wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-03-06 17:34:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,346 Commits 13 Branches 184 Tags
c5f80760a8d330294895f854c33a1c64d417fa29
Commit Graph

1343 Commits

Author SHA1 Message Date
toddouska
c5f80760a8 Merge pull request #1145 from JacobBarthelmeh/HardwareAcc 
init hardware acc. use of public RSA key with public key decode funct…
 2017-10-20 10:32:18 -07:00
toddouska
9bea6cca52 Merge pull request #1186 from SparkiDev/sha2_asm 
Fix SHA-256 Intel assembly code to work with 'fasthugemath'
 2017-10-18 08:51:05 -07:00
toddouska
9920bdf097 Merge pull request #1103 from SparkiDev/sp_rsa 
Single Precision maths for RSA, DH and ECC
 2017-10-18 08:44:47 -07:00
dgarske
1bf9d092af Merge pull request #1179 from ejohnstown/evp-aes 
EVP-AES
 2017-10-17 19:23:11 -07:00
Sean Parkinson
c0472a3a89 Fix SHA-256 Intel assembly code to work with 'fasthugemath' 2017-10-17 18:35:18 +10:00
Sean Parkinson
f724206e37 Add test for 3072-bit RSA and DH and fix modexp 2017-10-17 08:36:39 +10:00
Sean Parkinson
90f8f67982 Single Precision maths for RSA (and DH) 
Single Precision ECC implementation
 2017-10-17 08:36:39 +10:00
David Garske
de34ec0f0c Fix scan-build report of possible use of unitialized output[i]. 2017-10-16 11:24:41 -07:00
David Garske
02ee22e73b Support for mapping to new names with old for FIPS build. Fix to revert HMAC SHA224 type check, since SHA224 type isn't in FIPS wolfCrypt. 2017-10-16 09:57:22 -07:00
toddouska
2c2217fcdc Merge pull request #1181 from dgarske/cert_serial 
Certificate serial number enhancements
 2017-10-13 09:22:11 -07:00
toddouska
6fd53d31c2 Merge pull request #1157 from dgarske/old-names 
Refactor SSL_ and hashing types to use wolf specific prefix
 2017-10-13 09:09:44 -07:00
David Garske
6548f32ee0 Enhancement to allow a serial number to be customized via Cert.serial and Cert.serialSz for cert request or generation. Fix to make sure serial number is always postive and has no leading zeros. Increase the size of the certificate serial number to 20 bytes. 2017-10-11 17:21:26 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
John Safranek
09f8ddd0f0 EVP-AES 
1. Fixed using wolfSSL_EVP_CipherFinal() when a message's size is a round multiple of a block size. It wasn't adding the appropriate padding.
2. Update the EVP_Cipher test to call CipherUpdate and CipherFinal instead. It checks a message that is 24 bytes long and a second that is 16 bytes long.
 2017-10-10 13:44:06 -07:00
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
Sean Parkinson
898893fbcd Fix for MULX asm 2017-10-10 09:41:17 +10:00
Sean Parkinson
152c24f210 Fix aesni code for avx2 2017-10-05 13:02:33 +10:00
Takashi Kojo
918a5fd5a6 Merge pull request #1164 from SparkiDev/asm_mulx 
Get the multiplcation code using MULX to work consistently
 2017-09-30 09:51:03 +09:00
JacobBarthelmeh
3b12b7223a Merge pull request #1160 from dgarske/asn_extkeyusage 
ASN Extended Key Usage Support
 2017-09-28 11:31:04 -06:00
JacobBarthelmeh
c836724685 Merge pull request #1162 from cconlon/mysql_compat 
wolfSSL_ERR_peek_error() with WOLFSSL_MYSQL_COMPATIBLE
 2017-09-28 09:51:07 -06:00
JacobBarthelmeh
fd9b2d3b8d Merge pull request #1116 from dgarske/stm32_hash 
Fixes for STM32 hardware acceleration
 2017-09-28 09:35:36 -06:00
Sean Parkinson
0376a53f6b Get the multiplcation code using MULX to work consistently 2017-09-28 09:12:29 +10:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
Chris Conlon
4f15cde2eb Merge pull request #1155 from dgarske/fixes_pic32mz 
PIC32MZ minor build warning fixes
 2017-09-26 16:26:32 -06:00
David Garske
9eb7e2aafa ASN1 Extended Key Usage support. Adds new wc_SetExtKeyUsage() API. Available only with --enable-certext or WOLFSSL_CERT_EXT. 2017-09-26 12:05:46 -07:00
John Safranek
0ced1f4847 AESGCM Init 
1. Update the AES-GCM with AES-NI 128-bit constant initializers so they work on both GCC/Clang and MSC.
* MSC uses a union for the type where the first member is a 16-byte array.
* GCC/Clang uses a 16-byte vector masking as a long long array.
2. Disable AES-GCM loop unrolling for Windows, when using AES-NI in 32-bit mode.
 2017-09-22 15:28:47 -07:00
JacobBarthelmeh
763d5f26c7 Merge pull request #1031 from dgarske/math_update 
Math updates
 2017-09-22 15:26:34 -06:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
David Garske
4a510218c2 Tested PPC32 with TFM_PPC32. Fixed warning with possible uninitialized use of sc0, sc1 and sc2. 2017-09-22 11:37:00 -07:00
David Garske
a2ed22286f Adds TFM_MIPS (tested on PIC32MZ2048EFM144 with XC32 v1.44). Adds check for mp_read_radix to return failure for invalid character. Adds checking for s_mp_sub response code. Improved mp_init_copy error handling. Improved init to use size where applicable. Asm PPC 32 changes to add r to register. Asm formatting cleanups. 2017-09-22 09:48:35 -07:00
David Garske
3f493770d4 Fixes bug with creation of the KeyUsage BitString which was always adding the optional second byte reguardless of len, which created invalid ASN if value provided was less than 256. Bug was introduced with ASN refactor in commit fd9e41dd99. 2017-09-20 15:00:24 -07:00
dgarske
2f96f1ae9f Merge pull request #1150 from kaleb-himes/HASH_DRBG_UPDATE 
Update HASH_DRBG Reseed mechanism and add test case
 2017-09-20 13:15:17 -07:00
kaleb-himes
5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
dgarske
5e6213bfa1 Merge pull request #1140 from JacobBarthelmeh/RSA-fix 
account for 8k keys with MySQL compatibility
 2017-09-20 10:05:32 -07:00
dgarske
28c15bed1c Merge pull request #1141 from SparkiDev/chacha_avx1 
Fix ChaCha to check for AVX1
 2017-09-20 09:57:20 -07:00
kaleb-himes
60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
David Garske
4d8e1c9e5a Minor build fixes for unused function and variable. 2017-09-19 12:48:57 -07:00
David Garske
816767744f Fix for STM32 AES-CTR (tested on STM32F437). Improvement to the STM32 RNG code to detect improper RNG_CLK. Cleanup of the PIC32MZ Aes struct variables and the AES-CTR (tested on PIC32MZ2048). 2017-09-18 16:08:09 -07:00
John Safranek
2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
David Garske
27d607efa3 Fixes for AES on STM32 with StdPeriLib and fix for building with NO_STM32_CYPTO. Researching better solution for AES-CTR. 2017-09-15 10:39:09 -07:00
David Garske
dcab2f47ee Fixes for STM32 hardware acceleration. Adds CubeMX HAL hashing support for MD5, SHA1, SHA224 and SHA256. Adds support for STM32F7 (WOLFSSL_STM32F7). Fixes issue with AES-GCM and STM32F2. Cleanup of the STM32 macros (adds NO_STM32_HASH, NO_STM32_CRYPTO and NO_STM32_RNG to optionally disable hardware acceleration). 2017-09-15 10:39:09 -07:00
kaleb-himes
63e8d63943 Update following review 2017-09-15 10:52:33 -06:00
kaleb-himes
1f7d73f626 NULL plaintext input is supported in FIPS testing 2017-09-14 20:14:21 -06:00
Jacob Barthelmeh
f97f9a6158 init hardware acc. use of public RSA key with public key decode functions 2017-09-14 17:07:19 -06:00
Jacob Barthelmeh
1b3a8f40b8 account for 8k keys with MySQL compatibility 2017-09-14 09:37:32 -06:00
Sean Parkinson
7721aca114 Fix ChaCha to check for AVX1 2017-09-14 09:07:04 +10:00
toddouska
4c31c53f37 Merge pull request #1128 from JacobBarthelmeh/AES 
AES XTS feature addition
 2017-09-13 14:38:15 -07:00
Jacob Barthelmeh
398252ddad add XtsAes structure and change XTS-AES API 2017-09-08 16:00:33 -06:00
Kaleb Himes
c018a1abf3 Merge pull request #1130 from SparkiDev/cpuid_fix 
MSVC fix around cpuid check
 2017-09-08 11:04:50 -06:00
Jacob Barthelmeh
c482524b78 big endian testing and packing Aes struct 2017-09-01 15:32:55 -06:00