Commit Graph

124 Commits

Author SHA1 Message Date
gojimmypi e40eb3c774 Update Arduino examples; add wolfcrypt breadcrumbs. 2024-03-06 15:13:37 -08:00
Daniel Pouzzner dfbde4514b global refactor of static mutex initialization to use WOLFSSL_MUTEX_INITIALIZER, and adjustment of WOLFSSL_MUTEX_INITIALIZER macro to take an argument, for Linux kernel compatibility. 2024-02-29 02:11:32 -06:00
JacobBarthelmeh 12ee732fe2 Merge pull request #6981 from douzzer/20231102-vector-register-dynamic-fallback-aes
20231102-vector-register-dynamic-fallback-aes
2023-11-28 13:15:02 -07:00
Kareem ca61034d22 Add memcached support.
memcached support: add required functions/defines.

Fix running unit test when defining DEBUG_WOLFSSL_VERBOSE without OPENSSL_EXTRA.

Break out session_id_context APIs into separate option WOLFSSL_SESSION_ID_CTX, so they can be used without OPENSSL_EXTRA.

Make wolfSSL_ERR_get_error and wolfSSL_CTX_set_mode available for memcached.

Add --enable-memcached.

Include required defines for memcached.

Revert unit test fix, no longer needed.

Add Github actions test for memcached.  Stop defining DEBUG_WOLFSSL_VERBOSE for memcached.

Add auto retry to writes.

Memcached CI: correct libevent package name.

Memcached CI: Add pkgconfig path for Github CI wolfSSL prefix.

memcached: Fix WOLFSSL_OP_NO_RENEGOTIATION going outside of int bounds, add LD_LIBRARY_PATH for memcached CI test.

memcached CI: Use correct path for wolfSSL

memcached: Add required perl dependency for SSL tests

memcached: Update to 1.6.22

memcached: actually test tls

memcached: Update wolfSSL_SSL_in_before to be side agnostic.
2023-11-20 10:10:34 -07:00
Daniel Pouzzner a10260ca5f refactor AESNI implementations and *VECTOR_REGISTERS* macros to allow dynamic as-needed fallback to pure C, via WC_AES_C_DYNAMIC_FALLBACK.
wolfssl/wolfcrypt/aes.h: add key_C_fallback[] to struct Aes, and remove comment that "AESNI needs key first, rounds 2nd, not sure why yet" now that AES_128_Key_Expansion_AESNI no longer writes rounds after the expanded key.

wolfcrypt/src/aes.c:
* add _AESNI or _aesni suffixes/infixes to AESNI implementations that were missing them: AES_CBC_encrypt(), AES_CBC_decrypt_by*(), AES_ECB_encrypt(), AES_*_Key_Expansion(), AES_set_encrypt_key(), AES_set_decrypt_key(), AES_GCM_encrypt(), AES_GCM_decrypt(), AES_XTS_encrypt(), and AES_XTS_decrypt().
* move key size check from to start of wc_AesSetKeyLocal().
* refactor pure-C AES setkey and cipher implementations to use aes->key_C_fallback when defined(WC_AES_C_DYNAMIC_FALLBACK).
* refactor wc_AesSetKeyLocal() to set up both AESNI and pure-C expanded keys when defined(WC_AES_C_DYNAMIC_FALLBACK).
* refactor all (haveAESNI && aes->use_aesni) conditions to just (aes->use_aesni).
* add macros VECTOR_REGISTERS_PUSH and VECTOR_REGISTERS_POP, which do nothing but push a brace level when !defined(WC_AES_C_DYNAMIC_FALLBACK), but when defined(WC_AES_C_DYNAMIC_FALLBACK), they call SAVE_VECTOR_REGISTERS2() and on failure, temporarily clear aes->use_aesni and restore at _POP().
* refactor all invocations of SAVE_VECTOR_REGISTERS() and RESTORE_VECTOR_REGISTERS() to VECTOR_REGISTERS_PUSH and VECTOR_REGISTERS_POP, except in wc_AesSetKeyLocal(), wc_AesXtsEncrypt(), and wc_AesXtsDecrypt(), which are refactored to use SAVE_VECTOR_REGISTERS2(), with graceful failure concealment if defined(WC_AES_C_DYNAMIC_FALLBACK).
* orthogonalize cleanup code in wc_AesCbcEncrypt(),  wc_AesCcmEncrypt() and wc_AesCcmDecrypt().
* streamline fallthrough software definitions of wc_AesEncryptDirect() and wc_AesDecryptDirect(), and remove special-casing for defined(WOLFSSL_LINUXKM)&&defined(WOLFSSL_AESNI).

wolfcrypt/src/aes_asm.{S,asm}:
* remove errant "movl $10, 240(%rsi)" from AES_128_Key_Expansion_AESNI.
* add _AESNI suffixes/infixes to implementations that needed them.

wolfcrypt/src/{aes_gcm_asm.{S,asm},aes_xts_asm.S}: regenerate from revisions in scripts#357 -- adds _aesni suffixes to implementations that were missing them.

wolfssl/wolfcrypt/types.h: remove DEBUG_VECTOR_REGISTER_ACCESS macros, and add dummy fallthrough definitions for SAVE_VECTOR_REGISTERS2 and WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL.

wolfssl/wolfcrypt/memory.h: adopt DEBUG_VECTOR_REGISTER_ACCESS code from types.h, and add definitions for WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL and WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL.

linuxkm/linuxkm_wc_port.h: add arch-specific macro definitions for SAVE_VECTOR_REGISTERS2().

wolfcrypt/benchmark/benchmark.c: add missing gates around calls to RESTORE_VECTOR_REGISTERS().

configure.ac:
* cover various interdependencies in enable-all/enable-all-crypto, for better behavior in combination with --disable-aesgcm, --disable-ecc, --disable-ocsp, --disable-hmac, --disable-chacha, --disable-ed25519, and --disable-ed448.
* inhibit aesgcm_stream in enable-all/enable-all-crypto when ENABLED_LINUXKM_DEFAULTS, because it is currently incompatible with WC_AES_C_DYNAMIC_FALLBACK.
* add -DWC_AES_C_DYNAMIC_FALLBACK when ENABLED_LINUXKM_DEFAULTS.
* add 3 new interdependency checks: "ECCSI requires ECC.", "SAKKE requires ECC.", "WOLFSSH requires HMAC."

wolfcrypt/src/asn.c: tweak gating to accommodate defined(NO_RSA) && !defined(HAVE_ECC).

wolfcrypt/src/evp.c: tweak gating to accommodate defined(NO_HMAC).

wolfcrypt/src/logging.c: remove DEBUG_VECTOR_REGISTER_ACCESS code (moved to memory.c).

wolfcrypt/src/memory.c: change #include of settings.h to types.h; adopt DEBUG_VECTOR_REGISTER_ACCESS code from logging.c; add implementation of SAVE_VECTOR_REGISTERS2_fuzzer().

wolfcrypt/src/pwdbased.c: add explanatory #error scrypt requires HMAC.

wolfcrypt/test/test.c:
* add DEBUG_VECTOR_REGISTER_ACCESS clauses to aes_xts_128_test(), aesecb_test(), aesctr_test(), aes_test() CBC section, aes256_test() CBC section, and aesgcm_default_test_helper()
* remove duplicate wc_AesEcbDecrypt() in aesecb_test().
* add gating for pbkdf2_test().
* fix cleanup code in dsa_test().
* fix gating in pkcs7authenveloped_run_vectors() to accommodate !defined(HAVE_AESGCM).
* fix gating in cryptocb_test() to accommodate defined(NO_HMAC).

wolfssl/wolfcrypt/cryptocb.h: remove gates around "pk" sub-struct of struct wc_CryptoInfo -- wc_CryptoInfo.pk.type (an int) is used unconditionally when --enable-debug, and is used with DH.

wolfssl/wolfcrypt/error-crypt.h: fix whitespace.
2023-11-17 01:15:28 -06:00
Juliusz Sosinowicz 158402ab03 Add logging prefixes to api.c client and server 2023-08-03 11:31:47 +02:00
JacobBarthelmeh 1285ae7816 Merge pull request #6506 from DimitriPapadopoulos/codespell
Fix typos found by codespell
2023-07-24 10:34:29 -06:00
Sean Parkinson 2c9609039d Type conversion fixes: make explicit
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
Juliusz Sosinowicz 7af1f0cf05 Add additional windows logging for DoMonitor 2023-07-04 14:12:38 +02:00
Dimitri Papadopoulos 50752f5a2b Fix typos found by codespell 2023-07-04 07:21:27 +02:00
Kareem f6cdcfcf9f Fix wc_PeekErrorNodeLineData not unlocking error queue on error. 2023-04-28 16:35:49 -07:00
Sean Parkinson 8851065848 cppcheck fixes
Fix checking of negative with unsigned variables.
Check digestSz for 0 in wc_SSH_KDF() so that no possibility of dividing
by zero.
Change XMEMCPY to XMEMSET in renesas_sce_util.c.
Fix test.c to free prvTmp and pubTmp on read error.
Remove unused variables.
XFREE checks for NULL so don't check before call.
Move variable declarations to reduce scope.
2023-04-03 16:59:58 +10:00
Eric Blankenhorn 7c918255b9 Fix type conv error in logging 2023-03-15 07:46:22 -05:00
Jacob Barthelmeh 9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
David Garske 793bd6620b Fix unicode char in logging.c. 2022-12-09 10:36:35 -08:00
Stefan Eissing 02094ebb2e Updates after review by JacobBarthelmeh.
- fix err/ret rename leftover for python builds
- add documenetation to thread-local functions
- move generic queue functions up
2022-12-08 09:53:05 +01:00
Stefan Eissing 45f9ef5dd9 Improvements in OpenSSL Compat ERR Queue handling.
Configuration
- thread-local storaoge is selected when available
- '--enable-error-queue-per-thread' and '--disable-error-queue-per-thread' can
  be used as before to explicitly en-/disable the feature.

Implementation:
- with thread-local-storage, error queue is realized in one struct without
  allocations. Queue size is restricted to 16 entries (per thread), which
  is the same limit in OpenSSL 1.1.x.
- without thread-local-storage, all error queue operations are mutex locked
- wc_PeekErrorNodeLineData() and wc_GetErrorNodeErr() added for use by SSL
  functions to allow locked queue iterations/manipulations.
2022-12-07 18:14:45 +01:00
Daniel Pouzzner 466b625b5d wolfcrypt/src/logging.c: add missing void arg list to definition of wc_GetCurrentIdx(). 2022-11-24 09:32:58 -06:00
Jacob Barthelmeh b6ae17804a update comments and check error case 2022-11-22 11:22:38 -07:00
JacobBarthelmeh 143dac64a3 account for 'pulled' error nodes 2022-11-17 14:51:37 -08:00
David Garske f9506dc05a Add small stack to DoClientHello Suites (360 bytes). Add small stack for DRBG health test. Refactor of the small stack into its own header, to allow easier use in other files. Minor build fixes. 2022-09-30 14:06:31 -07:00
Jacob Barthelmeh 8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
Daniel Pouzzner ccc5952369 global fixup to check or explicitly ignore return values from failable library/system calls that weren't already being checked;
add wolfCrypt error codes IO_FAILED_E "Input/output failure" and SYSLIB_FAILED_E "System/library call failed";

tests/api.c and tests/unit.c: flush stdout for error message in Fail() macro, add fflush(stdout) after printf()s, print success message at end of unit_test(), and send several error messages to stderr instead of stdout;

wolfcrypt/test/test.c: add fallthrough macro definition of printf() that pairs it with fflush(stdout);

unit.h: in definition of macro AssertPtr(), add PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");

sp_int.c: refactor several lingering instances of "if (0) { ... }" code pattern to #if 0 ... #endif.
2022-07-11 22:28:09 -05:00
Chris Conlon 063e757f6b Merge pull request #5121 from miyazakh/sce_example_update2 2022-05-09 14:15:13 -06:00
Hideki Miyazaki 75d90aaf2f update key data and add fixes
Fix Aes gcm memory curruption

  - fix delta size calculation
  - add logging SEGGER printf for RA6M4
  - update client example

Added test cases

 - Fixed aes buffer overflow
 - Fixed usable
 - Fixed sce - no-sce use case
 - Add logging SEGGER printf for RA6M4
2022-05-07 10:43:43 +09:00
Juliusz Sosinowicz 7e9896d162 Only clear session when we didn't complete a handshake
- Allow overriding buffer size with `WOLFSSL_MSG_EX_BUF_SZ`
- Allow disabling `WOLFSSL_MSG_EX` by defining `NO_WOLFSSL_MSG_EX`
2022-05-06 12:35:49 +02:00
Juliusz Sosinowicz 4013f83e4f Add some missing logs and implement WOLFSSL_MSG_EX()
WOLFSSL_MSG_EX() uses XVSNPRINTF to allow for formatted strings to be printed. It uses a 100 byte internal stack buffer to format the log message.
2022-04-25 15:59:07 +02:00
Daniel Pouzzner 67de528d91 wolfcrypt/src/logging.c: fixes for cppcheck complaints: invalidPrintfArgType_sint 2022-01-08 00:30:32 -06:00
David Garske ab9eda636a Merge pull request #4671 from lealem47/remove-n
Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER
2021-12-17 14:04:42 -08:00
Lealem Amedie a79440b95a Removing extra \n from WOLFSSL_LEAVE and WOLFSSL_ENTER 2021-12-16 13:30:43 -07:00
Juliusz Sosinowicz 017d6cf464 Simplify error queue macros 2021-12-16 12:39:58 +01:00
Daniel Pouzzner 85a8c06062 linuxkm: add DEBUG_VECTOR_REGISTER_ACCESS (debug feature switch), ASSERT_SAVED_VECTOR_REGISTERS, and ASSERT_RESTORED_VECTOR_REGISTERS macros, and move the fallback no-op definitions of the SAVE_VECTOR_REGISTERS and RESTORE_VECTOR_REGISTERS to types.h. also fixed several ASCII TAB characters in types.h. 2021-10-26 20:24:28 -05:00
Jacob Barthelmeh 34c9367cbe refactor location of error queue count and consolidate no error queue macro 2021-10-06 11:55:40 -06:00
Jacob Barthelmeh 40ac1c4dd2 remove error queue from JNI build and put a default max on error queue size 2021-10-04 11:45:18 -06:00
Elms 5c01613acb Add GCC extension to bypass select -pedantic warnings
Add wrapper macro for `__extension__` to suppress pedantic warnings
2021-06-07 15:38:15 -07:00
toddouska 3ac03d3d66 Merge pull request #3805 from JacobBarthelmeh/copyright
update copyright date to 2021
2021-03-15 16:16:50 -07:00
Sean Parkinson a55e94cf6f ECCSI and SAKKE: add support
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
2021-03-12 09:31:22 +10:00
Jacob Barthelmeh c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
Juliusz Sosinowicz b8f841599c Add --enable-error-queue-per-thread 2021-02-16 16:08:13 +01:00
kaleb-himes 4c171524dd Address missed CloseSocket item and revert some white space changes 2021-02-10 09:14:54 -07:00
kaleb-himes 6d23728a56 Fusion RTOS porting round 3 2021-02-09 15:33:06 -07:00
Daniel Pouzzner 7d177e78d7 don't include wolfssl/options.h in logging.c, use AM_CFLAGS (not wolfssl/options.h) to communicate HAVE_WC_INTROSPECTION to the compiler, and use config.h (not wolfssl/options.h) to communicate LIBWOLFSSL_CONFIGURE_ARGS and LIBWOLFSSL_GLOBAL_CFLAGS to the compiler (for logging.c). 2020-10-28 17:28:05 -05:00
Daniel Pouzzner fda84576b0 name the new introspection routines wolfSSL_configure_args() and wolfSSL_global_cflags() for consistency, and move the prototypes to logging.h. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner a5d96721ac wolfcrypt/src: remove wc_debug.c and move its contents to logging.c. 2020-10-28 17:28:05 -05:00
Daniel Pouzzner dd825d90c4 more LKM WIP: polish up the struct DRBG refactor ("struct DRBG_internal"), tweaks for buildability on 3.x kernels (now builds on 3.x, 4.x, and 5.x up to 5.8.1), move a slew of #[un]def[ines] from wc_port.h to settings.h where they belong, misc cleanup. 2020-09-23 18:32:15 -05:00
David Garske 6425ebb60e Linux Kernel Module support using "--enable-linuxkm". 2020-09-23 18:32:15 -05:00
David Garske 0ae9adcfd9 Add Xilinx SDK printf support. 2020-09-18 09:16:31 -07:00
Eric Blankenhorn 95f973a5be Adding test and dox for ERR_print_errors_cb 2020-02-20 17:28:34 -06:00
Eric Blankenhorn 936312f77e Adding ERR_print_errors_cb 2020-02-20 17:28:33 -06:00
Juliusz Sosinowicz ae948e2a07 Pass try-ciphers
define EVP_CIPHER_CTX_set_iv as wolfSSL_EVP_CIPHER_CTX_set_iv
add wolfSSL_GetLoggingCb functionality when compiling without enable-debug
fix initialization vector handling of all cipher modes when using our EVP layer. The IV was incorrectly handled in initialization as well as not being updated after processing
2020-02-18 21:37:06 +01:00