Commit Graph

459 Commits

Author SHA1 Message Date
gojimmypi 16dba37ae6 fix wolfSSL_EVP_CIPHER_CTX_ctrl() SM GCM/CCM type 2023-11-17 07:56:56 -08:00
gojimmypi 4c6c2942b1 Fix evp SM cipherType 2023-11-16 13:38:39 -08:00
Sean Parkinson 54f2d56300 ssl.c: Move out crypto compat APIs
ssl_crypto.c contains OpenSSL compatibility APIS for:
 - MD4, MD5, SHA/SHA-1, SHA2, SHA3
 - HMAC, CMAC
 - DES, DES3, AES, RC4
API implementations reworked.
Tests added for coverage.
TODOs for future enhancements.
2023-11-08 19:43:18 +10:00
Juliusz Sosinowicz 8cd6cd175d EVP_EncodeBlock should not append a newline 2023-10-20 13:20:11 +02:00
Daniel Pouzzner f6f8d2eda3 add WC_DO_NOTHING macro to wolfssl/wolfcrypt/types.h, with default expansion "do {} while (0)", and globally refactor to use the macro where appropriate, annotating intended-null macros-with-args with "/* null expansion */";
tweak several #includes of settings.h to include types.h instead (all of these are for clarity, as types.h is indirectly included by later #includes), and add #include <wolfssl/wolfcrypt/types.h> where missing;

remove trailing semicolons from PRAGMA*() macro invocations as they are unneeded and can be harmful (inducing frivolous -Wdeclaration-after-statement etc.).
2023-07-14 09:50:01 -05:00
JacobBarthelmeh 11d26797d2 Merge pull request #6601 from SparkiDev/type_conversion_fixes_2
Type conversion fixes: make explicit
2023-07-13 13:33:58 -06:00
Sean Parkinson 2c9609039d Type conversion fixes: make explicit
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
Sean Parkinson 96f745af6f EVP SM3: fix cast
wc_Sm3Update takes a word32 for the size.
Others cases are using the OpenSSL compatibility API but SM3 APIs don't
exist in OpenSSL.
2023-07-12 08:05:03 +10:00
Andras Fekete 266307da6c Add in ARIA wrappers
Address PR comments + other cleanup


Addressing PR comments


Minor change


Make sure the last line gets output as well


Add in ARIA SHA256 session to internal structure


Add in ARIA SHA384 session to internal structure


Add necessary function for ARIA to extract key


Fix unit tests


Rename HAVE_ARIAGCM to HAVE_ARIA


Move aria.* to wolfcrypt/port/aria


Separate out aria-crypt init functions


Adding in ECC+SHA callbacks


Avoid using AC_CHECK_FILE


Rename Aria to wc_Aria


Don't need special cases


Addressing PR comments


Code cleanup


C89 support


Remove TODO


Add documentation about buffer size


Clean up header files


Use ARIA_DEVID by default if available


Dummy update call to make MagicCrypto happy


Fix for detecting what algo type to use


Documentation


Use the appropriate sign/verify


Collect MagicCrypto functions together (and avoid leaks)


Fall back on other implementations on failure


Fix issue when compiling without CRYPTOCB


Addressing PR comments


Better cleanup


Addressing PR comments


Cleaner exit in case of error
2023-07-06 16:09:23 -04:00
Sean Parkinson e2424e6744 SM2/SM3/SM4: Chinese cipher support
Add support for:
 - SM2 elliptic curve and SM2 sign/verify
 - SM3 digest
 - SM4 cipher with modes ECB/CBC/CTR/GCM/CCM

Add APIs for SM3 and SM4.
Add SM2 sign and verify APIs.
Add support for SM3 in wc_Hash and wc_Hmac API.
Add support for SM3 and SM4 through EVP layer.
Add support for SM2-SM3 certificates. Support key ID and name hash being
with SHA-1/256 or SM3.
Add support for TLS 1.3 cipher suites: TLS-SM4-GCM-SM3, TLS-SM4-CCM-SM3
Add support for TLS 1.2 SM cipher suite: ECDHE-ECDSA-SM4-CBC-SM3
Add support for SM3 in wc_PRF_TLS.
Add SM2-SM3 certificates and keys. Generated with GmSSL-3.0.0 and
OpenSSL.
2023-07-04 13:36:28 +10:00
Sean Parkinson e467112a93 Test api.c: change more tests to use Expect instead of Assert
Changed EXPECT_DECL to start of as TEST_SKIPPED.
Modified other EXPECT macros appropriately.
Change test functions to not use 'res' when EXPECT_DECL is used.

memory.c:
  wc_MemFailCount_Init(): don't declare variable after a statement

conf.c:
wolfSSL_TXT_DB_read(): free the whole WOLFSSL_TXT_DB on failure
instead of just the memory
wolfSSL_CONF_add_string(): pop the value added into section->value
(sk) if it can't be pushed onto conf->data
  wolfSSL_NCONF_load(): free the new value if it wasn't able to be added

ocsp.c:
  wolfSSL_OCSP_cert_to_id():
free the decoded certificate if parsing failed (is freed after use
otherwise)
free the certificate id on failure and make it NULL and continue
freeing other variables

pk.c:
wolfSSL_RSA_set0_crt_params(): set dmp1, dmq1 and iqmp fields to NULL
if setting the internal failed - returns error and caller needs to free
the passed in BNs
wolfSSL_RSA_set0_factors(): set p and q fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs
wolfSSL_RSA_set0_key(): set n, e abd d fields to NULL if setting the
internal failed - returns error and caller needs to free the passed in
BNs

x509.c:
wolfSSL_X509_set_serialNumber(): explicit NULL
checkwolfSSL_X509_REQ_add1_attr_by_NID(): check whether push succeeded
and on failure free attribute

asn.c:
ConfirmSignature(): for DSA, allocate separately to ensure no leak on
memory allocation failure.

dh.c:
wc_DhGenerateParams(): ensure tmp and tmp2 are able to be cleared on
error

evp.c:
wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(): fix realloc use to no leak on
failure
  wolfSSL_EVP_CIPHER_CTX_iv_length(): handle ctx being NULL.
2023-06-22 08:21:17 +10:00
JacobBarthelmeh ef955c620f refactor evp.c to group all MD digest functions togther 2023-05-01 13:23:48 -07:00
JacobBarthelmeh dc8f348bdf smaller sized build with curl 2023-04-19 15:12:15 -07:00
JacobBarthelmeh 9a0934161d fix for wpas build with x509 small 2023-04-13 10:38:12 -07:00
Sean Parkinson 8851065848 cppcheck fixes
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
David Garske 22a5a5c45e Add introspection for math build and math cleanups:
* Add introspection for math build.
* Raise build error if more than one multi-precision math library used.
* Fix ESP32 to support using any multi-precision math option.
* Refactor math headers to use `wolfmath.h`
* Refactor of the opaque math variable type `MATH_INT_T` used by crypto hardware (QuickAssist, SE050, ESP32 and STM32).
* Cleanups for building with `WOLFCRYPT_ONLY` and `NO_BIG_INT`.
* Stop forcing use of fast math by default for platforms in settings.h. Note: For users that still want to use fast math (tfm.c) they will need to add USE_FAST_MATH to their build settings.

Applies To:
```
WOLFSSL_ESPWROOM32
WOLFSSL_ESPWROOM32SE
MICROCHIP_PIC32
WOLFSSL_PICOTCP_DEMO
WOLFSSL_UTASKER
WOLFSSL_NRF5x
FREERTOS_TCP
WOLFSSL_TIRTOS
EBSNET
FREESCALE_COMMON
FREESCALE_KSDK_BM
WOLFSSL_DEOS
MICRIUM
WOLFSSL_SGX
```
2023-03-30 14:42:55 -07:00
Lealem Amedie 047db19956 Disable SHA512/224 & SHA512/256 on QAT 2023-03-29 10:17:06 -06:00
JacobBarthelmeh 72e53ca1a4 handle failing RNG init when creating PKEY 2023-03-20 07:17:25 -07:00
David Garske fc6d693dae Update logging enter, exit, msg to match function names. Fix some typos and improper use of "enter". Fix internal uses of SSL_SUCCESS and SSL_FAILURE. Add WOLFSSL_DEBUG_NONBLOCK option to allow printing iterations without debug enabled. 2023-02-21 12:02:15 -08:00
Sean Parkinson f6da3a26ac Ref counting: rework for static analysers
When always reference counting APIs always return 0 don't check return
value for error.
Reference decrement set isZero to false on error.
2023-02-03 10:13:32 +10:00
Daniel Pouzzner a8a61fe6b7 evp.c: fix gating in wolfSSL_EVP_CIPHER_CTX_cleanup() to avoid switch-unreachable; also fix indentation. 2023-02-01 01:29:36 -06:00
Daniel Pouzzner 38c057a084 fix resource leak (missing calls to wc_AesFree()) in wolfSSL_EVP_CIPHER_CTX_cleanup();
fix file descriptor leaks in AF_ALG code, and fix return codes (WC_AFALG_SOCK_E, not -1) in afalg_aes.c;

fixes for sanitizer-detected forbidden null pointer args in AfalgHashUpdate() and AfalgHashCopy();

fixes for resource leaks in api.c test_wolfSSL_AES_cbc_encrypt() (missing wc_AesFree()s);

fixes for resource leaks in test.c openssl_test() (missing wolfSSL_EVP_CIPHER_CTX_cleanup());

also some local fixes for bugprone-signed-char-misuse, readability-redundant-preprocessor, and clang-diagnostic-strict-prototypes, in src/pk.c and src/ssl.c.
2023-02-01 00:49:34 -06:00
Sean Parkinson 53dfcd00e2 Ref count: change to use wolfSSL_Ref
Data structures changed:
WOLFSSL_CERT_MANAGER, WOLFSSL_CTX, WOLFSSL_SESSION, WOLFSSL_X509,
WOLFSSL_X509, WOLFSSL_EVP_PKEY, WOLFSSL_BIO, WOLFSSL_X509_STORE
2023-01-23 16:29:12 +10:00
David Garske 41c35b1249 Fix line length and whitespace issues. Fix macro argument missing parentheses. 2023-01-18 11:10:19 -08:00
jordan 4c35a22e0a Cleanup input checks. 2023-01-14 23:04:29 -06:00
jordan 4f4819bd19 EVP_EncryptUpdate should update outl on empty input 2023-01-13 11:32:15 -06:00
John Safranek 86aa3cc836 Merge pull request #5942 from bandi13/evpaesccm
Evpaesccm
2023-01-06 11:25:37 -08:00
Andras Fekete 8436f82540 Adding in @ejohnstown's suggested patch for line lengths 2023-01-06 12:23:30 -05:00
Andras Fekete 124c04b01a A bit more consistent naming for structure variables 2023-01-04 21:04:58 -05:00
Andras Fekete 25ce553e8f Shorten some line lengths 2023-01-04 20:32:04 -05:00
Andras Fekete 51f3386d60 Shorten variable names 2023-01-04 20:29:14 -05:00
Andras Fekete af2c5cf18b Remove the existence of WOLFSSL_AESCCM_STREAM 2023-01-04 14:17:36 -05:00
Andras Fekete 0ec0c05eda Change variable names to protect the innocent 2023-01-04 10:23:42 -05:00
Andras Fekete c21f5f3757 Fix unused variable error 2023-01-04 09:48:28 -05:00
Andras Fekete 914d3114de Addressing PR comments
TODO should not have been in the changes
indentation of #ifdef moved in line with the 'if' conditional
2023-01-03 14:55:07 -05:00
Andras Fekete dc6ffc790d Need declaration of 'tmp' variable 2023-01-02 14:36:50 -05:00
Andras Fekete ec9697999e Use minimum size for NONCE 2023-01-02 08:51:13 -05:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Andras Fekete df3c11ad82 Don't define a new default NONCE size, instead use existing MAX 2022-12-30 16:02:30 -05:00
Andras Fekete 1192d41f0e First successful implementation of EVP_aes_*_ccm 2022-12-29 17:02:43 -05:00
Stefan Eissing e5cfd96609 QUIC API support in OpenSSL compat layer, as needed by HAProxy integration.
- adding patch for HAProxy, see dod/QUIC.md, based on current master.
      For documentaton purposes, since HAProxy does not accept PRs. To be
      removed once forwarded to the project.
2022-12-01 10:12:35 +01:00
Eric Blankenhorn 4b30f47e9b Fix casts in evp.c and build issue in ParseCRL 2022-11-08 10:59:18 -06:00
Juliusz Sosinowicz 2ae815e2ee Use WOLFSSL_ERROR_MSG for error logs 2022-10-25 13:13:44 +02:00
Juliusz Sosinowicz 3339443260 Change NID_* from enum to #define 2022-10-20 17:07:32 +02:00
Lealem Amedie e77c3849a0 Fix for evp key leak in unit tests 2022-09-30 16:02:07 -07:00
David Garske 606f58a851 Spelling and whitespace cleanups. 2022-09-23 13:58:58 -07:00
JacobBarthelmeh 2bf583aa57 Merge pull request #5526 from miyazakh/qt_jenkins_fix
Fix qt nightly test failure
2022-09-21 09:38:45 -06:00
David Garske 90c9363af8 Merge pull request #5538 from satoshiyamaguchi/trial5
Add wolfSSL_EVP_PKEY_new_CMAC_key to OpenSSL compatible API
2022-09-20 13:01:52 -07:00
Satoshi Yamaguchi c6ea68a118 Fix two not freed WOLFSSL_CMAC_CTX. 2022-09-20 23:10:22 +09:00
Hideki Miyazaki 001592a8a3 fix qt nightly test 2022-09-18 13:56:55 +09:00