wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 13:12:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,851 Commits 12 Branches 184 Tags
ad49aea17dcb0e679cb03ee9feaebeca569eddeb
Commit Graph

665 Commits

Author SHA1 Message Date
JacobBarthelmeh
c0d7f3b2e6 add support for i.MX8 with QNX CAAM 2022-04-27 02:27:05 -07:00
Sean Parkinson
824b7a3f3f ECC: fix import failure return 
Passing in x=0 and y=0 meant to return ECC_INF_E.
Passing in x=0, y=not 0 or x=not 0, y=0 now checks whether the point is
valid and forces a return of BAD_FUNC_ARG when IS_POINT_E is returned
from check.
 2022-04-13 14:03:13 +10:00
Sean Parkinson
284ebacc57 Merge pull request #4916 from JacobBarthelmeh/hsm 
Add SECO use and expand cryptodev
 2022-04-07 10:21:32 +10:00
Sean Parkinson
e9187f5f00 Wycheproof fixes/changes 
Allow Chachac20-Poly1305 to take an empty msg.
Allow AES-SIV to have an empty nonce.
Don't allow the length to be malleable. Must use the smallest number of
bytes to represent value.
ECDSA and DSA signature values are positive.
Add Sha512-224 and Sha512-256 OIDs.
ASN template - ensure the ECDSA/DSA signature uses all data.
Curve25519/Curve448 - WOLFSSL_ECDHX_SHARED_NOT_ZERO means shared secret
can't be 0.
Curve25519/Curve448 - check public value is less than order.
ECC - x or y may be zero but not both.
Ed25519/Ed448 - check S is less than order.
Ed448 - ge_p3_dbl can be simplified for ASM.
Prime check (integer.c/tfm.c/sp_int.c): Don't allow negative values and
make sure random candidate doesn't have bits higher than those in a set
when bits not a multiple of 8.
RSA: support Sha512-224 and Sha512-256.
RSA: Fix check for invalid in decryption. Affects plaintexts 256 bytes
and longer.
RSA: Don't allow base be larger than modulus.
RSA: Check small ciphertext (1 or 0) on decrypt when not using OAEP.
RSA: WOLFSSL_RSA_DECRYPT_TO_0_LEN allows decrypted value to be 0.
SP math all: fix div to handle large a and d when checking size of
remainder.
SP math all: set sign of result in sp_mod_2d()
 2022-04-06 15:35:01 +10:00
Hayden Roche
f39bd5e02b Merge pull request #5014 from dgarske/kcapi_ecc_import 2022-04-04 14:08:29 -07:00
David Garske
9b5ad6f218 Merge pull request #4968 from miyazakh/cryptonly 
add WOLF_CRYPTO_CB_ONLY_RSA and WOLF_CRYPTO_CB_ONLY_ECC
 2022-04-04 08:31:41 -07:00
Daniel Pouzzner
ae3996fd0e fix codebase for -Wvla -Wdeclaration-after-statement; fix some whitespace. 2022-04-01 14:44:10 -05:00
David Garske
9c572efa40 Disable the public key check in import private key for KCAPI. Fix type warning in KCAPI AES. 2022-04-01 11:27:17 -07:00
David Garske
99af84f1e2 Whitespace cleanups. 2022-04-01 09:36:53 +09:00
Hideki Miyazaki
d3a379adac add WOLF_CRYPTO_CB_ONLY_RSA and WOLF_CRYPTO_CB_ONLY_ECC 2022-04-01 09:36:52 +09:00
David Garske
61f6b5e29c Peer review feedback. 2022-03-31 10:04:23 -07:00
David Garske
c905c613e9 Support for Intel QuickAssist ECC KeyGen acceleration. 2022-03-30 13:07:47 -07:00
David Garske
5b0735cdb4 Fixes for async ECC broke in PR #4982. 2022-03-28 11:29:33 -07:00
JacobBarthelmeh
25d5a624d2 Merge pull request #4975 from cconlon/smallStack 
smallstack cleanup for OpenSSL Compatibility Functions
 2022-03-25 17:06:59 -06:00
David Garske
3af3274dcd Merge pull request #4982 from SparkiDev/sp_x64_improvements 
SP ASM improvements
 2022-03-25 13:04:01 -07:00
Sean Parkinson
fd66f6bcec SP ASM improvements 
Change Karatsuba implementations for x86_64.
Fix ECC code to better handle corner cases.
Add 'lower' versions of functions wehn an input is known to be less than m.
Add mont_add/dbl/tpl/sub for P384.
Change ECC point add to be cache-attack resistant.
Change mod_exp to be cache-attack resistant.
 2022-03-25 10:04:25 +10:00
David Garske
6e550c8d75 Fix for KCAPI ECC KeyGen. Disable ECC consistency checks with KCAPI. Allow public AddSignature (used to be public). Fix KCAPI ECC SharedSecret output size. 2022-03-23 09:37:50 -07:00
David Garske
c9e3094cb0 Fixes for KCAPI ECC verify. Cleanup of the pubkey_raw. Fix KCAPI AES possible used uninitialized. 2022-03-23 09:37:50 -07:00
David Garske
8d695f97c9 Fix for KCAPI KcapiEcc_LoadKey parameter to kcapi_kpp_keygen. Added option to release handle on load. Fixes for KCAPI sign output length. Added additional argument checking. 2022-03-23 09:37:50 -07:00
David Garske
318350f63b Fix for ecc_check_privkey_gen with KCAPI. Fix KCAPI ECDSA to ensure we don't leak handle for multiple sign/verify calls. 2022-03-23 09:37:50 -07:00
Chris Conlon
210eb6283c smallstack reduction for wc_ecc_import_x963_ex, mp_jacobi 2022-03-21 14:43:43 -06:00
Chris Conlon
339e44bd87 smallstack reduction for wc_ecc_import_point_der_ex() 2022-03-21 14:43:43 -06:00
David Garske
b546b2a5ec Improve logic around private key id/label. Adds WOLF_PRIVATE_KEY_ID. 2022-03-17 14:48:30 -07:00
JacobBarthelmeh
55b42dd85a Add SECO use and expand cryptodev 2022-03-17 12:04:52 -06:00
David Garske
4ec49d2189 Merge pull request #4943 from SparkiDev/sp_arm64_perf_1 
SP ASM performance improvements
 2022-03-14 18:40:51 -07:00
Sean Parkinson
3ea5e56c26 SP ASM performance improvements 
Mostly improving Aarch64 assembly.
Change Karatsuba implementations.
Specialised code for exponentiating to 0x10001 for RSA.
 2022-03-11 08:42:46 +10:00
Sean Parkinson
6b7f0d4ee7 Merge pull request #4905 from anhu/custom_ext_parse 
Injection and parsing of custom extensions in X.509 certificates.
 2022-03-10 10:39:05 +10:00
Anthony Hu
98f733767b Use MAX_OID_SZ 2022-03-09 17:20:50 -05:00
Anthony Hu
d77d9b93dc This fixes a make check error. 
The flags activated code that didn't account for the new oid encoding. This
code fixes that.
 2022-03-07 15:47:47 -05:00
John Safranek
0e0ac14bbf Merge pull request #4901 from SparkiDev/kcapi_ecdh_fixes 
Fixes for KCAPI ECDH/DH and page alignment
 2022-03-07 11:01:16 -08:00
Sean Parkinson
7006efe97f Merge pull request #4861 from JacobBarthelmeh/ECC 
Deterministic ECDSA: fix for larger curve sizes
 2022-03-07 08:26:35 +10:00
David Garske
0c3b9c733f Fixes for KCAPI ECDH/DH and page alignment. ZD 13763 2022-03-04 15:06:16 -08:00
Jacob Barthelmeh
a4a4bdc20f fix typo, add macro guard, remove dead code path 2022-03-04 10:49:11 -07:00
Jacob Barthelmeh
d1212f9247 add P521 test case and fix for k generation 2022-03-03 10:44:24 -07:00
Jacob Barthelmeh
56de8cd622 add check on hash size passed in 2022-03-02 16:52:04 -07:00
David Garske
b21036947c Merge pull request #4894 from SparkiDev/sp_p521_hashlen_fix 
SP P521: hash len needs special attention when 521 bits
 2022-03-01 12:04:51 -08:00
Sean Parkinson
605d701113 SP P521: hash len needs special attention when 521 bits 
Need to right shift number down when hash is more than 521 bits.
Previously handled at a byte level and now at bit level.
Always return err from sp_*_ecc_mulmod_add_only_*().
When ECC add and double points are public and only have SP
implementation, check that the point ordinates are the right size.
 2022-03-01 09:56:22 +10:00
David Garske
cc2eb0ab71 KCAPI Testing fixes. 2022-02-25 15:16:55 -08:00
Sean Parkinson
2eb044dc60 SP: Add support for P521 2022-02-23 14:51:47 +10:00
Sean Parkinson
d10900e124 ECC with SP math: OOB write 
Don't let input points ordinates be greater than modulus in length.
 2022-02-22 17:00:23 +10:00
Jacob Barthelmeh
f0a0cd1078 fix for larger curve sizes with deterministic ECC sign 2022-02-14 09:55:38 -07:00
David Garske
d1267b5203 Merge pull request #4805 from SparkiDev/ecies_aes_ctr 
ECIES: add support for more encryption algorithms
 2022-02-10 07:04:24 -08:00
Sean Parkinson
e50f661639 ECIES: add support for more encryption algorithms 
Add support to ECIES for AES-256-CBC, AES-128-CTR, AES-256-CTR.
Added new API wc_ecc_ctx_set_algo() that sets the encryption, KDF and
MAC algorithms.
Cleanup formatting of ECIES code.
 2022-02-10 09:54:22 +10:00
David Garske
40fff86807 Merge pull request #4801 from tmael/cert_rr 
cert subset improvements
 2022-01-28 11:00:55 -08:00
Sean Parkinson
b890a2f15d ECIES: allow compressed public keys 
ECIES messages have a public key/point at start of the data.
It can be either uncompressed or compressed.
Adding support for decrypting and encrypting of compressed point.
 2022-01-27 12:10:59 +10:00
Tesfa Mael
a37e17084d Use mp_iszero 2022-01-26 17:33:42 -08:00
Tesfa Mael
1c1bd413e0 cert subset SHA2-256, ecc-256, cert gen, cryptocb 2022-01-26 17:11:00 -08:00
David Garske
9bbc5e07e6 Merge pull request #4733 from JacobBarthelmeh/ECC 
include hmac for deterministic ecc sign build
 2022-01-26 10:01:46 -08:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
Jacob Barthelmeh
29513e1ec8 include hmac for deterministic ecc sign build 2022-01-20 09:25:32 +07:00