Commit Graph

19966 Commits

Author SHA1 Message Date
Jacob Barthelmeh 327645ff2a add additional STM32 ECC sanity check to sign 2023-06-07 10:26:40 -07:00
Jacob Barthelmeh 2a0b244393 add sanity check on hash size with STM32 port 2023-06-07 10:26:40 -07:00
JacobBarthelmeh c040b4a339 Merge pull request #6478 from SparkiDev/kyber_fixes_1
Kyber: allow compilation with limited sizes with liboqs
2023-06-07 11:24:08 -06:00
JacobBarthelmeh 8583cc65fa Merge pull request #6471 from SparkiDev/tests_api_expect_3
Test api.c: change more tests to use Expect instead of Assert
2023-06-07 11:22:23 -06:00
JacobBarthelmeh 1445a6a832 Merge pull request #6482 from SparkiDev/regression_fixes_7
Regression testing fixes
2023-06-07 11:18:36 -06:00
JacobBarthelmeh 2b054e223b Merge pull request #6483 from SparkiDev/cppcheck_fixes_10
cppcheck: fixes from scan
2023-06-07 11:13:53 -06:00
Chris Conlon 0752a9e4f4 Merge pull request #6481 from miyazakh/fix_androidb_2
fix un-initialized var
2023-06-07 09:39:00 -06:00
Sean Parkinson ed01b14356 cppcheck: fixes from scan
wolfssl_sce_unit_test.c:
  sce_crypt_Sha_AesCbcGcm_multitest(): duplicate condition
ssl_asn1.c:
  wolfSSL_i2t_ASN1_OBJECT(): done is not needed
  MonthStr(): fix bounds check on i
woolfcrypt_test.c, test_main.c, wolfssl_tsip_unit_test.c, devices.c,
aes.c, des3.c:
  Variable not used.
asn.c:
DecodeSubjKeyId(): sz is unsigned - check for less than zero does
nothing
kcapi_rsa.c:
  KcapiRsa_Decrypt(): fix ret check by using else
  KcapiRsa_Encrypt(): make same change for consistency
kcapi_hash.c:
  KcapiHashFinal(): move ret into #ifdef where it is needed
stm32.c:
wc_Stm32_Hash_GetDigest(): i redeclared with different type - use ii
instead
bio.c, conf.c:
  XFREE checks for NULL

Reduce scope of varialbes.
Condition same.
2023-06-07 17:27:51 +10:00
John Safranek d67ce722ff Merge pull request #6476 from kareem-wolfssl/dtlsBlankCert
Send blank certificate message in DTLS when no client cert is loaded.
2023-06-06 22:43:01 -07:00
Sean Parkinson b07c5d7ce8 Regression testing fixes
Fix: ./configure --disable-shared  --enable-smallstack --enable-all
CFLAGS=-DNO_ASN_TIME

Don't compile mp_test when compiling for SP Math All and RSA
verification only - very few functions available.

ssl.c:
wolfSSL_Rehandshake(): wolfSSL_UseSessionTicket only available when
not NO_WOLFSSL_CLIENT
api.c:
  test_wolfSSL_ticket_keys(): meant to be tested on server
2023-06-07 14:26:45 +10:00
Sean Parkinson e542e51d9f Test api.c: change more tests to use Expect instead of Assert
bio.c:
  wolfSSL_BIO_push(): handles NULL for top and append.

crl.c:
InitCRL_Entry(): set toBeSigned to NULL after freeing when allocation
fails.
  AddCRL(): free CRL entry properly on error.
wolfSSL_X509_STORE_add_crl(): check for NULL after
wolfSSL_X509_crl_new call.

ssl.c:
wolfSSL_CertManagerGetCerts(): free the certificate if it didn't get
pushed onto stack
  wolfSSL_RAND_Init(): returns success if global already initialized.

ssl_asn1.c: wolfSSL_ASN1_TYPE_set now avaiable when OPENSSL_EXTRA
defined for function wolfssl_dns_entry_othername_to_gn().

x509.c:
Added support for creating a valid General Name of type GEN_OTHERNAME.
Extracted some code out into wolfssl_x509_alt_names_to_gn().
  wolfSSL_X509_set_ext(): free data correctly on errors
wolfSSL_X509_PUBKEY_set(): free str if DSA parameters cannot be
retrieved; wolfSSL_OBJ_nid2obj() called separately to handle when
returning NULL.
wolfSSL_X509_NAME_copy(): check for failure when
wolfSSL_X509_NAME_add_entry() is called.

x509_str.c:
wolfSSL_X509_STORE_CTX_new(): check for error from calling
wolfSSL_X509_STORE_CTX_init().
wolfSSL_X509_STORE_get0_objects(): don't double free x509; free memory
correctly on error
2023-06-07 14:10:42 +10:00
Hideki Miyazaki 5624df95b5 fix uninit var 2023-06-07 07:43:02 +09:00
JacobBarthelmeh ee289fdf89 Merge pull request #6429 from embhorn/zd16184
Allow wolfSSL_RAND_Init to pass if already initialized
2023-06-06 16:23:42 -06:00
JacobBarthelmeh 8390ab5847 Merge pull request #6480 from lealem47/xcode
XCODE project: install all headers
2023-06-06 16:19:21 -06:00
Sean Parkinson cac42db53c Merge pull request #6468 from philljj/zd16236
Fix fastmath and heapmath invmod to be consistent with sp-math.
2023-06-07 07:47:41 +10:00
JacobBarthelmeh f42d57df87 Merge pull request #6472 from kaleb-himes/ZD16185-Doc-Update-Request
Update error return(s) for wc_RsaPSS_Verify
2023-06-06 15:16:40 -06:00
Lealem Amedie 9bb2ae4884 XCODE project: install all headers 2023-06-06 13:34:22 -06:00
Daniel Pouzzner 3b48bc97ed Merge pull request #6381 from SparkiDev/type_conversion_fixes_1
Fix type conversion warnings by gcc
2023-06-06 11:25:31 -05:00
Sean Parkinson 9ca9c2ba6f Kyber: allow compilation with limited sizes with liboqs 2023-06-06 14:26:06 +10:00
Sean Parkinson 3230d27700 Merge pull request #6436 from lealem47/sanitizer
Miscellaneous fixes for sanitizer
2023-06-06 11:55:52 +10:00
Lealem Amedie 32976d379f Fix formatting 2023-06-05 16:47:11 -06:00
Sean Parkinson c0e2752000 Merge pull request #6475 from rizlik/fix_dtls_nogroups_nocerts
fix: add guards to compile w !HAVE_SUPPORTED_CURVES && NO_CERTS
2023-06-06 07:55:08 +10:00
Kareem ebac138e77 Send blank certificate message in DTLS when no client cert is loaded. 2023-06-05 10:49:42 -07:00
Marco Oliverio e53453a7ed fix: add guards to compile w !HAVE_SUPPORTED_CURVES && NO_CERTS
This configuration can be used to build a static PSK only build
2023-06-05 16:13:11 +00:00
kaleb-himes 6d85d09b0b Update error return(s) for wc_RsaPSS_Verify 2023-06-05 09:22:08 -06:00
Sean Parkinson ccd404e13d Merge pull request #6470 from douzzer/20230603-unittest-maybe-uninited
20230603-unittest-maybe-uninited
2023-06-05 08:11:52 +10:00
Daniel Pouzzner 6c4cc2a931 tests/api.c: fix a likely-spurious maybe-uninitialized from gcc-11 -m32 (all-sp-m32) in test_wolfSSL_PEM_PrivateKey(). 2023-06-03 10:41:15 -05:00
jordan db28d38ea3 Fix fastmath and heapmath invmod to be consistent with sp-math. 2023-06-02 22:11:44 -05:00
JacobBarthelmeh 37aada0313 Merge pull request #6465 from lealem47/zd162152
Read and assign err return val from _sp_mulmod_tmp
2023-06-02 11:45:27 -06:00
JacobBarthelmeh 3ee31dca6b Merge pull request #6464 from douzzer/20230602-analyzer-guided-fixes
20230602-analyzer-guided-fixes
2023-06-02 11:31:26 -06:00
Lealem Amedie eaf27b1945 Read and assign err return val from _sp_mulmod_tmp 2023-06-02 10:09:12 -06:00
Daniel Pouzzner 291be53524 tests/api.c: fixes for clang-diagnostic-embedded-directive (also warned by gcc), clang-analyzer-core.UndefinedBinaryOperatorResult, and clang-analyzer-deadcode.DeadStores. 2023-06-02 11:06:16 -05:00
JacobBarthelmeh bb78e1c7d8 Merge pull request #6462 from douzzer/20230601-fix-fips-XASM_LINK
20230601-fix-fips-XASM_LINK
2023-06-01 14:00:01 -06:00
JacobBarthelmeh 35e59a3569 Merge pull request #6456 from SparkiDev/tests_api_expect_2
Test api.c: change more tests to use Expect instead of Assert
2023-06-01 10:29:52 -06:00
Daniel Pouzzner a435302415 wolfssl/wolfcrypt/types.h: conditionalize XASM_LINK() definition on !FIPS_VERSION_LT(5,3) and !WOLFSSL_NO_ASM. 2023-06-01 11:12:27 -05:00
Chris Conlon 806c75d28b Merge pull request #6450 from miyazakh/fix_jenkins_android
fix to cast diff type, int and uint
2023-06-01 08:33:02 -06:00
Sean Parkinson 7259351a3f Test api.c: change more tests to use Expect instead of Assert
Added a new version of 'nofail' handshaking that doesn't use threads.
More tests can be run in single threaded.

Changed tests over to use test_wolfSSL_client_server_nofail() or
test_wolfSSL_client_server_nofail_memio() to simplfy test cases.

Changed tests to use Expect.

CRL:
BufferLoadCRL wasn't freeing allocated data when currentEntry
couldn't be allocated.

ssl.c:
DecodeToX509(): Needs to call FreeDecodedCert even if
ParseCertRelative fails.
wolfSSL_PEM_read_PUBKEY(): Need to check result of
wolfSSL_d2i_PUBKEY is NULL rather than the passed in WOLFSSL_EVP_PKEY.

X509:
wolfSSL_X509_set_ext(): Must free allocated WOLFSSL_X509_EXTENSION
if not pushed on to stack regardless of stack being NULL.
wolfSSL_X509V3_EXT_i2d(): Don't free asn1str on error as it is the
data passed in.
wolfSSL_i2d_X509_NAME_canon(): free names and cano_data when call to
wolfSSL_ASN1_STRING_canon() fails.

PKCS7:
    wc_PKCS7_InitWithCert(): Check memory allocation of cert for NULL.
2023-06-01 14:22:00 +10:00
Sean Parkinson b62e0b7ceb Fix type conversion warnings by gcc 2023-06-01 14:21:41 +10:00
Sean Parkinson 5ffee2dbe1 Merge pull request #6459 from douzzer/20230531-analyzer-guided-fixes
20230531-analyzer-guided-fixes
2023-06-01 10:55:48 +10:00
Daniel Pouzzner c45efd79af api.c: fix 3 missed EXPECT_RESULT() == WOLFSSL_SUCCESSes to use the succincter EXPECT_SUCCESS(). 2023-05-31 18:26:27 -05:00
JacobBarthelmeh 42a5d0320b Merge pull request #6445 from jpbland1/dsa_ex
add ex functions to use other digest algorithms with DSA
2023-05-31 14:50:05 -06:00
Daniel Pouzzner 59a7c0d7e4 move definitions of XASM_LINK() from wolfcrypt/src/aes.c, wolfcrypt/src/asm.c, and wolfcrypt/src/cpuid.c, to wolfssl/wolfcrypt/types.h, and use __asm__() instead of asm() if __GNUC__, for compatibility with -std=c99. 2023-05-31 15:48:52 -05:00
Daniel Pouzzner 64c9026c77 wolfssl/wolfcrypt/types.h: add PRAGMA_DIAG_PUSH, PRAGMA(), and PRAGMA_DIAG_POP(), using the gcc or clang variants as applicable, to facilitate pragmas to be used on both gcc and clang;
tests/unit.h: fix ExpectPtr() to inhibit pedantic warnings on both gcc and clang;

wolfssl/test.h: in myVerify(), explicitly check for nullness when printing issuer/subject, to avoid cppcheck null-deref warning;

tests/api.c: fixes for:

* myriad "embedding a directive within macro arguments is not portable"
* an "ISO C forbids conversion of object pointer to function pointer type"
* some "stringop-overflow"s
* a clang-analyzer-core.uninitialized.Assign
* a clang-analyzer-core.CallAndMessage "2nd function call argument is an uninitialized value"
* a nullPointerRedundantCheck
* several clang-diagnostic-declaration-after-statement
* a spurious gcc sanitizer maybe-uninitialized in test_wolfSSL_CheckOCSPResponse()
2023-05-31 15:19:15 -05:00
Daniel Pouzzner 109a17f3bd wolfcrypt/src/memory.c: restore required linuxkm #define WOLFSSL_NEED_LINUX_CURRENT 2023-05-31 15:17:01 -05:00
JacobBarthelmeh 80311975ce Merge pull request #6452 from anhu/no_rsa_sigalgs
For NO_RSA, don't advertise support for RSA.
2023-05-31 13:41:56 -06:00
Hideki Miyazaki 554e6472b5 addressed review comments 2023-05-31 06:54:14 +09:00
JacobBarthelmeh 5604033902 Merge pull request #6453 from kaleb-himes/OE52_OE54_CHECKIN
Checkin STARCORE project OE52_OE54_ACVP effort
2023-05-30 14:43:25 -06:00
JacobBarthelmeh ca2ca4f739 Merge pull request #6454 from philljj/spelling_cleanup
Used codespell and fixed obvious typos in src and wolfssl.
2023-05-30 14:42:04 -06:00
Chris Conlon 769c488d18 Merge pull request #6444 from night1rider/wolfssl-Onboarding
added test case for wolfSSL_configure_args
2023-05-30 13:03:05 -06:00
jordan 1bdd1cb157 Used codespell and fixed obvious typos in src and wolfssl. 2023-05-30 11:36:43 -05:00