Commit Graph

11359 Commits

Author SHA1 Message Date
Chris Conlon fb699acec4 Merge pull request #1831 from MJSPollard/benchmarkCSV
added option to print wolfcrypt benchmark tests in CSV format
2018-09-13 16:16:09 -06:00
toddouska e071f1ca7e Merge pull request #1825 from SparkiDev/compat_apis_1
Add more compatability APIs.
2018-09-13 13:13:12 -07:00
Chris Conlon 8a6a9e7620 Merge pull request #1820 from kojo1/portingAid
Porting aid
2018-09-13 11:06:55 -06:00
MJSPollard d4d6346ee5 fixed unused variable error 2018-09-13 08:47:01 -06:00
MJSPollard 7457ab3e14 added define to work with certain enabled options 2018-09-12 23:37:31 -06:00
MJSPollard 037151eae0 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into benchmarkCSV 2018-09-12 23:32:45 -06:00
Sean Parkinson 0275366fb6 Fixes from code review
Document how length of ECDSA signature calculated.
Check parameter not NULL before use.
Formatting fix.
Also, disable RSA test of EVP_DigestSign/Verify* when HAVE_USER_RSA.
2018-09-13 08:47:09 +10:00
toddouska 581f72adf8 Merge pull request #1822 from dgarske/fixes_async
Fix for dh_test to make sure the provided agree size is populated
2018-09-12 13:03:04 -07:00
toddouska 5b985c7dbd Merge pull request #1821 from dgarske/nxp-ltc
Fixes for NXP LTC support with K82
2018-09-12 13:02:21 -07:00
Sean Parkinson df20daa1ae Support RSA and ECC in wolfSSL_DigestSign/Verify* 2018-09-12 16:31:39 +10:00
Takashi Kojo 7ddc756d15 eliminate double semi-colon 2018-09-12 10:13:30 +09:00
MJSPollard d280359548 added option to print wolfcrypt benchmark tests in CSV format 2018-09-11 14:49:54 -06:00
Eric Blankenhorn 01dc018cda Make DecodedCert elements available with WOLFSSL_CERT_EXT 2018-09-11 10:41:12 -05:00
Sean Parkinson 330a7048c7 Add more compatability APIs.
d2i_ECDSA_SIG, i2d_ECDSA_SIG, EVP_DigestVerifyInit,
EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_PKEY_id,
PEM_read_bio_PUBKEY
2018-09-11 09:28:03 +10:00
David Garske f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
David Garske 2c5b0d82da Fix for dh_test to make sure the provided agree size is populated. This resolves issue with async and QuickAssist DH. 2018-09-10 07:13:52 -07:00
David Garske a2be7590d1 Fixes for NXP LTC support with K82. Fix for SHA384/512. Fix for AES CBC not storing previous IV. Fix for wc_AesSetKey arg check. Fix for AES GCM IV != 12 test. Changed LTC default in settings.h to not enable SHA512 and Ed/Curve25519. Tested using Rowley Crossworks v4.2.0 on a FRDM-K82F. There is an initial stack pointer issue with the arm-startup code here for Rowley still outstanding, but these fixes are valid as-is. 2018-09-10 07:13:32 -07:00
Eric Blankenhorn 412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798)
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
2018-09-07 16:22:23 -07:00
Daniele Lacamera 27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
David Garske ae3d8d3779 * Fixed wolfSSL_CTX_load_verify_locations to continue loading if there is an error (ZD 4265).
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
2018-09-06 12:51:22 -07:00
David Garske d998d10f02 Merge pull request #1805 from dgarske/fix_csr
Fix for CSR generation email value
2018-09-05 19:44:41 -07:00
Quinn Miller b8605fa544 Fixed typo in fp_mul_comba_7 2018-09-05 14:51:50 -06:00
David Garske d432d346aa Merge pull request #1809 from cconlon/stm32rngfix
enable RNG clock when WOLFSSL_STM32F427_RNG is defined
2018-09-04 17:21:01 -07:00
Eric Blankenhorn 28ad8e591d Adding comment for empty case in GetNameType 2018-09-04 18:08:40 -05:00
toddouska bac8b78a8c Merge pull request #1803 from SparkiDev/tfm_stack
Small stack for fast math code
2018-09-04 15:57:59 -07:00
toddouska 8e67ef33b2 Merge pull request #1799 from SparkiDev/cert_vfy_small
Smaller dynamic memory usage in TLS
2018-09-04 15:40:11 -07:00
Chris Conlon d3ea903c55 enable RNG clock when WOLFSSL_STM32F427_RNG is defined 2018-09-04 16:13:09 -06:00
Sean Parkinson 17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
Sean Parkinson 4d0478a287 Fix fp_div_2d to return remainder correctly
If a == c are then a and c don't equal d:
calculate d before c
If a != c then a doesn't change in calculating c:
calculate d after c
2018-09-03 08:32:55 +10:00
David Garske 6171e29fe8 Fix for CSR generation after PR (https://github.com/wolfSSL/wolfssl/pull/1734). This resolves issue with email name in CSR. (Thanks to Forum post https://www.wolfssl.com/forums/post4137.html).
Failed examples:

```
145:d=5  hl=2 l=  16 prim: EOC
      0000 - 69 6e 66 6f 40 77 6f 6c-66 73 73 6c 2e 63 6f 6d   info@wolfssl.com
```

```
SET {
138  23:         SEQUENCE {
140   3:           OBJECT IDENTIFIER objectClass (2 5 4 0)
       :             Error: Spurious EOC in definite-length item.
```

Success Examples:

```
140:d=5  hl=2 l=   9 prim: OBJECT            :emailAddress
  151:d=5  hl=2 l=  16 prim: IA5STRING         :info@wolfssl.com
```

```
SET {
138  29:         SEQUENCE {
140   9:           OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1)
151  16:           IA5String 'info@wolfssl.com'
```
2018-08-31 11:20:04 -07:00
Sean Parkinson 41ab3d91fd Small stack for fast math code
Any large stack usages have been changed to dynamic memory allocations
when WOLFSSL_SMALL_STACK is defined.
Modified functions to return error codes.
2018-08-31 17:55:49 +10:00
Sean Parkinson d86fc2dbbe Smaller dynamic memory usage in TLS
Code doesn't require a DecodedCert which saves on dynamic memory usage.
WOLFSSL_SMALL_CERT_VERIFY: Don't have a DecodedCert allocated and verify
certificate signature in ProcessPeerCerts as this is maximum dynamic
memory usage.
WOLFSSL_SMALL_CERT_VERIFY is enabled with 'lowresource' configuration
option.
Fix sp_clear to work with NULL parameter.
Define a new function HashId that maps to the hashing function
available.
Set MAX_CERT_VERIFY_SZ to be the maximum based on what algorithms are
compiled in.
Fix usage of MAX_CERT_VERIFY_SZ in functions sending certificate verify
messages.
2018-08-31 08:29:28 +10:00
toddouska 31e37ea5df Merge pull request #1797 from SparkiDev/stack_size
Small stack usage fixes
2018-08-29 16:19:46 -07:00
toddouska d084a4bcb8 Merge pull request #1794 from SparkiDev/sp_armasm_modexp
Fix for SP ASM arm and no DH
2018-08-29 16:13:34 -07:00
toddouska 03fbad22a6 Merge pull request #1792 from SparkiDev/gcc_8_fixes
GCC 8 new warnings in -Wall fix
2018-08-29 16:12:19 -07:00
toddouska e4ccb2fe83 Merge pull request #1784 from dgarske/stsafe_server
Added ST-Safe PK callback example for Key Generation (TLS server only)
2018-08-29 16:07:14 -07:00
Sean Parkinson 4dbe86f1fd Small stack usage fixes
Stack pointer logging added.
2018-08-29 10:16:51 +10:00
Sean Parkinson 57620caac8 Fix for SP ASM arm and no DH
Fix mod exp in ARM asm to work for different size exponents.
In ASM code, mont_norm is not used in RSA so protect from no DH.
2018-08-28 11:24:38 +10:00
Sean Parkinson 551201c00c GCC 8 new warnings in -Wall fix 2018-08-27 12:51:01 +10:00
John Safranek bd5e507617 OID
1. When checking an OID sum against an OID string based on context, skip the unknown OIDs instead of treating them as parse errors.
2. When getting an OID, pass the lower error upstream instead of just PARSE error.
2018-08-24 11:51:25 -07:00
David Garske 347fdccf1c Added missing README.md. 2018-08-24 11:11:30 -07:00
David Garske c96aeb4550 Added documentation and benchmarks for STM32 and STSAFE-A100 support. 2018-08-24 11:03:14 -07:00
David Garske 88e6bd2915 Added ST-Safe server side PK callback example for key gen. Added helper API's for setting up the PK callbacks and custom context. 2018-08-23 15:57:14 -07:00
David Garske c7dde6c682 Merge pull request #1656 from danielinux/contiki-port
Contiki port
2018-08-23 12:31:56 -07:00
toddouska cc39f3211a Merge pull request #1780 from dgarske/pkcs7_ex
Added new PKCS7 ex API's to support signing and validation of large data
2018-08-23 08:41:25 -07:00
toddouska 5d8a2a7702 Merge pull request #1778 from SparkiDev/sp_mem
Make ALT_ECC_SIZE with SP work
2018-08-23 08:25:44 -07:00
toddouska 554d40a62e Merge pull request #1777 from dgarske/async_fixes
Build fixes for async
2018-08-23 08:23:20 -07:00
toddouska 0d171e591b Merge pull request #1776 from SparkiDev/inline_cmpl_fix
Fix for clang builds with configs not using inline funcs
2018-08-23 08:22:39 -07:00
toddouska 8477d5ba1b Merge pull request #1773 from ejohnstown/critical-option
Certificate Extension Critical Check Optionality
2018-08-23 08:21:19 -07:00
David Garske 57d72028f6 Fix for missing return code on wc_Pic32HashFree. 2018-08-22 16:38:55 -07:00