Commit Graph

194 Commits

Author SHA1 Message Date
David Garske ebc9533bc7 Fixes and improvements to the new Crypto callback code for AES and Hashing. 2019-01-09 17:39:05 -08:00
David Garske df2a0f9a4f Fixes for scan-build warnings. 2019-01-03 12:47:46 -08:00
David Garske 1201ffb13f Added CryptoDev callback support for AES CBC and SHA1/SHA256. 2019-01-02 14:34:26 -08:00
toddouska 656c7951cd Merge pull request #2010 from dgarske/mdk_fixes
Fixes for MDK5 project
2019-01-02 12:39:35 -08:00
David Garske 332dd75e5f Fix missing semicolon for HAL_CRYP_AESECB_Decrypt call. Fix for NO_MULTIBYTE_PRINT in test.h. These fixes were pulled in from PR #1974. 2018-12-31 13:53:12 -08:00
Hideki Miyazaki 9d2294b967 Support AES and SHA hw acceleration on esp32-wroom-32
Removed unnecessary codes
Added README
Some clean up for maintenancebility
Removed unused methods

Removed unused methods
2018-12-28 08:39:19 +09:00
David Garske 6552455968 Minor improvements to the STM32 CubeMX AES-GCM logic. 2018-12-10 11:40:06 -08:00
David Garske 0a725f4d56 Fixes for AES with STM32 crypto hardware:
* Fixes to ensure the "const" input buffer is not modified for AES GCM calls with STM32 hardware crypto.
* Improvements to allow AES GCM hardware acceleration for inputs that are not a multiple of AES block size.
* Switched the wolfCrypt test for STM32_CRYPTO to use the standard AES GCM tests with 12-byte IV and less than 16-byte auth data.
* Fixes for building with the standard peripheral library.
* Fixes for building with `NO_AES_DECRYPT`.
`./configure --enable-debug --disable-shared --enable-cryptonly CFLAGS="-DNO_AES_DECRYPT"`
2018-12-07 17:23:38 -08:00
David Garske ba8d1962c7 Fix for test case wc_AesInit with bad argument. Adds bad arg check for API in FIPS mode. 2018-11-09 09:26:01 -08:00
David Garske da76fb6861 Fixes for warning about possible uninitialized use of asyncDev for wc_Gmac and wc_GmacVerify. 2018-11-08 13:43:13 -08:00
Jacob Barthelmeh 2468a19c82 static analysis fix on non default build and g++ warning 2018-11-07 14:50:07 -07:00
David Garske 5904a97378 Added comments in aes.c for locating software implementation of algorithm using Software AES. 2018-10-12 10:48:26 -07:00
Sean Parkinson 8a5a03ea35 Support for PKCS#11
Support for RSA, ECDSA and AES-GCM operations.
2018-09-24 08:41:25 +10:00
Jacob Barthelmeh fe2f9d4aa4 minor adjustments and add README 2018-09-20 15:59:29 -06:00
Jacob Barthelmeh 96a7e366bc testing with valgrind and static analysis tools 2018-09-19 14:29:33 -06:00
Jacob Barthelmeh 2e88151cfd crypto only sha256 cryptodev
formating and refactoring

update configure for devcrypto

add AES algorithms to cyrptodev port

increase structure size for compatibility AES with cryptodev

add wc_devcrypto.h to install path
2018-09-19 10:41:29 -06:00
David Garske a2be7590d1 Fixes for NXP LTC support with K82. Fix for SHA384/512. Fix for AES CBC not storing previous IV. Fix for wc_AesSetKey arg check. Fix for AES GCM IV != 12 test. Changed LTC default in settings.h to not enable SHA512 and Ed/Curve25519. Tested using Rowley Crossworks v4.2.0 on a FRDM-K82F. There is an initial stack pointer issue with the arm-startup code here for Rowley still outstanding, but these fixes are valid as-is. 2018-09-10 07:13:32 -07:00
Sean Parkinson 31bd844d6f Fix for clang builds with configs not using inline funcs 2018-08-22 11:16:57 +10:00
JacobBarthelmeh cb756397b3 inital AES-CBC with af_alg
progress on AES-GCM with AF_ALG and add SHA256

add aes-gcm test cases and finish logic of aes-gcm with AF_ALG

formating of tabs and white space

add files to dist

adding ecb and ctr mode with af_alg

make length of buffers for ctr be AES_BLOCK_SIZE

formating and add support for sha256 copy/gethash

sanity checks on arguments

cast return values and valgrind tests

make it easier to use sha256 with af_alg

remove hard tabs

add endif for after rebase
2018-08-01 08:54:20 -06:00
David Garske 0f86494161 * Added support for STM32L4 AES hardware crypto.
* Added reference PK callbacks functions for ECC sign, verify and shared secret used by TLS in `wolfcrypt/src/port/st/stsafe.c`.
* Fix for wolfcrypt_test to not require args to be provided.
* Fix for wolfCrypt `ecc_test_buffers` to poperly init ecc_key (resolves devId issue).
* Fix for STM32 AES CBC Decrypt with CubeMX, which was not capturing the first input block for next IV.
* Refactor to combine STM32 hardware init code.
2018-07-30 13:58:19 -07:00
Jacob Barthelmeh c8e118cd12 adjust macro guards for additional functions 2018-07-03 16:52:29 -06:00
David Garske 7ae9e4359d Added support for the STM32L4 with AES/SHA hardware acceleration. Fixed a few minor compiler warnings with mis-matched enum types. 2018-06-27 19:40:03 -07:00
John Safranek 586874b997 Rename INLINE
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
2018-06-26 15:17:46 -07:00
David Garske 7e5c41ca35 Fixes for some async issues in FIPSv2. 2018-06-11 12:41:15 -07:00
John Safranek 10070bb5fd FIPS Revalidation (acceptance fixes)
1. Backed out some changes to AES-GCM with respect PIC32 only code. (This change will not be in the FIPS boundary.)
2018-06-11 10:21:19 -07:00
John Safranek 7e9a32fffd FIPS Revalidation
Merge branch 'master' into fipsv2. Using a merge instead of a rebase to retain commit IDs and tags.
2018-06-06 12:43:15 -07:00
Sean Parkinson 68666101b7 Fix for g++ 7.3 - macro strings in asm 2018-05-29 09:25:38 +10:00
John Safranek f7fa648f77 Test Fixes
1. Found a problem in AES-GCM encrypt where it could step on the ciphertext with the correct sized IV.
2018-05-16 15:47:13 -04:00
John Safranek dde1f87de9 Test Fixes
1. The intrinsic versions of AES_GCM_encrypt and AES_GCM_decrypt needed updates for variable length tags.
2018-05-16 15:47:13 -04:00
John Safranek 6d4777f3ca Test Fixes
1. MSC doesn't allow for inline assembly. Restore the intrinsic version of AES_GCM_encrypt and AES_GCM_decrypt for MSC AES-NI builds. This is lacking AVX.
2018-05-16 15:47:13 -04:00
John Safranek 6796ab5f8c FIPS Revalidation
1. Bug fixes to AES-GCM. Separated out the internal and external IV set functions.
2018-05-16 15:47:12 -04:00
John Safranek 6d7599cf47 FIPS Revalidation
1. Add new APIs for AES-GCM so it can manage the IV per SP 800-38D.
2. Add new APIs for AES-CCM so it can manage the IV, similar to the behavior in AES-GCM.
3. Add new APIs for GMAC that use the new AES-GCM APIs.
2018-05-16 15:47:12 -04:00
John Safranek 3685b7b176 Test Fixes
1. AesGcmEncrypt_ex requires the RNG, remove function if RNG disabled.
2. Fix a couple function name changes in the example server.
3. Removed the old FIPS wrapping added to dh.h, was redundant.
4. Move include of random.h in the aes.h file.
5. Fix where ecc.c was being left out of old FIPS builds.
6. Exclude the AES-GCM internal IV test case when building without the RNG.
7. Fix api test where AES-GCM Encrypt was called with a too-long IV in old FIPS mode. Non-FIPS and new FIPS are allowed longer IVs.
2018-05-16 15:47:12 -04:00
John Safranek 13ff245166 FIPS Revalidation
1. AES-GCM encrypt IV length allowed to be 8-bits.
2018-05-16 15:47:12 -04:00
John Safranek 90a5bde0f2 FIPS Revalidation
1. Update the const data and code segment tags for the Windown builds.
2018-05-16 15:47:12 -04:00
John Safranek 4bcd7b7986 AES-GCM
1. Updated the wolfCrypt GMAC test to leave out the test case with the 15-byte tag when building for FIPS.
2. Replace tabs with spaces.
2018-05-16 15:47:12 -04:00
John Safranek fe8d46da95 FIPS Revalidation
1. Added new AES-GCM Encrypt API for FIPS where the IV is generated internally.
2. Fix the AES-NI guard flags so it can be used when FIPS enabled.
2018-05-16 15:47:12 -04:00
John Safranek f6fe3744a7 FIPS Update
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-05-16 15:47:12 -04:00
John Safranek 0c5d704c7f AES-CCM FIPS
1. Add new error code for the AES-CCM FIPS KAT failure.
2. When enabling FIPSv2, force enable AES-CCM.
2018-05-16 15:47:12 -04:00
David Garske ede006b3e1 Merge pull request #1479 from JacobBarthelmeh/HardwareAcc
Fix PIC32 AES-CBC and add test case
2018-04-05 09:15:08 -07:00
Jacob Barthelmeh 815219b589 fix pic32 AES-CBC and add test case 2018-04-04 16:09:11 -06:00
David Garske 0c898f513d Nitrox V fixes and additions:
* Added support for ECC, AES-GCM and HMAC (SHA-224 and SHA3).
* Fixes for Nitrox V with TLS.
* ECC refactor for so key based `r` and `s` apply only when building with `WOLFSSL_ASYNC_CRYPT`.
* ECC refactor for `e` and `signK` to use key based pointer for Nitrox V.
* Improved the Nitrox V HMAC to use start, update and final API's instead of caching updates.
* Fix for Intel QuickAssist with unsupported HMAC hash algos using `IntelQaHmacGetType` (such as SHA3).
* Added new API `wc_mp_to_bigint_sz` to zero pad unsigned bin.
* Fix for AES GCM to gate HW use based on IV len in aes.c and remove the gate in test.c.
* Implemented workaround to use software for AES GCM Nitrox V hardware and 13 byte AAD length for TLS.
* New debug option `WOLFSSL_NITROX_DEBUG` to add pending count.
2018-04-03 09:14:20 -07:00
Jacob Barthelmeh f6869dfe09 AES ECB build with ARMv8 instructions enabled 2018-03-02 09:30:43 -07:00
Jacob Barthelmeh 79f13478df add AES macro guards and reduce code in GetName 2018-02-23 13:45:42 -07:00
Jacob Barthelmeh 312d1a2aaf fix unused function warning with CAAM and AES 2018-02-21 15:21:07 -07:00
Jacob Barthelmeh c2f660c0fc first round of adding AES key size macros 2018-02-19 17:23:49 -07:00
toddouska 95ed1a88ed Merge pull request #1364 from SparkiDev/aesni_authtagsz
AES-GCM AES-NI code now handles different tag lengths
2018-02-09 13:19:14 -08:00
Sean Parkinson 35c993e55d AES-GCM AES-NI code now handles different tag lengths
Encrypt and decrypt code modified.
AES-NI, AVX1 and AVX2 code modified.
Test of 15 byte tag added.
2018-02-09 17:21:06 +10:00
David Garske fbdcd3c67f Fix for missing ret in some wc_AesGcmEncrypt functions due to refactor in commit 0765aa0. 2018-02-07 15:40:28 -08:00
Sean Parkinson e82e3d3d6e Improve performance of AES-GCM for AVX1 and AVX2 2018-01-30 12:00:13 +10:00