Commit Graph

1481 Commits

Author SHA1 Message Date
John Bland e9aeb1a857 Add nuttx integration (#6043) 2023-02-08 16:04:53 -08:00
Sean Parkinson 3455e726f9 SP int: make used and size fields unsigned
used and size have no reason to be negative - change type.
Change code to match unsigned change. Mostly change variables to be
unsigned where possible.
integer.c: Only have mp_rand_prime available when needed and
mp_prime_is_prime_ex is available.
Fixes from regression testing.
2023-02-03 17:09:56 +10:00
Daniel Pouzzner 38c057a084 fix resource leak (missing calls to wc_AesFree()) in wolfSSL_EVP_CIPHER_CTX_cleanup();
fix file descriptor leaks in AF_ALG code, and fix return codes (WC_AFALG_SOCK_E, not -1) in afalg_aes.c;

fixes for sanitizer-detected forbidden null pointer args in AfalgHashUpdate() and AfalgHashCopy();

fixes for resource leaks in api.c test_wolfSSL_AES_cbc_encrypt() (missing wc_AesFree()s);

fixes for resource leaks in test.c openssl_test() (missing wolfSSL_EVP_CIPHER_CTX_cleanup());

also some local fixes for bugprone-signed-char-misuse, readability-redundant-preprocessor, and clang-diagnostic-strict-prototypes, in src/pk.c and src/ssl.c.
2023-02-01 00:49:34 -06:00
David Garske 2d03a052e1 Fixes and cleanups for STM32:
* Fix for STM32 Hash peripherals (like on F437) with FIFO depth = 1.
* Cleanups for `XREALLOC` and new `WOLFSSL_NO_REALLOC` to force undef of `XREALLOC`.
* Change STM32 Cube to default to `NO_TLS_UART_TEST`.
2023-01-30 16:44:47 -08:00
Sean Parkinson 0e16d2919f Merge pull request #6022 from douzzer/20230127-fixes
20230127-fixes
2023-01-30 08:46:42 +10:00
Kareem c70ca25282 Fix building NO_ASN_TIME with cert gen and OpenSSL Extra enabled. 2023-01-27 16:09:04 -07:00
Daniel Pouzzner d077c39f42 wolfcrypt/test/test.c: in aes_xts_128_test(), gate in-place test on !HAVE_FIPS || FIPS_VERSION_GE(5,3); in hpke_test(), gate tests on availability of relevant ECC curve, not just on relevant digest. 2023-01-27 16:49:46 -06:00
David Garske 06509021ff Merge pull request #6013 from douzzer/20230125-various-fixes
20230125-various-fixes
2023-01-26 15:10:18 -08:00
David Garske 58c2fe1c40 Merge pull request #6011 from SparkiDev/xts_in_place_enc_fix
AES XTS: encrypt not handling in-place properly
2023-01-26 14:04:58 -08:00
Daniel Pouzzner f776371874 wolfcrypt/src/hpke.c: add PRIVATE_KEY_{UNLOCK,LOCK}() wrappers in wc_HpkeSealBase() and wc_HpkeOpenBase();
wolfcrypt/test/test.c: remove PRIVATE_KEY_{UNLOCK,LOCK}() wrappers from hpke_test_single(), and do a smallstack refactor.
2023-01-26 15:00:56 -06:00
Daniel Pouzzner 8f2ae77513 wolfcrypt/test/test.c: add missing PRIVATE_KEY_UNLOCK()/PRIVATE_KEY_LOCK() in hpke_test_single(). 2023-01-25 23:32:55 -06:00
David Garske 584411f21a Merge pull request #6012 from kareem-wolfssl/zd15524
Fix building FIPSv2 with WOLFSSL_ECDSA_SET_K defined.
2023-01-25 18:59:38 -08:00
Kareem c9125f9685 Fix building FIPSv2 with WOLFSSL_ECDSA_SET_K defined. 2023-01-25 14:49:05 -07:00
Sean Parkinson e9af0136b9 AES XTS: encrypt not handling in-place properly
Fix AES XTS in-place encrypt to work when ciphertext stealing.
2023-01-25 09:32:37 +10:00
Sean Parkinson 90e24d8ba5 DSA sign: use mp_to_unsigned_bin_len
mp_to_unsigned_len checks length and front pads with zeros.

Return MP_VAL when length is too small in all implemenations.
Make TFM implementation check length.
Add test case.
2023-01-23 09:14:24 +10:00
David Garske e72ec4e876 Merge pull request #5976 from SparkiDev/eccsi_hash_check
ECCSI: hash function must have output size as curve size
2023-01-19 17:50:44 -08:00
David Garske 6b6ad38e4f Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180. 2023-01-18 11:37:27 -08:00
Sean Parkinson 11ea6a10e8 ECCSI: hash function must have output size as curve size 2023-01-18 03:54:17 +10:00
Anthony Tatowicz a08c853799 Add fix for siphash cache and tests 2023-01-05 16:56:07 -06:00
David Garske 023db01aca * Fixed some build configuration variations.
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
2023-01-03 10:59:59 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
JacobBarthelmeh 4a23edd5fb fix for older selftest that returns bad padding instead of salt len error 2022-12-30 06:31:09 -08:00
David Garske d686f0a5de Merge pull request #5925 from SparkiDev/sp_mod_3_perf
SP math: rework mod 3
2022-12-22 17:55:28 -08:00
David Garske 49d23cf60a Merge pull request #5913 from douzzer/20221219-no-sha-1-all-crypto
20221219-no-sha-1-all-crypto
2022-12-22 17:02:58 -08:00
Sean Parkinson 162dca87c3 SP math: rework mod 3
Simplification when only calculating mod and modulus is 3.
2^(2*n) * x mod 3 = x mod 3.
Add all digits and calculate mod 3 of sum.
2022-12-23 09:21:13 +10:00
Chris Conlon 9a7ff8773b add --with-libsuffix support, append suffix to library artifact name 2022-12-21 13:31:07 -07:00
Daniel Pouzzner 91869f6028 minor fixes to accommodate --disable-sha in combination with --enable-all-crypto. 2022-12-20 00:42:05 -06:00
kaleb-himes ed17524793 Add alt case for unsupported static memory API 2022-12-14 16:02:35 -07:00
Sean Parkinson 1de30c6b67 SP: --enable-sp-asm now enables SP if not set
Enabling SP with ASM didn't enable SP or error out when SP wasn't
configured. Now enables SP when '' and errors when 'no'.

SAKKE modinv used large amounts of stack. Change to have more temporary
memory allocated increased to cover the usage.
ECC, SAKKE: sp_<bits>_ecc_mulmod_<cpu><words>() used large amounts of
stack. Allocate when WOLFSSL_SMALL_STACK.

wc_DhCheckKeyPair() not available when HAVE_SELFTEST.
Wasn't compiled in before as WOLFSSL_HAVE_SP_DH wasn't defined.
2022-12-07 09:01:53 +10:00
David Garske 9d9549fbd3 Merge pull request #5836 from anhu/kyber_cleanup
Remove kyber-90s and route all kyber through wolfcrypt.
2022-12-05 13:18:44 -08:00
David Garske c079455d3e Merge pull request #5839 from SparkiDev/sp_int_pub_apis
SP int: fix which APIs are public available wiht WOLFSSL_SP_MATH
2022-12-01 19:33:11 -08:00
Sean Parkinson 39716737c1 SP int: fix which APIs are public available wiht WOLFSSL_SP_MATH
Make sp_rshd not available when WOLFSSL_SP_MATH in header.
sp_rshd is not required by any wolfCrypt code.
Fix sp_rshd comment on #endif
Make sp_div publicly available in some WOLFSSL_SP_MATH builds.
Delare sp_div for some WOLFSSL_SP_MATH builds.
Fix test.c to compile with WOLFSL_SP_MATH and HAVE_VALGRIND.
2022-12-02 09:11:35 +10:00
David Garske 5f410b47b7 Merge pull request #5829 from SparkiDev/sp_invmod_fixes
SP int: fix error checks when modulus even
2022-12-01 15:05:22 -08:00
Anthony Hu a2fb4c0788 Remove kyber-90s and route all kyber through wolfcrypt. 2022-11-30 17:17:28 -05:00
gojimmypi fec7469c19 Tidy up Espressif ESP32 test and benchmark examples (#5800)
Tidy up Espressif ESP32 test and benchmark examples:
* add VisualGDB project and solution files for server and client
* "hardware in use revert to software" is now verbose level message
* Remove (void) TAG;  - not needed to appease compiler
* include esp_log.h lib with defined(WOLFSSL_ESPIDF)
* large ESP32 default stack size
* check for max number of arguments assembled into array
* cleanup & comments per code review
* wolfssl_test VisualGDB updates
* Espressif wolfssl_test default stack 55,000 bytes
2022-11-30 10:01:46 -08:00
Sean Parkinson faf848a915 SP int: fix error checks when modulus even 2022-11-30 18:15:30 +10:00
Sean Parkinson 7005d416ce SP int: Comment and rework some code
Improvements to sp_int.c that make it slightly quicker and documented.
2022-11-28 18:06:09 +10:00
David Garske 9036c098b0 Merge pull request #5760 from cconlon/se050
NXP SE050: feature expansion and fixes
2022-11-11 13:31:05 -08:00
Chris Conlon 45bf793b5a SE050 expansion: add RSA support, allow for larger key IDs, get/set key ID from ecc_key/RsaKey, fixes for SE050 hashing, remove XREALLOC dependency, API to store/get binary object, API to erase object, test.c compatibility 2022-11-11 12:14:14 -07:00
David Garske 90d37f9786 Add AES CCM 256-bit test. 2022-11-09 17:46:07 -08:00
David Garske f610df59a9 Whitespace cleanups. 2022-11-03 14:38:43 -07:00
David Garske e26d4f84fc Improvements for AES GCM on STM32. Cleanups for STM32 example. 2022-10-26 14:10:19 -07:00
Daniel Pouzzner 3677253b55 fixes and comments for buildability, warnings, and clarity, re WOLFSSL_ARMASM_NO_HW_CRYPTO, in configure.ac, wolfcrypt/src/port/arm/armv8-aes.c, and wolfcrypt/test/test.c. 2022-10-24 17:31:48 -05:00
John Safranek 31222618b9 DH Test Keys
1. Add a flag to the DH test to indicate that the second key is initted.
2. Add a flag to the DH test to indicate that the RNG is initted.

Fixes an issue where the DH wolfCrypt test can crash or lock up when
the DH parameters file is missing. Localized to the test only.
2022-10-19 16:15:53 -07:00
Stefan Eissing 9726d1f6eb Allowing use of SSL/CTX_set_max_early_data() for client side.
- updating english doc and test cases
2022-10-18 10:40:18 +02:00
kaleb-himes 6178b3e365 Fixup builds using WOLFSSL_LOG_PRINTF (SGX test exposed) 2022-10-05 13:54:22 -06:00
Hayden Roche 6f4af1581b Merge pull request #5650 from SparkiDev/aes_x86_asm 2022-10-04 16:40:02 -07:00
Sean Parkinson 66ce7635b9 AES x86 ASM: new assembly
Added new x86 assembly for AES.
AES-CBC decrypt only 4 blocks at a time (not 6 or 8) due to reduces
register count.
GCM implementation for AVX2, AVX1 and AESNI only.
Disabled looking for other assembly files for x86.
2022-10-05 07:34:42 +10:00
David Garske f9506dc05a Add small stack to DoClientHello Suites (360 bytes). Add small stack for DRBG health test. Refactor of the small stack into its own header, to allow easier use in other files. Minor build fixes. 2022-09-30 14:06:31 -07:00
Daniel Pouzzner 548d432df3 wolfcrypt/test/test.c: fix gating, and smallstack refactors, for ecc_test_deterministic_k(), ecc384_test_deterministic_k(), and ecc521_test_deterministic_k(). 2022-09-30 12:06:15 -05:00