Commit Graph

52 Commits

Author SHA1 Message Date
Martin Akman 1f8d4149a5 Merge in master 2020-07-23 21:39:18 +10:00
David Garske 13e6462ea7 Fixes for build with STM32 Standard Periperal Library (StdPeriLib). 2020-05-19 17:42:36 -07:00
Sean Parkinson 411aee6e05 Fixes from cppcheck
Added PRIVATE_D version of rsa private key operation for SP
implementation for specific platforms.
WC_NO_RNG results in warnings when RNG calls don't do anything.
Added ifdef checks for variables not used otherwise.
Remove superfluous if statements like when checking ret == 0.
Change names of globals that are generic and are used locally before
global definition.
Remove definition of variable len that isn't used except as a
replacement for sz which is parameter.
Don't subtract two variables when one has just been assigned the value
of the other.
Fix shifting of signed value.
Fix parameter checking in aes.c and des3.c for platform specific code.
2020-04-08 09:46:22 +10:00
Martin Akman 20c0beb9e5 'WOLFSSL_USE_FLASHMEM' to store constant tables in flash memory 2020-01-31 23:43:17 +10:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
David Garske b676c69561 Fix for DES mutex return code. Fix TLS bench thread shutdown. README.md updates. 2019-11-18 06:46:20 -08:00
David Garske 27d95d1dfd Add mutex protection on STM32 RNG, AES/DES and Hashing crypto hardware calls for thread safety. Fixes #2580 2019-11-15 12:08:11 -08:00
David Garske 7386bd4df1 Fixes for building with ./configure --enable-asynccrypt --enable-all CFLAGS="-DWC_ASYNC_NO_CRYPT" 2019-10-22 13:37:16 -07:00
David Garske 5c07391f1b Various fixes for asynchronous mode:
* Fix for AES CBC issue with IV (QAT only).
* Fix for test cases with QAT.
* Remove poorly placed debug for AES CFB.
2019-10-15 11:18:55 -07:00
John Safranek 9a5eb1bb67 Synchronous Quick Assist Support for Sniffer
1. Add configure option for sync IntelQA that uses the crypto callback API.
2. Refactor the IntelQA configure checks so they are usable by both the sync and async options.
3. Make a synchonous copy of the quickassist files.
4. Replace the printfs in the code with a logging macro.
5. Added padding to the AES_KEY structure for WOLF_CRYPTO_CB.
6. Tie in the crypto device to the sniffer.
7. When setting up the symmetric operation, add a build case for the sniffer to use malloc instead of realloc. Sniffer usually uses the middle of another buffer for the input data rather than the beginning of the buffer as it has the TCP/IP data to handle as well.
8. Add the raw key to the DES3 structure.
9. Copy the functions from qa_mem over to qa_sync.
2019-10-02 10:08:46 -07:00
David Garske d5f3fa2ff8 Added DES3 Crypto callback support. 2019-07-02 10:15:53 -07:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
John Safranek 586874b997 Rename INLINE
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
2018-06-26 15:17:46 -07:00
John Safranek 90a5bde0f2 FIPS Revalidation
1. Update the const data and code segment tags for the Windown builds.
2018-05-16 15:47:12 -04:00
John Safranek f6fe3744a7 FIPS Update
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-05-16 15:47:12 -04:00
David Garske 7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske dcab2f47ee Fixes for STM32 hardware acceleration. Adds CubeMX HAL hashing support for MD5, SHA1, SHA224 and SHA256. Adds support for STM32F7 (WOLFSSL_STM32F7). Fixes issue with AES-GCM and STM32F2. Cleanup of the STM32 macros (adds NO_STM32_HASH, NO_STM32_CRYPTO and NO_STM32_RNG to optionally disable hardware acceleration). 2017-09-15 10:39:09 -07:00
David Garske 44a3622248 Fixes to better handle threading with async. Fix wc_CamelliaCbcEncrypt return code checking. Fix to ensure cycles per byte shows on same line. Refactor of async event state. Refactor to initalize event prior to operation (in case it finishes before adding to queue). Add HAVE_AES_DECRYPT to --enable-all option. Cleanup benchmark error display. 2017-08-15 21:19:28 -07:00
David Garske 4e735631e7 Fixes for PIC32MZ:
* Adds crypto HW support for AES Direct and AES CCM.
* Fixes to enable PIC32MZ hardware hashing where updates are cached via heap buffer and final performs single operations against hardware.
* Fix for benchmark with 1024-bit certs passing in wrong size for `wc_RsaPrivateDecrypt` when using `USE_CERT_BUFFERS_1024`.
* Fix to resolve missing `strncasecmp` for the Microchip XC32. Workaround to use case sensitive version instead. This error occurred when building with HAVE_ECC defined in Harmony with XC32.
* Cleanup of the PIC32MZ crypto and hashing hardware code. Replace `pic32mz-hash.c` with `pic32mz-crypt.c`
* Add user_settings.h for mplabx and mcapi examples.
* Sync up with Harmony changes for MCAPI.
2017-08-01 12:42:09 -07:00
Chris Conlon c099137450 add classic Kinetis mmCAU support, FREESCALE_USE_MMCAU_CLASSIC 2017-06-28 16:32:35 -06:00
jrblixt 4d458831b7 Jenkins fixes. 2017-05-24 11:50:18 -06:00
jrblixt b47fca5760 Patched and Clean up for PR. 2017-05-24 11:50:13 -06:00
David Garske c1640e8a3d Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-10 14:45:05 -07:00
Jacob Barthelmeh 6520a77fac DES ECB prototypes 2016-12-28 14:44:05 -07:00
Takashi Kojo bb400789b8 add EVP_Cipher with EVP_aes_256_ecb() 2016-12-28 14:44:05 -07:00
Nickolas Lapp 82c12fb7be Fix DES3 on STM32 CUBEMX 2016-12-07 10:20:46 -07:00
David Garske 4a7651a09a STM32 F2/F4 CubeMX and Std Peripheral Library hardware crypto support for RNG, AES, SHA1, DES3 and MD5. Adds new WOLFSSL_STM32_CUBEMX and WOLFSSL_STM32F4 defines. Tested on STM32F437II. 2016-12-05 14:22:59 -08:00
David Garske 8e64d564dc NXP/Freescale K8X MMCAU / LTC core support for RSA, ECC, Ed/Curve25519, AES, DSA, DES3, MD5, RNG, SHA and SHA2. 2016-12-05 09:01:59 -08:00
Nickolas Lapp 1792eba1a2 Rename *Mutex Functions with wc_ prefix. Expose these functions for
Stunnel. Various other changes to enable stunnel compling
2016-10-03 16:36:05 -06:00
David Garske 17a34c5899 Added asynchronous wolfCrypt RSA, TLS client and Cavium Nitrox V support. Asynchronous wolfSSL client support for "DoServerKeyExchange", "SendClientKeyExchange", "SendCertificateVerify" and "DoCertificateVerify". Fixes for async DTLS. Refactor of the wolf event and async handling for use in wolfCrypt. Refactor of the async device support so its hardware agnostic. Added Cavium Nitrox V support (Nitrox tested using SDK v0.2 CNN55XX-SDK with new configure "--with-cavium-v=/dir" option). Moved Nitrox specific functions to new port file "port/cavium/cavium_nitrox.c". RSA refactor to handle async with states. RSA optimization for using dpraw for private key decode. Use double linked list in wolf event for faster/cleaner code. Use typedef for wolf event flag. Cleanup of the async error codes. wolfCrypt test and benchmark support for async RSA. Asynchronous mode enabled using "./configure --enable-asynccrypt". If no async hardware is defined then the internal async simulator (WOLFSSL_ASYNC_CRYPT_TEST) is used. Note: Using async mode requires async.c/h files from wolfSSL. If interested in using asynchronous mode please send email to info@wolfssl.com. 2016-08-15 13:59:41 -06:00
toddouska 6e5b23e102 Merge pull request #370 from dgarske/stm_aes_gcm_ccm
Enhancement to the STM32F2_CRYPTO port to support AES GCM, AES CCM an…
2016-03-30 13:39:35 -07:00
Jacob Barthelmeh e60adfc9da better naming of macro and alter misc.c check 2016-03-29 13:42:40 -06:00
Jacob Barthelmeh 2665db73a4 check for compiling misc.c when not needed 2016-03-28 16:03:15 -06:00
David Garske 3796fc1322 Enhancement to the STM32F2_CRYPTO port to support AES GCM, AES CCM and AES-Direct (for encrypt only) using combination of software and AES HW acceleration. 2016-03-24 07:08:42 -07:00
Jacob Barthelmeh e99a5b0483 prepare for release v3.9.0 2016-03-17 16:02:13 -06:00
David Garske f8876854f4 Spelling fixes in comments and error strings (ALGO_ID_E, ASN_TIME_E and WOLFSSL_ERROR function). 2016-01-29 16:13:09 -08:00
David Garske 67861bb222 Added crypto hardware mutex capabilities to wolfcrypt/wc_port. Added optional define "WOLFSSL_CRYPT_HW_MUTEX" to override use of hardware mutex. Enabled hardware mutex protection for Freescale MMCAU. Cleanup of the AES FREESCALE_MMCAU implementation to use wc_AesEncrypt/wc_AesDecrypt wrappers. Fixes #154. 2015-10-13 12:36:24 -07:00
toddouska 31439e2baa remove unneeded tmp from plain DES cbc decrypt 2015-09-23 11:01:22 -07:00
toddouska 78cc76b3cd move DES oneshot APIs out of des.[hc] 2015-07-30 12:51:33 -07:00
toddouska 38fb8caec8 restore FIPS des3 build w/o opensslextra 2015-07-27 14:56:26 -07:00
Ludovic FLAMENT 349edd40c2 Add support for OpenSSH ssh-keygen tools
refactor existing code
2015-07-22 14:18:07 +02:00
Takashi Kojo d67168d539 aes.c cleaned. ti-has.c, ti-aes.c, ti-des3.c are included in each respective algorithm source file. 2015-05-28 20:40:53 +09:00
Takashi Kojo aaa1fe813a Added aes.c/des3.c 2015-05-22 09:55:49 +09:00
Takashi Kojo 1e3fa1fac3 adjusting pic32mz code to wolfssl 2015-02-18 07:38:41 +09:00
Jacob Barthelmeh d366599285 adding comment to header and _fips to c files 2015-01-08 10:42:01 -07:00
kaleb-himes a389620a29 Copyright (C) updates 2015-01-08 09:39:04 -07:00
kaleb-himes 639637278d CYASSL -> WOLFSSL macros 2015-01-07 13:17:57 -07:00
Jacob Barthelmeh b91934f065 change to header files and update of function calls in src folder 2015-01-01 14:48:33 -07:00
Jacob Barthelmeh e3c82842a5 rsa des3 random : update 2014-12-31 15:31:50 -07:00