Commit Graph

2353 Commits

Author SHA1 Message Date
Chris Conlon 794137c20c add CMS EnvelopedData OtherRecipientInfo support 2018-11-06 18:35:12 -08:00
Chris Conlon 85e0c203ea ignore pkcs7 test files 2018-11-06 18:35:12 -08:00
Chris Conlon 13b30a6a21 add CMS EnvelopedData PasswordRecipientInfo support 2018-11-06 18:35:12 -08:00
Chris Conlon dbb5bb7570 add CMS EnvelopedData KEKRecipientInfo support 2018-11-06 18:35:12 -08:00
Chris Conlon ec07fe492e misc CMS fixes from review and valgrind 2018-11-06 18:35:11 -08:00
Chris Conlon 7841434744 add support for multiple certificates in CMS SignedData certificates field 2018-11-06 18:35:11 -08:00
Chris Conlon ce1381dc9a add contentType check to CMS compressed tests 2018-11-06 18:35:11 -08:00
Chris Conlon 6a06a3b63b add CMS CompressedData test using FirmwarePkgData 2018-11-06 18:35:11 -08:00
Chris Conlon c51cf4472e add support for CMS CompressedData content type 2018-11-06 18:35:11 -08:00
Chris Conlon 32b70dd56c add support for FirmwarePkgData in CMS SignedData EncapsulatedContentInfo 2018-11-06 18:35:11 -08:00
Chris Conlon 2a60fbd766 add support for SubjectKeyIdentifier in CMS SignedData SignerInfo 2018-11-06 18:35:11 -08:00
Chris Conlon 70ca95b357 add support for custom contentType with CMS SignedData type 2018-11-06 18:35:11 -08:00
toddouska bdf07e64cf Merge pull request #1901 from dgarske/rsa_nonblock
Added RSA non-blocking support
2018-11-06 16:39:43 -08:00
toddouska 5d8f4351ff Merge pull request #1903 from dgarske/dhkeycheck
Speed improvements for DH public key prime checking
2018-11-06 16:35:27 -08:00
kaleb-himes 92d6dc36af Fix pre-processor checks in wolfCrypt test for unique configuration 2018-11-02 15:22:11 -06:00
David Garske 6372c3d6e1 * Added RSA non-blocking support enabled with WC_RSA_NONBLOCK. Adds new wc_RsaSetNonBlock function for enabling / non-block context. Added wolfCrypt test function rsa_nb_test to validate. Result is: RSA non-block sign: 8200 times and RSA non-block verify: 264 times
* Signature wrapper improvements to eliminate mallocs/frees unless small stack is used. If small stack is used only one allocation is done based on actual max (was previously was allocating too much and in the encoding case was reallocating a second buffer).
2018-11-02 12:41:23 -07:00
Chris Conlon def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske f4b0261ca7 Fix to not do prime test on DH key the server loaded. Now it will only do the prime test on the peer's provided public DH key using 8 miller rabbins. Refactored the fast math miller rabin function to reuse mp_int's, which improved peformance for mp_prime_is_prime_ex from 100ms to 80ms. Normal math mp_prime_is_prime_ex is ~40ms (as-is). Added test for wc_DhSetCheckKey. 2018-10-30 11:20:07 -07:00
David Garske 0ec9b28402 Added GZIP compression tests. Added new wc_Compress_ex API to support GZIP compression option. 2018-10-03 16:29:45 -07:00
David Garske c619bfebda Add test for NIST PIV case. 2018-10-02 17:08:27 -07:00
David Garske f0350c1efb Refactor of the wc_ParseCertPIV to support detection of Identiv format header. Added flag to indicate Identiv type. Added wolfCrypt test for wc_ParseCertPIV function with Identiv PIV template. 2018-10-02 17:01:56 -07:00
David Garske 0c72dee315 Fixes for building with ./configure --enable-asn=nocrypt. Added wolfCrypt test template for certpiv_test, pending test PIV certs to use. 2018-10-02 15:18:57 -07:00
Go Hosohara 1c627430c7 increase wolfcrypt test program memory size along to WOLFSSL structure modificaiton.
rebase with master branch
2018-09-25 15:39:55 +09:00
JacobBarthelmeh 3be25441fa Merge pull request #1843 from dgarske/async_fixes
Fixes for wolfCrypt async use with TLS
2018-09-24 09:51:19 -06:00
Sean Parkinson 8a5a03ea35 Support for PKCS#11
Support for RSA, ECDSA and AES-GCM operations.
2018-09-24 08:41:25 +10:00
David Garske a643aeac41 * Fixes for async with TLS where keys are being free'd too soon.
* Fix for possible NULL RNG case in mp_rand.
* Fix for memory macros to handle expression for `HEAP`.
* Fix for possible unknown uint32_t type with mem track.
* Fix for double Alloc/Free print when using track and debug memory at same time.
* Fix for building with `./configure CFLAGS="-DECC_USER_CURVES -DNO_ECC256 -DHAVE_ECC160"`
* Performance improvements for cases with `WC_ASYNC_NO_HASH` and `WC_ASYNC_ENABLE_SHA256`.
2018-09-21 09:33:40 -07:00
David Garske dfb9db2b8d Merge pull request #1832 from JacobBarthelmeh/HardwareAcc
Linux /dev/crypto SHA256 and AES
2018-09-20 18:05:35 -07:00
Jacob Barthelmeh 96a7e366bc testing with valgrind and static analysis tools 2018-09-19 14:29:33 -06:00
Jacob Barthelmeh 2e88151cfd crypto only sha256 cryptodev
formating and refactoring

update configure for devcrypto

add AES algorithms to cyrptodev port

increase structure size for compatibility AES with cryptodev

add wc_devcrypto.h to install path
2018-09-19 10:41:29 -06:00
John Safranek 8972867ada FIPSv2: RNG Update
1. Updated the IDE/WIN10 user settings to enable RDSEED by default.
2. Updated the Windows GenerateSeed() function to take into account the
RDSEED enabled setting.
3. Exclude the TestSeed() function check for the "selftest" build as
well as old FIPS.
2018-09-18 16:08:35 -07:00
John Safranek 4aa85f956f FIPSv2: RNG Update
1. The wolfcrypt test shouldn't check TestSeed() for old FIPS builds.
2018-09-18 14:36:42 -07:00
John Safranek b9a850575f FIPSv2: RNG Update
1. For non-FIPS builds, lower the entropy request size to the old value.
2. Added a consistency check to the result of the entropy source. The test
involves requesting an additional 64-bits, then doing a running
comparison of each block of 64-bits. The first block of bits is ignored.
3. Refactored the RNG seeding a bit. Renamed all variables with
"entropy" in the name as "seed". Renamed the constants for entropy sizes
as seed sizes. Changed the security strength to its actual value and
introduced an entropy scaling factor for the number of bits of entropy
per bit and a size for the NDRBG block size.
4. Changed it so the user can change the parameters for the RNG at the
build configuration. If using FIPSv2, triggers an error if the paramters
are changed.
2018-09-18 14:36:42 -07:00
toddouska 581f72adf8 Merge pull request #1822 from dgarske/fixes_async
Fix for dh_test to make sure the provided agree size is populated
2018-09-12 13:03:04 -07:00
toddouska 5b985c7dbd Merge pull request #1821 from dgarske/nxp-ltc
Fixes for NXP LTC support with K82
2018-09-12 13:02:21 -07:00
David Garske f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
David Garske 2c5b0d82da Fix for dh_test to make sure the provided agree size is populated. This resolves issue with async and QuickAssist DH. 2018-09-10 07:13:52 -07:00
David Garske a2be7590d1 Fixes for NXP LTC support with K82. Fix for SHA384/512. Fix for AES CBC not storing previous IV. Fix for wc_AesSetKey arg check. Fix for AES GCM IV != 12 test. Changed LTC default in settings.h to not enable SHA512 and Ed/Curve25519. Tested using Rowley Crossworks v4.2.0 on a FRDM-K82F. There is an initial stack pointer issue with the arm-startup code here for Rowley still outstanding, but these fixes are valid as-is. 2018-09-10 07:13:32 -07:00
Daniele Lacamera 27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
Sean Parkinson 551201c00c GCC 8 new warnings in -Wall fix 2018-08-27 12:51:01 +10:00
Sean Parkinson f487b0d96a Config option to disable AES-CBC
AEAD only detection and removeal of code.
Also in single threaded builds, reference the ctx suites in ssl object
if it exists.
2018-08-16 08:25:13 +10:00
David Garske d1e13a973c Fix for building WOLFSSL_CERT_EXT without WOLFSSL_CERT_GEN due to missing CTC_MAX_EKU_OID_SZ. Change to allow --enable-certext without certgen. 2018-08-14 15:00:56 -06:00
David Garske aee4aea64d Merge pull request #1748 from JacobBarthelmeh/Testing
call hamc init with blake2 software test
2018-08-14 10:07:01 -06:00
toddouska d4f908c372 Merge pull request #1728 from JacobBarthelmeh/HardwareAcc
Add build for AF_ALG
2018-08-13 16:27:51 -07:00
Jacob Barthelmeh b71c2ddf38 call hamc init with blake2 software test 2018-08-13 08:58:01 -06:00
Eric Blankenhorn bb574d28b2 Support for more cert subject OIDs and raw subject access (#1734)
* Add businessCategory OID
* Raw subject support methods
* Support for jurisdiction OIDs
* Wrap in WOLFSSL_CERT_EXT
* Adding tests
2018-08-12 12:53:29 -07:00
toddouska b88d60ecbb Merge pull request #1665 from ejohnstown/mr
Prime Number Testing
2018-08-03 12:50:27 -07:00
John Safranek 7647d52d77 Prime Number Testing
1. Remove a copy-paste error when clearing up the RNG used to test a prime.
2. Tag a some const test values as static in the wolfCrypt test.
2018-08-01 14:49:06 -07:00
Jacob Barthelmeh ce5e787afc formating and sanity check on pointer with test case 2018-08-01 11:57:36 -06:00
JacobBarthelmeh cb756397b3 inital AES-CBC with af_alg
progress on AES-GCM with AF_ALG and add SHA256

add aes-gcm test cases and finish logic of aes-gcm with AF_ALG

formating of tabs and white space

add files to dist

adding ecb and ctr mode with af_alg

make length of buffers for ctr be AES_BLOCK_SIZE

formating and add support for sha256 copy/gethash

sanity checks on arguments

cast return values and valgrind tests

make it easier to use sha256 with af_alg

remove hard tabs

add endif for after rebase
2018-08-01 08:54:20 -06:00
John Safranek 50372b7033 Memory Callback
1. Allow SetAllocators to use NULL as a callback. Memory wrappers will use default with NULL.
2. Remove the ResetAllocators function. Use SetAllocators with NULL.
3. Modify memory tracker to save the old allocators on init and restore them on cleanup.
2018-07-31 09:30:03 -07:00