wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 15:02:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,287 Commits 12 Branches 184 Tags
de77d5cc832413518fdf9b03c339600a4ff246e3
Commit Graph

1546 Commits

Author SHA1 Message Date
David Garske
4c8d228080 Added WOLFSSL_ALT_CERT_CHAINS option to enable checking cert aginst multiple CA's. Added new API's for wolfSSL_get_peer_alt_chain and wolfSSL_is_peer_alt_cert_chain, which allow a way to know if alternate cert chain is used and provides a way to get it (when SESSION_CERTS is defined). Cleanup of the defines to enable debugging certs (just use SHOW_CERTS now). 2017-10-10 08:55:35 -07:00
Sean Parkinson
898893fbcd Fix for MULX asm 2017-10-10 09:41:17 +10:00
Sean Parkinson
152c24f210 Fix aesni code for avx2 2017-10-05 13:02:33 +10:00
Takashi Kojo
918a5fd5a6 Merge pull request #1164 from SparkiDev/asm_mulx 
Get the multiplcation code using MULX to work consistently
 2017-09-30 09:51:03 +09:00
JacobBarthelmeh
3b12b7223a Merge pull request #1160 from dgarske/asn_extkeyusage 
ASN Extended Key Usage Support
 2017-09-28 11:31:04 -06:00
JacobBarthelmeh
c836724685 Merge pull request #1162 from cconlon/mysql_compat 
wolfSSL_ERR_peek_error() with WOLFSSL_MYSQL_COMPATIBLE
 2017-09-28 09:51:07 -06:00
JacobBarthelmeh
7350bf93b3 Merge pull request #1153 from dgarske/fix_testbench_castwarns 
Fix cast warnings with wolfCrypt test/benchmark
 2017-09-28 09:41:21 -06:00
JacobBarthelmeh
fd9b2d3b8d Merge pull request #1116 from dgarske/stm32_hash 
Fixes for STM32 hardware acceleration
 2017-09-28 09:35:36 -06:00
Sean Parkinson
0376a53f6b Get the multiplcation code using MULX to work consistently 2017-09-28 09:12:29 +10:00
Chris Conlon
6c85bc5d3d enable functionality of wolfSSL_ERR_peek_error() when WOLFSSL_MYSQL_COMPATIBLE defined 2017-09-27 10:56:04 -06:00
Chris Conlon
4f15cde2eb Merge pull request #1155 from dgarske/fixes_pic32mz 
PIC32MZ minor build warning fixes
 2017-09-26 16:26:32 -06:00
David Garske
9eb7e2aafa ASN1 Extended Key Usage support. Adds new wc_SetExtKeyUsage() API. Available only with --enable-certext or WOLFSSL_CERT_EXT. 2017-09-26 12:05:46 -07:00
dgarske
8f3aa49ef6 Merge pull request #1149 from ejohnstown/aesgcm-init 
AES-GCM-NI Init
 2017-09-25 16:13:55 -07:00
John Safranek
0ced1f4847 AESGCM Init 
1. Update the AES-GCM with AES-NI 128-bit constant initializers so they work on both GCC/Clang and MSC.
* MSC uses a union for the type where the first member is a 16-byte array.
* GCC/Clang uses a 16-byte vector masking as a long long array.
2. Disable AES-GCM loop unrolling for Windows, when using AES-NI in 32-bit mode.
 2017-09-22 15:28:47 -07:00
David Garske
ee6f88cd98 Fix cast warnings with wolfCrypt test/benchmark. Cleanup of 80 char max line length in wolfCrypt test. 2017-09-22 15:22:42 -07:00
JacobBarthelmeh
6451e12313 Merge pull request #1154 from dgarske/fix_async 
Fixes for building with async
 2017-09-22 16:01:28 -06:00
JacobBarthelmeh
763d5f26c7 Merge pull request #1031 from dgarske/math_update 
Math updates
 2017-09-22 15:26:34 -06:00
dgarske
2c4844d5ef Merge pull request #1146 from ejohnstown/compat 
OpenSSL Compatibility Additions and Fixes
 2017-09-22 14:19:28 -07:00
David Garske
4a510218c2 Tested PPC32 with TFM_PPC32. Fixed warning with possible uninitialized use of sc0, sc1 and sc2. 2017-09-22 11:37:00 -07:00
David Garske
eec5f9bb41 Fixes for benchmark after buffers were moved into thread. Needed THREAD_LS_T and fixed benchmark alloc failure cleanup. 2017-09-22 11:35:46 -07:00
David Garske
218f944984 Fix for building async with AES XTS. 2017-09-22 11:12:23 -07:00
David Garske
a2ed22286f Adds TFM_MIPS (tested on PIC32MZ2048EFM144 with XC32 v1.44). Adds check for mp_read_radix to return failure for invalid character. Adds checking for s_mp_sub response code. Improved mp_init_copy error handling. Improved init to use size where applicable. Asm PPC 32 changes to add r to register. Asm formatting cleanups. 2017-09-22 09:48:35 -07:00
David Garske
3f493770d4 Fixes bug with creation of the KeyUsage BitString which was always adding the optional second byte reguardless of len, which created invalid ASN if value provided was less than 256. Bug was introduced with ASN refactor in commit fd9e41dd99. 2017-09-20 15:00:24 -07:00
dgarske
2f96f1ae9f Merge pull request #1150 from kaleb-himes/HASH_DRBG_UPDATE 
Update HASH_DRBG Reseed mechanism and add test case
 2017-09-20 13:15:17 -07:00
kaleb-himes
5777b92745 Improved solution 2017-09-20 11:25:51 -06:00
dgarske
5e6213bfa1 Merge pull request #1140 from JacobBarthelmeh/RSA-fix 
account for 8k keys with MySQL compatibility
 2017-09-20 10:05:32 -07:00
dgarske
28c15bed1c Merge pull request #1141 from SparkiDev/chacha_avx1 
Fix ChaCha to check for AVX1
 2017-09-20 09:57:20 -07:00
kaleb-himes
60dca94821 Update HASH_DRBG Reseed mechanism and add test case 2017-09-20 10:36:36 -06:00
David Garske
4d8e1c9e5a Minor build fixes for unused function and variable. 2017-09-19 12:48:57 -07:00
David Garske
816767744f Fix for STM32 AES-CTR (tested on STM32F437). Improvement to the STM32 RNG code to detect improper RNG_CLK. Cleanup of the PIC32MZ Aes struct variables and the AES-CTR (tested on PIC32MZ2048). 2017-09-18 16:08:09 -07:00
John Safranek
2620cb4559 OpenSSL Compatibility Additions and Fixes 
1. Added a check on the hex2bn function for null strings to be treated like the NULL pointer.
2. Added some more test cases to the big number unit test.
3. Added wolfSSL_EVP_add_cipher() analogous to wolfSSL_EVP_add_digest().
4. Implemented `RSA_public_encrypt()` and `RSA_private_decrypt()` for the OpenSSL compatibility layer.
5. Added `RSA_PKCS1_OAEP_PADDING` as an option to the new functions.
6. Fixed the constness on the `from` parameter in function `RSA_public_decrypt()`. Note: this does not allow OAEP to be used in FIPS mode.
7. Added size constants for EVP_MAX_BLOCK_LENGTH, RSA_PKCS1_PADDING_SIZE, and RSA_PKCS1_OAEP_PADDING_SIZE.
8. Added functions `wolfSSL_EVP_PKEY_new_mac_key()` and `wolfSSL_EVP_PKEY_get0_hmac()` for storing HMAC keys in an EVP_PKEY structure for use later.
9. Added the routines EVP_DigestSignXXX(). They only work w.r.t HMAC.
10. Added the ForceZero() to EVP_MD_CTX_cleanup().
11. Modified the EVP_MD_CTX structure to have a union with both the hasher and a wolfCrypt Hmac structure.
12. Added a mapping of SHA1->SHA to the list of digest name aliases in wolfSSL_EVP_get_digestbyname().
13. Changed the mapping of ssl3-sha1->SHA.
14. When using RSA blinding, the OpenSSL compatibility layer RSA object was attempting to decrypt without an RNG. Added an RNG if needed.
15. Add comment to wolfSSL_BN_hex2bn() to cover usage w.r.t. string length. Remember to keep the length even, front-pad with zeroes if needed.
16. Added tests for the new functions.
 2017-09-18 13:53:44 -07:00
David Garske
a9e540fc07 Moved the bench_ buffer allocation/free into the thread, so the THREAD_LS has a unique one for each which resolves issues with benchmark when using the USE_QAE_THREAD_LS option. 2017-09-15 14:02:06 -07:00
dgarske
23903ec903 Merge pull request #1144 from kaleb-himes/FIPS-TEST 
NULL plaintext input is supported in FIPS testing
 2017-09-15 13:21:32 -07:00
David Garske
3f16fba4f8 Fix build warning with possible use of unitialized ret. 2017-09-15 10:41:43 -07:00
David Garske
27d607efa3 Fixes for AES on STM32 with StdPeriLib and fix for building with NO_STM32_CYPTO. Researching better solution for AES-CTR. 2017-09-15 10:39:09 -07:00
David Garske
dcab2f47ee Fixes for STM32 hardware acceleration. Adds CubeMX HAL hashing support for MD5, SHA1, SHA224 and SHA256. Adds support for STM32F7 (WOLFSSL_STM32F7). Fixes issue with AES-GCM and STM32F2. Cleanup of the STM32 macros (adds NO_STM32_HASH, NO_STM32_CRYPTO and NO_STM32_RNG to optionally disable hardware acceleration). 2017-09-15 10:39:09 -07:00
kaleb-himes
63e8d63943 Update following review 2017-09-15 10:52:33 -06:00
kaleb-himes
1f7d73f626 NULL plaintext input is supported in FIPS testing 2017-09-14 20:14:21 -06:00
Jacob Barthelmeh
e10b2f027f fix for clang warning on RsaKey redefinition 2017-09-14 15:08:15 -06:00
Jacob Barthelmeh
1b3a8f40b8 account for 8k keys with MySQL compatibility 2017-09-14 09:37:32 -06:00
Sean Parkinson
7721aca114 Fix ChaCha to check for AVX1 2017-09-14 09:07:04 +10:00
toddouska
23fff62d8b Merge pull request #1135 from dgarske/cy 
Fix issue with empty array (requires C99 compliance).
 2017-09-13 14:39:50 -07:00
toddouska
4c31c53f37 Merge pull request #1128 from JacobBarthelmeh/AES 
AES XTS feature addition
 2017-09-13 14:38:15 -07:00
Jacob Barthelmeh
398252ddad add XtsAes structure and change XTS-AES API 2017-09-08 16:00:33 -06:00
David Garske
2c39219f2a Fix issue with empty array (requires C99 compliance). 2017-09-08 11:24:55 -07:00
Kaleb Himes
c018a1abf3 Merge pull request #1130 from SparkiDev/cpuid_fix 
MSVC fix around cpuid check
 2017-09-08 11:04:50 -06:00
Jacob Barthelmeh
c482524b78 big endian testing and packing Aes struct 2017-09-01 15:32:55 -06:00
Sean Parkinson
6a226efd15 MSVC fix around cpuid check 2017-09-01 08:43:28 +10:00
Kaleb Himes
3da5ddd49e Merge pull request #1123 from SparkiDev/poly1305_fix 
Fix for the AVX implemetation of Poly1305
 2017-08-31 10:21:00 -06:00
Jacob Barthelmeh
ef73c1df7c add AES-XTS mode --enable-xts 2017-08-30 17:50:15 -06:00