Commit Graph

109 Commits

Author SHA1 Message Date
Daniel Pouzzner 122502e2b1 wolfCrypt -Wconversion expansion: fix numerous warnings, all benign, from -Warith-conversion -Wenum-conversion -Wfloat-conversion -Wsign-conversion. 2024-12-18 11:51:06 -06:00
Daniel Pouzzner a95b759ffa peer review for #8187 and unrelated bug fixes:
return error code from wolfSSL_RefWithMutexUnlock() to expose result to caller;

fix endianness bug in src/x509.c:wolfSSL_X509_add_ext() (fixes failing test_wolfSSL_X509_add_ext on BE targets);

fix possible file handle leak in tests/api.c:test_wolfSSL_d2i_X509_REQ() (reported by clang-tidy);

in wolfssl/ssl.h, define CONST_NUM_ERR_WOLFSSL_SUCCESS, so that WOLFSSL_SUCCESS can be benignly miswrapped in WC_NO_ERR_TRACE().
2024-11-15 12:52:50 -06:00
Daniel Pouzzner 6f87f57d7a fixes for gating and ARM32 alignment defects:
wolfcrypt/src/port/arm/armv8-aes.c: in the WOLFSSL_ARMASM_NO_HW_CRYPTO version of wc_AesSetKey(), copy the supplied userKey to a properly aligned buffer if necessary before calling AES_set_encrypt_key();

src/dtls13.c: in Dtls13GetRnMask(), if defined(WOLFSSL_LINUXKM)), return retval of wc_AesEncryptDirect();

wolfcrypt/src/misc.c: add readUnalignedWord32(), writeUnalignedWord32(), readUnalignedWords32(), and writeUnalignedWords32();

wolfcrypt/src/siphash.c: use readUnalignedWord64(), readUnalignedWord32(), and writeUnalignedWord64(), to avoid unaligned access faults, and fix cast in byte-reversing version of GET_U32().
2024-10-25 23:52:32 -05:00
Daniel Pouzzner 60c2499602 wolfssl/wolfcrypt/types.h: when defining fallback do-nothing SAVE_VECTOR_REGISTERS2(), also define SAVE_VECTOR_REGISTERS2_DOES_NOTHING, and likewise for fallback CAN_SAVE_VECTOR_REGISTERS, define CAN_SAVE_VECTOR_REGISTERS_ALWAYS_TRUE;
wolfcrypt/src/aes.c:
* when SAVE_VECTOR_REGISTERS2_DOES_NOTHING, define do-nothing VECTOR_REGISTERS_PUSH and VECTOR_REGISTERS_POP, to mollify Coverity CONSTANT_EXPRESSION_RESULT;
* in AesGcmDecryptUpdate_aesni(), omit " && (c != NULL)" clause from computation of endA argument to AesGcmAadUpdate_aesni(), to mollify Coverity FORWARD_NULL (impermissible nullness is already checked and BAD_FUNC_ARGed by the sole caller, wc_AesGcmDecryptUpdate());

wolfcrypt/src/misc.c: add readUnalignedWord64(), writeUnalignedWord64(), readUnalignedWords64(), and writeUnalignedWords64(), for safe word64 access to possibly-unaligned data;

wolfcrypt/src/wc_kyber_poly.c: use readUnalignedWords64() and readUnalignedWord64() to mitigate sanitizer-reported "load of misaligned address".
2024-09-27 17:15:53 -05:00
Sean Parkinson 2cc5ecf117 Merge pull request #7759 from JacobBarthelmeh/poly1305
w64wrapper for poly1305
2024-08-07 07:31:25 +10:00
JacobBarthelmeh f1ace62363 add null sanity check and adjust add 2024-08-06 09:12:17 -06:00
JacobBarthelmeh cc2ed4a75b add w64Add for build with word64 2024-08-05 16:47:35 -06:00
JacobBarthelmeh f5ed2460df cast to larger type for multiplication 2024-07-19 13:59:05 -06:00
JacobBarthelmeh 31a6a2bf59 update copyright to 2024 2024-07-19 13:15:05 -06:00
JacobBarthelmeh 8a9c893c6f fix for initialization of high value and funtction signature 2024-07-19 11:03:44 -06:00
JacobBarthelmeh 902087df6f add w64wrapper support in poly1305 2024-07-18 07:21:57 -06:00
Daniel Pouzzner 5c6218696b wolfcrypt/src/misc.c: fix -Wconversions in CopyString();
src/ssl.c: fix missing semicolon in wolfSSL_CTX_check_private_key().
2024-05-18 02:31:58 -05:00
Juliusz Sosinowicz d9f7629296 Add grpc support
- Fix BIO_BIO type
  - Set retry flags correctly
- Add CRL callback
- Copy the alt names instead of trying to share a pointer
- Allow calling wolfSSL_get_servername on client side (to get the requested name)
- Return the chain in wolfSSL_X509_STORE_CTX_get_chain in the correct order
  - Peer first, top CA last
- Fix leak in RebuildFullName
- Add CopyString helper function
- Implement
  - X509_CRL_dup
  - ASN1_UTCTIME_set
  - X509_STORE_CTX_get0_param
  - X509_STORE_get0_param
  - X509_STORE_set_verify_cb
  - X509_STORE_set_get_crl
  - X509_set1_notAfter
  - X509_set1_notBefore
2024-05-16 18:20:53 +02:00
Sean Parkinson 6c8df33191 LMS: initial implementation
Initial wolfSSL implementation of LMS.
Changed LMS benchmarking to time making a key and reloading.
SHA-256:
  Added wc_Sha256HashBlock to make hashing a block fast.
Fixed assembly code to be able to hash a block from an external
buffer.
  Simplified code were possible.
Moved byte reversal decision logic to one place instead of replicating
length checks.
2024-03-07 11:43:16 +10:00
Juliusz Sosinowicz 335c51987e openssh 9.6p1 fixes
- wolfSSL_DSA_set0_key: allow setting just the public key
- radix16: allow skipping the end of line whitespace
- Add openssh action
2024-02-01 11:39:56 +01:00
Sean Parkinson a5961907b0 XMSS implementation
Supporting code for wolfSSL C implementation of XMSS.
2024-01-25 11:21:39 +10:00
Juliusz Sosinowicz b771b6ebf5 ZD16445
- Use unions for type punning in xor API
- Initialise potentially uninitialised variables
- Use `LL` suffix to specify a larger integer type
- Don't use `max` as it can shadow other definitions
2023-08-24 10:53:26 +02:00
Juliusz Sosinowicz 56fc5bbf87 Dtls13GetRnMask: Correctly get chacha counter on BE systems
The issue was that BIG_ENDIAN is defined in endian.h (on linux). Our define is BIG_ENDIAN_ORDER.
2023-07-24 09:13:10 +02:00
Sean Parkinson e2424e6744 SM2/SM3/SM4: Chinese cipher support
Add support for:
 - SM2 elliptic curve and SM2 sign/verify
 - SM3 digest
 - SM4 cipher with modes ECB/CBC/CTR/GCM/CCM

Add APIs for SM3 and SM4.
Add SM2 sign and verify APIs.
Add support for SM3 in wc_Hash and wc_Hmac API.
Add support for SM3 and SM4 through EVP layer.
Add support for SM2-SM3 certificates. Support key ID and name hash being
with SHA-1/256 or SM3.
Add support for TLS 1.3 cipher suites: TLS-SM4-GCM-SM3, TLS-SM4-CCM-SM3
Add support for TLS 1.2 SM cipher suite: ECDHE-ECDSA-SM4-CBC-SM3
Add support for SM3 in wc_PRF_TLS.
Add SM2-SM3 certificates and keys. Generated with GmSSL-3.0.0 and
OpenSSL.
2023-07-04 13:36:28 +10:00
Daniel Pouzzner f2c97d5d35 fixes for various wolfcrypt -Wconversions visible only on compilers that promote byte and word16 to signed int, then warn of a sign conflict when an intrinsically safe result is assigned back to the original type. 2023-05-09 23:55:08 -05:00
Juliusz Sosinowicz 6079b92e26 xorbuf: fix alignment when possible 2023-04-19 17:06:25 +02:00
Juliusz Sosinowicz 7a0d6487b7 Simplify ctMaskCopy 2023-04-19 17:05:03 +02:00
Juliusz Sosinowicz 8fe321d5be Try to XOR as many words as possible in xorbuf APIs 2023-04-19 17:05:03 +02:00
Daniel Pouzzner 7155c5748e fix overlong lines. 2023-04-12 01:37:09 -05:00
Daniel Pouzzner ed11669f3c more fixes for implicit casts, including asn=template. 2023-04-12 01:37:09 -05:00
David Garske 6418e3cbfe Fixes for implicit casts.
Tested with `./configure --disable-asm --enable-32bit --enable-asn=original --enable-cryptonly CFLAGS="-Wconversion -pedantic" && make`. Some progress with ASN template, but not complete.
2023-04-12 01:37:09 -05:00
Sean Parkinson 8851065848 cppcheck fixes
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
Daniel Pouzzner ab71f6fd4c extend C89 build to whole codebase including examples:
configure.ac: remove implied --disable-examples when --disable-inline;

tests/api.c: always include wolfcrypt/src/misc.c;

wolfcrypt/src/misc.c: use WC_MISC_STATIC to designate staticness of the misc functions;

wolfssl/wolfcrypt/misc.h: define WC_MISC_STATIC to empty or static depending on #ifdef NO_INLINE or not (respectively);

wolfssl/wolfcrypt/types.h: #ifdef NO_INLINE, #define WC_INLINE WC_MAYBE_UNUSED, and move the definitions of WARN_UNUSED_RESULT and WC_MAYBE_UNUSED above the definition of WC_INLINE for clarity;

wolfssl/wolfcrypt/mem_track.h: always declare TrackMalloc() et al static (no functional change, because the state and callback bindings were and remain unconditionally static, but previously #ifdef NO_INLINE the functions were globals, leading to multiple definitions.
2023-03-03 22:30:08 -06:00
David Garske 023db01aca * Fixed some build configuration variations.
* Fixed `PEM_BUFSIZE` macro redefined when building with coexist.
* Updated the `user_settings_all.h` and `user_settings_wolfboot_keytools.h` to include latest options.
* Improved API unit test error case checking where `TEST_RES_CHECK` is not used.
* Changed `TEST_SKIPPED` to unique value.
* Added CI tests for enable-all, small stack, and user setting templates.
2023-01-03 10:59:59 -08:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Anthony Hu 6190666108 Support for Analog Devices MAXQ1080 and MAXQ1065 2022-11-23 11:57:31 -05:00
David Garske 35ccd880ed Fix for misc HashObject to be excluded for WOLFCRYPT_ONLY. 2022-11-09 15:07:36 -08:00
Daniel Pouzzner cc03e3fdab wolfcrypt/src/misc.c ByteReverseWords(): mollify MSVC re C4311. 2022-09-27 10:05:07 -05:00
Daniel Pouzzner cfe0278d35 wolfcrypt/src/misc.c ByteReverseWords(): fix misaligned word accesses under armv7a-asm. 2022-09-27 02:02:31 -05:00
Daniel Pouzzner ea3959f2f6 analyzer coddling:
in api.c test_wolfSSL_dtls12_fragments_spammer(), inhibit clang-analyzer-deadcode.DeadStores;

in asn.c ParseCRL_Extensions() old (!WOLFSSL_ASN_TEMPLATE) version, fix bounds check to prevent overshift;

in misc.c ctMaskCopy(), use `*(x + i)`, not x[i], to tiptoe around cppcheck-2.9 objectIndex bug.
2022-08-31 22:56:08 -05:00
Juliusz Sosinowicz e565d0d7de Refactor and code review
- Refactor object hashing into one function
- Allow multiple WOLFSSL_ASSERT_SIZEOF_GE in one function
2022-08-22 14:19:48 +02:00
Sean Parkinson 01aad13c38 Rework 2022-07-27 12:02:15 +10:00
Marco Oliverio 2e1e8d2789 misc.c: introduce ctMaskCopy() 2022-07-26 20:59:01 +02:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Marco Oliverio 9d22e11776 misc.c: introduce w64wrapper to handle 64bit numbers
as word64 is not always available, introduce an abstract type and companion
operations. They use a word64 if available and fallback on word32[2] otherwise.
2022-06-15 10:46:42 -07:00
JacobBarthelmeh 7e2fab6f4a warning with keil build and native lwip want read case 2021-11-18 22:58:50 -07:00
Daniel Pouzzner 0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
Daniel Pouzzner ec21dd6d13 miscellaneous buildability fixes:
configure.ac: fix ed25519/sha512 dependency test to not misfire when ENABLED_32BIT;

wolfssl/wolfcrypt/curve{25519,448}.h: fix redundant typedefs of curve{25519,448}_key (fixes -Wpedantic warnings);

configure.ac: fix for "ISO C forbids an empty translation unit [-Werror=pedantic]", re wolfcrypt/src/sp_c{32,64}.c;

configure.ac: fixes for --enable-32bit versus pedantic "ISO C forbids an empty translation unit", including explicit exclusion of 32bit-incompatible algorithms from enable-all and enable-all-crypto sets;

tests/api.c: fixes for a couple inadequately gated SHA2 dependencies;

tests/api.c:test_wolfSSL_set_alpn_protos(): fix prototype missing (void);

wolfcrypt/src/misc.c and wolfssl/wolfcrypt/misc.h: fix ForceZero() definition and NO_INLINE prototype to not counterfactually constify the mem ptr, to avoid -Wmaybe-uninitialized from gcc11;

wolfcrypt/src/des3.c: drop obsolete register qualifier from declaration in DesSetKey(), for c++17 compatibility;

src/ssl.c:wolfSSL_BN_mod_word(): fix cast of arg2 to mp_mod_d().
2021-09-20 13:38:52 -05:00
David Garske df10152b54 Refactor hex char to byte conversions. 2021-08-10 12:07:41 -07:00
Elms 3a885aba23 Refactor pointer manipulation to be independent of datatype width
Tested with `./configure CFLAGS="-DNO_64BIT" --disable-sha512
--disable-sha384 --enable-harden` on a 64-bit machine
2021-06-15 21:08:49 -07:00
René Liebscher fa98477f22 Renesas RX: Use intrinsics for rot[rl], revl
For byte order reverse and rotation we have builtins
in the CC-RX compiler.
Especially when rotating registers with fixed amounts
this can be compiled efficiently into opcodes with
embedded values for shift (without needing other registers).
2021-04-22 16:44:19 +02:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
John Safranek d4e13796c2 M1 Support
We separate out 64-bit desktop support based on the Intel check. With
the advent of the new Apple chip, ARM can also be a desktop processor.
Detect it like we do the Intel 64-bit, and treat it similarly with
respect to fast and normal math.
2021-01-06 09:21:07 -08:00
Sean Parkinson 972d6cfefc Base64: Cache attack resistant decode 2020-12-15 17:22:02 +10:00
Sean Parkinson d34b0072a2 ARM: identify ARM CPU for Thumb and Cortex
Better detailed check of CPU architecture for 32-bit byte reversal asm
2020-12-09 08:54:18 +10:00