Commit Graph

48 Commits

Author SHA1 Message Date
kaleb-himes d5f7beefd4 Address issues ID'd by new windows multi-config test 2022-05-09 16:50:56 -06:00
David Garske e91f0f173b Fixes for async disables around the DevCopy calls. ZD13824 2022-03-03 16:33:18 -08:00
Sean Parkinson b436262cdf ARMASM, SHA-3: fixup when not using crypto instructions 2022-02-09 09:36:00 +10:00
Sean Parkinson 0042a2594c SHA-3, ARM64: add assembly support for crypto instructions
Add ability to compile ARM assembly from inline C code.
2022-02-08 12:21:38 +10:00
Daniel Pouzzner 6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
2022-01-21 01:25:48 -06:00
Daniel Pouzzner 0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
David Garske a03ed32380 Support for Android KeyStore compatibility API's:
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
Elms ef33445316 Define gate fixes and sha3 64bit literal definitions
Found when supporting PPC750
2021-09-20 13:48:34 -07:00
Elms c9597ea735 sha3: align data for Sha3Update 2021-06-30 21:58:30 -07:00
Sean Parkinson ed14e593c7 ED25119 and SHAKE-256: fixes
SHAKE-256 is off by default now. Make sure WOLFSSL_SHAKE256 doesn't make
it into options.h.
Fix openssl.test usage of ed25519 certificates.
Add scripts that regenerate certificates
2021-06-11 10:13:31 +10:00
Sean Parkinson 1fbe0cb408 SHA-3: Aligned access of 64 bit value. 2021-04-30 08:45:05 +10:00
Sean Parkinson 1b832bf8fa SHA-3: Improve SHAKE256 change to support longer output
Added tests for 1 complete block output and longer from NIST's CAVP
tests vectors.
2021-03-26 14:59:12 +10:00
Andreas Steffen 6e383cf6cd Full implementation of SHAKE256
The current SHAKE256 implementation squeezes output bytes only up
to the rate limit of 136 bytes. This has been fixed to support
the output of an unlimited amount of bytes complying with the
NIST FIPS 202 standard.
2021-03-19 11:13:54 +01:00
toddouska 3ac03d3d66 Merge pull request #3805 from JacobBarthelmeh/copyright
update copyright date to 2021
2021-03-15 16:16:50 -07:00
Sean Parkinson a55e94cf6f ECCSI and SAKKE: add support
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
2021-03-12 09:31:22 +10:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
Daniel Pouzzner 3c2155f4a9 linuxkm WIP -- update for kernels 4.9.x (LTS representative) and 5.8.x (latest). 2020-09-23 18:32:15 -05:00
Tesfa Mael d5241bbcc6 Coverity fix 2020-06-02 15:35:27 -07:00
John Safranek bf680b4a92 Fix for QAT with Shake256. Fix for XFREE missing semicolon. 2020-04-21 10:38:27 -07:00
Sean Parkinson 2c6eb7cb39 Add Curve448, X448, Ed448 implementations 2020-02-28 09:30:45 +10:00
Chris Conlon 45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
Eric Blankenhorn b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
David Garske e298b3290d Fix to initialize hash flag. 2019-08-21 06:36:37 -07:00
David Garske 154930d128 Added support for older KECCAK256 used by Ethereum. Uses existing hash flag API's.
To use add build flag `CFLAGS="-DWOLFSSL_HASH_FLAGS"`.

Example:

```c
wc_Sha3_SetFlags(&sha, WC_HASH_SHA3_KECCAK256);
```
2019-08-20 16:14:37 -07:00
David Garske 5b21da4dc5 Fix for SHA-3 runtime detection for not supported in hardware using NOT_COMPILED_IN. 2019-03-28 17:52:08 -07:00
John Safranek 246c444b93 Updates for v4.0.0
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske 68c04a95e0 Refactor of the crypto callback return code for cases when unavailable to use new error code CRYPTOCB_UNAVAILABLE. Retains support for original NOT_COMPILED_IN error code. Added new CRYPTO_CB_VER define for helping applications handle/detect changes to crypto callback interface (currently no way to determine changes at build-time between release cycles). 2019-03-08 16:50:45 -08:00
David Garske dcdb1d7094 Added flag to indicate if hash is copied. 2019-02-12 16:03:10 -08:00
David Garske 838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
Jacob Barthelmeh 253915866d make build more modular 2019-01-18 16:25:24 -07:00
Jacob Barthelmeh f0a3045d62 af_alg sha3 addition
hardware acceleration with RSA

add AES-GCM hardware acceleration

refactor setting RSA IV flag

check and set AF_ALG flags

fix for default AF_ALG use

set buffer alignment with Xilinx RSA

macro guard after rebase

use ALIGN64

clean up test cases
2019-01-18 16:25:24 -07:00
David Garske ee45cfdbcb Refactor and rename of cryptodev to cryptocb. Refactor API names from wc_CryptoDev to use wc_CryptoCb. Backwards compatibility is retained for anyone using old WOLF_CRYPTO_DEV name. Added comment about fall-through case when CryptoCb return NOT_COMPILED_IN. 2019-01-17 11:01:14 -08:00
David Garske cbbe63ec62 Added QAT SHA3 support. Fix for SHA512/SHA384 with QAT and Intel ASM enabled. 2018-12-17 12:54:33 -08:00
John Safranek 90a5bde0f2 FIPS Revalidation
1. Update the const data and code segment tags for the Windown builds.
2018-05-16 15:47:12 -04:00
John Safranek f6fe3744a7 FIPS Update
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
2018-05-16 15:47:12 -04:00
John Safranek 6352208e04 FIPS Update
1. Add SHA-3 to the src/include.am so that it is always included in FIPSv2.
2. Tweak the SHA-3 header to follow the new FIPS pattern.
2018-05-16 15:47:12 -04:00
David Garske c83e63853d Refactor unqiue hash types to use same internal values (ex WC_MD5 == WC_HASH_TYPE_MD5). Refactor the Sha3 types to use wc_ naming. 2018-04-09 13:28:15 -07:00
toddouska 8e91d9ffd9 Merge pull request #1244 from SparkiDev/sha3_fast
SHA-3 fast code is smaller and a bit faster
2017-11-29 14:45:57 -08:00
Sean Parkinson 400d56a1a9 SHA-3 fast code is smaller and a bit faster 2017-11-21 12:22:08 +10:00
abrahamsonn f17470b42b Added more of the requested changes & made an attempt to remove merge conflicts 2017-11-14 15:05:32 -07:00
David Garske b8cc132e99 Added ability to force 32-bit mode using --enable-32bit. Added ability to disable all inline asembly using --disable-asm. Added check for __EMSCRIPTEN__ define in types.h to properly setup 64-bit type. Fixes for build combinations with SHA512 and CHACHA20. 2017-11-06 14:37:34 -08:00
David Garske 7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske 911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
toddouska 36c2ee92dc Merge pull request #1050 from JacobBarthelmeh/ARMv8
Xilinx port
2017-07-24 15:37:05 -07:00
Jacob Barthelmeh 59a46d08d9 Xilinx port 2017-07-21 17:39:47 -06:00
Sean Parkinson d6190507ac Big endian fix for SHA-3 2017-07-20 16:53:36 +10:00
Sean Parkinson 7ef5aeaf13 Fixes from review and tidy up code. 2017-05-25 09:09:50 +10:00
Sean Parkinson 4134073c8d Initial revision of SHA-3 2017-05-25 09:09:50 +10:00