Commit Graph

8137 Commits

Author SHA1 Message Date
philljj 2abbab2fd8 Merge pull request #8082 from SparkiDev/bn_bin2bn_fix
BN API: fix BN_bin2bn to handle NULL data properly
2024-10-16 12:00:41 -04:00
Sean Parkinson 64a9e6f7c4 BN API: fix BN_bin2bn to handle NULL data properly
BN_bin2bn was freeing the BN and returning it.
Added test for this.
2024-10-16 14:08:55 +10:00
Daniel Pouzzner cd8d158964 Merge pull request #8073 from philljj/fix_infer_issues
infer: fix dead store, and uninitialized value errors.
2024-10-15 15:42:48 -05:00
Daniel Pouzzner c7146640f9 Merge pull request #8055 from rizlik/ocsp-cb-ret-propagate
ocsp: propagate ocsp cb return error
2024-10-15 15:38:09 -05:00
Daniel Pouzzner 3e1f365e75 Merge pull request #8064 from SparkiDev/regression_fixes_14
Regression test fixes
2024-10-15 11:47:37 -05:00
Marco Oliverio 724fdae7d7 ocsp: propagate ocsp cb return error 2024-10-15 10:03:15 +00:00
jordan e3c2c650aa infer: fix dead store, and uninitialized value errors. 2024-10-14 22:45:17 -05:00
Daniel Pouzzner dfd8ead95e Merge pull request #8050 from philljj/fix_acert_defines
Fix acert defines, add more tests, cleanup.
2024-10-11 16:22:34 -05:00
Daniel Pouzzner f8da04d8b0 Merge pull request #7766 from miyazakh/zd18141_tls13_ocsp
Add OCSP response for intermediate cert into Certificate extension on TLS1.3
2024-10-11 15:49:19 -05:00
Sean Parkinson 5f1ddadf71 Regression test fixes
Fix unit tests to not compile when NO_RSA is defined and RSA used.
test_wc_PKCS7_EncodeSignedData: only RSA supported with streaming.
test_wolfSSL_RSA when SP math and SP: CRT parameters required.
test_wolfSSL_OCSP_REQ_CTX to compile with NO_ASN_TIME.
test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS: make sure all objects freed even
on memory allocation failure.
test_wolfSSL_error_cb: don't use bio if is NULL.
test_wolfSSL_BN_enc_dec: don't free a twice on memory allocation error.
test_wc_dilithium_der: remove debug printing
test_othername_and_SID_ext: make sid_oid NULL after free to ensure no
double free on later memory allocation failure.
test_wolfSSL_RSA: don't leak when BN_dup fails.
test_wolfSSL_i2d_ASN1_TYPE: free ASN1 string whn no ASN1 type to put it
into.
test_tls13_rpk_handshake: don't leak on failure
test_dtls_client_hello_timeout_downgrade: only move memory when test is

wolfSSL_certs_clear, wolfSSL_set_SSL_CTX, SetSSL_CTX: Check return from
AllocCopyDer.
d2i_generic: make sure impBuf is only freed once.
wolfSSL_BIO_write: don't dereference front unless it is not NULL.
wolfssl_dns_entry_othername_to_gn: don't free obj twice
wolfSSL_X509_REQ_add1_attr_by_NID: don't access reqAttributes if NULL.
succeeding.
2024-10-11 11:49:01 +10:00
jordan 052cf77233 acert: fix defines, cleanup, more testing. 2024-10-08 16:11:46 -05:00
Daniel Pouzzner ce9d0e236c Merge pull request #8047 from ColtonWilley/x509_store_free_ref
Free X509 store ref on store free
2024-10-08 15:25:16 -05:00
Daniel Pouzzner e6dac68ce3 Merge pull request #7966 from cconlon/x509CheckHostLeftWildcardOnly
Add left-most wildcard matching support to X509_check_host()
2024-10-08 15:17:27 -05:00
Daniel Pouzzner 4a37947d8f Merge pull request #3166 from dgarske/csharp_wolfcrypt
wolfCrypt CSharp Wrapper
2024-10-08 14:52:40 -05:00
Chris Conlon f878220b81 add WOLFSSL_LEFT_MOST_WILDCARD_ONLY support to X509_check_host() 2024-10-08 10:38:14 -06:00
Colton Willey b4146bad18 Free X509 store ref on store free 2024-10-07 13:09:47 -07:00
David Garske bf29b68600 Merge pull request #8045 from rizlik/sniffer-fix
sniffer: set ssl->curSize before invoking Do* routines
2024-10-07 07:38:27 -07:00
Marco Oliverio 92faa915e4 sniffer: set ssl->curSize before invoking Do* routines
commit 99a99e3d6e changes DoApplication to
use ssl->curSize as the size of the current decrypted record. Fix
sniffer code to set this value.
2024-10-07 08:56:35 +00:00
Aidan Garske e10c943bf3 wolfCrypt CSharp Wrapper:
* Adds RNG, ECC(ECIES and ECDHE), RSA, ED25519/Curve25519, AES-GCM, and Hashing to the CSharp wrapper.
* Adds GitHub action for building the CSharp wrapper solution and running wolfCrypt test and a TLS server/client example.
* Adds "new" API's for wolfCrypt for platforms that cannot tolerate the structs directly.
* Fixes for several scan-build warnings.
2024-10-05 11:44:58 -07:00
Hideki Miyazaki 5105082a1f addressed review comments 2024-10-05 15:25:34 +09:00
Juliusz Sosinowicz 16dc67f421 SendTls13Certificate: set variables directly instead of incrementing 2024-10-05 15:25:32 +09:00
Juliusz Sosinowicz 29e27889ee TLSX_CSR_InitRequest_ex: decrement csr->requests when reusing 2024-10-05 15:25:08 +09:00
Hideki Miyazaki dab764a08e fix pr test 2024-10-05 15:25:08 +09:00
Hideki Miyazaki 69e390f8b9 works OCSP Stapling with TLS1.3 like OCSPv2Multi 2024-10-05 15:25:03 +09:00
Daniel Pouzzner e944967731 wolfssl/wolfcrypt/types.h: add WC_NO_STATIC_ASSERT path, and add C89-compatible live fallback definition for wc_static_assert().
wolfssl/internal.h: refactor WOLFSSL_ASSERT_EQ() and WOLFSSL_ASSERT_SIZEOF_GE() to use wc_static_assert(), and drop unused WOLFSSL_ASSERT_TEST() and WOLFSSL_ASSERT_SIZEOF_TEST().

src/ssl_crypto.c and wolfcrypt/src/evp.c: refactor ad hoc asserts in wolfSSL_DES_ecb_encrypt(), wolfSSL_CRYPTO_cts128_decrypt(), and wolfSSL_EVP_DigestInit(), to use wc_static_assert().
2024-10-04 21:11:25 -05:00
Daniel Pouzzner a25c0244a7 wolfssl/wolfcrypt/types.h: refactor static_assert*() as wc_static_assert*() to avoid conflicts with target-native static_assert(), and add additional coverage for C23 and MSVC C11.
wolfcrypt/test/test.c: in render_error_message(), in tests for strerror_r(), test for __USE_GNU.
2024-10-04 16:41:33 -05:00
Sean Parkinson f7afc47d98 Kyber ARM32 ASM: add assembly using base instructions
Support ARMv4 up to ARMv8.
Base instructions only - faster implemenation will use NEON.
2024-10-04 11:06:18 +10:00
David Garske afe5209427 Merge pull request #7706 from SparkiDev/kyber_thumb2_asm
Kyber ASM ARMv7E-M/ARMv7-M: added assembly code
2024-10-03 10:56:42 -07:00
Sean Parkinson d2047986d9 Kyber ASM ARMv7E-M/ARMv7-M: added assembly code
Improved performance by reworking kyber_ntt, kyber_invtt,
kyber_basemul_mont, kyber_basemul_mont_add, kyber_rej_uniform_c to be
in assembly.
Replace WOLFSSL_SP_NO_UMAAL with WOLFSSL_ARM_ARCH_7M
2024-10-03 18:11:31 +10:00
Daniel Pouzzner b81cc50a70 src/internal.c: in ProcessReplyEx() in the verifyMessage case, refactor some gating/conditionalization around ATOMIC_USER, HAVE_ENCRYPT_THEN_MAC, atomicUser, and ssl->options.startedETMRead, to avoid "Logical disjunction always evaluates to true" from cppcheck incorrectLogicOperator (via multi-test cppcheck-force-source) (warned code introduced by 99a99e3d6e). 2024-10-02 19:19:39 -05:00
Reda Chouk ea852c1c67 missing argument 2024-10-02 17:21:50 +02:00
Reda Chouk 10f0885d88 Merge branch 'master' into fix-conversion 2024-10-02 17:14:06 +02:00
jordan 1690ad7366 acert: correct XFREE call. 2024-10-01 21:57:53 -04:00
Sean Parkinson ac788ec40d Merge pull request #7995 from julek-wolfssl/dtls12-cid
Implement DTLS 1.2 Connection ID (CID)
2024-10-02 09:00:59 +10:00
Daniel Pouzzner a04871f153 examples/pem/pem.c: fix double-free introduced in 65853a41b9;
configure.ac and src/include.am: add ENABLED_ARM_THUMB, BUILD_ARM_THUMB, BUILD_ARM_NONTHUMB, ENABLED_ARM_64, BUILD_ARM_64, ENABLED_ARM_32. and BUILD_ARM_32, and use them to gate building of ARM asm files, to fix "ISO C forbids an empty translation unit" warnings (the warning only affects inline asm files, but the gating is deployed more widely).
2024-10-01 16:03:37 -05:00
Reda Chouk 666e658398 trailing spaces and overlong lines fixes 2024-10-01 16:28:31 +02:00
Sean Parkinson f15700f1f6 Merge pull request #8031 from douzzer/20240930-clang-tidy
20240930-clang-tidy
2024-10-01 22:38:18 +10:00
Marco Oliverio 7e69c2049b dtls cid: address reviewer's comments 2024-10-01 06:45:37 +00:00
Daniel Pouzzner 65853a41b9 fixes, coddling, and suppressions for clang-tidy complaints:
examples/pem/pem.c: fix stdio stream leaks.

src/ssl.c and src/ssl_load.c: suppress concurrency-mt-unsafe around getenv().  getenv() is threadsafe as long as no threads putenv() or setenv().

wolfssl/openssl/asn1.h: add parentheses to fix bugprone-macro-parentheses in ASN1_EX_TEMPLATE_TYPE(), and suppress misfiring bugprone-macro-parentheses around IMPLEMENT_ASN1_FUNCTIONS().
2024-09-30 23:19:49 -05:00
JacobBarthelmeh 984dd9146f Merge pull request #8005 from ColtonWilley/copy_key_option
New option to always copy over key to SSL object
2024-09-30 14:20:07 -06:00
David Garske 47add7e9e2 Merge pull request #8020 from SparkiDev/arm32_base_chacha20_poly1305
ARM32 ChaCha20, Poly1305: assembly code
2024-09-30 06:53:37 -07:00
Sean Parkinson e4301bc554 ARM32 generated files: fix line lengths
Generated ARM32 assembly files no longer have lines with more than 80
characters.
2024-09-30 08:50:31 +10:00
Daniel Pouzzner 794f0d8d19 src/pk.c: add missing "keySz = padded_keySz" in _DH_compute_key() ct cleanup path.
wolfcrypt/src/wc_kyber_poly.c: add SAVE_VECTOR_REGISTERS2()...RESTORE_VECTOR_REGISTERS() wrappers for AVX2 implementations.

src/bio.c and src/ssl.c: add several missing WC_NO_ERR_TRACE()s, and tweak several returns to generate error traces.
2024-09-27 00:28:45 -05:00
David Garske 2285c02f1c Merge pull request #7998 from SparkiDev/kyber_aarch64_asm
Kyber Aarch64: assembly implementations of functions
2024-09-26 11:59:06 -07:00
Sean Parkinson 2323a5cf59 ARM32 ChaCha20, Poly1305: assembly code
Add assembly code for ChaCha20 and Poly1305 on ARM32 when no NEON
available.
2024-09-26 20:24:58 +10:00
Sean Parkinson de657787cf Kyber Aarch64: assembly implementations of functions
Aarch64 assembly implementation of Kyber functions.
SHA-3 assembly implementations when not hardware crypto.
2024-09-26 09:10:05 +10:00
JacobBarthelmeh 2328a7e407 Merge pull request #8017 from philljj/misc_cleanup
misc cleanup: extra spaces, typos.
2024-09-25 11:26:31 -06:00
jordan e5109b3f41 misc cleanup: extra spaces, typos. 2024-09-25 09:51:48 -05:00
Marco Oliverio 76f71a31f1 dtls13: support either side DTLSv1_3 method 2024-09-24 16:56:02 +00:00
Colton Willey cad2bbd7a7 Add NULL checks on key copy 2024-09-23 10:18:23 -07:00