Found with the configuration running the unit test through valgrind.
% ./configure CFLAGS=-DNO_WOLFSSL_CIPHER_SUITE_TEST \
--enable-all --disable-fastmath --enable-debug --disable-shared
1. ssl.c: In wolfSSL_DSA_generate_key(), we initialize (and allocate)
all the parameters in the key (p, q, g, x, y), and then we generate a
key, initializes (and allocates) x and y, again. mp_clear them
first.
2. evp.c: When printing public keys, the temporary mp_int wasn't getting
correctly freed.
3. evp.c: When printing public keys, modified the utility functions to
return once with a do-while-0 loop.
A sizeof wasn't dereferencing a pointer using the sizeof the pointer and
not the actual struct. This is limited to setting the key for an AES
operation only when using SILABS SE2 acceleration.
pskNegotiated field added to indicate Session Ticket or PSK negotiated.
peerAuthGood field added to indicate that any require peer
authentication (certificate, if required, or PSK) have been performed.
in scripts/ocsp.test, don't call ping.test when $AM_BWRAPPED = yes (ping is setuid, so fails under bwrap);
in scripts/unit.test.in, don't bwrap if $AM_BWRAPPED = yes (double-bwrapping always fails);
in testsuite/testsuite.c testsuite_test(), build tempName using tempDir, and try to assign tempDir from XGETENV("TMPDIR"), fallback to hardcoded "/tmp".
Cortex builds needed # before number. Arm32 works with or without.
Thumb div_word needed to shift up if divisor too small (like other ARM
implementations).
Add support to ECIES for AES-256-CBC, AES-128-CTR, AES-256-CTR.
Added new API wc_ecc_ctx_set_algo() that sets the encryption, KDF and
MAC algorithms.
Cleanup formatting of ECIES code.
When compiling with the CFLAG -m32, sp_c32.c is used and not sp_c64.c.
The build system cannot detect that this is a 32-bit platform and to use
sp_c32.c.
The SP code detects which implementaiton to use and sets defines that
enable the code in sp_c32.c or sp_c64.c.
ENABLED_64BIT, 64-bit platform, was on by default, which is not always
true.
By making ENABLED_64BIT not default then the decision of which SP C
files to include in the build had to change to not being the other.
That is, sp_c64.c is not included when the configuration line explicitly
enables 32bit and sp_c32.c is not include when the configuration line
explicitly enables 64bit.
* whitespace in src/ssl.c, tests/api.c, wolfssl/openssl/fips_rand.h.
* clang-analyzer-core.StackAddressEscape from llvm-15 clang-tidy, in tests/suites.c:execute_test_case().
* bugprone-suspicious-memory-comparison from llvm-15 clang-tidy, in src/internal.c:DoSessionTicket() and src/ssl.c:wolfSSL_sk_push().
