Commit Graph

553 Commits

Author SHA1 Message Date
John Safranek 50372b7033 Memory Callback
1. Allow SetAllocators to use NULL as a callback. Memory wrappers will use default with NULL.
2. Remove the ResetAllocators function. Use SetAllocators with NULL.
3. Modify memory tracker to save the old allocators on init and restore them on cleanup.
2018-07-31 09:30:03 -07:00
David Garske 0f86494161 * Added support for STM32L4 AES hardware crypto.
* Added reference PK callbacks functions for ECC sign, verify and shared secret used by TLS in `wolfcrypt/src/port/st/stsafe.c`.
* Fix for wolfcrypt_test to not require args to be provided.
* Fix for wolfCrypt `ecc_test_buffers` to poperly init ecc_key (resolves devId issue).
* Fix for STM32 AES CBC Decrypt with CubeMX, which was not capturing the first input block for next IV.
* Refactor to combine STM32 hardware init code.
2018-07-30 13:58:19 -07:00
toddouska 62cb69ded6 Merge pull request #1724 from dgarske/pemtoder
Added API's to expose alloc/free of DerBuffer and new unit tests
2018-07-30 13:50:19 -07:00
toddouska 335f467b8c Merge pull request #1714 from dgarske/pic32hashleak
Fixes for PIC32MZ hash memory leak
2018-07-30 13:48:59 -07:00
David Garske 0ef63048a0 Fix for new report in wc_BerToDer with uninitialized derSz. 2018-07-30 11:51:26 -07:00
Naruto TAKAHASHI 861fec1dc6 porting mynewt 2018-07-28 18:03:20 +09:00
David Garske efbabbfb29 Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using NO_PIC32MZ_HASH, NO_PIC32MZ_RNG and NO_PIC32MZ_CRYPT. 2018-07-26 14:41:30 -07:00
JacobBarthelmeh 74fbd06817 Merge pull request #1686 from cconlon/nucleus-update
Nucleus port and PB changes
2018-07-25 09:17:40 -06:00
kaleb-himes 887e3deee8 Move ForceZero test to api.c and turn on tests when inline disabled 2018-07-20 13:30:06 -06:00
kaleb-himes 027f18919a Resolving some unwanted dependencies 2018-07-20 11:54:36 -06:00
Chris Conlon f59fb0df8e add custom print to test.c for PB 2018-07-13 14:58:48 -06:00
Sean Parkinson 9281f30deb Fix for Curve25519 ASM
On rare occasions, multiplication and/or squaring result had top bit set
after overflow add - must to be reduced in that case.
2018-07-11 11:53:53 +10:00
toddouska f809a6a17b Merge pull request #1651 from dgarske/pkcs7_dynamic
Added PKCS7 dynamic allocation support
2018-07-02 16:26:03 -07:00
toddouska e17a16a45a Merge pull request #1600 from dgarske/lighttpd
Changes to support Lighttpd 1.4.49
2018-07-02 16:18:41 -07:00
John Safranek cf191a4d96 Fixed a memory leak in the wolfCrypt test for DH key generation. 2018-07-02 13:31:13 -07:00
David Garske 07401d909c Added support for dynamic allocation of PKCS7 structure using wc_PKCS7_New and wc_PKCS7_Free. Updated the test examples to use the dynamic method. Add API unit test for wc_PKCS7_New. 2018-06-29 15:04:28 -07:00
David Garske 66c2c65444 Changes to support Lighttpd 1.4.49:
* Fix for `wolfSSL_CTX_set_options` to work correctly when no certificate has been set for WOLFSSL_CTX, otherwise this operation fails with `Server missing certificate`.
* Fix for bad argument name `time`.
* Fix for `warning: type of bit-field`: Allowed types for bit-fields are int and unsigned int only.
* Exposed `ERR_remove_thread_state` and `SSL_CTX_set_tmp_ecdh` for lighttpd
* Renamed `WOLFSSL_ERR_remove_thread_state` to `wolfSSL_ERR_remove_thread_state` and setup old name macro.
* Add missing newline on asn1.h.
* Whitespace cleanup in ssl.c.
2018-06-27 19:44:34 -07:00
Chris Conlon d8086ded6a Merge pull request #1639 from ejohnstown/selftest-fixes
netbsd-selftest fix
2018-06-26 15:38:03 -06:00
toddouska d9b5948947 Merge pull request #1605 from dgarske/asyncfsanitize
Fixes for async to resolve runtime fsanitize issues
2018-06-26 14:27:07 -07:00
John Safranek 4151af4b4a A few new functions in AES-GCM and DH don't exist in the netbsd-selftest build of wolfSSL. Option them out of the wolfCrypt self-test. 2018-06-25 17:49:11 -07:00
John Safranek e6c7952f50 Merge master into fipsv2. Resolved a conflict in api.c. 2018-06-22 09:52:26 -07:00
David Garske 1cb5bbf8ea Fixes for some async issues. Fixes an async issue with BuildMessage. Fixes for PKCS7 tests to not use async since it is not supported. 2018-06-22 09:30:25 -07:00
David Garske 71606dde45 Fixes for a few wolfCrypt test memory leaks. Fix for HMAC with empty input not supported on QuickAssist. 2018-06-22 09:30:25 -07:00
toddouska d481a3fb92 Merge pull request #1625 from JacobBarthelmeh/Testing
memory management with test cases
2018-06-19 14:41:18 -07:00
toddouska 4e6a88caf9 Merge pull request #1626 from JacobBarthelmeh/UnitTests
fix for implicit declaration error
2018-06-18 15:30:06 -07:00
Jacob Barthelmeh bade35bd76 update return value 2018-06-15 16:25:09 -06:00
Jacob Barthelmeh 0f9063d2a9 fix for implicit declaration error 2018-06-15 16:14:22 -06:00
Jacob Barthelmeh a1295b3148 memory management with test cases 2018-06-15 15:43:42 -06:00
David Garske 7e5c41ca35 Fixes for some async issues in FIPSv2. 2018-06-11 12:41:15 -07:00
John Safranek 7e9a32fffd FIPS Revalidation
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
2018-06-06 12:43:15 -07:00
toddouska c43a84547a Merge pull request #1572 from dgarske/cryptodev
Added crypto device framework
2018-05-31 10:28:58 -07:00
Chris Conlon 5d99079603 fix HAVE_SELFTEST build for CAVP selftest 2018-05-30 11:08:18 -06:00
David Garske fc482235b0 Improved the CryptoDev test to include example callback with context. 2018-05-30 09:11:44 -07:00
Kaleb Himes cc58d3160f Merge pull request #1579 from C-Treff/Tenasys_Review
time 64bit, test update
2018-05-29 14:06:44 -07:00
C-Treff 5d693b263d removed more tabs 2018-05-24 09:56:54 +02:00
C-Treff 06e9354629 removed tabs 2018-05-24 09:48:18 +02:00
C-Treff 1d281ce515 replace memset by XMEMSET
replaced memset with XMEMSET as requested by @dgarske

INtime project files cleanup
2018-05-24 09:35:46 +02:00
Sean Parkinson 58f523beba Allow Ed25519 private-only keys to work in TLS
Change Ed25519 in TLS 1.2 to keep a copy of all the messages for
certificate verification - interop with OpenSSL.
2018-05-24 08:43:28 +10:00
C-Treff cd9f86d921 time 64bit, test update
64bit settings for time is mandatory for INtime. Changed the project file.

Test for ecc_test_buffers was unreliable, as the structs were not initialized befor usage.
2018-05-23 10:33:56 +02:00
Sean Parkinson 3bb4949e02 Improve coverage
Renumber errors in test.c to be unique.
Fix stack usage to work in --enable-distro --enable-stacksize builds.
2018-05-23 16:24:23 +10:00
David Garske 85511067e4 Added crypto device framework to handle PK RSA/ECC operations using callbacks. Adds new build option ./configure --enable-cryptodev or #define WOLF_CRYPTO_DEV. Added devId support to PKCS7. 2018-05-21 14:31:08 -07:00
Sean Parkinson d63da10c96 ForceZero - align 64-bit access on Intel 64-bit
Test added to ensure ForceZero works.
2018-05-18 10:38:21 +10:00
John Safranek 6a31f103aa Test Fixes
1. When building on VS, it didn't like using a variable for an array size. Fixed it so it was a constant.
2. In dh.c, there were a few #if that should have been #ifdef.
3. Tweaked a return value in the wolfCrypt test so it was read after being set.
2018-05-16 15:47:13 -04:00
John Safranek 12edf80e2b FIPS Revalidation
1. ForceZero the odd block when using RDSEED to seed the DRBG.
2. When using FIPSv2 and Intel_ASM speedups, force RDSEED failure flag.
3. Annotate the ecc key pair checking code with NIST process references.
4. Add function to pair-wise check the DH key.
5. Add optional "Q" values for the FFDHE canned parameters from RFC 7919.
6. Enabled the ECC key checks by default for FIPS.
7. Added DH private key check function.
8. Enabled the DH key checks by default for FIPS.
2018-05-16 15:47:13 -04:00
John Safranek 20d8a4a376 FIPS Revalidation
1. Added missing pair-wise consistency test for RSA keys.
Note: This function is not available to old FIPS and user RSA.
2018-05-16 15:47:13 -04:00
John Safranek 4f1dd3b9a7 Test Fixes
1. Update gitignore with some more VS outputs.
2. Update the Windows IDE user settings with FIPSv2 settings.
3. Remove redundant _InitHmac() function from ssl.c.
4. In wc_DhGenerateParams(), initialize the groupSz and bufSz to 0.
5. In wc_DhExportParamsRaw(), initialize pLen, qLen, and gLen to 0.
6. In wc_MakeRsaKey(), initialize isPrime to 0.
7. In ecc_test_make_pub(), initialize exportBuf and tmp to NULL and initialize the ECC key before any chance of trying to free it.
8. In fips_test.h header, update types.h include to use the wolfCrypt types rather than ctaocrypt types.
9. In fips_test.h header, change the visibility tags on all the function prototypes to use the WOLFSSL tags rather than CYASSL.
10. Change the wolfCrypt visibility tags to use CyaSSL's tags for old FIPS and the regular tags for new FIPS and non-FIPS builds.
2018-05-16 15:47:13 -04:00
John Safranek eea4d6da50 Test Fixes
1. Modify RSA-PSS to be able to sign and verify SHA-384 and SHA-512 hashes with 1024-bit RSA keys.
2018-05-16 15:47:12 -04:00
John Safranek 8fb3a0c078 FIPS Revalidation
1. Add a copy of the DSA parameter generation function to DH for use without DSA.
2018-05-16 15:47:12 -04:00
John Safranek 6796ab5f8c FIPS Revalidation
1. Bug fixes to AES-GCM. Separated out the internal and external IV set functions.
2018-05-16 15:47:12 -04:00
John Safranek 6d7599cf47 FIPS Revalidation
1. Add new APIs for AES-GCM so it can manage the IV per SP 800-38D.
2. Add new APIs for AES-CCM so it can manage the IV, similar to the behavior in AES-GCM.
3. Add new APIs for GMAC that use the new AES-GCM APIs.
2018-05-16 15:47:12 -04:00