wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 15:12:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,383 Commits 12 Branches 184 Tags
83bfdb15940c3edd71250faa0e048b7f834002ba
Commit Graph

1735 Commits

Author SHA1 Message Date
David Garske
83bfdb1594 Fix for issue with unique hash types on ctoacrypt FIPS using different values than WC_HASH_TYPE_*. Add new API wc_HashTypeConvert to handle the conversion between enum wc_HashType and int. For FIPS it uses a switch() to convert and for non-FIPS it uses a simple cast. Changed the pwdbased_test to return actual ret instead of adding values (made it difficult to track down error location). 2018-04-11 09:30:30 -07:00
David Garske
3f3e332a3a Fix for evp.c statement will never be executed in wolfSSL_EVP_CIPHER_CTX_block_size. 2018-04-11 08:18:39 -07:00
David Garske
a38576146e * Added support for disabling PEM to DER functionality using WOLFSSL_PEM_TO_DER. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests. 
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
 2018-04-09 13:28:15 -07:00
David Garske
5a46bdf6f6 Added unit test for using encrypted keys with TLS. Only works with --enable-des3, since the keys are all encrypted with DES3 (also requires either --enable-opensslextra or --enable-enckeys). 2018-04-09 13:28:15 -07:00
David Garske
98c186017a Fixes for build failures. Added new WC_MAX_SYM_KEY_SIZE macro for helping determine max key size. Added enum for unique cipher types. Added CHACHA_MAX_KEY_SZ for ChaCha. 2018-04-09 13:28:15 -07:00
David Garske
2c72f72752 Fixes for FIPS, sniffer (w/o enc keys), scan-build issues and backwards compatability. 2018-04-09 13:28:15 -07:00
David Garske
1f00ea2115 Fixes for various build issues with type casting and unused functions. Moved mystrnstr to wc_port.c. Added some additional argument checks on pwdbased. 2018-04-09 13:28:15 -07:00
David Garske
6de8348918 Fixes for various build configurations. Added --enable-enckeys option to enable support for encrypted PEM private keys using password callback without having to use opensslextra. Moved ASN CryptKey function to wc_encrypt.c as wc_CryptKey. Fixup some missing heap args on XMALLOC/XFREE in asn.c. 2018-04-09 13:28:15 -07:00
David Garske
1315fad7dc Added ForceZero on the password buffer after done using it. 2018-04-09 13:28:15 -07:00
David Garske
3a8b08cdbf Fix to move the hashType out of EncryptedInfo. Fix for parsing "DEC-Info: ". Fix for determining when to set and get ivSz. 2018-04-09 13:28:15 -07:00
David Garske
c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
David Garske
264496567a Improvements to EncryptedInfo. Added build option WOLFSSL_ENCRYPTED_KEYS to indicate support for EncryptedInfo. Improvements to wc_PBKDF1 to support more hash types and the non-standard extra data option. 2018-04-09 13:28:15 -07:00
David Garske
f9e830bce7 First pass at changes to move PemToDer into asn.c. 2018-04-09 13:28:14 -07:00
toddouska
6090fb9020 Merge pull request #1483 from dgarske/winvs 
Fixes for unused `heap` warnings
 2018-04-06 09:01:49 -07:00
toddouska
e56209cee4 Merge pull request #1482 from dgarske/nourand 
Added new define `NO_DEV_URANDOM` to disable the use of `/dev/urandom`
 2018-04-06 09:00:37 -07:00
David Garske
bab62cc435 Added new define NO_DEV_URANDOM to disable the use of /dev/urandom. Added better named define WC_RNG_BLOCKING to indicate block w/sleep(0) is okay. 2018-04-05 09:34:43 -07:00
David Garske
ede006b3e1 Merge pull request #1479 from JacobBarthelmeh/HardwareAcc 
Fix PIC32 AES-CBC and add test case
 2018-04-05 09:15:08 -07:00
Jacob Barthelmeh
815219b589 fix pic32 AES-CBC and add test case 2018-04-04 16:09:11 -06:00
David Garske
a78c6ba4ea Fix for unused heap warnings. 2018-04-04 12:51:45 -07:00
toddouska
2deb977ecf Merge pull request #1473 from dgarske/pkcs7_norsa 
Enabled PKCS7 support without RSA
 2018-04-04 10:33:11 -07:00
toddouska
960d2ec031 Merge pull request #1471 from JacobBarthelmeh/Fuzzer 
sanity check on buffer read
 2018-04-04 10:31:55 -07:00
David Garske
c288d0815d Added support for building and using PKCS7 without RSA (assuming ECC is enabled). 2018-04-03 09:26:57 -07:00
David Garske
0c898f513d Nitrox V fixes and additions: 
* Added support for ECC, AES-GCM and HMAC (SHA-224 and SHA3).
* Fixes for Nitrox V with TLS.
* ECC refactor for so key based `r` and `s` apply only when building with `WOLFSSL_ASYNC_CRYPT`.
* ECC refactor for `e` and `signK` to use key based pointer for Nitrox V.
* Improved the Nitrox V HMAC to use start, update and final API's instead of caching updates.
* Fix for Intel QuickAssist with unsupported HMAC hash algos using `IntelQaHmacGetType` (such as SHA3).
* Added new API `wc_mp_to_bigint_sz` to zero pad unsigned bin.
* Fix for AES GCM to gate HW use based on IV len in aes.c and remove the gate in test.c.
* Implemented workaround to use software for AES GCM Nitrox V hardware and 13 byte AAD length for TLS.
* New debug option `WOLFSSL_NITROX_DEBUG` to add pending count.
 2018-04-03 09:14:20 -07:00
Jacob Barthelmeh
6a1013888f sanity check on buffer read 2018-04-02 14:30:58 -06:00
Takashi Kojo
1c0b84d47d openSSL compatibility, EVP_CipherUpdate, if(inlen == 0)return 1; 2018-04-01 12:13:18 +09:00
toddouska
504b13530e Merge pull request #1459 from cconlon/selftest_fixes 
Fix for wolfCrypt test and CAVP selftest build
 2018-03-27 13:27:28 -07:00
toddouska
9f231e0020 Merge pull request #1453 from dgarske/ecc508a_linux 
Support for building with `WOLFSSL_ATECC508A` on other targets
 2018-03-27 09:57:39 -07:00
Chris Conlon
021560035b fix unused var warning for extNameConsOid with IGNORE_NAME_CONSTRAINTS 2018-03-26 09:43:37 -06:00
Chris Conlon
c08f5b86cf Merge pull request #1444 from jrblixt/unitTest_api_addPkcs-PR03162018 
Unit test functions for PKCS#7.
 2018-03-23 10:00:33 -06:00
toddouska
aee6f4d0ca Merge pull request #1457 from dgarske/base16 
Base16/64 improvements
 2018-03-22 15:14:57 -07:00
toddouska
a92696edec Merge pull request #1454 from dgarske/noprivkey 
Support for not loading a private key when using `HAVE_PK_CALLBACKS`
 2018-03-22 12:47:22 -07:00
David Garske
3bf325290d Base16/64 improvements: 
* Add define `WOLFSSL_BASE16` to explicitly expose base16 support.
* Add `./configure --enable-base16` option (disabled by default in configure, but enabled in coding.h when required internally).
* Added base16 tests in test.c `base16_test`.
* Enabled base64 decode tests when `WOLFSSL_BASE64_ENCODE` is not defined.
 2018-03-22 10:36:56 -07:00
David Garske
0cff2f8b10 Replace use of PUB_KEY_SIZE (from CryptoAuthLib) with new ECC_MAX_CRYPTO_HW_PUBKEY_SIZE. 2018-03-22 09:45:27 -07:00
David Garske
8c4bfd825a Support for building the ATECC508A without WOLFSSL_ATMEL defined, which enables features specific to Atmel Studio Framework (ASF) and an embedded target. This allows for building with WOLFSSL_ATECC508A defined on other targets such as Linux. 2018-03-22 09:39:21 -07:00
toddouska
104f7a0170 Merge pull request #1451 from JacobBarthelmeh/Optimizations 
Adjust X509 small build and add more macro guards
 2018-03-21 15:15:27 -07:00
toddouska
f3d0879ed7 Merge pull request #1449 from dgarske/asn_nullterm 
ASN improvements for building header/footer in `wc_DerToPemEx`
 2018-03-21 15:13:46 -07:00
toddouska
2a356228be Merge pull request #1445 from SparkiDev/wpas_fix 
Fixes for wpa_supplicant
 2018-03-21 15:11:43 -07:00
David Garske
dbb34126f6 * Added support for not loading a private key for server or client when HAVE_PK_CALLBACK is defined and the private PK callback is set. Tested with all cipher suites, TLS 1.2/1.3, client/server certs, RSA/ECC/ED25519. 
* Added PK callback context tests for client/server examples (`SetupPkCallbackContexts`).
* Added new test define for `TEST_PK_PRIVKEY` to allows simulating hardware based private key.
* Added new test.h function for loading PEM key file and converting to DER (`load_key_file`).
* Added way to get private key signature size (`GetPrivateKeySigSize`).
* Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
* Added inline comments to help track down handshake message types.
* Cleanup of RSS PSS terminating byte (0xbc) to use enum value.
* Fixed bug with PK callback for `myEccVerify` public key format.
* Fixed bug with PK callback for ED25519 verify key buffer in DoServerKeyExchange.
 2018-03-21 11:27:08 -07:00
Jacob Barthelmeh
90f97f4a5a fix for unused variable 2018-03-21 09:16:43 -06:00
Jacob Barthelmeh
0aa3b5fa0e macros for conditionally compiling code 2018-03-21 00:09:29 -06:00
Jacob Barthelmeh
087df8f1cd more macro guards to reduce size 2018-03-20 17:15:16 -06:00
Jacob Barthelmeh
4d65e4cc1e add WOLFSSL_NO_DH186 macro to optionally compile out DH186 function 2018-03-20 15:31:20 -06:00
Jacob Barthelmeh
df6ea54cd5 add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build 2018-03-20 15:06:35 -06:00
David Garske
764aec071c Further improvement to the null termination and newline logic in wc_DerToPemEx. 2018-03-19 22:58:18 -07:00
David Garske
59aa893260 Cleanup ECC point import/export code. Added new API wc_ecc_import_unsigned to allow importing public x/y and optional private as unsigned char. Cleanup wc_ecc_sign_hash to move the hardware crypto code into a separate function. Added missing tests for wc_ecc_export_public_raw, wc_ecc_export_private_raw and new test for wc_ecc_import_unsigned. 2018-03-19 13:28:57 -07:00
toddouska
1040cf9caa Merge pull request #1437 from dgarske/eccrsrawtosig 
Added new ECC API `wc_ecc_rs_raw_to_sig`
 2018-03-19 09:12:39 -07:00
toddouska
7ce2efd572 Merge pull request #1431 from JacobBarthelmeh/Optimizations 
more aes macro key size guards
 2018-03-19 09:07:05 -07:00
Sean Parkinson
b325e0ff91 Fixes for wpa_supplicant 2018-03-19 11:46:38 +10:00
John Safranek
465f1d491f Merge pull request #1443 from cconlon/dhagree 
check z against 1 in wc_DhAgree()
 2018-03-17 20:15:31 -07:00
David Garske
250cd3b7eb Merge pull request #1433 from SparkiDev/sp_size 
Fix size on Intel and improve 32-bit C code performance
 2018-03-16 17:05:46 -07:00