feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Regression testing: memory allocation failure

Browse Source 
Fixes from memory allocation failure testing.
Also:
fix asn.c to have ifdef protection around code compiled in with dual
algorithm certificates.
  fix test_tls13_rpk_handshake() to support no TLS 1.2 or no TLS 1.3.
fix wc_xmss_sigsleft() to initialize the index to avoid compilation
error.
This commit is contained in:
Sean Parkinson
2024-06-27 17:17:53 +10:00
parent 474b8a0673
commit 4d56cc1790
9 changed files with 191 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/crl.c
View File

@@ -121,7 +121,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer, wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer,
dcrl->issuerSz); dcrl->issuerSz);
if (crle->issuer == NULL) { if (crle->issuer == NULL) {
return WOLFSSL_FAILURE; return -1;
} }
#endif #endif
#ifdef CRL_STATIC_REVOKED_LIST #ifdef CRL_STATIC_REVOKED_LIST

3
src/internal.c
View File

@@ -13495,6 +13495,9 @@ int SetupStoreCtxCallback(WOLFSSL_X509_STORE_CTX** store_pt,
store->current_cert = x509; store->current_cert = x509;
*x509Free = 1; *x509Free = 1;
} }
else {
goto mem_error;
}
} }
#endif #endif
#ifdef SESSION_CERTS #ifdef SESSION_CERTS

35
src/ssl.c
View File

@@ -5437,6 +5437,25 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
if (!signer) if (!signer)
ret = MEMORY_ERROR; ret = MEMORY_ERROR;
} }
#ifdef WOLFSSL_DUAL_ALG_CERTS
if (ret == 0 && signer != NULL) {
if (cert->extSapkiSet && cert->sapkiLen > 0) {
/* Allocated space for alternative public key. */
signer->sapkiDer = (byte*)XMALLOC(cert->sapkiLen, cm->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
if (signer->sapkiDer == NULL) {
ret = MEMORY_E;
}
else {
XMEMCPY(signer->sapkiDer, cert->sapkiDer, cert->sapkiLen);
signer->sapkiLen = cert->sapkiLen;
signer->sapkiOID = cert->sapkiOID;
}
}
}
#endif /* WOLFSSL_DUAL_ALG_CERTS */
#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL) #if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
if (ret == 0 && signer != NULL) if (ret == 0 && signer != NULL)
ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash); ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
@@ -5454,22 +5473,6 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
signer->pubKeySize = cert->pubKeySize; signer->pubKeySize = cert->pubKeySize;
} }
#ifdef WOLFSSL_DUAL_ALG_CERTS
if (cert->extSapkiSet && cert->sapkiLen > 0) {
/* Allocated space for alternative public key. */
signer->sapkiDer = (byte*)XMALLOC(cert->sapkiLen, cm->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
if (signer->sapkiDer == NULL) {
ret = MEMORY_E;
}
else {
XMEMCPY(signer->sapkiDer, cert->sapkiDer, cert->sapkiLen);
signer->sapkiLen = cert->sapkiLen;
signer->sapkiOID = cert->sapkiOID;
}
}
#endif /* WOLFSSL_DUAL_ALG_CERTS */
if (cert->subjectCNStored) { if (cert->subjectCNStored) {
signer->nameLen = cert->subjectCNLen; signer->nameLen = cert->subjectCNLen;
signer->name = cert->subjectCN; signer->name = cert->subjectCN;

4
src/ssl_load.c
View File

@@ -5202,6 +5202,8 @@ static int wolfssl_set_tmp_dh(WOLFSSL* ssl, unsigned char* p, int pSz,
/* Allocate space for cipher suites. */ /* Allocate space for cipher suites. */
if ((ret == 1) && (AllocateSuites(ssl) != 0)) { if ((ret == 1) && (AllocateSuites(ssl) != 0)) {
ssl->buffers.serverDH_P.buffer = NULL;
ssl->buffers.serverDH_G.buffer = NULL;
ret = 0; ret = 0;
} }
if (ret == 1) { if (ret == 1) {
@@ -5249,8 +5251,6 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
pAlloc = (byte*)XMALLOC(pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); pAlloc = (byte*)XMALLOC(pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
gAlloc = (byte*)XMALLOC(gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); gAlloc = (byte*)XMALLOC(gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if ((pAlloc == NULL) || (gAlloc == NULL)) { if ((pAlloc == NULL) || (gAlloc == NULL)) {
XFREE(pAlloc, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(gAlloc, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ret = MEMORY_E; ret = MEMORY_E;
} }
} }

24
src/tls13.c
View File

@@ -9691,6 +9691,7 @@ static void FreeDcv13Args(WOLFSSL* ssl, void* pArgs)
} }
#ifdef WOLFSSL_DUAL_ALG_CERTS #ifdef WOLFSSL_DUAL_ALG_CERTS
#ifndef NO_RSA
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a /* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* RSA public key. Convert it into a usable public key. */ * RSA public key. Convert it into a usable public key. */
static int decodeRsaKey(WOLFSSL* ssl) static int decodeRsaKey(WOLFSSL* ssl)
@@ -9714,7 +9715,9 @@ static int decodeRsaKey(WOLFSSL* ssl)
return 0; return 0;
} }
#endif /* !NO_RSA */
#ifdef HAVE_ECC
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a /* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* ECC public key. Convert it into a usable public key. */ * ECC public key. Convert it into a usable public key. */
static int decodeEccKey(WOLFSSL* ssl) static int decodeEccKey(WOLFSSL* ssl)
@@ -9738,7 +9741,9 @@ static int decodeEccKey(WOLFSSL* ssl)
return 0; return 0;
} }
#endif /* HAVE_ECC */
#ifdef HAVE_DILITHIUM
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a /* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* dilithium public key. Convert it into a usable public key. */ * dilithium public key. Convert it into a usable public key. */
static int decodeDilithiumKey(WOLFSSL* ssl, int level) static int decodeDilithiumKey(WOLFSSL* ssl, int level)
@@ -9767,7 +9772,9 @@ static int decodeDilithiumKey(WOLFSSL* ssl, int level)
return 0; return 0;
} }
#endif /* HAVE_DILITHIUM */
#ifdef HAVE_FALCON
/* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a /* ssl->peerCert->sapkiDer is the alternative public key. Hopefully it is a
* falcon public key. Convert it into a usable public key. */ * falcon public key. Convert it into a usable public key. */
static int decodeFalconKey(WOLFSSL* ssl, int level) static int decodeFalconKey(WOLFSSL* ssl, int level)
@@ -9795,6 +9802,7 @@ static int decodeFalconKey(WOLFSSL* ssl, int level)
return 0; return 0;
} }
#endif /* HAVE_FALCON */
#endif /* WOLFSSL_DUAL_ALG_CERTS */ #endif /* WOLFSSL_DUAL_ALG_CERTS */
/* handle processing TLS v1.3 certificate_verify (15) */ /* handle processing TLS v1.3 certificate_verify (15) */
@@ -9947,12 +9955,17 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
sa = args->altSigAlgo; sa = args->altSigAlgo;
switch(sa) { switch(sa) {
#ifndef NO_RSA
case rsa_pss_sa_algo: case rsa_pss_sa_algo:
ret = decodeRsaKey(ssl); ret = decodeRsaKey(ssl);
break; break;
#endif
#ifdef HAVE_ECC
case ecc_dsa_sa_algo: case ecc_dsa_sa_algo:
ret = decodeEccKey(ssl); ret = decodeEccKey(ssl);
break; break;
#endif
#ifdef HAVE_DILITHIUM
case dilithium_level2_sa_algo: case dilithium_level2_sa_algo:
ret = decodeDilithiumKey(ssl, 2); ret = decodeDilithiumKey(ssl, 2);
break; break;
@@ -9962,12 +9975,15 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
case dilithium_level5_sa_algo: case dilithium_level5_sa_algo:
ret = decodeDilithiumKey(ssl, 5); ret = decodeDilithiumKey(ssl, 5);
break; break;
#endif
#ifdef HAVE_FALCON
case falcon_level1_sa_algo: case falcon_level1_sa_algo:
ret = decodeFalconKey(ssl, 1); ret = decodeFalconKey(ssl, 1);
break; break;
case falcon_level5_sa_algo: case falcon_level5_sa_algo:
ret = decodeFalconKey(ssl, 5); ret = decodeFalconKey(ssl, 5);
break; break;
#endif
default: default:
ERROR_OUT(PEER_KEY_ERROR, exit_dcv); ERROR_OUT(PEER_KEY_ERROR, exit_dcv);
} }
@@ -9978,17 +9994,22 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
if (*ssl->sigSpec == WOLFSSL_CKS_SIGSPEC_ALTERNATIVE) { if (*ssl->sigSpec == WOLFSSL_CKS_SIGSPEC_ALTERNATIVE) {
/* Now swap in the alternative by removing the native. /* Now swap in the alternative by removing the native.
* sa contains the alternative signature type. */ * sa contains the alternative signature type. */
#ifndef NO_RSA
if (ssl->peerRsaKeyPresent && sa != rsa_pss_sa_algo) { if (ssl->peerRsaKeyPresent && sa != rsa_pss_sa_algo) {
FreeKey(ssl, DYNAMIC_TYPE_RSA, FreeKey(ssl, DYNAMIC_TYPE_RSA,
(void**)&ssl->peerRsaKey); (void**)&ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0; ssl->peerRsaKeyPresent = 0;
} }
#endif
#ifdef HAVE_ECC
else if (ssl->peerEccDsaKeyPresent && else if (ssl->peerEccDsaKeyPresent &&
sa != ecc_dsa_sa_algo) { sa != ecc_dsa_sa_algo) {
FreeKey(ssl, DYNAMIC_TYPE_ECC, FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccDsaKey); (void**)&ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0;
} }
#endif
#ifdef HAVE_DILITHIUM
else if (ssl->peerDilithiumKeyPresent && else if (ssl->peerDilithiumKeyPresent &&
sa != dilithium_level2_sa_algo && sa != dilithium_level2_sa_algo &&
sa != dilithium_level3_sa_algo && sa != dilithium_level3_sa_algo &&
@@ -9997,6 +10018,8 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
(void**)&ssl->peerDilithiumKey); (void**)&ssl->peerDilithiumKey);
ssl->peerDilithiumKeyPresent = 0; ssl->peerDilithiumKeyPresent = 0;
} }
#endif
#ifdef HAVE_FALCON
else if (ssl->peerFalconKeyPresent && else if (ssl->peerFalconKeyPresent &&
sa != falcon_level1_sa_algo && sa != falcon_level1_sa_algo &&
sa != falcon_level5_sa_algo) { sa != falcon_level5_sa_algo) {
@@ -10004,6 +10027,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
(void**)&ssl->peerFalconKey); (void**)&ssl->peerFalconKey);
ssl->peerFalconKeyPresent = 0; ssl->peerFalconKeyPresent = 0;
} }
#endif
else { else {
ERROR_OUT(PEER_KEY_ERROR, exit_dcv); ERROR_OUT(PEER_KEY_ERROR, exit_dcv);
} }

1
src/x509.c
View File

@@ -12852,6 +12852,7 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
if (name == NULL || WOLFSSL_SUCCESS != wolfSSL_sk_X509_NAME_push(copy, name)) { if (name == NULL || WOLFSSL_SUCCESS != wolfSSL_sk_X509_NAME_push(copy, name)) {
WOLFSSL_MSG("Memory error"); WOLFSSL_MSG("Memory error");
wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free); wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free);
wolfSSL_X509_NAME_free(name);
return NULL; return NULL;
} }
} }

221
tests/api.c
View File

@@ -988,6 +988,11 @@ static int do_dual_alg_root_certgen(byte **out, char *caKeyFile,
RsaKey caKey; RsaKey caKey;
ecc_key altCaKey; ecc_key altCaKey;
word32 idx = 0; word32 idx = 0;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&caKey, 0, sizeof(RsaKey));
XMEMSET(&altCaKey, 0, sizeof(ecc_key));
ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL, ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER)); DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitRng(&rng), 0);
@@ -1057,7 +1062,9 @@ static int do_dual_alg_root_certgen(byte **out, char *caKeyFile,
altSigValSz), 0); altSigValSz), 0);
/* Finally, generate the new certificate. */ /* Finally, generate the new certificate. */
XMEMSET(outBuf, 0, outSz); if (outBuf != NULL) {
XMEMSET(outBuf, 0, outSz);
}
ExpectIntGT(outSz = wc_MakeSelfCert(&newCert, outBuf, outSz, &caKey, &rng), ExpectIntGT(outSz = wc_MakeSelfCert(&newCert, outBuf, outSz, &caKey, &rng),
0); 0);
*out = outBuf; *out = outBuf;
@@ -1100,6 +1107,12 @@ static int do_dual_alg_server_certgen(byte **out, char *caKeyFile,
RsaKey serverKey; RsaKey serverKey;
ecc_key altCaKey; ecc_key altCaKey;
word32 idx = 0; word32 idx = 0;
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&caKey, 0, sizeof(RsaKey));
XMEMSET(&serverKey, 0, sizeof(RsaKey));
XMEMSET(&altCaKey, 0, sizeof(ecc_key));
ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL, ExpectNotNull(outBuf = (byte*)XMALLOC(outSz, NULL,
DYNAMIC_TYPE_TMP_BUFFER)); DYNAMIC_TYPE_TMP_BUFFER));
ExpectIntEQ(wc_InitRng(&rng), 0); ExpectIntEQ(wc_InitRng(&rng), 0);
@@ -1181,7 +1194,9 @@ static int do_dual_alg_server_certgen(byte **out, char *caKeyFile,
ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74", ExpectIntEQ(wc_SetCustomExtension(&newCert, 0, "2.5.29.74",
altSigValBuf, altSigValSz), 0); altSigValBuf, altSigValSz), 0);
/* Finally, generate the new certificate. */ /* Finally, generate the new certificate. */
XMEMSET(outBuf, 0, outSz); if (outBuf != NULL) {
XMEMSET(outBuf, 0, outSz);
}
ExpectIntGT(wc_MakeCert(&newCert, outBuf, outSz, &serverKey, NULL, &rng), ExpectIntGT(wc_MakeCert(&newCert, outBuf, outSz, &serverKey, NULL, &rng),
0); 0);
ExpectIntGT(outSz = wc_SignCert(newCert.bodySz, newCert.sigType, outBuf, ExpectIntGT(outSz = wc_SignCert(newCert.bodySz, newCert.sigType, outBuf,
@@ -1259,18 +1274,25 @@ static int test_dual_alg_support(void)
ExpectIntEQ(load_file(keyFile, &serverKey, &serverKeySz), 0); ExpectIntEQ(load_file(keyFile, &serverKey, &serverKeySz), 0);
/* Base normal case. */ /* Base normal case. */
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile, altPrivFile); if (EXPECT_SUCCESS()) {
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile,
altPrivFile);
}
ExpectNotNull(root); ExpectNotNull(root);
ExpectIntGT(rootSz, 0); ExpectIntGT(rootSz, 0);
serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile, if (EXPECT_SUCCESS()) {
altPrivFile, keyFile, root, rootSz); serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile,
altPrivFile, keyFile, root, rootSz);
}
ExpectNotNull(server); ExpectNotNull(server);
ExpectIntGT(serverSz, 0); ExpectIntGT(serverSz, 0);
ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz, ExpectIntEQ(do_dual_alg_tls13_connection(root, rootSz,
server, serverSz, serverKey, (word32)serverKeySz, 0), server, serverSz, serverKey, (word32)serverKeySz, 0),
TEST_SUCCESS); TEST_SUCCESS);
XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(root, NULL, DYNAMIC_TYPE_TMP_BUFFER);
root = NULL;
XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(server, NULL, DYNAMIC_TYPE_TMP_BUFFER);
server = NULL;
/* Now we try a negative case. Note that we use wrongPrivFile to generate /* Now we try a negative case. Note that we use wrongPrivFile to generate
* the alternative signature and then set negative_test to true for the * the alternative signature and then set negative_test to true for the
@@ -1278,11 +1300,16 @@ static int test_dual_alg_support(void)
* because the signature won't verify. The exception is if * because the signature won't verify. The exception is if
* WOLFSSL_TRUST_PEER_CERT is defined. In that case, no verfication happens * WOLFSSL_TRUST_PEER_CERT is defined. In that case, no verfication happens
* and this is no longer a negative test. */ * and this is no longer a negative test. */
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile, wrongPrivFile); if (EXPECT_SUCCESS()) {
rootSz = do_dual_alg_root_certgen(&root, keyFile, sapkiFile,
wrongPrivFile);
}
ExpectNotNull(root); ExpectNotNull(root);
ExpectIntGT(rootSz, 0); ExpectIntGT(rootSz, 0);
serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile, if (EXPECT_SUCCESS()) {
wrongPrivFile, keyFile, root, rootSz); serverSz = do_dual_alg_server_certgen(&server, keyFile, sapkiFile,
wrongPrivFile, keyFile, root, rootSz);
}
ExpectNotNull(server); ExpectNotNull(server);
ExpectIntGT(serverSz, 0); ExpectIntGT(serverSz, 0);
#ifdef WOLFSSL_TRUST_PEER_CERT #ifdef WOLFSSL_TRUST_PEER_CERT
@@ -27976,7 +28003,9 @@ static int test_wc_dilithium_verify(void)
#if !defined(WOLFSSL_NO_ML_DSA_44) #if !defined(WOLFSSL_NO_ML_DSA_44)
ExpectIntEQ(wc_dilithium_import_public(ml_dsa_44_pub_key, ExpectIntEQ(wc_dilithium_import_public(ml_dsa_44_pub_key,
(word32)sizeof(ml_dsa_44_pub_key), key), 0); (word32)sizeof(ml_dsa_44_pub_key), key), 0);
XMEMCPY(sig, ml_dsa_44_good_sig, sizeof(ml_dsa_44_good_sig)); if (sig != NULL) {
XMEMCPY(sig, ml_dsa_44_good_sig, sizeof(ml_dsa_44_good_sig));
}
sigLen = (word32)sizeof(ml_dsa_44_good_sig); sigLen = (word32)sizeof(ml_dsa_44_good_sig);
#else #else
#ifdef WOLFSSL_DILITHIUM_NO_MAKE_KEY #ifdef WOLFSSL_DILITHIUM_NO_MAKE_KEY
@@ -28086,49 +28115,53 @@ static int test_wc_dilithium_verify(void)
wc_dilithium_free(importKey); wc_dilithium_free(importKey);
#ifndef WOLFSSL_NO_ML_DSA_44 #ifndef WOLFSSL_NO_ML_DSA_44
if (sig[sigLen - 5] == 0) { if (sig != NULL) {
/* Unused hints meant to be 0. */ if (sig[sigLen - 5] == 0) {
sig[sigLen - 5] = 0xff; /* Unused hints meant to be 0. */
sig[sigLen - 5] = 0xff;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res,
key), SIG_VERIFY_E);
ExpectIntEQ(res, 0);
sig[sigLen - 5] = 0x00;
}
/* Last count of hints must be less than PARAMS_ML_DSA_44_OMEGA == 80 */
b = sig[sigLen - 1];
sig[sigLen - 1] = 0xff;
res = 1; res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
SIG_VERIFY_E); SIG_VERIFY_E);
ExpectIntEQ(res, 0); ExpectIntEQ(res, 0);
sig[sigLen - 5] = 0x00; sig[sigLen - 1] = b;
}
/* Last count of hints must be less than PARAMS_ML_DSA_44_OMEGA == 80 */ if (sig[sigLen - 4] > 1) {
b = sig[sigLen - 1]; /* Index must be less than previous. */
sig[sigLen - 1] = 0xff; b = sig[sigLen - 84];
res = 1; sig[sigLen - 84] = 0xff;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), res = 1;
SIG_VERIFY_E); ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res,
ExpectIntEQ(res, 0); key), SIG_VERIFY_E);
sig[sigLen - 1] = b; ExpectIntEQ(res, 0);
sig[sigLen - 84] = b;
}
if (sig[sigLen - 4] > 1) { /* Mess up commit hash. */
/* Index must be less than previous. */ sig[0] ^= 0x80;
b = sig[sigLen - 84];
sig[sigLen - 84] = 0xff;
res = 1; res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
SIG_VERIFY_E); 0);
ExpectIntEQ(res, 0); ExpectIntEQ(res, 0);
sig[sigLen - 84] = b; sig[0] ^= 0x80;
/* Mess up z. */
sig[100] ^= 0x80;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key),
0);
ExpectIntEQ(res, 0);
sig[100] ^= 0x80;
} }
/* Mess up commit hash. */
sig[0] ^= 0x80;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), 0);
ExpectIntEQ(res, 0);
sig[0] ^= 0x80;
/* Mess up z. */
sig[100] ^= 0x80;
res = 1;
ExpectIntEQ(wc_dilithium_verify_msg(sig, sigLen, msg, 32, &res, key), 0);
ExpectIntEQ(res, 0);
sig[100] ^= 0x80;
#endif #endif
wc_dilithium_free(key); wc_dilithium_free(key);
@@ -28220,35 +28253,43 @@ static int test_wc_dilithium_check_key(void)
&privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), 0); &privCheckKeyLen, pubCheckKey, &pubCheckKeyLen), 0);
/* Modify hash. */ /* Modify hash. */
pubCheckKey[0] ^= 0x80; if (pubCheckKey != NULL) {
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, NULL), BAD_FUNC_ARG); pubCheckKey[0] ^= 0x80;
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, 0, NULL, 0, NULL), ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, NULL),
BAD_FUNC_ARG); BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, pubCheckKey, 0, NULL), ExpectIntEQ(wc_dilithium_import_key(privCheckKey, 0, NULL, 0, NULL),
BAD_FUNC_ARG); BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, checkKey), ExpectIntEQ(wc_dilithium_import_key(NULL, 0, pubCheckKey, 0, NULL),
BAD_FUNC_ARG); BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(NULL , ExpectIntEQ(wc_dilithium_import_key(NULL, 0, NULL, 0, checkKey),
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey), BAD_FUNC_ARG); BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, ExpectIntEQ(wc_dilithium_import_key(NULL ,
0 , pubCheckKey, pubCheckKeyLen, checkKey), BAD_FUNC_ARG); privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey),
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, BAD_FUNC_ARG);
privCheckKeyLen, NULL , pubCheckKeyLen, checkKey), BAD_FUNC_ARG); ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, 0 , pubCheckKey, pubCheckKeyLen, checkKey),
privCheckKeyLen, pubCheckKey, 0 , checkKey), BAD_FUNC_ARG); BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, NULL ), BAD_FUNC_ARG); privCheckKeyLen, NULL , pubCheckKeyLen, checkKey),
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, BAD_FUNC_ARG);
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey), 0); ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E); privCheckKeyLen, pubCheckKey, 0 , checkKey),
privCheckKey[0] ^= 0x80; BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, NULL ),
BAD_FUNC_ARG);
ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen, pubCheckKey, pubCheckKeyLen, checkKey), 0);
ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E);
pubCheckKey[0] ^= 0x80;
/* Modify encoded t1. */ /* Modify encoded t1. */
pubCheckKey[48] ^= 0x80; pubCheckKey[48] ^= 0x80;
ExpectIntEQ(wc_dilithium_import_key(privCheckKey, ExpectIntEQ(wc_dilithium_import_key(privCheckKey,
privCheckKeyLen,pubCheckKey, pubCheckKeyLen, checkKey), 0); privCheckKeyLen,pubCheckKey, pubCheckKeyLen, checkKey), 0);
ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E); ExpectIntEQ(wc_dilithium_check_key(checkKey), PUBLIC_KEY_E);
privCheckKey[48] ^= 0x80; pubCheckKey[48] ^= 0x80;
}
wc_dilithium_free(checkKey); wc_dilithium_free(checkKey);
wc_FreeRng(&rng); wc_FreeRng(&rng);
@@ -60765,7 +60806,8 @@ static int test_wolfSSL_X509_STORE_set_get_crl_provider(X509_STORE_CTX* ctx,
if (crl != NULL) { if (crl != NULL) {
char* crl_issuer = X509_NAME_oneline( char* crl_issuer = X509_NAME_oneline(
X509_CRL_get_issuer(crl), NULL, 0); X509_CRL_get_issuer(crl), NULL, 0);
if (XSTRCMP(cert_issuer, crl_issuer) == 0) { if ((crl_issuer != NULL) &&
(XSTRCMP(cert_issuer, crl_issuer) == 0)) {
*crl_out = X509_CRL_dup(crl); *crl_out = X509_CRL_dup(crl);
if (*crl_out != NULL) if (*crl_out != NULL)
ret = 1; ret = 1;
@@ -60910,7 +60952,10 @@ static int test_wolfSSL_dup_CA_list(void)
for (i = 0; i < 3; i++) { for (i = 0; i < 3; i++) {
name = X509_NAME_new(); name = X509_NAME_new();
ExpectNotNull(name); ExpectNotNull(name);
AssertIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS); ExpectIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
X509_NAME_free(name);
}
} }
copyStack = SSL_dup_CA_list(originalStack); copyStack = SSL_dup_CA_list(originalStack);
@@ -60918,7 +60963,7 @@ static int test_wolfSSL_dup_CA_list(void)
originalCount = sk_X509_NAME_num(originalStack); originalCount = sk_X509_NAME_num(originalStack);
copyCount = sk_X509_NAME_num(copyStack); copyCount = sk_X509_NAME_num(copyStack);
AssertIntEQ(originalCount, copyCount); ExpectIntEQ(originalCount, copyCount);
sk_X509_NAME_pop_free(originalStack, X509_NAME_free); sk_X509_NAME_pop_free(originalStack, X509_NAME_free);
sk_X509_NAME_pop_free(copyStack, X509_NAME_free); sk_X509_NAME_pop_free(copyStack, X509_NAME_free);
@@ -64092,17 +64137,17 @@ static int test_wolfSSL_EC_POINT(void)
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx); hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx);
ExpectNotNull(hexStr); ExpectNotNull(hexStr);
ExpectStrEQ(hexStr, uncompG); ExpectStrEQ(hexStr, uncompG);
AssertNotNull(get_point = EC_POINT_hex2point(group, hexStr, NULL, ctx)); ExpectNotNull(get_point = EC_POINT_hex2point(group, hexStr, NULL, ctx));
AssertIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0); ExpectIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0);
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx); hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx);
ExpectNotNull(hexStr); ExpectNotNull(hexStr);
ExpectStrEQ(hexStr, compG); ExpectStrEQ(hexStr, compG);
#ifdef HAVE_COMP_KEY #ifdef HAVE_COMP_KEY
AssertNotNull(get_point = EC_POINT_hex2point ExpectNotNull(get_point = EC_POINT_hex2point
(group, hexStr, get_point, ctx)); (group, hexStr, get_point, ctx));
AssertIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0); ExpectIntEQ(EC_POINT_cmp(group, Gxy, get_point, ctx), 0);
#endif #endif
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC); XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
EC_POINT_free(get_point); EC_POINT_free(get_point);
@@ -70554,7 +70599,7 @@ static int test_override_alt_cert_chain(void)
#define svrRpkCertFile "./certs/rpk/server-cert-rpk.der" #define svrRpkCertFile "./certs/rpk/server-cert-rpk.der"
#define clntRpkCertFile "./certs/rpk/client-cert-rpk.der" #define clntRpkCertFile "./certs/rpk/client-cert-rpk.der"
#if defined(WOLFSSL_ALWAYS_VERIFY_CB) #if defined(WOLFSSL_ALWAYS_VERIFY_CB) && defined(WOLFSSL_TLS13)
static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx) static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx)
{ {
int ret = WOLFSSL_SUCCESS; int ret = WOLFSSL_SUCCESS;
@@ -70563,7 +70608,7 @@ static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx)
WOLFSSL_ENTER("MyRpkVerifyCb"); WOLFSSL_ENTER("MyRpkVerifyCb");
return ret; return ret;
} }
#endif /* WOLFSSL_ALWAYS_VERIFY_CB */ #endif /* WOLFSSL_ALWAYS_VERIFY_CB && WOLFSSL_TLS13 */
static WC_INLINE int test_rpk_memio_setup( static WC_INLINE int test_rpk_memio_setup(
struct test_memio_ctx *ctx, struct test_memio_ctx *ctx,
@@ -70668,7 +70713,7 @@ static int test_rpk_set_xxx_cert_type(void)
WOLFSSL* ssl = NULL; WOLFSSL* ssl = NULL;
int tp; int tp;
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); ctx = wolfSSL_CTX_new(wolfTLS_client_method());
ExpectNotNull(ctx); ExpectNotNull(ctx);
ssl = wolfSSL_new(ctx); ssl = wolfSSL_new(ctx);
@@ -70895,8 +70940,10 @@ static int test_rpk_set_xxx_cert_type(void)
static int test_tls13_rpk_handshake(void) static int test_tls13_rpk_handshake(void)
{ {
EXPECT_DECLS; EXPECT_DECLS;
#if defined(HAVE_RPK) #if defined(HAVE_RPK) && (!defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13))
#ifdef WOLFSSL_TLS13
int ret = 0; int ret = 0;
#endif
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL; WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL; WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx; struct test_memio_ctx test_ctx;
@@ -70906,7 +70953,7 @@ static int test_tls13_rpk_handshake(void)
int typeCnt_c; int typeCnt_c;
int typeCnt_s; int typeCnt_s;
int tp = 0; int tp = 0;
#if defined(WOLFSSL_ALWAYS_VERIFY_CB) #if defined(WOLFSSL_ALWAYS_VERIFY_CB) && defined(WOLFSSL_TLS13)
int isServer; int isServer;
#endif #endif
@@ -70916,6 +70963,7 @@ static int test_tls13_rpk_handshake(void)
(void)certType_c; (void)certType_c;
(void)certType_s; (void)certType_s;
#ifndef WOLFSSL_NO_TLS12
/* TLS1.2 /* TLS1.2
* Both client and server load x509 cert and start handshaking. * Both client and server load x509 cert and start handshaking.
* Check no negotiation occurred. * Check no negotiation occurred.
@@ -70973,7 +71021,9 @@ static int test_tls13_rpk_handshake(void)
wolfSSL_CTX_free(ctx_s); wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL; ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL; ctx_c = ctx_s = NULL;
#endif
#ifdef WOLFSSL_TLS13
/* Both client and server load x509 cert and start handshaking. /* Both client and server load x509 cert and start handshaking.
* Check no negotiation occurred. * Check no negotiation occurred.
*/ */
@@ -71097,8 +71147,10 @@ static int test_tls13_rpk_handshake(void)
wolfSSL_CTX_free(ctx_s); wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL; ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL; ctx_c = ctx_s = NULL;
#endif
#ifndef WOLFSSL_NO_TLS12
/* TLS1.2 /* TLS1.2
* Both client and server load RPK cert and start handshaking. * Both client and server load RPK cert and start handshaking.
* Confirm negotiated cert types match as expected. * Confirm negotiated cert types match as expected.
@@ -71164,8 +71216,10 @@ static int test_tls13_rpk_handshake(void)
wolfSSL_CTX_free(ctx_s); wolfSSL_CTX_free(ctx_s);
ssl_c = ssl_s = NULL; ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL; ctx_c = ctx_s = NULL;
#endif
#ifdef WOLFSSL_TLS13
/* Both client and server load x509 cert. /* Both client and server load x509 cert.
* Have client call set_client_cert_type with both RPK and x509. * Have client call set_client_cert_type with both RPK and x509.
* This doesn't makes client add client cert type extension to ClientHello, * This doesn't makes client add client cert type extension to ClientHello,
@@ -71563,8 +71617,9 @@ static int test_tls13_rpk_handshake(void)
ssl_c = ssl_s = NULL; ssl_c = ssl_s = NULL;
ctx_c = ctx_s = NULL; ctx_c = ctx_s = NULL;
#endif /* WOLFSSL_ALWAYS_VERIFY_CB */ #endif /* WOLFSSL_ALWAYS_VERIFY_CB */
#endif /* WOLFSSL_TLS13 */
#endif /* HAVE_RPK */ #endif /* HAVE_RPK && (!WOLFSSL_NO_TLS12 || WOLFSSL_TLS13) */
return EXPECT_RESULT(); return EXPECT_RESULT();
} }

2
wolfcrypt/src/asn.c
View File

@@ -31685,6 +31685,8 @@ int wc_MakeSigWithBitStr(byte *sig, int sigSz, int sType, byte* buf,
#endif #endif
if (ret <= 0) { if (ret <= 0) {
XFREE(certSignCtx->sig, heap, DYNAMIC_TYPE_TMP_BUFFER);
certSignCtx->sig = NULL;
return ret; return ret;
} }

1
wolfcrypt/src/wc_xmss_impl.c
View File

@@ -4055,6 +4055,7 @@ int wc_xmss_sigsleft(const XmssParams* params, unsigned char* sk)
int ret = 0; int ret = 0;
wc_Idx idx; wc_Idx idx;
WC_IDX_ZERO(idx);
/* Read index from the secret key. */ /* Read index from the secret key. */
WC_IDX_DECODE(idx, params->idx_len, sk, ret); WC_IDX_DECODE(idx, params->idx_len, sk, ret);
/* Check validity of index. */ /* Check validity of index. */