Commit Graph

827 Commits

Author SHA1 Message Date
Moisés Guimarães
e2a6d68abf fix - add missing FreeDecodeCert on success. 2014-06-24 20:03:52 -03:00
Moisés Guimarães
f2c8826e16 fix missing FreeRsaKey on error. 2014-06-23 15:28:57 -03:00
toddouska
a6ea32461d Merge branch 'master' into ti 2014-06-20 14:48:53 -07:00
Moisés Guimarães
edb94557e9 pkcs7: refactoring PKCS7_EncodeEnvelopedData to reduce stack usage: ~ 1300 bytes moved to the heap.
--- variable contentKeyEnc moved to the heap (512 bytes saved)
--- variable recip moved to the heap (~800 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
46d0f68097 pkcs7: refactoring PKCS7_DecodeEnvelopedData to reduce stack usage: ~ 9 * sizeof(mp_int) bytes + 512 bytes moved to the heap.
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable encryptedKey moved to the heap (512 bytes saved)
--- variable serialNum moved to the heap (sizeof(mp_int) bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
21982b50db pkcs7: refactoring CreateRecipientInfo to reduce stack usage: ~ 8 * sizeof(mp_int) bytes + ~935 bytes moved to the heap.
--- variable pubKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable decoded moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
--- variable serial moved to the heap (35 bytes saved)
--- variable keyAlgArray moved to the heap (20 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
90e9696ad6 pkcs7: refactoring PKCS7_InitWithCert to reduce stack usage: ~ 880 bytes moved to the heap.
--- variable dCert moved to the heap (sizeof(DecodedCert) ~= 880 bytes saved)
2014-06-20 14:52:16 -03:00
Moisés Guimarães
eacff3ba83 pkcs7: refactoring PKCS7_VerifySignedData to reduce stack usage: ~ 50 bytes + 8 * sizeof(mp_int) bytes moved to the heap.
--- variable key moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
--- variable digest moved to the heap (50 bytes saved)
2014-06-20 14:52:15 -03:00
Moisés Guimarães
60b2495f47 pkcs7: refactoring PKCS7_EncodeSignedData to reduce stack usage: ~1300 bytes + ~ 8 * sizeof(mp_int) bytes moved to the heap.
--- variable esd moved to the heap (1264 bytes saved)
--- variable digestInfo moved to the heap (50 bytes saved)
--- variable privKey moved to the heap (more than 8 * sizeof(mp_int) bytes saved)
2014-06-20 14:52:15 -03:00
toddouska
4fe938cf3a Merge branch 'master' into ti 2014-06-19 16:01:35 -07:00
Moisés Guimarães
ae073cb1f9 fix pkcs7 memory leaks and XMALLOC result verification. 2014-06-18 14:32:20 -03:00
toddouska
e30e1c40f7 Merge branch 'master' into ti 2014-06-11 11:57:11 -07:00
toddouska
ddf5924b3b add error code for hmac min key len in new error range 2014-06-11 11:56:17 -07:00
toddouska
aad204428f fips mode hmac min key length for 2014 requirements 2014-06-11 11:43:17 -07:00
toddouska
f4c96c68c9 Merge branch 'master' into ti 2014-06-05 17:55:56 -07:00
toddouska
257959bcde fix intel asm comment and xmm stack size needed 2014-06-05 17:37:39 -07:00
Chris Conlon
ae6fe9397c check NTRU DRBG uninstantiate ret value in test.c 2014-06-05 17:07:19 -06:00
Chris Conlon
7e5287e578 update NTRU support, with help from thesourcerer8 2014-06-05 14:42:15 -06:00
toddouska
2a54de002f Merge branch 'master' into ti 2014-06-04 15:21:59 -07:00
toddouska
665bda3ce6 ecb encrypt asm restore correct registers 2014-06-04 15:20:04 -07:00
toddouska
81a5bdc6f9 fix intel syntax backwards 2014-06-04 15:15:29 -07:00
toddouska
d728474ef3 store non volatile xmm6-15 for aesni on microsoft 2014-06-04 15:00:42 -07:00
toddouska
71a5aeeb81 Merge branch 'master' into ti 2014-05-28 17:37:48 -07:00
toddouska
e11dd9803a fix icc v14 warnings 2014-05-28 17:36:21 -07:00
toddouska
8a0fbcb83e Merge branch 'master' into ti 2014-05-28 13:06:51 -07:00
Chris Conlon
7e13e414cb rename port.c/.h to wc_port.c/.h to prevent FreeRTOS conflicts 2014-05-28 10:28:01 -06:00
toddouska
21ebf9485d Merge branch 'master' into ti 2014-05-28 08:39:11 -07:00
Moisés Guimarães
263d3439d9 DecodedCert:
* add structure fields to persist encoding format of subject parts;
* set default encoding formats at InitDecodedCert;
* retrieve encoding format from buffer at GetName;
* copy encoding format from DecodedCert to CertName at SetNameFromCert.
2014-05-23 15:48:50 -03:00
Moisés Guimarães
e517459f89 CertName:
* add structure fields to persist encoding format;
 * set default encoding formats at InitCert;
 * add function to retrieve encoding format of a specific field based on it's id.
2014-05-23 11:11:46 -03:00
toddouska
6eeba7f50c Merge branch 'master' into ti 2014-05-20 17:18:31 -07:00
toddouska
3fa50ca3ea fix intel syntax comment 2014-05-20 17:17:35 -07:00
toddouska
e373b083bf Merge branch 'master' into ti 2014-05-20 14:33:14 -07:00
toddouska
15d3d3f790 fix visual studio 64 warnings 2014-05-20 14:31:26 -07:00
toddouska
fc084e9978 Merge branch 'master' into ti 2014-05-20 13:46:27 -07:00
toddouska
0d2471b2f7 Merge branch 'master' of https://github.com/cyassl/cyassl 2014-05-20 13:27:29 -07:00
toddouska
eed5360155 fix volatile registers rdi,rsi by saving to rax,r11 and restore 2014-05-20 13:25:28 -07:00
toddouska
6d3a46ebec Merge branch 'master' into ti 2014-05-19 17:08:51 -07:00
toddouska
df81401cf0 add debugging output to benchmark 2014-05-19 17:06:56 -07:00
toddouska
8f4e65276d Merge branch 'master' into ti 2014-05-19 14:34:46 -07:00
toddouska
ac73e1b508 fix visual studio cpuid arg warning 2014-05-19 14:33:15 -07:00
toddouska
2083b4f1b1 Merge branch 'master' into ti 2014-05-19 13:57:22 -07:00
toddouska
b9d9371aed add aesni intel asm syntax for aesni, abstract cpuid and asm linkage better for msvc 2014-05-19 13:55:42 -07:00
toddouska
d7a08de9de Merge branch 'master' into ti 2014-05-17 16:24:44 -07:00
Moisés Guimarães
6e5f800555 change behavior when OPTIONAL field keyIdentifier is not present. Not erring out. 2014-05-17 16:03:39 -03:00
toddouska
e024c8af41 Merge branch 'master' into ti 2014-05-15 10:37:15 -07:00
John Safranek
5ab2ccfa96 Added FIPS wrappers for the DRBG and improved CTaoCrypt test. 2014-05-14 15:25:55 -07:00
toddouska
f9a78b7e20 Merge branch 'master' into ti 2014-05-14 15:07:47 -07:00
toddouska
ce39ef62ef update const error strings for newly added ones 2014-05-14 15:05:20 -07:00
toddouska
519820133d Merge branch 'const_errorstrings' of https://github.com/rofl0r/cyassl into errstr 2014-05-14 14:51:40 -07:00
toddouska
e31382ee4d Merge branch 'master' into ti 2014-05-14 09:22:57 -07:00
toddouska
c90c90557b make sure logging available in all des3 build cases 2014-05-14 09:22:09 -07:00
toddouska
6ea8f6cb17 Merge branch 'master' into ti 2014-05-13 16:05:51 -07:00
toddouska
aa5234ae0e fix des return values for ecb and plain cbc, allow errors 2014-05-13 16:04:52 -07:00
toddouska
d92869067c Merge branch 'master' into ti 2014-05-13 15:52:33 -07:00
toddouska
0a8804b3f8 add freescale mmcau hardware crypto alignment requirement, error out if not met 2014-05-13 15:51:35 -07:00
toddouska
28b6c5b998 Merge branch 'master' into ti 2014-05-12 14:02:22 -07:00
toddouska
7f938f3bdf Merge pull request #80 from kojo1/MDK5
MDK5 sw pack 3.0.0
2014-05-12 14:01:42 -07:00
toddouska
a3a12a7010 merge resolution in io.c 2014-05-12 13:36:20 -07:00
toddouska
8c9c257921 Merge pull request #79 from kojo1/IAR
sample projects for IAR EWARM

Why is SINGLE_THREADED assumed for IAR with ARM?
2014-05-12 13:28:02 -07:00
toddouska
4c8d94023b Merge branch 'master' into ti 2014-05-09 14:50:44 -07:00
toddouska
7fcaa03436 Merge pull request #75 from kojo1/ColdFire
ColdFire SEC, PIC32 updates
2014-05-09 14:41:40 -07:00
toddouska
aae718f155 Merge branch 'master' of github.com:cyassl/cyassl into ti 2014-05-09 14:38:10 -07:00
toddouska
77aa8a86eb remove extra spaces from comments 2014-05-09 11:57:41 -07:00
toddouska
34f2e51415 remove extra spaces from ti cyassl proper files 2014-05-09 11:55:59 -07:00
toddouska
ec5f3cc681 Merge branch 'master' of https://github.com/tisb/cyassl into ti 2014-05-09 11:38:40 -07:00
Vikram Adiga
5146f3dd94 Initial commit of CyaSSL port for TI-RTOS 2014-05-08 15:50:55 -07:00
toddouska
e57d5d1d2f Merge branch 'master' of github.com:cyassl/cyassl 2014-05-08 10:27:54 -07:00
toddouska
abbfcde0dc add fips in core first/last files for code/data hashing 2014-05-08 10:26:31 -07:00
John Safranek
72e9ea8e4b added Hash DRBG as configure option 2014-05-07 11:54:12 -07:00
John Safranek
ac18ce03df DRBG Update
1. picked better values for entropy and nonce sizes based on
   security strength
2. changed output block length to be the SHA-256 digest size
3. use constant drbgReseed when reseeding
4. renamed the "drgb" type constants from "dbrg"
5. removed the small stack change due to buffer size changes
6. internal helper function Hash_DRBG_Instantiate now also
   takes a pointer to a nonce and a personalization string
7. the InitRng gathers enough bits from GenerateSeed() to
   supply the entropy input and a nonce
8. lowered the reseed interval to 1 million
2014-05-06 14:05:52 -07:00
Takashi Kojo
6ac7b056ee Pic benchmark, clock config 2014-05-05 16:41:07 +09:00
Takashi Kojo
eeb2e28f54 Sync with 3.0.0 2014-05-05 09:45:25 +09:00
John Safranek
2f39b50063 fixed DateLessThan()
It was returning true on less-than or equal-to.
2014-05-03 16:46:56 -07:00
John Safranek
fd707ebafb Hash_DRBG refactoring
1. Renamed everything that had DBRG with the correct DRBG
2. Changed word64 reseed_ctr to word32 reseedCtr
3. Changed reseed interval to 0xFFFFFFFF
2014-05-02 15:35:10 -07:00
toddouska
fbe09780ca remove deadcode redundant length check 2014-05-02 11:40:36 -07:00
toddouska
697f77bef5 help coverity with max size issue on unsigned addition 2014-05-02 11:06:59 -07:00
Takashi Kojo
2069394386 benchmark.c: cert file name 2014-05-01 15:26:55 +09:00
Takashi Kojo
3de36b106e Merge remote-tracking branch 'CyaSSL-master/master' into IAR 2014-05-01 14:33:49 +09:00
Takashi Kojo
169c0eee20 IAR EWARM project: test, benchmark 2014-05-01 14:29:09 +09:00
John Safranek
fb5200aa95 1. Added more options to the full commit test.
2. Cleanups from static analysis.
2014-04-30 15:01:10 -07:00
John Safranek
09a7a087a2 fix static analysis warnings 2014-04-29 14:52:42 -07:00
John Safranek
70dee7e190 Added the directoryName comparison to the name constraint checks. 2014-04-28 13:29:44 -07:00
John Safranek
68878d33d9 Merge branch 'frankencert' 2014-04-28 11:10:37 -07:00
John Safranek
618d282d94 Decodes the Name Constraints certificate extension on the CA cert
and checks the names on the peer cert, rejecting it if invalid
based on the name.
2014-04-28 11:03:24 -07:00
Takashi Kojo
6cf1c8149b AesCbcEncrypt/Decrypt return value 2014-04-28 10:52:35 +09:00
Takashi Kojo
f9ad1888cb Fixed pic32mx/mz clock for benchmark 2014-04-28 10:51:18 +09:00
Takashi Kojo
cb70631512 aes.c indentation 2014-04-25 14:18:23 +09:00
Takashi Kojo
11aff767fd corrected pic32mz header path 2014-04-25 13:50:12 +09:00
Takashi Kojo
e3becc3a65 des3 parity. internal.h to ctaocrypt/types.h 2014-04-25 13:35:35 +09:00
Chris Conlon
f20b25b510 add RSA_DECODE_EXTRA to RsaPublicKeyDecode() to handle OpenSSL-generated keys 2014-04-23 15:53:20 -06:00
Moisés Guimarães
30b63bda6f random: InitRng and RNG_GenerateBlock to reduce stack usage: (up to 512 bytes - pointer sizes) moved to the heap.
with ARC4
--- InitRng: entropy variable moved to the heap; (256 bytes)
--- RNG_GenerateBlock: entropy variable moved to the heap; (256 bytes)
without ARC4
--- InitRng: key variable moved to the heap; (32 bytes)
--- InitRng: junk variable moved to the heap; (256 bytes)
2014-04-23 16:06:14 -03:00
Moisés Guimarães
6e3349f8ec fix code format, only spaces added, no code has been modified. 2014-04-23 11:58:44 -03:00
Moisés Guimarães
ce655f61c5 ecc: ecc_make_key_ex, ecc_export_x963, accel_fp_mul, accel_fp_mul2add, ecc_encrypt and ecc_decrypt refactory to reduce stack usage: (1350 bytes - pointer sizes) moved to the heap.
--- ecc_make_key_ex: buf variable moved to the heap; (66 bytes)
--- ecc_export_x963: buf variable moved to the heap; (256 bytes)
--- accel_fp_mul: kb variable moved to the heap; (128 bytes)
--- accel_fp_mul2add: kb variable moved to the heap; (256 bytes)
--- ecc_encrypt: sharedSecret and keys variables moved to the heap; (66 + 256 bytes)
--- ecc_decrypt: sharedSecret and keys variables moved to the heap; (66 + 256 bytes)
2014-04-23 11:44:54 -03:00
Takashi Kojo
a67cb1207b ColdFire SEC for aes, des3: Eliminated type mismatch 2014-04-23 20:45:19 +09:00
Takashi Kojo
41199a480d ColdFire SEC, fix cache control in aes, des3 driver 2014-04-23 16:56:37 +09:00
Moisés Guimarães
fc24dca12d fix code format, only spaces added, no code has been modified. 2014-04-21 14:55:43 -03:00
Moisés Guimarães
eaaf0a7c28 pwdbased: PBKDF2 refactory to reduce stack usage: (up to 64 bytes - pointer size) moved to the heap.
--- buffer variable moved to the heap; (up to 64 bytes)
--- returns changed to breaks

pwdbased: PKCS12_PBKDF refactory to reduce stack usage: (up to 1023 + 128 bytes - pointer sizes) moved to the heap.
--- staticBuffer variable changed to have size = 1 byte (1023 bytes saved)
--- Ai variable moved to the heap; (up to 64 bytes)
--- B variable moved to the heap; (up to 64 bytes)

hmac: HKDF refactory to restore previous behavior inside while loop.
2014-04-21 14:45:07 -03:00
Moisés Guimarães
6d0fbfe7e9 hmac: HKDF refactory to reduce stack usage: (up to 128 bytes - pointer sizes) moved to the heap.
--- tmp variable moved to the heap; (up to 64 bytes)
--- prk variable moved to the heap; (up to 64 bytes)
2014-04-21 11:31:42 -03:00
Moisés Guimarães
ac56927e20 CYASSL_SMALL_STACK build option (default enabled) 2014-04-16 13:25:51 -03:00
Moisés Guimarães
48af915a35 fix camellia memory leak 2014-04-15 14:06:13 -03:00
Moisés Guimarães
69890dd023 blake2b: blake2b_init_key and blake2b_compress refactory to reduce stack usage: (384 bytes - pointer sizes) moved to the heap.
--- block variable moved to the heap; (128 bytes)
--- m and w variables moved to the heap; (256 bytes)
--- chain of dependency updated to propagate the error.
2014-04-15 12:46:43 -03:00
Moisés Guimarães
8d8fca67c3 SHA256, SHA384 and SHA512 error propagation. Major impact on random functions with error propagation. 2014-04-14 21:39:14 -03:00
Moisés Guimarães
32e2d7016f SHA256, SHA384 and SHA512 error propagation. Major impact on Hmac functions with error propagation. 2014-04-14 21:36:04 -03:00
Moisés Guimarães
644bb9c524 SHA256, SHA384 and SHA512 error propagation. Minor impact on some of internal.c static functions. 2014-04-14 21:28:23 -03:00
Moisés Guimarães
45f9f3cdc2 SHA256, SHA384 and SHA512 error verification on test files. 2014-04-14 21:28:22 -03:00
Moisés Guimarães
329cd0b241 sha256: XTRANSFORM refactory to reduce stack usage: (256 bytes - pointer size) moved to the heap.
--- W variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in Sha256Update and Sha256Final functions.

sha512: Transform and Transform384 refactory to reduce stack usage: (128 bytes - pointer size) moved to the heap in each function
--- W variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in Sha512Update, Sha512Final, Sha384Update and Sha384Final functions.
2014-04-14 21:28:22 -03:00
Moisés Guimarães
41cc5f06e4 camellia_setup128 and camellia_setup256 refactory to reduce stack usage:
--- subL and subR variables moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error in CamelliaSetKey function.
2014-04-14 21:28:22 -03:00
Chris Conlon
be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek
421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
Takashi Kojo
b712380a60 Sync MDK5 Software Pack with 2.9.4 2014-04-11 16:20:12 +09:00
John Safranek
e79ce42ef4 Added checking of the key usage and extended key usage extensions in the
certificates.
2014-04-10 16:50:14 -07:00
toddouska
b59b3d7c36 remove unused blake2b helper f()s 2014-04-07 11:35:13 -07:00
toddouska
5a70aba3bc fix InitSha 2014-04-04 15:37:04 -07:00
toddouska
562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
Chris Conlon
c4f483aaa2 Fix order of GenerateSeed() when MQX is used with leanPSK 2014-04-04 12:37:22 -06:00
toddouska
6504d605a0 fix des malloc cast 2014-04-01 14:02:36 -07:00
toddouska
c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska
4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
John Safranek
1f3bc9263d error to have v1 or v2 certificates with extensions 2014-03-28 11:25:05 -07:00
Moisés Guimarães
bbc9c53b90 fix error include 2014-03-28 14:01:10 -03:00
Moisés Guimarães
6b9f711de0 DesSetKey refactory to reduce stack usage:
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
2014-03-28 12:59:39 -03:00
toddouska
05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska
7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska
e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon
74a6916606 remove fips file stubs 2014-03-27 12:47:38 -06:00
Chris Conlon
62b8abafc5 fix variable shadow warning in asn.c 2014-03-26 23:43:44 -06:00
Chris Conlon
9d74775934 add fips file placeholders 2014-03-26 23:40:07 -06:00
toddouska
717f3adb47 fix item 9 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:28:19 -07:00
toddouska
d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska
18d178f325 add ShaFinal fips mode 2014-03-25 16:20:03 -07:00
toddouska
b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska
3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska
b6fc109c1d add ecc_ctx_reset() so user can reuse ctx w/o init/free 2014-03-25 12:48:25 -07:00
toddouska
fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska
0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
John Safranek
e19e2a801d Ext Key Usage
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
2014-03-21 09:37:10 -07:00
John Safranek
08ae775406 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 09:34:08 -07:00
toddouska
98c6e3f3af have Base16 Decode on for FIPS tests 2014-03-20 11:38:14 -07:00
toddouska
8bc6bf9424 add lower case support to Base16 decode for better known answer test support, export 2014-03-20 10:31:52 -07:00
John Safranek
1e041abf04 decode Extended Key Usage extension 2014-03-20 10:07:47 -07:00
toddouska
58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska
388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
toddouska
faecf7f849 require thread local storage for power on self thread check 2014-03-19 10:19:08 -07:00
toddouska
be9451fbc5 rm --cahced didn't work to stop tracking 2014-03-19 09:55:20 -07:00
toddouska
8bbc30f3e1 add fips enable switch 2014-03-19 09:43:57 -07:00
toddouska
90b08761c4 fix benchmark output with 3 decimals 2014-03-18 12:28:54 -07:00
John Safranek
ac452eebdc in DecodeAltNames, skip unknown name types, don't treat as error 2014-03-18 09:24:07 -07:00
John Safranek
bcd7f03495 X.509
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
   extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
2014-03-14 15:48:33 -07:00
toddouska
b56ecd1842 add enable-iopool , simple I/O pool example using memory overrides 2014-03-13 18:54:51 -07:00
John Safranek
4724c23a05 added critical extension error to error strings 2014-03-13 11:15:16 -07:00