diff --git a/src/tls.c b/src/tls.c index 5294e7c0a..fcd864e50 100644 --- a/src/tls.c +++ b/src/tls.c @@ -936,66 +936,21 @@ static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash) static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac) { int ret = BAD_FUNC_ARG; + wc_HashAlg hash; + enum wc_HashType hashType = (enum wc_HashType)hmac->macType; + int digestSz = wc_HashGetDigestSize(hashType); + int blockSz = wc_HashGetBlockSize(hashType); - switch (hmac->macType) { - #ifndef NO_SHA - case WC_SHA: - ret = wc_InitSha(&hmac->hash.sha); - if (ret == 0) - ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->opad, - WC_SHA_BLOCK_SIZE); - if (ret == 0) - ret = wc_ShaUpdate(&hmac->hash.sha, (byte*)hmac->innerHash, - WC_SHA_DIGEST_SIZE); - if (ret == 0) - ret = wc_ShaFinal(&hmac->hash.sha, mac); - break; - #endif /* !NO_SHA */ - - #ifndef NO_SHA256 - case WC_SHA256: - ret = wc_InitSha256(&hmac->hash.sha256); - if (ret == 0) - ret = wc_Sha256Update(&hmac->hash.sha256, (byte*)hmac->opad, - WC_SHA256_BLOCK_SIZE); - if (ret == 0) - ret = wc_Sha256Update(&hmac->hash.sha256, - (byte*)hmac->innerHash, - WC_SHA256_DIGEST_SIZE); - if (ret == 0) - ret = wc_Sha256Final(&hmac->hash.sha256, mac); - break; - #endif /* !NO_SHA256 */ - - #ifdef WOLFSSL_SHA384 - case WC_SHA384: - ret = wc_InitSha384(&hmac->hash.sha384); - if (ret == 0) - ret = wc_Sha384Update(&hmac->hash.sha384, (byte*)hmac->opad, - WC_SHA384_BLOCK_SIZE); - if (ret == 0) - ret = wc_Sha384Update(&hmac->hash.sha384, - (byte*)hmac->innerHash, - WC_SHA384_DIGEST_SIZE); - if (ret == 0) - ret = wc_Sha384Final(&hmac->hash.sha384, mac); - break; - #endif /* WOLFSSL_SHA384 */ - - #ifdef WOLFSSL_SHA512 - case WC_SHA512: - ret = wc_InitSha512(&hmac->hash.sha512); - if (ret == 0) - ret = wc_Sha512Update(&hmac->hash.sha512,(byte*)hmac->opad, - WC_SHA512_BLOCK_SIZE); - if (ret == 0) - ret = wc_Sha512Update(&hmac->hash.sha512, - (byte*)hmac->innerHash, - WC_SHA512_DIGEST_SIZE); - if (ret == 0) - ret = wc_Sha512Final(&hmac->hash.sha512, mac); - break; - #endif /* WOLFSSL_SHA512 */ + ret = wc_HashInit(&hash, hashType); + if (ret == 0) { + ret = wc_HashUpdate(&hash, hashType, (byte*)hmac->opad, + blockSz); + if (ret == 0) + ret = wc_HashUpdate(&hash, hashType, (byte*)hmac->innerHash, + digestSz); + if (ret == 0) + ret = wc_HashFinal(&hash, hashType, mac); + wc_HashFree(&hash, hashType); } return ret; @@ -10198,7 +10153,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, return method; } #endif /* WOLFSSL_ALLOW_TLSV10 */ - + #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) /* Gets a WOLFSL_METHOD type that is not set as client or server * diff --git a/tests/api.c b/tests/api.c index dad8bdedb..7f1b890f1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -5277,6 +5277,7 @@ static int test_wc_Sha3_224_Final (void) ret = WOLFSSL_FATAL_ERROR; } } + wc_Sha3_224_Free(&sha3); printf(resultFmt, ret == 0 ? passed : failed); if (ret == 0) { @@ -5370,7 +5371,9 @@ static int test_wc_Sha3_256_Final (void) ret = WOLFSSL_FATAL_ERROR; } } + wc_Sha3_256_Free(&sha3); printf(resultFmt, ret == 0 ? passed : failed); + if (ret == 0) { printf(testingFmt, "wc_Sha3_256_GetHash()"); @@ -5461,7 +5464,9 @@ static int test_wc_Sha3_384_Final (void) ret = WOLFSSL_FATAL_ERROR; } } + wc_Sha3_384_Free(&sha3); printf(resultFmt, ret == 0 ? passed : failed); + if (ret == 0) { printf(testingFmt, "wc_Sha3_384_GetHash()"); @@ -5554,7 +5559,9 @@ static int test_wc_Sha3_512_Final (void) ret = WOLFSSL_FATAL_ERROR; } } + wc_Sha3_512_Free(&sha3); printf(resultFmt, ret == 0 ? passed : failed); + if (ret == 0) { printf(testingFmt, "wc_Sha3_512_GetHash()"); @@ -15387,6 +15394,8 @@ static int test_wc_HashInit(void) ret = 1; break; } + wc_HashFree(&hash, enumArray[i]); + /* check for null ptr */ if (wc_HashInit(NULL, enumArray[i]) != BAD_FUNC_ARG) { ret = 1; @@ -20145,6 +20154,9 @@ static int test_ForceZero(void) unsigned char data[32]; unsigned int i, j, len; + /* Test case with 0 length */ + ForceZero(data, 0); + /* Test ForceZero */ for (i = 0; i < sizeof(data); i++) { for (len = 1; len < sizeof(data) - i; len++) { diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 871ed166e..dbd686475 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -9539,36 +9539,24 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz, ret = wc_HashUpdate(hash, type, secret, secretSz); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif - return ret; + break; } ret = wc_HashUpdate(hash, type, counter, sizeof(counter)); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif - return ret; + break; } if (sinfo) { ret = wc_HashUpdate(hash, type, sinfo, sinfoSz); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif - return ret; + break; } } ret = wc_HashFinal(hash, type, tmp); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif - return ret; + break; } copySz = min(remaining, digestSz); @@ -9578,11 +9566,13 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz, outIdx += copySz; } + wc_HashFree(hash, type); + #ifdef WOLFSSL_SMALL_STACK XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); #endif - return 0; + return ret; } #endif /* HAVE_X963_KDF */ diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index ec6c09cf2..78fdaa189 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -475,8 +475,7 @@ int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type) switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 - wc_InitMd5(&hash->md5); - ret = 0; + ret = wc_InitMd5(&hash->md5); #endif break; case WC_HASH_TYPE_SHA: @@ -533,15 +532,12 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data, switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 - wc_Md5Update(&hash->md5, data, dataSz); - ret = 0; + ret = wc_Md5Update(&hash->md5, data, dataSz); #endif break; case WC_HASH_TYPE_SHA: #ifndef NO_SHA ret = wc_ShaUpdate(&hash->sha, data, dataSz); - if (ret != 0) - return ret; #endif break; case WC_HASH_TYPE_SHA224: @@ -592,8 +588,7 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 - wc_Md5Final(&hash->md5, out); - ret = 0; + ret = wc_Md5Final(&hash->md5, out); #endif break; case WC_HASH_TYPE_SHA: @@ -639,6 +634,68 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) return ret; } +int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) +{ + int ret = HASH_TYPE_E; /* Default to hash type error */ + + if (hash == NULL) + return BAD_FUNC_ARG; + + switch (type) { + case WC_HASH_TYPE_MD5: +#ifndef NO_MD5 + wc_Md5Free(&hash->md5); + ret = 0; +#endif + break; + case WC_HASH_TYPE_SHA: +#ifndef NO_SHA + wc_ShaFree(&hash->sha); + ret = 0; +#endif + break; + case WC_HASH_TYPE_SHA224: +#ifdef WOLFSSL_SHA224 + wc_Sha224Free(&hash->sha224); + ret = 0; +#endif + break; + case WC_HASH_TYPE_SHA256: +#ifndef NO_SHA256 + wc_Sha256Free(&hash->sha256); + ret = 0; +#endif + break; + case WC_HASH_TYPE_SHA384: +#ifdef WOLFSSL_SHA384 + wc_Sha384Free(&hash->sha384); + ret = 0; +#endif + break; + case WC_HASH_TYPE_SHA512: +#ifdef WOLFSSL_SHA512 + wc_Sha512Free(&hash->sha512); + ret = 0; +#endif + break; + + /* not supported */ + case WC_HASH_TYPE_MD5_SHA: + case WC_HASH_TYPE_MD2: + case WC_HASH_TYPE_MD4: + case WC_HASH_TYPE_SHA3_224: + case WC_HASH_TYPE_SHA3_256: + case WC_HASH_TYPE_SHA3_384: + case WC_HASH_TYPE_SHA3_512: + case WC_HASH_TYPE_BLAKE2B: + case WC_HASH_TYPE_NONE: + default: + ret = BAD_FUNC_ARG; + }; + + return ret; +} + #if !defined(WOLFSSL_TI_HASH) @@ -658,12 +715,17 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) return MEMORY_E; #endif - ret = wc_InitMd5(md5); - if (ret == 0) { - ret = wc_Md5Update(md5, data, len); - if (ret == 0) { - ret = wc_Md5Final(md5, hash); + if ((ret = wc_InitMd5(md5)) != 0) { + WOLFSSL_MSG("InitMd5 failed"); + } + else { + if ((ret = wc_Md5Update(md5, data, len)) != 0) { + WOLFSSL_MSG("Md5Update failed"); } + else if ((ret = wc_Md5Final(md5, hash)) != 0) { + WOLFSSL_MSG("Md5Final failed"); + } + wc_Md5Free(md5); } #ifdef WOLFSSL_SMALL_STACK @@ -691,11 +753,16 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) #endif if ((ret = wc_InitSha(sha)) != 0) { - WOLFSSL_MSG("wc_InitSha failed"); + WOLFSSL_MSG("InitSha failed"); } else { - wc_ShaUpdate(sha, data, len); - wc_ShaFinal(sha, hash); + if ((ret = wc_ShaUpdate(sha, data, len)) != 0) { + WOLFSSL_MSG("ShaUpdate failed"); + } + else if ((ret = wc_ShaFinal(sha, hash)) != 0) { + WOLFSSL_MSG("ShaFinal failed"); + } + wc_ShaFree(sha); } #ifdef WOLFSSL_SMALL_STACK diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 9f2d24bee..af9d38fd4 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -296,6 +296,11 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) return BAD_FUNC_ARG; } + /* if set key has already been run then make sure and free existing */ + if (hmac->macType != 0) { + wc_HmacFree(hmac); + } + hmac->innerHashKeyed = 0; hmac->macType = (byte)type; diff --git a/wolfcrypt/src/md5.c b/wolfcrypt/src/md5.c index 64ba4b426..b55fad7ba 100644 --- a/wolfcrypt/src/md5.c +++ b/wolfcrypt/src/md5.c @@ -399,6 +399,10 @@ void wc_Md5Free(wc_Md5* md5) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5) wolfAsync_DevCtxFree(&md5->asyncDev, WOLFSSL_ASYNC_MARKER_MD5); #endif /* WOLFSSL_ASYNC_CRYPT */ + +#ifdef WOLFSSL_PIC32MZ_HASH + wc_Md5Pic32Free(md5); +#endif } int wc_Md5GetHash(wc_Md5* md5, byte* hash) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 40a2910a8..7f7293193 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -897,16 +897,14 @@ static int wc_PKCS7_BuildDigestInfo(PKCS7* pkcs7, byte* flatSignedAttribs, ret = wc_HashUpdate(&esd->hash, esd->hashType, attribSet, attribSetSz); - if (ret < 0) - return ret; + if (ret == 0) + ret = wc_HashUpdate(&esd->hash, esd->hashType, + flatSignedAttribs, flatSignedAttribsSz); + if (ret == 0) + ret = wc_HashFinal(&esd->hash, esd->hashType, + esd->contentAttribsDigest); + wc_HashFree(&esd->hash, esd->hashType); - ret = wc_HashUpdate(&esd->hash, esd->hashType, - flatSignedAttribs, flatSignedAttribsSz); - if (ret < 0) - return ret; - - ret = wc_HashFinal(&esd->hash, esd->hashType, - esd->contentAttribsDigest); if (ret < 0) return ret; @@ -1089,33 +1087,26 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) } hashSz = ret; - ret = wc_HashInit(&esd->hash, esd->hashType); - if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } - if (pkcs7->contentSz != 0) { - ret = wc_HashUpdate(&esd->hash, esd->hashType, - pkcs7->content, pkcs7->contentSz); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; + ret = wc_HashInit(&esd->hash, esd->hashType); + if (ret == 0) { + ret = wc_HashUpdate(&esd->hash, esd->hashType, + pkcs7->content, pkcs7->contentSz); + if (ret == 0) { + esd->contentDigest[0] = ASN_OCTET_STRING; + esd->contentDigest[1] = (byte)hashSz; + ret = wc_HashFinal(&esd->hash, esd->hashType, + &esd->contentDigest[2]); + } + wc_HashFree(&esd->hash, esd->hashType); } - esd->contentDigest[0] = ASN_OCTET_STRING; - esd->contentDigest[1] = (byte)hashSz; - ret = wc_HashFinal(&esd->hash, esd->hashType, - &esd->contentDigest[2]); + if (ret < 0) { #ifdef WOLFSSL_SMALL_STACK XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif - return ret; + return ret; } } @@ -1492,11 +1483,27 @@ static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib, wc_HashAlg hash; enum wc_HashType hashType; + /* check arguments */ if (pkcs7 == NULL || pkcs7Digest == NULL || pkcs7DigestSz == NULL || plainDigest == NULL) { return BAD_FUNC_ARG; } + hashType = wc_OidGetHash(pkcs7->hashOID); + ret = wc_HashGetDigestSize(hashType); + if (ret < 0) + return ret; + hashSz = ret; + + if (signedAttribSz > 0) { + if (signedAttrib == NULL) + return BAD_FUNC_ARG; + } + else { + if (pkcs7->content == NULL) + return BAD_FUNC_ARG; + } + #ifdef WOLFSSL_SMALL_STACK digestInfo = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); @@ -1508,15 +1515,6 @@ static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib, XMEMSET(digest, 0, WC_MAX_DIGEST_SIZE); XMEMSET(digestInfo, 0, MAX_PKCS7_DIGEST_SZ); - hashType = wc_OidGetHash(pkcs7->hashOID); - ret = wc_HashGetDigestSize(hashType); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } - hashSz = ret; /* calculate digest */ ret = wc_HashInit(&hash, hashType); @@ -1528,63 +1526,27 @@ static int wc_PKCS7_BuildSignedDataDigest(PKCS7* pkcs7, byte* signedAttrib, } if (signedAttribSz > 0) { - - if (signedAttrib == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return BAD_FUNC_ARG; - } - attribSetSz = SetSet(signedAttribSz, attribSet); + + /* calculate digest */ ret = wc_HashUpdate(&hash, hashType, attribSet, attribSetSz); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } - - ret = wc_HashUpdate(&hash, hashType, signedAttrib, signedAttribSz); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } - - ret = wc_HashFinal(&hash, hashType, digest); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } - + if (ret == 0) + ret = wc_HashUpdate(&hash, hashType, signedAttrib, signedAttribSz); + if (ret == 0) + ret = wc_HashFinal(&hash, hashType, digest); } else { - - if (pkcs7->content == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return BAD_FUNC_ARG; - } - ret = wc_HashUpdate(&hash, hashType, pkcs7->content, pkcs7->contentSz); - if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - return ret; - } + if (ret == 0) + ret = wc_HashFinal(&hash, hashType, digest); + } - ret = wc_HashFinal(&hash, hashType, digest); - if (ret < 0) { + wc_HashFree(&hash, hashType); + + if (ret < 0) { #ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif - return ret; - } + return ret; } /* Set algoID, with NULL attributes */ diff --git a/wolfcrypt/src/port/pic32/pic32mz-crypt.c b/wolfcrypt/src/port/pic32/pic32mz-crypt.c index 61314d946..9efebb768 100644 --- a/wolfcrypt/src/port/pic32/pic32mz-crypt.c +++ b/wolfcrypt/src/port/pic32/pic32mz-crypt.c @@ -505,6 +505,7 @@ static int wc_Pic32HashUpdate(hashUpdCache* cache, byte* stdBuf, int stdBufLen, XMEMCPY(newBuf, cache->buf, cache->updLen); if (isNewBuf && cache->buf != stdBuf) { XFREE(cache->buf, heap, DYNAMIC_TYPE_HASH_TMP); + cache->buf = NULL; } } XMEMCPY(newBuf + cache->updLen, data, len); @@ -572,6 +573,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, if (cache->buf && cache->buf != stdBuf && !cache->isCopy) { XFREE(cache->buf, heap, DYNAMIC_TYPE_HASH_TMP); + cache->buf = NULL; } } @@ -581,20 +583,27 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, return ret; } +static int wc_Pic32HashFree(hashUpdCache* cache, void* heap) +{ + if (cache && cache->buf && !cache->isCopy) { + XFREE(cache->buf, heap, DYNAMIC_TYPE_HASH_TMP); + cache->buf = NULL; + } +} + /* API's for compatability with Harmony wrappers - not used */ #ifndef NO_MD5 - int wc_InitMd5_ex(Md5* md5, void* heap, int devId) + int wc_InitMd5_ex(wc_Md5* md5, void* heap, int devId) { if (md5 == NULL) return BAD_FUNC_ARG; - XMEMSET(md5, 0, sizeof(Md5)); + XMEMSET(md5, 0, sizeof(wc_Md5)); md5->heap = heap; (void)devId; return 0; } - - int wc_Md5Update(Md5* md5, const byte* data, word32 len) + int wc_Md5Update(wc_Md5* md5, const byte* data, word32 len) { if (md5 == NULL || (data == NULL && len > 0)) return BAD_FUNC_ARG; @@ -602,8 +611,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, sizeof(md5->buffer), md5->digest, MD5_DIGEST_SIZE, data, len, PIC32_ALGO_MD5, md5->heap); } - - int wc_Md5Final(Md5* md5, byte* hash) + int wc_Md5Final(wc_Md5* md5, byte* hash) { int ret; @@ -618,8 +626,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, return ret; } - - void wc_Md5SizeSet(Md5* md5, word32 len) + void wc_Md5SizeSet(wc_Md5* md5, word32 len) { if (md5) { #ifdef WOLFSSL_PIC32MZ_LARGE_HASH @@ -629,20 +636,25 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, #endif } } + void wc_Md5Pic32Free(wc_Md5* md5) + { + if (md5) { + wc_Pic32HashFree(&md5->cache, md5->heap); + } + } #endif /* !NO_MD5 */ #ifndef NO_SHA - int wc_InitSha_ex(Sha* sha, void* heap, int devId) + int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId) { if (sha == NULL) return BAD_FUNC_ARG; - XMEMSET(sha, 0, sizeof(Sha)); + XMEMSET(sha, 0, sizeof(wc_Sha)); sha->heap = heap; (void)devId; return 0; } - - int wc_ShaUpdate(Sha* sha, const byte* data, word32 len) + int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len) { if (sha == NULL || (data == NULL && len > 0)) return BAD_FUNC_ARG; @@ -650,8 +662,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, sizeof(sha->buffer), sha->digest, SHA_DIGEST_SIZE, data, len, PIC32_ALGO_SHA1, sha->heap); } - - int wc_ShaFinal(Sha* sha, byte* hash) + int wc_ShaFinal(wc_Sha* sha, byte* hash) { int ret; @@ -666,7 +677,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, return ret; } - void wc_ShaSizeSet(Sha* sha, word32 len) + void wc_ShaSizeSet(wc_Sha* sha, word32 len) { if (sha) { #ifdef WOLFSSL_PIC32MZ_LARGE_HASH @@ -676,20 +687,25 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, #endif } } + void wc_ShaPic32Free(wc_Sha* sha) + { + if (sha) { + wc_Pic32HashFree(&sha->cache, sha->heap); + } + } #endif /* !NO_SHA */ #ifndef NO_SHA256 - int wc_InitSha256_ex(Sha256* sha256, void* heap, int devId) + int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId) { if (sha256 == NULL) return BAD_FUNC_ARG; - XMEMSET(sha256, 0, sizeof(Sha256)); + XMEMSET(sha256, 0, sizeof(wc_Sha256)); sha256->heap = heap; (void)devId; return 0; } - - int wc_Sha256Update(Sha256* sha256, const byte* data, word32 len) + int wc_Sha256Update(wc_Sha256* sha256, const byte* data, word32 len) { if (sha256 == NULL || (data == NULL && len > 0)) return BAD_FUNC_ARG; @@ -697,8 +713,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, sizeof(sha256->buffer), sha256->digest, SHA256_DIGEST_SIZE, data, len, PIC32_ALGO_SHA256, sha256->heap); } - - int wc_Sha256Final(Sha256* sha256, byte* hash) + int wc_Sha256Final(wc_Sha256* sha256, byte* hash) { int ret; @@ -713,8 +728,7 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, return ret; } - - void wc_Sha256SizeSet(Sha256* sha256, word32 len) + void wc_Sha256SizeSet(wc_Sha256* sha256, word32 len) { if (sha256) { #ifdef WOLFSSL_PIC32MZ_LARGE_HASH @@ -724,8 +738,14 @@ static int wc_Pic32HashFinal(hashUpdCache* cache, byte* stdBuf, #endif } } + void wc_Sha256Pic32Free(wc_Sha256* sha256) + { + if (sha256) { + wc_Pic32HashFree(&sha256->cache, sha256->heap); + } + } #endif /* !NO_SHA256 */ -#endif +#endif /* WOLFSSL_PIC32MZ_HASH */ #ifdef WOLFSSL_PIC32MZ_CRYPT diff --git a/wolfcrypt/src/pwdbased.c b/wolfcrypt/src/pwdbased.c index cadd1c892..57d46e9a0 100644 --- a/wolfcrypt/src/pwdbased.c +++ b/wolfcrypt/src/pwdbased.c @@ -142,6 +142,8 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen, } } + wc_HashFree(hash, hashT); + #ifdef WOLFSSL_SMALL_STACK XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX); #endif @@ -308,6 +310,8 @@ static int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen, ret = wc_HashFinal(hash, hashT, Ai); } + wc_HashFree(hash, hashT); + #ifdef WOLFSSL_SMALL_STACK XFREE(hash, NULL, DYNAMIC_TYPE_HASHCTX); #endif diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 38b14f557..f8f84e1a5 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -553,6 +553,10 @@ void wc_ShaFree(wc_Sha* sha) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA) wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA); #endif /* WOLFSSL_ASYNC_CRYPT */ + +#ifdef WOLFSSL_PIC32MZ_HASH + wc_ShaPic32Free(sha); +#endif } #endif /* !WOLFSSL_TI_HASH */ diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 5a6aa9a53..98c397a64 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -2707,6 +2707,10 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256, #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224) wolfAsync_DevCtxFree(&sha224->asyncDev, WOLFSSL_ASYNC_MARKER_SHA224); #endif /* WOLFSSL_ASYNC_CRYPT */ + + #ifdef WOLFSSL_PIC32MZ_HASH + wc_Sha256Pic32Free(sha224); + #endif } #endif /* WOLFSSL_SHA224 */ @@ -2731,6 +2735,10 @@ void wc_Sha256Free(wc_Sha256* sha256) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256) wolfAsync_DevCtxFree(&sha256->asyncDev, WOLFSSL_ASYNC_MARKER_SHA256); #endif /* WOLFSSL_ASYNC_CRYPT */ + +#ifdef WOLFSSL_PIC32MZ_HASH + wc_Sha256Pic32Free(sha256); +#endif } #endif /* !WOLFSSL_TI_HASH */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 08644ee25..cae8bf516 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -2789,6 +2789,7 @@ int hash_test(void) ret = wc_HashFinal(&hash, typesBad[i], out); if (ret != BAD_FUNC_ARG) return -2927 - i; + wc_HashFree(&hash, typesBad[i]); } /* Try valid hash algorithms. */ @@ -2808,6 +2809,7 @@ int hash_test(void) ret = wc_HashFinal(&hash, typesGood[i], out); if (ret != exp_ret) return -2957 - i; + wc_HashFree(&hash, typesGood[i]); digestSz = wc_HashGetDigestSize(typesGood[i]); if (exp_ret < 0 && digestSz != exp_ret) diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 698fa51e3..db16d41d1 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -134,7 +134,7 @@ WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data, word32 dataSz); WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out); - +WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); #ifndef NO_MD5 #include diff --git a/wolfssl/wolfcrypt/mem_track.h b/wolfssl/wolfcrypt/mem_track.h index 4689eb51f..d964aadae 100644 --- a/wolfssl/wolfcrypt/mem_track.h +++ b/wolfssl/wolfcrypt/mem_track.h @@ -123,7 +123,7 @@ mt->u.hint.thisSize = sz; mt->u.hint.thisMemory = (byte*)mt + sizeof(memoryTrack); -#ifdef WOLFSSL_DEBUG_MEMORY +#ifdef WOLFSSL_DEBUG_MEMORY_PRINT printf("Alloc: %p -> %u at %s:%d\n", mt->u.hint.thisMemory, (word32)sz, func, line); #endif @@ -159,7 +159,7 @@ ourMemStats.totalDeallocs++; #endif -#ifdef WOLFSSL_DEBUG_MEMORY +#ifdef WOLFSSL_DEBUG_MEMORY_PRINT printf("Free: %p -> %u at %s:%d\n", ptr, (word32)mt->u.hint.thisSize, func, line); #endif diff --git a/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h b/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h index 354c832c4..0c81d23d8 100644 --- a/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h +++ b/wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h @@ -52,7 +52,6 @@ /* requires exclusive access to crypto hardware done at application layer */ #define WOLFSSL_PIC32MZ_LARGE_HASH - #include #include #include @@ -200,7 +199,21 @@ int wc_Pic32DesCrypt(word32 *key, int keyLen, word32 *iv, int ivLen, int wc_Pic32Hash(const byte* in, int inLen, word32* out, int outLen, int algo); int wc_Pic32HashCopy(hashUpdCache* src, hashUpdCache* dst); + +#ifndef NO_MD5 +struct wc_Md5; +void wc_Md5Pic32Free(struct wc_Md5* md5); #endif +#ifndef NO_SHA +struct wc_Sha; +void wc_ShaPic32Free(struct wc_Sha* sha); +#endif + +#ifndef NO_SHA256 +struct wc_Sha256; +void wc_Sha256Pic32Free(struct wc_Sha256* sha256); +#endif +#endif /* WOLFSSL_PIC32MZ_HASH */ #endif /* WOLFSSL_MICROCHIP_PIC32MZ */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 3ae818a55..9a6733ca7 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -250,9 +250,15 @@ #endif #ifdef WOLFSSL_MICROCHIP_PIC32MZ - #define WOLFSSL_PIC32MZ_CRYPT - #define WOLFSSL_PIC32MZ_RNG - #define WOLFSSL_PIC32MZ_HASH + #ifndef NO_PIC32MZ_CRYPT + #define WOLFSSL_PIC32MZ_CRYPT + #endif + #ifndef NO_PIC32MZ_RNG + #define WOLFSSL_PIC32MZ_RNG + #endif + #ifndef NO_PIC32MZ_HASH + #define WOLFSSL_PIC32MZ_HASH + #endif #endif #ifdef MICROCHIP_TCPIP_V5