wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 00:49:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,951 Commits 12 Branches 184 Tags
951eb72ecb90efe4cfecf9f20a950a364005a43e
Commit Graph

1283 Commits

Author SHA1 Message Date
David Garske
9d137668c7 Merge pull request #4675 from julek-wolfssl/openssh-8.8 
Fix macro name conflicts with openssh
 2021-12-22 08:31:36 -08:00
Juliusz Sosinowicz
8435eb4644 Add WC_ namespace to variable handling defines 2021-12-22 12:16:02 +01:00
Juliusz Sosinowicz
dd9b1afb72 Remove magic numbers from WOLFSSL_ASN_TEMPLATE code (#4582) 
* pkcs8KeyASN and other misc asn fixes

- Test fixes for testing with `USE_CERT_BUFFERS_1024`

* intASN

* bitStringASN

* objectIdASN

* algoIdASN

* rsaKeyASN

* pbes2ParamsASN

* pbes1ParamsASN

* pkcs8DecASN

* p8EncPbes1ASN

* rsaPublicKeyASN

* dhParamASN

* dhKeyPkcs8ASN

* dsaKeyASN

* dsaPubKeyASN

- Add `wc_SetDsaPublicKey` without header testing

* dsaKeyOctASN

* rsaCertKeyASN

* eccCertKeyASN

* rdnASN

* certNameASN

* digestInfoASN

* otherNameASN

* altNameASN

* basicConsASN

* crlDistASN

* accessDescASN

* authKeyIdASN

* keyUsageASN

* keyPurposeIdASN

* subTreeASN

* nameConstraintsASN

* policyInfoASN

* certExtHdrASN

* certExtASN

* x509CertASN

* reqAttrASN

* strAttrASN

* certReqASN

* eccPublicKeyASN

* edPubKeyASN

* ekuASN

* nameASN

* certExtsASN

* sigASN

* certReqBodyASN_IDX_EXT_BODY

* dsaSigASN

* eccSpecifiedASN

* eccKeyASN

* edKeyASN

* singleResponseASN

* respExtHdrASN

* ocspRespDataASN

* ocspBasicRespASN

* ocspResponseASN

* ocspNonceExtASN

* ocspRequestASN

* revokedASN

* crlASN

* pivASN

* pivCertASN

* dateASN

* `wc_SetDsaPublicKey` was not including `y` in the sequence length

* All index names changed to uppercase

* Shorten names in comments

* Make sure extensions have sequence header when in cert gen

* Fix/refactor size calc in `SetNameEx`

* Pad blocks for encryption

* Add casting for increased enum portability

* Use stack for small ASN types
 2021-12-22 11:28:01 +10:00
David Garske
360a513696 Merge pull request #4553 from SparkiDev/sp_mont_inv_order_fix 
SP: fix when mont_mul_order is defined
 2021-12-20 15:09:08 -08:00
David Garske
ce4f436d0f Merge pull request #4587 from SparkiDev/dis_algs_fix_1 
Disable algorithms: fixes
 2021-12-19 20:12:30 -08:00
Chris Conlon
5172130287 add wc_GetPubKeyDerFromCert(), get pub key DER from DecodedCert 2021-12-15 11:04:52 -07:00
Daniel Pouzzner
355b779a3e feature gating tweaks to better support --disable-rsa --disable-dh --disable-dsa. also a whitespace fix in ssl.c. 2021-12-11 14:08:04 -06:00
Sean Parkinson
6da0cc1ced Merge pull request #4600 from dgarske/cust_oid 
Support for Custom OID in subject and CSR request extension
 2021-12-09 11:24:30 +10:00
Daniele Lacamera
baee7bace4 Merge pull request #4584 from ethanlooney/nxp_se050_curve25519 
Added curve25519 support for NXP SE050
 2021-12-02 02:47:36 -08:00
David Garske
9f611e8b80 Merge pull request #4589 from JacobBarthelmeh/native-lwip 
Native LwIP support update
 2021-12-01 10:37:13 -08:00
JacobBarthelmeh
43ac0d3684 adjust test file for pritnf and test_pass 2021-11-30 16:41:02 -07:00
Daniel Pouzzner
a33ae21801 whitespace cleanups and portability/pedantic fixes 2021-11-29 23:58:39 -06:00
Chris Conlon
7221e06ff7 Merge pull request #4588 from miyazakh/sce_protect_mode_e2studio 2021-11-29 15:32:48 -07:00
Hideki Miyazaki
fb4e39f00a addressed review comments prt1 2021-11-26 16:03:42 +09:00
Tesfa Mael
b2c0bacb06 Fix Cryptocell ecc 2021-11-24 19:22:40 -08:00
David Garske
7396a0cb3a Resolves all peer review comments. Fixes to get Curve25519 working on real hardware. Regression testing fixes for ECC. 2021-11-23 15:03:53 -08:00
David Garske
7524ededd3 Support for Custom OID in subject and CSR request extension: 
* Adds new build option `WOLFSSL_CUSTOM_OID` for supplying a custom OID in a CSR
* Fixes in ASN template CSR generation.
* Fix to allow calling `wc_Ed25519PublicKeyToDer` and `wc_Ed448PublicKeyToDer` with NULL output buffer to get length only.
* Refactor of the certificate subject name encoding.
* Refactor of the OID's to consolidate.
* Improvements to the Domain Component API unit test.
ZD 12943
 2021-11-23 09:51:13 -08:00
Sean Parkinson
5a72fee3df Disable algorithms: fixes 
WOLFSSL_PUBLIC_MP and disable algorithms didn't work because of api.c.
 - mp_cond_copy not available unless ECC compiled in
 - wc_export_int not available unless ECC compiled in
Enabling only DH and using SP with SP Math didn't work as the DH
parameters were too small.
sp_cmp is needed when only DH.
mp_set_int is was not available in SP math when RSA is not defined.
mp_set is close enough for the use cases.
Configure with SP and SP math but not RSA, DH and ECC didn't configure -
now default to small maths.
 2021-11-19 16:56:33 +10:00
JacobBarthelmeh
7e2fab6f4a warning with keil build and native lwip want read case 2021-11-18 22:58:50 -07:00
Hideki Miyazaki
f50fcd918e support Renesas RA SCE protect mode on RA6M4 evaluation board 2021-11-19 14:22:16 +09:00
Sean Parkinson
33a6b8c779 Merge pull request #4531 from dgarske/cryptocb_aesccm 
Added crypto callback support for AES CCM
 2021-11-16 22:45:11 +10:00
David Garske
1559e92dca Add crypto callback AES CCM test case. 2021-11-15 16:22:10 -08:00
David Garske
a626a4fb02 Fixes for spelling errors. 2021-11-12 10:27:49 -08:00
Sean Parkinson
341bd7bbbc mp_test: when SP_INT_DIGITS is even calc was wrong 2021-11-10 09:33:14 +10:00
Sean Parkinson
ff3179012d SP: fix when mont_mul_order is defined 
Customer configuration that failed:
./configure --enable-cryptonly --enable-ecc --enable-sp=yes,asm
--disable-rsa --disable-dh --disable-sha3 --disable-sha224 --disable-md5
--disable-sha --disable-pkcs12 --disable-memory --disable-chacha
--disable-poly1305 --disable-sha512 --disable-sha384 --disable-aesgcm
--disable-aescbc --disable-aes --disable-rng CFLAGS="-DNO_SIG_WRAPPER
-DWOLFSSL_PUBLIC_MP -DECC_USER_CURVES -DNO_ECC_SIGN -DNO_ECC_DHE
-DNO_ECC_KEY_EXPORT"
 2021-11-09 17:50:21 +10:00
Daniel Pouzzner
03d5c4e6d3 test.c: fix whitespace. 2021-11-08 18:24:42 -06:00
Daniel Pouzzner
95bed1cdfd test.c: smallstack refactors for idea_test(), ed448_test(), and verifyBundle() (fixes various error-dependent leaks too). 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
f8565f26e2 fixes for --disable-harden. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
27d4bb304c test.c add smallstack refactor of pkcs7enveloped_run_vectors(). 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
26cc534dd2 wolfcrypt/test/test.c: fix memory leaks in pkcs7signed_run_[SingleShot]Vectors() added in smallstack refactor. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
8b3048a0ea wolfcrypt/test/test.c: smallstack refactors for pkcs7authenveloped_run_vectors(), pkcs7signed_run_vectors(), and pkcs7signed_run_SingleShotVectors(); typographic&whitespace cleanup. 2021-11-08 17:35:10 -06:00
Daniel Pouzzner
8f121e7752 file modes: clear inappropriate executable bits. 2021-11-08 17:28:11 -06:00
Sean Parkinson
dd833807d8 Merge pull request #4523 from dgarske/nxp_se050_fixes 
Fixes for NXP SE050 ECC create and key store id
 2021-11-09 08:56:03 +10:00
David Garske
5a4577eb6c Merge pull request #4541 from SparkiDev/mp_hexchar_asm 
SP, TFM: fixes
 2021-11-08 14:49:02 -08:00
Sean Parkinson
dc911b94e7 SP, TFM: fixes 
HexCharToByte must be cast to a signed char as a char is unsigned on
some platforms.
Redefine the __asm__ and __volatile__ for ICC and KEIL in sp_int.c
mp_test: don't use large bit lengths if unsupported.
 2021-11-05 11:49:24 +10:00
David Garske
d8faa22194 Fix for ecc_def_curve_test test changes. 2021-11-04 11:54:09 -07:00
Kareem
60a86157c7 Fix building with NO_ECC_KEY_EXPORT. 2021-11-03 16:03:26 -07:00
David Garske
b84edb5c67 Fixes for NXP SE050 testing with hardware. 2021-11-03 12:47:07 -07:00
David Garske
8a8a6cf17f Merge pull request #4515 from kareem-wolfssl/zd13006 
wc_scrypt: Check for underflow in blocksSz calculation.
 2021-10-29 08:23:37 -07:00
Kareem
39c9fa96bc wc_scrypt: Code review feedback. 2021-10-28 15:02:53 -07:00
Juliusz Sosinowicz
c162196b27 Add x509 name attributes and extensions to DER parsing and generation 
- Postal Code
- Street Address
- External Key Usage
- Netscape Certificate Type
- CRL Distribution Points
- Storing full Authority Key Identifier information
- Add new certificates to `certs/test` for testing
- Update WOLFSSL_ASN_TEMPLATE to match new features
 2021-10-28 14:50:53 +02:00
John Safranek
75df6508e6 Add a read enable for private keys when in FIPS mode. 2021-10-26 20:24:29 -05:00
Daniel Pouzzner
85a8c06062 linuxkm: add DEBUG_VECTOR_REGISTER_ACCESS (debug feature switch), ASSERT_SAVED_VECTOR_REGISTERS, and ASSERT_RESTORED_VECTOR_REGISTERS macros, and move the fallback no-op definitions of the SAVE_VECTOR_REGISTERS and RESTORE_VECTOR_REGISTERS to types.h. also fixed several ASCII TAB characters in types.h. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
31f13a7f41 wolfcrypt/test/test.c: when HAVE_FIPS, wrap wc_MakeRsaKey() calls in infinite iteration while ret == PRIME_GEN_E, to inhibit nondeterministic failure mode from FIPS-limited _CheckProbablePrime() iteration. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
c0778e5ad9 gate access to wc_Sha512.devId on !NO_SHA2_CRYPTO_CB. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
0f407b4bfc test.c: fix indirection flubs in _ASYNC_CRYPT parts of ecc_test_sign_vectors(). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
b77000bcfb add smallstack codepath to ecc_test_sign_vectors(), and add missing rc2.h include to linuxkm/module_exports.c.template. 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
67db7b7f32 fixes for issues identified by Jenkins run: 
Makefile.am: clean .build_params file;

ecc.c: fix misplaced gat #endif in wc_ecc_shared_secret_gen_sync();

move AM_CFLAGS+=-include /.build_params to before AC_SUBST([]AM_CFLAGS);

fix new unused-label defect in wc_ecc_shared_secret_gen_sync();

fix integer.[ch] mp_exch() to return int not void (sp_exch() and TFM mp_exch() can both fail on allocations);

fix NO_INLINE ForceZero() prototype;

ecc.c: add missing if (err == MP_OKAY) in build_lut();

wolfcrypt/test/test.c: revert "rename hkdf_test to wc_hkdf_test to eliminate namespace collision", restoring unconditional static qualifier, to fix crash at return from main() on Xilinx Zynq ARM test;

ecc.c: refactor build_lut() flow control to fix uninited variable scenario found by scan-build;

WOLFCRYPT_ONLY and OPENSSL_EXTRA: fix gating to allow successful build with --enable-all-crypto, and add configure error if crypt-only and opensslall are combined.
 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
87578262aa wolfcrypt smallstack refactors: 
rsa.c: wc_CompareDiffPQ()

dh.c: wc_DhGenerateParams()

dsa.c: wc_MakeDsaKey() wc_MakeDsaParameters()

srp.c: wc_SrpGetVerifier() wc_SrpSetPrivate() wc_SrpGetPublic()

ecc.c: build_lut() wc_ecc_mulmod_ex() wc_ecc_mulmod_ex2() wc_ecc_shared_secret_gen_sync()

test.c: GenerateNextP() dh_generate_test() GenerateP()
 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
2bf711341b wolfcrypt/test/test.c: use HAVE_FIPS_VERSION, not FIPS_VERSION. 2021-10-26 20:24:26 -05:00