wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 15:19:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
24,268 Commits 12 Branches 184 Tags
21bdb76edeca0df91e1aa461579054800cc25f85
Commit Graph

8110 Commits

Author SHA1 Message Date
Sean Parkinson
aa8a2144c8 Aarch64 CPU Id: FreeBSD/OpenBSD fix 
Fix name and flags set.
 2025-01-10 08:28:45 +10:00
Daniel Pouzzner
8d85ab964d wolfcrypt/src/pkcs12.c: fix resource leak in PKCS12_CoalesceOctetStrings(). 2025-01-08 13:39:33 -06:00
Daniel Pouzzner
fd664fd597 wolfcrypt/src/integer.c: add sanity checks to mollify clang-tidy 20.0.0_pre20250104: in mp_grow(), error if the mp_int has a null .dp but nonzero .alloc; in s_mp_add() and s_mp_sub(), error if either operand has a null .dp but the constant of iteration (from .used) is positive. these fix 6 distinct clang-analyzer-core.NullDereferences, of undetermined accuracy (possibly benign). 2025-01-08 11:09:27 -06:00
Daniel Pouzzner
632d1c7ada wolfcrypt/src/wc_xmss_impl.c: fix error-checking comparisons in wc_xmss_bds_state_load() and wc_xmss_bds_state_store(), and remove no-longer-needed suppression in wc_xmss_sign(). 
.wolfssl_known_macro_extras: remove unneeded WOLFSSL_GAISLER_BCC and WOLFSSL_NO_AES_CFB_1_8.

wolfcrypt/src/dh.c: reformat overlong lines.
 2025-01-07 17:37:11 -06:00
Daniel Pouzzner
b6ce89c429 wolfcrypt/src/pkcs7.c: in wc_PKCS7_BuildSignedAttributes(), clear cannedAttribs[idx] before it's conditionally populated, to prevent possible uninited data read in subsequent EncodeAttributes(). 2025-01-07 15:03:18 -06:00
Daniel Pouzzner
8c32238733 wolfcrypt/src/wc_xmss_impl.c: guided by clang-tidy 20.0.0_pre20250104, add some error-checking to wc_xmss_bds_state_load() and wc_xmss_bds_state_store(), but ultimately, suppress a pair of stubborn apparently-false "function call argument is an uninitialized value" warnings, one in wc_xmss_bds_state_store() and one in wc_xmss_sign(). 2025-01-07 14:04:01 -06:00
David Garske
a3d879f1c6 Merge pull request #8336 from douzzer/20250107-clang-tidy-null-derefs 
20250107-clang-tidy-null-derefs
 2025-01-07 08:07:06 -08:00
David Garske
4a12351a82 Merge pull request #8335 from douzzer/20250106-_DhSetKey-FFDHE-short-circuit 
20250106-_DhSetKey-FFDHE-short-circuit
 2025-01-07 08:06:37 -08:00
David Garske
d2ea3c67c5 Merge pull request #8329 from douzzer/20250103-Sha512Final-no-scratch-digest 
20250103-Sha512Final-no-scratch-digest
 2025-01-07 08:05:31 -08:00
Daniel Pouzzner
d6ead1b3e5 src/tls.c: fix possible null deref in TLSX_UseCertificateStatusRequestV2(). 
wolfcrypt/src/pkcs12.c: fix possible null deref in PKCS12_CoalesceOctetStrings(), and fix spelling of PKCS12_ConcatenateContent().
 2025-01-07 00:00:48 -06:00
Daniel Pouzzner
fffafe661a wolfcrypt/src/dh.c: in _DhSetKey(), add short-circuit comparisons to RFC 7919 known-good moduli, preempting overhead from mp_prime_is_prime(). 
wolfcrypt/test/test.c: in dh_ffdhe_test(), when defined(HAVE_PUBLIC_FFDHE), use wc_DhSetKey_ex() rather than wc_DhSetKey() to exercise the primality check in _DhSetKey().
 2025-01-06 14:52:42 -06:00
Daniel Pouzzner
5172ff7ee3 wolfcrypt/src/sha512.c: in Sha512FinalRaw() and wc_Sha384FinalRaw(), refactor out the scratch digest -- ByteReverseWords64() is safe in-place, and the scratch digest caused a SEGV in the XMEMCPY() on AVX512-capable targets built with gcc -march=native unless XALIGN(64), due to gcc bug(s). 2025-01-06 11:06:56 -06:00
Sean Parkinson
13ce92cc1f SP int: stop CodeSonar complaining about i being negatve 
n is checked for negative and fail out in that case.
i is n devided by a positive constant and can never be negative.
 2025-01-06 10:04:14 +10:00
Sean Parkinson
7d3ee74a71 Aarch64 ASM: Use CPU features for more 
AES GCM streaming - fix GHASH_ONE_BLOCK to use CPU feature information.
AES-GCM uses EOR3 (SHA-3 instruction) - split assembly code.
Kyber uses SQRDMLSH - split assembly code.

Changed define from WOLFSSL_AARCH64_NO_SQRMLSH to
WOLFSSL_AARCH64_NO_SQRDMLSH to match instruction.

Improved array data format for inline assembly code.
 2025-01-02 19:56:04 +10:00
JacobBarthelmeh
838fe22e61 Merge pull request #8314 from SparkiDev/aarch64_no_crypto_fallback 
Aarch64 ASM: check CPU features before hw crypto instr use
 2024-12-24 10:15:23 -07:00
Sean Parkinson
e1851cd482 Aarch64 ASM: check CPU features before hw crypto instr use 
For SHA-256, SHA-512 and SHA3, get the CPU features to see if hardware
crypto is available. If not then fallback to an alternate
implementation.
 2024-12-24 12:08:12 +10:00
Sean Parkinson
93812e4286 Merge pull request #8289 from JacobBarthelmeh/harden 
add option for additional sanity checks
 2024-12-24 09:17:08 +10:00
Daniel Pouzzner
a13d0fdd86 Merge pull request #8311 from SparkiDev/aarch64_cpuid_fix 
Aarch64 CPU id: fix for privilege instruction detection
 2024-12-23 11:52:14 -06:00
JacobBarthelmeh
36d5342f6b Merge pull request #8310 from douzzer/20241221-wolfCrypt-more-AES_BLOCK_SIZE 
20241221-wolfCrypt-more-AES_BLOCK_SIZE
 2024-12-23 09:26:05 -07:00
Sean Parkinson
e7d7e47e07 Aarch64 CPU id: fix for privilege instruction detection 
AES/PMULL is in four bits 4-7.
When value is 0b0010, this indicates both AES and PMULL. Fix code to set
both.
 2024-12-23 11:23:14 +10:00
David Garske
2bcad989da Merge pull request #8309 from douzzer/20241221-fix-CEscape-bounds-check 
20241221-fix-CEscape-bounds-check
 2024-12-21 14:51:46 -08:00
Daniel Pouzzner
ed18bf3deb In wolfcrypt/src/port/ and IDE/, replace remaining uses of AES_BLOCK_SIZE with WC_AES_BLOCKSIZE for compatibility with OPENSSL_COEXIST. 
Automated replacement with
```
git ls-files -z wolfcrypt/src/port/ IDE/ | xargs -0 pcre2grep -l '[^_]AES_BLOCK_SIZE' | xargs sed --regexp-extended --in-place 's/([^_])AES_BLOCK_SIZE/\1WC_AES_BLOCK_SIZE/g'
```

Checked for mis-transformations with
```
git ls-files -z | xargs -0 pcre2grep '[^-[()+*/[:space:]]WC_AES_BLOCK_SIZE' | less
```

Checked for residual hits with
```
git ls-files -z | xargs -0 pcre2grep '[^_]AES_BLOCK_SIZE' | less
```

Deliberately excluded:
* ChangeLog.md -- do not alter history.
* doc/ -- do not confuse documentation with newly prefixed macro, because AES_BLOCK_SIZE is available unless -DOPENSSL_COEXIST.
* tests/api.c -- the unit tests deliberately use compatibility names, and are not compatible with -DOPENSSL_COEXIST.
* wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs -- false positive hits on C# names.
* wrapper/CSharp/wolfCrypt-Test/wolfCrypt-Test.cs -- false positive hits on C# names.
* reference in wolfssl/wolfcrypt/aes.h that defines AES_BLOCK_SIZE when -UOPENSSL_COEXIST.
* reference in wolfssl/wolfcrypt/settings.h that defines WC_AES_BLOCK_SIZE for old FIPS when -UWC_AES_BLOCK_SIZE.
 2024-12-21 10:28:18 -06:00
Daniel Pouzzner
33a47c1c04 Merge pull request #8265 from JacobBarthelmeh/armasm 
armasm with opensslcoexist build
 2024-12-21 10:06:27 -06:00
Daniel Pouzzner
b07f2cb461 wolfcrypt/src/coding.c: fix incorrect array bounds check in CEscape(), introduced in 8bbe8a7c8a (before which there was no bounds check at all). 2024-12-21 09:47:07 -06:00
JacobBarthelmeh
961453b5ee fix for free'ing up memory after use 2024-12-20 14:58:57 -07:00
JacobBarthelmeh
67f3343a5d Merge pull request #8306 from SparkiDev/kyber_no_avx2_fix 
ML-KEM/Kyber: fix kyber_prf() for when no AVX2
 2024-12-20 11:40:46 -07:00
Sean Parkinson
e507c466d5 ML-KEM/Kyber: fix kyber_prf() for when no AVX2 
When no AVX2 available, kyber_prf() is called to produce more than one
SHAKE-256 blocks worth of ouput. Otherwise only one block is needed.
Changed function to support an outlen of greater than one block.
 2024-12-20 11:03:58 +10:00
Kareem
8bbe8a7c8a Fix a couple of missing bounds checks found via code analyzer. 2024-12-19 17:01:25 -07:00
Daniel Pouzzner
ed76d8ea10 Merge pull request #8297 from miyazakh/ra_jankins 
Fix RA6M4 jankins failure
 2024-12-18 22:18:43 -06:00
Daniel Pouzzner
122502e2b1 wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion. 2024-12-18 11:51:06 -06:00
Hideki Miyazaki
39c11c269f Fix RA6M jankins failure 2024-12-18 07:37:21 +09:00
JacobBarthelmeh
613c1aa16d fix for no malloc build 2024-12-17 14:47:45 -07:00
Daniel Pouzzner
f23a2f2f48 wolfcrypt/src/aes.c: add missing WOLFSSL_ARMASM gate clause around wolfCrypt_FIPS_aes_ro_sanity, necessitated by 514a92d6ee/#8293. 2024-12-17 14:17:52 -06:00
JacobBarthelmeh
87ae31b48f some additional sanity checks with harden build 2024-12-17 12:47:42 -07:00
Daniel Pouzzner
22e95081cd Merge pull request #8181 from gojimmypi/dev-compiler-message 
Initialize vars & change types to appease Windows/VS
 2024-12-16 23:19:05 -06:00
Daniel Pouzzner
9d7c02589f Merge pull request #8276 from SparkiDev/ed448_muladd_full_reduce 
EdDSA Ed448: sc_muladd now does full reduction
 2024-12-16 20:29:49 -06:00
Daniel Pouzzner
fd22bfc0b7 Merge pull request #8293 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-16 14:57:53 -06:00
Sean Parkinson
514a92d6ee Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-16 17:46:08 +10:00
JacobBarthelmeh
ad03518aa8 armasm with opensslcoexist build 2024-12-13 17:11:32 -07:00
David Garske
71325a2a32 Revert "Aarch64: make code compile when no hardware crypto avail" 2024-12-13 13:52:53 -08:00
JacobBarthelmeh
f0f50f1837 add option for additional sanity checks 2024-12-13 14:42:51 -07:00
JacobBarthelmeh
d7e40e7413 Merge pull request #8264 from dgarske/various_20241206 
Various cleanups and fixes
 2024-12-13 13:48:10 -07:00
David Garske
79d9b2d6c3 Merge pull request #8277 from SparkiDev/aarch64_no_crypto 
Aarch64: make code compile when no hardware crypto avail
 2024-12-12 15:49:57 -08:00
Sean Parkinson
24bb2b7fab Aarch64: make code compile when no hardware crypto avail 
Detects availability of instructions for Aarch64.
 2024-12-13 09:16:11 +10:00
Kareem
d4af181593 Add support for the RFC822 Mailbox attribute. 2024-12-12 12:37:32 -07:00
Daniel Pouzzner
1f1e985d73 Merge pull request #8268 from bandi13/fixMemleak 
Fix memory leak
 2024-12-11 16:35:38 -06:00
Sean Parkinson
c9c28335ae EdDSA Ed448: sc_muladd now does full reduction 
sc_muladd was reducing to word boundary and not to order.
Now reduces to order as last step.
 2024-12-12 08:33:35 +10:00
Daniel Pouzzner
d825b08e16 Merge pull request #8275 from SparkiDev/aarch64_poly1305_fix 
Aarch64 Poly1305: fix corner case
 2024-12-11 16:24:36 -06:00
Daniel Pouzzner
88241f1a2c Merge pull request #8267 from ColtonWilley/pkcs11_cert_support 
PKCS11 cert support
 2024-12-11 16:04:58 -06:00
Sean Parkinson
c0f3b433b2 Aarch64 Poly1305: fix corner case 
Don't mask top 26 bits as it may have next bit set as reduction step was
only approximate.
 2024-12-11 12:49:21 +10:00