mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,787 Commits 5 Branches 162 Tags
Commit Graph

4377 Commits

Author SHA1 Message Date
Sean Parkinson
35acfa0f42 SP ECC: check the length of public key ordinates and private key 
Do quick bit length check before loading the MP integers into fixed size
arrays.
Changed ECC to use SP key check function if SP enabled and not only with
SP Math.
 2020-11-27 08:49:30 +10:00
Sean Parkinson
b1f9aba0ca SP div: stop overflow on divide 2020-11-24 16:14:14 +10:00
Sean Parkinson
b9a2725429 ECC verify: validate r and s before any use 
SP code assumes r and s are valid values.
Code for ATECC508A, ATECC608A and CRYPTOCELL assumes that the r and s
are the size of the key when converting to byte arrays.
 2020-11-24 16:14:14 +10:00
David Garske
d4c59e369e
Merge pull request #3335 from julek-wolfssl/RSA-PSS-padding-in-EVP_Digest-API 
Enable RSA-PSS padding in EVP_Digest* API
 2020-11-19 09:31:12 -08:00
Sean Parkinson
91d23d3f5a Implement all relevant mp functions in sp_int 2020-11-19 11:58:14 +10:00
toddouska
de6f1c1ae2
Merge pull request #3508 from JacobBarthelmeh/DH 
fix for no filesystem build with DH test case
 2020-11-18 16:15:42 -08:00
toddouska
3808865f57
Merge pull request #3504 from SparkiDev/fp_div_oob_read 
TFM div: fix initial value of size in q so clamping doesn't OOB read
 2020-11-18 16:15:08 -08:00
toddouska
6860d419c6
Merge pull request #3483 from SparkiDev/mp_rshb_word 
rshb: handle cases of shift amount being multiple of DIGIT_BIT
 2020-11-18 16:07:57 -08:00
toddouska
9bde34ef5b
Merge pull request #3438 from douzzer/harmonize-CCM8-cipher-names 
add "CCM8" variants to cipher_names "CCM-8" ciphers, for OpenSSL compat
 2020-11-18 15:52:52 -08:00
tmael
3b552fecc9
Merge pull request #3481 from dgarske/no_ecc 
Fixes for various build configurations
 2020-11-17 17:11:27 -08:00
Juliusz Sosinowicz
a0a3a2b74c Review changes 2020-11-17 19:15:12 +01:00
David Garske
508ba85b69 Fixes for SP math only with ECC check key. Fix SP math when loading an ECC public only and calling wc_ecc_check_key. Fix for missing ecc_check_privkey_gen with SP math only. Applies to: /configure --enable-sp --enable-sp-math CFLAGS="-DWOLFSSL_VALIDATE_ECC_IMPORT". 2020-11-17 08:13:08 -08:00
Juliusz Sosinowicz
d18e2d7386 Refactoring and use salt length discover if available 2020-11-17 15:06:35 +01:00
Juliusz Sosinowicz
fa03113460 enum wc_HashType switch 
switch needs to handle all possible enum values or else the compiler generates warnings
 2020-11-17 15:04:57 +01:00
Juliusz Sosinowicz
248dd12993 Enable RSA-PSS padding in EVP_Digest* API 2020-11-17 15:04:57 +01:00
Jacob Barthelmeh
9cdbff8ee7 fix for no filesystem build with DH test case 2020-11-17 18:27:32 +07:00
David Garske
710cb7c9f5 Fixes for ECC tests with WOLFSSL_NO_MALLOC defined. 2020-11-16 12:17:30 -08:00
David Garske
e5a0a264b3 Fix for coverity report with possible use of uninitialized value "err" in WC_ECC_NONBLOCK case. More fixes for building with WOLFSSL_NO_MALLOC. 2020-11-16 12:17:28 -08:00
David Garske
40387ab0a0 Fixes for building with WOLFSSL_NO_MALLOC and/or NO_ASN_CRYPT defined. 2020-11-16 12:17:28 -08:00
David Garske
f3b176d7e3 Fix for unused parameter with NO_ASN in ECC. 2020-11-16 12:17:28 -08:00
David Garske
4a790cd024 Fixes for building with --disable-ecc and --disable-dh. 2020-11-16 12:17:27 -08:00
JacobBarthelmeh
4efbb2fc70
Merge pull request #3418 from cconlon/zd11003 
PKCS#7: check PKCS7 VerifySignedData content length against total bundle size
 2020-11-16 18:14:41 +07:00
Sean Parkinson
837de435ba TFM div: fix initial value of size in q so clamping doesn't OOB read 2020-11-16 09:29:13 +10:00
David Garske
d4e1340027
Merge pull request #3486 from douzzer/refactor-gccish-macros 
sha256.c/sha512.c: refactor 4 instances of gccism ({}) to WC_INLINE functions
 2020-11-13 09:26:00 -08:00
David Garske
7f559b1d1a
Merge pull request #3487 from ejohnstown/sbf 
Scan-Build Fixes
 2020-11-13 09:24:17 -08:00
John Safranek
28be1d0cb3
Scan-Build Fixes 
1. Fix some potential uninitialized pointer errors in the functions sp_RsaPublic_2048, sp_RsaPublic_3072, and sp_RsaPublic_4096 for small stack builds.

To recreate:
    $ scan-build ./configure --enable-sp=small --enable-smallstack --enable-smallstackcache CPPFLAGS="-DECC_CACHE_CURVE -DHAVE_WOLF_BIGINT"
 2020-11-12 20:58:25 -08:00
John Safranek
1e348b991d
Scan-Build Fixes 
1. Fix a potential dereference of NULL pointer.

To recreate:
    $ scan-build ./configure --enable-sp --enable-sp-asm --enable-sp-math
 2020-11-12 20:58:17 -08:00
Chris Conlon
53c6698678
Merge pull request #3445 from kojo1/EVP-gcm 
set tag for zero inl case
 2020-11-12 15:49:45 -07:00
Chris Conlon
735fb19ea9 break out on error parsing PKCS#7 SignedData inner OCTET_STRING 2020-11-12 15:44:25 -07:00
John Safranek
38867ae2bf
Scan-Build Fixes 
1. Added a check to see if the "d" in sp_div() ended up with a negative used length. Return error if so.

To recreate:
    $ scan-build ./configure --enable-sp --enable-sp-asm --enable-sp-math
 2020-11-12 10:24:11 -08:00
David Garske
c7bb602a30
Merge pull request #3482 from douzzer/scan-build-fixes-20201110 
scan-build fixes -- 1 null deref, 34 unused results
 2020-11-12 07:45:45 -08:00
Daniel Pouzzner
68ebca8573 wolfcrypt/test/test.c: fix typos in aesgcm_test() malloc checks. 2020-11-11 22:47:47 -06:00
toddouska
d3e3b21c83
Merge pull request #3393 from dgarske/zd11104 
Fix for TLS ECDH (static DH) with non-standard curves
 2020-11-11 14:22:37 -08:00
toddouska
197c85289b
Merge pull request #3468 from SparkiDev/sp_c_mul_d 
SP C32/64 mul_d: large div needs mul_d to propagate carry
 2020-11-11 14:06:25 -08:00
Daniel Pouzzner
f96fbdb7d1 sha256.c/sha512.c: refactor 4 instances of gccism ({}) to WC_INLINE functions. 2020-11-11 13:44:26 -06:00
Daniel Pouzzner
5fe1586688 fix 34 deadcode.DeadStores detected by llvm11 scan-build. 2020-11-11 13:04:14 -06:00
JacobBarthelmeh
fe2dcf76fe
Merge pull request #3413 from cconlon/zd11011 
PKCS#7: check PKCS7 SignedData private key is valid before using it
 2020-11-11 22:55:03 +07:00
Sean Parkinson
f5561b926c rshb: handle cases of shift amount being multiple of DIGIT_BIT 
tfm.c and integer.c fixed
 2020-11-11 10:04:14 +10:00
Takashi Kojo
417ff1b0f2 set tag for zero len case 2020-11-11 08:43:16 +09:00
David Garske
1d531fe13b Peer review fixes. 2020-11-10 09:47:37 -08:00
David Garske
5de80d8e41 Further refactor the minimum ECC key size. Adds --with-eccminsz=BITS option. Fix for FIPSv2 which includes 192-bit support. If WOLFSSL_MIN_ECC_BITS is defined that will be used. 2020-11-10 09:47:37 -08:00
David Garske
b13848e568 Fix tests to handle ECC < 224 not enabled. 2020-11-10 09:47:37 -08:00
David Garske
c697520826 Disable ECC key sizes < 224 bits by default. Added --enable-eccweakcurves or ECC_WEAK_CURVES to enable smaller key sizes. Currently this option is automatically enabled if WOLFSSL_MIN_ECC_BITS is less than 224-bits. 2020-11-10 09:47:36 -08:00
Daniel Pouzzner
4b1a779fcc tests: fix for fips-test -Wunused-variable on "rng" 2020-11-09 11:54:49 -06:00
Chris Conlon
c0c452b0a1 reset content length in PKCS7_VerifySignedData for multiPart OCTET_STRING bundles 2020-11-06 16:36:58 -07:00
Kaleb Himes
937a7ce8ce
Merge pull request #3448 from dgarske/crypto_cb 
Improve the crypto callback for ASN
 2020-11-06 15:26:11 -07:00
John Safranek
884a9b59ab
Merge pull request #3461 from dgarske/fips_ready_wopensslextra 
Fix for FIPS ready with openssl compat
 2020-11-06 13:14:06 -08:00
toddouska
4110297b62
Merge pull request #3473 from embhorn/zd11198 
wc_SetIssuerRaw should copy raw subject to issuer
 2020-11-06 10:48:37 -08:00
toddouska
3f25cda354
Merge pull request #3469 from SparkiDev/cpuid_sp_asm 
cpuid and SP ASM: ensure WOLFSSL_X86_64_BUILD is defined
 2020-11-06 10:34:40 -08:00
toddouska
f9ec7c472a
Merge pull request #3440 from ejohnstown/ntf3 
Nightly Test Fix
 2020-11-06 10:15:23 -08:00