Commit Graph

7355 Commits

Author SHA1 Message Date
JacobBarthelmeh 7b52913451 Merge pull request #6345 from kareem-wolfssl/zd16035
Fix getting key size in stm32_ecc_sign_hash_ex.
2023-04-27 13:32:47 -06:00
JacobBarthelmeh bbad64649b Merge pull request #6340 from SparkiDev/minor_fixes_1
Minor fixes
2023-04-27 10:02:06 -06:00
JacobBarthelmeh ca4a17ebf6 Merge pull request #6339 from SparkiDev/asn_orig_ocsp_fix
ASN original, OCSP: fix maximum size calc to GetDateInfo
2023-04-26 16:36:55 -06:00
Kareem e7e2713bba Fix getting key size in stm32_ecc_sign_hash_ex. 2023-04-26 15:00:59 -07:00
JacobBarthelmeh ccb9bdd903 set dev ID with signature check (#6318)
* set dev ID with signature check

* refactor devId use and add API to set devId in WOLFSSL_CERT_MANAGER structure

* add api.c call to set devid with WOLFSSL_CERT_MANAGER

* resolving devID CRL issue and CM pointer

* add device find callback

* add simple test case
2023-04-26 11:19:00 -07:00
David Garske 3556b7adb7 Merge pull request #6338 from JacobBarthelmeh/certs
revert WOLFSSL_NO_ASN_STRICT macro guard
2023-04-26 11:16:04 -07:00
JacobBarthelmeh 32c6a66a4e Merge pull request #6341 from douzzer/20230425-analyzer-coddling
20230425-analyzer-coddling
2023-04-26 11:22:23 -06:00
Chris Conlon 4526df6d78 Merge pull request #6199 from JacobBarthelmeh/PKCS7
add messageDigest attribute if adding any custom signed attributes
2023-04-26 09:23:22 -06:00
Daniel Pouzzner 5538d65a79 wolfcrypt/src/asn.c: add to DecodeCertInternal() a workaround for an apparent clang-tidy bug, gated on WOLFSSL_CLANG_TIDY, and add a missing cast to mollify -Wconversion;
wolfssl/wolfcrypt/sp_int.h: refactor MP_INT_SIZEOF() using sizeof(sp_int_minimal) and addition, rather than sizeof(sp_int) and subtraction, for clarity and analyzer mollification.
2023-04-26 00:05:37 -05:00
Sean Parkinson 5b0c017a94 ASN original, OCSP: fix maximum size calc to GetDateInfo
GetDateInfo called with a local index (reset to 0) but size is of
original buffer. Subtract the index into original buffer from size to
get size available for parsing.
2023-04-26 11:18:29 +10:00
Sean Parkinson a5a4c71121 Minor fixes
EncryptContent() - id not initialized
sp_int.c: cast count to int to ensure same type comparison with i.
2023-04-26 11:05:07 +10:00
Sean Parkinson c4233e7aec Merge pull request #6288 from JacobBarthelmeh/Testing
avoid callback buffer overwrite with sha512_224 and remove min from w…
2023-04-26 08:36:20 +10:00
Sean Parkinson 7fb9540176 Merge pull request #6337 from JacobBarthelmeh/fuzzing
add sanity check on PKCS7 index value
2023-04-26 08:33:25 +10:00
JacobBarthelmeh 71f71074f8 revert WOLFSSL_NO_ASN_STRICT macro guard 2023-04-25 13:32:19 -07:00
Jacob Barthelmeh bbe9c694a6 more specific naming for attribute types 2023-04-25 13:56:29 -06:00
JacobBarthelmeh d701a0a06e add sanity check on PKCS7 index value 2023-04-25 08:30:33 -07:00
JacobBarthelmeh 57de292d19 add guard for random with CAAM + MQX 2023-04-24 16:29:22 -07:00
JacobBarthelmeh a991ce1a6b Merge pull request #6327 from SparkiDev/memusage_5
Memory usage improvements
2023-04-24 16:42:56 -06:00
JacobBarthelmeh e1d1bef085 Merge pull request #6321 from SparkiDev/sp_int_missing_brace
SP int: missing brace
2023-04-24 10:00:39 -06:00
Sean Parkinson 2d06718857 Memory usage improvements
TLS 1.3 Server: don't cache the messages for Ed25519/Ed448 when doing
TLS 1.3.

ASN DecodeCertInternal: Call GetCertName for issuer and subject after
freeing the dataASN.
2023-04-24 11:12:00 +10:00
Sean Parkinson 865581704e Merge pull request #6312 from philljj/zd15961
Fix out-of-bounds write in fp_mod_2d.
2023-04-24 08:03:02 +10:00
JacobBarthelmeh 60d059fc9e Merge pull request #6305 from SparkiDev/sp_radix_size_stack_fix
SP int: sp_radix_size when radix 10 fix temp size
2023-04-21 09:59:56 -06:00
JacobBarthelmeh e194c90b3e Merge pull request #6326 from SparkiDev/ecc_key_max_bits_fix
ECC: max bits for a key must handle order as well
2023-04-21 09:47:42 -06:00
JacobBarthelmeh 12cec5ec61 Merge pull request #6325 from SparkiDev/memusage_fix_4
Memory Usage fixes
2023-04-21 09:37:11 -06:00
Sean Parkinson 0cc50521b6 ECC: max bits for a key must handle order as well
The order may be 1 bit larger than prime for some curves.
Handle this in calculation of maximum size of curve.

SP int _sp_mont_red(): ensure m->used is never 0 when doing default
implementaion.
2023-04-21 11:23:47 +10:00
Sean Parkinson d414ae9492 Memory Usage fixes
Ed25519CheckPubKey/Ed448CheckPubKey: get the public key from certificate
in a new function, wc_CertGetPubKey, that uses less memory.
Set the ENCRYPT_BASE_BITS to minimal values when Curve448/Curve25519 are
the largest public key algorithms.
2023-04-21 09:59:38 +10:00
Sean Parkinson 0bae919a9c SP int: ensure declaration of sp_ints are with valid values
Move declaration of sp_ints until after checks of valid parameters.
In particular, whether used field of input/s are valid.
Pull implementations of algorithms out into separate functions as a
pattern to fix.
2023-04-21 08:48:38 +10:00
Sean Parkinson 8994aab0ed SP int: sp_radix_size when radix 10 fix temp size
SP int should be able to calculate size of encoded number for a radix of
10 when mp_int has all digits used.
sp_radix_size declared a temporary mp_int of 1 greater than input. Don't
need it 1 greater. Stack declaration of maximum plus one caused address
sanitizer error.
Changed temporary mp_int to be same size as input mp_int.
2023-04-21 08:46:46 +10:00
Lealem Amedie 42be04f323 Remove duplicate line 2023-04-20 16:45:53 -06:00
Lealem Amedie a963adc33d Add more comments for alternatives and security risk 2023-04-20 14:36:22 -06:00
Lealem Amedie b0c6a3ec75 Adding NO_ASN_TIME_CHECK build option 2023-04-20 14:16:00 -06:00
JacobBarthelmeh d099fe34b5 Merge pull request #6324 from SparkiDev/sp_int_thumb_asm_r7
SP int: ARM Thumb ASM don't use r7 on debug
2023-04-20 10:51:19 -06:00
JacobBarthelmeh ebff7f46b7 Merge pull request #6323 from SparkiDev/sp_c_to_bin_mp_fix
SP C: fix handling of oversized arrays
2023-04-20 09:24:06 -06:00
David Garske c761f587f6 Merge pull request #6278 from julek-wolfssl/fix-zephyr
Zephyr port update
2023-04-20 06:48:02 -07:00
Sean Parkinson 1d94521abe SP int: ARM Thumb ASM don't use r7 on debug
When DEBUG is defined, use versions of assembly code that don't use
register r7.
2023-04-20 15:13:54 +10:00
Sean Parkinson 32e2775d34 SP C: fix handling of oversized arrays
For mul and sqr implementation efficiency the fixed array has extra
digits beyond what is needed. When encoding, only put in the useful
digits.
2023-04-20 12:42:51 +10:00
Daniel Pouzzner da9cda7eae wolfcrypt/src/pkcs12.c: fix non-portable casts;
wolfcrypt/src/sp_int.c: use unsigned int, not word32, for sign variables, to match type in header file.
2023-04-19 21:22:34 -05:00
Sean Parkinson 4ec23571c6 SP int: missing brace
Missing a brace in sp_exptmod_ex().
2023-04-20 08:27:44 +10:00
Daniel Pouzzner 2a00b67056 revert change in wc_ShaFinal() capturing InitSha() retval, introduced in 510038022f, to (void)ed result. 2023-04-19 17:25:33 -05:00
Daniel Pouzzner 8f610bb156 fix for retval overwrite (warned by clang-analyzer-deadcode.DeadStores) in sha.c:wc_ShaFinal();
fix for benign clang-analyzer-deadcode.DeadStores in aes.c:wc_AesFeedbackEncrypt();

fix for cppcheck:selfAssignment in chacha.c:wc_Chacha_wordtobyte().
2023-04-19 15:53:48 -05:00
Daniel Pouzzner f396989d20 more -Wconversion fixes, now covering everything inside the 140-3 boundary with default build options, everything in wolfcrypt with default build options, all modes of AES, builds with/without intelasm, all permutations of c89/c99 32/64 bit, and much of the crypto-all-cryptonly boundary;
also a gating fix for asn.c:SetShortInt().
2023-04-19 15:26:05 -05:00
JacobBarthelmeh 3865f943c3 Merge pull request #6203 from julek-wolfssl/xor-optim
Try to XOR as many words as possible in xorbuf APIs
2023-04-19 11:59:33 -06:00
JacobBarthelmeh 0e64972c86 Merge pull request #6316 from SparkiDev/memusage_fix_3
ASN.1 template: CheckCertSignature memory usage fix
2023-04-19 10:37:11 -06:00
Juliusz Sosinowicz c9d91c5e79 Zephyr port update
- Add CONFIG_PTHREAD_IPC when using threads
- Add logging config suggestions
- test.c: fix undefined `ret` error
- Increase stack size for samples
- Ignore ASN_BEFORE_DATE_E in examples
- wc_port.h: add missing posix thread includes
- wc_port.h: move definitions to relevant section
- benchmark.c: fix missing `arc` and `argv` errors
- benchmark.c: fflush does not work on stdout in Zephyr
- Update z_fs_open implementation to support flags
2023-04-19 18:18:00 +02:00
Juliusz Sosinowicz 81c9062973 sakke.c: use xorbuf 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz bed99401a0 hpke.c: use xorbufout in wc_HpkeContextComputeNonce 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz 3c57228197 aes.c: Use xorbufout when possible 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz 6079b92e26 xorbuf: fix alignment when possible 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz 82e8eb2f70 rsa.c: Use xorbuf when possible 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz e7ae64d9b5 pkcs12.c: Ignore param when heap not used 2023-04-19 17:05:03 +02:00