bb68766bda
For ED255219 and ED448 if importing private only and public key is already set then check it.
2022-07-01 14:13:45 -07:00
90749b7f88
Don't declare tls13_kdf_test if TLS 1.3 is not enabled, to avoid unused function warning.
2022-07-01 13:22:16 -07:00
96aedc2f47
Fix SetCurve max sizes. Add fix for potentially uninitialized type in ProcessReplyEx.
2022-07-01 13:18:33 -07:00
7a7d8d170d
Pass in and check output length in SetCurve.
2022-07-01 13:18:33 -07:00
bd75e1d6a4
Merge pull request #5307 from kareem-wolfssl/miscfixes2
...
Fix a couple of STM32 bugs, and add some missing mutex frees.
2022-07-01 09:46:22 -07:00
0459e83a59
Merge pull request #5310 from SparkiDev/memusage_fix_1
...
TLS memusage: reduce usage
2022-07-01 09:13:05 -07:00
2c943282f0
Ed25519/Ed448: assume public key is not trusted
...
In defense against attack, assume the imported public key is not trusted
and check it matches the private key if set.
Added APIs that allow application to explicitly trust public key.
Original APIs default to not trusting public key.
2022-07-01 09:05:43 -07:00
b9a8f18a97
Merge pull request #5300 from douzzer/20220629-multi-test-fixes
...
20220629-multi-test-fixes
2022-07-01 16:22:05 +10:00
7d58dc5678
TLS memusage: reduce usage
...
Reduce the amount allocated to reduce maximum overall dynamic memory
usage.
Rework ServerKeyExchange by extracting the handling of the signed data.
2022-07-01 14:24:59 +10:00
7555cd0685
Fix a couple of STM32 bugs, and add some missing mutex frees.
2022-06-30 16:11:16 -07:00
402a4dafd4
Merge pull request #5306 from kareem-wolfssl/ltc_ed235519
...
Fix missing return checks in KSDK ED25519 code.
2022-06-30 16:06:45 -07:00
b7ec529f61
wolfcrypt/src/siphash.c: in wc_SipHash(), use FALL_THROUGH macro, not /* fall-through */.
2022-06-30 17:07:35 -05:00
867a1f7afa
Merge pull request #5289 from TakayukiMatsuo/tls13
2022-06-30 15:49:53 -06:00
13beadbfc3
Fix missing return checks in KSDK ED25519 code.
2022-06-30 13:35:00 -07:00
26a62b4b9e
drafted pathlen for cert struct
2022-06-30 17:16:10 +02:00
ba19737627
Add support for TLS1.3
2022-06-30 23:00:05 +09:00
e8e35c9a92
Merge pull request #5301 from SparkiDev/aes_gcm_word_ct
...
AES-GCM: make word implementation of GMULT constant time
2022-06-29 20:26:33 -07:00
8b93d4510d
AES-GCM: make word implementation of GMULT constant time
...
If performance is impacted then define: AES_GCM_GMULT_NCT
2022-06-30 09:29:04 +10:00
0159f17692
SP int math; submod fix
...
Fix for sp_submod() to reduce by modulus when a or b are equal to
modulus as well as when greater.
2022-06-30 08:53:25 +10:00
5adf7e4eb7
wolfcrypt/src/asn.c wc_BuildEccKeyDer(): fix for clang-analyzer-deadcode.DeadStores.
2022-06-28 19:14:58 -05:00
90aaeb283e
wolfcrypt/src/siphash.c: add missing !WOLFSSL_NO_ASM clause in gate around inline asm.
2022-06-28 18:19:58 -05:00
ce61653a9a
wolfcrypt/src/asn.c: fixes for ARM portability (GetASN_Items()), unintended fallthrough (OidFromId()), and uninitialized variable (DecodeSubjInfoAcc()).
2022-06-28 18:18:42 -05:00
f51c29d3ca
Merge pull request #5293 from SparkiDev/asnt_setecc
...
ASN template: Handle HAVE_OID_ENCODING
2022-06-28 15:45:13 -07:00
092b37f709
Merge pull request #5287 from haydenroche5/aes_ctr_clear_left_on_iv_set
...
Clear the leftover byte count in Aes struct when setting IV.
2022-06-29 08:30:01 +10:00
741393e84f
Merge pull request #5291 from kaleb-himes/FRDM-K64-Fixes
...
Add necessary includes for cross-builds
2022-06-28 09:35:06 -07:00
d4d7e2e5f2
Merge pull request #5294 from SparkiDev/sp_math_all_no_128bit
...
SP math all: don't use sp_int_word when SQR_MUL_ASM available
2022-06-28 07:38:42 -07:00
22336d30e5
SP math all: don't use sp_int_word when SQR_MUL_ASM available
...
1. _WIN64 doesn't have 128-bit type but now can use 64-bit sp_int_digit
when assembly code snippets are being used.
2. Fix sp_div() to support values closer to maximum size.
3. Fix builds to work for more configurations.
4. Have ECC uncompressed code keep intermediate values in range of
maximum (x^3 calculation fixed).
5. Fix configuation.ac's check of FIPS for using signed SP Math All.
Default now not signed as intended.
2022-06-28 15:51:53 +10:00
3c3a90c988
ASN template: Handle HAVE_OID_ENCODING
...
When HAVE_OID_ENCODING is defined, the named curve OID is encoded rather
than the full OID.
Use SetCurve to get the OID encoding in ASN template implemenation.
2022-06-28 09:04:42 +10:00
9d11e9092f
Add necessary includes for cross-builds
2022-06-27 13:50:27 -06:00
94e7eacc5f
Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer
...
add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
2022-06-27 12:34:00 -07:00
456e463640
Merge pull request #5283 from SparkiDev/sp_arm32_asm_rework
...
SP ASM ARM32: reworked generation using common asm ruby code
2022-06-27 09:17:20 -07:00
b84b808b1b
Merge pull request #5167 from ejohnstown/cac-ext
...
Add support for some FPKI certificate cases, UUID, FASC-N, PIV extension
2022-06-27 09:06:15 -07:00
999fa8394e
SP ASM ARM32: reworked generation using common asm ruby code
...
Add support for ARMv6 and ARMv3.
2022-06-27 11:19:50 +10:00
10dfd8d129
Clear the leftover byte count in Aes struct when setting IV.
...
Setting the key already does this. The same needs to be done when setting the
IV.
2022-06-26 15:56:05 +04:00
9211825121
sp_int.c: fix refactor of undefined-semantics shift in _sp_mul().
2022-06-24 18:04:51 -05:00
49740c5543
initialize variables
2022-06-24 15:21:20 -06:00
047c662af8
fix math errors unmasked by change to sp-math-all as default math back end.
2022-06-24 15:56:54 -05:00
1977a13754
improve comment for FPKI additions
2022-06-24 12:04:26 -06:00
00b82888bc
Merge pull request #4759 from dgarske/sp_math_default
...
Enable wolfSSL SP Math all (sp_int.c) by default
2022-06-23 16:14:54 -07:00
43e11ec756
improve comments for subject name email matching
2022-06-23 15:52:28 -06:00
4de90efbe2
clear out PKEY when setting new key
2022-06-23 14:21:53 -07:00
79ea30a957
memory free on failure, spelling, better function name
2022-06-23 13:40:45 -06:00
78d3284c3c
Fix for FIPS 140-2 and older ACVP math selection. Fix for building with "--disable-sp-math-all --disable-fastmath". Fix for building SAKKE with HAVE_WOLF_BIGINT.
2022-06-23 11:10:44 -07:00
ee12c12e98
Fixes required to make SP Math default
...
fasthugemath means turn on fastmath
Use sp_int_digit and not sp_digit in sp_int.c.
test.c needs to use large static buffer when SP Math used like fastmath.
When building static memroy, SP math all without WOLFSSL_SP_NO_MALLOC is
a valid configuration.
Fix freeing of bigint in sp_int.c.
Cast x to a signed value to negate and then back to unsigned. (For
Windows builds.)
Remove warning about empty file on Windows about integer.obj.
Allow RSA verify only and RSA public only to be used with other public
key algorithms.
If building for FIPS, then older versions of RSA and ECC require SP Math
to support negative numbers.
Get old FIPS files building with SP int.
Disallow --enable-sp-math and --enable-sp-math-all.
When just --enable-sp-math on configuration line then disable SP Math
all.
2022-06-23 14:15:54 +10:00
8d804f6378
Merge pull request #5260 from dgarske/sp_ecc_nb_hash
...
Fix for SP math ECC non-blocking to always check `hashLen`
2022-06-23 07:59:28 +10:00
7d62fd09e4
remove subject/issuer email from altEmailNames list
2022-06-21 16:59:36 -06:00
74d692d6d5
Fix for SP math ECC non-blocking to always check hashLen. ZD14141
2022-06-21 15:54:01 -07:00
9e1ecf3fb5
Merge pull request #5194 from TakayukiMatsuo/heaphint
2022-06-21 16:39:07 -06:00
bd536d3c9d
Merge pull request #5229 from miyazakh/sce_example_update
2022-06-21 16:33:54 -06:00
69ca1d37c0
fixes for defects identified by wolfssl-multi-test: whitespace, missing void in arg lists, and -Wunused-but-set-variable found by clang-15 (prerelease).
2022-06-20 10:54:55 -05:00
David Garske
Kareem
Sean Parkinson
Daniel Pouzzner
Chris Conlon
Stanislav Klima
TakayukiMatsuo
kaleb-himes
Hayden Roche
Jacob Barthelmeh