Commit Graph

7478 Commits

Author SHA1 Message Date
David Garske 102cb1114a Merge pull request #6509 from douzzer/20230613-wc_test_ret_t
20230613-wc_test_ret_t
2023-06-23 11:47:20 -07:00
David Garske ea68920b8b Merge pull request #6539 from JacobBarthelmeh/caam
fix for keymod with rt1170 blobs
2023-06-23 11:47:04 -07:00
lealem47 06c1dd171a Merge pull request #6466 from dgarske/keilmdk
Fixes and cleanups for Keil MDK examples
2023-06-23 08:41:04 -06:00
JacobBarthelmeh 2d87037e4b fix for keymod with rt1170 blobs 2023-06-23 00:50:25 -07:00
David Garske a56fe30c2c Fixes and cleanups for Keil MDK examples. Combine duplicate user_settings.h. Use SP math all by default. Disable old/deprecated algorithms. Add CMSIS RTOS timer support for TLS and benchmark. 2023-06-22 16:48:17 -06:00
David Garske 2f44ece4d8 Merge pull request #6511 from JacobBarthelmeh/nightly
fix for nightly toolchain armv7 build warning
2023-06-22 15:25:57 -07:00
David Garske 3cb0b4ab29 Merge pull request #6410 from embhorn/zd15856
Update EBSNET port
2023-06-21 21:35:19 -07:00
David Garske 6697181081 Merge pull request #6500 from SparkiDev/tests_api_expect_4
Test api.c: change more tests to use Expect instead of Assert
2023-06-21 17:17:37 -07:00
Sean Parkinson e467112a93 Test api.c: change more tests to use Expect instead of Assert
Changed EXPECT_DECL to start of as TEST_SKIPPED.
Modified other EXPECT macros appropriately.
Change test functions to not use 'res' when EXPECT_DECL is used.

memory.c:
  wc_MemFailCount_Init(): don't declare variable after a statement

conf.c:
wolfSSL_TXT_DB_read(): free the whole WOLFSSL_TXT_DB on failure
instead of just the memory
wolfSSL_CONF_add_string(): pop the value added into section->value
(sk) if it can't be pushed onto conf->data
  wolfSSL_NCONF_load(): free the new value if it wasn't able to be added

ocsp.c:
  wolfSSL_OCSP_cert_to_id():
free the decoded certificate if parsing failed (is freed after use
otherwise)
free the certificate id on failure and make it NULL and continue
freeing other variables

pk.c:
wolfSSL_RSA_set0_crt_params(): set dmp1, dmq1 and iqmp fields to NULL
if setting the internal failed - returns error and caller needs to free
the passed in BNs
wolfSSL_RSA_set0_factors(): set p and q fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs
wolfSSL_RSA_set0_key(): set n, e abd d fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs

x509.c:
wolfSSL_X509_set_serialNumber(): explicit NULL
checkwolfSSL_X509_REQ_add1_attr_by_NID(): check whether push succeeded
and on failure free attribute

asn.c:
ConfirmSignature(): for DSA, allocate separately to ensure no leak on
memory allocation failure.

dh.c:
wc_DhGenerateParams(): ensure tmp and tmp2 are able to be cleared on
error

evp.c:
wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(): fix realloc use to no leak on
failure
  wolfSSL_EVP_CIPHER_CTX_iv_length(): handle ctx being NULL.
2023-06-22 08:21:17 +10:00
Eric Blankenhorn 53fe93430e Update EBSNET port 2023-06-21 15:52:42 -05:00
JacobBarthelmeh 2d28b492b0 Merge pull request #6501 from dgarske/ecc_comp
Fix for SP math all and ECC with compressed keys (missing sp_add_d)
2023-06-21 12:01:06 -07:00
David Garske aaf2408851 Merge pull request #6504 from SparkiDev/bench_embedded_scrypt
test.c, scrypt: bench embedded reduce heap usage
2023-06-21 11:06:26 -07:00
David Garske 0e2c32f726 Merge pull request #6505 from SparkiDev/alt_ecc_cryptocb
ECC, ALT_ECC_SIZE, CryptoCB: ensure err is 0 in _ecc_make_key_ex
2023-06-21 11:05:53 -07:00
David Garske 70c3e84735 Merge pull request #6503 from SparkiDev/mp_test_tfm_mips
TFM: fix big endian reading a zero length buffer
2023-06-21 11:05:40 -07:00
Sean Parkinson e17f86d145 TFM: fix big endian reading a zero length buffer
Bail early as big endian implementation doesn't handle it.
2023-06-16 10:58:51 +10:00
Sean Parkinson a1e8aa7269 test.c, scrypt: bench embedded reduce heap usage
Don't do scrypt test cases that allocate 1MB of memory when
BENCH_EMBEDDED is defined.
2023-06-16 10:16:34 +10:00
Sean Parkinson 7153dd70a6 Math, Encrypted Memory: mod exp fix
The modular exponentiation implementations in sp_int.c and tfm.c are not
safe when using Encrypted Memory.
Cannot have two pieces of memory where one changes and the other doesn't
based on private value.
Use extra variable to hold the two new values and assign them both back
at the same time in a safe manner.

Alternative implementations used when WC_PROTECT_ENCRYPTED_MEM is
defined.
2023-06-16 07:28:47 +10:00
JacobBarthelmeh 8f29111aac fix for nightly toolchain armv7 build warning 2023-06-14 14:13:59 -06:00
Daniel Pouzzner 902d47aaa1 wolfcrypt/test/test.c: fix scoping of hkdf_test();
wolfcrypt/test/test.h: include <wolfssl/wolfcrypt/types.h> to be sure sword32 is available.
2023-06-14 15:06:13 -05:00
Daniel Pouzzner e843a7bd1e wolfcrypt/test/test.{c,h}: add wc_test_ret_t, and 'L' long int suffixes on relevant numeric literals, to facilitate passing around 32 bit retvals in the WC_TEST_RET_*() system on 16 bit targets. 2023-06-14 12:28:50 -05:00
Daniel Pouzzner 131b7c2bcf wolfcrypt/src/chacha20_poly1305.c: refactor ssize_t uses in wc_XChaCha20Poly1305_crypt_oneshot() as long int, for portability. 2023-06-14 12:28:50 -05:00
Sean Parkinson 0db49ef83a ECC, ALT_ECC_SIZE, CryptoCB: ensure err is 0 in _ecc_make_key_ex
When CryptoCB is used and the key gen operation is not implemented, err
is CRYPTOCB_UNAVAILABLE and needs to be reset to 0.
2023-06-14 10:12:04 +10:00
David Garske fe7502a50e Fix for SP math all and ECC with compressed keys (missing sp_add_d). Reproduce using: ./configure --disable-rsa --disable-dh --enable-compkey --disable-pkcs12 && make. 2023-06-13 11:39:24 -07:00
Daniel Pouzzner 03a6eed037 wolfcrypt/src/{aes.c,blake2b.c,siphash.c}: fix W64LIT() arguments to not have improper 'U' suffix;
wolfssl/wolfcrypt/types.h: add 'U' suffix to W64LIT() macro defs, and add SW64LIT() macro defs (not yet used anywhere);

wolfcrypt/src/asn.c: add !WOLFSSL_ECC_CURVE_STATIC gate around DataToHexStringAlloc() to resolve -Wunused;

wolfcrypt/src/ecc.c: guard against zero-valued "len" arg to wc_ecc_get_curve_id_from_oid();

wolfcrypt/src/wc_port.c: fix several argument implicit sign changes in USE_WINDOWS_API paths;

wolfssl/wolfcrypt/ecc.h: remove const attribute from inline buffers in WOLFSSL_ECC_CURVE_STATIC struct ecc_set_type.
2023-06-12 23:15:08 -05:00
Sean Parkinson 897a865090 Merge pull request #6477 from JacobBarthelmeh/stm32
add sanity check on hash size with STM32 port
2023-06-08 22:21:19 +10:00
JacobBarthelmeh fb5413cea0 account for null terminator with SEP serail number 2023-06-07 14:59:07 -06:00
Jacob Barthelmeh 327645ff2a add additional STM32 ECC sanity check to sign 2023-06-07 10:26:40 -07:00
Jacob Barthelmeh 2a0b244393 add sanity check on hash size with STM32 port 2023-06-07 10:26:40 -07:00
JacobBarthelmeh 1445a6a832 Merge pull request #6482 from SparkiDev/regression_fixes_7
Regression testing fixes
2023-06-07 11:18:36 -06:00
Sean Parkinson ed01b14356 cppcheck: fixes from scan
wolfssl_sce_unit_test.c:
  sce_crypt_Sha_AesCbcGcm_multitest(): duplicate condition
ssl_asn1.c:
  wolfSSL_i2t_ASN1_OBJECT(): done is not needed
  MonthStr(): fix bounds check on i
woolfcrypt_test.c, test_main.c, wolfssl_tsip_unit_test.c, devices.c,
aes.c, des3.c:
  Variable not used.
asn.c:
DecodeSubjKeyId(): sz is unsigned - check for less than zero does
nothing
kcapi_rsa.c:
  KcapiRsa_Decrypt(): fix ret check by using else
  KcapiRsa_Encrypt(): make same change for consistency
kcapi_hash.c:
  KcapiHashFinal(): move ret into #ifdef where it is needed
stm32.c:
wc_Stm32_Hash_GetDigest(): i redeclared with different type - use ii
instead
bio.c, conf.c:
  XFREE checks for NULL

Reduce scope of varialbes.
Condition same.
2023-06-07 17:27:51 +10:00
Sean Parkinson b07c5d7ce8 Regression testing fixes
Fix: ./configure --disable-shared  --enable-smallstack --enable-all
CFLAGS=-DNO_ASN_TIME

Don't compile mp_test when compiling for SP Math All and RSA
verification only - very few functions available.

ssl.c:
wolfSSL_Rehandshake(): wolfSSL_UseSessionTicket only available when
not NO_WOLFSSL_CLIENT
api.c:
  test_wolfSSL_ticket_keys(): meant to be tested on server
2023-06-07 14:26:45 +10:00
Sean Parkinson cac42db53c Merge pull request #6468 from philljj/zd16236
Fix fastmath and heapmath invmod to be consistent with sp-math.
2023-06-07 07:47:41 +10:00
Daniel Pouzzner 3b48bc97ed Merge pull request #6381 from SparkiDev/type_conversion_fixes_1
Fix type conversion warnings by gcc
2023-06-06 11:25:31 -05:00
Sean Parkinson 3230d27700 Merge pull request #6436 from lealem47/sanitizer
Miscellaneous fixes for sanitizer
2023-06-06 11:55:52 +10:00
Lealem Amedie 32976d379f Fix formatting 2023-06-05 16:47:11 -06:00
jordan db28d38ea3 Fix fastmath and heapmath invmod to be consistent with sp-math. 2023-06-02 22:11:44 -05:00
JacobBarthelmeh 37aada0313 Merge pull request #6465 from lealem47/zd162152
Read and assign err return val from _sp_mulmod_tmp
2023-06-02 11:45:27 -06:00
Lealem Amedie eaf27b1945 Read and assign err return val from _sp_mulmod_tmp 2023-06-02 10:09:12 -06:00
JacobBarthelmeh 35e59a3569 Merge pull request #6456 from SparkiDev/tests_api_expect_2
Test api.c: change more tests to use Expect instead of Assert
2023-06-01 10:29:52 -06:00
Sean Parkinson 7259351a3f Test api.c: change more tests to use Expect instead of Assert
Added a new version of 'nofail' handshaking that doesn't use threads.
More tests can be run in single threaded.

Changed tests over to use test_wolfSSL_client_server_nofail() or
test_wolfSSL_client_server_nofail_memio() to simplfy test cases.

Changed tests to use Expect.

CRL:
BufferLoadCRL wasn't freeing allocated data when currentEntry
couldn't be allocated.

ssl.c:
DecodeToX509(): Needs to call FreeDecodedCert even if
ParseCertRelative fails.
wolfSSL_PEM_read_PUBKEY(): Need to check result of
wolfSSL_d2i_PUBKEY is NULL rather than the passed in WOLFSSL_EVP_PKEY.

X509:
wolfSSL_X509_set_ext(): Must free allocated WOLFSSL_X509_EXTENSION
if not pushed on to stack regardless of stack being NULL.
wolfSSL_X509V3_EXT_i2d(): Don't free asn1str on error as it is the
data passed in.
wolfSSL_i2d_X509_NAME_canon(): free names and cano_data when call to
wolfSSL_ASN1_STRING_canon() fails.

PKCS7:
    wc_PKCS7_InitWithCert(): Check memory allocation of cert for NULL.
2023-06-01 14:22:00 +10:00
Sean Parkinson b62e0b7ceb Fix type conversion warnings by gcc 2023-06-01 14:21:41 +10:00
Sean Parkinson 5ffee2dbe1 Merge pull request #6459 from douzzer/20230531-analyzer-guided-fixes
20230531-analyzer-guided-fixes
2023-06-01 10:55:48 +10:00
JacobBarthelmeh 42a5d0320b Merge pull request #6445 from jpbland1/dsa_ex
add ex functions to use other digest algorithms with DSA
2023-05-31 14:50:05 -06:00
Daniel Pouzzner 59a7c0d7e4 move definitions of XASM_LINK() from wolfcrypt/src/aes.c, wolfcrypt/src/asm.c, and wolfcrypt/src/cpuid.c, to wolfssl/wolfcrypt/types.h, and use __asm__() instead of asm() if __GNUC__, for compatibility with -std=c99. 2023-05-31 15:48:52 -05:00
Daniel Pouzzner 109a17f3bd wolfcrypt/src/memory.c: restore required linuxkm #define WOLFSSL_NEED_LINUX_CURRENT 2023-05-31 15:17:01 -05:00
Sean Parkinson 541ea51ad5 Tests api.c: rework for malloc failure testing
Modified number of tests to not crash on failure and cleanup allocations
on failure.
Added memory fail count option to set which memory allocation to start
failing on.
Fix issues found from testing.

bio.c:
BIO_new() move ref count up so that calls to wolfSSL_BIO_free()
work.
internal.c:
ImportCipherSpecState wasn't checking SetKeySide for failure. Crash
when pointer is NULL and accessed directly.
ocsp.c:
wolfSSL_OCSP_response_get1_basic() doesn't need to free vs->source
as it is freed in WOLFSSL_OCSP_RESPONSE_free().
ssl.c:
ProcessBuffer() Don't strip PKCS#8 header if failed to create DER.
Crasged as directly accessing 'der' which was NULL.
ssl_asn.c:
wolfssl_asn1_integer_require_len was checking wrong variable to see
if allocation failed.
x509,c:
wolfSSL_X509_ALGOR_set0 needs to set aobj only when no failure
possible.
wolfSSL_X509_chain_up_ref needs to call cleanup to ensure everything
is freed.
2023-05-30 12:01:21 +10:00
David Garske 4f8419c641 Merge pull request #6441 from SparkiDev/cryptocb_pkcs11_rsa_get_size
CryptoCb, PKCS#11: add RSA key size lookup
2023-05-29 16:09:33 -07:00
John Bland 566fa1179f add ex functions to use other digest algorithms 2023-05-25 12:50:23 -04:00
David Garske e3be76b238 Merge pull request #6435 from SparkiDev/sp_int_count_bits_cleanup
SP int: cleanup sp_count_bits
2023-05-24 15:11:12 -07:00
Sean Parkinson e954110cc5 CryptoCb, PKCS#11: add RSA key size lookup
wc_RsaEncryptSize(): assumed a key size of 2048 when using hardware key.
Added callback to do lookup and implemented for PKCS#11.
If lookup not supported then assumes 2048 bits.
2023-05-24 11:42:52 +10:00