mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,014 Commits 5 Branches 162 Tags
Commit Graph

2660 Commits

Author SHA1 Message Date
David Garske
18d5b3393c Correct NULL cryptocb case. 2019-02-12 16:03:10 -08:00
David Garske
891abe130a Added Crypto callback support for ASN CalcHashId. Added arg checking to cryptocb functions. 2019-02-12 16:03:10 -08:00
David Garske
9fc0610720 Fix to ensure hash devCtx is cleared. 2019-02-12 16:03:10 -08:00
David Garske
dad88b4c81 Improvements to the STM32L4 random generation code for improved performance and error handling. Added new WOLFSSL_STM32_RNG_NOLIB define to support generic STM32 series RNG without external ST library. 2019-02-12 16:03:10 -08:00
Kaleb Himes
f824c8c769
Merge pull request #2077 from ejohnstown/ocsp-ecdsa 
OCSP and ECDSA Signers
 2019-02-12 09:50:37 -07:00
Sean Parkinson
66ab6d8c22 Check FindObjectFinal call for error 2019-02-12 09:07:14 +10:00
Sean Parkinson
e86aae00ed Change to allow setting of devId for private key 2019-02-11 12:37:44 +10:00
Sean Parkinson
47922a4d87 Support in SSL for setting a private key id 
Works with PKCS #11 to use key on device.
 2019-02-11 10:38:38 +10:00
John Safranek
6298074f93 OCSP and ECDSA Signers 
OCSP uses an identified hash of the issuer's public key to identify the
certificate's signer. (Typically this is SHA-1, but can be any SHA
hash.) The AKID/SKID for the certificates usually are the SHA-1 hash of
the public key, but may be anything. We cannot depend on the AKID for
OCSP purposes. For OCSP lookups, wolfSSL calculates the hash of the
public key based on the copy saved for use with the handshake signing.
For RSA, that was fine. For ECDSA, we use the whole public key including
the curve ID, but for OCSP the curve ID isn't hashed. Stored the hash of
the public key at the point where we are looking at the key when reading
in the certificate, and saving the hash in the signer record.
 2019-02-07 17:34:25 -08:00
toddouska
4f4d16d9e5
Merge pull request #2068 from dgarske/pkcs7_verify_degenerate 
Fixes to handle degenerate PKCS 7 with BER encoding
 2019-02-07 15:00:21 -08:00
Jacob Barthelmeh
ec28376e7f add PKCS7 BER verify test and fix for streaming 2019-02-06 11:05:15 -07:00
toddouska
4a5652f318
Merge pull request #2061 from SparkiDev/x86_asm_not_in_c 
Pull out x86_64 ASM into separate files
 2019-02-01 10:01:34 -08:00
toddouska
1258467b0a
Merge pull request #2054 from SparkiDev/pkcs11_rng 
Add support for random and getting entropy (seed) with PKCS#11
 2019-02-01 09:59:12 -08:00
toddouska
4a177a8a30
Merge pull request #1997 from tmael/portingDeos 
Initial Deos RTOS port
 2019-02-01 09:56:55 -08:00
David Garske
c82d11f47d Cleanup of the PKCS7 stream long rc and braces. 2019-01-31 14:37:25 -08:00
David Garske
3a0afc3506 Fixes to handle degenerate PKCS 7 with BER encoding in PKCS7_VerifySignedData. Fix for PKCS7 API unit test with SHA512 disabled. ZD 4757. 2019-01-31 14:36:46 -08:00
Sean Parkinson
7822cef1ac Pull out x86_64 ASM into separate files 2019-01-29 13:08:24 +10:00
toddouska
0d8ca06928
Merge pull request #2052 from dgarske/atecc_fixes 
Fixes for ATECC with PMS outlen and `ATECC_MAX_SLOT`
 2019-01-25 14:26:09 -08:00
Sean Parkinson
743f8b576f Add support for random and getting entropy (seed) with PKCS#11 
Getting the seed from a device has been added.
If the HASH_DRBG is available, PKCS#11 will be used for generating the
seed.
Otherwise, all generated random data will come from PKCS#11 device.
 2019-01-25 08:01:30 +10:00
toddouska
d16c2ca7c6
Merge pull request #1865 from JacobBarthelmeh/Optimizations 
--enable-afalg=xilinx
 2019-01-22 14:19:54 -08:00
David Garske
7c4fa33937 Improve the error handling for non ECC_SECP256R1 curve in wc_ecc_make_key_ex. 2019-01-22 14:04:18 -08:00
David Garske
7ce255aa4d Fixes for ATECC with PMS outlen and ATECC_MAX_SLOT. 2019-01-21 18:45:42 -08:00
David Garske
eaf5c3042d
Merge pull request #2050 from toddouska/sub 
remove outdated submission note
 2019-01-21 18:41:38 -08:00
Todd Ouska
f7c0a77c9c reomved outdated submission note 2019-01-21 09:14:58 -08:00
Daniele Lacamera
501a3a287b Allow ECC Verify-only operations with NO_ASN and SP_MATH 2019-01-21 07:11:35 +01:00
Jacob Barthelmeh
db5c63bb25 fix for benchmarking specific RSA key size with -rsa-sz 2019-01-18 16:47:10 -07:00
Jacob Barthelmeh
253915866d make build more modular 2019-01-18 16:25:24 -07:00
JacobBarthelmeh
4fb6e65857 alignment check and authin size check 2019-01-18 16:25:24 -07:00
Jacob Barthelmeh
b8ebd41fbc key size with AES-CMAC benchmark 2019-01-18 16:25:24 -07:00
Jacob Barthelmeh
f0a3045d62 af_alg sha3 addition 
hardware acceleration with RSA

add AES-GCM hardware acceleration

refactor setting RSA IV flag

check and set AF_ALG flags

fix for default AF_ALG use

set buffer alignment with Xilinx RSA

macro guard after rebase

use ALIGN64

clean up test cases
 2019-01-18 16:25:24 -07:00
Tesfa Mael
739b57c753 Initial Deos RTOS port 
- Added support for Deos with no file system
- Implemented a custom malloc since reusing and freeing memory is disallowed in avionics and mission critical applications.
- Added TLS client and server example with a TCP setup mailbox transport
- Timer starts at an offset of CURRENT_UNIX_TIMESTAMP specified by the user
- Uses rand_r() as a pseudo random number generator and uses the current time in seconds as a seed
- Uses strnicmp for XSTRNCASECMP instead of strncasecmp
- a readme doc included
 2019-01-18 14:46:39 -08:00
toddouska
d07cf53bb1
Merge pull request #2034 from miyazakh/Espressif_port_Phase2B 
Initial support atecc608a on 32se
 2019-01-18 09:07:51 -08:00
toddouska
02ef2ede12
Merge pull request #2041 from dgarske/crypto_cb 
Refactor and rename of cryptodev to cryptocb
 2019-01-18 09:02:44 -08:00
toddouska
fe97264ff9
Merge pull request #2028 from dgarske/spcortex 
Added Cortex-M support for Single Precision (SP) math
 2019-01-18 08:59:10 -08:00
David Garske
357e0c9d15 Fixes for better backwards compatibility. 2019-01-18 06:54:48 -08:00
Hideki Miyazaki
9879425c5f Addressed review comments 2019-01-18 10:53:48 +09:00
Hideki Miyazaki
4a5c380f32 Addressed review comments 2019-01-18 08:20:20 +09:00
Hideki Miyazaki
2753d2d548 clean up 2019-01-18 08:20:20 +09:00
Hideki Miyazaki
e519e1eb2a Support atecc608a on 32se with example programs 2019-01-18 08:20:20 +09:00
David Garske
ee45cfdbcb Refactor and rename of cryptodev to cryptocb. Refactor API names from wc_CryptoDev to use wc_CryptoCb. Backwards compatibility is retained for anyone using old WOLF_CRYPTO_DEV name. Added comment about fall-through case when CryptoCb return NOT_COMPILED_IN. 2019-01-17 11:01:14 -08:00
Eric Blankenhorn
02ff19a6c4 Moving PRF to wolfcrypt 2019-01-16 17:23:49 -06:00
toddouska
32ed53a991
Merge pull request #2012 from dgarske/cryptocb_sym 
Added CryptoDev callback support for AES CBC, SHA1/SHA256 and RNG
 2019-01-16 10:41:49 -08:00
David Garske
8352365160 Fixes to resolve Cortex-M issue with ECC. 2019-01-14 14:16:56 -08:00
David Garske
3c2aa60862 Fix to allow RSA public only to build without verify only. 2019-01-11 21:11:40 -08:00
David Garske
bcc177b23d Fixes for build warnings. 2019-01-11 21:07:23 -08:00
David Garske
f67b8fa6a3 Experimental SP Cortex M support for Single Precision math. 2019-01-11 14:38:34 -08:00
David Garske
ebc9533bc7 Fixes and improvements to the new Crypto callback code for AES and Hashing. 2019-01-09 17:39:05 -08:00
David Garske
ba0d488807 Added RNG Crypto callback support. 2019-01-09 14:36:40 -08:00
David Garske
df2a0f9a4f Fixes for scan-build warnings. 2019-01-03 12:47:46 -08:00
David Garske
1201ffb13f Added CryptoDev callback support for AES CBC and SHA1/SHA256. 2019-01-02 14:34:26 -08:00