Commit Graph

156 Commits

Author SHA1 Message Date
Daniel Pouzzner b8f9b06b5d wolfcrypt/src/logging.c: fix recursion in wc_backtrace_render(). 2026-03-22 13:22:27 -05:00
Daniel Pouzzner ba743ccd5b wolfcrypt/src/logging.c, wolfssl/wolfcrypt/error-crypt.h, and wolfssl/wolfcrypt/logging.h: implement WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE, wc_debug_trace_error_codes_enabled(), and wc_debug_trace_error_codes_set(), to allow runtime control of error tracing. 2026-03-20 14:53:05 -05:00
JacobBarthelmeh a156ed7bc7 update Copyright year 2026-02-18 09:52:21 -07:00
jordan e4996c317e bsdkm: fips support. 2025-12-28 10:16:53 -06:00
effbiae 7a3db09ddd automated small stack compress 2025-10-11 11:40:30 +11:00
effbiae 44c403f4c7 replace (f)printf with WOLFSSL_DEBUG_PRINTF 2025-08-29 12:34:22 +10:00
Alex Lanzano 8207053636 Fix value comparison typo in if statement 2025-08-25 13:56:35 -04:00
Daniel Pouzzner 2d1c797b64 fixes from cppcheck-force-source: in src/bio.c:wolfSSL_BIO_vprintf() and
wolfcrypt/src/logging.c:WOLFSSL_MSG_CERT_EX(), add missing gating on
  defined(XVSNPRINTF);

in src/crl.c:CRL_Entry_new(), fix true-positive nullPointerRedundantCheck;

in src/pk.c:_DH_compute_key(), add bounds checking to ForceZero(priv).
2025-08-11 18:12:44 -05:00
Daniel Pouzzner 260fca600a Merge pull request #8902 from gojimmypi/pr-cert-logging
Introduce WOLFSSL_DEBUG_CERTS Certificate Debug Messages
2025-08-08 23:44:03 -05:00
Josh Holtrop 61f1223f1d Fix inconsistent function prototype parameter names for wolfcrypt 2025-08-07 08:02:56 -04:00
gojimmypi d64ef34ef8 Introduce WOLFSSL_DEBUG_CERTS Certificate Debug Messages 2025-08-06 13:57:53 -07:00
David Garske 2db1669713 Merge pull request #8988 from JacobBarthelmeh/visibility
remove WOLFSSL_API in source code when already used in header file
2025-07-24 11:00:55 -07:00
JacobBarthelmeh 01cd91cbea removing more locations of WOLFSSL_API used with function implementations 2025-07-10 16:44:28 -06:00
JacobBarthelmeh 629c5b4cf6 updating license from GPLv2 to GPLv3 2025-07-10 16:11:36 -06:00
Daniel Pouzzner 8035667d9b wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add WOLFSSL_DEBUG_PRINTF_FN and WOLFSSL_DEBUG_PRINTF_FIRST_ARGS, and update refactored wolfssl_log(), for C89 compat. 2025-05-14 03:21:28 -05:00
Daniel Pouzzner 55460a5261 wolfssl/wolfcrypt/logging.h and wolfcrypt/src/logging.c: add
WOLFSSL_DEBUG_PRINTF() macro adapted from wolfssl_log(), refactor
  wolfssl_log() to use it, and move printf setup includes/prototypes from
  logging.c to logging.h;

src/ssl_load.c: add source_name arg and WOLFSSL_DEBUG_CERTIFICATE_LOADS clauses
  to ProcessBuffer() and ProcessChainBuffer(), and pass reasonable values from
  callers;

remove expired "Baltimore CyberTrust Root" from certs/external/ca_collection.pem
  and certs/external/baltimore-cybertrust-root.pem.
2025-05-13 20:30:48 -05:00
David Garske 75501fd728 Merge pull request #8662 from douzzer/20250411-more-libwolfssl_sources_h
20250411-more-libwolfssl_sources_h
2025-04-11 13:39:06 -07:00
Daniel Pouzzner ed5d8f8e6b update several files in wolfcrypt/src/port/arm to include libwolfssl_sources.h;
update wolfcrypt/src/port/af_alg, wolfcrypt/src/port/devcrypto, and wolfcrypt/src/port/kcapi to include libwolfssl_sources.h;

remove a slew of includes across lib sources made redundant by libwolfssl_sources.h.
2025-04-11 13:57:23 -05:00
David Garske fb4970b7e0 Fix debug logs (disabled in PR #8616) 2025-04-11 11:19:24 -07:00
Juliusz Sosinowicz 7cbc71b024 Refactor *_push and *_pop compat API 2025-04-09 14:40:00 +02:00
Daniel Pouzzner c401f5caf2 move the newly added wolfcrypt/src/wolfssl_sources.h to wolfssl/wolfcrypt/libwolfssl_sources.h, and likewise for wolfssl_sources_asm.h; revert changes to IDE/ project files. 2025-04-04 18:44:12 -05:00
Daniel Pouzzner 217440c885 Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h,
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
  sources to include them at the top.

  wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
  conditionally, config.h.  settings.h and wc_port.h are unconditionally
  included at the top of types.h.

  wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.

Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
  files.

Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
  wolfssl/wolfcrypt/settings.h to allow coverage testing.

In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
  them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.

Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.

Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
  for clarity.
2025-04-04 16:51:04 -05:00
Reda Chouk 9178c53f79 Fix: Address and clean up code conversion in various files. 2025-02-25 11:17:58 +01:00
JacobBarthelmeh 2c24291ed5 update copyright date 2025-01-21 09:55:03 -07:00
Daniel Pouzzner 05c4955316 linuxkm: add support for WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES using dump_stack(). 2024-08-20 23:36:07 -05:00
Daniel Pouzzner 24e34aa41a wolfcrypt/src/logging.c: in WOLFSSL_BUFFER(), on averted overrun, log a buffer error rather than silently failing; in wc_backtrace_render(), fix !WOLFSSL_MUTEX_INITIALIZER race mitigation code. 2024-08-08 10:49:05 -05:00
Daniel Pouzzner 763ced668e fixes for defects identified by cppcheck and clang-tidy on --enable-debug builds: null deref in tests/api.c:load_pem_key_file_as_der(), redundant declarations in wolfcrypt/benchmark/benchmark.c, and numerous unchecked XSNPRINTF()s in wolfcrypt/src/logging.c and src/internal.c. 2024-08-08 09:00:42 -05:00
Daniel Pouzzner 5f6067c3e1 add --enable-debug-trace-errcodes=backtrace.
* uses libbacktrace to enhance existing "ERR TRACE" messages with backtraces, rendered in same format as the sanitizers.
* adds wc_backtrace_render() and some related callbacks to wolfcrypt/src/logging.c.
* adds an overrideable WOLFSSL_DEBUG_BACKTRACE_RENDER_CLAUSE to the WC_ERR_TRACE() mechanism in wolfssl/wolfcrypt/error-crypt.h.
2024-08-08 09:00:42 -05:00
JacobBarthelmeh 31a6a2bf59 update copyright to 2024 2024-07-19 13:15:05 -06:00
Daniel Pouzzner 187dbd9974 wolfcrypt/src/logging.c: address peer review for PR #7647. 2024-06-17 23:37:13 -05:00
Daniel Pouzzner 2c69e4a56b add --debug-code-points and WOLFSSL_DEBUG_CODEPOINTS,
add file_name and line_number args to wolfssl_log(),

and inside WOLFSSL_DEBUG_CODEPOINTS gates,

add WOLFSSL_MSG_EX2(), WOLFSSL_MSG2(), WOLFSSL_ENTER2(), and WOLFSSL_LEAVE2(), each with file and line args,

and add wrapper macros for WOLFSSL_MSG, WOLFSSL_MSG_EX, WOLFSSL_ENTER, and WOLFSSL_LEAVE, that pass in file and line.
2024-06-15 00:54:39 -05:00
Daniel Pouzzner b3e8f0ad24 add --enable-debug-trace-errcodes, WOLFSSL_DEBUG_TRACE_ERROR_CODES, WC_ERR_TRACE(), WC_NO_ERR_TRACE(), support/gen-debug-trace-error-codes.sh. also add numerous deployments of WC_NO_ERR_TRACE() to inhibit frivolous/misleading errcode traces when -DWOLFSSL_DEBUG_TRACE_ERROR_CODES. 2024-06-08 16:39:53 -05:00
gojimmypi e40eb3c774 Update Arduino examples; add wolfcrypt breadcrumbs. 2024-03-06 15:13:37 -08:00
Daniel Pouzzner dfbde4514b global refactor of static mutex initialization to use WOLFSSL_MUTEX_INITIALIZER, and adjustment of WOLFSSL_MUTEX_INITIALIZER macro to take an argument, for Linux kernel compatibility. 2024-02-29 02:11:32 -06:00
JacobBarthelmeh 12ee732fe2 Merge pull request #6981 from douzzer/20231102-vector-register-dynamic-fallback-aes
20231102-vector-register-dynamic-fallback-aes
2023-11-28 13:15:02 -07:00
Kareem ca61034d22 Add memcached support.
memcached support: add required functions/defines.

Fix running unit test when defining DEBUG_WOLFSSL_VERBOSE without OPENSSL_EXTRA.

Break out session_id_context APIs into separate option WOLFSSL_SESSION_ID_CTX, so they can be used without OPENSSL_EXTRA.

Make wolfSSL_ERR_get_error and wolfSSL_CTX_set_mode available for memcached.

Add --enable-memcached.

Include required defines for memcached.

Revert unit test fix, no longer needed.

Add Github actions test for memcached.  Stop defining DEBUG_WOLFSSL_VERBOSE for memcached.

Add auto retry to writes.

Memcached CI: correct libevent package name.

Memcached CI: Add pkgconfig path for Github CI wolfSSL prefix.

memcached: Fix WOLFSSL_OP_NO_RENEGOTIATION going outside of int bounds, add LD_LIBRARY_PATH for memcached CI test.

memcached CI: Use correct path for wolfSSL

memcached: Add required perl dependency for SSL tests

memcached: Update to 1.6.22

memcached: actually test tls

memcached: Update wolfSSL_SSL_in_before to be side agnostic.
2023-11-20 10:10:34 -07:00
Daniel Pouzzner a10260ca5f refactor AESNI implementations and *VECTOR_REGISTERS* macros to allow dynamic as-needed fallback to pure C, via WC_AES_C_DYNAMIC_FALLBACK.
wolfssl/wolfcrypt/aes.h: add key_C_fallback[] to struct Aes, and remove comment that "AESNI needs key first, rounds 2nd, not sure why yet" now that AES_128_Key_Expansion_AESNI no longer writes rounds after the expanded key.

wolfcrypt/src/aes.c:
* add _AESNI or _aesni suffixes/infixes to AESNI implementations that were missing them: AES_CBC_encrypt(), AES_CBC_decrypt_by*(), AES_ECB_encrypt(), AES_*_Key_Expansion(), AES_set_encrypt_key(), AES_set_decrypt_key(), AES_GCM_encrypt(), AES_GCM_decrypt(), AES_XTS_encrypt(), and AES_XTS_decrypt().
* move key size check from to start of wc_AesSetKeyLocal().
* refactor pure-C AES setkey and cipher implementations to use aes->key_C_fallback when defined(WC_AES_C_DYNAMIC_FALLBACK).
* refactor wc_AesSetKeyLocal() to set up both AESNI and pure-C expanded keys when defined(WC_AES_C_DYNAMIC_FALLBACK).
* refactor all (haveAESNI && aes->use_aesni) conditions to just (aes->use_aesni).
* add macros VECTOR_REGISTERS_PUSH and VECTOR_REGISTERS_POP, which do nothing but push a brace level when !defined(WC_AES_C_DYNAMIC_FALLBACK), but when defined(WC_AES_C_DYNAMIC_FALLBACK), they call SAVE_VECTOR_REGISTERS2() and on failure, temporarily clear aes->use_aesni and restore at _POP().
* refactor all invocations of SAVE_VECTOR_REGISTERS() and RESTORE_VECTOR_REGISTERS() to VECTOR_REGISTERS_PUSH and VECTOR_REGISTERS_POP, except in wc_AesSetKeyLocal(), wc_AesXtsEncrypt(), and wc_AesXtsDecrypt(), which are refactored to use SAVE_VECTOR_REGISTERS2(), with graceful failure concealment if defined(WC_AES_C_DYNAMIC_FALLBACK).
* orthogonalize cleanup code in wc_AesCbcEncrypt(),  wc_AesCcmEncrypt() and wc_AesCcmDecrypt().
* streamline fallthrough software definitions of wc_AesEncryptDirect() and wc_AesDecryptDirect(), and remove special-casing for defined(WOLFSSL_LINUXKM)&&defined(WOLFSSL_AESNI).

wolfcrypt/src/aes_asm.{S,asm}:
* remove errant "movl $10, 240(%rsi)" from AES_128_Key_Expansion_AESNI.
* add _AESNI suffixes/infixes to implementations that needed them.

wolfcrypt/src/{aes_gcm_asm.{S,asm},aes_xts_asm.S}: regenerate from revisions in scripts#357 -- adds _aesni suffixes to implementations that were missing them.

wolfssl/wolfcrypt/types.h: remove DEBUG_VECTOR_REGISTER_ACCESS macros, and add dummy fallthrough definitions for SAVE_VECTOR_REGISTERS2 and WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL.

wolfssl/wolfcrypt/memory.h: adopt DEBUG_VECTOR_REGISTER_ACCESS code from types.h, and add definitions for WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL and WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL.

linuxkm/linuxkm_wc_port.h: add arch-specific macro definitions for SAVE_VECTOR_REGISTERS2().

wolfcrypt/benchmark/benchmark.c: add missing gates around calls to RESTORE_VECTOR_REGISTERS().

configure.ac:
* cover various interdependencies in enable-all/enable-all-crypto, for better behavior in combination with --disable-aesgcm, --disable-ecc, --disable-ocsp, --disable-hmac, --disable-chacha, --disable-ed25519, and --disable-ed448.
* inhibit aesgcm_stream in enable-all/enable-all-crypto when ENABLED_LINUXKM_DEFAULTS, because it is currently incompatible with WC_AES_C_DYNAMIC_FALLBACK.
* add -DWC_AES_C_DYNAMIC_FALLBACK when ENABLED_LINUXKM_DEFAULTS.
* add 3 new interdependency checks: "ECCSI requires ECC.", "SAKKE requires ECC.", "WOLFSSH requires HMAC."

wolfcrypt/src/asn.c: tweak gating to accommodate defined(NO_RSA) && !defined(HAVE_ECC).

wolfcrypt/src/evp.c: tweak gating to accommodate defined(NO_HMAC).

wolfcrypt/src/logging.c: remove DEBUG_VECTOR_REGISTER_ACCESS code (moved to memory.c).

wolfcrypt/src/memory.c: change #include of settings.h to types.h; adopt DEBUG_VECTOR_REGISTER_ACCESS code from logging.c; add implementation of SAVE_VECTOR_REGISTERS2_fuzzer().

wolfcrypt/src/pwdbased.c: add explanatory #error scrypt requires HMAC.

wolfcrypt/test/test.c:
* add DEBUG_VECTOR_REGISTER_ACCESS clauses to aes_xts_128_test(), aesecb_test(), aesctr_test(), aes_test() CBC section, aes256_test() CBC section, and aesgcm_default_test_helper()
* remove duplicate wc_AesEcbDecrypt() in aesecb_test().
* add gating for pbkdf2_test().
* fix cleanup code in dsa_test().
* fix gating in pkcs7authenveloped_run_vectors() to accommodate !defined(HAVE_AESGCM).
* fix gating in cryptocb_test() to accommodate defined(NO_HMAC).

wolfssl/wolfcrypt/cryptocb.h: remove gates around "pk" sub-struct of struct wc_CryptoInfo -- wc_CryptoInfo.pk.type (an int) is used unconditionally when --enable-debug, and is used with DH.

wolfssl/wolfcrypt/error-crypt.h: fix whitespace.
2023-11-17 01:15:28 -06:00
Juliusz Sosinowicz 158402ab03 Add logging prefixes to api.c client and server 2023-08-03 11:31:47 +02:00
JacobBarthelmeh 1285ae7816 Merge pull request #6506 from DimitriPapadopoulos/codespell
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
Sean Parkinson 2c9609039d Type conversion fixes: make explicit
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
Juliusz Sosinowicz 7af1f0cf05 Add additional windows logging for DoMonitor 2023-07-04 14:12:38 +02:00
Dimitri Papadopoulos 50752f5a2b Fix typos found by codespell 2023-07-04 07:21:27 +02:00
Kareem f6cdcfcf9f Fix wc_PeekErrorNodeLineData not unlocking error queue on error. 2023-04-28 16:35:49 -07:00
Sean Parkinson 8851065848 cppcheck fixes
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
Eric Blankenhorn 7c918255b9 Fix type conv error in logging 2023-03-15 07:46:22 -05:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
David Garske 793bd6620b Fix unicode char in logging.c. 2022-12-09 10:36:35 -08:00
Stefan Eissing 02094ebb2e Updates after review by JacobBarthelmeh.
- fix err/ret rename leftover for python builds
- add documenetation to thread-local functions
- move generic queue functions up
2022-12-08 09:53:05 +01:00
Stefan Eissing 45f9ef5dd9 Improvements in OpenSSL Compat ERR Queue handling.
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
  be used as before to explicitly en-/disable the feature.

Implementation:
- with thread-local-storage, error queue is realized in one struct without
  allocations. Queue size is restricted to 16 entries (per thread), which
  is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
  functions to allow locked queue iterations/manipulations.
2022-12-07 18:14:45 +01:00
Daniel Pouzzner 466b625b5d wolfcrypt/src/logging.c: add missing void arg list to definition of wc_GetCurrentIdx(). 2022-11-24 09:32:58 -06:00