wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 15:12:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,617 Commits 12 Branches 184 Tags
7b3fc558ec33901f23f4600fc861d9674feff618
Commit Graph

649 Commits

Author SHA1 Message Date
toddouska
7b3fc558ec add WC_NO_CACHE_RESISTANT option for old code path 2016-09-13 16:45:15 -07:00
John Safranek
b77c350153 Merge pull request #547 from toddouska/mathca 
Remove timing resistant cache key bit monitor leaks
 2016-09-13 14:34:23 -07:00
toddouska
05d78dc2ce Merge pull request #544 from cconlon/rsafix 
include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys
 2016-09-13 11:24:03 -07:00
toddouska
46a0ee8e69 switch ecc timising resistant mulmod double to use temp instead of leaking key bit to cache monitor 2016-09-13 11:10:10 -07:00
John Safranek
0477d5379e Merge pull request #546 from toddouska/aesca 
AES T table cache preload.
 2016-09-13 11:05:28 -07:00
toddouska
6ef9e79ff5 switch timing resistant exptmod to use temp for square instead of leaking key bit to cache monitor 2016-09-13 09:13:39 -07:00
toddouska
6ae1a14c9f do aes cache line stride by bytes, not word32s 2016-09-12 21:09:08 -07:00
toddouska
c6256211d6 compress aes last round decrypt table, prefetch Td tables before aes decrypt rounds, prefecth compressed table before last round 2016-09-12 13:04:30 -07:00
toddouska
97a64bcc7c remove unique aes last round Te table, pre fetch Te tables during software aes encrypt 2016-09-12 12:03:37 -07:00
Chris Conlon
a149d83bff include MAX_RSA_INT_SZ in wc_RsaKeyToPublicDer(), for 4096-bit keys 2016-09-09 16:11:56 -06:00
toddouska
fc54c53f38 Merge pull request #543 from JacobBarthelmeh/ARMv8 
ARMv8 : increase performance with SHA256
 2016-09-09 10:23:44 -07:00
Jacob Barthelmeh
3ec66dd662 ARMv8 : sanity checks and change constraint type 2016-09-09 00:27:40 +00:00
Jacob Barthelmeh
f4e604dec3 verify case with unexpected input 2016-09-08 15:32:09 -06:00
Jacob Barthelmeh
79af4d30e0 ARMv8 : increase performance with SHA256 2016-09-08 18:00:24 +00:00
toddouska
baebec4ca4 Merge pull request #538 from JacobBarthelmeh/ARMv8 
initial ARMv8 instructions
 2016-09-07 09:20:14 -07:00
Jacob Barthelmeh
09b29cb1d4 ARMv8 AES: remove extra memcpy during encrypt/decrypt 2016-09-02 22:55:17 +00:00
Jacob Barthelmeh
41912b92c6 initial ARMv8 instructions 2016-09-01 18:10:06 +00:00
John Safranek
963b9d4c4d OCSP Fixes 
1. When using Cert Manager OCSP lookup, the issuer key hash wasn't
being set correctly. This could lead to unknown responses from lookup.
2. Default OCSP lookup callback could get blocked waiting for server
to close socket.
 2016-09-01 09:58:34 -07:00
Chris Conlon
a0b02236b8 Merge pull request #527 from danielinux/master 
Support for Frosted OS
 2016-08-31 10:07:25 -06:00
David Garske
2ecd80ce23 Added support for static memory with wolfCrypt. Adds new "wc_LoadStaticMemory" function and moves "wolfSSL_init_memory_heap" into wolfCrypt layer. Enhanced wolfCrypt test and benchmark to use the static memory tool if enabled. Added support for static memory with "WOLFSSL_DEBUG_MEMORY" defined. Fixed issue with have-iopool and XMALLOC/XFREE. Added check to prevent using WOLFSSL_STATIC_MEMORY with HAVE_IO_POOL, XMALLOC_USER or NO_WOLFSSL_MEMORY defined. 2016-08-29 10:38:06 -07:00
toddouska
bd312cb766 Merge pull request #533 from dgarske/dg_fixes 
Fixes for HMAC/small stack heap and disable RSA warnings
 2016-08-26 14:30:55 -07:00
David Garske
bf23b2f9d1 Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup. 2016-08-26 12:35:47 -07:00
David Garske
925e5e3484 Fixes typo issue with heap in hmac and small stack enabled. Fixed "never read" scan-build warnings with typeH and verify when RSA is disabled. 2016-08-26 10:33:01 -07:00
David Garske
a9278fe492 Added check for GetLength result in asn GetIntRsa function. Fixed return code in random.c for "wolfAsync_DevCtxInit" due to copy/paste error. Added RSA wc_RsaCleanup to make sure allocated tmp buffer is always free'd. Eliminated invalid RSA key type checks and "RSA_CHECK_KEYTYPE". 2016-08-23 11:31:15 -07:00
Daniele Lacamera
3d3f8c9dd3 Support for Frosted OS 2016-08-18 14:56:14 +02:00
David Garske
3e6be9bf2c Fix in "wc_InitRsaKey_ex" for normal math so mp_init isn't called to defer allocation. 2016-08-15 14:07:16 -06:00
David Garske
17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
Jacob Barthelmeh
b502d9dcf7 help static analysis tools 2016-08-10 14:23:27 -06:00
David Garske
317a7f2662 Change misc.c error to warning and exclude the misc.c code from being compiled. Most people include all .c files and by default inlining is allowed, which in turn causes an #error in misc.c and it must be excluded. Since we know its already been properly included there is no reason to throw error here. Instead, show warning and exclude code in .c file. 2016-08-08 13:13:59 -07:00
toddouska
49fb0d56b0 Merge pull request #516 from dgarske/fix_asn_wo_hmac 
Fix build issue with ASN enabled and no HMAC
 2016-08-06 10:07:00 -07:00
toddouska
c8cfe1ffa1 Merge pull request #511 from dgarske/openssl_compat_fixes 
Various improvements to support openssl compatibility
 2016-08-06 09:59:31 -07:00
toddouska
dd03af2cf4 Merge pull request #512 from dgarske/fix_crl_pad 
Fixed issue with CRL check and zero pad
 2016-08-06 09:56:59 -07:00
dgarske
cc462e2c50 Merge pull request #513 from kojo1/Der2Pem 
Adds "wc_DerToPem" CRL_TYPE support
 2016-08-05 14:35:15 -07:00
David Garske
d8c63b8e66 Various improvements to support openssl compatibility. 
* Fixed bug with "wolfSSL_get_cipher_name_internal" for loop using incorrect max length for "cipher_name_idx" (this caused fault when library built with NO_ERROR_STRINGS and calling it).
* Adds new "GetCipherNameInternal" function to get cipher name using internal "cipherSuite" index only (for scenario where WOLFSSL object does not exist).
* Implements API's for "wolf_OBJ_nid2sn" and "wolf_OBJ_sn2nid". Uses the ecc.c "ecc_sets" table to locate NID (ECC ID and NID are same).
* Added "WOLFSSL*" to HandShakeInfo.
* Allowed "SetName" to be exposed.
* Added "wolfSSL_X509_load_certificate_buffer". Refactor "wolfSSL_X509_load_certificate_file" to use new function (no duplicate code).
 2016-08-05 14:15:47 -07:00
David Garske
6b1ff8e9d7 Only try and return serial number or check padding if the serial number size is greater than 1. 2016-08-05 12:53:26 -07:00
David Garske
a17bc2a42e Fix build issue with ASN enabled and no HMAC (missing MAX_DIGEST_SIZE). Switch to using WC_MAX_DIGEST_SIZE from hash.h, which is always available. Added small stack option for digest in MakeSignature. Fixed build error with unused "testVerifyCount" if "NO_ECC_SIGN" or "NO_ECC_VERIFY". 2016-08-05 12:19:30 -07:00
David Garske
96da2df7ec Additional max index and serial number size checks in "GetSerialNumber". 2016-08-03 17:04:44 -07:00
David Garske
2c1309ffc7 Fixes for warnings when cross-compiling with GCC ARM. 2016-08-03 16:53:53 -07:00
Takashi Kojo
ed4cd2438f CRL_Type to wc_DerToPem 2016-08-03 10:53:54 +09:00
David Garske
9ddfe93c43 Fixed issue with CRL check and zero pad (the GetRevoked function was not trimming pad). Added new ASN "GetSerialNumber" function and implemented it in three places in asn.c. 2016-08-02 16:47:21 -07:00
JacobBarthelmeh
dcc0f87ce6 Merge pull request #506 from toddouska/del_point 
fix remaining non fpecc ecc_del_point w/o heap
 2016-07-27 18:54:46 -06:00
dgarske
303561c1a1 Merge pull request #505 from toddouska/timing 
fix scan-build warning on ecc memory alloc failure
 2016-07-27 15:52:01 -07:00
toddouska
a94f34c8e2 fix remaining non fpecc ecc_del_point w/o heap 2016-07-27 14:24:34 -07:00
toddouska
7cf0b8fe85 fix scan-build warning on ecc memory alloc failure 2016-07-27 11:20:08 -07:00
David Garske
b0e72dd692 Fix for "OID Check Failed". This restores behavior to what it was prior to commit "7a1acc7". If an OID is not known internally skip the verify and return success and the OID sum. 2016-07-27 10:39:42 -07:00
John Safranek
993838153e Merge pull request #487 from moisesguimaraes/fix-ocspstapling-getca 
fixes ocsp signer lookup in the cert manager.
 2016-07-26 12:42:47 -07:00
David Garske
c80f1805f0 Fix for failing OID check with "ocspstapling2" enabled. Found OID type in "ToTraditional" that should be keyType, not sigType. Added optional OID decode function and optional OID info dump in "GetObjectId" (both off by default). 2016-07-26 10:35:40 -07:00
Jacob Barthelmeh
e8f7d78fc4 add helper functions for choosing static buffer size 2016-07-21 12:11:15 -06:00
toddouska
1b980867d6 fix rsablind other builds 2016-07-20 11:35:57 -07:00
David Garske
5e2502fa95 ECC without Shamir has issues testing all zero's digest, so disable this test if not using Shamir method. Fixed comment about "NO_ECC_SECP". 2016-07-19 14:34:32 -07:00