From fd292b1ae477373ee8e0123d5cd567f9be7451b2 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 20 Dec 2017 14:45:46 -0700 Subject: [PATCH 1/4] check key for NULL in wc_ecc_import_private_key_ex() --- wolfcrypt/src/ecc.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 95666c5c5..00706aca3 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -5315,15 +5315,15 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, { int ret; + if (key == NULL || priv == NULL) + return BAD_FUNC_ARG; + /* public optional, NULL if only importing private */ if (pub != NULL) { ret = wc_ecc_import_x963_ex(pub, pubSz, key, curve_id); key->type = ECC_PRIVATEKEY; } else { - if (key == NULL || priv == NULL) - return BAD_FUNC_ARG; - /* make sure required variables are reset */ wc_ecc_reset(key); @@ -5335,7 +5335,6 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, if (ret != 0) return ret; - #ifdef WOLFSSL_ATECC508A /* TODO: Implement equiv call to ATECC508A */ return BAD_COND_E; From 7bc5bcb86a6cd5be6bb729ac04a8336fc1991d7f Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 20 Dec 2017 14:55:35 -0700 Subject: [PATCH 2/4] benchmark.c fixes for NO_MAIN_DRIVER, const arrays --- wolfcrypt/benchmark/benchmark.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index c84a3b439..ac223270c 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -206,7 +206,8 @@ static int bench_asym_algs = 0; /* Other cryptographic algorithms to benchmark. */ static int bench_other_algs = 0; -#ifndef WOLFSSL_BENCHMARK_ALL +#if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER) + /* The mapping of command line option to bit values. */ typedef struct bench_alg { /* Command line option string. */ @@ -215,8 +216,8 @@ typedef struct bench_alg { int val; } bench_alg; -/* All recoginized cipher algorithm choosing command line options. */ -static bench_alg bench_cipher_opt[] = { +/* All recognized cipher algorithm choosing command line options. */ +static const bench_alg bench_cipher_opt[] = { { "-cipher", -1 }, #ifdef HAVE_AES_CBC { "-aes_cbc", BENCH_AES_CBC }, @@ -263,8 +264,8 @@ static bench_alg bench_cipher_opt[] = { { NULL, 0} }; -/* All recoginized digest algorithm choosing command line options. */ -static bench_alg bench_digest_opt[] = { +/* All recognized digest algorithm choosing command line options. */ +static const bench_alg bench_digest_opt[] = { { "-digest", -1 }, #ifndef NO_MD5 { "-md5", BENCH_MD5 }, @@ -315,8 +316,8 @@ static bench_alg bench_digest_opt[] = { { NULL, 0} }; -/* All recoginized MAC algorithm choosing command line options. */ -static bench_alg bench_mac_opt[] = { +/* All recognized MAC algorithm choosing command line options. */ +static const bench_alg bench_mac_opt[] = { { "-mac", -1 }, #ifdef WOLFSSL_CMAC { "-cmac", BENCH_CMAC }, @@ -345,8 +346,8 @@ static bench_alg bench_mac_opt[] = { { NULL, 0} }; -/* All recoginized asymmetric algorithm choosing command line options. */ -static bench_alg bench_asym_opt[] = { +/* All recognized asymmetric algorithm choosing command line options. */ +static const bench_alg bench_asym_opt[] = { { "-asym", -1 }, #ifndef NO_RSA #ifdef WOLFSSL_KEY_GEN @@ -381,9 +382,9 @@ static bench_alg bench_asym_opt[] = { { NULL, 0} }; -/* All recoginized other cryptographic algorithm choosing command line options. +/* All recognized other cryptographic algorithm choosing command line options. */ -static bench_alg bench_other_opt[] = { +static const bench_alg bench_other_opt[] = { { "-other", -1 }, #ifndef WC_NO_RNG { "-rng", BENCH_RNG }, From be4d3c8321d2123825beb14bf20cc96aa14163ad Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 20 Dec 2017 15:02:35 -0700 Subject: [PATCH 3/4] fix for SetBitString() defined but not used --- wolfcrypt/src/asn.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 272fb19bc..9ebbb0112 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -648,9 +648,13 @@ static int CheckBitString(const byte* input, word32* inOutIdx, int* len, return 0; } +/* RSA (with CertGen or KeyGen) OR ECC OR ED25519 (with CertGen or KeyGen) */ #if (!defined(NO_RSA) && !defined(HAVE_USER_RSA) && \ - (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))) || \ - defined(HAVE_ECC) || defined(HAVE_ED25519) + (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))) || \ + defined(HAVE_ECC) || \ + (defined(HAVE_ED25519) && \ + (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))) + /* Set the DER/BER encoding of the ASN.1 BIT_STRING header. * * len Length of data to encode. From adc8ca0f16983d3cd47c71220186613896f7b887 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Wed, 20 Dec 2017 15:13:13 -0700 Subject: [PATCH 4/4] api.c fix for fast-rsa --- tests/api.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/api.c b/tests/api.c index 8ac5b59e1..babe470bd 100644 --- a/tests/api.c +++ b/tests/api.c @@ -7927,10 +7927,11 @@ static int test_wc_RsaKeyToDer (void) RsaKey genKey; WC_RNG rng; byte* der; + word32 derSz = 611; /* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00) + 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */ - der = (byte*)XMALLOC(611, NULL, DYNAMIC_TYPE_TMP_BUFFER); + der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (der == NULL) { ret = WOLFSSL_FATAL_ERROR; } @@ -7952,7 +7953,7 @@ static int test_wc_RsaKeyToDer (void) printf(testingFmt, "wc_RsaKeyToDer()"); if (ret == 0) { - ret = wc_RsaKeyToDer(&genKey, der, 610); + ret = wc_RsaKeyToDer(&genKey, der, derSz); if (ret > 0) { ret = 0; } else {