From d2938dd13a3261b3464b648ce6c3997d8db51319 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 6 Nov 2017 08:25:35 -0800 Subject: [PATCH 1/2] Fix for building with TI using new names. Update TI settings for timing, blinding and strtok_r. --- wolfssl/wolfcrypt/port/ti/ti-hash.h | 8 ++++---- wolfssl/wolfcrypt/settings.h | 3 +++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/wolfssl/wolfcrypt/port/ti/ti-hash.h b/wolfssl/wolfcrypt/port/ti/ti-hash.h index 081f4971b..361993896 100644 --- a/wolfssl/wolfcrypt/port/ti/ti-hash.h +++ b/wolfssl/wolfcrypt/port/ti/ti-hash.h @@ -44,16 +44,16 @@ typedef struct { #ifndef TI_HASH_TEST #if !defined(NO_MD5) - typedef wolfssl_TI_Hash Md5; + typedef wolfssl_TI_Hash wc_Md5; #endif #if !defined(NO_SHA) - typedef wolfssl_TI_Hash Sha; + typedef wolfssl_TI_Hash wc_Sha; #endif #if !defined(NO_SHA256) - typedef wolfssl_TI_Hash Sha256; + typedef wolfssl_TI_Hash wc_Sha256; #endif #if defined(WOLFSSL_SHA224) - typedef wolfssl_TI_Hash Sha224; + typedef wolfssl_TI_Hash wc_Sha224; #endif #endif /* !TI_HASH_TEST */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index b23b838df..a27959a7f 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -591,6 +591,8 @@ extern void uITRON4_free(void *p) ; #define NO_WOLFSSL_DIR #define USE_FAST_MATH #define TFM_TIMING_RESISTANT + #define ECC_TIMING_RESISTANT + #define WC_RSA_BLINDING #define NO_DEV_RANDOM #define NO_FILESYSTEM #define USE_CERT_BUFFERS_2048 @@ -598,6 +600,7 @@ extern void uITRON4_free(void *p) ; #define USER_TIME #define HAVE_ECC #define HAVE_ALPN + #define USE_WOLF_STRTOK /* use with HAVE_ALPN */ #define HAVE_TLS_EXTENSIONS #define HAVE_AESGCM #define HAVE_SUPPORTED_CURVES From 096e850adb4ce84778ffb224b031752c21d8f0c0 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 6 Nov 2017 13:59:36 -0800 Subject: [PATCH 2/2] Fix a few places where there are break; and break; when TLS 1.3 is not defined. Fix TIRTOS logic for XSTRNCASECMP and XSTRTOK. --- src/tls.c | 4 ++-- wolfssl/wolfcrypt/types.h | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/tls.c b/src/tls.c index 2177d9b65..c1c50c986 100644 --- a/src/tls.c +++ b/src/tls.c @@ -8100,8 +8100,8 @@ word16 TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType) XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); -#endif break; +#endif #ifdef WOLFSSL_TLS13 case encrypted_extensions: TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); @@ -8186,8 +8186,8 @@ word16 TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType) case hello_retry_request: XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); -#endif break; +#endif #ifdef WOLFSSL_TLS13 case encrypted_extensions: TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index e75a689a5..44b35e43c 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -309,7 +309,7 @@ #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) - #ifdef MICROCHIP_PIC32 + #if defined(MICROCHIP_PIC32) || defined(WOLFSSL_TIRTOS) /* XC32 does not support strncasecmp, so use case sensitive one */ #define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n)) #elif defined(USE_WINDOWS_API) @@ -327,16 +327,16 @@ #if defined(WOLFSSL_CERT_EXT) || defined(HAVE_ALPN) /* use only Thread Safe version of strtok */ - #if !defined(USE_WINDOWS_API) && !defined(INTIME_RTOS) - #define XSTRTOK strtok_r - #elif defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \ + #if defined(__MINGW32__) || defined(WOLFSSL_TIRTOS) || \ defined(USE_WOLF_STRTOK) #ifndef USE_WOLF_STRTOK #define USE_WOLF_STRTOK #endif #define XSTRTOK wc_strtok - #else + #elif defined(USE_WINDOWS_API) || defined(INTIME_RTOS) #define XSTRTOK strtok_s + #else + #define XSTRTOK strtok_r #endif #endif #endif