diff --git a/configure.ac b/configure.ac index 6c7c01025..941fb24b3 100644 --- a/configure.ac +++ b/configure.ac @@ -148,6 +148,17 @@ AC_ARG_ENABLE([linuxkm], [ENABLED_LINUXKM=no] ) +AC_ARG_ENABLE([linuxkm-defaults], + [AS_HELP_STRING([--enable-linuxkm-defaults],[Enable feature defaults for Linux Kernel Module (default: disabled)])], + [ENABLED_LINUXKM_DEFAULTS=$enableval], + [ENABLED_LINUXKM_DEFAULTS=$ENABLED_LINUXKM] + ) + +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_OLD_PRIME_CHECK -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DSP_HALF_SIZE=32 -DSP_HALF_MAX=4294967295U" +fi + AC_ARG_WITH([linux-source], [AS_HELP_STRING([--with-linux-source=PATH],[PATH to root of Linux kernel build tree])], [KERNEL_ROOT=$withval], @@ -186,6 +197,34 @@ then fi +# Single Precision maths implementation +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" +then + ENABLED_SP_DEFAULT=small +else + ENABLED_SP_DEFAULT=no +fi +AC_ARG_ENABLE([sp], + [AS_HELP_STRING([--enable-sp],[Enable Single Precision maths implementation (default: disabled)])], + [ ENABLED_SP=$enableval ], + [ ENABLED_SP=$ENABLED_SP_DEFAULT ], + ) + + +# Single Precision maths exclusively (no fastmath) +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && test "$ENABLED_SP" != "no" +then + ENABLED_SP_MATH_DEFAULT=yes +else + ENABLED_SP_MATH_DEFAULT=no +fi +AC_ARG_ENABLE([sp-math], + [AS_HELP_STRING([--enable-sp-math],[Enable Single Precision math implementation only (default: disabled)])], + [ ENABLED_SP_MATH=$enableval ], + [ ENABLED_SP_MATH=$ENABLED_SP_MATH_DEFAULT ], + ) + + # ALL FEATURES AC_ARG_ENABLE([all], [AS_HELP_STRING([--enable-all],[Enable all wolfSSL features, except SSLv3 (default: disabled)])], @@ -274,19 +313,159 @@ then enable_indef=yes enable_enckeys=yes enable_hashflags=yes - enable_dhdefaultparams=yes - - # Enable AES Decrypt, AES ECB, Alt Names, DER Load, Keep Certs, CRL IO with Timeout - AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_DECRYPT -DHAVE_AES_ECB -DWOLFSSL_ALT_NAMES -DWOLFSSL_DER_LOAD -DKEEP_OUR_CERT -DKEEP_PEER_CERT -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT" + enable_defaultdhparams=yes + enable_arc4=yes + enable_des3=yes + enable_nullcipher=yes + enable_blake2=yes + enable_blake2s=yes + enable_md4=yes + enable_postauth=yes + enable_hrrcookie=yes + enable_cryptocb=yes + enable_fallback_scsv=yes + enable_anon=yes + enable_mcast=yes # Enable DH const table speedups (eliminates `-lm` math lib dependency) AM_CFLAGS="$AM_CFLAGS -DHAVE_FFDHE_2048 -DHAVE_FFDHE_3072 -DFP_MAX_BITS=8192" - # Enable ECC Key Gen / Import checks - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT -DWOLFSSL_VALIDATE_ECC_KEYGEN" + # Enable multiple attribute additions such as DC + AM_CFLAGS="-DWOLFSSL_MULTI_ATTRIB $AM_CFLAGS" + + # Enable AES Decrypt, AES ECB, Alt Names, DER Load, Keep Certs, CRL IO with Timeout + AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_DECRYPT -DHAVE_AES_ECB -DWOLFSSL_ALT_NAMES -DWOLFSSL_DER_LOAD -DKEEP_OUR_CERT -DKEEP_PEER_CERT" + + # Enable ECC Key Gen checks + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_KEYGEN" + + if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT" + fi + + if test "$ENABLED_SP_MATH" = "no" + then + # Enable ECC Import checks + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT" + else + # sp-math is incompatible with opensslextra, ECC custom curves, and DSA: + + enable_openssh=no + enable_opensslextra=no + enable_opensslall=no + enable_dsa=no + enable_ecccustcurves=no + enable_srp=no + enable_certservice=no + enable_jni=no + enable_lighty=no + enable_haproxy=no + enable_stunnel=no + enable_nginx=no + enable_apachehttpd=no + enable_openvpn=no + enable_asio=no + enable_libwebsockets=no + enable_qt=no + fi + + if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" + then + enable_compkey=no + fi +fi + + +# ALL CRYPTO FEATURES +AC_ARG_ENABLE([all-crypto], + [AS_HELP_STRING([--enable-all-crypto],[Enable all wolfcrypt algorithms (default: disabled)])], + [ ENABLED_ALL_CRYPT=$enableval ], + [ ENABLED_ALL_CRYPT=no ] + ) +if test "$ENABLED_ALL_CRYPT" = "yes" +then + enable_atomicuser=yes + enable_pkcallbacks=yes + enable_aesgcm=yes + enable_aesccm=yes + enable_aesctr=yes + enable_aesofb=yes + enable_aescfb=yes + enable_camellia=yes + enable_ripemd=yes + enable_sha512=yes + enable_sha224=yes + enable_sha3=yes + enable_sessioncerts=yes + enable_keygen=yes + enable_certgen=yes + enable_certreq=yes + enable_certext=yes + enable_sep=yes + enable_hkdf=yes + enable_curve25519=yes + enable_curve448=yes + enable_ed448=yes + enable_ed25519=yes + enable_fpecc=yes + enable_eccencrypt=yes + enable_psk=yes + enable_idea=yes + enable_cmac=yes + enable_xts=yes + enable_hc128=yes + enable_rabbit=yes + enable_xchacha=yes + enable_ocsp=yes + enable_ocspstapling=yes + enable_ocspstapling2=yes + enable_crl=yes + enable_supportedcurves=yes + enable_tlsx=yes + enable_pkcs7=yes + enable_pwdbased=yes + enable_aeskeywrap=yes + enable_x963kdf=yes + enable_scrypt=yes + enable_indef=yes + enable_enckeys=yes + enable_hashflags=yes + enable_defaultdhparams=yes + enable_arc4=yes + enable_des3=yes + enable_nullcipher=yes + enable_blake2=yes + enable_blake2s=yes + enable_md4=yes + enable_cryptocb=yes + enable_anon=yes + + if test "$ENABLED_LINUXKM_DEFAULTS" != "yes" + then + enable_compkey=yes + fi + + # Enable AES Decrypt, AES ECB, Alt Names, DER Load + AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_DECRYPT -DHAVE_AES_ECB -DWOLFSSL_ALT_NAMES -DWOLFSSL_DER_LOAD" + + # Enable DH const table speedups (eliminates `-lm` math lib dependency) + AM_CFLAGS="$AM_CFLAGS -DHAVE_FFDHE_2048 -DHAVE_FFDHE_3072 -DFP_MAX_BITS=8192" # Enable multiple attribute additions such as DC AM_CFLAGS="-DWOLFSSL_MULTI_ATTRIB $AM_CFLAGS" + + # Enable ECC Key Gen checks + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_KEYGEN" + + if test "$ENABLED_SP_MATH" = "no" + then + enable_dsa=yes + enable_ecccustcurves=yes + + # Enable ECC Import checks + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT" + fi fi @@ -3415,7 +3594,7 @@ fi # Small Stack - Cache on object -if test "$ENABLED_LINUXKM" = "yes" +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" then ENABLED_SMALL_STACK_CACHE_DEFAULT=yes else @@ -3433,7 +3612,7 @@ then fi # Small Stack -if test "$ENABLED_LINUXKM" = "yes" +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" then ENABLED_SMALL_STACK_DEFAULT=yes else @@ -4073,7 +4252,7 @@ if test "$host_cpu" = "x86_64" || test "$host_cpu" = "aarch64" then FASTMATH_DEFAULT=yes fi -if test "$ENABLED_LINUXKM" = "yes" +if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" then FASTMATH_DEFAULT=no fi @@ -4395,19 +4574,6 @@ AS_IF([test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_INTEL_QA_SYNC" = "x ]) -# Single Precision maths implementation -if test "$ENABLED_LINUXKM" = "yes" -then - ENABLED_SP_DEFAULT=small -else - ENABLED_SP_DEFAULT=no -fi -AC_ARG_ENABLE([sp], - [AS_HELP_STRING([--enable-sp],[Enable Single Precision maths implementation (default: disabled)])], - [ ENABLED_SP=$enableval ], - [ ENABLED_SP=$ENABLED_SP_DEFAULT ], - ) - ENABLED_SP_RSA=no ENABLED_SP_DH=no ENABLED_SP_FF_2048=no @@ -4654,17 +4820,6 @@ if test "$ENABLED_SP_ASM" = "yes"; then esac fi -if test "$ENABLED_LINUXKM" = "yes" && test "$ENABLED_SP" != "no" -then - ENABLED_SP_MATH_DEFAULT=yes -else - ENABLED_SP_MATH_DEFAULT=no -fi -AC_ARG_ENABLE([sp-math], - [AS_HELP_STRING([--enable-sp-math],[Enable Single Precision math implementation only (default: disabled)])], - [ ENABLED_SP_MATH=$enableval ], - [ ENABLED_SP_MATH=$ENABLED_SP_MATH_DEFAULT ], - ) if test "$ENABLED_SP_MATH" = "yes"; then if test "$ENABLED_SP" = "no"; then AC_MSG_ERROR([Must have SP enabled: --enable-sp]) @@ -5429,8 +5584,8 @@ if test "x$ENABLED_LINUXKM" = "xyes"; then if test "$ENABLED_SMALL_STACK" != "yes"; then AC_MSG_ERROR([--enable-smallstack is required for --enable-linuxkm.]) fi - if test "$ENABLED_SMALL_STACK_CACHE" != "yes"; then - AC_MSG_ERROR([--enable-smallstackcache is required for --enable-linuxkm.]) + if test "$ENABLED_SP_MATH" = "no"; then + AC_MSG_ERROR([--enable-sp-math is required for --enable-linuxkm.]) fi if test "$ENABLED_STACKSIZE" = "yes"; then AC_MSG_ERROR([--enable-stacksize is incompatible with --enable-linuxkm.]) diff --git a/src/internal.c b/src/internal.c index 7fefaed5b..39e80d94b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -11460,6 +11460,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, else { ssl->peerEccDsaKeyPresent = 1; #ifdef HAVE_PK_CALLBACKS + if (ssl->buffers.peerEccDsaKey.buffer) + XFREE(ssl->buffers.peerEccDsaKey.buffer, + ssl->heap, DYNAMIC_TYPE_ECC); ssl->buffers.peerEccDsaKey.buffer = (byte*)XMALLOC(args->dCert->pubKeySize, ssl->heap, DYNAMIC_TYPE_ECC); @@ -21132,9 +21135,20 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size, ssl->buffers.weOwnDH = 1; - ssl->buffers.serverDH_P.buffer = NULL; - ssl->buffers.serverDH_G.buffer = NULL; - ssl->buffers.serverDH_Pub.buffer = NULL; + if (ssl->buffers.serverDH_P.buffer) { + XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_P.buffer = NULL; + } + + if (ssl->buffers.serverDH_G.buffer) { + XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_G.buffer = NULL; + } + + if (ssl->buffers.serverDH_Pub.buffer) { + XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + ssl->buffers.serverDH_Pub.buffer = NULL; + } /* p */ if ((args->idx - args->begin) + OPAQUE16_LEN > size) { @@ -27118,13 +27132,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.dtlsCookieSecret.buffer, ssl->buffers.dtlsCookieSecret.length); - if (ret != 0) return ret; + if (ret != 0) goto out; ret = wc_HmacUpdate(&cookieHmac, (const byte*)ssl->buffers.dtlsCtx.peer.sa, ssl->buffers.dtlsCtx.peer.sz); - if (ret != 0) return ret; + if (ret != 0) goto out; ret = wc_HmacUpdate(&cookieHmac, input + i, OPAQUE16_LEN); - if (ret != 0) return ret; + if (ret != 0) goto out; } #endif /* WOLFSSL_DTLS */ i += OPAQUE16_LEN; @@ -27144,11 +27158,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (!ssl->options.downgrade) { WOLFSSL_MSG("Client trying to connect with lesser version"); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } if (pv.minor < ssl->options.minDowngrade) { WOLFSSL_MSG("\tversion below minimum allowed, fatal error"); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } if (pv.minor == SSLv3_MINOR) { @@ -27217,12 +27233,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->version.minor == SSLv3_MINOR && (ssl->options.mask & SSL_OP_NO_SSLv3) == SSL_OP_NO_SSLv3) { WOLFSSL_MSG("\tError, option set to not allow SSLv3"); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } if (ssl->version.minor < ssl->options.minDowngrade) { WOLFSSL_MSG("\tversion below minimum allowed, fatal error"); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } if (reset) { @@ -27254,7 +27272,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && !ssl->options.resuming) { ret = wc_HmacUpdate(&cookieHmac, input + i, RAN_LEN); - if (ret != 0) return ret; + if (ret != 0) goto out; } #endif /* WOLFSSL_DTLS */ i += RAN_LEN; @@ -27280,15 +27298,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif if (b == ID_LEN || bogusID) { - if ((i - begin) + b > helloSz) - return BUFFER_ERROR; + if ((i - begin) + b > helloSz) { + ret = BUFFER_ERROR; + goto out; + } XMEMCPY(ssl->arrays->sessionID, input + i, b); #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl) && !IsSCR(ssl) && !ssl->options.resuming) { ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); - if (ret != 0) return ret; + if (ret != 0) goto out; } #endif /* WOLFSSL_DTLS */ ssl->arrays->sessionIDSz = b; @@ -27298,24 +27318,31 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } else if (b) { WOLFSSL_MSG("Invalid session ID size"); - return BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ + ret = BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ + goto out; } #ifdef WOLFSSL_DTLS /* cookie */ if (ssl->options.dtls) { - if ((i - begin) + OPAQUE8_LEN > helloSz) - return BUFFER_ERROR; + if ((i - begin) + OPAQUE8_LEN > helloSz) { + ret = BUFFER_ERROR; + goto out; + } peerCookieSz = input[i++]; if (peerCookieSz) { - if (peerCookieSz > MAX_COOKIE_LEN) - return BUFFER_ERROR; + if (peerCookieSz > MAX_COOKIE_LEN) { + ret = BUFFER_ERROR; + goto out; + } - if ((i - begin) + peerCookieSz > helloSz) - return BUFFER_ERROR; + if ((i - begin) + peerCookieSz > helloSz) { + ret = BUFFER_ERROR; + goto out; + } XMEMCPY(peerCookie, input + i, peerCookieSz); @@ -27325,22 +27352,30 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* suites */ - if ((i - begin) + OPAQUE16_LEN > helloSz) - return BUFFER_ERROR; + if ((i - begin) + OPAQUE16_LEN > helloSz) { + ret = BUFFER_ERROR; + goto out; + } ato16(&input[i], &clSuites.suiteSz); i += OPAQUE16_LEN; /* Cipher suite lists are always multiples of two in length. */ - if (clSuites.suiteSz % 2 != 0) - return BUFFER_ERROR; + if (clSuites.suiteSz % 2 != 0) { + ret = BUFFER_ERROR; + goto out; + } /* suites and compression length check */ - if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) - return BUFFER_ERROR; + if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) { + ret = BUFFER_ERROR; + goto out; + } - if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) - return BUFFER_ERROR; + if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) { + ret = BUFFER_ERROR; + goto out; + } XMEMCPY(clSuites.suites, input + i, clSuites.suiteSz); @@ -27352,7 +27387,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite */ ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, ssl->heap); if (ret != WOLFSSL_SUCCESS) - return ret; + goto out; extension = TLSX_Find(ssl->extensions, TLSX_RENEGOTIATION_INFO); if (extension) { @@ -27369,7 +27404,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->ctx->method->version.minor > pv.minor) { WOLFSSL_MSG("Client trying to connect with lesser version"); SendAlert(ssl, alert_fatal, inappropriate_fallback); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } } #endif @@ -27379,7 +27415,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ret = wc_HmacUpdate(&cookieHmac, input + i - OPAQUE16_LEN, clSuites.suiteSz + OPAQUE16_LEN); - if (ret != 0) return ret; + if (ret != 0) goto out; } #endif /* WOLFSSL_DTLS */ i += clSuites.suiteSz; @@ -27388,15 +27424,18 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* compression length */ b = input[i++]; - if ((i - begin) + b > helloSz) - return BUFFER_ERROR; + if ((i - begin) + b > helloSz) { + ret = BUFFER_ERROR; + goto out; + } if (b == 0) { WOLFSSL_MSG("No compression types in list"); #ifdef WOLFSSL_EXTRA_ALERTS SendAlert(ssl, alert_fatal, decode_error); #endif - return COMPRESSION_ERROR; + ret = COMPRESSION_ERROR; + goto out; } #ifdef WOLFSSL_DTLS @@ -27405,9 +27444,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, byte newCookie[MAX_COOKIE_LEN]; ret = wc_HmacUpdate(&cookieHmac, input + i - 1, b + 1); - if (ret != 0) return ret; + if (ret != 0) goto out; ret = wc_HmacFinal(&cookieHmac, newCookie); - if (ret != 0) return ret; + if (ret != 0) goto out; /* If a cookie callback is set, call it to overwrite the cookie. * This should be deprecated. The code now calculates the cookie @@ -27415,7 +27454,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->ctx->CBIOCookie != NULL && ssl->ctx->CBIOCookie(ssl, newCookie, cookieSz, ssl->IOCB_CookieCtx) != cookieSz) { - return COOKIE_ERROR; + ret = COOKIE_ERROR; + goto out; } /* Check the cookie, see if we progress the state machine. */ @@ -27428,14 +27468,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->keys.dtls_handshake_number = 0; ssl->keys.dtls_expected_peer_handshake_number = 0; *inOutIdx += helloSz; - return SendHelloVerifyRequest(ssl, newCookie, cookieSz); + ret = SendHelloVerifyRequest(ssl, newCookie, cookieSz); + goto out; } } /* This was skipped in the DTLS case so we could handle the hello * verify request. */ ret = HashInput(ssl, input + *inOutIdx, helloSz); - if (ret != 0) return ret; + if (ret != 0) goto out; } #endif /* WOLFSSL_DTLS */ @@ -27467,7 +27508,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #ifdef WOLFSSL_EXTRA_ALERTS SendAlert(ssl, alert_fatal, illegal_parameter); #endif - return COMPRESSION_ERROR; + ret = COMPRESSION_ERROR; + goto out; } } @@ -27490,34 +27532,39 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #ifdef HAVE_TLS_EXTENSIONS /* auto populate extensions supported unless user defined */ if ((ret = TLSX_PopulateExtensions(ssl, 1)) != 0) - return ret; + goto out; #endif - if ((i - begin) + OPAQUE16_LEN > helloSz) - return BUFFER_ERROR; + if ((i - begin) + OPAQUE16_LEN > helloSz) { + ret = BUFFER_ERROR; + goto out; + } ato16(&input[i], &totalExtSz); i += OPAQUE16_LEN; - if ((i - begin) + totalExtSz > helloSz) - return BUFFER_ERROR; + if ((i - begin) + totalExtSz > helloSz) { + ret = BUFFER_ERROR; + goto out; + } #ifdef HAVE_TLS_EXTENSIONS /* tls extensions */ if ((ret = TLSX_Parse(ssl, (byte *) input + i, totalExtSz, client_hello, &clSuites))) - return ret; + goto out; #ifdef WOLFSSL_TLS13 if (TLSX_Find(ssl->extensions, TLSX_SUPPORTED_VERSIONS) != NULL) { WOLFSSL_MSG( "Client attempting to connect with higher version"); - return VERSION_ERROR; + ret = VERSION_ERROR; + goto out; } #endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) if((ret=SNI_Callback(ssl))) - return ret; + goto out; ssl->options.side = WOLFSSL_SERVER_END; #endif @@ -27526,16 +27573,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, while (totalExtSz) { word16 extId, extSz; - if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz) - return BUFFER_ERROR; + if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz) { + ret = BUFFER_ERROR; + goto out; + } ato16(&input[i], &extId); i += OPAQUE16_LEN; ato16(&input[i], &extSz); i += OPAQUE16_LEN; - if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) - return BUFFER_ERROR; + if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) { + ret = BUFFER_ERROR; + goto out; + } if (extId == HELLO_EXT_SIG_ALGO) { word16 hashSigAlgoSz; @@ -27543,11 +27594,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ato16(&input[i], &hashSigAlgoSz); i += OPAQUE16_LEN; - if (OPAQUE16_LEN + hashSigAlgoSz > extSz) - return BUFFER_ERROR; + if (OPAQUE16_LEN + hashSigAlgoSz > extSz) { + ret = BUFFER_ERROR; + goto out; + } - if (hashSigAlgoSz % 2 != 0) - return BUFFER_ERROR; + if (hashSigAlgoSz % 2 != 0) { + ret = BUFFER_ERROR; + goto out; + } clSuites.hashSigAlgoSz = hashSigAlgoSz; if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) { @@ -27584,7 +27639,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->options.resuming) { ret = HandleTlsResumption(ssl, bogusID, &clSuites); if (ret != 0) - return ret; + goto out; #ifdef HAVE_SECURE_RENEGOTIATION if (ssl->secure_renegotiation && @@ -27594,13 +27649,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif if (ssl->options.clientState == CLIENT_KEYEXCHANGE_COMPLETE) { - #ifdef WOLFSSL_DTLS - wc_HmacFree(&cookieHmac); - #endif WOLFSSL_LEAVE("DoClientHello", ret); WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); - return ret; + goto out; } } @@ -27611,7 +27663,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, * present and no matches in the server's list. */ ret = TLSX_SupportedFFDHE_Set(ssl); if (ret != 0) - return ret; + goto out; } #endif #endif @@ -27631,14 +27683,18 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } #endif #ifdef WOLFSSL_DTLS - wc_HmacFree(&cookieHmac); - if (ret == 0 && ssl->options.dtls) DtlsMsgPoolReset(ssl); #endif WOLFSSL_LEAVE("DoClientHello", ret); WOLFSSL_END(WC_FUNC_CLIENT_HELLO_DO); + out: + +#ifdef WOLFSSL_DTLS + wc_HmacFree(&cookieHmac); +#endif + return ret; } diff --git a/tests/api.c b/tests/api.c index ebdcd3276..866000ecb 100644 --- a/tests/api.c +++ b/tests/api.c @@ -13778,19 +13778,22 @@ static int test_wc_CheckProbablePrime (void) int ret = 0; #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \ !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) + +#define CHECK_PROBABLE_PRIME_KEY_BITS 2048 + RsaKey key; WC_RNG rng; byte e[3]; word32 eSz = (word32)sizeof(e); - byte n[512]; /* size of RSA_TEST_BYTES */ + byte n[CHECK_PROBABLE_PRIME_KEY_BITS / 8]; word32 nSz = (word32)sizeof(n); - byte d[512]; + byte d[CHECK_PROBABLE_PRIME_KEY_BITS / 8]; word32 dSz = (word32)sizeof(d); - byte p[512/2]; + byte p[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2]; word32 pSz = (word32)sizeof(p); - byte q[512/2]; + byte q[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2]; word32 qSz = (word32)sizeof(q); - int nlen = 1024; + int nlen = CHECK_PROBABLE_PRIME_KEY_BITS; int* isPrime; int test[5]; isPrime = test; @@ -13807,7 +13810,7 @@ static int test_wc_CheckProbablePrime (void) ret = wc_RsaSetRNG(&key, &rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); + ret = wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS, WC_RSA_EXPONENT, &rng); } if (ret == 0) { ret = wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz, @@ -13873,6 +13876,9 @@ static int test_wc_CheckProbablePrime (void) wc_FreeRng(&rng); printf(resultFmt, ret == 0 ? passed : failed); + +#undef CHECK_PROBABLE_PRIME_KEY_BITS + #endif return ret; @@ -13906,9 +13912,9 @@ static int test_wc_RsaPSS_Verify (void) ret = wc_RsaSetRNG(&key, &rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); + ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng); } - + if (ret == 0) { ret = wc_RsaPSS_Sign((byte*)szMessage, (word32)XSTRLEN(szMessage)+1, pSignature, sizeof(pSignature), @@ -13972,13 +13978,13 @@ static int test_wc_RsaPSS_VerifyCheck (void) !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) RsaKey key; WC_RNG rng; - int sz = 128; /* 1024/8 */ + int sz = 256; /* 2048/8 */ byte* pt; byte digest[32]; word32 digestSz; - unsigned char pSignature[1024/8]; /* 2048 is RSA_KEY_SIZE */ + unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */ word32 pSignatureSz = sizeof(pSignature); - unsigned char pDecrypted[1024/8]; + unsigned char pDecrypted[2048/8]; word32 outLen = sizeof(pDecrypted); pt = pDecrypted; @@ -13996,7 +14002,7 @@ static int test_wc_RsaPSS_VerifyCheck (void) ret = wc_RsaSetRNG(&key, &rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); + ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng); } if (ret == 0) { digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256); @@ -14090,7 +14096,7 @@ static int test_wc_RsaPSS_VerifyCheckInline (void) ret = wc_RsaSetRNG(&key, &rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); + ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng); } if (ret == 0) { digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256); @@ -31718,7 +31724,7 @@ static void test_wolfSSL_DC_cert(void) #else AssertIntEQ(wc_InitRng(&rng), 0); #endif - AssertIntEQ(wc_MakeRsaKey(&key, 1024, 3, &rng), 0); + AssertIntEQ(wc_MakeRsaKey(&key, 2048, 3, &rng), 0); XMEMSET(&cert, 0 , sizeof(Cert)); diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 79e655aae..039ef9f72 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -421,6 +421,8 @@ void file_test(const char* file, byte* check) } ret = wc_Sha256Final(&sha256, shasum); + wc_Sha256Free(&sha256); + if (ret != 0) { printf("Can't wc_Sha256Final %d\n", ret); fclose(f); diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 85a32ed1e..4c4017ae5 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -7328,10 +7328,12 @@ static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a, if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf)) err = ECC_INF_E; #else + { (void)a; (void)prime; err = WC_KEY_SIZE_E; + } #endif } diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index a0747ae30..bd442bc39 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -682,7 +682,6 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash) ret = wc_CryptoCb_ShaHash(sha, NULL, 0, hash); if (ret != CRYPTOCB_UNAVAILABLE) return ret; - ret = 0; /* reset ret */ /* fall-through when unavailable */ } #endif diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index ff58cc4af..9c1b3b1cd 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2130,10 +2130,18 @@ extern void uITRON4_free(void *p) ; #define SIZEOF_LONG 8 #define SIZEOF_LONG_LONG 8 #define CHAR_BIT 8 - #define WOLFSSL_SP_DIV_64 - #define WOLFSSL_SP_DIV_WORD_HALF - #define SP_HALF_SIZE 32 - #define SP_HALF_MAX 4294967295U + #ifndef WOLFSSL_SP_DIV_64 + #define WOLFSSL_SP_DIV_64 + #endif + #ifndef WOLFSSL_SP_DIV_WORD_HALF + #define WOLFSSL_SP_DIV_WORD_HALF + #endif + #ifndef SP_HALF_SIZE + #define SP_HALF_SIZE 32 + #endif + #ifndef SP_HALF_MAX + #define SP_HALF_MAX 4294967295U + #endif #endif