wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 21:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,589 Commits 12 Branches 184 Tags
dec8a7fd93a8ea1c96a5ca7685cd4ec8424128ad
Commit Graph

6520 Commits

Author SHA1 Message Date
David Garske
dec8a7fd93 Fixes for SE050 Curve25519 endianness (SDK assumes little endian). Fix for ECC se050_ecc_shared_secret use of wrong pointer on error handle free. 2022-07-14 15:34:50 -07:00
Andrew Hutchings
3f390efb24 Missed a small part of my original SE050 sign fix 
Empty keyId handling now exists so we shouldn't return `BAD_FUNC_ARG`.
 2022-07-14 07:47:33 +01:00
Andrew Hutchings
c211b90aab Merge pull request #5357 from dgarske/se050_fixes 
Fixes for SE050 ED25519 private key loading and Curve25519/ECC handle leak
 2022-07-14 07:14:54 +01:00
Sean Parkinson
b69af856de Ed ASN template: change for IMPLICIT public key in private key 
Fix KATs in test.c to match new expected format.
 2022-07-14 10:19:43 +10:00
David Garske
2d5bc72c9b Fixes for ED25519/ED448 private key with public key export (RFC8410). Added length only support. 2022-07-13 16:17:08 -07:00
David Garske
586ae71dac Fixes for SE050 ECC and Curve25519 with TLS. 2022-07-13 10:50:10 -07:00
Daniel Pouzzner
dc231dc099 peer review: add explanatory comment for printf() macro in test.c; rearrange test.h to avoid awkward forward declaration and add some topical grouping. 2022-07-12 18:19:52 -05:00
Daniel Pouzzner
b64949d564 wolfcrypt/benchmark/benchmark.c: fix gating for #include <errno.h>, and add #include <unistd.h> for _exit(). 2022-07-11 23:15:43 -05:00
Daniel Pouzzner
ccc5952369 global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked; 
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
 2022-07-11 22:28:09 -05:00
David Garske
e30899b676 Merge pull request #5334 from LinuxJedi/se050-fixes 
Fixes to SE050 port
 2022-07-11 16:15:08 -07:00
JacobBarthelmeh
983b9fc5fb Merge pull request #5343 from dgarske/ecc_oid_coding 
Fixes for ECC OID encoding/decoding
 2022-07-08 15:38:47 -06:00
David Garske
4892435004 Fix for wc_ecc_get_curve_id_from_oid with combinations of HAVE_OID_ENCODING and HAVE_OID_DECODING. Fix in SetCurve for unused outSz with HAVE_OID_ENCODING. 2022-07-08 13:00:09 -07:00
David Garske
03a32250da Fix for KCAPI HMAC forcing use of software for HKDF. 2022-07-08 09:06:30 -07:00
David Garske
3d124c093e Fix PK function name in log. Remove the ECC logging (spams benchmark with --enable-debug). 2022-07-08 09:06:08 -07:00
David Garske
c9e9a421e9 Merge pull request #5336 from SparkiDev/aes_ctr_opt 
AES-CTR: improve performance when multiple blocks
 2022-07-07 21:51:08 -07:00
Sean Parkinson
2bfac42d65 AES-CTR: improve performance when multiple blocks 
When in and out aren't the same pointer, for multiples of block size
input:
  - generate the counters into the output buffer
  - encrypt output buffer
  - XOR in the input
Faster than encrypting a block at a time.
 2022-07-08 09:56:20 +10:00
Sean Parkinson
70b9833e98 ECC import and export fixes 
On raw import, don't import ordinates that are larger than the curve
size.
On export of compressed point, don't export ordinate if it is larger
than the curve size.
 2022-07-08 08:54:53 +10:00
Chris Conlon
5e453ad932 Merge pull request #5323 from SparkiDev/sha512_arm32_asm_align 2022-07-07 09:47:37 -06:00
Andrew Hutchings
34d897e433 Fixes to SE050 port 
This fixes the following things:

* Memory leaks in SE050 SHA messages
* Add key to SE050 for ECC sign hash function
* Remove circular include
* Correct prototype for `se050_hash_final`
* A few defined check fixes
 2022-07-07 16:11:54 +01:00
David Garske
a771baf551 Merge pull request #5332 from SparkiDev/memusage_fix_2 
SP math: fix configure.ac to allow its use
 2022-07-07 07:40:13 -07:00
Daniel Pouzzner
2111d6b179 Merge pull request #5322 from SparkiDev/sp_math_all_arm32_div_word_fix 
SP math all: fix div word for ARM32
 2022-07-06 22:18:07 -05:00
Sean Parkinson
74baa0dafa SP math: fix configure.ac to allow its use 
Choosing SP and SP math was resulting in only integer.c being used.
Fixed now.
Reorder realloc calls for memory logging to ensure scripts can match
allocate and free calls.
 2022-07-07 12:16:12 +10:00
Sean Parkinson
992c7b3b6f SP math all: fix div word for ARM32 
Fixup sp_mulmod NULL access.
 2022-07-07 08:56:31 +10:00
Daniel Pouzzner
82b1dc0cd0 wolfcrypt/src/asn.c: move final return in DecodeECC_DSA_Sig() outside the NO_STRICT_ECDSA_LEN gate, to avoid no-return-from-non-void. 2022-07-06 17:39:59 -05:00
Daniel Pouzzner
7c49449a79 wolfcrypt/src/port/arm/armv8-sha512.c: gate out Sha512_Family_GetHash() in builds that have 224 and 256 bit hashes gated out, to fix unused function warning. 2022-07-06 17:35:15 -05:00
David Garske
a7fa7875e4 Merge pull request #5244 from julek-wolfssl/wpas-dpp 
Support for new DPP and EAP-TEAP/EAP-FAST in wpa_supplicant
 2022-07-06 11:35:52 -07:00
David Garske
e92034cf6f Merge pull request #5274 from JacobBarthelmeh/Certs 
remove subject/issuer email from altEmailNames list
 2022-07-06 10:48:21 -07:00
Sean Parkinson
8b73feb8ef SHA-512 ARM NEON: ensure data being hashed is 64-bit aligned 2022-07-06 16:18:18 +10:00
Jacob Barthelmeh
ff6edbff94 refactor name constraint checks 2022-07-05 17:20:50 -06:00
David Garske
08488b0fae Merge pull request #5318 from embhorn/gh5314 
Fix typos and bad macro names
 2022-07-05 12:34:35 -07:00
John Safranek
ded3f4e9b6 Merge pull request #5284 from julek-wolfssl/dtls-good-ch-cb 
DTLS 1.3: additions for event driven server in wolfssl-examples
 2022-07-05 10:14:59 -07:00
David Garske
1c009e8f91 Merge pull request #5311 from SparkiDev/ed_check_pubkey 
Ed25519/Ed448: assume public key is not trusted
 2022-07-05 09:25:50 -07:00
Eric Blankenhorn
394f36a0d7 Fix typos and bad macro names 2022-07-05 10:31:11 -05:00
Juliusz Sosinowicz
4caffee590 ForceZero the private key on import error 2022-07-05 13:44:31 +02:00
Juliusz Sosinowicz
8e84560f71 CSR: confirm the signature when verify == VERIFY 2022-07-05 08:49:00 +02:00
Juliusz Sosinowicz
ee3636f2e7 wc_EccPublicKeyToDer_ex: exporting the public key in compressed form 2022-07-05 08:48:18 +02:00
Juliusz Sosinowicz
448cde5a4b Support for new DPP in wpa_supplicant 
- Add null check to asn template code in MakeCertReq and test
- ENABLED_ECCCUSTCURVES can also be "all"
 2022-07-05 08:48:18 +02:00
Sean Parkinson
4a962b7fb2 Ed25519/448: improvements 
Check lengths of buffers in import functions.
priv/pub key set flag set on success only.
 2022-07-05 09:02:05 +10:00
Andrew Hutchings
f8c67345d6 Use the correct mutex type for embOS 
OS_MUTEX_Lock() is acutally a non-blocking mutex lock, for
wc_LockMutex() we need a blocking mutex. Switch to this.
 2022-07-04 15:59:36 +01:00
Juliusz Sosinowicz
c6aa4fc526 DTLS 1.3: allow the server to operate without maintaining state 2022-07-04 11:08:39 +02:00
Daniel Pouzzner
b16c2a2aef fix clang-analyzer-deadcode.DeadStores in sp_div(). 2022-07-01 23:49:58 -05:00
Daniel Pouzzner
5819332f89 Merge pull request #5312 from dgarske/fips_v5dev 
FIPS in core hash using SHA2-256 and SHA2-384
 2022-07-01 23:25:52 -05:00
David Garske
b9be5c2c24 Update to FIPS v5-ready will use latest master. Support for FIPS in core hash using SHA2-256 and SHA2-384 in fips_test.h. Fixes for MATH_INT_T. Fix error: ‘tls13_kdf_test’ declared ‘static’ but never defined. 2022-07-01 15:40:21 -07:00
David Garske
bb68766bda For ED255219 and ED448 if importing private only and public key is already set then check it. 2022-07-01 14:13:45 -07:00
Kareem
90749b7f88 Don't declare tls13_kdf_test if TLS 1.3 is not enabled, to avoid unused function warning. 2022-07-01 13:22:16 -07:00
Kareem
96aedc2f47 Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx. 2022-07-01 13:18:33 -07:00
Kareem
7a7d8d170d Pass in and check output length in SetCurve. 2022-07-01 13:18:33 -07:00
David Garske
bd75e1d6a4 Merge pull request #5307 from kareem-wolfssl/miscfixes2 
Fix a couple of STM32 bugs, and add some missing mutex frees.
 2022-07-01 09:46:22 -07:00
David Garske
0459e83a59 Merge pull request #5310 from SparkiDev/memusage_fix_1 
TLS memusage: reduce usage
 2022-07-01 09:13:05 -07:00
Sean Parkinson
2c943282f0 Ed25519/Ed448: assume public key is not trusted 
In defense against attack, assume the imported public key is not trusted
and check it matches the private key if set.
Added APIs that allow application to explicitly trust public key.
Original APIs default to not trusting public key.
 2022-07-01 09:05:43 -07:00