Commit Graph

16213 Commits

Author SHA1 Message Date
Daniel Pouzzner f0041852b5 aes.c: add error catching and percolation for wc_AesGetKeySize() on FREESCALE_LTC in wc_AesEncrypt(), wc_AesDecrypt(), and wc_AesCtrEncrypt(). 2022-01-24 13:34:22 -06:00
Daniel Pouzzner 5ff1d98306 AES: fix linebreaks in newly overlong lines in aes.c and aes.h; add missing return code in armv8-aes.c wc_AesDecryptDirect(); add missing RESTORE_VECTOR_REGISTERS() in software wc_AesXtsEncrypt() (all pursuant to peer review in #4785 from Sean). 2022-01-24 12:32:25 -06:00
Daniel Pouzzner 565a7b0aab aes.c: in linuxkm clause of WOLFSSL_AES_DIRECT section, gate on WOLFSSL_LINUXKM && WOLFSSL_AESNI (with no-asm falling through to the generic definition), and use wolfssl-idiomatic WARN_UNUSED_RESULT, not linux-kernel-idiomatic __must_check. (thanks to John S peer review) 2022-01-24 11:44:16 -06:00
Daniel Pouzzner a718637c6f AES: harmonize wc_Aes{Encrypt,Decrypt} and wc_Aes{Encrypt,Decrypt}Direct implementations to return int; add return values to all static void functions in aes.c that can fail; add WARN_UNUSED_RESULT to all static functions in aes.c with return values; implement missing error percolation around AES block cipher implementations; bump FIPS version for v5-ready and v5-dev to 5.3 (v5-RC12 is 5.2). 2022-01-24 11:44:16 -06:00
David Garske dee66cfe9e Merge pull request #4789 from SparkiDev/sp_invmod_oob
SP int: sp_modinv fixes for sizes
2022-01-24 09:08:08 -08:00
John Safranek 93404361ff Merge pull request #4783 from SparkiDev/mac_sha512_def
SHA-512 ASM: For Mac computers default to using SHA512 instructions
2022-01-24 09:03:08 -08:00
David Garske 44c0a5f9f8 Merge pull request #4790 from SparkiDev/decodesubtree_oobr
ParseCert: check index in DecodeSubtree before accessing tag
2022-01-24 08:36:52 -08:00
Sean Parkinson 3d63e41653 SP int: sp_modinv fixes for sizes
sp_invmod with even modulus requires a multiplication by modulus. Don't
let modulus overflow result variable 'r'.
Fix allocation of temporary sp_ints to be correct size.
Add test for maximum modulus size in test.c.

Remove leading spaces on functions so git correctly determines which
function has changed.
Put in Thumb code for more sizes of _sp_mul_*().
2022-01-24 15:18:20 +10:00
Sean Parkinson 1dd213db76 ParseCert: check index in DecodeSubtree before accessing tag 2022-01-24 12:30:48 +10:00
David Garske 198843aa34 Merge pull request #4787 from douzzer/20220121-fixits-20220118-clang-tidy
cleanup re #4772
2022-01-21 12:46:07 -08:00
Daniel Pouzzner 2955d7339e remove a debugging printf, fix whitespace/indentation, and add a comment re gethostbyname_r buffer size. 2022-01-21 13:00:22 -06:00
David Garske 7a36d57e8f Merge pull request #4784 from SparkiDev/sp_int_modinv_perf
SP int: minor improvements to sp_invmod
2022-01-21 10:30:09 -08:00
David Garske 869246609a Merge pull request #4772 from douzzer/20220118-clang-tidy
clang-tidy fixes/cleanups
2022-01-21 10:29:26 -08:00
Daniel Pouzzner 4f9d0b7ea7 fix whitespace. 2022-01-21 01:26:44 -06:00
Daniel Pouzzner bfada558bd remove extraneous build gates and fix whitespace justification in a comment (peer review re PR #4772). 2022-01-21 01:26:44 -06:00
Daniel Pouzzner 386aac9694 AES-SIV:
in configure.ac, enable SIV only if !ENABLED_FIPS or if building FIPS v5-dev;

in cmac.{c,h}, remove !HAVE_FIPS gating on ShiftAndXorRb().
2022-01-21 01:26:33 -06:00
Daniel Pouzzner 84f7d812d3 linuxkm/module_exports.c.template: include siphash.h. 2022-01-21 01:25:48 -06:00
Daniel Pouzzner 10b8f56fec wolfio.c: in wolfIO_TcpConnect(), test for usability of gethostbyname_r by (__GLIBC__ >= 2) && defined(__USE_MISC), not defined(__GNUC__). 2022-01-21 01:25:48 -06:00
Daniel Pouzzner 5e33da8147 fix whitespace. 2022-01-21 01:25:48 -06:00
Daniel Pouzzner bb07d0a490 wolfio.c: refactor wolfIO_TcpConnect(() to use gethostbyname_r() if GNUC && !SINGLE_THREADED, for thread safety. 2022-01-21 01:25:48 -06:00
Daniel Pouzzner 6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes).
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
2022-01-21 01:25:48 -06:00
Sean Parkinson b75fe633ad SP int: minor improvements to sp_invmod 2022-01-21 16:47:59 +10:00
Sean Parkinson 8a2cab8702 SHA-512 ASM: For Mac computers default to using SHA512 instructions 2022-01-21 16:40:35 +10:00
Sean Parkinson 30e9d2813e Merge pull request #4782 from haydenroche5/aes_siv_gpp
Fix AES-SIV test with g++.
2022-01-21 15:37:12 +10:00
Hayden Roche 888bd2b304 Fix AES-SIV test with g++.
The string initializers for the AES-SIV test vector fields needed an extra byte
for the null terminator expected by g++.
2022-01-20 19:22:25 -08:00
Sean Parkinson 848f5eeb0c Merge pull request #4755 from dgarske/dtls_srtp
DTLS SRTP (RFC5764) support (adds `--enable-srtp`)
2022-01-21 10:43:47 +10:00
David Garske d1a23a3285 Merge pull request #4758 from kareem-wolfssl/asioOldTls
Fix building ASIO with Old TLS disabled.
2022-01-20 10:44:41 -08:00
David Garske 427b67d51b Merge pull request #4756 from kareem-wolfssl/noBio
Fix building with OPENSSL_EXTRA and NO_BIO defined.
2022-01-20 10:41:22 -08:00
David Garske 5ea23d389c Merge pull request #4778 from haydenroche5/chrony
Add --enable-chrony configure option.
2022-01-20 08:46:00 -08:00
Marco Oliverio 40f573df72 dtls-srtp: NIT: fix EKM size in comments 2022-01-20 16:55:44 +01:00
Marco Oliverio 46c0809f5a dtls-srtp: add script to test interop with OpenSSL 2022-01-20 16:55:44 +01:00
Marco Oliverio d5aa76b161 dtsl-srtp: use PRF according to the DTLS version used
RFC 5764 sec 4.1.2
2022-01-20 16:55:30 +01:00
Marco Oliverio cdb2936244 dtls-srtp: PRF: fix correct order of client/server random in seed
see RFC 5705 Section 4
2022-01-20 16:12:04 +01:00
Marco Oliverio 231a0bbb84 dtls-srtp: no ekm cross check on single threaded/no pthread conf 2022-01-20 16:12:04 +01:00
David Garske d728a7f0e6 Merge pull request #4777 from SparkiDev/sp_modinv_even_fix
SP int: fix rework of sp_invmod
2022-01-19 20:32:48 -08:00
Hayden Roche a05b1b012f Add --enable-chrony configure option.
This turns on the necessary features for using the chrony NTP package with
wolfSSL.
2022-01-19 19:13:34 -08:00
David Garske 95efdccd7f Merge pull request #4751 from SparkiDev/sp_int_thumb_asm
SP int: ARM Thumb asm snippets
2022-01-19 18:52:02 -08:00
David Garske 609d6442b1 Merge pull request #4753 from SparkiDev/siphash
Add SipHash algorithm
2022-01-19 18:51:44 -08:00
David Garske fcce4f7a92 Merge pull request #4765 from haydenroche5/aes_siv
Add AES-SIV (RFC 5297).
2022-01-19 18:51:12 -08:00
Sean Parkinson b767857abb SP int: fix rework of sp_invmod
Simplify code and check for m mod a == 0 which means there is no
inverse.
2022-01-20 10:37:31 +10:00
Sean Parkinson a6485a228d Add SipHash algorithm 2022-01-20 09:41:18 +10:00
Sean Parkinson a1185adf2c SP int: ARM Thumb asm snippets 2022-01-20 09:16:45 +10:00
Hayden Roche 62b07d8806 Add AES-SIV (RFC 5297).
This commit adds functions to encrypt and decrypt data using AES in SIV mode, as
described in RFC 5297. This was added in the process of porting chrony to
wolfSSL. chrony is an NTP implementation that can use NTS (network time
security), which requires AES-SIV.
2022-01-19 14:32:33 -08:00
David Garske d668037541 Merge pull request #4746 from elms/gh/templates
github: Initial templates
2022-01-19 14:04:21 -08:00
David Garske 7adbf59f22 Merge pull request #4767 from anhu/kill_hc128
Get rid of HC-128
2022-01-19 12:20:18 -08:00
David Garske c5d3581ac2 Merge pull request #4771 from SparkiDev/sp_c_mont_red
SP C: fix corner case of P256 and P384 mont red
2022-01-19 11:32:49 -08:00
David Garske 0175013604 Merge pull request #4770 from anhu/cve
CVE-2022-23408
2022-01-19 11:31:24 -08:00
elms 0f50ffb2ef github: Initial templates 2022-01-19 10:36:01 -08:00
David Garske 8e0ece920b Test cleanups. Fix possible leak in TLSX_UseSRTP. 2022-01-19 09:22:02 -08:00
Anthony Hu af71aec77e Mention removal of HC-128 in README.md 2022-01-19 09:49:25 -05:00