Commit Graph

6595 Commits

Author SHA1 Message Date
Daniel Pouzzner 59a7c0d7e4 move definitions of XASM_LINK() from wolfcrypt/src/aes.c, wolfcrypt/src/asm.c, and wolfcrypt/src/cpuid.c, to wolfssl/wolfcrypt/types.h, and use __asm__() instead of asm() if __GNUC__, for compatibility with -std=c99. 2023-05-31 15:48:52 -05:00
Daniel Pouzzner 109a17f3bd wolfcrypt/src/memory.c: restore required linuxkm #define WOLFSSL_NEED_LINUX_CURRENT 2023-05-31 15:17:01 -05:00
Sean Parkinson 541ea51ad5 Tests api.c: rework for malloc failure testing
Modified number of tests to not crash on failure and cleanup allocations
on failure.
Added memory fail count option to set which memory allocation to start
failing on.
Fix issues found from testing.

bio.c:
BIO_new() move ref count up so that calls to wolfSSL_BIO_free()
work.
internal.c:
ImportCipherSpecState wasn't checking SetKeySide for failure. Crash
when pointer is NULL and accessed directly.
ocsp.c:
wolfSSL_OCSP_response_get1_basic() doesn't need to free vs->source
as it is freed in WOLFSSL_OCSP_RESPONSE_free().
ssl.c:
ProcessBuffer() Don't strip PKCS#8 header if failed to create DER.
Crasged as directly accessing 'der' which was NULL.
ssl_asn.c:
wolfssl_asn1_integer_require_len was checking wrong variable to see
if allocation failed.
x509,c:
wolfSSL_X509_ALGOR_set0 needs to set aobj only when no failure
possible.
wolfSSL_X509_chain_up_ref needs to call cleanup to ensure everything
is freed.
2023-05-30 12:01:21 +10:00
David Garske 4f8419c641 Merge pull request #6441 from SparkiDev/cryptocb_pkcs11_rsa_get_size
CryptoCb, PKCS#11: add RSA key size lookup
2023-05-29 16:09:33 -07:00
David Garske e3be76b238 Merge pull request #6435 from SparkiDev/sp_int_count_bits_cleanup
SP int: cleanup sp_count_bits
2023-05-24 15:11:12 -07:00
Sean Parkinson e954110cc5 CryptoCb, PKCS#11: add RSA key size lookup
wc_RsaEncryptSize(): assumed a key size of 2048 when using hardware key.
Added callback to do lookup and implemented for PKCS#11.
If lookup not supported then assumes 2048 bits.
2023-05-24 11:42:52 +10:00
Sean Parkinson 622375b47e SP int: clenaup sp_count_bits
More explicitly handle used == 0 for static code analyser.
Make sp_count_bits clearer.
2023-05-23 09:20:22 +10:00
Sean Parkinson 98a717e1d5 Memory usage: reduce stack usage
AES C impl: don't align to 32 bytes, align to 16 as buffer is 16 bytes
long.
SP int: Don't call _sp_mulmod but call sp_mul and _sp_div to do mod
operation. For RSA, fewer calls for mod operation means less stack used
at deepest point.
2023-05-22 16:57:07 +10:00
Sean Parkinson d8e4c78960 Merge pull request #6426 from jpbland1/invariant-mp-size
add check to sp_invmod_mont_ct to make sure the
2023-05-22 08:14:39 +10:00
JacobBarthelmeh a06bd777c0 Merge pull request #6423 from cconlon/pkcs7NoStream
Fix PKCS#7 build with NO_PKCS7_STREAM
2023-05-19 10:32:49 -06:00
JacobBarthelmeh 235dc95b27 Merge pull request #6420 from julek-wolfssl/atomic-use-macro
Implement atomic operations interface
2023-05-19 10:29:04 -06:00
David Garske 10b6105505 Merge pull request #6424 from SparkiDev/coverity_2
Coverity scan fixes
2023-05-19 09:13:26 -07:00
John Bland 7e3aafb60c Fix for FIPS ECC integrity check with crypto callback set (#6425)
Skip ECC private key check when the TPM is used to generate the key, since it doesn't release the private part. this option needs to be used with a FIPS approved TPM for the end result to be FIPS approved
2023-05-19 09:12:44 -07:00
John Bland 344c3338a9 add check to sp_invmod_mont_ct to make sure the
result integer can hold the range of the modulus
2023-05-19 10:49:42 -04:00
Sean Parkinson 45503972f8 scan-build fixes
sp_mulmod
 - scan-build getting confused with size of result
 - don't check result size as checked already
 - split out implementation of sp_mulmod from check

StoreEccKey
 - ensure pubKey is not NULL even though all uses will not be

GetCertKey
 - ensure source is not NULL
 - cert->source may be NULL in incorrect usages of APIs
2023-05-19 12:17:41 +10:00
Sean Parkinson 2c34210efb Coverity scan fixes
DecodeRsaPssParams() assumed params is never NULL. Should never be
called with NULL but check saves a NULL dereference.

PrintObjectIdText() didn't check return of call to GetObjectId. 'oid'
will retain -1 value on error and work as normal on error return.
Cleaner to check for ASN_PARSE_E and handle - other error,
ASN_UNKNOWN_OID_E, is OK for printing.
2023-05-19 09:15:16 +10:00
Chris Conlon 6ef580ca59 fix PKCS#7 build when using NO_PKCS7_STREAM 2023-05-18 14:50:03 -06:00
Juliusz Sosinowicz 466636214f Add MSVC atomics 2023-05-18 12:06:54 +02:00
David Garske 0530ee774f Merge pull request #6418 from douzzer/20230517-linuxkm-benchmarks
20230517-linuxkm-benchmarks
2023-05-17 15:00:49 -07:00
Daniel Pouzzner fffff657de cleanups: line length, WOLFSSL_SMALL_STACK_STATIC, and SAVE_VECTOR_REGISTERS() failure trap in benchmark.c, proper path to benchmark.c in linuxkm/module_hooks.c, and proper casting in aes.c. also harmonized semantics and prototype of bench_ripemd(). 2023-05-17 13:00:46 -05:00
Juliusz Sosinowicz dd9edfee24 Implement atomic operations interface 2023-05-17 16:33:11 +02:00
Daniel Pouzzner 4f4842fce6 linuxkm/linuxkm_memory.c: refactor SAVE/RESTORE_VECTOR_REGISTERS() to be per-process rather than per-CPU, and add migrate_disable/enable() to kernel_fpu_begin/end() because preempt_disable() is just a barrier on _PREEMPT_VOLUNTARY kernels;
linuxkm/linuxkm_wc_port.h: activate SAVE/RESTORE_VECTOR_REGISTERS() whenever defined(WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS) for benchmark.c support, independent of vector crypto features;

fix and optimize various alignment issues with stack and heap allocations;

fix macro definitions for XMALLOC/XREALLOC/XFREE to correctly use kvmalloc and friends when defined(HAVE_KVMALLOC), and to use wolfSSL_Malloc() and friends when defined(WOLFSSL_TRACK_MEMORY);

purge stale LINUXKM_SIMD_IRQ code.
2023-05-17 01:44:36 -05:00
Daniel Pouzzner a18dc7f10a wolfcrypt/src/aes.c: in wc_AesSetKeyLocal(), add an alignment check in the haveAESNI path for WOLFSSL_LINUXKM, because the failure mode is module crash. 2023-05-17 01:07:47 -05:00
Daniel Pouzzner 85e0bf337b fix for benign sign clash in wc_RNG_GenerateBlock(). 2023-05-17 01:05:33 -05:00
Eric Blankenhorn 0a5a5a65a2 Fix valgrind issue with memcpy 2023-05-16 14:38:51 -05:00
Chris Conlon a474179cdf Merge pull request #6301 from miyazakh/ra_cryptonly
Add Renesas SCE RSA Crypt Only support
2023-05-12 16:32:15 -06:00
JacobBarthelmeh 1b6ab01d0b Merge pull request #6407 from dgarske/stm32_cleanup
Remove STM AES always true check
2023-05-12 13:54:24 -06:00
JacobBarthelmeh 9cca571c1d Merge pull request #6399 from bigbrett/zd16083-ocsp-double-free
fix double free in InitOCSPRequest
2023-05-12 13:50:54 -06:00
lealem47 79a5c49e47 Skip Async_DevCtxInit when using init rsa/ecc label/id api's (#6393)
* Skip Async_DevCtxInit when using init rsa/ecc label/id api's

---------

Co-authored-by: Lealem Amedie <lealem47@github.com>
2023-05-12 11:54:03 -07:00
Brett Nicholas 46dce4b33f set pointer to null after freeing in InitOcspRequest() to prevent a subsequent double-free in FreeOcspRequest() 2023-05-11 12:59:25 -06:00
David Garske dbb5ee3b1e Merge pull request #6389 from JacobBarthelmeh/devid
always call crypto cb when compiled in
2023-05-11 11:48:30 -07:00
David Garske dfbd61cad9 Remove always true check. 2023-05-11 11:38:12 -07:00
Daniel Pouzzner 3c06638115 wolfcrypt/src/aes.c: fixes for bugprone-macro-parentheses;
wolfcrypt/src/ecc.c: fix for nullPointerRedundantCheck ("possible null pointer dereference").
2023-05-11 11:51:27 -05:00
JacobBarthelmeh 07c41c5498 add macro guard on test case 2023-05-10 15:51:39 -07:00
JacobBarthelmeh bab35c4de2 add WOLF_CRYPTO_CB_FIND macro to guard find device ID callback 2023-05-10 15:28:19 -07:00
David Garske 870f7cc95b Merge pull request #6394 from douzzer/20230509-THIS_MODULE-mem-and-more-Wconversion
20230509-THIS_MODULE-mem-and-more-Wconversion
2023-05-10 10:19:25 -07:00
JacobBarthelmeh 04e831fa63 Merge pull request #6309 from SparkiDev/aes_cache_touch_lines
AES: touch each cache line when getting offset from table
2023-05-10 09:56:27 -06:00
Hideki Miyazaki a2776ad35e addressed review comments 2023-05-10 13:55:34 +09:00
Daniel Pouzzner f2c97d5d35 fixes for various wolfcrypt -Wconversions visible only on compilers that promote byte and word16 to signed int, then warn of a sign conflict when an intrinsically safe result is assigned back to the original type. 2023-05-09 23:55:08 -05:00
JacobBarthelmeh 71ca447b6b resolve CB_ONLY cases 2023-05-09 09:08:32 -07:00
JacobBarthelmeh 71cbc019d7 always call crypto cb when compiled in 2023-05-08 09:49:50 -07:00
David Garske 62a4329f8e Merge pull request #6379 from SparkiDev/sp_int_gcd_fix
SP int; fix sp_gcd error checking
2023-05-07 12:11:29 -07:00
Sean Parkinson d342e341d8 SP int; fix sp_gcd error checking
r can be as large as the smaller of a and b.
Fix sign check.
Add comments as to what GCD does.
2023-05-05 09:11:47 +10:00
Sean Parkinson 55a91c2b55 Minor fixes
configure.ac: Don't use == in test.
client.c: Merge string to one line.
asn.c/asn_public.h:
  fix conversion warnings/errors.
  wc_Asn1_Print no longer public and doesn't need to check for NULL.
  wc_Asn1_PrintAll check all pointer parameters for NULL.
2023-05-05 08:43:50 +10:00
David Garske 6e572cc91d Merge pull request #6352 from SparkiDev/asn1_print
ASN.1 print utility: asn1
2023-05-04 10:55:47 -07:00
David Garske 4cdf32e497 Merge pull request #6333 from SparkiDev/memusage_6
Memory usage improvements
2023-05-04 09:14:24 -07:00
gojimmypi 82e502d8a2 WOLFSSL_SP_INT_NEGATIVE declaration for all Espressif chipsets (#6374)
* WOLFSSL_SP_INT_NEGATIVE declaration for all Espressif chipsets
* correct naming for WOLFSSL_SHA384 on ESP32-C3
2023-05-04 08:04:25 -07:00
Sean Parkinson 9b404fcc5b AES touch cache lines
Change implementation to get from each line of a table once for each 4
variables.
Only enable WOLFSSL_AES_TOUCH_LINES, by default, when RISC-V.
2023-05-04 16:34:42 +10:00
Sean Parkinson d2afe9e5e0 Memory usage improvements
ECC: make private key field 'k' able to be smaller when ALT_ECC_SIZE is
defined.
WOLFSSL_SMALL_STACK_CACHE: allocate temps using new macros.
2023-05-04 10:26:57 +10:00
Sean Parkinson 9cdee20a7d ASN.1 print: implementation to parse and print added
New API to parse and print DER/BER data from a buffer.
Add an example to parse DER, Base64 and PEM files and print out ASN.1 items.
2023-05-04 09:57:44 +10:00