Commit Graph

7335 Commits

Author SHA1 Message Date
toddouska 960d2ec031 Merge pull request #1471 from JacobBarthelmeh/Fuzzer
sanity check on buffer read
2018-04-04 10:31:55 -07:00
toddouska 1196a3b64d Merge pull request #1455 from dgarske/nitroxv
Nitrox V fixes and additions
v3.14.4
2018-04-04 10:27:53 -07:00
David Garske 0c898f513d Nitrox V fixes and additions:
* Added support for ECC, AES-GCM and HMAC (SHA-224 and SHA3).
* Fixes for Nitrox V with TLS.
* ECC refactor for so key based `r` and `s` apply only when building with `WOLFSSL_ASYNC_CRYPT`.
* ECC refactor for `e` and `signK` to use key based pointer for Nitrox V.
* Improved the Nitrox V HMAC to use start, update and final API's instead of caching updates.
* Fix for Intel QuickAssist with unsupported HMAC hash algos using `IntelQaHmacGetType` (such as SHA3).
* Added new API `wc_mp_to_bigint_sz` to zero pad unsigned bin.
* Fix for AES GCM to gate HW use based on IV len in aes.c and remove the gate in test.c.
* Implemented workaround to use software for AES GCM Nitrox V hardware and 13 byte AAD length for TLS.
* New debug option `WOLFSSL_NITROX_DEBUG` to add pending count.
2018-04-03 09:14:20 -07:00
Eric Blankenhorn adb817e8d2 Feature update for tls_bench test that will allow passing in arguments (#1466)
* Feature update for tls_bench test that will allow passing in command line arguments that enable test features.
* Fix type conversion errors.
* Fixed use of uninitialized data. Declare DH arrays as const.
2018-04-02 14:00:34 -07:00
Jacob Barthelmeh 6a1013888f sanity check on buffer read 2018-04-02 14:30:58 -06:00
JacobBarthelmeh b33feb9dbf Merge pull request #1470 from kojo1/EVP
EVP_CipherUpdate return value for inlen == 0
2018-04-02 14:03:48 -06:00
Takashi Kojo c60d9ff983 if(ret != 1) error 2018-04-01 13:27:08 +09:00
Takashi Kojo 1c0b84d47d openSSL compatibility, EVP_CipherUpdate, if(inlen == 0)return 1; 2018-04-01 12:13:18 +09:00
Chris Conlon 87c1658ab8 Merge pull request #1464 from jrblixt/unitTest_api_addPkcs7-nightlyBuildFix2
Nightly build fix for PKCS#7 errors.
2018-03-29 15:26:11 -06:00
toddouska 86a5330b31 Merge pull request #1462 from ejohnstown/cxxflags
Configure Update
2018-03-28 16:41:15 -07:00
John Safranek e59bb43878 Configure Update
Revise default compiler optimization flags enable name to something more descriptive.
2018-03-28 13:19:46 -07:00
toddouska 3a8a7b8a55 Merge pull request #1458 from dgarske/cleanupthreaded
wolfCrypt ECC FP cleanup for thread local storage cases
2018-03-28 12:25:20 -07:00
John Safranek e6a19bb1e8 Configure Update
Add a disable option to turn off the default optimization options so the user may set their own in a CFLAGS.
2018-03-27 16:41:39 -07:00
jrblixt 1cd6075b9d Nightly build fix. 2018-03-27 16:54:14 -06:00
David Garske c9d840ed8d Fix for the HAVE_THEAD_LS case with FP_ECC where starting a new thead and doing ECC operations and not calling wc_ecc_fp_free. Added missing wolfCrypt_Init to API docs. 2018-03-27 14:29:39 -07:00
toddouska f62d372bbe Merge pull request #1461 from cconlon/netbsd-update
update NetBSD fips-check version to include selftest ECDSA fix
2018-03-27 13:28:49 -07:00
toddouska 9de2bdce24 Merge pull request #1460 from dgarske/winecc
Enable ECC, AES-GCM and SHA-512/384 by default in VS
2018-03-27 13:28:23 -07:00
toddouska 504b13530e Merge pull request #1459 from cconlon/selftest_fixes
Fix for wolfCrypt test and CAVP selftest build
2018-03-27 13:27:28 -07:00
John Safranek 477d2413cd Configure Update
1. Initialize CXXFLAGS (C++ compiler flags) the same way we do CFLAGS.
2. Add CPPFLAGS (C preprocessor flags) to the options.h file with the other CFLAGS.
2018-03-27 10:23:44 -07:00
toddouska 9f231e0020 Merge pull request #1453 from dgarske/ecc508a_linux
Support for building with `WOLFSSL_ATECC508A` on other targets
2018-03-27 09:57:39 -07:00
David Garske 42e6ea8685 Added ECC_TIMING_RESISTANT to eliminate harden warnings. 2018-03-26 15:54:29 -07:00
David Garske 8fbc765dba Enable ECC, AES-GCM and SHA-512/384 by default in Windows Visual Studio projects. 2018-03-26 15:09:51 -07:00
Chris Conlon 9edaac8e1c update NetBSD fips-check version to include selftest ECDSA fix 2018-03-26 14:37:39 -06:00
Chris Conlon 021560035b fix unused var warning for extNameConsOid with IGNORE_NAME_CONSTRAINTS 2018-03-26 09:43:37 -06:00
Chris Conlon d2aa7d0a37 exclude ecc_import_unsigned test when building for CAVP selftest 2018-03-23 16:31:17 -06:00
Chris Conlon c08f5b86cf Merge pull request #1444 from jrblixt/unitTest_api_addPkcs-PR03162018
Unit test functions for PKCS#7.
2018-03-23 10:00:33 -06:00
toddouska aee6f4d0ca Merge pull request #1457 from dgarske/base16
Base16/64 improvements
2018-03-22 15:14:57 -07:00
jrblixt 316a2b9fb4 Review changes: Chris. 2018-03-22 15:35:25 -06:00
toddouska a92696edec Merge pull request #1454 from dgarske/noprivkey
Support for not loading a private key when using `HAVE_PK_CALLBACKS`
2018-03-22 12:47:22 -07:00
toddouska 040e0ab752 Merge pull request #1456 from dgarske/iocbname
Refactor IO callback function names to use `_CTX_`
2018-03-22 12:40:48 -07:00
toddouska 43f4faa7be Merge pull request #1452 from cconlon/mcapifix
fix unused param warning with NO_ERROR_STRINGS
2018-03-22 12:39:19 -07:00
David Garske 3bf325290d Base16/64 improvements:
* Add define `WOLFSSL_BASE16` to explicitly expose base16 support.
* Add `./configure --enable-base16` option (disabled by default in configure, but enabled in coding.h when required internally).
* Added base16 tests in test.c `base16_test`.
* Enabled base64 decode tests when `WOLFSSL_BASE64_ENCODE` is not defined.
2018-03-22 10:36:56 -07:00
David Garske 0cff2f8b10 Replace use of PUB_KEY_SIZE (from CryptoAuthLib) with new ECC_MAX_CRYPTO_HW_PUBKEY_SIZE. 2018-03-22 09:45:27 -07:00
David Garske 8c4bfd825a Support for building the ATECC508A without WOLFSSL_ATMEL defined, which enables features specific to Atmel Studio Framework (ASF) and an embedded target. This allows for building with WOLFSSL_ATECC508A defined on other targets such as Linux. 2018-03-22 09:39:21 -07:00
Chris Conlon 2989c73411 Merge pull request #1447 from JacobBarthelmeh/PKCS7
remove pkcs7 requirement of x963kdf when ecc is disabled
2018-03-22 10:01:55 -06:00
David Garske e564c973b6 Refactor IO callback function names to use _CTX_ to eliminate confusion about the first parameter. 2018-03-21 16:08:55 -07:00
David Garske 4b51431546 Fix for possible unused ctx in wolfSSL_CTX_IsPrivatePkSet when no ECC, RSA or ED25519. 2018-03-21 15:46:08 -07:00
toddouska 104f7a0170 Merge pull request #1451 from JacobBarthelmeh/Optimizations
Adjust X509 small build and add more macro guards
2018-03-21 15:15:27 -07:00
toddouska f3d0879ed7 Merge pull request #1449 from dgarske/asn_nullterm
ASN improvements for building header/footer in `wc_DerToPemEx`
2018-03-21 15:13:46 -07:00
toddouska 2a356228be Merge pull request #1445 from SparkiDev/wpas_fix
Fixes for wpa_supplicant
2018-03-21 15:11:43 -07:00
David Garske dbb34126f6 * Added support for not loading a private key for server or client when HAVE_PK_CALLBACK is defined and the private PK callback is set. Tested with all cipher suites, TLS 1.2/1.3, client/server certs, RSA/ECC/ED25519.
* Added PK callback context tests for client/server examples (`SetupPkCallbackContexts`).
* Added new test define for `TEST_PK_PRIVKEY` to allows simulating hardware based private key.
* Added new test.h function for loading PEM key file and converting to DER (`load_key_file`).
* Added way to get private key signature size (`GetPrivateKeySigSize`).
* Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
* Added inline comments to help track down handshake message types.
* Cleanup of RSS PSS terminating byte (0xbc) to use enum value.
* Fixed bug with PK callback for `myEccVerify` public key format.
* Fixed bug with PK callback for ED25519 verify key buffer in DoServerKeyExchange.
2018-03-21 11:27:08 -07:00
Jacob Barthelmeh 26bb86690a fix for unused parameter warning 2018-03-21 10:06:06 -06:00
Chris Conlon 14bb14c6ab fix unused param warning with NO_ERROR_STRINGS 2018-03-21 09:56:08 -06:00
Jacob Barthelmeh 90f97f4a5a fix for unused variable 2018-03-21 09:16:43 -06:00
Jacob Barthelmeh 0aa3b5fa0e macros for conditionally compiling code 2018-03-21 00:09:29 -06:00
Jacob Barthelmeh d9917049c4 use bit fields with WOLFSSL_CTX structure 2018-03-20 22:07:42 -06:00
Jacob Barthelmeh 087df8f1cd more macro guards to reduce size 2018-03-20 17:15:16 -06:00
Sean Parkinson c9c2e1a8a7 Don't base signature algorithm support on certificate
The signature algorithm support is what you can do with another key, not
what you can do with your key.
2018-03-21 08:33:54 +10:00
Jacob Barthelmeh 4d65e4cc1e add WOLFSSL_NO_DH186 macro to optionally compile out DH186 function 2018-03-20 15:31:20 -06:00
Jacob Barthelmeh df6ea54cd5 add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build 2018-03-20 15:06:35 -06:00