wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-26 19:22:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,444 Commits 12 Branches 184 Tags
d43d75bf81fa2c426ae2cb034302349da655c28f
Commit Graph

11444 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Garske
d43d75bf81 Updates to xcode projects to add new files. 
Ran updated iPhone X benchmarks:

```
RNG                330 MB took 1.010 seconds,  326.879 MB/s
AES-128-CBC-enc    920 MB took 1.005 seconds,  915.507 MB/s
AES-128-CBC-dec   6095 MB took 1.000 seconds, 6092.130 MB/s
AES-192-CBC-enc    820 MB took 1.000 seconds,  819.644 MB/s
AES-192-CBC-dec   4860 MB took 1.001 seconds, 4855.794 MB/s
AES-256-CBC-enc    710 MB took 1.005 seconds,  706.419 MB/s
AES-256-CBC-dec   3935 MB took 1.001 seconds, 3930.830 MB/s
AES-128-GCM-enc   1245 MB took 1.003 seconds, 1241.589 MB/s
AES-128-GCM-dec    575 MB took 1.001 seconds,  574.547 MB/s
AES-192-GCM-enc   1235 MB took 1.001 seconds, 1234.343 MB/s
AES-192-GCM-dec    570 MB took 1.003 seconds,  568.521 MB/s
AES-256-GCM-enc   1230 MB took 1.003 seconds, 1226.034 MB/s
AES-256-GCM-dec    570 MB took 1.001 seconds,  569.199 MB/s
3DES                10 MB took 1.386 seconds,    7.213 MB/s
MD5                 95 MB took 1.037 seconds,   91.629 MB/s
SHA                 80 MB took 1.013 seconds,   78.943 MB/s
SHA-256           1625 MB took 1.000 seconds, 1624.565 MB/s
SHA3-224            60 MB took 1.010 seconds,   59.399 MB/s
SHA3-256            60 MB took 1.073 seconds,   55.921 MB/s
SHA3-384            45 MB took 1.042 seconds,   43.195 MB/s
SHA3-512            35 MB took 1.164 seconds,   30.063 MB/s
HMAC-MD5            95 MB took 1.044 seconds,   91.014 MB/s
HMAC-SHA            80 MB took 1.007 seconds,   79.480 MB/s
HMAC-SHA256       1705 MB took 1.001 seconds, 1703.126 MB/s
RSA     2048 public      32800 ops took 1.003 sec, avg 0.031 ms, 32716.405 ops/sec
RSA     2048 private      1200 ops took 1.041 sec, avg 0.868 ms, /33 ops/sec
DH      2048 key gen      2354 ops took 1.000 sec, avg 0.425 ms, 2353.254 ops/sec
DH      2048 agree        2500 ops took 1.013 sec, avg 0.405 ms, 2467.525 ops/sec
ECC      256 key gen     46503 ops took 1.000 sec, avg 0.022 ms, 46502.069 ops/sec
ECDHE    256 agree       14100 ops took 1.005 sec, avg 0.071 ms, 14034.697 ops/sec
ECDSA    256 sign        29600 ops took 1.003 sec, avg 0.034 ms, 29500.554 ops/sec
ECDSA    256 verify      11000 ops took 1.007 sec, avg 0.092 ms, 10921.516 ops/sec
```
 2020-06-12 10:39:26 -07:00
toddouska
29bdc7d8b5 Merge pull request #3015 from tmael/cov-fix 
Coverity fix in wolfSSL 4.4.0
 2020-06-10 17:07:47 -07:00
Chris Conlon
fb51a2298e Merge pull request #3019 from kaleb-himes/ZD10380 
init components as best practice
 2020-06-09 17:23:55 -05:00
toddouska
e993cb6cc0 Merge pull request #2942 from dgarske/tls13_on 
Enable TLS v1.3 by default
 2020-06-09 13:30:02 -07:00
toddouska
48783c1982 Merge pull request #2996 from dgarske/stm32hal 
Fixes and improvements for STM32 crypto hardware
 2020-06-09 13:24:27 -07:00
toddouska
c023efb2aa Merge pull request #3025 from JacobBarthelmeh/Compatibility-Layer 
fix macro to match *_FLAGS_*
 2020-06-09 13:19:29 -07:00
toddouska
7a7bfce565 Merge pull request #3026 from cconlon/selftestfixes 
Fix warnings with NetBSD gcc compiler
 2020-06-09 13:18:44 -07:00
toddouska
ef742c4a42 Merge pull request #3027 from danielinux/psoc6_crypto 
Cypress PSoC6 wolfcrypt driver
 2020-06-09 13:17:37 -07:00
toddouska
8fc908989a Merge pull request #3029 from SparkiDev/aes-ccm-fix 
Fix optimized AES-CCM - counter
 2020-06-09 13:13:42 -07:00
David Garske
8b6b54603f Add STM32WB55 crypto hardware support for AES. 2020-06-08 08:48:59 -07:00
Tesfa Mael
28913a276f Include GCM in latest FIPS and Windows build 2020-06-08 08:38:59 -07:00
David Garske
5837c70e99 Support for STM32L5 PKA ECC sign/verify acceleration. 2020-06-08 08:37:55 -07:00
David Garske
16c0160e63 Added support for STM32L5. 2020-06-08 08:37:55 -07:00
David Garske
21a34bde8c Fix whitespace. 2020-06-08 08:37:55 -07:00
David Garske
6f82f15d1b Performance improvements for STM32 AES CBC and GCM crypto hardware. 
* AES CBC:
  - Do all blocks, not just one at a time.
* AES GCM:
  - Use local stack for authentication header if < block size.
  - Use hardware GHASH for all authentication header sizes.

Tested with STM32F437II (old/new Cube HAL/StdPeriLib), STM32F777ZI (CubeMX) and STM32L4A6ZG (CubeMX).
 2020-06-08 08:37:55 -07:00
David Garske
efe9da0994 Fix for STM32 crypto hash with WOLFSSL_SMALL_STACK_CACHE possible free of invalid pointer. 2020-06-08 08:37:55 -07:00
David Garske
dff7c0fcfa Fix for hardware mutex protection in case where STM32 hardware acceleration is used for RNG or HASH only. 2020-06-08 08:37:55 -07:00
David Garske
42ee313286 Fix for using WOLFSSL_SMALL_STACK_CACHE with STM32 SHA256 hardware acceleration. 2020-06-08 08:37:55 -07:00
David Garske
8791573dfe Fix for building with NO_PUBLIC_GCM_SET_IV when ChaCha20/Poly1305 is enabled. Cleanup use of not used STD_PERI_LIB. 2020-06-08 08:37:54 -07:00
Sean Parkinson
d543e305f1 Fix optimized AES-CCM - counter 
AES-NI optimized 4 block at a time was not incrementing counter
poprerly.
 2020-06-08 10:48:19 +10:00
David Garske
3af4316cfd Fix for session test with TLS v1.3 and session tickets not enabled. Cleanups in AddSession. 2020-06-05 13:33:03 -07:00
David Garske
fb5c9e5268 Adjust static memory case with TLS v1.3 enabled. 2020-06-05 11:11:23 -07:00
David Garske
3b8455fcd0 Fix for building without ECC and DH (TLS v1.3 cannot be enabled). 2020-06-05 10:26:32 -07:00
Daniele Lacamera
254dd9f823 Added new files to include.am 2020-06-05 15:28:49 +02:00
Daniele Lacamera
76ab8bfb6b Added psoc6 ECDSA verification support 2020-06-05 11:30:29 +02:00
Daniele Lacamera
b1947478bb Added support for SHA512 via psoc6 crypto 2020-06-05 11:30:29 +02:00
Daniele Lacamera
82520572b0 Initial support for psoc6_crypto (sha256 only) 2020-06-05 11:30:29 +02:00
David Garske
dffc677561 Fix for TLS v1.3 with --enable-sniffer. 2020-06-04 16:42:40 -07:00
David Garske
7879e83ae0 Fixes for building with ./configure --enable-tls13 --disable-rsa --disable-ecc --enable-psk. Fix to properly detect if missing a asymmetric key algorithm (required by TLS v1.3). 2020-06-04 16:31:19 -07:00
David Garske
1d01b87741 Fix to detect if NO_CERTS / --disable-asn is used in scripts/tls13.test. 2020-06-04 16:08:08 -07:00
David Garske
66fdc2c536 Disable TLS v1.3 if none of these are available "ECC, CURVE25519, CURVE448 or DH". 2020-06-04 15:31:19 -07:00
David Garske
93be04f380 Can't send empty list for the client when sniffer is enabled or it will use AES128-SHA. 2020-06-04 15:31:18 -07:00
David Garske
ad93813d75 Fix for expected failure case on client write. Resolves test-fails.con server TLSv1.3 fail on no client certificate test. 2020-06-04 15:31:18 -07:00
David Garske
d4fdd1e590 Fix for TLS v1.3 test PSK callback to support cipher list. Add support for GetCipherSuiteFromName to accept a name ending with colon. 2020-06-04 15:31:18 -07:00
David Garske
3b63e55a68 Fix for TLS v1.3 PSK tests work with additional cipher suites (not just TLS13-AES128-GCM-SHA256) and the echo server/client. 2020-06-04 15:31:18 -07:00
David Garske
8823a581d0 Add PSK user context support (Fixes #2952.). 2020-06-04 15:31:18 -07:00
David Garske
0228d1eeea Cleanups for the TLS v1.3 build requirements. Add check for TLS v1.3 call to EncodeSigAlg. 2020-06-04 15:31:18 -07:00
David Garske
ab2afbd37b Allow the TLS 13 draft 18 build option and just use the final version. This allows the automated test scripts to pass. 2020-06-04 15:31:18 -07:00
David Garske
4d8cf5b571 Fixes for building TLSv1.3 with FIPS v1 (no RSA PSS or HKDF). 2020-06-04 15:31:18 -07:00
David Garske
8300754ecd Fix for "testsuite" with TLSv1.3 and --enable-sniffer. 2020-06-04 15:31:18 -07:00
David Garske
ba8227bcf7 Fix for building TLS v1.3 with NO_WOLFSSL_CLIENT. 2020-06-04 15:31:18 -07:00
David Garske
b417a76613 Fixes for build TLS v1.3 with NO_CERTS. 2020-06-04 15:31:18 -07:00
David Garske
093d9981fb Disable fast-rsa if RSA PSS is enabled (not supported). 2020-06-04 15:31:18 -07:00
David Garske
cd1c2d5fae Enable TLS v1.3 by default. Remove old TLS v1.3 draft build support. 2020-06-04 15:31:18 -07:00
toddouska
3529d9a40d Merge pull request #3016 from kaleb-himes/FIPSv2-MAINTENANCE 
New OpenSSL features relying on changes in module files must account for locked FIPS versions of those files
 2020-06-04 15:08:17 -07:00
JacobBarthelmeh
976db2545d Merge pull request #3007 from embhorn/zd10318 
Fix OOB access in ParseCRL
 2020-06-04 13:11:59 -06:00
toddouska
23d1550439 Merge pull request #2989 from julek-wolfssl/openvpn 
Additional OpenSSL compat layer stuff
 2020-06-04 11:57:55 -07:00
toddouska
b48699c1f0 Merge pull request #3022 from cconlon/jnisni 
enable SNI by default for JNI/JSSE build
 2020-06-04 11:07:56 -07:00
toddouska
79465d70f7 Merge pull request #3020 from SparkiDev/tls13_psk_cr 
TLS 1.3: Never send CertiifcateRequest when PSK
 2020-06-04 11:07:22 -07:00
Jacob Barthelmeh
c8b87eab5f fix macro to match *_FLAGS_* 2020-06-04 11:53:46 -06:00