4d0a061acb
FIPS Revalidation
...
1. Updated the segment tags in the aes_asm.asm file so that it is linked in order between aes.obj and des3.obj.
2018-05-16 15:47:13 -04:00
f7fa648f77
Test Fixes
...
1. Found a problem in AES-GCM encrypt where it could step on the ciphertext with the correct sized IV.
2018-05-16 15:47:13 -04:00
dde1f87de9
Test Fixes
...
1. The intrinsic versions of AES_GCM_encrypt and AES_GCM_decrypt needed updates for variable length tags.
2018-05-16 15:47:13 -04:00
6d4777f3ca
Test Fixes
...
1. MSC doesn't allow for inline assembly. Restore the intrinsic version of AES_GCM_encrypt and AES_GCM_decrypt for MSC AES-NI builds. This is lacking AVX.
2018-05-16 15:47:13 -04:00
b120a27c3e
FIPS Revalidation
...
1. Update the GenerateSeed() function for RDSEED on Windows to use the intrinsic function instead of inline assembly.
2018-05-16 15:47:13 -04:00
4f1dd3b9a7
Test Fixes
...
1. Update gitignore with some more VS outputs.
2. Update the Windows IDE user settings with FIPSv2 settings.
3. Remove redundant _InitHmac() function from ssl.c.
4. In wc_DhGenerateParams(), initialize the groupSz and bufSz to 0.
5. In wc_DhExportParamsRaw(), initialize pLen, qLen, and gLen to 0.
6. In wc_MakeRsaKey(), initialize isPrime to 0.
7. In ecc_test_make_pub(), initialize exportBuf and tmp to NULL and initialize the ECC key before any chance of trying to free it.
8. In fips_test.h header, update types.h include to use the wolfCrypt types rather than ctaocrypt types.
9. In fips_test.h header, change the visibility tags on all the function prototypes to use the WOLFSSL tags rather than CYASSL.
10. Change the wolfCrypt visibility tags to use CyaSSL's tags for old FIPS and the regular tags for new FIPS and non-FIPS builds.
2018-05-16 15:47:13 -04:00
eea4d6da50
Test Fixes
...
1. Modify RSA-PSS to be able to sign and verify SHA-384 and SHA-512 hashes with 1024-bit RSA keys.
2018-05-16 15:47:12 -04:00
dc31dbaeaf
FIPS Revalidation/Test Fixes
...
1. Added APIs to perform RSA-PSS verify and padding operation in the same call.
2. Change to RsaPSS sign and verify to pick the proper salt length if the key is 1024-bits and the hash is SHA-512.
2018-05-16 15:47:12 -04:00
27470aa704
FIPS Revalidation/Test Fixes
...
1. For FIPSv2 builds, changed the FP_MAX_BITS to 6144.
2. Fixed bug in HMAC-SHA-3 where the digest size was being used instead of the block size for processing the key.
2018-05-16 15:47:12 -04:00
8fb3a0c078
FIPS Revalidation
...
1. Add a copy of the DSA parameter generation function to DH for use without DSA.
2018-05-16 15:47:12 -04:00
6796ab5f8c
FIPS Revalidation
...
1. Bug fixes to AES-GCM. Separated out the internal and external IV set functions.
2018-05-16 15:47:12 -04:00
6d7599cf47
FIPS Revalidation
...
1. Add new APIs for AES-GCM so it can manage the IV per SP 800-38D.
2. Add new APIs for AES-CCM so it can manage the IV, similar to the behavior in AES-GCM.
3. Add new APIs for GMAC that use the new AES-GCM APIs.
2018-05-16 15:47:12 -04:00
4ba026c0bf
Test Fixes
...
1. Added error code for ECDHE FIPS KAT failure.
2018-05-16 15:47:12 -04:00
3685b7b176
Test Fixes
...
1. AesGcmEncrypt_ex requires the RNG, remove function if RNG disabled.
2. Fix a couple function name changes in the example server.
3. Removed the old FIPS wrapping added to dh.h, was redundant.
4. Move include of random.h in the aes.h file.
5. Fix where ecc.c was being left out of old FIPS builds.
6. Exclude the AES-GCM internal IV test case when building without the RNG.
7. Fix api test where AES-GCM Encrypt was called with a too-long IV in old FIPS mode. Non-FIPS and new FIPS are allowed longer IVs.
2018-05-16 15:47:12 -04:00
13ff245166
FIPS Revalidation
...
1. AES-GCM encrypt IV length allowed to be 8-bits.
2018-05-16 15:47:12 -04:00
90a5bde0f2
FIPS Revalidation
...
1. Update the const data and code segment tags for the Windown builds.
2018-05-16 15:47:12 -04:00
4b3933aa1b
FIPS Revalidation
...
1. Enabled ECC Cofactor DH for the FIPSv2 build.
2. Updated the wolfCrypt HMAC-SHA-3 test to leave out the set of test cases that use the four-byte key in FIPS mode.
2018-05-16 15:47:12 -04:00
4bcd7b7986
AES-GCM
...
1. Updated the wolfCrypt GMAC test to leave out the test case with the 15-byte tag when building for FIPS.
2. Replace tabs with spaces.
2018-05-16 15:47:12 -04:00
eb1a76bf2a
FIPS Revalidation
...
1. Updated CMAC to allow tag length from 4 to 16 bytes, inclusive.
2018-05-16 15:47:12 -04:00
fe8d46da95
FIPS Revalidation
...
1. Added new AES-GCM Encrypt API for FIPS where the IV is generated internally.
2. Fix the AES-NI guard flags so it can be used when FIPS enabled.
2018-05-16 15:47:12 -04:00
be61204fd7
FIPS Revalidation
...
1. Added CMAC to the boundary.
2. Added DHE to the boundary.
2018-05-16 15:47:12 -04:00
f6fe3744a7
FIPS Update
...
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-05-16 15:47:12 -04:00
df4d748f59
FIPS Update
...
1. Move SHA-224 and SHA-256 into FIPSv2.
2. Move HMAC into FIPSv2.
3. Move Hash_DRBG into FIPSv2.
2018-05-16 15:47:12 -04:00
6352208e04
FIPS Update
...
1. Add SHA-3 to the src/include.am so that it is always included in FIPSv2.
2. Tweak the SHA-3 header to follow the new FIPS pattern.
2018-05-16 15:47:12 -04:00
0c5d704c7f
AES-CCM FIPS
...
1. Add new error code for the AES-CCM FIPS KAT failure.
2. When enabling FIPSv2, force enable AES-CCM.
2018-05-16 15:47:12 -04:00
d373844a18
fix sequence with pkcs12 shrouded keybag creation
2018-05-16 10:16:15 -06:00
566bb4cefe
version for PBE SHA1 DES oid
2018-05-16 08:38:50 -06:00
1ca62ee0a1
add error return for unsuported version
2018-05-15 22:51:11 -06:00
f021375c4b
Fixes for fsanitize reports.
2018-05-15 17:23:35 -07:00
d1192021a5
alter search behavior for testing if URI is a absolute path
2018-05-09 14:43:52 -06:00
c910d84507
Merge pull request #1527 from kojo1/RenesasCSPlus
...
Renesas CS+ projects
2018-05-09 10:07:16 -06:00
66e59e4a6a
Rollback #if condition
2018-05-09 10:58:10 +09:00
4ee957afa3
fix for relative URI detection
2018-05-08 10:19:51 -06:00
ecd2e75564
#ifndef FREESCALE_LTC_ECC with fe_init
2018-05-04 07:34:47 +09:00
bb7bcfd877
expose mp_toradix() when WOLFSSL_PUBLIC_MP is defined
2018-05-03 13:41:23 -06:00
3ad708fb20
Merge pull request #1514 from dgarske/certdates
...
Enhancements and cleanup to ASN date/time
2018-04-30 11:14:38 -07:00
22a2b45108
duplicated fe_init for non-configure based IDE
2018-04-28 05:07:00 +09:00
a91ac55e24
define valiable before exec statements
2018-04-28 05:05:45 +09:00
fc02003f76
Added new signature wrapper functions to allow direct use of hash `wc_SignatureVerifyHash` and `wc_SignatureGenerateHash`. These new function abstract existing signature wrapper code, so minimal code size increase. Added test cases for new functions for RSA (with and without DER encoding) and ECC.
2018-04-25 13:10:53 -07:00
65c9277213
More fixes from Jenkins testing.
2018-04-24 14:01:33 -07:00
e63afa08bd
Fix a couple of minor Jenkins issues.
2018-04-24 13:25:28 -07:00
56025f38b9
Enhancements and cleanup to ASN date/time:
...
* Refactor the ASN get date logic to combine shared code.
* Added new API `wc_GetDateInfo` to get raw date, format and length.
* Added new API `wc_GetCertDates` to extract certificate before/after dates as `struct tm` type.
* Added new API `wc_GetDateAsCalendarTime` which parses the raw date string and convers to `struct tm`.
* Added tests for new API's.
* Added missing tests for `wc_SetAltNames`, `wc_SetAltNamesBuffer` and `wc_SetDatesBuffer`.
* Fixed build for older `NO_TIME_H` macro.
2018-04-24 13:04:36 -07:00
289a282183
Fixes to resolve issues with c99 compliance (building with `./configure CFLAGS="-std=c99"`).
...
* Fix for ReadDir checking for file flag to use `S_ISREG(ctx->s.st_mode)` syntax.
* Added macro for strsep `XSTRSEP`. Added wolf implementation as `wc_strsep` enabled as C99 or `USE_WOLF_STRSEP`.
* Fix to use `gethostbyname` for c99 instead of `getaddrinfo`.
* For c99 use wolf strtok `wc_strtok`.
* Exposed API's for `wc_strtok` and `wc_strsep` when available.
* Include `sys/time.h` when available from autocon `HAVE_SYS_TIME_H` or c99.
* include `<strings.h>` when `HAVE_STRINGS_H` or c99.
2018-04-23 13:47:22 -07:00
568d24c63c
Coverity fixes ( #1509 )
...
* Coverity fixes 3
2018-04-23 09:20:28 -07:00
6689ee965a
Key derivation for encrypted PEM uses salt length of 8 in OpenSSL
2018-04-18 12:37:06 +10:00
09706a4ed2
Merge pull request #1488 from SparkiDev/tls13_perf
...
Changes for interop and performance
2018-04-16 09:16:13 -07:00
942c720dc4
Merge pull request #1499 from ejohnstown/aes-asm
...
AES assembly file name change
2018-04-13 11:23:03 -07:00
a0d8327320
Coverity fixes 2 ( #1493 )
...
* Coverity fixes for wolfcrypt folder
* Fixes for remaining issues
* Fixes for test files
2018-04-13 05:35:18 -07:00
9600266483
WOLFSSL_FUNC_TIME changes
...
Warning in code about using this define.
Remove usage of WOLFSSL_FUNC_TIME from server.c.
2018-04-13 12:13:31 +10:00
0b47811c46
Changes for interop and performance
...
Changes made to test.h to allow interop of PSK with OpenSSL.
Changes to allow server to pre-generate key share and perform other
operations at later time.
Fix ChaCha20 code header to have bigger state to support assembly code
for AVX1.
Fix Curve25519 code to use define instead.
Change Curve25519 to memset all object data on init.
Change Poly1305 to put both sizes into one buffer to avoid a second call
to wc_Poly1305Update().
Added WOLFSSL_START and WOLFSSL_END API and calls to show time of
protocol message function enter and leave to analyse performance
differences.
Moved Curve25519 code in KeyShare extension out of general ECC code.
2018-04-13 12:01:20 +10:00
425cee64a7
AES assembly file name change
...
Some versions of GCC on the Mac will not run the file aes_asm.s through the preprocessor. There are some ifdefs in the file that are included when they shouldn't be. This is not a problem on Linux. Renaming the file to have a capital S extension forces the assembler to run with the preprocessor.
2018-04-12 16:47:58 -07:00
eacd98fe4e
Merge pull request #1491 from dgarske/config
...
Configure improvements and new options
2018-04-12 13:48:20 -07:00
1f7b954d47
Fix for `wc_GetCTC_HashOID` in FIPS mode. Uses the new `wc_HashTypeConvert` to handle conversion from unique WC_ALGO (`int`) to WC_HASH_TYPE_ALGO (`enum wc_HashType`).
2018-04-12 06:51:23 -07:00
ce6728951f
Added a new `--enable-opensslall` option, which ensures all openssl features are enabled. Documented and tested building the various open source defines we support in our build.
2018-04-11 13:54:07 -07:00
ee5d78f84f
Added new `wc_OidGetHash` API for getting the hash type from a hash OID. Refactor PKCS7 and PKCS12 to use new API and reduce duplicate ocde. Updated `wc_GetCTC_HashOID` to use `wc_HashGetOID` and maintain back compat.
2018-04-11 13:53:30 -07:00
83bfdb1594
Fix for issue with unique hash types on ctoacrypt FIPS using different values than WC_HASH_TYPE_*. Add new API `wc_HashTypeConvert` to handle the conversion between `enum wc_HashType` and `int`. For FIPS it uses a switch() to convert and for non-FIPS it uses a simple cast. Changed the pwdbased_test to return actual ret instead of adding values (made it difficult to track down error location).
2018-04-11 09:30:30 -07:00
3f3e332a3a
Fix for evp.c `statement will never be executed` in `wolfSSL_EVP_CIPHER_CTX_block_size`.
2018-04-11 08:18:39 -07:00
a38576146e
* Added support for disabling PEM to DER functionality using `WOLFSSL_PEM_TO_DER`. This allows way to use with DER (ASN.1) certificates only in an embedded environment. This option builds, but internal make check requires PEM support for tests.
...
* More cleanup to move PEM functions from ssl.c to asn.c (`wolfSSL_CertPemToDer`, `wolfSSL_KeyPemToDer`, `wolfSSL_PubKeyPemToDer`). Renamed these API's to `wc_` and added backwards compatability macro for old function names.
2018-04-09 13:28:15 -07:00
5a46bdf6f6
Added unit test for using encrypted keys with TLS. Only works with `--enable-des3`, since the keys are all encrypted with DES3 (also requires either `--enable-opensslextra or --enable-enckeys`).
2018-04-09 13:28:15 -07:00
98c186017a
Fixes for build failures. Added new `WC_MAX_SYM_KEY_SIZE` macro for helping determine max key size. Added enum for unique cipher types. Added `CHACHA_MAX_KEY_SZ` for ChaCha.
2018-04-09 13:28:15 -07:00
2c72f72752
Fixes for FIPS, sniffer (w/o enc keys), scan-build issues and backwards compatability.
2018-04-09 13:28:15 -07:00
1f00ea2115
Fixes for various build issues with type casting and unused functions. Moved `mystrnstr` to wc_port.c. Added some additional argument checks on pwdbased.
2018-04-09 13:28:15 -07:00
6de8348918
Fixes for various build configurations. Added `--enable-enckeys` option to enable support for encrypted PEM private keys using password callback without having to use opensslextra. Moved ASN `CryptKey` function to wc_encrypt.c as `wc_CryptKey`. Fixup some missing heap args on XMALLOC/XFREE in asn.c.
2018-04-09 13:28:15 -07:00
1315fad7dc
Added ForceZero on the password buffer after done using it.
2018-04-09 13:28:15 -07:00
3a8b08cdbf
Fix to move the hashType out of EncryptedInfo. Fix for parsing "DEC-Info: ". Fix for determining when to set and get ivSz.
2018-04-09 13:28:15 -07:00
c83e63853d
Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming.
2018-04-09 13:28:15 -07:00
264496567a
Improvements to EncryptedInfo. Added build option `WOLFSSL_ENCRYPTED_KEYS` to indicate support for EncryptedInfo. Improvements to `wc_PBKDF1` to support more hash types and the non-standard extra data option.
2018-04-09 13:28:15 -07:00
f9e830bce7
First pass at changes to move PemToDer into asn.c.
2018-04-09 13:28:14 -07:00
6090fb9020
Merge pull request #1483 from dgarske/winvs
...
Fixes for unused `heap` warnings
2018-04-06 09:01:49 -07:00
e56209cee4
Merge pull request #1482 from dgarske/nourand
...
Added new define `NO_DEV_URANDOM` to disable the use of `/dev/urandom`
2018-04-06 09:00:37 -07:00
bab62cc435
Added new define `NO_DEV_URANDOM` to disable the use of `/dev/urandom`. Added better named define `WC_RNG_BLOCKING` to indicate block w/sleep(0) is okay.
2018-04-05 09:34:43 -07:00
ede006b3e1
Merge pull request #1479 from JacobBarthelmeh/HardwareAcc
...
Fix PIC32 AES-CBC and add test case
2018-04-05 09:15:08 -07:00
815219b589
fix pic32 AES-CBC and add test case
2018-04-04 16:09:11 -06:00
a78c6ba4ea
Fix for unused `heap` warnings.
2018-04-04 12:51:45 -07:00
2deb977ecf
Merge pull request #1473 from dgarske/pkcs7_norsa
...
Enabled PKCS7 support without RSA
2018-04-04 10:33:11 -07:00
960d2ec031
Merge pull request #1471 from JacobBarthelmeh/Fuzzer
...
sanity check on buffer read
2018-04-04 10:31:55 -07:00
c288d0815d
Added support for building and using PKCS7 without RSA (assuming ECC is enabled).
2018-04-03 09:26:57 -07:00
0c898f513d
Nitrox V fixes and additions:
...
* Added support for ECC, AES-GCM and HMAC (SHA-224 and SHA3).
* Fixes for Nitrox V with TLS.
* ECC refactor for so key based `r` and `s` apply only when building with `WOLFSSL_ASYNC_CRYPT`.
* ECC refactor for `e` and `signK` to use key based pointer for Nitrox V.
* Improved the Nitrox V HMAC to use start, update and final API's instead of caching updates.
* Fix for Intel QuickAssist with unsupported HMAC hash algos using `IntelQaHmacGetType` (such as SHA3).
* Added new API `wc_mp_to_bigint_sz` to zero pad unsigned bin.
* Fix for AES GCM to gate HW use based on IV len in aes.c and remove the gate in test.c.
* Implemented workaround to use software for AES GCM Nitrox V hardware and 13 byte AAD length for TLS.
* New debug option `WOLFSSL_NITROX_DEBUG` to add pending count.
2018-04-03 09:14:20 -07:00
6a1013888f
sanity check on buffer read
2018-04-02 14:30:58 -06:00
c60d9ff983
if(ret != 1) error
2018-04-01 13:27:08 +09:00
1c0b84d47d
openSSL compatibility, EVP_CipherUpdate, if(inlen == 0)return 1;
2018-04-01 12:13:18 +09:00
c9d840ed8d
Fix for the `HAVE_THEAD_LS` case with `FP_ECC` where starting a new thead and doing ECC operations and not calling `wc_ecc_fp_free`. Added missing `wolfCrypt_Init` to API docs.
2018-03-27 14:29:39 -07:00
504b13530e
Merge pull request #1459 from cconlon/selftest_fixes
...
Fix for wolfCrypt test and CAVP selftest build
2018-03-27 13:27:28 -07:00
9f231e0020
Merge pull request #1453 from dgarske/ecc508a_linux
...
Support for building with `WOLFSSL_ATECC508A` on other targets
2018-03-27 09:57:39 -07:00
021560035b
fix unused var warning for extNameConsOid with IGNORE_NAME_CONSTRAINTS
2018-03-26 09:43:37 -06:00
d2aa7d0a37
exclude ecc_import_unsigned test when building for CAVP selftest
2018-03-23 16:31:17 -06:00
c08f5b86cf
Merge pull request #1444 from jrblixt/unitTest_api_addPkcs-PR03162018
...
Unit test functions for PKCS#7.
2018-03-23 10:00:33 -06:00
aee6f4d0ca
Merge pull request #1457 from dgarske/base16
...
Base16/64 improvements
2018-03-22 15:14:57 -07:00
a92696edec
Merge pull request #1454 from dgarske/noprivkey
...
Support for not loading a private key when using `HAVE_PK_CALLBACKS`
2018-03-22 12:47:22 -07:00
3bf325290d
Base16/64 improvements:
...
* Add define `WOLFSSL_BASE16` to explicitly expose base16 support.
* Add `./configure --enable-base16` option (disabled by default in configure, but enabled in coding.h when required internally).
* Added base16 tests in test.c `base16_test`.
* Enabled base64 decode tests when `WOLFSSL_BASE64_ENCODE` is not defined.
2018-03-22 10:36:56 -07:00
0cff2f8b10
Replace use of `PUB_KEY_SIZE` (from CryptoAuthLib) with new `ECC_MAX_CRYPTO_HW_PUBKEY_SIZE`.
2018-03-22 09:45:27 -07:00
8c4bfd825a
Support for building the ATECC508A without `WOLFSSL_ATMEL` defined, which enables features specific to Atmel Studio Framework (ASF) and an embedded target. This allows for building with `WOLFSSL_ATECC508A` defined on other targets such as Linux.
2018-03-22 09:39:21 -07:00
104f7a0170
Merge pull request #1451 from JacobBarthelmeh/Optimizations
...
Adjust X509 small build and add more macro guards
2018-03-21 15:15:27 -07:00
f3d0879ed7
Merge pull request #1449 from dgarske/asn_nullterm
...
ASN improvements for building header/footer in `wc_DerToPemEx`
2018-03-21 15:13:46 -07:00
2a356228be
Merge pull request #1445 from SparkiDev/wpas_fix
...
Fixes for wpa_supplicant
2018-03-21 15:11:43 -07:00
dbb34126f6
* Added support for not loading a private key for server or client when `HAVE_PK_CALLBACK` is defined and the private PK callback is set. Tested with all cipher suites, TLS 1.2/1.3, client/server certs, RSA/ECC/ED25519.
...
* Added PK callback context tests for client/server examples (`SetupPkCallbackContexts`).
* Added new test define for `TEST_PK_PRIVKEY` to allows simulating hardware based private key.
* Added new test.h function for loading PEM key file and converting to DER (`load_key_file`).
* Added way to get private key signature size (`GetPrivateKeySigSize`).
* Added new ECC API `wc_ecc_sig_size_calc` to return max signature size for a key size.
* Added inline comments to help track down handshake message types.
* Cleanup of RSS PSS terminating byte (0xbc) to use enum value.
* Fixed bug with PK callback for `myEccVerify` public key format.
* Fixed bug with PK callback for ED25519 verify key buffer in DoServerKeyExchange.
2018-03-21 11:27:08 -07:00
90f97f4a5a
fix for unused variable
2018-03-21 09:16:43 -06:00
0aa3b5fa0e
macros for conditionally compiling code
2018-03-21 00:09:29 -06:00
087df8f1cd
more macro guards to reduce size
2018-03-20 17:15:16 -06:00
4d65e4cc1e
add WOLFSSL_NO_DH186 macro to optionally compile out DH186 function
2018-03-20 15:31:20 -06:00
df6ea54cd5
add support for PKCS8 decryption to OPENSSL_EXTRA_X509_SMALL build
2018-03-20 15:06:35 -06:00
764aec071c
Further improvement to the null termination and newline logic in `wc_DerToPemEx`.
2018-03-19 22:58:18 -07:00
59aa893260
Cleanup ECC point import/export code. Added new API `wc_ecc_import_unsigned` to allow importing public x/y and optional private as unsigned char. Cleanup `wc_ecc_sign_hash` to move the hardware crypto code into a separate function. Added missing tests for `wc_ecc_export_public_raw`, `wc_ecc_export_private_raw` and new test for `wc_ecc_import_unsigned`.
2018-03-19 13:28:57 -07:00
1040cf9caa
Merge pull request #1437 from dgarske/eccrsrawtosig
...
Added new ECC API `wc_ecc_rs_raw_to_sig`
2018-03-19 09:12:39 -07:00
7ce2efd572
Merge pull request #1431 from JacobBarthelmeh/Optimizations
...
more aes macro key size guards
2018-03-19 09:07:05 -07:00
b325e0ff91
Fixes for wpa_supplicant
2018-03-19 11:46:38 +10:00
465f1d491f
Merge pull request #1443 from cconlon/dhagree
...
check z against 1 in wc_DhAgree()
2018-03-17 20:15:31 -07:00
250cd3b7eb
Merge pull request #1433 from SparkiDev/sp_size
...
Fix size on Intel and improve 32-bit C code performance
2018-03-16 17:05:46 -07:00
1aba6e9b44
Prepare for PR.
2018-03-16 17:07:28 -06:00
3118c8826b
check z against 1 in wc_DhAgree()
2018-03-16 15:59:48 -06:00
f70351242b
Merge pull request #1432 from kojo1/mdk5
...
3.14.0 update on mdk5 pack
2018-03-15 14:47:14 -06:00
a207cae0f4
add some more macro guards to reduce size
2018-03-14 17:24:23 -06:00
4d1986fc21
Improve speed of 32-bit C code
2018-03-15 08:33:04 +10:00
9ccf876a21
Added new ECC API `wc_ecc_rs_raw_to_sig` to take raw unsigned R and S and encodes them into ECDSA signature format.
2018-03-14 10:59:25 -07:00
1de291be8d
macro INLINE
2018-03-14 07:14:07 +09:00
c4dfa41088
SP improvements
...
Tag functions to not be inlined so llvm doesn't make huge builds.
Add sp_mod to support new DH key generation function.
2018-03-13 14:16:48 +10:00
8fb3ccacb7
opensslextra fixs and warning for unused variable
2018-03-12 18:05:24 -06:00
6b04ebe3a4
fix for compiling with different build settings
2018-03-12 16:12:10 -06:00
fa21fb4a27
more aes macro key size guards
2018-03-12 15:44:48 -06:00
8fdb99443a
fix for build with NTRU and certgen
2018-03-09 14:21:43 -07:00
0ab4166a80
Merge pull request #1421 from JacobBarthelmeh/Optimizations
...
trim out more strings and fix DN tag
2018-03-08 14:03:10 -08:00
0ac833790d
check q in wc_CheckPubKey_ex() if available in DhKey
2018-03-08 10:17:52 -07:00
6f95677bb8
add wc_DhSetKey_ex() with support for q and SP 800-56A
2018-03-08 09:36:44 -07:00
a9c6385fd1
trim out more strings and fix DN tag
2018-03-07 10:35:31 -07:00
a4000ba196
Merge pull request #1418 from SparkiDev/sp_armasm
...
Add assembly code for ARM and 64-bit ARM
2018-03-07 09:18:16 -08:00
cd940ccb5c
Merge pull request #1417 from dgarske/asn_x509_header
...
Cleanup of the ASN X509 header logic
2018-03-07 08:50:00 -08:00
89182f5ca9
Add assembly code for ARM and 64-bit ARM
...
Split out different implementations into separate file.
Turn on SP asm by configuring with: --enable-sp-asm
Changed small ASM code for ECC on x86_64 to be smaller and slower.
2018-03-07 11:57:09 +10:00
b879d138af
Fix for using non-const as array sizer (resolves build error with VS).
2018-03-06 09:04:12 -08:00
57e9b3c994
Cleanup of the ASN X509 header and XSTRNCPY logic.
2018-03-05 16:11:12 -08:00
d75b3f99ac
Proper fix for Pluton ECC sign.
2018-03-05 15:29:34 -08:00
53c0bf6a20
Merge pull request #1408 from JacobBarthelmeh/Release
...
Testing in preparation for release
2018-03-02 10:12:27 -08:00
e698084eac
Merge pull request #1406 from dgarske/mmcau_sha256_cast
...
Fix for cast warning with NXP CAU and SHA256.
2018-03-02 10:10:14 -08:00
f6869dfe09
AES ECB build with ARMv8 instructions enabled
2018-03-02 09:30:43 -07:00
f6d770b5bd
Fix for pluton ECC sign.
2018-03-02 07:57:22 +01:00
223facc46a
sanity check on index before reading from input
2018-03-01 18:03:21 -07:00
ae21c03d69
check on certificate index when getting Name
2018-03-01 18:00:52 -07:00
e7b0fefd7a
add sanity check on read index
2018-03-01 18:00:52 -07:00
df1c73c8e5
check for case that BER to DER API is available
2018-03-01 18:00:52 -07:00
db18e49920
gcc-7 warning about misleading indentation
2018-03-01 18:00:52 -07:00
59c8d3cdf7
Fix for cast warning with NXP CAU and SHA256.
2018-03-01 08:06:29 +01:00
1b2e43478d
Merge pull request #1405 from ejohnstown/selftest-errors
...
added error codes for the FIPS pairwise agreement tests in the POST
2018-02-28 14:16:59 -07:00
d035c1dd81
added error code for the FIPS DH agreement KAT test in the POST
2018-02-28 10:54:53 -08:00
b6aae0c2d1
Merge pull request #1402 from JacobBarthelmeh/Testing
...
Improve bounds and sanity checks
2018-02-28 09:45:19 -08:00
25e7dbd17a
add comment on sanity check
2018-02-27 23:30:50 -07:00
5cc046eb6d
added error codes for the FIPS pairwise agreement tests in the POST
2018-02-27 12:42:25 -08:00
00b6419964
use XSTRLEN and revert adding outLen parameter
2018-02-26 16:52:09 -07:00
e6c95a0854
sanity check on input size
2018-02-26 14:41:00 -07:00
5ef4296b3d
sanity check on buffer length with ASNToHexString
2018-02-26 14:25:39 -07:00
e4f40fb6c0
add sanity checks and change index increment
2018-02-26 13:55:56 -07:00
f7d70e4650
Merge pull request #1401 from kaleb-himes/NETOS-SV
...
possible shadowed global variable declaration in NETOS
2018-02-26 12:21:13 -08:00
John Safranek