wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 15:22:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,451 Commits 12 Branches 184 Tags
wolfEntropy1
Commit Graph

76 Commits

Author SHA1 Message Date
gojimmypi
bf29066d70 Add wolfSSL debug messages 2024-02-08 17:22:36 -08:00
jordan
d111d7da1b Fix MD5 and SHA buffer overrun. 2024-02-02 19:50:22 -06:00
JacobBarthelmeh
dc8f348bdf smaller sized build with curl 2023-04-19 15:12:15 -07:00
gojimmypi
98b718f91b wolfcrypt polish: init, checks, corrections (#6249) 
* wolfcrypt polish: init, checks, corrections
 2023-04-18 09:41:42 -07:00
Jacob Barthelmeh
9dcc48c8f7 update copyright to 2023 2022-12-30 17:12:11 -07:00
Jacob Barthelmeh
8eaa85e412 update copyright year to 2022 2022-07-19 10:44:31 -06:00
David Garske
92fcea39db Fix for DES3 with STM32 and STM32_CRYPTO_AES_ONLY (broken in #5223) . Add U5 PKA support and benchmarks. Fix MD5 with OPENSSL_EXTRA and HAVE_MD5_CUST_API. 2022-06-17 11:50:29 -07:00
David Garske
502cbc3847 Fix for STM32U5 hash/crypto support. ZD 14305. 2022-06-14 11:48:51 +02:00
David Garske
e91f0f173b Fixes for async disables around the DevCopy calls. ZD13824 2022-03-03 16:33:18 -08:00
Daniel Pouzzner
6a56d3e131 jumbo patch of fixes for clang-tidy gripes (with some bug fixes). 
defect/gripe statistics:

    configured --enable-all --enable-sp-math-all --enable-intelasm

    with LLVM 13 clang-tidy -checks=readability-*,bugprone-*,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result

    [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath]

    pre-patch warning count per file, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy    6  wolfssl/tests/suites.c
    clang-analyzer-security.insecureAPI.strcpy    2  wolfssl/testsuite/testsuite.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/server/server.c
    bugprone-suspicious-missing-comma             3  wolfssl/examples/client/client.c
    readability-redundant-preprocessor            2  wolfssl/wolfcrypt/src/asn.c
    readability-redundant-preprocessor            1  wolfssl/wolfcrypt/src/rsa.c
    readability-redundant-preprocessor            9  wolfssl/src/ssl.c
    readability-redundant-preprocessor            2  wolfssl/src/tls13.c
    readability-redundant-preprocessor           18  wolfssl/tests/api.c
    readability-redundant-preprocessor            3  wolfssl/src/internal.c
    readability-redundant-preprocessor           10  wolfssl/wolfcrypt/test/test.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/benchmark/benchmark.c
    readability-named-parameter                   7  wolfssl/src/internal.c
    readability-named-parameter                   1  wolfssl/wolfcrypt/src/ecc.c
    readability-named-parameter                   1  wolfssl/testsuite/testsuite.c
    readability-named-parameter                  11  wolfssl/wolfcrypt/src/ge_operations.c
    misc-no-recursion                             3  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix          4  wolfssl/wolfcrypt/src/asn.c
    readability-uppercase-literal-suffix          1  wolfssl/src/ssl.c
    readability-uppercase-literal-suffix         13  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-too-small-loop-variable              1  wolfssl/wolfcrypt/src/rsa.c
    bugprone-too-small-loop-variable              2  wolfssl/wolfcrypt/src/sha3.c
    bugprone-too-small-loop-variable              4  wolfssl/wolfcrypt/src/idea.c
    bugprone-signed-char-misuse                   2  wolfssl/src/ssl.c
    bugprone-signed-char-misuse                   3  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-signed-char-misuse                   3  wolfssl/examples/client/client.c
    bugprone-macro-parentheses                   19  wolfssl/wolfcrypt/src/aes.c
    bugprone-macro-parentheses                  109  wolfssl/wolfcrypt/src/camellia.c
    bugprone-macro-parentheses                    1  wolfssl/src/tls.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/md4.c
    bugprone-macro-parentheses                    2  wolfssl/wolfcrypt/src/asn.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2b.c
    bugprone-macro-parentheses                  257  wolfssl/wolfcrypt/src/sha3.c
    bugprone-macro-parentheses                   15  wolfssl/src/ssl.c
    bugprone-macro-parentheses                    1  wolfssl/wolfcrypt/src/sha.c
    bugprone-macro-parentheses                    8  wolfssl/tests/api.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/sp_int.c
    bugprone-macro-parentheses                    6  wolfssl/wolfcrypt/benchmark/benchmark.c
    bugprone-macro-parentheses                   38  wolfssl/wolfcrypt/src/hc128.c
    bugprone-macro-parentheses                   12  wolfssl/wolfcrypt/src/md5.c
    bugprone-macro-parentheses                   10  wolfssl/wolfcrypt/src/sha256.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/test/test.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/ecc.c
    bugprone-macro-parentheses                    2  wolfssl/tests/suites.c
    bugprone-macro-parentheses                    4  wolfssl/wolfcrypt/src/cpuid.c
    bugprone-macro-parentheses                   26  wolfssl/wolfcrypt/src/blake2s.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/sha512.c
    bugprone-macro-parentheses                    3  wolfssl/wolfcrypt/src/poly1305.c
    bugprone-macro-parentheses                   24  wolfssl/wolfcrypt/src/ripemd.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/src/internal.c
    readability-inconsistent-declaration-parameter-name    1  wolfssl/testsuite/testsuite.c

    pre-patch warning count summaries, with suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-suspicious-missing-comma                           6
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-too-small-loop-variable                            7
    bugprone-signed-char-misuse                                 8
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2

    pre-patch warning count summaries, without suppressions:

    clang-analyzer-security.insecureAPI.strcpy                  8
    bugprone-branch-clone                                     152
    readability-non-const-parameter                           118
    bugprone-suspicious-missing-comma                           6
    bugprone-suspicious-include                                52
    readability-magic-numbers                               22423
    readability-redundant-preprocessor                         45
    readability-named-parameter                                21
    readability-function-cognitive-complexity                 845
    readability-else-after-return                             398
    bugprone-implicit-widening-of-multiplication-result       595
    readability-function-size                                  21
    readability-isolate-declaration                          1090
    misc-redundant-expression                                   2
    bugprone-narrowing-conversions                            994
    misc-no-recursion                                           3
    readability-uppercase-literal-suffix                       18
    bugprone-reserved-identifier                               56
    readability-suspicious-call-argument                       74
    bugprone-too-small-loop-variable                            7
    bugprone-easily-swappable-parameters                      437
    bugprone-signed-char-misuse                                 8
    readability-misleading-indentation                         94
    bugprone-macro-parentheses                                601
    readability-inconsistent-declaration-parameter-name         2
    bugprone-suspicious-string-compare                        495
    readability-redundant-control-flow                         20
    readability-braces-around-statements                    11483
    clang-analyzer-valist.Uninitialized                         1
    clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling   3502
 2022-01-21 01:25:48 -06:00
David Garske
a03ed32380 Support for Android KeyStore compatibility API's: 
* Adds `EVP_PKCS82PKEY` and `d2i_PKCS8_PRIV_KEY_INFO`.
* Adds `EVP_PKEY2PKCS8` and `i2d_PKCS8_PRIV_KEY_INFO`.
* Adds `ECDSA_verify`.
* Fix to allow `SHA256()` and `MD5()` with FIPSv2.
* Decouple crypto callbacks and hash flags
* Fix for possible use of uninitialized when building TLS bench without TLS v1.3.
* Fix for building with `NO_CHECK_PRIVATE_KEY`. Test `./configure --disable-pkcs12 --enable-opensslextra CFLAGS="-DNO_CHECK_PRIVATE_KEY"`.
* Fix to support `RSA_public_decrypt` for PKCSv15 only with FIPS.
* Cleanup `RSA_public_encrypt`, `RSA_public_decrypt` and `RSA_private_decrypt`.
* Added instructions for building wolfSSL with Android kernel.
 2021-10-19 17:04:18 -07:00
Elms
3a885aba23 Refactor pointer manipulation to be independent of datatype width 
Tested with `./configure CFLAGS="-DNO_64BIT" --disable-sha512
--disable-sha384 --enable-harden` on a 64-bit machine
 2021-06-15 21:08:49 -07:00
David Garske
c59349c7a7 Fix for ecc_map, which is handled in hardware. Fix for NXP LTC mp_mul N value. Fix for MMCAU cast warnings. 2021-05-25 15:58:22 -07:00
toddouska
3ac03d3d66 Merge pull request #3805 from JacobBarthelmeh/copyright 
update copyright date to 2021
 2021-03-15 16:16:50 -07:00
Sean Parkinson
a55e94cf6f ECCSI and SAKKE: add support 
Fixes for static code analysis included.
Added const to function parameters.
Zeroise some temporaries.
 2021-03-12 09:31:22 +10:00
Jacob Barthelmeh
c729318ddd update copyright date 2021-03-11 13:42:46 +07:00
toddouska
72eebd6e75 Merge pull request #3795 from JacobBarthelmeh/CAAM 
Addition of QNX CAAM driver
 2021-03-10 15:04:21 -08:00
Hideki Miyazaki
3b768bcb5e addressed review comments 2021-03-06 10:18:31 +09:00
Hideki Miyazaki
525d28f38f Implemented MD5_Transform 2021-03-05 08:19:18 +09:00
Jacob Barthelmeh
749425e1e8 first pre alpha code for QNX + CAAM 
manual run of RNG init and JDKEK print

job ring does initial rng

is successful on some red key blob operations

caam red key blob test pass

ecdsa sign/verify

ecdsa ecdh/sign/verify with black secure key

ecdsa ecdh/sign/verify with black secure key

initial cmac addition

initial cmac addition

black blob encap

black keys with cmac

add invalidate memory

refactoring and clean up

more code cleanup

add files for dist and remove some printf's

remove unneeded macro guard

use resource manager
 2021-03-03 18:45:40 +07:00
Sean Parkinson
ac76ef8ee7 Curve25519: replace uint64_t with word64 
Remove usages of stdint.h types
Added a sword type for signed words.
 2021-01-18 17:30:36 +10:00
Chris Conlon
45c5a2d39c update copyright to 2020 2020-01-03 15:06:03 -08:00
David Garske
28d466cb10 Fix to ensure 4-byte alignment is default for MMCAU with SHA1, SHA256 and MD5. 2019-10-30 13:34:57 -07:00
David Garske
7f42b71571 Fix NXP MMCAU when data pointer is not aligned. 2019-10-29 13:45:25 -07:00
David Garske
b47039b7ec Fix for possible unused local32 warning. 2019-09-27 09:22:18 -07:00
David Garske
78f6bbcdb8 Adjusted the alignement macro to use WC_HASH_DATA_ALIGNMENT for shared settings across hash algos. 2019-09-26 11:53:24 -07:00
David Garske
6bfe6761d8 Disable the new hashing aligned build option by default. Does not increase performance... the memcpy is faster than the alignment check on modern CPU's. Embedded systems may benefit from this though, so leaving support for it in place. 2019-09-26 11:49:33 -07:00
David Garske
4c709f1f2c Improvements to SHA-1, SHA-256 and MD5 performance: 
* Added detection for buffer alignment to avoid memcpy.
* Added MD5 and SHA-1 support for XTRANSFORM_LEN to process blocks.
* Cleanups for consistency between algorithms and code commenting.
* Enhancement for NXP MMCAU to process more than one block at a time.
* Improved MMCAU performance: SHA-1 by 35%, SHA-256 by 20% and MD5 by 78%.

```
NXP K64 w/MMCAU after:

MD5                  8 MB took 1.000 seconds,    7.910 MB/s
SHA                  4 MB took 1.005 seconds,    3.644 MB/s
SHA-256              2 MB took 1.006 seconds,    2.306 MB/s

NXP K64 w/MMCAU before:
MD5                  4 MB took 1.004 seconds,    4.450 MB/s
SHA                  3 MB took 1.006 seconds,    2.670 MB/s
SHA-256              2 MB took 1.008 seconds,    1.913 MB/s
```
 2019-09-26 11:32:59 -07:00
David Garske
e298b3290d Fix to initialize hash flag. 2019-08-21 06:36:37 -07:00
John Safranek
246c444b93 Updates for v4.0.0 
Update the copyright dates on all the source files to the current year.
 2019-03-15 10:37:36 -07:00
David Garske
dcdb1d7094 Added flag to indicate if hash is copied. 2019-02-12 16:03:10 -08:00
David Garske
838652c03b Added flags build option to hashing algorithms. This allows indicator to determine if hash will be "copied" as done during a TLS handshake. 2019-02-12 16:03:10 -08:00
David Garske
beceab2734 Fix for leak with WOLFSSL_PIC32MZ_HASH and TLS. The PIC32 update cache buffer was not always being free'd. 2018-07-25 11:22:03 -07:00
John Safranek
586874b997 Rename INLINE 
1. Renamed the macro INLINE as WC_INLINE.
2. For FIPS and the "selftest" build, define INLINE as WC_INLINE. Allows the FIPS code to work unchanged.
 2018-06-26 15:17:46 -07:00
David Garske
0be1c10fcd Moved the STM32 functions to their own .c file. Added GPL header. Finished testing on STM32 CubeMX with F4 and F7 and StdPeriLib with F4. 2018-02-05 12:57:06 -08:00
David Garske
a4a5f4f27a STM32 refactor to move hashing code into wolfssl/wolfcrypt/port/stm32.h. Supports CubeMX HAL or StdPeriLib with MD5, SHA1, SHA224 and SHA256. Detects if hardware supports SHA2. Adds hashing context save/restore and hashing clock/power optimizations. Fix for building *.c in wolfcrypt/src/port for caam_driver.c. Fix for warning with wolfSSL_CryptHwMutexUnLock when no threading defined and return code not checked. 2018-01-31 11:25:20 -08:00
Jacob Barthelmeh
01f603ad65 add documentation, macro for no AES hw or HASH hw, use usleep when waiting for entropy 2018-01-02 15:00:35 -07:00
Jacob Barthelmeh
5fa9455bf9 add CAAM with INTEGRITY support 2017-12-20 11:16:11 -07:00
David Garske
7f30397252 Remove execute bit on all code files. 2017-10-23 11:16:40 -07:00
David Garske
911b6f95f8 Release v3.12.2 (lib 14.0.0). Updated copywright. 2017-10-22 15:58:35 -07:00
David Garske
6707be2b0e Added new --disable-oldnames option to allow for using openssl along-side wolfssl headers (without OPENSSL_EXTRA). Add --enable-opensslcoexist which makes sure oldnames is disabled. Refactor of SSL_ to WOLF_SSL_. Refactor of SHA, MD5, SHA224, SHA256, SHA512 and SHA384 to WC_ naming. 2017-10-11 09:10:42 -07:00
David Garske
dcab2f47ee Fixes for STM32 hardware acceleration. Adds CubeMX HAL hashing support for MD5, SHA1, SHA224 and SHA256. Adds support for STM32F7 (WOLFSSL_STM32F7). Fixes issue with AES-GCM and STM32F2. Cleanup of the STM32 macros (adds NO_STM32_HASH, NO_STM32_CRYPTO and NO_STM32_RNG to optionally disable hardware acceleration). 2017-09-15 10:39:09 -07:00
David Garske
65b8389af0 Fix for handling hash copies to make sure copied buffer is not free’d. Resolves issues when testing TLS connection with wolfssl_tcp_client and openurl https://www.google.com/. 2017-08-02 08:42:04 -07:00
David Garske
4e735631e7 Fixes for PIC32MZ: 
* Adds crypto HW support for AES Direct and AES CCM.
* Fixes to enable PIC32MZ hardware hashing where updates are cached via heap buffer and final performs single operations against hardware.
* Fix for benchmark with 1024-bit certs passing in wrong size for `wc_RsaPrivateDecrypt` when using `USE_CERT_BUFFERS_1024`.
* Fix to resolve missing `strncasecmp` for the Microchip XC32. Workaround to use case sensitive version instead. This error occurred when building with HAVE_ECC defined in Harmony with XC32.
* Cleanup of the PIC32MZ crypto and hashing hardware code. Replace `pic32mz-hash.c` with `pic32mz-crypt.c`
* Add user_settings.h for mplabx and mcapi examples.
* Sync up with Harmony changes for MCAPI.
 2017-08-01 12:42:09 -07:00
Chris Conlon
c099137450 add classic Kinetis mmCAU support, FREESCALE_USE_MMCAU_CLASSIC 2017-06-28 16:32:35 -06:00
jrblixt
606aca9916 Merge branch 'master' of https://github.com/jrblixt/wolfssl into unitTest_api_dev 2017-05-12 02:04:58 -06:00
David Garske
db63fe83d4 Initial pass at fixes for coverity scan. 2017-04-28 14:59:45 -07:00
jrblixt
5b5c8f1e95 Updated mcapi/mcapi_test.c ; wolfcrypt/src/md5.c ; wolfcrypt/src/pwdbased.c. 2017-04-14 16:12:29 -06:00
jrblixt
00ea508751 Param check fix in hash files. 2017-04-14 02:16:04 -06:00
jrblixt
85b78835a6 Merge branch 'master' into unitTest_api_dev 
src/keys.c
	wolfcrypt/src/hmac.c
	wolfcrypt/src/md5.c
	wolfcrypt/src/sha256.c
	wolfcrypt/src/sha512.c
	wolfssl/wolfcrypt/md5.h
 2017-04-13 16:33:23 -06:00