subjectCN and publicKey in a DecodedCert are needed by the certificate
store in some cases. For embedded, allow them to be allocated even with
WOLFSSL_NO_MALLOC defined.
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
otherwise if profile_str_len is > strlen(gSrtpProfiles[i].name) we end up
comparing memory past gSrtpProfiles[i].name. -fsanitize=address catches this:
```
==100159==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f40d8d533b2 at pc 0x7f40d8eb014f bp 0x7f40d50fe240 sp 0x7f40d50fd9e8
READ of size 21 at 0x7f40d8d533b2 thread T107
#0 0x7f40d8eb014e in MemcmpInterceptorCommon(void*, int (*)(void const*, void const*, unsigned long), void const*, void const*, unsigned long) /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:860
#1 0x7f40d8eb06e6 in __interceptor_memcmp /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:892
#2 0x7f40d8eb06e6 in __interceptor_memcmp /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:887
#3 0x7f40d8c2e830 in DtlsSrtpFindProfile src/ssl.c:1310
#4 0x7f40d8c2e9ed in DtlsSrtpSelProfiles src/ssl.c:1347
#5 0x7f40d8c2eada in wolfSSL_CTX_set_tlsext_use_srtp src/ssl.c:1359
#6 0x563bf381b4c5 in server_test examples/server/server.c:2278
#7 0x7f40d88f0258 in start_thread (/usr/lib/libpthread.so.0+0x9258)
#8 0x7f40d88195e2 in __GI___clone (/usr/lib/libc.so.6+0xfe5e2)
```
This commit adds `wolfSSL_SetTimeCb` and `wolfSSL_time`. The former allows the
user to override the function wolfSSL uses to get the current time,
`wolfSSL_time`. If set, `wolfSSL_time` uses that function. If not set,
`wolfSSL_time` uses the `XTIME` macro by default. This functionality is needed
for the port of chrony to wolfSSL. chrony is an NTP implementation that uses
GnuTLS by default. For TLS, chrony uses the time it computes in place of the
default system time function.
test.c:
1. Removed pragma disabling the warning for unused functions.
2. Fixed the guards around the function that wasn't getting removed from
the build. And matched the guards to the call of the function. The
issue is a test that fails only in a cert 3389 build using Arm
assembly single-precision public keys.
3. Fixed the guards around a couple other functions.
David Garske
Marco Oliverio
Sean Parkinson
Hayden Roche
Jacob Barthelmeh
elms
Anthony Hu
Chris Conlon
Daniel Pouzzner
Eric Blankenhorn
John Safranek