wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 13:29:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,639 Commits 12 Branches 184 Tags
f19b426a3fa85d3c8dcc5fcad9b2157817cdd310
Commit Graph

125 Commits

Author SHA1 Message Date
David Garske
e91f0f173b Fixes for async disables around the DevCopy calls. ZD13824 2022-03-03 16:33:18 -08:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
Daniel Pouzzner
82b508b917 wolfcrypt/src/sha512.c: fixes for cppcheck complaints: nullPointerRedundantCheck 2022-01-08 00:32:26 -06:00
David Garske
7396a0cb3a Resolves all peer review comments. Fixes to get Curve25519 working on real hardware. Regression testing fixes for ECC. 2021-11-23 15:03:53 -08:00
Daniel Pouzzner
0b4f34d62a typographic cleanup: fix whitespace, remove unneeded UTF-8, convert C++ comment constructs to C. 2021-11-08 17:35:05 -06:00
David Garske
2abb2eae7d Changed NXP SE050 to not use symmetric offloading by default. If desired use WOLFSSL_SE050_HASH and WOLFSSL_SE050_CRYPT. 2021-11-02 12:00:24 -07:00
Daniel Pouzzner
e0395c6441 linuxkm: in wolfcrypt/src/sha{256,512}.c, remove {SAVE,RESTORE}_VECTOR_REGISTERS() wrappers around AVX implementations, as this needs to be refactored for efficiency and the underlying assembly is not yet kernel-compatible. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
0f05a71bfb linuxkm: refactor SAVE_VECTOR_REGISTERS() macro to take a fail clause as an argument, to allow the preprocessor to completely eliminate it in non-kernel builds, and for backward compat with WCv5.0-RC8. 2021-10-26 20:24:28 -05:00
David Garske
a03ed32380 Support for Android KeyStore compatibility API's: 
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
 2021-10-19 17:04:18 -07:00
Daniel Pouzzner
62822be6ce scan-build LLVM-13 fixes and expanded coverage: add WC_UNUSED and PRAGMA_CLANG_DIAG_{PUSH,POP} macros; deploy "#ifndef __clang_analyzer__" as needed; fix violations and suppress false positives of -Wunreachable-code-break, -Wunreachable-code-return, and -enable-checker alpha.deadcode.UnreachableCode; expand scan-build clean build scope to --enable-all --enable-sp-math-all. 2021-10-18 21:46:09 -05:00
David Garske
70894383ce Fix for new SHA512 224/256 support with NXP SE050. 2021-10-11 13:01:38 -07:00
David Garske
90a51490a9 Peer review feedback. Improvements with small stack. 2021-10-11 11:54:03 -07:00
David Garske
29f051e585 Fixes and cleanups for NXP SE050 support. 2021-10-11 11:53:19 -07:00
Ethan
3f76a76c46 SE050 port with support for RNG, SHA, AES, ECC (sign/verify/shared secret) and ED25519 2021-10-11 11:52:12 -07:00
Sean Parkinson
e0abcca040 KCAPI: add support for using libkcapi for crypto (Linux Kernel) 
RSA, DH and ECC not testable as no Linux Kernel driver to use.
ECC implementation is customer specific.
 2021-10-08 09:07:22 +10:00
Daniel Pouzzner
6d715130a2 linuxkm: cleanups and smallstack refactors related to WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED, associated linuxkm-SIMD-IRQ PR, and associated peer review: 
smallstack refactors for wolfcrypt/src/rsa.c:wc_CheckProbablePrime_ex() and wolfcrypt/src/pwdbased.c:wc_PKCS12_PBKDF_ex();

add WARN_UNUSED_RESULT macro to types.h;

text format cleanup;

fix internal.c:LowResTimer() implementation.

refactor tls13.c:TimeNowInMilliseconds() for kernel 4.9 and 3.16 compat.

use ktime_get_coarse_real_ts64() only for kernel 5.x+.  in kernel 4.x, use its older form, current_kernel_time64(), and in 3.x, use getnstimeofday().

linuxkm/module_hooks.c: fix wolfssl_init() pie code to be compatible with kernel 4.4-;

fix allocate_wolfcrypt_irq_fpu_states() return codes to all be wolfcrypt codes, and in calling code, pass up that code (suggested by dgarske peer review).
 2021-09-20 13:46:51 -05:00
Daniel Pouzzner
83e0e19e03 linuxkm feature additions: 
add build-time support for module signing using native Linux facility;

add support for alternative licenses using WOLFSSL_LICENSE macro;

improve load-time kernel log messages;

add support for sp-math-all asm/AVX2 acceleration;

add error-checking and return in SAVE_VECTOR_REGISTERS();

implement support for x86 accelerated crypto from interrupt handlers, gated on WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED:

  * wolfcrypt_irq_fpu_states
  * am_in_hard_interrupt_handler()
  * allocate_wolfcrypt_irq_fpu_states()
  * free_wolfcrypt_irq_fpu_states()
  * save_vector_registers_x86()
  * restore_vector_registers_x86()

add WOLFSSL_LINUXKM_SIMD, WOLFSSL_LINUXKM_SIMD_X86, and WOLFSSL_LINUXKM_SIMD_ARM macros for more readable gating.
 2021-09-20 10:27:13 -05:00
Sean Parkinson
cd8bff272c SHA512: Tidy up and have Sha512_224/256 FinalRaw return smaller digest 
Make code cleaner by passing in parameters instead of determining from
type.
Remove trailing whitespace.
 2021-09-10 09:52:01 +10:00
TakayukiMatsuo
56843fbefd Add support for EVP_sha512_224/256 (#4257) 2021-09-02 14:05:07 +10:00
John Safranek
2c62880fd2 flags update 
1. Fixed typo in ifdef for HAVE_ED448.
2. Fixed typos in comments in sha512.
3. Add include config.h to bio.c.
 2021-08-06 11:28:20 -06:00
Daniel Pouzzner
05128968f6 fixes for null pointer accesses detected by clang sanitizer. also, gate SuiteTest() on !NO_WOLFSSL_CIPHER_SUITE_TEST in tests/unit.c, greatly reducing time to completion when not debugging cipher suites. 2021-07-16 13:49:47 -05:00
Daniel Pouzzner
9b43e57ccf ED: add streaming API to the ED verify routines: wc_ed*_verify_msg_init(), wc_ed*_verify_msg_update(), wc_ed*_verify_msg_final(); 
harmonize the ED448 API with the ED25519 API by making wc_ed448_verify_msg_ex() and wc_ed448_init_ex() public functions;

track devId and heap pointer in ed*_key.{devId,heap}, and pass them through to sha init functions;

add ed*_key.{sha,sha_clean_flag}, and ed*_hash_{reset,update,final} functions, and use them for all ED hashing ops, to support streaming API and for optimally efficient reuse for the preexisting ED calls;

add ed448_hash() akin to ed25519_hash(), and use it in place of wc_Shake256Hash(), for .sha_clean_flag dynamics.

add to wc_ed*_import_private_key() the ability to import the combined key generated by wc_ed*_export_private() without supplying the redundant public key;

add macro asserts near top of ed*.h to assure the required hash functions are available;

fix {NO,HAVE}_ED*_{SIGN,VERIFY};

wolfcrypt/test/test.c: add missing key initializations in ed*_test();

wolfcrypt/test/test.c: fix unaligned access in myDecryptionFunc() detected by -fsanitize=address,undefined.
 2021-07-16 13:49:47 -05:00
David Garske
5440b6c63c Fix for intel asm SHA512 where HAVE_INTEL_AVX1 or HAVE_INTEL_AVX2 is defined, but USE_INTEL_SPEEDUP is not. Fix for scan-build error with test.c ret not used. 2021-06-17 13:50:09 -07:00
David Garske
9c24731e3c Added SHA2-384/512 crypto callback support. 2021-06-16 11:49:24 -07:00
Jacob Barthelmeh
c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
toddouska
72eebd6e75 Merge pull request #3795 from JacobBarthelmeh/CAAM 
Addition of QNX CAAM driver
 2021-03-10 15:04:21 -08:00
Hideki Miyazaki
3b768bcb5e addressed review comments 2021-03-06 10:18:31 +09:00
Hideki Miyazaki
302c6dfe11 addressed jenkins failure part3 2021-03-05 08:19:22 +09:00
Hideki Miyazaki
5fb9aa3f9b implemented SHA512_Transform and unit test 2021-03-05 08:19:20 +09:00
Jacob Barthelmeh
749425e1e8 first pre alpha code for QNX + CAAM 
manual run of RNG init and JDKEK print

job ring does initial rng

is successful on some red key blob operations

caam red key blob test pass

ecdsa sign/verify

ecdsa ecdh/sign/verify with black secure key

ecdsa ecdh/sign/verify with black secure key

initial cmac addition

initial cmac addition

black blob encap

black keys with cmac

add invalidate memory

refactoring and clean up

more code cleanup

add files for dist and remove some printf's

remove unneeded macro guard

use resource manager
 2021-03-03 18:45:40 +07:00
Guido Vranken
3fd2647383 SHA 256,512: Only write hash if no error has occurred 
ZD 11649
 2021-02-06 08:15:30 +01:00
Elms
79c31a5f2c SiLbs: SHA and AES-{GCM,CBC} hardware acceleration using se_manager 2020-11-30 21:01:49 -08:00
Daniel Pouzzner
f96fbdb7d1 sha256.c/sha512.c: refactor 4 instances of gccism ({}) to WC_INLINE functions. 2020-11-11 13:44:26 -06:00
Daniel Pouzzner
7c2aefcfdd linuxkm: enable the rest of the _asm implementations for x86, wrapped in {SAVE,RESTORE}_VECTOR_REGISTERS(). 2020-09-23 18:32:16 -05:00
David Garske
5c76afc41c Fix for SHA256 missing initialization of small stack cache variable. Fixes issue with Intel ASM and WOLFSSL_SMALL_STACK_CACHE 2020-08-26 09:44:32 -07:00
David Garske
dd517fd81c Fixed several compiler warnings with inline variable declaration, deprecated func decl and small stack use of invaid memory (heap). Thanks @douzzer for these. 2020-08-20 15:13:43 -07:00
Daniele Lacamera
b1947478bb Added support for SHA512 via psoc6 crypto 2020-06-05 11:30:29 +02:00
David Garske
3127a7e9e5 Fixes for building with bare-metal on Xilinx SDK with zynqmp. Added Zynqmp benchmark timer support. 2020-03-20 12:22:47 -07:00
Chris Conlon
45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
Eric Blankenhorn
b83804cb9d Correct misspellings and typos from codespell tool 2019-12-24 12:29:33 -06:00
David Garske
e298b3290d Fix to initialize hash flag. 2019-08-21 06:36:37 -07:00
Hideki Miyazaki
1d9d9e2955 fix ed25519 sing msg test failure 
better random number handling
 2019-06-24 15:27:29 +09:00
John Safranek
246c444b93 Updates for v4.0.0 
Update the copyright dates on all the source files to the current year.
 2019-03-15 10:37:36 -07:00
David Garske
dcdb1d7094 Added flag to indicate if hash is copied. 2019-02-12 16:03:10 -08:00
David Garske
838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
Sean Parkinson
7822cef1ac Pull out x86_64 ASM into separate files 2019-01-29 13:08:24 +10:00
Hideki Miyazaki
30612ad3ed addressed review comments 2018-12-28 11:48:39 +09:00
Hideki Miyazaki
9d2294b967 Support AES and SHA hw acceleration on esp32-wroom-32 
Removed unnecessary codes
Added README
Some clean up for maintenancebility
Removed unused methods

Removed unused methods
 2018-12-28 08:39:19 +09:00
David Garske
cbbe63ec62 Added QAT SHA3 support. Fix for SHA512/SHA384 with QAT and Intel ASM enabled. 2018-12-17 12:54:33 -08:00
David Garske
8355dd29cb Fix for Curve25519 FE math build error with Intel Speedups enabled and no AVX2. Fixes to allow forcing NO_AVX2_SUPPORT. Reproducible with ./configure --enable-curve25519 --enable-ed25519 --enable-intelasm CFLAGS="-DNO_AVX2_SUPPORT". 2018-12-05 13:04:30 -08:00