE_XMALLOC option for AES and ECC to reduce page memory use in certain KCAPI cases that allow it.
2022-03-31 08:58:22 -07:00
1993851274
Renesas spelling, code formatting and whitespace fixes.
2022-03-31 08:02:00 -07:00
1de5165dcc
KCAPI ECC optimization to further reduce page memory use.
2022-03-30 15:01:01 -07:00
c905c613e9
Support for Intel QuickAssist ECC KeyGen acceleration.
2022-03-30 13:07:47 -07:00
d9df00cdfb
Merge pull request #4994 from dgarske/kcapi
...
KCAPI ECC memory optimizations and KCAPI AES build fix
2022-03-30 11:50:39 +10:00
d10e72bc98
Fix for KCAPI AES with WOLFSSL_NO_KCAPI_AES_CBC.
2022-03-29 12:50:28 -07:00
8edf237f75
Merge pull request #4993 from SparkiDev/sakke_gen_table_tmp_size_fix
...
SP: fix number of temps alloced in sp_ecc_gen_table
2022-03-28 21:32:35 -05:00
194138f0b8
Merge pull request #4990 from dgarske/async_fix
...
Fixes for async ECC
2022-03-29 10:30:38 +10:00
f50514b228
SP: fix number of temps alloced in sp_ecc_gen_table
...
Ony affects SAKKE and as a result of point add changes.
2022-03-29 09:11:45 +10:00
1abcd4b035
Reduce KCAPI ECC page memory allocation sizes.
2022-03-28 15:40:07 -07:00
05f377011b
Fix for building with KCAPI AES enabled.
2022-03-28 15:05:58 -07:00
12349f39e6
Merge pull request #4974 from kareem-wolfssl/iotsafe
...
IOTSafe workarounds
2022-03-28 13:49:44 -07:00
5b0735cdb4
Fixes for async ECC broke in PR #4982 .
2022-03-28 11:29:33 -07:00
be938ed197
IoTSafe Workarounds: Address code review feedback.
2022-03-25 16:17:53 -07:00
25d5a624d2
Merge pull request #4975 from cconlon/smallStack
...
smallstack cleanup for OpenSSL Compatibility Functions
2022-03-25 17:06:59 -06:00
0ee01f08bc
Merge pull request #4984 from douzzer/20220325-multi-test-cleanup
...
20220325 multi-test fixes
2022-03-25 15:06:34 -07:00
3af3274dcd
Merge pull request #4982 from SparkiDev/sp_x64_improvements
...
SP ASM improvements
2022-03-25 13:04:01 -07:00
07f9ca60ac
Fix for async without threading. ./configure --enable-asynccrypt --enable-all CFLAGS="-DWC_NO_ASYNC_THREADING".
2022-03-25 12:43:04 -07:00
008c8509c6
multi-test fixes: whitespace in wolfcrypt/src/random.c and wolfcrypt/test/test.c, bugprone-macro-parentheses and -Wenum-compare in WS_RETURN_CODE() (wolfssl/ssl.h), and clang-analyzer-deadcode.DeadStores in api.c.
2022-03-25 13:26:41 -05:00
7eb95674ee
Merge pull request #4966 from dgarske/kcapi
...
Fixes for KCAPI AES GCM and ECC
2022-03-25 10:18:16 +10:00
fd66f6bcec
SP ASM improvements
...
Change Karatsuba implementations for x86_64.
Fix ECC code to better handle corner cases.
Add 'lower' versions of functions wehn an input is known to be less than m.
Add mont_add/dbl/tpl/sub for P384.
Change ECC point add to be cache-attack resistant.
Change mod_exp to be cache-attack resistant.
2022-03-25 10:04:25 +10:00
14522f25ff
Merge pull request #4904 from kaleb-himes/OE22_NS9210_FIX
...
Fix up random.h conflicts with cert 3389 releases and some NETOS issues
2022-03-24 16:07:23 -07:00
Sean Parkinson
JacobBarthelmeh
David Garske
John Safranek
Daniel Pouzzner
Hayden Roche
Hideki Miyazaki
Anthony Hu
Juliusz Sosinowicz
Tesfa Mael
Chris Conlon
Kareem