wolfssl

Author	SHA1	Message	Date
Daniel Pouzzner	f0041852b5	aes.c: add error catching and percolation for wc_AesGetKeySize() on FREESCALE_LTC in wc_AesEncrypt(), wc_AesDecrypt(), and wc_AesCtrEncrypt().	2022-01-24 13:34:22 -06:00
Daniel Pouzzner	5ff1d98306	AES: fix linebreaks in newly overlong lines in aes.c and aes.h; add missing return code in armv8-aes.c wc_AesDecryptDirect(); add missing RESTORE_VECTOR_REGISTERS() in software wc_AesXtsEncrypt() (all pursuant to peer review in #4785 from Sean).	2022-01-24 12:32:25 -06:00
Daniel Pouzzner	565a7b0aab	aes.c: in linuxkm clause of WOLFSSL_AES_DIRECT section, gate on WOLFSSL_LINUXKM && WOLFSSL_AESNI (with no-asm falling through to the generic definition), and use wolfssl-idiomatic WARN_UNUSED_RESULT, not linux-kernel-idiomatic __must_check. (thanks to John S peer review)	2022-01-24 11:44:16 -06:00
Daniel Pouzzner	a718637c6f	AES: harmonize wc_Aes{Encrypt,Decrypt} and wc_Aes{Encrypt,Decrypt}Direct implementations to return int; add return values to all static void functions in aes.c that can fail; add WARN_UNUSED_RESULT to all static functions in aes.c with return values; implement missing error percolation around AES block cipher implementations; bump FIPS version for v5-ready and v5-dev to 5.3 (v5-RC12 is 5.2).	2022-01-24 11:44:16 -06:00
David Garske	dee66cfe9e	Merge pull request #4789 from SparkiDev/sp_invmod_oob SP int: sp_modinv fixes for sizes	2022-01-24 09:08:08 -08:00
John Safranek	93404361ff	Merge pull request #4783 from SparkiDev/mac_sha512_def SHA-512 ASM: For Mac computers default to using SHA512 instructions	2022-01-24 09:03:08 -08:00
David Garske	44c0a5f9f8	Merge pull request #4790 from SparkiDev/decodesubtree_oobr ParseCert: check index in DecodeSubtree before accessing tag	2022-01-24 08:36:52 -08:00
Sean Parkinson	3d63e41653	SP int: sp_modinv fixes for sizes sp_invmod with even modulus requires a multiplication by modulus. Don't let modulus overflow result variable 'r'. Fix allocation of temporary sp_ints to be correct size. Add test for maximum modulus size in test.c. Remove leading spaces on functions so git correctly determines which function has changed. Put in Thumb code for more sizes of _sp_mul_*().	2022-01-24 15:18:20 +10:00
Sean Parkinson	1dd213db76	ParseCert: check index in DecodeSubtree before accessing tag	2022-01-24 12:30:48 +10:00
David Garske	198843aa34	Merge pull request #4787 from douzzer/20220121-fixits-20220118-clang-tidy cleanup re #4772	2022-01-21 12:46:07 -08:00
Daniel Pouzzner	2955d7339e	remove a debugging printf, fix whitespace/indentation, and add a comment re gethostbyname_r buffer size.	2022-01-21 13:00:22 -06:00
David Garske	7a36d57e8f	Merge pull request #4784 from SparkiDev/sp_int_modinv_perf SP int: minor improvements to sp_invmod	2022-01-21 10:30:09 -08:00
David Garske	869246609a	Merge pull request #4772 from douzzer/20220118-clang-tidy clang-tidy fixes/cleanups	2022-01-21 10:29:26 -08:00
Daniel Pouzzner	4f9d0b7ea7	fix whitespace.	2022-01-21 01:26:44 -06:00
Daniel Pouzzner	bfada558bd	remove extraneous build gates and fix whitespace justification in a comment (peer review re PR #4772 ).	2022-01-21 01:26:44 -06:00
Daniel Pouzzner	386aac9694	AES-SIV: in configure.ac, enable SIV only if !ENABLED_FIPS or if building FIPS v5-dev; in cmac.{c,h}, remove !HAVE_FIPS gating on ShiftAndXorRb().	2022-01-21 01:26:33 -06:00
Daniel Pouzzner	84f7d812d3	linuxkm/module_exports.c.template: include siphash.h.	2022-01-21 01:25:48 -06:00
Daniel Pouzzner	10b8f56fec	wolfio.c: in wolfIO_TcpConnect(), test for usability of gethostbyname_r by (__GLIBC__ >= 2) && defined(__USE_MISC), not defined(__GNUC__).	2022-01-21 01:25:48 -06:00
Daniel Pouzzner	5e33da8147	fix whitespace.	2022-01-21 01:25:48 -06:00
Daniel Pouzzner	bb07d0a490	wolfio.c: refactor wolfIO_TcpConnect(() to use gethostbyname_r() if GNUC && !SINGLE_THREADED, for thread safety.	2022-01-21 01:25:48 -06:00
Daniel Pouzzner	6a56d3e131	jumbo patch of fixes for clang-tidy gripes (with some bug fixes). defect/gripe statistics: configured --enable-all --enable-sp-math-all --enable-intelasm with LLVM 13 clang-tidy -checks=readability-,bugprone-,misc-no-recursion,misc-misplaced-const,misc-redundant-expression,misc-unused-parameters,misc-unused-using-decls,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-optin.performance.Padding,-readability-braces-around-statements,-readability-function-size,-readability-function-cognitive-complexity,-bugprone-suspicious-include,-bugprone-easily-swappable-parameters,-readability-isolate-declaration,-readability-magic-numbers,-readability-else-after-return,-bugprone-reserved-identifier,-readability-suspicious-call-argument,-bugprone-suspicious-string-compare,-bugprone-branch-clone,-misc-redundant-expression,-readability-non-const-parameter,-readability-redundant-control-flow,-readability-misleading-indentation,-bugprone-narrowing-conversions,-bugprone-implicit-widening-of-multiplication-result [note these figures don't reflect additional defects fixed in this commit for --enable-smallstack, --enable-fips, --enable-async, --enable-asn=template, and --enable-fastmath, and --disable-fastmath] pre-patch warning count per file, with suppressions: clang-analyzer-security.insecureAPI.strcpy 6 wolfssl/tests/suites.c clang-analyzer-security.insecureAPI.strcpy 2 wolfssl/testsuite/testsuite.c bugprone-suspicious-missing-comma 3 wolfssl/examples/server/server.c bugprone-suspicious-missing-comma 3 wolfssl/examples/client/client.c readability-redundant-preprocessor 2 wolfssl/wolfcrypt/src/asn.c readability-redundant-preprocessor 1 wolfssl/wolfcrypt/src/rsa.c readability-redundant-preprocessor 9 wolfssl/src/ssl.c readability-redundant-preprocessor 2 wolfssl/src/tls13.c readability-redundant-preprocessor 18 wolfssl/tests/api.c readability-redundant-preprocessor 3 wolfssl/src/internal.c readability-redundant-preprocessor 10 wolfssl/wolfcrypt/test/test.c readability-named-parameter 1 wolfssl/wolfcrypt/benchmark/benchmark.c readability-named-parameter 7 wolfssl/src/internal.c readability-named-parameter 1 wolfssl/wolfcrypt/src/ecc.c readability-named-parameter 1 wolfssl/testsuite/testsuite.c readability-named-parameter 11 wolfssl/wolfcrypt/src/ge_operations.c misc-no-recursion 3 wolfssl/src/ssl.c readability-uppercase-literal-suffix 4 wolfssl/wolfcrypt/src/asn.c readability-uppercase-literal-suffix 1 wolfssl/src/ssl.c readability-uppercase-literal-suffix 13 wolfssl/wolfcrypt/benchmark/benchmark.c bugprone-too-small-loop-variable 1 wolfssl/wolfcrypt/src/rsa.c bugprone-too-small-loop-variable 2 wolfssl/wolfcrypt/src/sha3.c bugprone-too-small-loop-variable 4 wolfssl/wolfcrypt/src/idea.c bugprone-signed-char-misuse 2 wolfssl/src/ssl.c bugprone-signed-char-misuse 3 wolfssl/wolfcrypt/src/sp_int.c bugprone-signed-char-misuse 3 wolfssl/examples/client/client.c bugprone-macro-parentheses 19 wolfssl/wolfcrypt/src/aes.c bugprone-macro-parentheses 109 wolfssl/wolfcrypt/src/camellia.c bugprone-macro-parentheses 1 wolfssl/src/tls.c bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/md4.c bugprone-macro-parentheses 2 wolfssl/wolfcrypt/src/asn.c bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2b.c bugprone-macro-parentheses 257 wolfssl/wolfcrypt/src/sha3.c bugprone-macro-parentheses 15 wolfssl/src/ssl.c bugprone-macro-parentheses 1 wolfssl/wolfcrypt/src/sha.c bugprone-macro-parentheses 8 wolfssl/tests/api.c bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/sp_int.c bugprone-macro-parentheses 6 wolfssl/wolfcrypt/benchmark/benchmark.c bugprone-macro-parentheses 38 wolfssl/wolfcrypt/src/hc128.c bugprone-macro-parentheses 12 wolfssl/wolfcrypt/src/md5.c bugprone-macro-parentheses 10 wolfssl/wolfcrypt/src/sha256.c bugprone-macro-parentheses 4 wolfssl/wolfcrypt/test/test.c bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/ecc.c bugprone-macro-parentheses 2 wolfssl/tests/suites.c bugprone-macro-parentheses 4 wolfssl/wolfcrypt/src/cpuid.c bugprone-macro-parentheses 26 wolfssl/wolfcrypt/src/blake2s.c bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/sha512.c bugprone-macro-parentheses 3 wolfssl/wolfcrypt/src/poly1305.c bugprone-macro-parentheses 24 wolfssl/wolfcrypt/src/ripemd.c readability-inconsistent-declaration-parameter-name 1 wolfssl/src/internal.c readability-inconsistent-declaration-parameter-name 1 wolfssl/testsuite/testsuite.c pre-patch warning count summaries, with suppressions: clang-analyzer-security.insecureAPI.strcpy 8 bugprone-suspicious-missing-comma 6 readability-redundant-preprocessor 45 readability-named-parameter 21 misc-no-recursion 3 readability-uppercase-literal-suffix 18 bugprone-too-small-loop-variable 7 bugprone-signed-char-misuse 8 bugprone-macro-parentheses 601 readability-inconsistent-declaration-parameter-name 2 pre-patch warning count summaries, without suppressions: clang-analyzer-security.insecureAPI.strcpy 8 bugprone-branch-clone 152 readability-non-const-parameter 118 bugprone-suspicious-missing-comma 6 bugprone-suspicious-include 52 readability-magic-numbers 22423 readability-redundant-preprocessor 45 readability-named-parameter 21 readability-function-cognitive-complexity 845 readability-else-after-return 398 bugprone-implicit-widening-of-multiplication-result 595 readability-function-size 21 readability-isolate-declaration 1090 misc-redundant-expression 2 bugprone-narrowing-conversions 994 misc-no-recursion 3 readability-uppercase-literal-suffix 18 bugprone-reserved-identifier 56 readability-suspicious-call-argument 74 bugprone-too-small-loop-variable 7 bugprone-easily-swappable-parameters 437 bugprone-signed-char-misuse 8 readability-misleading-indentation 94 bugprone-macro-parentheses 601 readability-inconsistent-declaration-parameter-name 2 bugprone-suspicious-string-compare 495 readability-redundant-control-flow 20 readability-braces-around-statements 11483 clang-analyzer-valist.Uninitialized 1 clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling 3502	2022-01-21 01:25:48 -06:00
Sean Parkinson	b75fe633ad	SP int: minor improvements to sp_invmod	2022-01-21 16:47:59 +10:00
Sean Parkinson	8a2cab8702	SHA-512 ASM: For Mac computers default to using SHA512 instructions	2022-01-21 16:40:35 +10:00
Sean Parkinson	30e9d2813e	Merge pull request #4782 from haydenroche5/aes_siv_gpp Fix AES-SIV test with g++.	2022-01-21 15:37:12 +10:00
Hayden Roche	888bd2b304	Fix AES-SIV test with g++. The string initializers for the AES-SIV test vector fields needed an extra byte for the null terminator expected by g++.	2022-01-20 19:22:25 -08:00
Sean Parkinson	848f5eeb0c	Merge pull request #4755 from dgarske/dtls_srtp DTLS SRTP (RFC5764) support (adds `--enable-srtp`)	2022-01-21 10:43:47 +10:00
David Garske	d1a23a3285	Merge pull request #4758 from kareem-wolfssl/asioOldTls Fix building ASIO with Old TLS disabled.	2022-01-20 10:44:41 -08:00
David Garske	427b67d51b	Merge pull request #4756 from kareem-wolfssl/noBio Fix building with OPENSSL_EXTRA and NO_BIO defined.	2022-01-20 10:41:22 -08:00
David Garske	5ea23d389c	Merge pull request #4778 from haydenroche5/chrony Add --enable-chrony configure option.	2022-01-20 08:46:00 -08:00
Marco Oliverio	40f573df72	dtls-srtp: NIT: fix EKM size in comments	2022-01-20 16:55:44 +01:00
Marco Oliverio	46c0809f5a	dtls-srtp: add script to test interop with OpenSSL	2022-01-20 16:55:44 +01:00
Marco Oliverio	d5aa76b161	dtsl-srtp: use PRF according to the DTLS version used RFC 5764 sec 4.1.2	2022-01-20 16:55:30 +01:00
Marco Oliverio	cdb2936244	dtls-srtp: PRF: fix correct order of client/server random in seed see RFC 5705 Section 4	2022-01-20 16:12:04 +01:00
Marco Oliverio	231a0bbb84	dtls-srtp: no ekm cross check on single threaded/no pthread conf	2022-01-20 16:12:04 +01:00
Sean Parkinson	1af3ea56c8	Cert: allow allocation of fields even with WOLFSSL_NO_MALLOC subjectCN and publicKey in a DecodedCert are needed by the certificate store in some cases. For embedded, allow them to be allocated even with WOLFSSL_NO_MALLOC defined.	2022-01-20 16:16:09 +10:00
David Garske	d728a7f0e6	Merge pull request #4777 from SparkiDev/sp_modinv_even_fix SP int: fix rework of sp_invmod	2022-01-19 20:32:48 -08:00
Hayden Roche	a05b1b012f	Add --enable-chrony configure option. This turns on the necessary features for using the chrony NTP package with wolfSSL.	2022-01-19 19:13:34 -08:00
David Garske	95efdccd7f	Merge pull request #4751 from SparkiDev/sp_int_thumb_asm SP int: ARM Thumb asm snippets	2022-01-19 18:52:02 -08:00
David Garske	609d6442b1	Merge pull request #4753 from SparkiDev/siphash Add SipHash algorithm	2022-01-19 18:51:44 -08:00
David Garske	fcce4f7a92	Merge pull request #4765 from haydenroche5/aes_siv Add AES-SIV (RFC 5297).	2022-01-19 18:51:12 -08:00
Jacob Barthelmeh	29513e1ec8	include hmac for deterministic ecc sign build	2022-01-20 09:25:32 +07:00
Sean Parkinson	b767857abb	SP int: fix rework of sp_invmod Simplify code and check for m mod a == 0 which means there is no inverse.	2022-01-20 10:37:31 +10:00
Sean Parkinson	a6485a228d	Add SipHash algorithm	2022-01-20 09:41:18 +10:00
Sean Parkinson	a1185adf2c	SP int: ARM Thumb asm snippets	2022-01-20 09:16:45 +10:00
Hayden Roche	62b07d8806	Add AES-SIV (RFC 5297). This commit adds functions to encrypt and decrypt data using AES in SIV mode, as described in RFC 5297. This was added in the process of porting chrony to wolfSSL. chrony is an NTP implementation that can use NTS (network time security), which requires AES-SIV.	2022-01-19 14:32:33 -08:00
David Garske	d668037541	Merge pull request #4746 from elms/gh/templates github: Initial templates	2022-01-19 14:04:21 -08:00
elms	c6fdb34daa	cmake: enable ASM and fix thread with usersettings * Assembly files were not being compiled. * With When `-DWOLFSSL_USER_SETTINGS` `HAVE_PTHREAD` was not propagating to `config.h`	2022-01-19 13:34:25 -08:00
David Garske	7adbf59f22	Merge pull request #4767 from anhu/kill_hc128 Get rid of HC-128	2022-01-19 12:20:18 -08:00
David Garske	c5d3581ac2	Merge pull request #4771 from SparkiDev/sp_c_mont_red SP C: fix corner case of P256 and P384 mont red	2022-01-19 11:32:49 -08:00
David Garske	0175013604	Merge pull request #4770 from anhu/cve CVE-2022-23408	2022-01-19 11:31:24 -08:00

1 2 3 4 5 ...

16317 Commits