Commit Graph

3377 Commits

Author SHA1 Message Date
toddouska feeb18600f Merge pull request #2636 from SparkiDev/mp_exptmod_fixes
Handle more values in fp_exptmod
2019-12-17 15:22:24 -08:00
toddouska 138377f30e Merge pull request #2641 from SparkiDev/sp_c32_lshift
Fix lshift in SP 32-bit C code - FFDHE
2019-12-17 15:17:17 -08:00
toddouska 5ee9f9c7a2 Merge pull request #2637 from SparkiDev/ecc_cache_resist
Improve wc_ecc_mulmod_ex cache attack resistance
2019-12-17 15:16:16 -08:00
toddouska 028d9e5443 Merge pull request #2634 from SparkiDev/pkcs7_libz_fix
Fix missing variable declaration
2019-12-17 15:13:13 -08:00
David Garske f2115b2c2b Merge pull request #2652 from ejohnstown/maintenance-error
Maintenance: Error Strings
2019-12-13 15:03:32 -08:00
Chris Conlon 1a594d92ba Merge pull request #2668 from ejohnstown/maintenance-scanbuild
Fixed a couple initialization issues scan-build indicated
2019-12-13 14:13:48 -07:00
John Safranek e7af2d2ba9 Fixed a couple initialization issues scan-build indicated. 2019-12-12 16:50:37 -08:00
kaleb-himes 0a38d7c178 Add CCM Decryption to benchmarking 2019-12-12 13:53:30 -07:00
toddouska 093a31ed49 Merge pull request #2655 from kaleb-himes/ZD-9592
Remove forcing NO_SKID on unsuspecting CRL users
2019-12-10 16:33:16 -08:00
kaleb-himes 2b66a9f1ec Address reviewed items 2019-12-09 14:44:59 -07:00
kaleb-himes bbdf0d101f Improve Decoded CRL initialization 2019-12-07 04:23:02 -07:00
kaleb-himes 072fe8fd6d More complete fix for removing NO_SKID condition as default with CRL enabled 2019-12-07 03:39:57 -07:00
tmael 8450c4ae39 Merge pull request #2643 from ejohnstown/maintenance-prime
Maintentance: Prime
2019-12-06 18:50:51 -08:00
JacobBarthelmeh 05e672428d Merge pull request #2645 from cconlon/cmsrsacb
CMS SignedData RSA sign callback for raw digest
2019-12-06 17:13:32 -07:00
John Safranek 19a4371d48 Maintenance: Error Strings
1. One of the error string was >80 bytes long. Shortened it.
2. The function that copies an error string to an output array needs to
ensure the string is still null terminated.
3. Added a check to the wolfCrypt test to see that error strings aren't
>= 80 bytes long.
2019-12-06 09:53:39 -08:00
toddouska 9fd5628148 Merge pull request #2631 from SparkiDev/mp_invmod_fix
mp_invmod handles more inputs
2019-12-05 16:21:33 -08:00
toddouska 7e391f0fd5 Merge pull request #2629 from SparkiDev/dsa_blinding
Blinding for DSA sign
2019-12-05 16:20:21 -08:00
toddouska 4b31a180c8 Merge pull request #2626 from SparkiDev/sp_invmod_fixes
Fix sp_invmod to handle more input values
2019-12-05 16:18:55 -08:00
toddouska 8cc4c62c14 Merge pull request #2625 from SparkiDev/set_ser_num_2
Support 20-byte serial numbers and disallow 0.
2019-12-05 16:17:54 -08:00
toddouska bd8a612d6c Merge pull request #2624 from ejohnstown/maintenance-ASN1
Maintenance: ASN.1
2019-12-05 16:16:42 -08:00
toddouska 7631fdafa1 Merge pull request #2612 from SparkiDev/sp_div_small_a
sp_div improved to handle when a has less digits than d
2019-12-05 16:14:05 -08:00
toddouska 6d40c20f2c Merge pull request #2609 from JacobBarthelmeh/Compatibility-Layer
Fix for EVP CipherUpdate decrypt and add test case
2019-12-05 16:12:26 -08:00
toddouska 312d5c98b3 Merge pull request #2535 from julek-wolfssl/nginx-1.15
Nginx 1.15.0 & 1.16.1
2019-12-05 14:40:45 -08:00
John Safranek 2c0fda4168 Maintentance: Prime
1. Revisited the option enables around the wolfCrypt prime test. Added a
check for key generation to the check for public MP.
2019-12-05 12:23:42 -08:00
Chris Conlon 2063fa502f add CMS RSA sign callback for raw digest 2019-12-05 10:33:49 -07:00
Sean Parkinson 0552fbc5de Fix lshift in SP 32-bit C code - FFDHE 2019-12-05 09:08:30 +10:00
John Safranek 44fc3e14b1 Maintenance: ASN.1
1. Fix some preprocessor flag checking for function EncodePolicyOID. It
also needs to be available for OpenSSL Compatibility.
2. Fix for a name string for a test that can get left in or out
incorrectly.
2019-12-04 10:26:37 -08:00
Sean Parkinson 2a0c037f98 Improve wc_ecc_mulmod_ex cache attack resistance 2019-12-04 11:08:28 +10:00
Sean Parkinson c5f9a601e8 Handle more values in mp_exptmod
Handle prime (modulus) of 0 and 1.
Handle exponent of 0.
Fix for base of 0 in fp_exptmod and hadnle base of 0 in mp_exptmod.
fp_exptmod - Don't modify X's sign during operation when passed in as negative.
2019-12-04 09:32:08 +10:00
Sean Parkinson fd4fb28a2e Fix missing variable declaration
--enable-scep --with-libz
PKCS#7 decompress code
2019-12-03 11:07:29 +10:00
Sean Parkinson b9a82204e2 Blinding for DSA sign 2019-12-03 09:36:33 +10:00
David Garske 7e45ae2ec6 Merge pull request #2621 from JacobBarthelmeh/SanityChecks
sanity check on "a" input to invmod
2019-12-02 10:57:01 -08:00
Sean Parkinson 204045223f Fix sp_invmod to handle more input values 2019-11-29 11:54:36 +10:00
Sean Parkinson bd7a572a8f mp_invmod handles more inputs
Value to invert: a
Modulus: b
integer.c - normal math
  - a is one, or a mod b is one
tfm.c - fast math
  - b is -ve (error), or b is zero
  - a is zero or a mod b is zero
2019-11-29 09:08:44 +10:00
Sean Parkinson 06ca07c79f Poly1305 AVX2 asm fix
Missed carry when converting from 26 in 64 bits to 64 in 64 bits.
2019-11-28 16:01:29 +10:00
Sean Parkinson 16ac0d8eb6 Support 20-byte serial numbers and disallow 0. 2019-11-28 10:21:48 +10:00
Sean Parkinson 245a2b7012 sp_int: clamp more results 2019-11-28 10:01:54 +10:00
Sean Parkinson dadbeff433 sp_int: When setting digit of 0, set used to 0 2019-11-28 10:01:54 +10:00
Sean Parkinson 2ac0ac8776 Fix for sp_div when a > d but same bit length 2019-11-28 10:01:54 +10:00
Sean Parkinson 8315ae892f sp_div improved to handle when a has less digits than d 2019-11-28 10:01:54 +10:00
toddouska b396ed0984 Merge pull request #2627 from SparkiDev/rsa_sign_vfy
Change signature generation to verify by default
2019-11-27 14:08:07 -08:00
toddouska e1ebb39296 Merge pull request #2618 from ejohnstown/maintenance-prime
Maintenance: Prime
2019-11-27 14:06:23 -08:00
toddouska ff85cc7740 Merge pull request #2622 from SparkiDev/ber_to_der_rework
Rework BER to DER to not be recursive
2019-11-27 14:05:36 -08:00
John Safranek cc722468be Maintenance: ASN.1
1. Add an additional check in GetCertHeader() to see that sigIndex is
bounded by maxIdx.
2019-11-27 10:43:51 -08:00
Juliusz Sosinowicz 9be1b4cfd8 Remove tabs 2019-11-27 17:46:15 +01:00
Juliusz Sosinowicz 9064de1e75 Set proper WOLFSSL_ASN1_TIME in thisupd and nextupd in wolfSSL_OCSP_resp_find_status 2019-11-27 17:45:49 +01:00
Juliusz Sosinowicz a892f2a95a Changes for nginx 1.15
- ssl.c: add to check to overwrite existing session ID if found
- evp.c: wolfSSL_EVP_DecryptFinal* was checking for wrong value
2019-11-27 17:45:49 +01:00
Sean Parkinson 23878512c6 Change signature generation to verify by default 2019-11-27 10:47:03 +10:00
Sean Parkinson 776f4af7f6 Rework BER to DER to not be recursive 2019-11-27 10:20:32 +10:00
toddouska 1b63ab0e73 Merge pull request #2623 from SparkiDev/set_ser_rand
Generating serial number - clear top bit
2019-11-26 16:14:54 -08:00