mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:40:49 +02:00
@@ -945,7 +945,6 @@ WOLFSSL_XMSS_LARGE_SECRET_KEY
|
||||
WOLFSSL_ZEPHYR
|
||||
WOLF_ALLOW_BUILTIN
|
||||
WOLF_CRYPTO_CB_CMD
|
||||
WOLF_CRYPTO_CB_FIND
|
||||
WOLF_CRYPTO_CB_ONLY_ECC
|
||||
WOLF_CRYPTO_CB_ONLY_RSA
|
||||
WOLF_CRYPTO_DEV
|
||||
|
||||
+2
-1
@@ -1546,7 +1546,8 @@ then
|
||||
test "$enable_ed448" = "" && enable_ed448=yes
|
||||
test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
|
||||
test "$enable_aessiv" = "" && enable_aessiv=yes
|
||||
test "$enable_aeseax" = "" && enable_aeseax=yes
|
||||
# AFALG lacks AES-EAX
|
||||
test "$enable_aeseax" = "" && test "$enable_afalg" != "yes" && enable_aeseax=yes
|
||||
|
||||
if test "$KERNEL_MODE_DEFAULTS" != "yes"
|
||||
then
|
||||
|
||||
@@ -60,8 +60,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
@@ -63,8 +63,10 @@ remove_ready_file() {
|
||||
abort_trap() {
|
||||
echo "script aborted"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
@@ -39,8 +39,12 @@ if [ "${AM_BWRAPPED-}" != "yes" ]; then
|
||||
fi
|
||||
|
||||
kill_server() {
|
||||
sleepseconds=1
|
||||
for i in $(jobs -pr); do
|
||||
if [ "$i" != "$TCPDUMP_PID" ]; then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep $sleepseconds
|
||||
sleepseconds=0
|
||||
kill -9 $i
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -141,14 +141,21 @@ do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
IFS=$OIFS #restore separator
|
||||
sleepseconds=1
|
||||
for s in $servers
|
||||
do
|
||||
f2=${s%:*}
|
||||
sname=${f2%:*}
|
||||
pid=${f2##*:}
|
||||
port=${s##*:}
|
||||
echo "killing server: $sname ($port)"
|
||||
kill -9 "$pid"
|
||||
if kill -0 "$pid" 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep $sleepseconds
|
||||
sleepseconds=0
|
||||
echo "killing server: $sname ($port)"
|
||||
kill -9 "$pid"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
@@ -54,8 +54,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
@@ -67,8 +69,10 @@ do_cleanup() {
|
||||
abort_trap() {
|
||||
echo "script aborted"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
+3
-1
@@ -63,8 +63,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
+3
-1
@@ -44,8 +44,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
+3
-1
@@ -74,8 +74,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid 2>/dev/null
|
||||
server_pid=$no_pid
|
||||
|
||||
@@ -87,8 +87,10 @@ remove_ready_file() {
|
||||
do_cleanup() {
|
||||
echo "in cleanup"
|
||||
|
||||
if [ $server_pid != $no_pid ]
|
||||
if [ $server_pid != $no_pid ] && kill -0 $server_pid 2>&-
|
||||
then
|
||||
# sleep to give sanitizers time to dump backtraces.
|
||||
sleep 1
|
||||
echo "killing server"
|
||||
kill -9 $server_pid
|
||||
fi
|
||||
|
||||
@@ -316,10 +316,28 @@ void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
|
||||
WOLFSSL_MSG("Couldn't lock x509 mutex");
|
||||
if (!doFree)
|
||||
return;
|
||||
wolfSSL_RefFree(&crl->ref);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CRL_MONITOR
|
||||
if (crl->tid != INVALID_THREAD_VAL) {
|
||||
WOLFSSL_MSG("stopping monitor thread");
|
||||
if (StopMonitor(crl->mfd) == 0) {
|
||||
if (wolfSSL_JoinThread(crl->tid) != 0)
|
||||
WOLFSSL_MSG("stop monitor failed in wolfSSL_JoinThread");
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("stop monitor failed");
|
||||
}
|
||||
}
|
||||
if (wolfSSL_CondFree(&crl->cond) != 0)
|
||||
WOLFSSL_MSG("wolfSSL_CondFree failed in FreeCRL");
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_ALL
|
||||
wolfSSL_RefFree(&crl->ref);
|
||||
#endif
|
||||
|
||||
tmp = crl->crlList;
|
||||
#ifdef HAVE_CRL_MONITOR
|
||||
if (crl->monitors[0].path)
|
||||
@@ -343,20 +361,6 @@ void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
|
||||
tmp = next;
|
||||
}
|
||||
|
||||
#ifdef HAVE_CRL_MONITOR
|
||||
if (crl->tid != INVALID_THREAD_VAL) {
|
||||
WOLFSSL_MSG("stopping monitor thread");
|
||||
if (StopMonitor(crl->mfd) == 0) {
|
||||
if (wolfSSL_JoinThread(crl->tid) != 0)
|
||||
WOLFSSL_MSG("stop monitor failed in wolfSSL_JoinThread");
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("stop monitor failed");
|
||||
}
|
||||
}
|
||||
if (wolfSSL_CondFree(&crl->cond) != 0)
|
||||
WOLFSSL_MSG("wolfSSL_CondFree failed in FreeCRL");
|
||||
#endif
|
||||
wc_FreeRwLock(&crl->crlLock);
|
||||
if (dynamic) /* free self */
|
||||
XFREE(crl, crl->heap, DYNAMIC_TYPE_CRL);
|
||||
|
||||
@@ -18362,6 +18362,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0)
|
||||
/* Regression test: wc_AesGcmDecryptFinal must reject authTagSz below
|
||||
* WOLFSSL_MIN_AUTH_TAG_SZ, consistent with wc_AesGcmDecrypt and
|
||||
* wc_AesGcmEncryptFinal. */
|
||||
@@ -18376,6 +18377,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void)
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif /* HAVE_AES_DECRYPT && WOLFSSL_MIN_AUTH_TAG_SZ > 1 */
|
||||
#endif /* !HAVE_FIPS || FIPS_VERSION3_GE(7,0,0) */
|
||||
|
||||
/* alen is the size to pass in with each update. */
|
||||
for (alen = 1; alen < WC_AES_BLOCK_SIZE + 1; alen++) {
|
||||
|
||||
+24
-15
@@ -821,22 +821,11 @@ WOLFSSL_LOCAL int wc_local_CmacUpdateAes(struct Cmac *cmac, const byte* in,
|
||||
|
||||
#ifdef WOLFSSL_AES_EAX
|
||||
|
||||
/* Because of the circular dependency between AES and CMAC, we need to prevent
|
||||
* inclusion of AES EAX from CMAC to avoid a recursive inclusion */
|
||||
#ifndef WOLF_CRYPT_CMAC_H
|
||||
#include <wolfssl/wolfcrypt/cmac.h>
|
||||
struct AesEax {
|
||||
Aes aes;
|
||||
Cmac nonceCmac;
|
||||
Cmac aadCmac;
|
||||
Cmac ciphertextCmac;
|
||||
byte nonceCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte aadCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte ciphertextCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte prefixBuf[WC_AES_BLOCK_SIZE];
|
||||
};
|
||||
#endif /* !defined(WOLF_CRYPT_CMAC_H) */
|
||||
/* Note that struct AesEax is defined at the end of this file, to work around
|
||||
* circular dependency between AES and CMAC.
|
||||
*/
|
||||
|
||||
struct AesEax;
|
||||
typedef struct AesEax AesEax;
|
||||
|
||||
/* One-shot API */
|
||||
@@ -1120,3 +1109,23 @@ WOLFSSL_LOCAL void AES_XTS_decrypt_AARCH32(const byte* in, byte* out,
|
||||
|
||||
#endif /* NO_AES */
|
||||
#endif /* WOLF_CRYPT_AES_H */
|
||||
|
||||
/* Because of the circular dependency between AES and CMAC, we need to define
|
||||
* struct AesEax here, with careful gating.
|
||||
*/
|
||||
#if defined(WOLFSSL_AES_EAX) && !defined(WC_AES_INCLUDE_FOR_CMAC_H) && \
|
||||
!defined(WC_AESEAX_STRUCT_DEFINED)
|
||||
#include <wolfssl/wolfcrypt/cmac.h>
|
||||
struct AesEax {
|
||||
Aes aes;
|
||||
Cmac nonceCmac;
|
||||
Cmac aadCmac;
|
||||
Cmac ciphertextCmac;
|
||||
byte nonceCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte aadCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte ciphertextCmacFinal[WC_AES_BLOCK_SIZE];
|
||||
byte prefixBuf[WC_AES_BLOCK_SIZE];
|
||||
};
|
||||
#define WC_AESEAX_STRUCT_DEFINED
|
||||
#endif /* WOLFSSL_AES_EAX && !WC_AES_INCLUDE_FOR_CMAC_H && */
|
||||
/* !WC_AESEAX_STRUCT_DEFINED */
|
||||
|
||||
@@ -28,7 +28,12 @@
|
||||
#ifdef WOLFSSL_CMAC
|
||||
|
||||
#ifndef NO_AES
|
||||
#include <wolfssl/wolfcrypt/aes.h>
|
||||
/* Inhibit definition of struct AesEax, with its circular dependency on the
|
||||
* below definition of struct Cmac.
|
||||
*/
|
||||
#define WC_AES_INCLUDE_FOR_CMAC_H
|
||||
#include <wolfssl/wolfcrypt/aes.h>
|
||||
#undef WC_AES_INCLUDE_FOR_CMAC_H
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) && \
|
||||
|
||||
Reference in New Issue
Block a user