Commit Graph

72 Commits

Author SHA1 Message Date
Sean Parkinson f153e65102 SHA-3: check BMI1 availablity for ASM
Added benchmarking of SHAKE128 and SHAK256.
2022-09-05 14:11:02 +10:00
Sean Parkinson ce8959ea77 SHA-3 improvements
Add x86_64 assembly code:
  - BMI2
  - AVX2 (using ymm, slower than BMI2)
  - AVX2 of 4 similtaneous hashes
Add SHAKE128 functions and tests.
Add Absorb and Squeeze functions for SHAKE128 and SHAK256 and tests.
Add doxygen for SHA-3 and SHAKE functions.
Update other generated x86_64 assembly files to include settings.h.
2022-09-01 17:11:58 +10:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Jacob Barthelmeh e9aae8b571 use hash grow function with cmac 2022-04-06 15:08:19 -06:00
JacobBarthelmeh 91d883d99f macro guard on ECB test case and use realloc for hash 2022-04-06 07:04:17 -07:00
JacobBarthelmeh a338b4c933 refactor SHA grew function, revert benchmark devid, increase SHA_CTX size, add AES ECB cryptocb test 2022-04-05 14:45:18 -07:00
Daniel Pouzzner 8c3cbf84f9 add missing gating around WOLFSSL_NO_SHAKE256, WOLFSSL_NOSHA512_224, and WOLFSSL_NOSHA512_256. 2021-10-26 20:24:27 -05:00
John Safranek 2de6b3b2bd Move the KDF functions into their own source file. 2021-10-26 20:24:25 -05:00
John Safranek a49125e613 FIPS KDF Update
1. Copied the TLSv1.2 PRF into hmac.c since it uses it and the TLSv1.3
   HKDF is in there as well.
2. Added guard around the old TLS PRF so that it switches in correctly
   for older FIPS builds only.
2021-10-26 20:24:24 -05:00
David Garske a03ed32380 Support for Android KeyStore compatibility API's:
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
TakayukiMatsuo 56843fbefd Add support for EVP_sha512_224/256 (#4257) 2021-09-02 14:05:07 +10:00
TakayukiMatsuo 0dc98b8299 Add support for EVP_shake128/256 2021-08-02 13:00:31 +09:00
kaleb-himes 94831eadf1 Sync SHAKE256 default (disabled) with parent default edDSA448 (disabled) and remove WOLFSSL_NO_SHAKE256 flag 2021-06-01 11:38:17 -06:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
David Garske c62b48f7d0 Fixes for building with RSA public or verify only. Fixes issue with reserved "div" keyword as variable name. ZD11585 2021-02-18 07:47:00 -08:00
toddouska 7e5f838f48 Merge pull request #3577 from dgarske/releasefixes_async
Release fixes for asynchronous crypto
2020-12-18 14:10:01 -08:00
David Garske ce0a2f3bc9 Fixes for Cavium Nitrox and Intel QuickAssist. 2020-12-17 15:53:28 -08:00
Juliusz Sosinowicz a7ec58003e PKCS7 changes
- Allow PKCS7_EncodeSigned to be called with a zero content length
- wc_HashUpdate now doesn't error out on zero length data
- First cert in wolfSSL_PKCS7_encode_certs is treated as main cert and the PKCS7 struct is initialized with it
- wolfSSL_BIO_get_mem_data returns the buffer from the last bio in chain
2020-12-17 14:26:49 +01:00
David Garske 64b081f3c9 Improve the SHA256 crypto callback for ASN, so a wc_Sha/wcSha256 context exists for certificate hashing. 2020-10-30 12:18:19 -07:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
David Garske ba9dc11e62 Adds options to disable the hash wrappers (NO_HASH_WRAPPER) and base64 decode (NO_WOLFSSL_BASE64_DECODE). 2020-02-05 11:58:44 -05:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
David Garske b780982aa4 Adds "devId" crypto device and "heap" context for Hash wrappers and PBKDF
* Adds new hash wrapper init `wc_HashInit_ex`.
* Adds new PBKDF2 API `wc_PBKDF2_ex`.
ZD 9494 (using PBKDF2)
2019-11-18 11:26:56 -08:00
Daniele Lacamera 51ea806d8b Allow pwdbased module to compile without ASN 2019-11-05 10:16:46 +01:00
David Garske 5ea13a09f6 Adds Blake2s support (--enable-blake2s), which provides 32-bit Blake2 support. 2019-05-28 10:30:19 -07:00
Jacob Barthelmeh 2a6ab9549b add macro guards 2019-04-23 13:51:58 -06:00
Sean Parkinson cc5ba81245 SHA-3 support in Hash 2019-04-05 14:52:23 +10:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske 838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
Eric Blankenhorn 02ff19a6c4 Moving PRF to wolfcrypt 2019-01-16 17:23:49 -06:00
Chris Conlon def7a91e70 fix CAVP selftest build errors 2018-10-30 16:35:45 -06:00
David Garske efbabbfb29 Further improvements to hashing code to make sure wc_*Free is always called including wc_HashFree. Added new defines to disable PIC32MZ hardware features using NO_PIC32MZ_HASH, NO_PIC32MZ_RNG and NO_PIC32MZ_CRYPT. 2018-07-26 14:41:30 -07:00
David Garske 92cb8f06ea Fixes to make sure hash free is always called (resolves memory leaks with PIC32MZ hashing hardware). Only print Alloc/Free messages with track memory when WOLFSSL_DEBUG_MEMORY_PRINT is defined. Added test for ForceZero with 0 length. 2018-07-25 11:22:03 -07:00
Sean Parkinson 9433fcb820 Allow SHA384 to be compiled in without SHA512 2018-07-20 09:42:01 +10:00
Sean Parkinson 88a2531652 Cache the data allocated in SHA-2 Transform functions
SHA-2 algorithms allocate W each call to transform when using
WOLFSSL_SMALL_STACK.
Put a pointer into the SHA-2 object to cache W.
Change code to call the SHA-2 Free functions now that they are required.
Only cache when WOLFSSL_SMALL_STACK_CACHE is defined.
2018-07-17 09:17:39 +10:00
David Garske 7ae9e4359d Added support for the STM32L4 with AES/SHA hardware acceleration. Fixed a few minor compiler warnings with mis-matched enum types. 2018-06-27 19:40:03 -07:00
Chris Conlon 5d99079603 fix HAVE_SELFTEST build for CAVP selftest 2018-05-30 11:08:18 -06:00
Sean Parkinson 3bb4949e02 Improve coverage
Renumber errors in test.c to be unique.
Fix stack usage to work in --enable-distro --enable-stacksize builds.
2018-05-23 16:24:23 +10:00
David Garske ee5d78f84f Added new wc_OidGetHash API for getting the hash type from a hash OID. Refactor PKCS7 and PKCS12 to use new API and reduce duplicate ocde. Updated wc_GetCTC_HashOID to use wc_HashGetOID and maintain back compat. 2018-04-11 13:53:30 -07:00
David Garske 83bfdb1594 Fix for issue with unique hash types on ctoacrypt FIPS using different values than WC_HASH_TYPE_*. Add new API wc_HashTypeConvert to handle the conversion between enum wc_HashType and int. For FIPS it uses a switch() to convert and for non-FIPS it uses a simple cast. Changed the pwdbased_test to return actual ret instead of adding values (made it difficult to track down error location). 2018-04-11 09:30:30 -07:00
David Garske 1f00ea2115 Fixes for various build issues with type casting and unused functions. Moved mystrnstr to wc_port.c. Added some additional argument checks on pwdbased. 2018-04-09 13:28:15 -07:00
David Garske c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
David Garske 264496567a Improvements to EncryptedInfo. Added build option WOLFSSL_ENCRYPTED_KEYS to indicate support for EncryptedInfo. Improvements to wc_PBKDF1 to support more hash types and the non-standard extra data option. 2018-04-09 13:28:15 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske 6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
David Garske c1640e8a3d Intel QuickAssist (QAT) support and async enhancements/fixes:
* Adds ./configure "--with-intelqa=../QAT1.6”, port files, memory management and README.md (see wolfcrypt/src/port/intel/).
* Added Intel QAT support for RSA public/private (CRT/non-CRT), AES CBC/GCM, ECDH/ECDSA, DH, DES3, SHA, SHA224, SHA256, SHA384, SHA512, MD5 and HMAC.
* wolfSSL async enabled all client and server: PKI, Encrypt/Decrypt, Hashing/HMAC and Certificate Sign/Verify.
* wolfSSL async support in functions: Encrypt, Decrypt, VerifyMAC, BuildMessage, ConfirmSignature, DoCertificate, ParseCertRelative, and MakeSignature.
* wolfCrypt test and benchmark async support added for all HW acceleration.
* wolfCrypt benchmark multi-threading support.
* Added QuickAssist memory overrides for XMALLOC, XFREE and XREALLOC. XREALLOC determines if existing pointer needs reallocated for NUMA.
* Refactor to make sure “heap” is available for async dev init.
* Added async support for all examples for connect, accept, read and write.
* Added new WC_BIGINT (in wolfmath.c) for async hardware support.
* Added async simulator tests for DES3 CBC, AES CBC/GCM.
* Added QAT standalone build for unit testing.
* Added int return code to SHA and MD5 functions.
* Refactor of the async stack variable handling, so async operations have generic args buffer area and cleanup function pointer.
* Combined duplicate code for async push/pop handling.
* Refactor internal.c to add AllocKey / FreeKey.
* Refactor of hash init/free in TLS to use InitHashes and FreeHashes.
* Refactor of the async event->context to use WOLF_EVENT_TYPE_ASYNC_WOLFSSL for WOLFSSL* and WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT for WC_ASYNC_DEV*.
* Suppress error message for WC_PENDING_E.
* Implemented "wolfSSL_EVP_MD_CTX_init" to do memset.
* Cleanup of the openssl compat CTX sizes when async is enabled.
* Cleanup of AES, DES3, DH, SHA, MD5, DES3, DH, HMAC, MD5 for consistency and readability.
* Cleanup of the OPAQUE_LEN.
* Cleanup to use ENCRYPT_LEN instead of sizeof(ssl->arrays.preMasterSecret).
* Changed ssl->arrays.preMasterSecret to use XMALLOC (accelerates HW operations)
* Reduce verbosity with debug enabled for "GetMyVersion", "wolfSSL Using RSA OAEP padding" and "wolfSSL Using RSA PKCSV15 padding".
* Updated RSA un-padding error message so its different than one above it for better debugging.
* Added QAT async enables for each algorithm.
* Refactor of the async init to use _ex.
* Added WC_ASYNC_THRESH_NONE to allow bypass of the async thresholds for testing.
* Reformatted the benchmark results:
PKI: "RSA 2048 private HW 18522 ops took 1.003 sec, avg 0.054 ms, 18467.763 ops/sec"
Crypto/Hashing: SHA-256 SW 350 megs took 1.009 seconds, 346.946 MB/s Cycles per byte = 9.87
* Added min execution time for all benchmarks.
* Moved wc_*GetHash and wc_*RestorePos to appropriate files so use of isCopy flag is local.
* Fix for ECC sign status sometimes being invalid due to uninitialized ECC digest in benchmark.
* Added new DECLARE_VAR/FREE_VAR and DECLARE_ARRAY/FREE_ARRAY macros for helping setup test/benchmark variables to accelerate async.
* Added NO_SW_BENCH option to only run HW bench.
* Added support for PRNG to use hardware SHA256 if _wc devId provided.
* Fix to prevent curve tests from running against wrong curve sizes. Changed wc_ecc_set_curve to match on exact size.
* Added the wc_*GetHash calls to the wolfCrypt tests.
* Added async hardware start/stop to wolfSSL init/cleanup.
* Refactor to add wc_*Copy for hashing context (for async), which replaces wc_*RestorePos.
* Fixes for building with TI hashing (including: SHA224, missing new API’s and building with dummy build for non hw testing). Note: We need to add build test for this `./configure CFLAGS="-DWOLFSSL_TI_HASH -DTI_DUMMY_BUILD”`.
* Added arg checks on wc_*GetHash and wc_*Copy.
* Cleanup of the BuildMD5, BuildSHA, BuildMD5_CertVerify and BuildSHA_CertVerify functions.
* Added new ./configure --enable-asyncthreads, to allow enable/disable of the async threading support. If --enable-asynccrypt set this will be enabled by default if pthread is supported. Allows multi-threaded benchmarks with async simulator.
* Added checks for all hashing to verify valid ->buffLen.
* Fix for SHA512 scan-build warning about un-initialized “W_X”.
* Fix for valgrind un-initialized use of buffer in AllocDer (der->buffer) and BuildTlsFinished handshake_hash.
* Refactor of the benchmarking to use common function for start, check and finish of the stats.
* Fixed issue with ECC cache loading in multi-threading.
* Fix bug with AESNI not aligned code that assumes XMALLOC is 16-byte aligned.
* Added new WC_ASYNC_NO_… options to allow disabling of individual async algorithms. New defines are: WC_ASYNC_NO_CRYPT, WC_ASYNC_NO_PKI and WC_ASYNC_NO_HASH. Additionally each algorithm has a WC_ASYNC_NO_[ALGO] define.
* Added “wolfSSL_GetAllocators” API and fixed the wolfCrypt memcb_test so it restores callback pointers after test is complete (fixes issue with using custom allocators and test breaking it).
2017-04-10 14:45:05 -07:00
Sean Parkinson 455fb96faa Extend testing for coverage 2017-03-01 09:37:18 +10:00
Jacob Barthelmeh 0ed8024bcf adjust return value of hash update and address warning with NO_SHA 2017-02-28 13:40:03 -07:00
Chris Conlon a5b267087f add ANSI-X9.63-KDF support [SEC1] 2016-12-07 20:26:09 -07:00
Sean Parkinson abcd6af512 Disable SHA-224 in FIPS 2016-11-11 16:29:34 +10:00