wolfssl

mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 07:49:17 +01:00

Author	SHA1	Message	Date
John Safranek	d40e9f78cd	Restore the HKDF code to hmac.c. For compatibility between FIPS builds.	2021-04-02 15:03:09 -07:00
John Safranek	273bfc38ff	Remove redundant pairwise test from DH and ECC.	2021-04-01 08:14:19 -07:00
John Safranek	f1a97904c5	Move the KDF functions into their own source file.	2021-03-26 14:17:18 -07:00
John Safranek	a57be5a8e5	Rename the PCT error codes to remove 'FIPS' since they can be enabled without FIPS.	2021-03-26 10:49:52 -07:00
John Safranek	9e3e14c875	Add guard around ECC PCT for builds without validate keygen.	2021-03-25 10:22:34 -07:00
John Safranek	dad73837f4	Hushed compiler warnings about unused variables.	2021-03-24 17:48:48 -07:00
John Safranek	c6545b5ad5	Merge branch 'master' into fipsv3	2021-03-24 17:15:15 -07:00
John Safranek	e788b2805f	56Ar3 Testing Updates 1. Add PCTs for ECC and FFC. 2. Update the public key checks for ECC and FFC.	2021-03-24 16:58:52 -07:00
toddouska	3ac03d3d66	Merge pull request #3805 from JacobBarthelmeh/copyright update copyright date to 2021	2021-03-15 16:16:50 -07:00
Sean Parkinson	a55e94cf6f	ECCSI and SAKKE: add support Fixes for static code analysis included. Added const to function parameters. Zeroise some temporaries.	2021-03-12 09:31:22 +10:00
Jacob Barthelmeh	c729318ddd	update copyright date	2021-03-11 13:42:46 +07:00
toddouska	72eebd6e75	Merge pull request #3795 from JacobBarthelmeh/CAAM Addition of QNX CAAM driver	2021-03-10 15:04:21 -08:00
Sean Parkinson	ff3325fcaf	SP ECC: Fix P-256 modinv for AVX2 modinv AVX2: do quick norm on result twice and convert 32-bit signed to 64-bit signed before adding P-256 mont_add, mont_dbl, mont_tpl, mont_sub x64: handle mul/sqr result being greater than modulus but not greater than 1<<256.	2021-03-09 08:42:07 +10:00
John Safranek	7134608d9f	Merge branch 'master' into fipsv3 # Conflicts: # wolfssl/wolfcrypt/hash.h	2021-03-05 07:59:04 -08:00
Jacob Barthelmeh	6d0dbbe1c0	add IDE/QNX/README.md and add WOLFSSL_QNX_CAAM guard	2021-03-05 14:43:23 +07:00
David Garske	7983734dcb	Merge pull request #3786 from tmael/cc310_ecc_importkey Add Cryptocell wc_ecc_import_x963_ex	2021-03-04 13:59:54 -08:00
John Safranek	6fa1fe5b8e	ECC key gen should call ECC check key.	2021-03-04 13:19:02 -08:00
Jacob Barthelmeh	79ec07f5e1	adjustment after rebase	2021-03-03 18:45:40 +07:00
Jacob Barthelmeh	69a0b643be	removing some magic numbers	2021-03-03 18:45:40 +07:00
Jacob Barthelmeh	749425e1e8	first pre alpha code for QNX + CAAM manual run of RNG init and JDKEK print job ring does initial rng is successful on some red key blob operations caam red key blob test pass ecdsa sign/verify ecdsa ecdh/sign/verify with black secure key ecdsa ecdh/sign/verify with black secure key initial cmac addition initial cmac addition black blob encap black keys with cmac add invalidate memory refactoring and clean up more code cleanup add files for dist and remove some printf's remove unneeded macro guard use resource manager	2021-03-03 18:45:40 +07:00
David Garske	9fe7be5ac4	Improve the key ecc_set NULL checking for possible use of `key->dp == NULL` cases. This is cases where the key has not been properly iniailized or loaded prior to calling from a public API.	2021-03-01 17:17:40 -08:00
David Garske	3a3c0be43f	Fixes for build warnings for CryptoCell with ECC and RSA.	2021-02-24 15:05:27 -08:00
Tesfa Mael	9bfbc999d9	Move variable declarations to the top	2021-02-23 13:21:50 -08:00
Tesfa Mael	c7b1dc8f94	Fix Cryptocell ECC tests	2021-02-19 16:39:45 -08:00
toddouska	3eeeb39fb7	Merge pull request #3711 from dgarske/ecc_encrypt_rng Fix for `--enable-eccencrypt` with timing resistance enabled	2021-02-11 12:28:13 -08:00
toddouska	389a5e0301	Merge pull request #3684 from SparkiDev/sp_fixes_5 SP fixes: even mod testing, ECC compilation with SP	2021-02-10 16:10:21 -08:00
Sean Parkinson	7efaf14fce	Merge pull request #3727 from JacobBarthelmeh/Prime check prime is prime with ecc compressed keys	2021-02-11 09:22:40 +10:00
Sean Parkinson	64bc4b663d	SP fixes: even mod testing, ECC compilation with SP Even mod inversion will sometimes work with integer.c. Don't call SP code to perform ECC ops unless WOLFSSL_HAVE_SP_ECC is defined.	2021-02-10 14:38:58 +10:00
toddouska	157ad65a6e	Merge pull request #3677 from SparkiDev/ecdsa_keep_e ECDSA: don't modify the e mp_int (hash) value	2021-02-09 16:06:05 -08:00
Jacob Barthelmeh	812b44d58e	guard check on prime with macro WOLFSSL_VALIDATE_ECC_IMPORT	2021-02-08 20:25:01 +07:00
Jacob Barthelmeh	cced2038b8	conditional compile and check on idx	2021-02-08 06:10:04 +07:00
Jacob Barthelmeh	644636e0f8	only check prime value with custom curves	2021-02-06 05:46:19 +07:00
David Garske	70b382e6cf	Fix for PKCS11 not properly exporting the public key due to a missing key type field. This broke due to changes in PR #3687 . Also resolved mismatch of enum types for the key type check.	2021-02-05 11:49:31 -08:00
Jacob Barthelmeh	c2be5dbe2b	check prime is prime with ecc compressed keys	2021-02-06 01:54:25 +07:00
David Garske	72a8a1069a	Fix to only set missing RNG if needed. Resolves unit test, which already sets the RNG on the private key and the incoming context is not provided (use local).	2021-02-02 14:16:21 -08:00
David Garske	04e7fa3657	Fix for `--enable-eccencrypt` with timing resistance enabled. The ECC shared secret was missing the RNG. Fixes https://github.com/wolfSSL/wolfssl-examples/issues/243	2021-02-02 13:55:42 -08:00
Daniel Pouzzner	a332cf36b5	add DYNAMIC_TYPE_AES and DYNAMIC_TYPE_CMAC to enum in types.h, and use these where appropriate; in test.c: use use HEAP_HINT, not NULL in XMALLOC/XFREE calls; fix a couple typos in aes_test() re WOLFSSL_ASYNC_CRYPT; add various missing WOLFSSL_SMALL_STACK_STATIC qualifiers; and streamline old smallstack refactor on-stack declarations declarations to use the much neater [1] construct.	2021-01-29 17:17:31 -06:00
Daniel Pouzzner	0f6ae330da	wolfcrypt: smallstack refactors of AES code for lkm compatibility with --enable-aesgcm=table.	2021-01-28 22:51:28 -06:00
Sean Parkinson	c739b4d474	ECDSA sign: cleanup comments and variables Remove mod at end as mulmod does this. Change mp_add to mp_addmod_ct to keep the size of numbers to less than order for mp_mulmod.	2021-01-27 09:39:11 +10:00
toddouska	d201820e3a	Merge pull request #3687 from guidovranken/x963-export-reject-invalid-keys Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export …	2021-01-25 14:46:59 -08:00
toddouska	cf9e4f0caf	Merge pull request #3518 from julek-wolfssl/openssh-fixes-v2 Fixes for openssh	2021-01-25 14:45:56 -08:00
Guido Vranken	29f7eebef7	Reject undefined keys (eg. state is ECC_STATE_NONE) from X963 export functions Additionally, harmonize the failure conditions of wc_ecc_export_x963 and wc_ecc_export_x963_compressed.	2021-01-25 16:22:21 +01:00
Guido Vranken	905f0b1f5a	Fix wc_ecc_sign_hash memory leak. ZD 11556.	2021-01-22 09:55:30 +01:00
Sean Parkinson	9c34ecc130	ECDSA: don't modify the e mp_int (hash) value Multiple loops of generating signatures require the same e value.	2021-01-22 12:51:21 +10:00
Sean Parkinson	7d869a43b4	ECDSA set k: WOLFSSL_ECDSA_SET_K_ONE_LOOP only tries k and fails when it fails	2021-01-19 14:07:03 +10:00
Juliusz Sosinowicz	a745947498	Code review changes	2021-01-08 15:27:30 +01:00
Juliusz Sosinowicz	23a4d64caf	wolfSSL_EVP_PKEY_set1_EC_KEY should generate PKCS8 internal DER buffer This PKCS8 buffer should include both the private and the public parts of the key.	2021-01-08 15:27:30 +01:00
Juliusz Sosinowicz	cd4affddac	Set ecc_key.rng when using ECC_TIMING_RESISTANT Set ecc_key.rng to either a local rng struct or the globalRNG object when using ECC_TIMING_RESISTANT Add helpful logs to some ecc functions	2021-01-08 15:18:00 +01:00
Sean Parkinson	f955c92008	ECC gen z: convert blinding value to Montgomery form before using	2021-01-07 11:30:58 +10:00
David Garske	060ebd1ca2	Fix for possible ECC sign memory leak when using `WOLFSSL_ECDSA_SET_K` and `wc_ecc_sign_set_k`, where the k is not valid. ZD 11438.	2020-12-30 09:54:54 -08:00

1 2 3 4 5 ...

532 Commits