diff --git a/IDE/IAR-MSP430/main.c b/IDE/IAR-MSP430/main.c index e29a5ceba..192f77292 100644 --- a/IDE/IAR-MSP430/main.c +++ b/IDE/IAR-MSP430/main.c @@ -304,7 +304,7 @@ only_rng: printf( "ChaCha20/Poly1305 Encryption Start, 1000 itterations, %d bytes\r\n", - strlen((const char*)plaintext)); + (int)strlen((const char*)plaintext)); start = seconds; for (int i=0; i <= 1000; i++) { ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext, diff --git a/src/internal.c b/src/internal.c index 8c1efa770..d9ea5fe15 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2112,7 +2112,22 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->cbioFlag = WOLFSSL_CBIO_NONE; #endif -#ifndef WOLFSSL_USER_IO +#ifdef HAVE_NETX + ctx->CBIORecv = NetX_Receive; + ctx->CBIOSend = NetX_Send; +#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) + ctx->CBIORecv = Mynewt_Receive; + ctx->CBIOSend = Mynewt_Send; +#elif defined WOLFSSL_LWIP_NATIVE + ctx->CBIORecv = LwIPNativeReceive; + ctx->CBIOSend = LwIPNativeSend; +#elif defined(WOLFSSL_GNRC) + ctx->CBIORecv = GNRC_ReceiveFrom; + ctx->CBIOSend = GNRC_SendTo; +#elif defined WOLFSSL_ISOTP + ctx->CBIORecv = ISOTP_Receive; + ctx->CBIOSend = ISOTP_Send; +#elif !defined(WOLFSSL_USER_IO) #ifdef MICRIUM ctx->CBIORecv = MicriumReceive; ctx->CBIOSend = MicriumSend; @@ -2150,23 +2165,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) #endif /* MICRIUM */ #endif /* WOLFSSL_USER_IO */ -#ifdef HAVE_NETX - ctx->CBIORecv = NetX_Receive; - ctx->CBIOSend = NetX_Send; -#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) - ctx->CBIORecv = Mynewt_Receive; - ctx->CBIOSend = Mynewt_Send; -#elif defined WOLFSSL_LWIP_NATIVE - ctx->CBIORecv = LwIPNativeReceive; - ctx->CBIOSend = LwIPNativeSend; -#elif defined(WOLFSSL_GNRC) - ctx->CBIORecv = GNRC_ReceiveFrom; - ctx->CBIOSend = GNRC_SendTo; -#elif defined WOLFSSL_ISOTP - ctx->CBIORecv = ISOTP_Receive; - ctx->CBIOSend = ISOTP_Send; -#endif - #ifdef HAVE_PQC if (method->side == WOLFSSL_CLIENT_END) ctx->haveFalconSig = 1; /* always on client side */ @@ -6341,24 +6339,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->wfd = -1; ssl->devId = ctx->devId; /* device for async HW (from wolfAsync_DevOpen) */ -#ifdef HAVE_NETX - ssl->IOCB_ReadCtx = &ssl->nxCtx; /* default NetX IO ctx, same for read */ - ssl->IOCB_WriteCtx = &ssl->nxCtx; /* and write */ -#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) - ssl->mnCtx = mynewt_ctx_new(); - if(!ssl->mnCtx) { - return MEMORY_E; - } - ssl->IOCB_ReadCtx = ssl->mnCtx; /* default Mynewt IO ctx, same for read */ - ssl->IOCB_WriteCtx = ssl->mnCtx; /* and write */ -#elif defined (WOLFSSL_GNRC) - ssl->IOCB_ReadCtx = ssl->gnrcCtx; - ssl->IOCB_WriteCtx = ssl->gnrcCtx; -#else - ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer access if not */ - ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */ -#endif - /* initialize states */ ssl->options.serverState = NULL_STATE; ssl->options.clientState = NULL_STATE; @@ -6402,8 +6382,26 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) ssl->IOCB_ReadCtx = &ssl->buffers.dtlsCtx; /* prevent invalid pointer access if not */ ssl->IOCB_WriteCtx = &ssl->buffers.dtlsCtx; /* correctly set */ - +#else +#ifdef HAVE_NETX + ssl->IOCB_ReadCtx = &ssl->nxCtx; /* default NetX IO ctx, same for read */ + ssl->IOCB_WriteCtx = &ssl->nxCtx; /* and write */ +#elif defined(WOLFSSL_APACHE_MYNEWT) && !defined(WOLFSSL_LWIP) + ssl->mnCtx = mynewt_ctx_new(); + if(!ssl->mnCtx) { + return MEMORY_E; + } + ssl->IOCB_ReadCtx = ssl->mnCtx; /* default Mynewt IO ctx, same for read */ + ssl->IOCB_WriteCtx = ssl->mnCtx; /* and write */ +#elif defined (WOLFSSL_GNRC) + ssl->IOCB_ReadCtx = ssl->gnrcCtx; + ssl->IOCB_WriteCtx = ssl->gnrcCtx; +#else + ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer access if not */ + ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */ #endif +#endif + #ifndef WOLFSSL_AEAD_ONLY #ifndef NO_OLD_TLS @@ -18169,6 +18167,13 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, if (ssl == NULL) { return BAD_FUNC_ARG; } + /* catch mistaken sizeOnly parameter */ + if (!sizeOnly && (output == NULL || input == NULL) ) { + return BAD_FUNC_ARG; + } + if (sizeOnly && (output || input) ) { + return BAD_FUNC_ARG; + } (void)epochOrder; @@ -18216,14 +18221,6 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, switch (ssl->options.buildMsgState) { case BUILD_MSG_BEGIN: { - /* catch mistaken sizeOnly parameter */ - if (!sizeOnly && (output == NULL || input == NULL) ) { - ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); - } - if (sizeOnly && (output || input) ) { - WOLFSSL_MSG("BuildMessage w/sizeOnly doesn't need input/output"); - ERROR_OUT(BAD_FUNC_ARG, exit_buildmsg); - } #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { /* For epochs >1 the current cipher parameters are located in diff --git a/src/ssl.c b/src/ssl.c index b7e861980..beb8e1585 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -8297,8 +8297,8 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, void* heap, ret = CreateDevPrivateKey(&pkey, buff, size, type, isKeyLabel, isKeyId, heap, devId); - if (ret == 0) { #ifdef WOLF_CRYPTO_CB + if (ret == 0) { #ifndef NO_RSA if (der->keyOID == RSAk) { ret = wc_CryptoCb_RsaCheckPrivKey((RsaKey*)pkey, @@ -8311,12 +8311,11 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, void* heap, der->publicKey, der->pubKeySize); } #endif - #else - /* devId was set, don't check, for now, just return success */ - /* TODO: Add callback for private key check? */ - ret = 0; - #endif } + #else + /* devId was set, don't check, for now */ + /* TODO: Add callback for private key check? */ + #endif if (pkey != NULL) { #ifndef NO_RSA if (der->keyOID == RSAk) { @@ -9061,6 +9060,8 @@ static WOLFSSL_EVP_PKEY* _d2i_PublicKey(int type, WOLFSSL_EVP_PKEY** out, WOLFSSL_EVP_PKEY* local; int opt; + (void)opt; + if (in == NULL || inSz < 0) { WOLFSSL_MSG("Bad argument"); return NULL; @@ -34155,6 +34156,95 @@ int wolfSSL_PEM_write_DSA_PUBKEY(XFILE fp, WOLFSSL_DSA *x) #endif /* #ifndef NO_DSA */ #ifndef NO_BIO +/* Number of bytes to read from a file at a time. */ +#define PEM_READ_FILE_CHUNK_SZ 100 + +static int pem_read_bio_file(WOLFSSL_BIO* bio, char** pem) +{ + int ret = 0; + int idx = 0; + int sz = PEM_READ_FILE_CHUNK_SZ; /* read from file by chunks */ + int memSz = 0; + char* mem = NULL; + char* tmp; + + /* Allocate a chunk to read into. */ + tmp = (char*)XMALLOC(sz, bio->heap, DYNAMIC_TYPE_OPENSSL); + if (tmp == NULL) { + WOLFSSL_MSG("Memory error"); + ret = MEMORY_E; + } + + while (ret == 0 && (sz = wolfSSL_BIO_read(bio, tmp, sz)) > 0) { + char* newMem; + + /* sanity check for signed overflow */ + if (memSz + sz < 0) { + break; + } + + /* Reallocate to make space for read data. */ + newMem = (char*)XREALLOC(mem, memSz + sz, bio->heap, + DYNAMIC_TYPE_OPENSSL); + if (newMem == NULL) { + WOLFSSL_MSG("Memory error"); + ret = MEMORY_E; + break; + } + mem = newMem; + + /* Copy in new data. */ + XMEMCPY(mem + idx, tmp, sz); + memSz += sz; + idx += sz; + sz = PEM_READ_FILE_CHUNK_SZ; /* read another chunk from file */ + } + + XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); + tmp = NULL; + + if (ret == 0) { + /* Check data was read. */ + if (memSz <= 0) { + WOLFSSL_MSG("No data to read from bio"); + ret = BUFFER_E; + } + else { + /* Return size of data read. */ + ret = memSz; + } + } + /* Dispose of any allocated memory on error. */ + if (ret < 0) { + XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); + mem = NULL; + } + + *pem = mem; + return ret; +} + +static int pem_read_bio_pending(WOLFSSL_BIO* bio, int pendingSz, char** pem) +{ + int ret = 0; + char* mem; + + /* Allocate buffer to hold pending data. */ + mem = (char*)XMALLOC(pendingSz, bio->heap, DYNAMIC_TYPE_OPENSSL); + if (mem == NULL) { + WOLFSSL_MSG("Memory error"); + ret = MEMORY_E; + } + else if ((ret = wolfSSL_BIO_read(bio, mem, pendingSz)) <= 0) { + /* Pending data not read. */ + XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); + mem = NULL; + ret = MEMORY_E; + } + + *pem = mem; + return ret; +} static int pem_read_bio_key(WOLFSSL_BIO* bio, wc_pem_password_cb* cb, void* pass, int keyType, int* eccFlag, @@ -34167,75 +34257,20 @@ static int pem_read_bio_key(WOLFSSL_BIO* bio, wc_pem_password_cb* cb, #endif /* WOLFSSL_SMALL_STACK */ wc_pem_password_cb* localCb = NULL; char* mem = NULL; - int memSz = 0; int ret; - if(cb) { + if (cb != NULL) { localCb = cb; - } else { - if(pass) { - localCb = wolfSSL_PEM_def_callback; - } + } + else if (pass != NULL) { + localCb = wolfSSL_PEM_def_callback; } if ((ret = wolfSSL_BIO_pending(bio)) > 0) { - memSz = ret; - mem = (char*)XMALLOC(memSz, bio->heap, DYNAMIC_TYPE_OPENSSL); - if (mem == NULL) { - WOLFSSL_MSG("Memory error"); - ret = MEMORY_E; - } - if (ret >= 0) { - if ((ret = wolfSSL_BIO_read(bio, mem, memSz)) <= 0) { - XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); - mem = NULL; - ret = MEMORY_E; - } - } + ret = pem_read_bio_pending(bio, ret, &mem); } else if (bio->type == WOLFSSL_BIO_FILE) { - int sz = 100; /* read from file by 100 byte chunks */ - int idx = 0; - char* tmp = (char*)XMALLOC(sz, bio->heap, DYNAMIC_TYPE_OPENSSL); - memSz = 0; - if (tmp == NULL) { - WOLFSSL_MSG("Memory error"); - ret = MEMORY_E; - } - - while (ret >= 0 && (sz = wolfSSL_BIO_read(bio, tmp, sz)) > 0) { - char* newMem; - if (memSz + sz < 0) { - /* sanity check */ - break; - } - newMem = (char*)XREALLOC(mem, memSz + sz, bio->heap, - DYNAMIC_TYPE_OPENSSL); - if (newMem == NULL) { - WOLFSSL_MSG("Memory error"); - XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); - mem = NULL; - XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); - tmp = NULL; - ret = MEMORY_E; - break; - } - mem = newMem; - XMEMCPY(mem + idx, tmp, sz); - memSz += sz; - idx += sz; - sz = 100; /* read another 100 byte chunk from file */ - } - XFREE(tmp, bio->heap, DYNAMIC_TYPE_OPENSSL); - tmp = NULL; - if (memSz <= 0) { - WOLFSSL_MSG("No data to read from bio"); - if (mem != NULL) { - XFREE(mem, bio->heap, DYNAMIC_TYPE_OPENSSL); - mem = NULL; - } - ret = BUFFER_E; - } + ret = pem_read_bio_file(bio, &mem); } else { WOLFSSL_MSG("No data to read from bio"); @@ -34256,25 +34291,24 @@ static int pem_read_bio_key(WOLFSSL_BIO* bio, wc_pem_password_cb* cb, #endif /* WOLFSSL_SMALL_STACK */ if (ret >= 0) { + int memSz = ret; + XMEMSET(info, 0, sizeof(EncryptedInfo)); info->passwd_cb = localCb; info->passwd_userdata = pass; /* Do not strip PKCS8 header */ - ret = PemToDer((const unsigned char*)mem, memSz, keyType, der, - NULL, info, eccFlag); - + ret = PemToDer((const unsigned char*)mem, memSz, keyType, der, NULL, + info, eccFlag); if (ret < 0) { WOLFSSL_MSG("Bad PEM To DER"); } - else { - /* write left over data back to bio */ - if ((memSz - (int)info->consumed) > 0 && - bio->type != WOLFSSL_BIO_FILE) { - if (wolfSSL_BIO_write(bio, mem + (int)info->consumed, - memSz - (int)info->consumed) <= 0) { - WOLFSSL_MSG("Unable to advance bio read pointer"); - } + /* Write left over data back to BIO if not a file BIO */ + else if ((memSz - (int)info->consumed) > 0 && + bio->type != WOLFSSL_BIO_FILE) { + if (wolfSSL_BIO_write(bio, mem + (int)info->consumed, + memSz - (int)info->consumed) <= 0) { + WOLFSSL_MSG("Unable to advance bio read pointer"); } } } @@ -40983,7 +41017,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) } if (Base16_Encode(a->data + idx, len, buf, &bufLen) != 0 || - bufLen <= 0) { + bufLen == 0) { return 0; } diff --git a/tests/api.c b/tests/api.c index f59f61364..1ac26d8f9 100644 --- a/tests/api.c +++ b/tests/api.c @@ -7302,7 +7302,7 @@ static void test_wolfSSL_UseSNI_connection(void) XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfSSLv23_client_method; server_cb.method = wolfSSLv23_server_method; - server_cb.devId = devId; + client_cb.devId = devId; server_cb.devId = devId; /* success case at ctx */ @@ -7338,6 +7338,7 @@ static void test_wolfSSL_UseSNI_connection(void) /* sni abort - abort when absent (ctx) */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client; server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server; + test_wolfSSL_client_server(&client_cb, &server_cb); /* sni abort - abort when absent (ssl) */ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client; @@ -7831,7 +7832,7 @@ static void test_wolfSSL_UseALPN_connection(void) XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfSSLv23_client_method; server_cb.method = wolfSSLv23_server_method; - server_cb.devId = devId; + client_cb.devId = devId; server_cb.devId = devId; /* success case same list */ @@ -8031,7 +8032,7 @@ static void test_wolfSSL_set_alpn_protos(void) XMEMSET(&server_cb, 0, sizeof(callback_functions)); client_cb.method = wolfSSLv23_client_method; server_cb.method = wolfSSLv23_server_method; - server_cb.devId = devId; + client_cb.devId = devId; server_cb.devId = devId; /* use CTX_alpn_protos */ @@ -30365,8 +30366,8 @@ static void test_wc_GetPubKeyDerFromCert(void) byte certBuf[6000]; /* for PEM and CSR, client-cert.pem is 5-6kB */ word32 certBufSz = sizeof(certBuf); #endif -#if (!defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)) || \ - defined(WOLFSSL_CERT_REQ) +#if ((!defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_1024)) || \ + defined(WOLFSSL_CERT_REQ)) && !defined(NO_RSA) XFILE fp; #endif #ifndef NO_RSA diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 4bbbf367c..9533678ae 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -102,8 +102,12 @@ int testsuite_test(int argc, char** argv) func_args server_args; tcp_ready ready; +#if !defined(NETOS) THREAD_TYPE serverThread; + int ret; +#endif + #ifndef USE_WINDOWS_API const char *tempDir = NULL; char tempName[128]; @@ -117,7 +121,6 @@ int testsuite_test(int argc, char** argv) #ifdef HAVE_STACK_SIZE void *serverThreadStackContext = NULL; #endif - int ret; #ifndef USE_WINDOWS_API #ifdef XGETENV diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index c483eb338..44f8fb66e 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -25447,7 +25447,9 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, return ret; #else DECL_ASNSETDATA(dataASN, certReqBodyASN_Length); - word32 publicKeySz, subjectSz, extSz; + word32 publicKeySz; + word32 subjectSz = 0; + word32 extSz; int sz = 0; int ret = 0; #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index d85ed9e4e..cf1230aea 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -4198,6 +4198,9 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, !defined(WOLFSSL_ATECC608A) CRYS_ECDH_TempData_t tempBuff; #endif + + (void)err; + if (private_key == NULL || public_key == NULL || out == NULL || outlen == NULL) { return BAD_FUNC_ARG; @@ -4210,13 +4213,11 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #else - return err; #endif } #ifdef WOLF_CRYPTO_CB_ONLY_ECC else { - return NO_VALID_DEVID; + err = NO_VALID_DEVID; } #endif #endif @@ -4262,17 +4263,17 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, return err; } #elif defined(WOLFSSL_SILABS_SE_ACCEL) - err = silabs_ecc_shared_secret(private_key, public_key, out, outlen); + err = silabs_ecc_shared_secret(private_key, public_key, out, outlen); #elif defined(WOLFSSL_KCAPI_ECC) err = KcapiEcc_SharedSecret(private_key, public_key, out, outlen); #elif defined(WOLFSSL_SE050) - err = se050_ecc_shared_secret(private_key, public_key, out, outlen); + err = se050_ecc_shared_secret(private_key, public_key, out, outlen); #else err = wc_ecc_shared_secret_ex(private_key, &public_key->pubkey, out, outlen); #endif /* WOLFSSL_ATECC508A */ +#endif /* WOLF_CRYPTO_CB_ONLY_ECC */ return err; -#endif /* WOLF_CRYPTO_CB_ONLY_ECC */ } @@ -5798,13 +5799,11 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #else - return err; #endif } #ifdef WOLF_CRYPTO_CB_ONLY_ECC else { - return NO_VALID_DEVID; + err = NO_VALID_DEVID; } #endif #endif @@ -5872,15 +5871,15 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, XFREE(r, key->heap, DYNAMIC_TYPE_ECC); #endif #endif /* WOLFSSL_ASYNC_CRYPT */ - - return err; #else (void)rng; (void)inlen; (void)s; (void)r; + (void)err; #endif /* WOLF_CRYPTO_CB_ONLY_ECC */ + return err; } #endif /* !NO_ASN */ @@ -7388,13 +7387,11 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, if (err != CRYPTOCB_UNAVAILABLE) return err; /* fall-through when unavailable */ - #else - return err; #endif } #ifdef WOLF_CRYPTO_CB_ONLY_ECC else { - return NO_VALID_DEVID; + err = NO_VALID_DEVID; } #endif #endif @@ -7500,8 +7497,6 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, /* make sure required variables are reset */ wc_ecc_reset(key); - - return err; #else (void)siglen; (void)hashlen; @@ -7511,8 +7506,10 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, #endif (void)s; (void)r; + (void)err; #endif /* WOLF_CRYPTO_CB_ONLY_ECC */ + return err; } #endif /* !NO_ASN */ diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 11311c701..76368a7ec 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -3660,7 +3660,7 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name) const struct alias { const char *name; const char *alias; - } alias_tbl[] = { + } cipher_alias_tbl[] = { #ifndef NO_DES3 {EVP_DES_CBC, "des"}, {EVP_DES_ECB, "des-ecb"}, @@ -3721,7 +3721,7 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name) WOLFSSL_ENTER("EVP_get_cipherbyname"); - for (al = alias_tbl; al->name != NULL; al++) { + for (al = cipher_alias_tbl; al->name != NULL; al++) { /* Accept any case alternative version of an alias. */ if (XSTRNCASECMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) { name = al->name; @@ -3871,7 +3871,7 @@ int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out, static const struct alias { const char *name; const char *alias; -} alias_tbl[] = +} digest_alias_tbl[] = { {"MD4", "ssl3-md4"}, {"MD5", "ssl3-md5"}, @@ -3897,7 +3897,7 @@ const WOLFSSL_EVP_MD *wolfSSL_EVP_get_digestbyname(const char *name) return NULL; name = nameUpper; - for (al = alias_tbl; al->name != NULL; al++) + for (al = digest_alias_tbl; al->name != NULL; al++) if(XSTRNCMP(name, al->alias, XSTRLEN(al->alias)+1) == 0) { name = al->name; break; @@ -4357,7 +4357,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type) const char* aliasnm = NULL; const struct alias *al; - for (al = alias_tbl; al->name != NULL; al++) + for (al = digest_alias_tbl; al->name != NULL; al++) if(XSTRNCMP(n, al->name, XSTRLEN(al->name)+1) == 0) { aliasnm = al->alias; break; @@ -9005,19 +9005,26 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out, const WOLFSSL_EVP_PKEY* pkey, int indent, ASN1_PCTX* pctx) { int res; +#if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \ + defined(WOLFSSL_DH_EXTRA) int keybits; /* bit length of the key */ +#endif WOLFSSL_ENTER("wolfSSL_EVP_PKEY_print_public"); if (pkey == NULL || out == NULL) { return 0; } +#if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \ + defined(WOLFSSL_DH_EXTRA) if (indent < 0) { indent = 0; } if (indent > EVP_PKEY_PRINT_INDENT_MAX) { indent = EVP_PKEY_PRINT_INDENT_MAX; } +#endif + switch (pkey->type) { case EVP_PKEY_RSA: diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 320cb8030..3d47ac7a4 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -3071,7 +3071,9 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out, byte* label, word32 labelSz, int saltLen, WC_RNG* rng) { - int ret, sz, state; + int ret = 0; + int sz; + int state; if (in == NULL || inLen == 0 || out == NULL || key == NULL) { return BAD_FUNC_ARG; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 9fb993b3b..8e8244563 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -16668,11 +16668,11 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void) #ifdef HAVE_FFDHE_4096 #ifdef HAVE_PUBLIC_FFDHE ret = dh_ffdhe_test(&rng, wc_Dh_ffdhe4096_Get()); - if (ret != 0) - ERROR_OUT(-8128, done); #else ret = dh_ffdhe_test(&rng, WC_FFDHE_4096); #endif + if (ret != 0) + ERROR_OUT(-8128, done); #endif #endif /* !WC_NO_RNG */ #endif /* HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM64_ASM */