mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21,571 Commits 5 Branches 162 Tags
Commit Graph

21571 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andras Fekete
f00c5eb95d Fix double free 
Warning 546055.3229451
 2024-01-03 09:59:18 -05:00
Daniel Pouzzner
461cf9ea71
Merge pull request #7103 from philljj/fix_infer_issues 
Fix infer issues
 2024-01-02 15:40:24 -05:00
jordan
e175004f85 Fix Infer Uninitialized Values. 2024-01-02 12:16:20 -06:00
JacobBarthelmeh
3901fa6a96 fix check on non aad use 2024-01-02 08:50:59 -08:00
JacobBarthelmeh
f8dbc7f15c use of device key with AES-GCM and add way to avoid malloc for tag 2024-01-02 08:50:59 -08:00
JacobBarthelmeh
567243d257 touch up autoconf build with xilinx and sp macro guards 2024-01-02 08:50:59 -08:00
Daniel Pouzzner
c8188eaabd
Merge pull request #7100 from philljj/zd17237 
Fix uninitialized keyUsage in DecodeKeyUsage.
 2024-01-02 01:51:45 -05:00
Daniel Pouzzner
6de275111b
Merge pull request #7101 from miyazakh/ra_fsp3p5 
fix include path for FSP 3.5 on Renesas RA6M4
 2024-01-02 01:18:18 -05:00
David Garske
faeae02030
Merge pull request #7104 from douzzer/20231227-cppcheck-2v13v0 
20231227-cppcheck-2v13v0
 2023-12-28 18:03:26 -08:00
Daniel Pouzzner
b17ec3b4bc cppcheck-2.13.0 mitigations peer review: 
* add explanation in DoSessionTicket() re autoVariables.
* re-refactor ECC_KEY_MAX_BITS() in ecc.c to use two separate macros, ECC_KEY_MAX_BITS() with same definition as before, and ECC_KEY_MAX_BITS_NONULLCHECK().
* in rsip_vprintf() use XVSNPRINTF() not vsnprintf().
* in types.h, fix fallthrough definition of WC_INLINE macro in !NO_INLINE cascade to be WC_MAYBE_UNUSED as it is when NO_INLINE.
 2023-12-28 16:38:47 -06:00
Daniel Pouzzner
44b18de704 fixes for cppcheck-2.13.0 --force: 
* fix null pointer derefs in wc_InitRsaKey_Id() and wc_InitRsaKey_Label() (nullPointerRedundantCheck).
* fix use of wrong printf variant in rsip_vprintf() (wrongPrintfScanfArgNum).
* fix wrong printf format in bench_xmss_sign_verify() (invalidPrintfArgType_sint).
* add missing WOLFSSL_XFREE_NO_NULLNESS_CHECK variants of XFREE() (WOLFSSL_LINUXKM, FREESCALE_MQX, FREESCALE_KSDK_MQX).
* suppress false-positive uninitvar on "limit" in CheckTLS13AEADSendLimit().
* suppress true-but-benign-positive autoVariables in DoClientHello().
* in wolfcrypt/src/ecc.c, refactor ECC_KEY_MAX_BITS() as a local function to resolve true-but-benign-positive identicalInnerCondition.
* refactor flow in wc_ecc_sign_hash_ex() to resolve true-but-benign-positive identicalInnerCondition.
 2023-12-28 15:06:21 -06:00
Hideki Miyazaki
e3346fe3c4
fix include path for FSP 3.5 2023-12-28 16:00:05 +09:00
jordan
46bf30ca77 Fix uninitialized keyUsage in DecodeKeyUsage. 2023-12-27 22:58:52 -06:00
Daniel Pouzzner
457188f55e
Merge pull request #7070 from dgarske/cryptocb_moreinfo 
Fixes for TLS with crypto callbacks
 2023-12-27 18:55:56 -05:00
David Garske
1c4d7285d3 Add documentation for HKDF functions. Improve param comments for devId. 2023-12-27 13:56:40 -08:00
lealem47
fc3977fc77
Merge pull request #7098 from dgarske/stm32_pka 
Fixes for STM32 PKA
 2023-12-27 14:36:53 -07:00
John Bland
e641c6b738 when removing the padding for the TLS13 verify message 
step, check that the index doesn't wrap around due to a malformed packet
 2023-12-27 16:06:40 -05:00
David Garske
cca6cc0495 Make new HDFK _ex functions public. 2023-12-27 11:40:29 -08:00
David Garske
c37edb09f7 Fix STM32 PKA V2 (STM32U5) point multiply missing order/coefB. 2023-12-27 11:37:16 -08:00
Lealem Amedie
837452b1ca Remove user-crypto functionality and Intel IPP support 2023-12-27 12:24:19 -07:00
David Garske
be8000d5f7 Add useful information about single precision math and document options for enabling additional curves/key sizes. 2023-12-27 10:27:56 -08:00
David Garske
0d057099af Fix line lengths. 2023-12-27 10:12:52 -08:00
David Garske
65ba8bd6ba Improve detection of FP_MAX_BITS for RSA or DH. 2023-12-27 10:11:06 -08:00
David Garske
3a798e148b Fix STM32 PKA ECC cast warning. 2023-12-27 09:57:40 -08:00
David Garske
b86dfffdbe Improve the TLS v1.3 expand key label warning for possible use of uninitialized "hash". 2023-12-27 09:52:56 -08:00
Juliusz Sosinowicz
157753defe Detect if using C99 and use correct inline asm notation 2023-12-27 18:02:13 +01:00
Juliusz Sosinowicz
4b21cf3efc Add fencing to ClientSessionToSession() 
Prevent memory access before clientSession->serverRow and clientSession->serverIdx are sanitized.

Fixes ZD17219

Co-authored-by: Daniele Lacamera <dan@danielinux.net>
 2023-12-27 16:23:52 +01:00
David Garske
b8392ef659
Merge pull request #7092 from douzzer/20231224-clang-unreachable-code-aggressive 
20231224-clang-unreachable-code-aggressive
 2023-12-26 14:56:42 -08:00
Daniel Pouzzner
e68facd889 src/ssl.c: in wolfSSL_curve_is_disabled(), fix shiftTooManyBitsSigned. 2023-12-25 00:27:49 -06:00
Daniel Pouzzner
8a32e7f3f9 fixes for clang -Wunreachable-code-aggressive: 
tests/suites.c: in SuiteTest(), swap order of (void)s and return.

wolfcrypt/src/chacha.c: gate out unreachable C wc_Chacha_encrypt_bytes() call in wc_Chacha_Process, and gate out unused implementations of wc_Chacha_wordtobyte() and wc_Chacha_encrypt_bytes(), when defined(USE_INTEL_CHACHA_SPEEDUP).

wolfcrypt/src/sha256.c and wolfcrypt/src/sha512.c: fix logic in Sha256_SetTransform() and Sha512_SetTransform() to make the AVX1_RORX implementations accessible.  also add a missing Transform_Sha512_Len_p = NULL in the C path of Sha512_SetTransform().

wolfssl/internal.h: for the fallback definition of wolfSSL_curve_is_disabled, use an inline function instead of a compound-clause macro, because clang isn't smart enough to treat the compound expression as a bare constant zero, producing a lame-positive -Wunreachable-code.
 2023-12-25 00:23:37 -06:00
JacobBarthelmeh
a97ee9d220 SHA256 uses ForceZero now too 2023-12-22 15:09:34 -08:00
David Garske
d9ac8b5422 Peer review fixes. Fix issues with Tls13HKDFExpandKeyLabel. Fix crypto callback line lengths. 2023-12-22 14:16:59 -08:00
JacobBarthelmeh
daf1d1728f
Merge pull request #7090 from douzzer/20231222-clang-unreachable-code-aggressive 
20231222-clang-unreachable-code-aggressive
 2023-12-22 14:51:20 -07:00
Daniel Pouzzner
e65e9f11c7 fixes for clang -Wunreachable-code-aggressive (-Wunreachable-code/clang-diagnostic-unreachable-code in src/ssl.c:wolfSSL_CTX_load_verify_buffer_ex() and -Wunreachable-code/clang-diagnostic-unreachable-code-return in api.c:myCEKwrapFunc()). 2023-12-22 14:12:13 -06:00
Daniel Pouzzner
59cdd5c70f
Merge pull request #7082 from bandi13/ARIA_Sign_fix 
Aria sign fix
 2023-12-21 19:01:54 -05:00
Sean Parkinson
f77f7c70d3
Merge pull request #7018 from dgarske/ti_aes 
Fixes for TI AES and SHA
 2023-12-22 07:55:00 +10:00
Sean Parkinson
f5ff72aa56
Merge pull request #7087 from dgarske/cryptocb_sha1 
Allow crypto callbacks with SHA-1 HW
 2023-12-22 07:54:50 +10:00
Andras Fekete
b5592c4571 Addressing PR comments 2023-12-21 16:48:15 -05:00
Sean Parkinson
00c9625ab8
Merge pull request #7081 from gojimmypi/PR-Espressif-ESP32-C2 
Add wolfcrypt SHA support for ESP32-C2/ESP8684, other minor updates
 2023-12-22 07:23:51 +10:00
Sean Parkinson
a5a2b3752d
Merge pull request #7077 from gojimmypi/PR-Espressif-threads 
wolfSSL_NewThread() type update for Espressif FreeRTOS
 2023-12-22 07:22:33 +10:00
David Garske
0d212d8055 Further cleanup for Hashes.sha when not required. Gate all TLS SHA-1 on either old TLS or WOLFSSL_ALLOW_TLS_SHA1. 2023-12-21 09:41:29 -08:00
Daniel Pouzzner
5b3aaf8bbd
Merge pull request #7086 from dgarske/rpm_spec 
Remove obsolete mkdir call
 2023-12-21 00:37:22 -05:00
David Garske
9311a961a0 Allow crypto callbacks with SHA-1 HW. Resolves build error in test.c with trying to use HW SHA-1 with crypto cb enabled. Note: sha.h changes are very small if ignoring whitespace. 2023-12-20 15:48:21 -08:00
David Garske
86f9171050 Remove obsolete mkdir call. 2023-12-20 14:52:08 -08:00
David Garske
a5464a9b51
Merge pull request #7083 from douzzer/20231219-clang-analyzer-optin.core.EnumCastOutOfRange 
20231219-clang-analyzer-optin.core.EnumCastOutOfRange
 2023-12-20 14:18:06 -08:00
Daniel Pouzzner
805c2d4487
Merge pull request #7085 from dgarske/async_v5.6.6 
Fix for invalid `dh_ffdhe_test` test case using Intel QuickAssist
 2023-12-20 15:31:58 -05:00
David Garske
00f196d497 Fix for invalid dh_ffdhe_test test with even P when using Intel QuickAssist. 2023-12-20 11:30:17 -08:00
Daniel Pouzzner
f2d573f01f wolfssl/wolfcrypt/asn.h, src/ssl.c: add "ANONk" to enum Key_Sum, and use the new value in wolfSSL_get_sigalg_info(), fixing clang-analyzer-optin.core.EnumCastOutOfRange. 
add suppressions in tests for expected clang-analyzer-optin.core.EnumCastOutOfRange's.
 2023-12-19 18:14:29 -06:00
Andras Fekete
77e8a66ca3 Not cryptocb's job to sanity check input 
Don't need to check parameters at every level
 2023-12-19 15:55:38 -05:00
Andras Fekete
12192b7683 Set result to invalid as first step 2023-12-19 15:54:25 -05:00