feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Eliminate async NUMA allocation for wc_ecc_gen_k. Additional DECLARE_VAR checks. Improve mp_rand to avoid alloc in async case.

Browse Source
This commit is contained in:
David Garske
2019-09-19 11:34:59 -07:00
parent 946a0f593f
commit 1493b94b27
4 changed files with 16 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/ecc.c
View File

@ -3815,11 +3815,7 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
{
#ifndef WC_NO_RNG
int err;
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
DECLARE_VAR(buf, byte, ECC_MAXSIZE_GEN, rng->heap);
#else
byte buf[ECC_MAXSIZE_GEN];
#endif
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
@ -3846,9 +3842,6 @@ static int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
}
ForceZero(buf, ECC_MAXSIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)
FREE_VAR(buf, rng->heap);
#endif
return err;
#else

10
wolfcrypt/src/random.c
View File

@ -311,6 +311,8 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
#endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
if (digest == NULL)
return MEMORY_E;
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
@ -443,6 +445,8 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
#endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
if (digest == NULL)
return MEMORY_E;
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
@ -551,6 +555,8 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
} else {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
if (digest == NULL)
return MEMORY_E;
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
@ -749,6 +755,8 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
if (wc_RNG_HealthTestLocal(0) == 0) {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
if (seed == NULL)
return MEMORY_E;
#else
byte seed[MAX_SEED_SZ];
#endif
@ -2180,7 +2188,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
word32 len = sizeof(rand);
if (sz < len)
len = sz;
/* Get one random 32-bit word from hw RNG */
/* Get one random 32-bit word from hw RNG */
rand = esp_random( );
XMEMCPY(output, &rand, len);
output += len;

20
wolfcrypt/src/wolfmath.c
View File

@ -97,17 +97,13 @@ int get_rand_digit(WC_RNG* rng, mp_digit* d)
int mp_rand(mp_int* a, int digits, WC_RNG* rng)
{
int ret = 0;
DECLARE_VAR(d, mp_digit, 1, rng ? rng->heap : NULL);
mp_digit d;
if (rng == NULL) {
ret = MISSING_RNG_E; goto exit;
}
if (a == NULL
#ifdef WOLFSSL_ASYNC_CRYPT
|| d == NULL
#endif
) {
if (a == NULL) {
ret = BAD_FUNC_ARG; goto exit;
}
@ -118,13 +114,13 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
/* first place a random non-zero digit */
do {
ret = get_rand_digit(rng, d);
ret = get_rand_digit(rng, &d);
if (ret != 0) {
goto exit;
}
} while (*d == 0);
} while (d == 0);
if ((ret = mp_add_d(a, *d, a)) != MP_OKAY) {
if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
goto exit;
}
@ -132,17 +128,15 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
if ((ret = mp_lshd(a, 1)) != MP_OKAY) {
goto exit;
}
if ((ret = get_rand_digit(rng, d)) != 0) {
if ((ret = get_rand_digit(rng, &d)) != 0) {
goto exit;
}
if ((ret = mp_add_d(a, *d, a)) != MP_OKAY) {
if ((ret = mp_add_d(a, d, a)) != MP_OKAY) {
goto exit;
}
}
exit:
FREE_VAR(d, rng ? rng->heap : NULL);
return ret;
}
#endif /* WC_RSA_BLINDING */

0
wolfssl/wolfcrypt/types.h Executable file → Normal file
View File