feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #708 from SparkiDev/test_cov

Browse Source 
Extend testing for coverage
This commit is contained in:
toddouska
2017-03-09 12:52:18 -08:00
committed by GitHub
parent 2bb14903f9 7ca19f9fff
commit 2444a55afe
12 changed files with 2530 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
certs/test/cert-ext-ia.cfg Normal file
View File

@ -0,0 +1,18 @@
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
inhibitAnyPolicy = critical,1
nsComment = "Testing inhibit any"

BIN
certs/test/cert-ext-ia.der Normal file
View File

Binary file not shown.

18
certs/test/cert-ext-nc.cfg Normal file
View File

@ -0,0 +1,18 @@
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
nameConstraints = critical,permitted;email:.wolfssl.com
nsComment = "Testing name constraints"

BIN
certs/test/cert-ext-nc.der Normal file
View File

Binary file not shown.

BIN
certs/test/cert-ext-ns.der Normal file
View File

Binary file not shown.

69
certs/test/gen-ext-certs.sh Normal file
View File

@ -0,0 +1,69 @@
#!/bin/sh
TMP="/tmp/`basename $0`"
gen_cert() {
openssl req -x509 -keyform DER -key certs/server-key.der \
-outform DER -out $OUT -config $CONFIG \
>$TMP 2>&1
if [ "$?" = "0" -a -f $OUT ]; then
echo "Created: $OUT"
else
cat $TMP
echo "Failed: $OUT"
fi
rm $TMP
}
OUT=certs/test/cert-ext-nc.der
KEYFILE=certs/test/cert-ext-nc-key.der
CONFIG=certs/test/cert-ext-nc.cfg
tee >$CONFIG <<EOF
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
nameConstraints = critical,permitted;email:.wolfssl.com
nsComment = "Testing name constraints"
EOF
gen_cert
OUT=certs/test/cert-ext-ia.der
KEYFILE=certs/test/cert-ext-ia-key.der
CONFIG=certs/test/cert-ext-ia.cfg
tee >$CONFIG <<EOF
[ req ]
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = v3_ca
[ req_distinguished_name ]
C = AU
ST = Queensland
L = Brisbane
O = wolfSSL Inc
OU = Engineering
CN = www.wolfssl.com
emailAddress = support@www.wolfsssl.com
[ v3_ca ]
inhibitAnyPolicy = critical,1
nsComment = "Testing inhibit any"
EOF
gen_cert

68
wolfcrypt/src/asn.c
View File

@ -9190,11 +9190,12 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
return ret; return ret;
} }
#ifdef WOLFSSL_CERT_EXT
int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
ecc_key* key, word32 inSz) ecc_key* key, word32 inSz)
{ {
int length; int length;
int ret = 0; byte b;
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -9202,57 +9203,48 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
if (GetSequence(input, inOutIdx, &length, inSz) < 0) if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
#if defined(OPENSSL_EXTRA) || defined(ECC_DECODE_EXTRA) if (GetSequence(input, inOutIdx, &length, inSz) < 0)
{ return ASN_PARSE_E;
byte b = input[*inOutIdx];
if (b != ASN_INTEGER) {
/* not from decoded cert, will have algo id, skip past */
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E;
b = input[(*inOutIdx)++]; b = input[(*inOutIdx)++];
if (b != ASN_OBJECT_ID) if (b != ASN_OBJECT_ID)
return ASN_OBJECT_ID_E; return ASN_OBJECT_ID_E;
if (GetLength(input, inOutIdx, &length, inSz) < 0) if (GetLength(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
*inOutIdx += length; /* skip past */ *inOutIdx += length; /* skip past */
/* ecc params information */ /* ecc params information */
b = input[(*inOutIdx)++]; b = input[(*inOutIdx)++];
if (b != ASN_OBJECT_ID) if (b != ASN_OBJECT_ID)
return ASN_OBJECT_ID_E; return ASN_OBJECT_ID_E;
if (GetLength(input, inOutIdx, &length, inSz) <= 0) if (GetLength(input, inOutIdx, &length, inSz) <= 0)
return ASN_PARSE_E; return ASN_PARSE_E;
*inOutIdx += length; /* skip past */ *inOutIdx += length; /* skip past */
/* key header */ /* key header */
b = input[*inOutIdx]; b = input[*inOutIdx];
*inOutIdx += 1; *inOutIdx += 1;
if (b != ASN_BIT_STRING) if (b != ASN_BIT_STRING)
ret = ASN_BITSTR_E; return ASN_BITSTR_E;
else if (GetLength(input, inOutIdx, &length, inSz) <= 0) if (GetLength(input, inOutIdx, &length, inSz) <= 0)
ret = ASN_PARSE_E; return ASN_PARSE_E;
else {
b = input[*inOutIdx];
*inOutIdx += 1;
if (b != 0x00) b = input[(*inOutIdx)++];
ret = ASN_EXPECT_0_E; if (b != 0x00)
} return ASN_EXPECT_0_E;
}
} /* openssl var block */
#endif /* OPENSSL_EXTRA */
/* This is the raw point data compressed or uncompressed. */
if (wc_ecc_import_x963(input+*inOutIdx, inSz - *inOutIdx, key) != 0) if (wc_ecc_import_x963(input+*inOutIdx, inSz - *inOutIdx, key) != 0)
return ASN_ECC_KEY_E; return ASN_ECC_KEY_E;
return ret; return 0;
} }
#endif
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN

39
wolfcrypt/src/hash.c
View File

@ -236,41 +236,32 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
case WC_HASH_TYPE_MD5: case WC_HASH_TYPE_MD5:
#ifndef NO_MD5 #ifndef NO_MD5
wc_InitMd5(&hash->md5); wc_InitMd5(&hash->md5);
ret = 0;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA: case WC_HASH_TYPE_SHA:
#ifndef NO_SHA #ifndef NO_SHA
ret = wc_InitSha(&hash->sha); ret = wc_InitSha(&hash->sha);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA224: case WC_HASH_TYPE_SHA224:
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
ret = wc_InitSha224(&hash->sha224); ret = wc_InitSha224(&hash->sha224);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA256: case WC_HASH_TYPE_SHA256:
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_InitSha256(&hash->sha256); ret = wc_InitSha256(&hash->sha256);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA384: case WC_HASH_TYPE_SHA384:
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = wc_InitSha384(&hash->sha384); ret = wc_InitSha384(&hash->sha384);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA512: case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
ret = wc_InitSha512(&hash->sha512); ret = wc_InitSha512(&hash->sha512);
if (ret != 0)
return ret;
#endif #endif
break; break;
@ -280,7 +271,7 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type)
case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_NONE: case WC_HASH_TYPE_NONE:
default: default:
return BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
}; };
return ret; return ret;
@ -298,6 +289,7 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
case WC_HASH_TYPE_MD5: case WC_HASH_TYPE_MD5:
#ifndef NO_MD5 #ifndef NO_MD5
wc_Md5Update(&hash->md5, data, dataSz); wc_Md5Update(&hash->md5, data, dataSz);
ret = 0;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA: case WC_HASH_TYPE_SHA:
@ -310,29 +302,21 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
case WC_HASH_TYPE_SHA224: case WC_HASH_TYPE_SHA224:
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
ret = wc_Sha224Update(&hash->sha224, data, dataSz); ret = wc_Sha224Update(&hash->sha224, data, dataSz);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA256: case WC_HASH_TYPE_SHA256:
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256Update(&hash->sha256, data, dataSz); ret = wc_Sha256Update(&hash->sha256, data, dataSz);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA384: case WC_HASH_TYPE_SHA384:
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = wc_Sha384Update(&hash->sha384, data, dataSz); ret = wc_Sha384Update(&hash->sha384, data, dataSz);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA512: case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
ret = wc_Sha512Update(&hash->sha512, data, dataSz); ret = wc_Sha512Update(&hash->sha512, data, dataSz);
if (ret != 0)
return ret;
#endif #endif
break; break;
@ -342,7 +326,7 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_NONE: case WC_HASH_TYPE_NONE:
default: default:
return BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
}; };
return ret; return ret;
@ -359,41 +343,32 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
case WC_HASH_TYPE_MD5: case WC_HASH_TYPE_MD5:
#ifndef NO_MD5 #ifndef NO_MD5
wc_Md5Final(&hash->md5, out); wc_Md5Final(&hash->md5, out);
ret = 0;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA: case WC_HASH_TYPE_SHA:
#ifndef NO_SHA #ifndef NO_SHA
ret = wc_ShaFinal(&hash->sha, out); ret = wc_ShaFinal(&hash->sha, out);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA224: case WC_HASH_TYPE_SHA224:
#ifdef WOLFSSL_SHA224 #ifdef WOLFSSL_SHA224
ret = wc_Sha224Final(&hash->sha224, out); ret = wc_Sha224Final(&hash->sha224, out);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA256: case WC_HASH_TYPE_SHA256:
#ifndef NO_SHA256 #ifndef NO_SHA256
ret = wc_Sha256Final(&hash->sha256, out); ret = wc_Sha256Final(&hash->sha256, out);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA384: case WC_HASH_TYPE_SHA384:
#ifdef WOLFSSL_SHA384 #ifdef WOLFSSL_SHA384
ret = wc_Sha384Final(&hash->sha384, out); ret = wc_Sha384Final(&hash->sha384, out);
if (ret != 0)
return ret;
#endif #endif
break; break;
case WC_HASH_TYPE_SHA512: case WC_HASH_TYPE_SHA512:
#ifdef WOLFSSL_SHA512 #ifdef WOLFSSL_SHA512
ret = wc_Sha512Final(&hash->sha512, out); ret = wc_Sha512Final(&hash->sha512, out);
if (ret != 0)
return ret;
#endif #endif
break; break;
@ -403,10 +378,10 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
case WC_HASH_TYPE_MD4: case WC_HASH_TYPE_MD4:
case WC_HASH_TYPE_NONE: case WC_HASH_TYPE_NONE:
default: default:
return BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
}; };
return 0; return ret;
} }

33
wolfcrypt/src/tfm.c
View File

@ -2043,26 +2043,26 @@ int fp_leading_bit(fp_int *a)
void fp_lshd(fp_int *a, int x) void fp_lshd(fp_int *a, int x)
{ {
int y; int y;
/* move up and truncate as required */ /* move up and truncate as required */
y = MIN(a->used + x - 1, (int)(FP_SIZE-1)); y = MIN(a->used + x - 1, (int)(FP_SIZE-1));
/* store new size */ /* store new size */
a->used = y + 1; a->used = y + 1;
/* move digits */ /* move digits */
for (; y >= x; y--) { for (; y >= x; y--) {
a->dp[y] = a->dp[y-x]; a->dp[y] = a->dp[y-x];
} }
/* zero lower digits */ /* zero lower digits */
for (; y >= 0; y--) { for (; y >= 0; y--) {
a->dp[y] = 0; a->dp[y] = 0;
} }
/* clamp digits */ /* clamp digits */
fp_clamp(a); fp_clamp(a);
} }
@ -2095,6 +2095,9 @@ void fp_rshb(fp_int *c, int x)
/* set the carry to the carry bits of the current word found above */ /* set the carry to the carry bits of the current word found above */
r = rr; r = rr;
} }
/* clamp digits */
fp_clamp(c);
} }

2
wolfcrypt/src/wc_port.c
View File

@ -264,7 +264,7 @@ wolfSSL_Mutex* wc_InitAndAllocMutex()
{ {
wolfSSL_Mutex* m = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), NULL, wolfSSL_Mutex* m = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), NULL,
DYNAMIC_TYPE_MUTEX); DYNAMIC_TYPE_MUTEX);
if(m && wc_InitMutex(m)) if(m && wc_InitMutex(m) == 0)
return m; return m;
XFREE(m, NULL, DYNAMIC_TYPE_MUTEX); XFREE(m, NULL, DYNAMIC_TYPE_MUTEX);
m = NULL; m = NULL;

2472
wolfcrypt/test/test.c
View File

File diff suppressed because it is too large Load Diff

2
wolfcrypt/user-crypto/src/rsa.c
View File

@ -1950,7 +1950,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL) if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL)
return USER_CRYPTO_ERROR; return USER_CRYPTO_ERROR;
bytSz = sizeof(byte); bytSz = sizeof(byte) * 8;
ret = ippsExtGet_BN(NULL, &sz, NULL, key->e); ret = ippsExtGet_BN(NULL, &sz, NULL, key->e);
if (ret != ippStsNoErr) if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR; return USER_CRYPTO_ERROR;