Commit Graph

295 Commits

Author SHA1 Message Date
Sean Parkinson 1b29f7353a Check memory is zeroized
Add a define WOLFSSL_CHECK_MEM_ZERO to turn on code that checks that
memory that must be zeroized before going out of use is zero.
Everytime sensitive data is put into a allocated buffer or stack buffer;
the address, its length and a name is stored to be checked later.
Where the stack buffer is about to go out of use, a call is added to
check that the required parts are zero.

wc_MemZero_Add() adds an address with length and name to a table of
addressed to be checked later.
wc_MemZero_Check() checks that the memory associated with the address is
zeroized where required.
mp_memzero_add() adds mp_int's data pointer with length and name to
table.
mp_memzero_check() checks that the data pointer is zeroized where
required.

Freeing memory will check the address. The length was prepended on
allocation.
Realloction was changed for WOLFSSL_CHECK_MEM_ZERO to perform an
allocate, check, copy, free.
2022-06-16 10:22:32 +10:00
David Garske 802e3127c0 Merge pull request #5145 from JacobBarthelmeh/caam
CAAM support with QNX i.MX8, add AES-CTR crypto callback
2022-06-03 15:24:10 -07:00
Tesfa Mael cd008aac6a Add support for VxWorks 6.x
Use rand_r and define SEM_ID_NULL
Fix redefinition of typedef 'SOCKADDR'
2022-06-02 09:54:27 -07:00
David Garske e8d779ab78 Merge pull request #5077 from gojimmypi/ESP8266_Development
Add ESP-IDF WOLFSSL_ESP8266 setting for ESP8266 devices
2022-05-25 12:46:10 -07:00
David Garske 579a37bdf0 Merge pull request #5117 from cconlon/getrandom
add support for Linux getrandom() with WOLFSSL_GETRANDOM
2022-05-16 12:36:30 -07:00
Chris Conlon e6ce735ed8 add support for Linux getrandom() with WOLFSSL_GETRANDOM 2022-05-12 16:51:38 -06:00
JacobBarthelmeh 988236ca70 remove port print out 2022-05-12 13:07:04 -07:00
Daniel Pouzzner c4920021d8 print errors to stderr, not stdout;
fix whitespace in internal.c;

add missing error handling in examples/server/server.c around recvfrom().
2022-05-12 13:07:32 -05:00
David Garske 6e880495dc Merge pull request #5102 from SparkiDev/ct_valgrind_fixes_1
Constant time changes
2022-05-05 07:43:00 -07:00
Sean Parkinson 189c9ab234 Constant time changes
GCM: make borrow constant time.
AES-GCM decrypt: compare at end and constant time.
Random: array_add touchs all elements every time.
RSA-OAEP: look for padding byte in constant time (look at every byte in
array).
SP
 - reduce conditional use (make them bit ops)
 - Fix point adds to not use double when adding infinity to infinity
 - Implement signed div as __divi3 is not constant time.
 - Move check sof input variables to API.
2022-05-05 12:26:57 +10:00
Kaleb Himes 2ec7951de6 Merge pull request #4803 from danielinux/tirtos-update-202201
Update TIRTOS support
2022-04-28 10:12:32 -05:00
JacobBarthelmeh c0d7f3b2e6 add support for i.MX8 with QNX CAAM 2022-04-27 02:27:05 -07:00
gojimmypi 7233732159 move ESP8266-specific to separate section 2022-04-26 17:58:14 -07:00
gojimmypi 15a48e411d Add WOLFSSL_ESP8266 for ESP-IDF 2022-04-23 12:30:34 -07:00
Sean Parkinson 284ebacc57 Merge pull request #4916 from JacobBarthelmeh/hsm
Add SECO use and expand cryptodev
2022-04-07 10:21:32 +10:00
Daniel Pouzzner 008c8509c6 multi-test fixes: whitespace in wolfcrypt/src/random.c and wolfcrypt/test/test.c, bugprone-macro-parentheses and -Wenum-compare in WS_RETURN_CODE() (wolfssl/ssl.h), and clang-analyzer-deadcode.DeadStores in api.c. 2022-03-25 13:26:41 -05:00
David Garske 1b0e5f4806 Allow disabling DRBG with KCAPI. Add KCAPI /dev/hwrng support. 2022-03-23 09:37:50 -07:00
David Garske b90df0a6aa Merge pull request #4951 from ejohnstown/wolfrand
wolfRand for AMD
2022-03-21 09:09:19 -07:00
JacobBarthelmeh 55b42dd85a Add SECO use and expand cryptodev 2022-03-17 12:04:52 -06:00
John Safranek f80faebfe5 wolfRand for AMD
1. Add configure option to enable AMD's RDSEED.
2. Add seed parameters when building specifically for AMD using RDSEED.
3. Update the wolfCrypt test to play nice with the larger seed size.
2022-03-15 15:20:08 -07:00
TakayukiMatsuo 365a4de154 Fix settings and removed warnings 2022-03-16 02:12:45 +09:00
David Garske 54e7db0a9a Merge pull request #4739 from rizlik/psa
support Platform Security Architecture (PSA) API
2022-02-07 10:40:21 -08:00
Chris Conlon 4c8f0709fc Merge pull request #4720 from dgarske/fips_compat 2022-02-07 09:56:24 -07:00
Marco Oliverio 06915b6fa3 psa: support PSA random generator 2022-02-04 21:45:38 +01:00
Daniele Lacamera f323964e8a Update TIRTOS module
Use SP_MATH by default. Added missing object files.
2022-01-27 16:23:23 +01:00
Daniel Pouzzner 24bb007d3c wolfcrypt/src/random.c: fixes for cppcheck complaints: uninitvar 2022-01-08 00:31:51 -06:00
David Garske 96e1f77c32 Adds compatibility FIPS DRBG API's and test cases. 2022-01-04 15:13:06 -08:00
David Garske 9d137668c7 Merge pull request #4675 from julek-wolfssl/openssh-8.8
Fix macro name conflicts with openssh
2021-12-22 08:31:36 -08:00
Juliusz Sosinowicz 8435eb4644 Add WC_ namespace to variable handling defines 2021-12-22 12:16:02 +01:00
Lealem Amedie a79440b95a Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER 2021-12-16 13:30:43 -07:00
Daniel Pouzzner a33ae21801 whitespace cleanups and portability/pedantic fixes 2021-11-29 23:58:39 -06:00
Hideki Miyazaki f50fcd918e support Renesas RA SCE protect mode on RA6M4 evaluation board 2021-11-19 14:22:16 +09:00
Daniel Pouzzner 0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
John Safranek 976402e04b RNG Update
1. When the seed callback is enabled, allow wc_GenerateSeed() to be used
   as a default callback.
2. Modify all the tests and examples to use the default seed callback if
   the seed callback is enabled.
2021-10-26 20:24:25 -05:00
John Safranek 0c6d8cfc22 If the RNG seeding callback is missing or returns an error, the RNG instantiate fails. 2021-10-26 20:24:25 -05:00
John Safranek c47e354eed Add callback option for RNG seeding. 2021-10-26 20:24:25 -05:00
David Garske b9b5661550 Merge pull request #4465 from LinuxJedi/stm32-fixes
Minor STM32F1 fixes
2021-10-12 11:57:18 -07:00
Andrew Hutchings 97883d78ac Minor STM32F1 fixes
* Not all STM32 RTCs support subseconds in the time struct, so this is
  now ifdef'd using the only obvious define which exists when subseconds
  exist.
* Let wc_GenerateSeed detect STM32's without RNG correctly.
* wolfCrypt test was attempting to use variables that don't exist when
  both WOLFSSL_SMALL_STACK and WC_NO_RNG is defined.
2021-10-12 16:20:36 +01:00
David Garske 29f051e585 Fixes and cleanups for NXP SE050 support. 2021-10-11 11:53:19 -07:00
Ethan 3f76a76c46 SE050 port with support for RNG, SHA, AES, ECC (sign/verify/shared secret) and ED25519 2021-10-11 11:52:12 -07:00
Eric Blankenhorn 5e3f7d8778 Add return value checking for FREESCALE_RNGA (#4388) 2021-09-10 08:52:34 +10:00
John Safranek 18314e5a4f Merge pull request #4309 from dgarske/sniff_cleanups
Improved sniffer statistics and documentation
2021-08-18 16:03:38 -07:00
David Garske 9898b5d82b Various spelling fixes. 2021-08-16 16:31:18 -07:00
Daniele Lacamera 490eeb4003 Support for IoT-Safe with TLS demo 2021-08-16 13:13:30 -07:00
Sean Parkinson d1fb736136 Zephyr Project: update port to work with latest 2021-06-30 10:29:54 +10:00
Elms 3a885aba23 Refactor pointer manipulation to be independent of datatype width
Tested with `./configure CFLAGS="-DNO_64BIT" --disable-sha512
--disable-sha384 --enable-harden` on a 64-bit machine
2021-06-15 21:08:49 -07:00
David Garske 839231c508 Fixes for STM32 PKA compiler warnings. 2021-06-14 08:46:20 -07:00
David Garske c6c7dfd5db Merge pull request #4053 from SparkiDev/cppcheck_fixes_6
cppcheck: fixes from reviewing report
2021-06-09 12:51:30 -07:00
Juliusz Sosinowicz ceadb62d5b Add support for running wolfcrypt/test/testwolfcrypt on Dolphin emulator 2021-05-20 21:07:50 +02:00
Sean Parkinson 2c6285ccba cppcheck: fixes from reviewing report 2021-05-20 17:55:06 +10:00