feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

ECDSA sign_k allocated when not WOLFSSL_NO_MALLOC

Browse Source 
Fix up other WOLFSSL_NO_MALLOC issues.
This commit is contained in:
Sean Parkinson
2022-09-05 10:22:03 +10:00
parent cef590131a
commit 4ac113d135
5 changed files with 391 additions and 284 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
wolfcrypt/src/dh.c
View File

@ -1076,13 +1076,14 @@ static int CheckDhLN(int modLen, int divLen)
static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv, static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
word32* privSz) word32* privSz)
{ {
byte* cBuf;
int qSz, pSz, cSz, err; int qSz, pSz, cSz, err;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* tmpQ = NULL; mp_int* tmpQ = NULL;
mp_int* tmpX = NULL; mp_int* tmpX = NULL;
byte* cBuf = NULL;
#else #else
mp_int tmpQ[1], tmpX[1]; mp_int tmpQ[1], tmpX[1];
byte cBuf[DH_MAX_SIZE + 64 / WOLFSSL_BIT_SIZE];
#endif #endif
/* Parameters validated in calling functions. */ /* Parameters validated in calling functions. */
@ -1105,11 +1106,11 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
/* generate extra 64 bits so that bias from mod function is negligible */ /* generate extra 64 bits so that bias from mod function is negligible */
cSz = *privSz + (64 / WOLFSSL_BIT_SIZE); cSz = *privSz + (64 / WOLFSSL_BIT_SIZE);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER); cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (cBuf == NULL) { if (cBuf == NULL) {
return MEMORY_E; return MEMORY_E;
} }
#ifdef WOLFSSL_SMALL_STACK
tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (tmpQ == NULL) { if (tmpQ == NULL) {
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
@ -1126,8 +1127,8 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL)) if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL))
!= MP_OKAY) { != MP_OKAY) {
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#endif #endif
@ -1148,8 +1149,8 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
if (err != MP_OKAY) { if (err != MP_OKAY) {
mp_clear(tmpX); mp_clear(tmpX);
mp_clear(tmpQ); mp_clear(tmpQ);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#endif #endif
@ -1158,7 +1159,9 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
} while (mp_cmp_d(tmpX, 1) != MP_GT); } while (mp_cmp_d(tmpX, 1) != MP_GT);
ForceZero(cBuf, cSz); ForceZero(cBuf, cSz);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
/* tmpQ: M = min(2^N,q) - 1 */ /* tmpQ: M = min(2^N,q) - 1 */
if (err == MP_OKAY) if (err == MP_OKAY)
@ -1195,7 +1198,7 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
mp_forcezero(tmpX); mp_forcezero(tmpX);
mp_clear(tmpQ); mp_clear(tmpQ);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH); XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#elif defined(WOLFSSL_CHECK_MEM_ZERO) #elif defined(WOLFSSL_CHECK_MEM_ZERO)
@ -1287,7 +1290,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
int ret = 0; int ret = 0;
#ifndef WOLFSSL_SP_MATH #ifndef WOLFSSL_SP_MATH
word32 binSz = 0; word32 binSz = 0;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* x; mp_int* x;
mp_int* y; mp_int* y;
#else #else
@ -1312,7 +1315,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
#endif #endif
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (x == NULL) if (x == NULL)
return MEMORY_E; return MEMORY_E;
@ -1323,7 +1326,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
} }
#endif #endif
if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY) { if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(y, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif #endif
@ -1351,7 +1354,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
mp_clear(y); mp_clear(y);
mp_clear(x); mp_clear(x);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(y, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif #endif
@ -1470,7 +1473,7 @@ static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
const byte* prime, word32 primeSz, int partial) const byte* prime, word32 primeSz, int partial)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* y = NULL; mp_int* y = NULL;
mp_int* p = NULL; mp_int* p = NULL;
mp_int* q = NULL; mp_int* q = NULL;
@ -1484,7 +1487,7 @@ static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (y == NULL) if (y == NULL)
return MEMORY_E; return MEMORY_E;
@ -1502,7 +1505,7 @@ static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
#endif #endif
if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) { if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(q, key->heap, DYNAMIC_TYPE_DH); XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(p, key->heap, DYNAMIC_TYPE_DH); XFREE(p, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(y, key->heap, DYNAMIC_TYPE_DH);
@ -1602,7 +1605,7 @@ static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
RESTORE_VECTOR_REGISTERS(); RESTORE_VECTOR_REGISTERS();
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(q, key->heap, DYNAMIC_TYPE_DH); XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(p, key->heap, DYNAMIC_TYPE_DH); XFREE(p, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(y, key->heap, DYNAMIC_TYPE_DH);
@ -1691,7 +1694,7 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
const byte* prime, word32 primeSz) const byte* prime, word32 primeSz)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* x = NULL; mp_int* x = NULL;
mp_int* q = NULL; mp_int* q = NULL;
#else #else
@ -1703,7 +1706,7 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (x == NULL) if (x == NULL)
return MEMORY_E; return MEMORY_E;
@ -1715,7 +1718,7 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
#endif #endif
if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) { if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(q, key->heap, DYNAMIC_TYPE_DH); XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif #endif
@ -1765,7 +1768,7 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
mp_forcezero(x); mp_forcezero(x);
mp_clear(q); mp_clear(q);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(q, key->heap, DYNAMIC_TYPE_DH); XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#elif defined(WOLFSSL_CHECK_MEM_ZERO) #elif defined(WOLFSSL_CHECK_MEM_ZERO)
@ -1796,7 +1799,7 @@ int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz)
static int _ffc_pairwise_consistency_test(DhKey* key, static int _ffc_pairwise_consistency_test(DhKey* key,
const byte* pub, word32 pubSz, const byte* priv, word32 privSz) const byte* pub, word32 pubSz, const byte* priv, word32 privSz)
{ {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* publicKey = NULL; mp_int* publicKey = NULL;
mp_int* privateKey = NULL; mp_int* privateKey = NULL;
mp_int* checkKey = NULL; mp_int* checkKey = NULL;
@ -1812,7 +1815,7 @@ static int _ffc_pairwise_consistency_test(DhKey* key,
if (mp_iseven(&key->p) == MP_YES) if (mp_iseven(&key->p) == MP_YES)
return MP_VAL; return MP_VAL;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (publicKey == NULL) if (publicKey == NULL)
return MEMORY_E; return MEMORY_E;
@ -1832,7 +1835,7 @@ static int _ffc_pairwise_consistency_test(DhKey* key,
if (mp_init_multi(publicKey, privateKey, checkKey, if (mp_init_multi(publicKey, privateKey, checkKey,
NULL, NULL, NULL) != MP_OKAY) { NULL, NULL, NULL) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH); XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH); XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
@ -1902,7 +1905,7 @@ static int _ffc_pairwise_consistency_test(DhKey* key,
RESTORE_VECTOR_REGISTERS(); RESTORE_VECTOR_REGISTERS();
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH); XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH); XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH); XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
@ -1966,7 +1969,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz) const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* y = NULL; mp_int* y = NULL;
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
mp_int* x = NULL; mp_int* x = NULL;
@ -1995,7 +1998,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
} }
#endif #endif
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH); y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (y == NULL) if (y == NULL)
return MEMORY_E; return MEMORY_E;
@ -2032,7 +2035,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
RESTORE_VECTOR_REGISTERS(); RESTORE_VECTOR_REGISTERS();
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
XFREE(z, key->heap, DYNAMIC_TYPE_DH); XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@ -2059,7 +2062,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
RESTORE_VECTOR_REGISTERS(); RESTORE_VECTOR_REGISTERS();
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
XFREE(z, key->heap, DYNAMIC_TYPE_DH); XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@ -2086,7 +2089,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
RESTORE_VECTOR_REGISTERS(); RESTORE_VECTOR_REGISTERS();
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
XFREE(z, key->heap, DYNAMIC_TYPE_DH); XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@ -2100,7 +2103,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY) { if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(z, key->heap, DYNAMIC_TYPE_DH); XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH); XFREE(y, key->heap, DYNAMIC_TYPE_DH);
@ -2147,7 +2150,7 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
ret = WC_KEY_SIZE_E; ret = WC_KEY_SIZE_E;
#endif #endif
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_SP_MATH) #if !defined(WOLFSSL_SP_MATH)
XFREE(z, key->heap, DYNAMIC_TYPE_DH); XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH); XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@ -2851,7 +2854,7 @@ int wc_DhCopyNamedKey(int name,
/* modulus_size in bits */ /* modulus_size in bits */
int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh) int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
{ {
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int *tmp = NULL, *tmp2 = NULL; mp_int *tmp = NULL, *tmp2 = NULL;
#else #else
mp_int tmp[1], tmp2[2]; mp_int tmp[1], tmp2[2];
@ -2908,7 +2911,7 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
if (ret == 0) if (ret == 0)
ret = wc_RNG_GenerateBlock(rng, buf, bufSz); ret = wc_RNG_GenerateBlock(rng, buf, bufSz);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (ret == 0) { if (ret == 0) {
if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) || if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL)) ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
@ -3022,7 +3025,7 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
} }
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (tmp != NULL) { if (tmp != NULL) {
mp_clear(tmp); mp_clear(tmp);
XFREE(tmp, NULL, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(tmp, NULL, DYNAMIC_TYPE_WOLF_BIGINT);

94
wolfcrypt/src/ecc.c
View File

@ -5615,10 +5615,11 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
} }
#endif /* ALT_ECC_SIZE */ #endif /* ALT_ECC_SIZE */
#endif /* WOLFSSL_ATECC508A */ #endif /* WOLFSSL_ATECC508A */
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if (defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)) && \
ret = mp_init(&key->sign_k); defined(WOLFSSL_NO_MALLOC)
ret = mp_init(key->sign_k);
if (ret != MP_OKAY) { if (ret != MP_OKAY) {
return MEMORY_E; return MEMORY_E;
} }
@ -6078,15 +6079,46 @@ static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key)
} }
if (err == MP_OKAY) { if (err == MP_OKAY) {
#ifndef WOLFSSL_NO_MALLOC
/* if key->sign_k is NULL then create a buffer for the mp_int
* if not NULL then assume the user correctly set deterministic flag and
* that the key->sign_k holds a previously malloc'd mp_int buffer */
if (key->sign_k == NULL) {
key->sign_k = (mp_int*)XMALLOC(sizeof(mp_int), key->heap,
DYNAMIC_TYPE_ECC);
}
if (key->sign_k != NULL) {
/* currently limiting to SHA256 for auto create */
if (mp_init(key->sign_k) != MP_OKAY ||
wc_ecc_gen_deterministic_k(in, inlen,
WC_HASH_TYPE_SHA256, &key->k, key->sign_k,
curve->order, key->heap) != 0) {
mp_free(key->sign_k);
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
key->sign_k = NULL;
err = ECC_PRIV_KEY_E;
}
#ifdef WOLFSSL_CHECK_MEM_ZERO
else {
mp_memzero_add("deterministic_sign_helper sign_k", key->sign_k);
}
#endif
}
else {
err = MEMORY_E;
}
#else
key->sign_k_set = 0; key->sign_k_set = 0;
/* currently limiting to SHA256 for auto create */ /* currently limiting to SHA256 for auto create */
if (wc_ecc_gen_deterministic_k(in, inlen, WC_HASH_TYPE_SHA256, &key->k, if (wc_ecc_gen_deterministic_k(in, inlen, WC_HASH_TYPE_SHA256, &key->k,
&key->sign_k, curve->order, key->heap) != 0) { key->sign_k, curve->order, key->heap) != 0) {
err = ECC_PRIV_KEY_E; err = ECC_PRIV_KEY_E;
} }
else { else {
key->sign_k_set = 1; key->sign_k_set = 1;
} }
#endif
} }
wc_ecc_curve_free(curve); wc_ecc_curve_free(curve);
@ -6161,19 +6193,30 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
if (key->sign_k_set) { #ifndef WOLFSSL_NO_MALLOC
if (key->sign_k != NULL)
#else
if (key->sign_k_set)
#endif
{
if (loop_check > 1) { if (loop_check > 1) {
err = RNG_FAILURE_E; err = RNG_FAILURE_E;
break; break;
} }
/* use provided sign_k */ /* use provided sign_k */
err = mp_copy(&key->sign_k, &pubkey->k); err = mp_copy(key->sign_k, &pubkey->k);
if (err != MP_OKAY) break; if (err != MP_OKAY) break;
/* free sign_k, so only used once */ /* free sign_k, so only used once */
mp_forcezero(&key->sign_k); mp_forcezero(key->sign_k);
#ifndef WOLFSSL_NO_MALLOC
mp_free(key->sign_k);
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
key->sign_k = NULL;
#else
key->sign_k_set = 0; key->sign_k_set = 0;
#endif
#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
loop_check = 64; loop_check = 64;
#endif #endif
@ -6355,7 +6398,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \
|| defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ || defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
mp_int* sign_k = &key->sign_k; mp_int* sign_k = key->sign_k;
#else #else
mp_int* sign_k = NULL; mp_int* sign_k = NULL;
#endif #endif
@ -6968,15 +7011,30 @@ int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key)
return ret; return ret;
} }
if (ret == 0) { #ifndef WOLFSSL_NO_MALLOC
ret = mp_read_unsigned_bin(&key->sign_k, k, klen); if (key->sign_k == NULL) {
key->sign_k = (mp_int*)XMALLOC(sizeof(mp_int), key->heap,
DYNAMIC_TYPE_ECC);
if (key->sign_k) {
ret = mp_init(key->sign_k);
}
else {
ret = MEMORY_E;
}
} }
if (ret == 0 && mp_cmp(&key->sign_k, curve->order) != MP_LT) { #endif
if (ret == 0) {
ret = mp_read_unsigned_bin(key->sign_k, k, klen);
}
if (ret == 0 && mp_cmp(key->sign_k, curve->order) != MP_LT) {
ret = MP_VAL; ret = MP_VAL;
} }
#ifdef WOLFSSL_NO_MALLOC
if (ret == 0) { if (ret == 0) {
key->sign_k_set = 1; key->sign_k_set = 1;
} }
#endif
wc_ecc_curve_free(curve); wc_ecc_curve_free(curve);
FREE_CURVE_SPECS(); FREE_CURVE_SPECS();
@ -7023,8 +7081,16 @@ int wc_ecc_free(ecc_key* key)
} }
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP)
mp_forcezero(&key->sign_k); #ifndef WOLFSSL_NO_MALLOC
mp_free(&key->sign_k); if (key->sign_k != NULL)
#endif
{
mp_forcezero(key->sign_k);
mp_free(key->sign_k);
#ifndef WOLFSSL_NO_MALLOC
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
#endif
}
#endif #endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)

484
wolfcrypt/test/test.c
View File

File diff suppressed because it is too large Load Diff

24
wolfssl/wolfcrypt/dh.h
View File

@ -96,6 +96,30 @@ enum {
#define WC_DH_PRIV_MAX_SZ 52 #define WC_DH_PRIV_MAX_SZ 52
#endif #endif
#ifndef DH_MAX_SIZE
#ifdef USE_FAST_MATH
/* FP implementation support numbers up to FP_MAX_BITS / 2 bits. */
#define DH_MAX_SIZE (FP_MAX_BITS / 2)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs FP_MAX_BITS at least at 16384"
#endif
#elif defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
/* SP implementation supports numbers of SP_INT_BITS bits. */
#define DH_MAX_SIZE (((SP_INT_BITS + 7) / 8) * 8)
#if defined(WOLFSSL_MYSQL_COMPATIBLE) && DH_MAX_SIZE < 8192
#error "MySQL needs SP_INT_BITS at least at 8192"
#endif
#else
#ifdef WOLFSSL_MYSQL_COMPATIBLE
/* Integer maths is dynamic but we only go up to 8192 bits. */
#define DH_MAX_SIZE 8192
#else
/* Integer maths is dynamic but we only go up to 4096 bits. */
#define DH_MAX_SIZE 4096
#endif
#endif
#endif
#ifdef HAVE_PUBLIC_FFDHE #ifdef HAVE_PUBLIC_FFDHE
#ifdef HAVE_FFDHE_2048 #ifdef HAVE_FFDHE_2048
WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void); WOLFSSL_API const DhParams* wc_Dh_ffdhe2048_Get(void);

6
wolfssl/wolfcrypt/ecc.h
View File

@ -494,9 +494,13 @@ struct ecc_key {
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
mp_int sign_k; #ifndef WOLFSSL_NO_MALLOC
mp_int* sign_k;
#else
mp_int sign_k[1];
byte sign_k_set:1; byte sign_k_set:1;
#endif #endif
#endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ #if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
byte deterministic:1; byte deterministic:1;