wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-28 20:29:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,979 Commits 12 Branches 184 Tags
v4.5.0-stable
Commit Graph

4015 Commits

Author SHA1 Message Date
Sean Parkinson
549c47de65 Handle when k is 1 or order + 1 for timing resistant ECC 2020-08-19 10:50:37 -07:00
David Garske
1f10e77b0f Fix for SP math with WOLFSSL_VALIDATE_ECC_KEYGEN. Fixes logic error on point x/y zero check. 2020-08-19 09:30:32 -07:00
Sean Parkinson
38b717eb42 Clear MP in ECC to free allocated memory 2020-08-18 17:54:25 -07:00
John Safranek
113753370d Long Test Fixes 
1. Sniffer was trying to log a NULL pointer as a string. Logged a string instead.
2. Few misc fixes in ECC.
 2020-08-18 17:54:25 -07:00
John Safranek
6e49a63e50 fix call to MakeAnyCert from wc_MakeNtruCert(); it was missing the new parameter 2020-08-17 17:12:11 -07:00
toddouska
028bddd7ab Merge pull request #3215 from ejohnstown/release-4.5.0 
Release Update
 2020-08-17 13:51:23 -07:00
Sean Parkinson
cb5d6a5c12 Check ECC scalar before multiplication 
A k with more bits than in order doesn't work in ECC scalar
multiplication.
Check private key length in wc_ecc_check_key()
Check private key length in ecc_make_pub_ex()
 2020-08-17 08:39:39 -07:00
John Safranek
3f6861ee82 FIPS Ready Fix with ECC Timing Resistance 
Commit 6467de5 added some timing resistance to ECC shared secret
agreement. It involved adding an RNG object to the ecc keys so
a random z value can be added to the mix. The older FIPS release
has ECC outside the boundary, so it uses the new ECC code. FIPSv2
has ECC inside the boundary, but all the TLS code checks for that
version of FIPS and leaves out the calls to the new functions as
it is using an older version of ecc.c. FIPS Ready uses the latest
version of ecc.c but compiles as FIPSv2. So, the code outside of
the crypto layer is treating ECC as FIPSv2 and not calling the new
functions, but the crypto layer assumes the RNG should be present,
and errs out on testing.
1. Added a separate option for FIPS Ready to the enable-fips
   configure option. `--enable-fips=ready`. It will treat FIPS
   Ready as the next kind of FIPS release. FIPS Ready will be
   treated like FIPS v3 in the build.
2. Changed the C preprocessor checks for FIPS version 2 to be
   checks for not version 2, with respect to ECC Timing Resistance
   and FIPS builds.
 2020-08-14 10:54:55 -07:00
John Safranek
1dc0a76436 Patch from Jacob. When parsing a certificate name, if an item is unknown, its NID is set to 0. Don't try to add NID's of 0. 2020-08-13 17:01:26 -07:00
John Safranek
7e6863e78b resolving build issues for FIPSv2 OE2 with --enable-opensslextra 2020-08-13 13:24:44 -07:00
Sean Parkinson
bc74bfebdd Fixes from C++ and address access checking 
Fix access of table for cache resistance.
Don't name variable public or private.
Cast from void*
 2020-08-13 15:19:49 +10:00
John Safranek
e30341ea83 Merge pull request #3190 from embhorn/zd10712 
Sanity check key sizes
 2020-08-12 09:37:40 -07:00
toddouska
fa146870bd Merge pull request #3155 from julek-wolfssl/openssh-fixes-cherry-picked 
Additional OpenSSL compat stuff for OpenSSH
 2020-08-11 16:32:31 -07:00
Daniel Pouzzner
e4fe6b6573 Merge pull request #3210 from dgarske/rsa_checkkey_sp 
Fix for `unit.test` error with SP and RSA 1024-bit key gen
 2020-08-11 12:00:41 -05:00
Sean Parkinson
6467de5a88 Randomize z ordinates in scalar mult when timing resistant 
An RNG is required for shared secret calculation now.
Use wc_ecc_set_rng() to set an RNG against the ECC object.
ECC verification does not need timing resistance and does not randomize
z ordinates.
 2020-08-11 16:12:47 +10:00
Sean Parkinson
3ce933c90a Make fp_montgomery_reduce constant time 2020-08-11 16:12:10 +10:00
Sean Parkinson
0102902445 Add and use a mp_cmp_mag that is constant time. 2020-08-11 16:12:10 +10:00
Sean Parkinson
8b05160349 Reworked ECC mulmod and fix size of k 
When using wc_ecc_mulmod_ex2(), the k size can be fixed to be one bit
longer than order.
 2020-08-11 16:12:10 +10:00
Sean Parkinson
9ef9671886 ECC uses CT vers of addmod, submod and div_2_mod 
The TFM implementations of mp_submod_ct, mp_addmod_ct,
mp_div_2_mod_t are more resilient to side-channels.
 2020-08-11 16:12:10 +10:00
toddouska
242df3d11a Merge pull request #3209 from SparkiDev/jenkins_fixes_1 
Fixes from Jenkins failures
 2020-08-10 14:30:27 -07:00
David Garske
26aaf473db Fix for unit.test error with RSA 1024-bit key gen when using ./configure --enable-keygen --enable-sp. Issue started in PR #3119 2020-08-10 12:40:29 -07:00
Eric Blankenhorn
50647ccdb1 Sanity check key sizes 2020-08-10 07:19:33 -05:00
Sean Parkinson
72d1352bd6 Fix ARM builds 
Need to include options.h in assembly now.
bufPt declared in block but not outside.
poly1305_block and poly1305_blocks need prototype - declaration in
wolfcrypt/src/port/arm/armv8-poly1305.c (__arch64__ only).
 2020-08-10 11:59:10 +10:00
David Garske
62e78b7cf4 Fix state machine after script rebase. 2020-08-07 16:56:58 -07:00
David Garske
bc03b5793c Add state for ECC verify non-blocking and mont_inv_order to reduce maximum blocking time. 2020-08-07 16:48:16 -07:00
David Garske
f7fcef5f32 Fix for build error / typo for ECC 256-bit non-blocking only. 2020-08-07 16:47:08 -07:00
David Garske
c0a664a8e5 Merge pull request #3200 from douzzer/20200805 
Add an error-checking wc_curve25519_make_pub() routine to the API for use by Wireguard
 2020-08-07 16:32:52 -07:00
toddouska
89e6f3bcd5 Merge pull request #3206 from SparkiDev/ed448_oob 
ED448: Fix out of bounds read in import public
 2020-08-07 15:36:11 -07:00
toddouska
17cc941b29 Merge pull request #3195 from SparkiDev/sp_ecc_cache 
SP ECC Cache Resitance
 2020-08-07 15:35:06 -07:00
Daniel Pouzzner
0faff24a65 refactor wc_curve25519_make_key() to use wc_curve25519_make_pub() to complete the pair. also, add call to fe_init() in the non-NXP codepath of wc_curve25519_make_pub() (note fe_init() is currently a no-op). 2020-08-07 13:02:35 -05:00
Sean Parkinson
4c00af1136 ED448: Fix out of bounds read in import public 
Fix formatting
 2020-08-07 14:11:11 +10:00
Sean Parkinson
1ea3dc5f55 SP ECC: initialize infinity in make key 2020-08-07 12:15:31 +10:00
Daniel Pouzzner
f6acbd5f97 test_wc_curve25519_make_pub(): fix order of args to wc_curve25519_make_pub(). 2020-08-06 18:37:00 -05:00
Daniel Pouzzner
c325001d0d note argument endianness and return values in intro comment for wc_curve25519_make_pub(). 2020-08-06 18:07:39 -05:00
Daniel Pouzzner
758665e347 Fix for TLS anonymous cipher and PKCS11 cast warnings. (author=dgarske) 2020-08-06 17:49:55 -05:00
Daniel Pouzzner
52a2222c79 curve25519.c: call the new API routine wc_curve25519_make_pub(), not wc_curve25519(), for clarity and consistency (hat tip to Jacob). 2020-08-06 14:48:29 -05:00
toddouska
15be5476e9 Merge pull request #3185 from SparkiDev/fp_check_max 
tfm: Check for overflow and return error (fixed max size)
 2020-08-06 10:54:26 -07:00
toddouska
462f4f9e45 Merge pull request #3196 from cconlon/cavpmarvell 
Add fips-check.sh target for marvell-linux-selftest, selftest v2 support
 2020-08-06 10:45:03 -07:00
Daniel Pouzzner
b2e7c09b71 ksdk_port.c: third time's the charm? (typo, s/curve25529_bCurveParam/curve25519_bCurveParam) 2020-08-06 12:02:01 -05:00
Daniel Pouzzner
7ae789dbb0 wolfcrypt/src/curve25519.c: fix typo in wc_curve25519() -- CURVE25519_KEYSIZE, not CURVE25519_KEY_SIZE; add static kCurve25519BasePoint at top level 2020-08-06 11:45:54 -05:00
Daniel Pouzzner
5cad0b10e5 fix typo in wolfcrypt/src/port/nxp/ksdk_port.c ("curve_bCurveParam" vs correct curve25529_bCurveParam) introduced in aadec345ab. 2020-08-06 11:35:04 -05:00
Juliusz Sosinowicz
139a192185 Implement wolfSSL_d2i_X509_NAME 2020-08-06 15:52:11 +02:00
Juliusz Sosinowicz
1f0d6d5f31 New functions implemented 
- `EC_POINT_is_on_curve`
- `i2d_EC_PUBKEY`
- `i2d_ECPrivateKey`
- `wc_ecc_point_is_on_curve`
 2020-08-06 15:52:11 +02:00
Daniel Pouzzner
18178e056d add missing const qualifiers to arch variants of curve25519(), and to nxp_ltc_curve25519(). 2020-08-05 21:12:50 -05:00
David Garske
4a167c0f2c Merge pull request #3119 from tmael/do178-fix 
DO-178 fix
 2020-08-05 16:30:00 -07:00
Sean Parkinson
83caf39caa SP ECC Cache Resitance 
SP ECC improved cache attack resistant implementation.
On by defualt and turn off with WC_NO_CACHE_RESISTANT.
 2020-08-06 08:21:08 +10:00
Daniel Pouzzner
ffa2cdd2d1 add public function wc_curve25519() "compute the public key from an existing private key, using bare vectors."; rename existing _LOCAL functions wc_curve25519_GetBasePoint() and wc_curve25519() to nxp_ltc_curve25519_GetBasePoint() and nxp_ltc_curve25519() respectively; add const qualifiers opportunistically to existing _LOCAL function curve25519() 2020-08-05 16:28:17 -05:00
Chris Conlon
d12b80abdf Merge pull request #3192 from ethanlooney/21st_branch 
Added check for wolfmath.c for digits == 0 and test for api.c
 2020-08-05 09:51:51 -06:00
Sean Parkinson
6c4bcb3b59 tfm: Check for overflow and return error (fixed max size) 2020-08-05 10:42:32 +10:00
Tesfa Mael
5d7649c959 Review comment in sp_int file 2020-08-04 15:37:20 -07:00