wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-29 23:42:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,198 Commits 12 Branches 184 Tags
4f9d0b7ea765dfe6a540a6810ef8a2a9130b9c81
Commit Graph

5233 Commits

Author SHA1 Message Date
Daniel Pouzzner
bfada558bd remove extraneous build gates and fix whitespace justification in a comment (peer review re PR #4772). 2022-01-21 01:26:44 -06:00
Daniel Pouzzner
386aac9694 AES-SIV: 
in configure.ac, enable SIV only if !ENABLED_FIPS or if building FIPS v5-dev;

in cmac.{c,h}, remove !HAVE_FIPS gating on ShiftAndXorRb().
 2022-01-21 01:26:33 -06:00
Daniel Pouzzner
5e33da8147 fix whitespace. 2022-01-21 01:25:48 -06:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
David Garske
d728a7f0e6 Merge pull request #4777 from SparkiDev/sp_modinv_even_fix 
SP int: fix rework of sp_invmod
 2022-01-19 20:32:48 -08:00
David Garske
95efdccd7f Merge pull request #4751 from SparkiDev/sp_int_thumb_asm 
SP int: ARM Thumb asm snippets
 2022-01-19 18:52:02 -08:00
David Garske
609d6442b1 Merge pull request #4753 from SparkiDev/siphash 
Add SipHash algorithm
 2022-01-19 18:51:44 -08:00
Sean Parkinson
b767857abb SP int: fix rework of sp_invmod 
Simplify code and check for m mod a == 0 which means there is no
inverse.
 2022-01-20 10:37:31 +10:00
Sean Parkinson
a6485a228d Add SipHash algorithm 2022-01-20 09:41:18 +10:00
Sean Parkinson
a1185adf2c SP int: ARM Thumb asm snippets 2022-01-20 09:16:45 +10:00
Hayden Roche
62b07d8806 Add AES-SIV (RFC 5297). 
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
 2022-01-19 14:32:33 -08:00
David Garske
7adbf59f22 Merge pull request #4767 from anhu/kill_hc128 
Get rid of HC-128
 2022-01-19 12:20:18 -08:00
David Garske
c5d3581ac2 Merge pull request #4771 from SparkiDev/sp_c_mont_red 
SP C: fix corner case of P256 and P384 mont red
 2022-01-19 11:32:49 -08:00
Sean Parkinson
c06ba390cd SP C: fix corner case of P256 and P384 mont red 2022-01-19 14:22:04 +10:00
Daniel Pouzzner
2984cb5abf Merge pull request #4768 from SparkiDev/sp_invmod_nr 
SP math: sp_invmod changed to not call itself
 2022-01-18 16:20:37 -06:00
David Garske
65d1d32972 Merge pull request #4769 from SparkiDev/sp_mont_red_neg 
SP math neg: Mont Reduce fix
 2022-01-18 14:12:09 -08:00
Sean Parkinson
e745de657f Merge pull request #4761 from haydenroche5/time_cb 
Add time callback functionality.
 2022-01-18 16:49:19 +10:00
Sean Parkinson
53a4903e2f SP math neg: Mont Reduce fix 
Compare the absolute value for negatives.
 2022-01-18 16:22:38 +10:00
JacobBarthelmeh
e11d484746 Merge pull request #4752 from LinuxJedi/fix-ber-der 
Fix buffer overflows in BERtoDER
 2022-01-17 21:05:39 -07:00
Hayden Roche
1b0926a3b8 Add time callback functionality. 
This commit adds `wolfSSL_SetTimeCb` and `wolfSSL_time`. The former allows the
user to override the function wolfSSL uses to get the current time,
`wolfSSL_time`. If set, `wolfSSL_time` uses that function. If not set,
`wolfSSL_time` uses the `XTIME` macro by default. This functionality is needed
for the port of chrony to wolfSSL. chrony is an NTP implementation that uses
GnuTLS by default. For TLS, chrony uses the time it computes in place of the
default system time function.
 2022-01-17 17:49:51 -08:00
Sean Parkinson
fc861f3d6d SP math: sp_invmod changed to not call itself 
When the modulus is even, calculate m^-1 mod a instead and fixup after.
Don't call self to do inverse.
 2022-01-18 10:45:57 +10:00
Anthony Hu
c2860cb311 Get rid of HC-128 2022-01-17 18:11:54 -05:00
David Garske
ec44747029 Merge pull request #4764 from SparkiDev/evp_cbn_casecmp 
wolfSSL_EVP_get_cipherbyname: case compare
 2022-01-17 14:11:07 -08:00
David Garske
d38c5003d0 Merge pull request #4762 from ejohnstown/old-gcc 
Old Compiler Warning Cleanup (GCC 4.0.2)
 2022-01-17 09:44:44 -08:00
Chris Conlon
989a4f096e Merge pull request #4728 from miyazakh/sce_aes128_cryonly 2022-01-17 10:28:57 -07:00
Sean Parkinson
1b5d0c75b8 wolfSSL_EVP_get_cipherbyname: case compare 
Accept any case alternatives to name or alias.
Remove case only different aliases.
Tidy up formatting in function.
 2022-01-17 09:39:16 +10:00
John Safranek
815527be6b Merge pull request #4745 from SparkiDev/m1_sha512 
Aarch64 SHA512: fixup to work on Apple M1
 2022-01-16 15:29:01 -08:00
John Safranek
001469589b Old Compiler Warning Cleanup (GCC 4.0.2) 
Fixed a lot of shadowed global values. Some were prototype and function
declaration parameter name conflicts. Some conflicted with typenames.
Some conflicted with globals in libc.
 2022-01-14 17:43:21 -08:00
John Safranek
5ddf4392df Old Compiler Warning Cleanup (GCC 4.0.2) 
pwdbased.c: Simplified some arithmetic to fix a variable promotion
warning.
 2022-01-14 17:36:12 -08:00
John Safranek
2cf21a3f69 Old Compiler Warning Cleanup (GCC 4.0.2) 
ecc.c,api.c: Initialize some variables to fix warning for possible
uninitialized variable use.
 2022-01-14 17:33:49 -08:00
John Safranek
e724622506 Old Compiler Warning Cleanup (GCC 4.0.2) 
ge_operations.c: Added the keyword `inline` to several function
prototypes for functions declared `inline`.
 2022-01-14 17:19:01 -08:00
Andrew Hutchings
1a4bc322f7 Fix buffer overflow in PKCS7_VerifySignedData 
wc_PKCS7_AddDataToStream() was called the first time prior to BERtoDER
conversion, subsequent times afterwards which meant the stream idx
pointer was incorrect. This patch restarts the stream after conversion.

Fixes ZD13476
 2022-01-13 14:49:31 +00:00
Andrew Hutchings
92d01611ff Fix buffer overflow in GetOID 
When converting BER to DER we switched the pointer for pkiMsg to the DER
but not the size which could cause buffer overflow.

Fixes ZD13471
 2022-01-13 13:26:32 +00:00
Sean Parkinson
0acf8d0e75 Merge pull request #4732 from embhorn/zd13375 
SP int, TFM: Init vars for static analysis
 2022-01-13 07:06:19 +10:00
Sean Parkinson
3ddfb0f189 Aarch64 SHA512: fixup to work on Apple M1 
Directive needed on Apple to indicate SHA3 extensions available.
Fixup C file as well - remove unused constants not avaiable and
prototype function that is extern elsewhere.
 2022-01-12 12:56:39 +10:00
David Garske
abc9b7197d Merge pull request #4676 from ThalesGroup/iotsafe-hkdf-extract 
Iotsafe hkdf extract
 2022-01-11 07:37:30 -08:00
Hideki Miyazaki
f0f65f41b7 addressed review comments 2022-01-11 19:53:54 +09:00
Sean Parkinson
c7b0b7003e Merge pull request #4700 from dgarske/pkcs11_id 
Improved the PKCS11 init to support slotId or tokenName
 2022-01-11 14:25:37 +10:00
Saksik Remy
30777bb5ee nit minor changes 2022-01-11 10:08:52 +08:00
David Garske
9a4981a5a8 Improved the PKCS11 init to support slotId or tokenName. Adds new wc_Pkcs11Token_InitName and alters existing wc_Pkcs11Token_Init to allow NULL tokenName. ZD13348 2022-01-10 16:53:01 -08:00
David Garske
5910ada93d Merge pull request #4736 from douzzer/20220107-cppcheck-hygiene 
cppcheck sweep
 2022-01-10 12:52:22 -08:00
Daniele Lacamera
814e7c91e0 PsoC6 hw crypto: added missing wc_InitSha512_ex() 2022-01-10 18:30:53 +01:00
Chris Conlon
f72d198778 Merge pull request #4723 from dgarske/se050 2022-01-10 10:11:49 -07:00
Eric Blankenhorn
5cce1926bb Init vars for static analysis 2022-01-10 08:24:29 -06:00
Sean Parkinson
6398087d5b SP int: ARM64/32 sp_div_word changes 
Fixup up formatting.
Fix comments.
Aarch64: don't use variable r when hi can be used.
ARM 32-bit: Add a version that uses udiv - not available on all chips
and can be slower anyway.
 2022-01-10 16:27:39 +10:00
Saksik Remy
1a291870a3 minor fixes 2022-01-10 10:28:14 +08:00
David Garske
4bbf90d604 Merge pull request #4702 from SparkiDev/sp_int_div_arm 
SP int: transplant the div_word from SP into SP int for ARM64 and ARM32
 2022-01-09 17:54:39 -08:00
Daniel Pouzzner
70ab36f81c wolfcrypt/src/wc_port.c: fixes for cppcheck complaints: uninitvar nullPointer 2022-01-08 00:33:33 -06:00
Daniel Pouzzner
8aa1100508 wolfcrypt/src/wc_pkcs11.c: fixes for cppcheck complaints: uninitvar 2022-01-08 00:32:48 -06:00
Daniel Pouzzner
71b0b89e95 wolfcrypt/src/srp.c: fixes for cppcheck complaints: identicalInnerCondition 2022-01-08 00:32:37 -06:00