wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 23:29:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,368 Commits 12 Branches 184 Tags
ebdadefb9a7c64f998255bb11fdceea45352c012
Commit Graph

5530 Commits

Author SHA1 Message Date
John Safranek
7af87e5b32 Restore the HKDF code to hmac.c. For compatibility between FIPS builds. 2021-10-26 20:24:25 -05:00
John Safranek
54a1b4c881 Remove redundant pairwise test from DH and ECC. 2021-10-26 20:24:25 -05:00
John Safranek
c0e6a55aaa Skip the small key DH test for SP and FFDHE builds. 2021-10-26 20:24:25 -05:00
John Safranek
3b5c8231c2 Move the PCT down to where it used to be located as CheckKeyPair. 2021-10-26 20:24:25 -05:00
John Safranek
2de6b3b2bd Move the KDF functions into their own source file. 2021-10-26 20:24:25 -05:00
John Safranek
f78887d2ab Add 'static' to the test vector arrays for the SSH KDF test. 2021-10-26 20:24:25 -05:00
John Safranek
86c040a3ae Rename the PCT error codes to remove 'FIPS' since they can be enabled without FIPS. 2021-10-26 20:24:25 -05:00
John Safranek
9c5607a677 Add guard around ECC PCT for builds without validate keygen. 2021-10-26 20:24:25 -05:00
John Safranek
133faea89a Hushed compiler warnings about unused variables. 2021-10-26 20:24:25 -05:00
John Safranek
a967cbcb7b 56Ar3 Testing Updates 
1. Add PCTs for ECC and FFC.
2. Update the public key checks for ECC and FFC.
 2021-10-26 20:24:25 -05:00
John Safranek
976402e04b RNG Update 
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
   as a default callback.
2. Modify all the tests and examples to use the default seed callback if
   the seed callback is enabled.
 2021-10-26 20:24:25 -05:00
John Safranek
0c6d8cfc22 If the RNG seeding callback is missing or returns an error, the RNG instantiate fails. 2021-10-26 20:24:25 -05:00
John Safranek
c6486d7392 Removed an outdated comment. 2021-10-26 20:24:25 -05:00
John Safranek
a562db82ef 1. Rename and relabel the FIPS 140-3 option as wolfCrypt v5. 
2. Make sure the correct SHA assembly files are copied over for the latest FIPS build.
 2021-10-26 20:24:25 -05:00
John Safranek
c47e354eed Add callback option for RNG seeding. 2021-10-26 20:24:25 -05:00
John Safranek
a2f802199d DH key gen should call DH check key. 2021-10-26 20:24:25 -05:00
John Safranek
e3b2be5ea3 ECC key gen should call ECC check key. 2021-10-26 20:24:25 -05:00
John Safranek
1f67e4519c Restrict AES-GCM IV minimum size to 96-bits for newer FIPS builds. 2021-10-26 20:24:25 -05:00
John Safranek
17a4c891ce Add CASTs for TLSv1.2, TLSv1.3, and SSH KDFs. 2021-10-26 20:24:25 -05:00
John Safranek
e32c58d533 Add RSA PAT. 2021-10-26 20:24:25 -05:00
John Safranek
9656b83a03 Add ECDSA-KAT CAST. 2021-10-26 20:24:25 -05:00
John Safranek
e67bbf7526 1. Add flag to DH keys when using safe parameters. 
2. The LN check is skipped when using safe parameters.
3. Enable all FFDHE parameter sets when building for FIPS 140-3.
 2021-10-26 20:24:25 -05:00
John Safranek
7f64fc4efb Move the TLSv1.3 KDF into wolfCrypt with the other KDFs. 2021-10-26 20:24:25 -05:00
John Safranek
38064bb396 Add HMAC-SHA2-512 to the TLSv1.2 PRF. 2021-10-26 20:24:25 -05:00
John Safranek
c7ea896759 Add prototype for the ssh-kdf test in the wolfCrypt test. 2021-10-26 20:24:24 -05:00
John Safranek
de4af35f89 KDF Update 
1. Move wolfSSH's KDF into wolfCrypt.
 2021-10-26 20:24:24 -05:00
John Safranek
a49125e613 FIPS KDF Update 
1. Copied the TLSv1.2 PRF into hmac.c since it uses it and the TLSv1.3
   HKDF is in there as well.
2. Added guard around the old TLS PRF so that it switches in correctly
   for older FIPS builds only.
 2021-10-26 20:24:24 -05:00
John Safranek
df859d30f3 FIPS 140-3 
1. Change the internal version number for the FIPS 140-3 changes as v4.
2. Insert v3 as an alias for FIPS Ready.
3. Use the correct directory for the FIPS old files sources. (For local
   testing of 140-3 builds.)
4. Change back the check for the FIPS version in internal.c for
   EccMakeKey().
 2021-10-26 20:24:24 -05:00
John Safranek
f1bd79ac50 FIPS 140-3 
1. Added enable option for FIPS 140-3 in configure script.
2. Modify DES3 source to disallow DES3 for the new option.
3. Added the new constants to fips_test.h.
4. Added some new test functions.
5. Added API for doing the POST.
6. Added a processing state for the CASTs.
7. Delete some unused prototypes from FIPS test API.
 2021-10-26 20:24:24 -05:00
Chris Conlon
5810e45cb7 fix CAVP selftest v2 build error in test.c 2021-10-26 10:33:05 -06:00
Sean Parkinson
905683c98c Merge pull request #4496 from dgarske/sniffer_keywatch 
Fix for sniffer key watch callback
 2021-10-26 09:55:17 +10:00
Sean Parkinson
6070981366 Merge pull request #4490 from dgarske/static_mem_unittest 
Add CTX static memory API unit tests
 2021-10-26 09:52:14 +10:00
David Garske
aa72f0685d Merge pull request #4499 from SparkiDev/dec_ku_len 
KeyUsage dcoding: Ensure data length is 1 or 2
 2021-10-25 15:11:18 -07:00
David Garske
517225e135 Merge pull request #4497 from cconlon/authInfo 
fix nid2oid/oid2nid for oidCertAuthInfoType
 2021-10-25 09:29:09 -07:00
Sean Parkinson
8e6c6e7757 KeyUsage dcoding: Ensure data length is 1 or 2 2021-10-25 09:22:31 +10:00
David Garske
bf2b13939f Merge pull request #4329 from kaleb-himes/OE22-Porting-Changes 
Oe22 porting changes
 2021-10-22 16:16:26 -07:00
Chris Conlon
402ee29163 fix nid2oid/oid2nid for oidCertAuthInfoType 2021-10-22 16:53:18 -06:00
David Garske
e4da9c6f48 Fix for sniffer key callback. Fix for building sniffer without RSA. Fix for wolfCrypt test cert ext without RSA. 2021-10-22 14:29:06 -07:00
kaleb-himes
5859779ddf Check-in non-FIPS specific porting changes for OE22 
Fix no new line

Change comment style in testsuite.c

Add include for proper socket header in wolfio.h

Add dc_log_printf support to benchmark application

Pull in changes for examples

Refector NETOS check in test.c

Fix format and remove settings used only for validation testing

Implement peer review feedback

Address last items noted in peer review

Add new README to include.am

Adjust comment style on TODO

Gate changes in client and server properly

Add static on customer feedback

Fix settings include

Update latest peer feedback
 2021-10-22 15:01:14 -06:00
John Safranek
d83d16af59 Merge pull request #4483 from julek-wolfssl/cov-reports 2021-10-22 13:07:57 -07:00
David Garske
229f0d5fd1 Merge pull request #4485 from JacobBarthelmeh/certs 
Improve permitted alternate name logic in certificate ASN handling
 2021-10-22 11:59:16 -07:00
David Garske
4c0527490d Fixes for API unit test with WOLFSSL_NO_ASN_STRICT. Fix spelling error. 2021-10-22 09:59:16 -07:00
Fabio Utzig
29f4f09e6c Fix MMCAU_SHA256 type warnings 
Fix warnings in the usage of MMCAU_SHA256 routines, where digest is
expected to be `uint32_t*`, but is defined as `word32*`, which results
in:

```
expected 'uint32_t *' {aka 'long unsigned int *'} but argument is of
type 'word32 *' {aka 'unsigned int *'}
```

Signed-off-by: Fabio Utzig <utzig@apache.org>
 2021-10-22 09:51:14 -03:00
Sean Parkinson
6e7dee3283 Change to compare each name to each matching type in permittedNames list. 2021-10-22 10:57:11 +10:00
David Garske
f17187aad9 Fixes for static memory testing. Fix clang memory sanitizer warnings. 2021-10-21 16:33:57 -07:00
Juliusz Sosinowicz
9386a882b9 #424 
Refactor d2i key API to use common code
 2021-10-21 14:25:06 +02:00
Juliusz Sosinowicz
df1d817f1f #129 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
1239a7f57d #96 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
5bacc0c9ab In first |= op r always equals 0 2021-10-21 14:22:54 +02:00
Juliusz Sosinowicz
8e6759384c #40 2021-10-21 14:22:54 +02:00