David Garske
4c75a866d9
Add inline documentation for missing macros and fix spelling errors
2026-03-16 17:09:13 -07:00
night1rider
69ddefb099
Zero-initialize stack-declared hash contexts in GetHash functions before passing to Copy, which now calls Free(dst) and requires valid fields.
2026-02-27 16:13:21 -07:00
night1rider
d4f8f0d0a5
Revert XMEMSET 0 after free in copy process for digest/hashing functions
2026-02-27 12:56:58 -07:00
night1rider
4713ad5675
Add Free(dst) + XMEMSET before XMEMCPY in all wc_ hash Copy functions (MD5, SHA, SHA2, SHA3, SHAKE) and add copy cleanup tests to prevent resource leaks when copying into previously-used contexts.
2026-02-27 12:56:58 -07:00
JacobBarthelmeh
a156ed7bc7
update Copyright year
2026-02-18 09:52:21 -07:00
JacobBarthelmeh
629c5b4cf6
updating license from GPLv2 to GPLv3
2025-07-10 16:11:36 -06:00
Daniel Pouzzner
c401f5caf2
move the newly added wolfcrypt/src/wolfssl_sources.h to wolfssl/wolfcrypt/libwolfssl_sources.h, and likewise for wolfssl_sources_asm.h; revert changes to IDE/ project files.
2025-04-04 18:44:12 -05:00
Daniel Pouzzner
217440c885
Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h,
...
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
sources to include them at the top.
wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
conditionally, config.h. settings.h and wc_port.h are unconditionally
included at the top of types.h.
wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.
Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
files.
Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
wolfssl/wolfcrypt/settings.h to allow coverage testing.
In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.
Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.
Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
for clarity.
2025-04-04 16:51:04 -05:00
JacobBarthelmeh
2c24291ed5
update copyright date
2025-01-21 09:55:03 -07:00
Andrew Hutchings
5d0ee8c9f3
Initial support for STM32MP13 HAL
...
This adds support for the STM32MP13 HAL, tested on the STM32MP135F MPU.
Using the HAL this modifies our previous RNG, AES-CBC, AES-GCM, HASH,
ECDSA and DES3 ST HAL acceleration to work with the MPU. It also works
around bugs found in the AES-GCM code of the HAL.
The HAL does not appear to have support for MD5 HASH at the moment, so
this has been given a flag to disable it on this MPU.
2024-11-26 14:15:57 +00:00
JacobBarthelmeh
31a6a2bf59
update copyright to 2024
2024-07-19 13:15:05 -06:00
gojimmypi
bf29066d70
Add wolfSSL debug messages
2024-02-08 17:22:36 -08:00
jordan
d111d7da1b
Fix MD5 and SHA buffer overrun.
2024-02-02 19:50:22 -06:00
JacobBarthelmeh
dc8f348bdf
smaller sized build with curl
2023-04-19 15:12:15 -07:00
gojimmypi
98b718f91b
wolfcrypt polish: init, checks, corrections ( #6249 )
...
* wolfcrypt polish: init, checks, corrections
2023-04-18 09:41:42 -07:00
Jacob Barthelmeh
9dcc48c8f7
update copyright to 2023
2022-12-30 17:12:11 -07:00
Jacob Barthelmeh
8eaa85e412
update copyright year to 2022
2022-07-19 10:44:31 -06:00
David Garske
92fcea39db
Fix for DES3 with STM32 and STM32_CRYPTO_AES_ONLY (broken in #5223 ) . Add U5 PKA support and benchmarks. Fix MD5 with OPENSSL_EXTRA and HAVE_MD5_CUST_API.
2022-06-17 11:50:29 -07:00
David Garske
502cbc3847
Fix for STM32U5 hash/crypto support. ZD 14305.
2022-06-14 11:48:51 +02:00
David Garske
e91f0f173b
Fixes for async disables around the DevCopy calls. ZD13824
2022-03-03 16:33:18 -08:00
Daniel Pouzzner
6a56d3e131
jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
...
defect/gripe statistics:
configured --enable-all --enable-sp-math-all --enable-intelasm
with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result
[note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]
pre-patch warning count per file, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 6 wolfssl/tests/suites.c
clang-analyzer-security.insecureAPI.strcpy 2 wolfssl/testsuite/testsuite.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/server/server.c
bugprone-suspicious-missing-comma 3 wolfssl/examples/client/client.c
readability-redundant-preprocessor 2 wolfssl/wolfcrypt/src/asn.c
readability-redundant-preprocessor 1 wolfssl/wolfcrypt/src/rsa.c
readability-redundant-preprocessor 9 wolfssl/src/ssl.c
readability-redundant-preprocessor 2 wolfssl/src/tls13.c
readability-redundant-preprocessor 18 wolfssl/tests/api.c
readability-redundant-preprocessor 3 wolfssl/src/internal.c
readability-redundant-preprocessor 10 wolfssl/wolfcrypt/test/test.c
readability-named-parameter 1 wolfssl/wolfcrypt/benchmark/benchmark.c
readability-named-parameter 7 wolfssl/src/internal.c
readability-named-parameter 1 wolfssl/wolfcrypt/src/ecc.c
readability-named-parameter 1 wolfssl/testsuite/testsuite.c
readability-named-parameter 11 wolfssl/wolfcrypt/src/ge_operations.c
misc-no-recursion 3 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 4 wolfssl/wolfcrypt/src/asn.c
readability-uppercase-literal-suffix 1 wolfssl/src/ssl.c
readability-uppercase-literal-suffix 13 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-too-small-loop-variable 1 wolfssl/wolfcrypt/src/rsa.c
bugprone-too-small-loop-variable 2 wolfssl/wolfcrypt/src/sha3.c
bugprone-too-small-loop-variable 4 wolfssl/wolfcrypt/src/idea.c
bugprone-signed-char-misuse 2 wolfssl/src/ssl.c
bugprone-signed-char-misuse 3 wolfssl/wolfcrypt/src/sp_int.c
bugprone-signed-char-misuse 3 wolfssl/examples/client/client.c
bugprone-macro-parentheses 19 wolfssl/wolfcrypt/src/aes.c
bugprone-macro-parentheses 109 wolfssl/wolfcrypt/src/camellia.c
bugprone-macro-parentheses 1 wolfssl/src/tls.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/md4.c
bugprone-macro-parentheses 2 wolfssl/wolfcrypt/src/asn.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2b.c
bugprone-macro-parentheses 257 wolfssl/wolfcrypt/src/sha3.c
bugprone-macro-parentheses 15 wolfssl/src/ssl.c
bugprone-macro-parentheses 1 wolfssl/wolfcrypt/src/sha.c
bugprone-macro-parentheses 8 wolfssl/tests/api.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/sp_int.c
bugprone-macro-parentheses 6 wolfssl/wolfcrypt/benchmark/benchmark.c
bugprone-macro-parentheses 38 wolfssl/wolfcrypt/src/hc128.c
bugprone-macro-parentheses 12 wolfssl/wolfcrypt/src/md5.c
bugprone-macro-parentheses 10 wolfssl/wolfcrypt/src/sha256.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/test/test.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/ecc.c
bugprone-macro-parentheses 2 wolfssl/tests/suites.c
bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/cpuid.c
bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2s.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/sha512.c
bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/poly1305.c
bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/ripemd.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/src/internal.c
readability-inconsistent-declaration-parameter-name 1 wolfssl/testsuite/testsuite.c
pre-patch warning count summaries, with suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-suspicious-missing-comma 6
readability-redundant-preprocessor 45
readability-named-parameter 21
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-too-small-loop-variable 7
bugprone-signed-char-misuse 8
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
pre-patch warning count summaries, without suppressions:
clang-analyzer-security.insecureAPI.strcpy 8
bugprone-branch-clone 152
readability-non-const-parameter 118
bugprone-suspicious-missing-comma 6
bugprone-suspicious-include 52
readability-magic-numbers 22423
readability-redundant-preprocessor 45
readability-named-parameter 21
readability-function-cognitive-complexity 845
readability-else-after-return 398
bugprone-implicit-widening-of-multiplication-result 595
readability-function-size 21
readability-isolate-declaration 1090
misc-redundant-expression 2
bugprone-narrowing-conversions 994
misc-no-recursion 3
readability-uppercase-literal-suffix 18
bugprone-reserved-identifier 56
readability-suspicious-call-argument 74
bugprone-too-small-loop-variable 7
bugprone-easily-swappable-parameters 437
bugprone-signed-char-misuse 8
readability-misleading-indentation 94
bugprone-macro-parentheses 601
readability-inconsistent-declaration-parameter-name 2
bugprone-suspicious-string-compare 495
readability-redundant-control-flow 20
readability-braces-around-statements 11483
clang-analyzer-valist.Uninitialized 1
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling 3502
2022-01-21 01:25:48 -06:00
David Garske
a03ed32380
Support for Android KeyStore compatibility API's:
...
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
2021-10-19 17:04:18 -07:00
Elms
3a885aba23
Refactor pointer manipulation to be independent of datatype width
...
Tested with `./configure CFLAGS="-DNO_64BIT" --disable-sha512
--disable-sha384 --enable-harden` on a 64-bit machine
2021-06-15 21:08:49 -07:00
David Garske
c59349c7a7
Fix for ecc_map, which is handled in hardware. Fix for NXP LTC mp_mul N value. Fix for MMCAU cast warnings.
2021-05-25 15:58:22 -07:00
toddouska
3ac03d3d66
Merge pull request #3805 from JacobBarthelmeh/copyright
...
update copyright date to 2021
2021-03-15 16:16:50 -07:00
Sean Parkinson
a55e94cf6f
ECCSI and SAKKE: add support
...
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
2021-03-12 09:31:22 +10:00
Jacob Barthelmeh
c729318ddd
update copyright date
2021-03-11 13:42:46 +07:00
toddouska
72eebd6e75
Merge pull request #3795 from JacobBarthelmeh/CAAM
...
Addition of QNX CAAM driver
2021-03-10 15:04:21 -08:00
Hideki Miyazaki
3b768bcb5e
addressed review comments
2021-03-06 10:18:31 +09:00
Hideki Miyazaki
525d28f38f
Implemented MD5_Transform
2021-03-05 08:19:18 +09:00
Jacob Barthelmeh
749425e1e8
first pre alpha code for QNX + CAAM
...
manual run of RNG init and JDKEK print
job ring does initial rng
is successful on some red key blob operations
caam red key blob test pass
ecdsa sign/verify
ecdsa ecdh/sign/verify with black secure key
ecdsa ecdh/sign/verify with black secure key
initial cmac addition
initial cmac addition
black blob encap
black keys with cmac
add invalidate memory
refactoring and clean up
more code cleanup
add files for dist and remove some printf's
remove unneeded macro guard
use resource manager
2021-03-03 18:45:40 +07:00
Sean Parkinson
ac76ef8ee7
Curve25519: replace uint64_t with word64
...
Remove usages of stdint.h types
Added a sword type for signed words.
2021-01-18 17:30:36 +10:00
Chris Conlon
45c5a2d39c
update copyright to 2020
2020-01-03 15:06:03 -08:00
David Garske
28d466cb10
Fix to ensure 4-byte alignment is default for MMCAU with SHA1, SHA256 and MD5.
2019-10-30 13:34:57 -07:00
David Garske
7f42b71571
Fix NXP MMCAU when data pointer is not aligned.
2019-10-29 13:45:25 -07:00
David Garske
b47039b7ec
Fix for possible unused local32 warning.
2019-09-27 09:22:18 -07:00
David Garske
78f6bbcdb8
Adjusted the alignement macro to use WC_HASH_DATA_ALIGNMENT for shared settings across hash algos.
2019-09-26 11:53:24 -07:00
David Garske
6bfe6761d8
Disable the new hashing aligned build option by default. Does not increase performance... the memcpy is faster than the alignment check on modern CPU's. Embedded systems may benefit from this though, so leaving support for it in place.
2019-09-26 11:49:33 -07:00
David Garske
4c709f1f2c
Improvements to SHA-1, SHA-256 and MD5 performance:
...
* Added detection for buffer alignment to avoid memcpy.
* Added MD5 and SHA-1 support for XTRANSFORM_LEN to process blocks.
* Cleanups for consistency between algorithms and code commenting.
* Enhancement for NXP MMCAU to process more than one block at a time.
* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78%.
```
NXP K64 w/MMCAU after:
MD5 8 MB took 1.000 seconds, 7.910 MB/s
SHA 4 MB took 1.005 seconds, 3.644 MB/s
SHA-256 2 MB took 1.006 seconds, 2.306 MB/s
NXP K64 w/MMCAU before:
MD5 4 MB took 1.004 seconds, 4.450 MB/s
SHA 3 MB took 1.006 seconds, 2.670 MB/s
SHA-256 2 MB took 1.008 seconds, 1.913 MB/s
```
2019-09-26 11:32:59 -07:00
David Garske
e298b3290d
Fix to initialize hash flag.
2019-08-21 06:36:37 -07:00
John Safranek
246c444b93
Updates for v4.0.0
...
Update the copyright dates on all the source files to the current year.
2019-03-15 10:37:36 -07:00
David Garske
dcdb1d7094
Added flag to indicate if hash is copied.
2019-02-12 16:03:10 -08:00
David Garske
838652c03b
Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake.
2019-02-12 16:03:10 -08:00
David Garske
beceab2734
Fix for leak with WOLFSSL_PIC32MZ_HASH and TLS. The PIC32 update cache buffer was not always being free'd.
2018-07-25 11:22:03 -07:00
John Safranek
586874b997
Rename INLINE
...
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
2018-06-26 15:17:46 -07:00
David Garske
0be1c10fcd
Moved the STM32 functions to their own .c file. Added GPL header. Finished testing on STM32 CubeMX with F4 and F7 and StdPeriLib with F4.
2018-02-05 12:57:06 -08:00
David Garske
a4a5f4f27a
STM32 refactor to move hashing code into wolfssl/wolfcrypt/port/stm32.h. Supports CubeMX HAL or StdPeriLib with MD5, SHA1, SHA224 and SHA256. Detects if hardware supports SHA2. Adds hashing context save/restore and hashing clock/power optimizations. Fix for building *.c in wolfcrypt/src/port for caam_driver.c. Fix for warning with wolfSSL_CryptHwMutexUnLock when no threading defined and return code not checked.
2018-01-31 11:25:20 -08:00
Jacob Barthelmeh
01f603ad65
add documentation, macro for no AES hw or HASH hw, use usleep when waiting for entropy
2018-01-02 15:00:35 -07:00
Jacob Barthelmeh
5fa9455bf9
add CAAM with INTEGRITY support
2017-12-20 11:16:11 -07:00
David Garske
7f30397252
Remove execute bit on all code files.
2017-10-23 11:16:40 -07:00