wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-31 04:59:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,324 Commits 12 Branches 184 Tags
fb6b022f4252e996193f87197876acac38ed80f7
Commit Graph

7059 Commits

Author SHA1 Message Date
Chris Conlon
fb6b022f42 Merge pull request #7020 from SparkiDev/ecc_gen_k_by_reject 
ECC: generate values in range of order by rejection
 2023-12-14 14:54:39 -07:00
David Garske
1cf87ce0c9 Spelling fix. 2023-12-14 12:14:30 -08:00
Chris Conlon
f6ef58dbc2 Merge pull request #7064 from philljj/fix_infer_issues 
Fix issues from infer diff report.
 2023-12-14 12:27:34 -07:00
jordan
a1b44b6214 Fix issues from infer diff report: init mp_digit to 0. 2023-12-13 17:17:49 -06:00
Eric Blankenhorn
1d7fd42aa8 Fixes for release 2023-12-13 14:47:02 -06:00
Sean Parkinson
b7b20ededd Merge pull request #7058 from lealem47/zd17174 
Check buffer length before XMEMCMP in GetOID
 2023-12-13 14:36:23 +10:00
Lealem Amedie
2724edc257 Check buffer length before XMEMCMP in GetOID 2023-12-12 15:13:42 -07:00
Sean Parkinson
ce74a34154 Merge pull request #7019 from dgarske/armasm_mmcau 
Patch to support NXP Kinetis MMCAU SHA2-256 with ARM ASM
 2023-12-13 07:26:11 +10:00
Sean Parkinson
21f53f37a1 ECC: generate values in range of order by rejection 
When generating private key and nonce for ECDSA, use rejection sampling.
Note: SP uses this algorithm
 2023-12-12 14:55:56 +10:00
Daniel Pouzzner
c1b5135918 wolfcrypt/src/evp.c and wolfcrypt/test/test.c: in FIPS builds <5.3, gate out AES-XTS functionality that depends on new APIs added in #7031 (b14aba48af and 931ac4e568) (AES-XTS is non-FIPS in FIPS <5.3). 2023-12-11 12:14:29 -06:00
Daniel Pouzzner
9c17d5d2fa support ASN ShortInts up to 4 bytes (2^32-1): 
* parameterize MAX_LENGTH_SZ using overrideable WOLFSSL_ASN_MAX_LENGTH_SZ, default value 5 (raised from 4).
* refactor other Misc_ASN constants to refer to MAX_LENGTH_SZ as appropriate.
* tweak BytePrecision() appropriately.
* refactor SetShortInt() to use BytePrecision() and include a length assert against MAX_SHORT_SZ to assure no buffer overruns with reduced WOLFSSL_ASN_MAX_LENGTH_SZ.
 2023-12-11 12:14:29 -06:00
David Garske
b5eb8995c9 Fix possible unused variable warning. 2023-12-11 09:22:47 -08:00
JacobBarthelmeh
ac447d1afb Merge pull request #7031 from douzzer/20231201-openssl-compat-fixes 
20231201-openssl-compat-fixes
 2023-12-08 17:25:53 -07:00
JacobBarthelmeh
f708d42ef7 Merge pull request #7046 from dgarske/crl_cleanups 
Various cleanups - CRL and comments - 20231207
 2023-12-08 17:15:01 -07:00
David Garske
8a5a467543 Patch to support NXP Kinetis MMCAU SHA2-256 (FREESCALE_MMCAU_CLASSIC_SHA) with --enable-armasm. 2023-12-08 15:56:20 -08:00
gojimmypi
62c0910e15 sync w/upstream; resolve merge conflict 2023-12-08 09:06:10 -08:00
JacobBarthelmeh
448b83697a Merge pull request #7035 from gojimmypi/PR-Espressif-wolfcrypt 
Espressif wolfcrypt updates
 2023-12-08 09:07:46 -07:00
David Garske
434526c345 Expand WOLFSSL_NO_CRL_DATE_CHECK to the process cert CRL next date check. Fix typo for DEBUG_CRYPTOCB. Add comments for wc_ValidateDate arguments. Improve linker script example for FIPS to put stdlib before FIPS and not force KEEP. 2023-12-07 14:45:16 -08:00
Sean Parkinson
61b0efce4f Merge pull request #7039 from embhorn/zd17127 
Check for neg size in fp_read_unsigned_bin
 2023-12-08 07:44:09 +10:00
gojimmypi
5e5286d30d Merge branch 'master' of https://github.com/wolfSSL/wolfssl into PR-Expressif-Benchmark 2023-12-07 13:26:20 -08:00
Eric Blankenhorn
27e93276de Check for neg size in fp_read_unsigned_bin 2023-12-07 14:26:12 -06:00
JacobBarthelmeh
5caa71ec6a Merge pull request #7038 from SparkiDev/heapmath_mp_add_d 
Heapmath mp_add_d: fix for when a and c same pointer
 2023-12-07 10:04:13 -07:00
JacobBarthelmeh
9d0bb4c2bf Merge pull request #7040 from dgarske/win_vs 
Fixes for building wolfSSL in Visual Studio
 2023-12-07 10:02:33 -07:00
Daniel Pouzzner
931ac4e568 add documentation for wc_AesXtsInit(), wc_AesXtsSetKeyNoInit(), wc_CmacFinalNoFree(), and wc_CmacFree(); 
rename wc_AesXtsSetKey_NoInit() to wc_AesXtsSetKeyNoInit() for morphological consistency;

refactor wc_AesXtsSetKey() to call wc_AesXtsSetKeyNoInit() and clean up on failure;

readability tweak in wolfSSL_EVP_CipherFinal().
 2023-12-06 19:26:46 -06:00
Daniel Pouzzner
b14aba48af wolfcrypt/src/cmac.c: add wc_CmacFree(), revert wc_CmacFinal(), rename wc_CmacFinal() as wc_CmacFinalNoFree() removing its deallocation clauses, and add new wc_CmacFinal() that calls wc_CmacFinalNoFree() then calls wc_CmacFree() unconditionally, for compatibility with legacy client code (some of which may have previously leaked). 
tests/api.c: modify test_wc_CmacFinal() to use wc_CmacFinalNoFree() except for the final call.

wolfcrypt/src/aes.c:
* fix wc_AesEaxEncryptAuth() and wc_AesEaxDecryptAuth() to call wc_AesEaxFree() only if wc_AesEaxInit() succeeded.
* fix wc_AesEaxInit() to free all resources on failure.
* revert wc_AesEaxEncryptFinal() and wc_AesEaxDecryptFinal() changes, then change wc_CmacFinal() calls in them to wc_CmacFinalNoFree() calls.
* wc_AesEaxFree(): add wc_CmacFree() calls.
 2023-12-06 16:55:57 -06:00
Sean Parkinson
226c631feb Heapmath mp_add_d: fix for when a and c same pointer 
When parameters a and c to mp_add_d are the same pointer, c->sign was
being set to zero/positive and then a->sign was being checked.
Set the c->sign at end as it will always be zero/positive through the
code and the sign of the result isn't otherwise used.
 2023-12-07 07:51:43 +10:00
gojimmypi
f3a9d4a56e Espressif Benchmark ESP-IDF 4.4 fixes 2023-12-06 13:23:14 -08:00
David Garske
db14914951 Fixes for building wolfSSL in Visual Studio. Adds missing files. Fix for type cast warnings. 2023-12-06 13:20:27 -08:00
gojimmypi
ca1eba0919 Espressif wolfcrypt updates 2023-12-06 10:05:31 -08:00
Sean Parkinson
cf8a6efaa5 SP int neg sp_mont_red_ex: disallow negative numbers 
Don't support negative a or m with sp_mont_red_ex().
 2023-12-06 08:59:54 +10:00
Daniel Pouzzner
689a82a622 fix AES-related code, in both crypto and TLS layers, for various uninitialized data and resource leak defects around wc_AesInit() and wc_AesFree(): 
* followup to https://github.com/wolfSSL/wolfssl/pull/7009 "20231128-misc-fixes" and  https://github.com/wolfSSL/wolfssl/pull/7011 "Add missing wc_AesInit calls."

* adds WC_DEBUG_CIPHER_LIFECYCLE, which embeds asserts in low-level AES implementations for proper usage of wc_AesInit() and wc_AesFree().

* fixes native CMAC, AES-EAX, and AES-XTS implementations to assure resource release.

* adds missing wc_AesXtsInit() API, and adds a new wc_AesXtsSetKey_NoInit().

* fixes misspellings in EVP that unconditionally gated out AES-OFB and AES-XTS.

* fixes misspellings in EVP that unconditionally gated out AES-CBC and AES-CFB code in wolfSSL_EVP_CIPHER_CTX_cleanup_cipher().

* openssl compat AES low level cipher API has no counterpart to wc_AesFree(), so these compat APIs will now be gated out in configurations where they would otherwise leak memory or file descriptors (WOLFSSL_AFALG, WOLFSSL_DEVCRYPTO, WOLF_CRYPTO_CB, etc.).  A new macro, WC_AESFREE_IS_MANDATORY, is defined in wolfcrypt/aes.h to streamline this dependency.

* fixes 40 missing EVP_CIPHER_CTX_cleanup()s and 11 wc_AesFree()s in src/ssl.c, src/ssl_crypto.c, tests/api.c, and wolfcrypt/test/test.c.
 2023-12-05 15:58:09 -06:00
JacobBarthelmeh
223d8c9a10 Merge pull request #7004 from julek-wolfssl/zd/17033 
x509 AIA: store the first OCSP and CA Issuer URI's
 2023-12-05 14:08:43 -07:00
JacobBarthelmeh
3ad0e1ef72 Merge pull request #7021 from res0nance/arm64-aes-gcm-clobber 
AES GCM ARM64: Fix clobber lists
 2023-12-01 16:52:14 -07:00
JacobBarthelmeh
c4ab1e6d47 Merge pull request #7017 from SparkiDev/asn_tmpl_ecc_raw_to_sig_fix 
ASN template: StoreECC_DSA_Sig_Bin
 2023-12-01 16:11:15 -07:00
JacobBarthelmeh
abab390dd4 Merge pull request #7015 from lealem47/zd17088 
Reworking MinGW mutex/threading
 2023-11-30 17:00:19 -07:00
jordan
9265142369 Used codespell and fixed obvious typos. 2023-11-30 13:09:55 -06:00
JacobBarthelmeh
cbe8309b3b Merge pull request #7013 from SparkiDev/asm_arm_clobber_cc 
ARM asm: add "cc" to all clobber lists
 2023-11-30 11:05:03 -07:00
JacobBarthelmeh
a7e5c6c721 Merge pull request #7011 from philljj/add_missing_aesinit 
Add missing wc_AesInit calls.
 2023-11-30 11:01:02 -07:00
Sean Parkinson
21f662c7d1 ASN template: StoreECC_DSA_Sig_Bin 
Strip leading zeros from R and S before encoding in ASN.1.
 2023-11-30 20:31:29 +10:00
res0nance
14ba944f6c AES GCM ARM64: Fix clobber lists 2023-11-30 12:33:42 +08:00
jordan
8c1ab783a1 Add missing wc_AesInit calls: small cleanup. 2023-11-29 18:02:45 -06:00
Lealem Amedie
e1ac56f2dd Reworking MINGW mutex/threading 2023-11-29 16:45:06 -07:00
Sean Parkinson
11e5544032 ARM asm: add "cc" to all clobber lists 
Carry flags are more often than not affected by assembly code.
Carry wasn't in any inline assembly clobber list.
Always clobber "cc" to be safe.
 2023-11-30 08:40:37 +10:00
jordan
3158e04863 Add missing wc_AesInit calls. 2023-11-29 12:54:28 -06:00
Daniel Pouzzner
962bf88c9d wolfcrypt/src/ecc.c: add missing semicolon in SAVE_VECTOR_REGISTERS() args. 2023-11-29 11:59:35 -06:00
Daniel Pouzzner
4642077146 src/ssl.c: remove frivolous (void)heap to clear -Wdeclaration-after-statement. 
wolfcrypt/src/aes.c: add NEED_AES_TABLES gate around AesSetKey_C() implementations (fixes WOLFSSL_KCAPI_AES builds, probably among others).

wolfcrypt/src/sp_int.c: add missing casts to clear -Wconversions.
 2023-11-28 23:25:31 -06:00
JacobBarthelmeh
12ee732fe2 Merge pull request #6981 from douzzer/20231102-vector-register-dynamic-fallback-aes 
20231102-vector-register-dynamic-fallback-aes
 2023-11-28 13:15:02 -07:00
JacobBarthelmeh
61a2d2de3d Merge pull request #6955 from SparkiDev/rsa_dec_inv_blind_mul_mont 
RSA private exponentiation: multiply blinding invert in Mont
 2023-11-28 11:08:57 -07:00
JacobBarthelmeh
a111c5b27f Merge pull request #6993 from SparkiDev/thumb2_iar_no_inline_fix_2 
SP Thumb2: make function no-inline
 2023-11-28 10:47:58 -07:00
JacobBarthelmeh
602bd3b506 Merge pull request #6996 from SparkiDev/armv8_aes_gcm_init_stream_iv 
ARMv8 AES-GCM streaming: check size of IV before storing
 2023-11-27 09:39:46 -07:00