feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3534 from douzzer/linuxkm-cryptonly

Browse Source 
--enable-linuxkm --enable-cryptonly
This commit is contained in:
toddouska
2020-12-14 15:14:54 -08:00
committed by GitHub
parent 428c6b4301 2804cb2521
commit 56e2c0e268
7 changed files with 701 additions and 509 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
configure.ac
View File

@@ -240,8 +240,8 @@ fi
# Single Precision maths implementation
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
then
ENABLED_SP_DEFAULT=small
ENABLED_SP_MATH_ALL_DEFAULT=small
ENABLED_SP_DEFAULT=yes
ENABLED_SP_MATH_ALL_DEFAULT=yes
else
ENABLED_SP_DEFAULT=no
ENABLED_SP_MATH_ALL_DEFAULT=no
@@ -2204,26 +2204,14 @@ then
fi
# STACK SIZE info for examples
# STACK SIZE info for testwolfcrypt and examples
AC_ARG_ENABLE([stacksize],
[AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])],
[ ENABLED_STACKSIZE=$enableval ],
[ ENABLED_STACKSIZE=no ]
)
# verbose, per-test stack size info, currently only implemented in testwolfcrypt
AC_ARG_ENABLE([stacksize-verbose],
[AS_HELP_STRING([--enable-stacksize-verbose],[Enable verbose stack size info on testwolfcrypt (default: disabled)])],
[ ENABLED_STACKSIZE_VERBOSE=$enableval ],
[ ENABLED_STACKSIZE_VERBOSE=no ]
)
if test "$ENABLED_STACKSIZE_VERBOSE" = "yes"
then
ENABLED_STACKSIZE=yes
fi
if test "$ENABLED_STACKSIZE" = "yes"
if test "$ENABLED_STACKSIZE" != "no"
then
AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
AC_CHECK_DECL([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
@@ -2232,13 +2220,14 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE"
fi
if test "$ENABLED_STACKSIZE_VERBOSE" = "yes"
if test "$ENABLED_STACKSIZE" = "verbose"
then
if test "$thread_ls_on" != "yes"
then
AC_MSG_ERROR(stacksize-verbose needs thread-local storage.)
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE_VERBOSE"
ENABLED_STACKSIZE=yes
fi

28
linuxkm/module_hooks.c
View File

@@ -37,11 +37,20 @@ static int __init wolfssl_init(void)
static int wolfssl_init(void)
#endif
{
int ret = wolfSSL_Init();
int ret;
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Init();
if (ret != 0) {
pr_err("wolfCrypt_Init() failed: %s", wc_GetErrorString(ret));
return -ENOTRECOVERABLE;
}
#else
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) {
pr_err("wolfSSL_Init() failed: %s", wc_GetErrorString(ret));
return -ENOTRECOVERABLE;
}
#endif
#ifndef NO_CRYPT_TEST
ret = wolfcrypt_test(NULL);
@@ -50,7 +59,11 @@ static int wolfssl_init(void)
msleep(10);
return -ENOTRECOVERABLE;
}
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " self-test passed. See https://www.wolfssl.com/ for information.\n");
pr_info("wolfCrypt self-test passed.\n");
#endif
#ifdef WOLFCRYPT_ONLY
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n");
#else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n");
#endif
@@ -68,11 +81,20 @@ static void __exit wolfssl_exit(void)
static void wolfssl_exit(void)
#endif
{
int ret = wolfSSL_Cleanup();
int ret;
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Cleanup();
if (ret != 0)
pr_err("wolfCrypt_Cleanup() failed: %s", wc_GetErrorString(ret));
else
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#else
ret = wolfSSL_Cleanup();
if (ret != WOLFSSL_SUCCESS)
pr_err("wolfSSL_Cleanup() failed: %s", wc_GetErrorString(ret));
else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#endif
return;
}

2
src/ssl.c
View File

@@ -46394,7 +46394,7 @@ int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn)
/* return compliant with OpenSSL
* 1 if BIGNUM is word, 0 else */
int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, unsigned long w)
int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
{
WOLFSSL_MSG("wolfSSL_BN_is_word");

538
wolfcrypt/src/dsa.c
View File

@@ -42,6 +42,11 @@
#include <wolfcrypt/src/misc.c>
#endif
#ifdef _MSC_VER
/* disable for while(0) cases (MSVC bug) */
#pragma warning(disable:4127)
#endif
int wc_InitDsaKey(DsaKey* key)
{
if (key == NULL)
@@ -682,242 +687,244 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
int ret = 0, sz = 0;
byte* tmp; /* initial output pointer */
do {
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
#else
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
#endif
{
ret = MP_INIT_E;
goto out;
}
{
ret = MP_INIT_E;
break;
}
#ifdef WOLFSSL_SMALL_STACK
if ((k == NULL) ||
(kInv == NULL) ||
(r == NULL) ||
(s == NULL) ||
(H == NULL)
if ((k == NULL) ||
(kInv == NULL) ||
(r == NULL) ||
(s == NULL) ||
(H == NULL)
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|| (b == NULL)
|| (b == NULL)
#endif
|| (buffer == NULL)) {
ret = MEMORY_E;
goto out;
}
|| (buffer == NULL)) {
ret = MEMORY_E;
break;
}
#endif
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
ret = BAD_FUNC_ARG;
goto out;
}
sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
tmp = out;
qMinus1 = kInv;
/* NIST FIPS 186-4: B.2.2
* Per-Message Secret Number Generation by Testing Candidates
* Generate k in range [1, q-1].
* Check that k is less than q-1: range [0, q-2].
* Add 1 to k: range [1, q-1].
*/
if (mp_sub_d(&key->q, 1, qMinus1)) {
ret = MP_SUB_E;
goto out;
}
do {
/* Step 4: generate k */
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
goto out;
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
ret = BAD_FUNC_ARG;
break;
}
/* Step 5 */
if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
tmp = out;
qMinus1 = kInv;
/* k is a random numnber and it should be less than q-1
* if k greater than repeat
/* NIST FIPS 186-4: B.2.2
* Per-Message Secret Number Generation by Testing Candidates
* Generate k in range [1, q-1].
* Check that k is less than q-1: range [0, q-2].
* Add 1 to k: range [1, q-1].
*/
/* Step 6 */
} while (mp_cmp(k, qMinus1) != MP_LT);
if (mp_sub_d(&key->q, 1, qMinus1)) {
ret = MP_SUB_E;
break;
}
/* Step 7 */
if (mp_add_d(k, 1, k) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
do {
/* Step 4: generate k */
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
break;
}
/* Step 5 */
if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) {
ret = MP_READ_E;
break;
}
/* k is a random numnber and it should be less than q-1
* if k greater than repeat
*/
/* Step 6 */
} while (mp_cmp(k, qMinus1) != MP_LT);
if (ret != 0)
break;
/* Step 7 */
if (mp_add_d(k, 1, k) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
/* inverse k mod q */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_INVMOD_E;
goto out;
}
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
goto out;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
/* generate H from sha digest */
if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
/* generate s, s = (kInv * (H + x*r)) % q */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
goto out;
}
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
goto out;
}
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
#else
/* Blinding value
* Generate b in range [1, q-1].
*/
do {
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
goto out;
/* inverse k mod q */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_INVMOD_E;
break;
}
if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) {
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
/* generate H from sha digest */
if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
break;
}
} while (mp_cmp(b, qMinus1) != MP_LT);
if (mp_add_d(b, 1, b) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
/* generate s, s = (kInv * (H + x*r)) % q */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
break;
}
/* set H from sha digest */
if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
break;
}
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
goto out;
}
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
#else
/* Blinding value
* Generate b in range [1, q-1].
*/
do {
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
break;
}
if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) {
ret = MP_READ_E;
break;
}
} while (mp_cmp(b, qMinus1) != MP_LT);
/* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */
if (ret != 0)
break;
/* k = k.b */
if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
if (mp_add_d(b, 1, b) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
/* kInv = 1/k.b mod q */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_INVMOD_E;
goto out;
}
/* set H from sha digest */
if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
break;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
/* s = x.r */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
goto out;
}
/* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */
/* s = x.r/k.b */
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
/* k = k.b */
if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* H = H/k.b */
if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
/* kInv = 1/k.b mod q */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_INVMOD_E;
break;
}
/* s = H/k.b + x.r/k.b = (H + x.r)/k.b */
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
goto out;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
/* s = b.(e + x.r)/k.b = (e + x.r)/k */
if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
/* s = x.r */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
break;
}
/* s = (e + x.r)/k */
if (mp_mod(s, &key->q, s) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
/* s = x.r/k.b */
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* H = H/k.b */
if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* s = H/k.b + x.r/k.b = (H + x.r)/k.b */
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
break;
}
/* s = b.(e + x.r)/k.b = (e + x.r)/k */
if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* s = (e + x.r)/k */
if (mp_mod(s, &key->q, s) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
#endif
/* detect zero r or s */
if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) {
ret = MP_ZERO_E;
goto out;
}
/* write out */
{
int rSz = mp_unsigned_bin_size(r);
int sSz = mp_unsigned_bin_size(s);
while (rSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */
/* detect zero r or s */
if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) {
ret = MP_ZERO_E;
break;
}
if (mp_to_unsigned_bin(r, out) != MP_OKAY)
ret = MP_TO_E;
else {
out = tmp + DSA_HALF_SIZE; /* advance to s in output */
while (sSz++ < DSA_HALF_SIZE) {
/* write out */
{
int rSz = mp_unsigned_bin_size(r);
int sSz = mp_unsigned_bin_size(s);
while (rSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */
}
ret = mp_to_unsigned_bin(s, out);
}
}
out:
if (mp_to_unsigned_bin(r, out) != MP_OKAY)
ret = MP_TO_E;
else {
out = tmp + DSA_HALF_SIZE; /* advance to s in output */
while (sSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */
}
ret = mp_to_unsigned_bin(s, out);
}
}
} while (0);
#ifdef WOLFSSL_SMALL_STACK
if (k) {
if (ret != MP_INIT_E) {
if (ret != MP_INIT_E)
mp_forcezero(k);
mp_clear(k);
}
XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (kInv) {
if (ret != MP_INIT_E) {
if (ret != MP_INIT_E)
mp_forcezero(kInv);
mp_clear(kInv);
}
XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (r) {
@@ -937,10 +944,8 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
}
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
if (b) {
if (ret != MP_INIT_E) {
if (ret != MP_INIT_E)
mp_forcezero(b);
mp_clear(b);
}
XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
@@ -955,13 +960,10 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
mp_forcezero(k);
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
mp_forcezero(b);
mp_clear(b);
#endif
mp_clear(H);
mp_clear(s);
mp_clear(r);
mp_clear(kInv);
mp_clear(k);
}
#endif
@@ -989,94 +991,94 @@ int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
#endif
int ret = 0;
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
ret = MP_INIT_E;
goto out;
}
do {
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
ret = MP_INIT_E;
break;
}
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
ret = BAD_FUNC_ARG;
goto out;
}
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
ret = BAD_FUNC_ARG;
break;
}
#ifdef WOLFSSL_SMALL_STACK
if ((w == NULL) ||
(u1 == NULL) ||
(u2 == NULL) ||
(v == NULL) ||
(r == NULL) ||
(s == NULL)) {
ret = MEMORY_E;
goto out;
}
if ((w == NULL) ||
(u1 == NULL) ||
(u2 == NULL) ||
(v == NULL) ||
(r == NULL) ||
(s == NULL)) {
ret = MEMORY_E;
break;
}
#endif
/* set r and s from signature */
if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY ||
mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
/* set r and s from signature */
if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY ||
mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) {
ret = MP_READ_E;
break;
}
/* sanity checks */
if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES ||
mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
ret = MP_ZERO_E;
goto out;
}
/* sanity checks */
if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES ||
mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
ret = MP_ZERO_E;
break;
}
/* put H into u1 from sha digest */
if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
/* put H into u1 from sha digest */
if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
break;
}
/* w = s invmod q */
if (mp_invmod(s, &key->q, w) != MP_OKAY) {
ret = MP_INVMOD_E;
goto out;
}
/* w = s invmod q */
if (mp_invmod(s, &key->q, w) != MP_OKAY) {
ret = MP_INVMOD_E;
break;
}
/* u1 = (H * w) % q */
if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
/* u1 = (H * w) % q */
if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* u2 = (r * w) % q */
if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
/* u2 = (r * w) % q */
if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* verify v = ((g^u1 * y^u2) mod p) mod q */
if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) {
ret = MP_EXPTMOD_E;
goto out;
}
/* verify v = ((g^u1 * y^u2) mod p) mod q */
if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) {
ret = MP_EXPTMOD_E;
goto out;
}
if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
if (mp_mod(v, &key->q, v) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
if (mp_mod(v, &key->q, v) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* do they match */
if (mp_cmp(r, v) == MP_EQ)
*answer = 1;
else
*answer = 0;
out:
/* do they match */
if (mp_cmp(r, v) == MP_EQ)
*answer = 1;
else
*answer = 0;
} while (0);
#ifdef WOLFSSL_SMALL_STACK
if (s) {

105
wolfcrypt/src/ecc.c
View File

@@ -6593,8 +6593,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
if (err == MP_OKAY) {
if ((err = mp_init_multi(v, w, u1, u2, NULL, NULL)) != MP_OKAY) {
err = MEMORY_E;
} else {
did_init = 1;
}
did_init = 1;
}
/* allocate points */
@@ -9662,11 +9663,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
{
int idx1 = -1, idx2 = -1, err, mpInit = 0;
mp_digit mp;
mp_int mu;
#ifdef WOLFSSL_SMALL_STACK
mp_int *mu = (mp_int *)XMALLOC(sizeof *mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
err = mp_init(&mu);
if (err != MP_OKAY)
if (mu == NULL)
return MP_MEM;
#else
mp_int mu[1];
#endif
err = mp_init(mu);
if (err != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return err;
}
#ifndef HAVE_THREAD_LS
if (initMutex == 0) { /* extra sanity check if wolfCrypt_Init not called */
@@ -9674,8 +9686,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
initMutex = 1;
}
if (wc_LockMutex(&ecc_fp_lock) != 0)
if (wc_LockMutex(&ecc_fp_lock) != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return BAD_MUTEX_E;
}
#endif /* HAVE_THREAD_LS */
/* find point */
@@ -9718,12 +9734,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
if (err == MP_OKAY) {
mpInit = 1;
err = mp_montgomery_calc_normalization(&mu, modulus);
err = mp_montgomery_calc_normalization(mu, modulus);
}
if (err == MP_OKAY)
/* build the LUT */
err = build_lut(idx1, a, modulus, mp, &mu);
err = build_lut(idx1, a, modulus, mp, mu);
}
}
@@ -9735,13 +9751,13 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
err = mp_montgomery_setup(modulus, &mp);
if (err == MP_OKAY) {
mpInit = 1;
err = mp_montgomery_calc_normalization(&mu, modulus);
err = mp_montgomery_calc_normalization(mu, modulus);
}
}
if (err == MP_OKAY)
/* build the LUT */
err = build_lut(idx2, a, modulus, mp, &mu);
err = build_lut(idx2, a, modulus, mp, mu);
}
}
@@ -9763,7 +9779,10 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
#ifndef HAVE_THREAD_LS
wc_UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */
mp_clear(&mu);
mp_clear(mu);
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return err;
}
@@ -10805,7 +10824,17 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
mp_int *T = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
mp_int *R = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
mp_int *two = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
#else
mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1];
#endif
if ((mp_init_multi(t1, C, Q, S, Z, M) != MP_OKAY) ||
(mp_init_multi(T, R, two, NULL, NULL, NULL) != MP_OKAY)) {
res = MP_INIT_E;
goto out;
}
#ifdef WOLFSSL_SMALL_STACK
if ((t1 == NULL) ||
(C == NULL) ||
(Q == NULL) ||
@@ -10818,8 +10847,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
res = MP_MEM;
goto out;
}
#else
mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1];
#endif
/* first handle the simple cases n = 0 or n = 1 */
@@ -10848,13 +10875,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
goto out;
}
if ((res = mp_init_multi(t1, C, Q, S, Z, M)) != MP_OKAY)
goto out;
if ((res = mp_init_multi(T, R, two, NULL, NULL, NULL))
!= MP_OKAY)
goto out;
/* SPECIAL CASE: if prime mod 4 == 3
* compute directly: res = n^(prime+1)/4 mod prime
* Handbook of Applied Cryptography algorithm 3.36
@@ -10989,51 +11009,62 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
#ifdef WOLFSSL_SMALL_STACK
if (t1) {
mp_clear(t1);
if (res != MP_INIT_E)
mp_clear(t1);
XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (C) {
mp_clear(C);
if (res != MP_INIT_E)
mp_clear(C);
XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (Q) {
mp_clear(Q);
if (res != MP_INIT_E)
mp_clear(Q);
XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (S) {
mp_clear(S);
if (res != MP_INIT_E)
mp_clear(S);
XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (Z) {
mp_clear(Z);
if (res != MP_INIT_E)
mp_clear(Z);
XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (M) {
mp_clear(M);
if (res != MP_INIT_E)
mp_clear(M);
XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (T) {
mp_clear(T);
if (res != MP_INIT_E)
mp_clear(T);
XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (R) {
mp_clear(R);
if (res != MP_INIT_E)
mp_clear(R);
XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
if (two) {
mp_clear(two);
if (res != MP_INIT_E)
mp_clear(two);
XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER);
}
#else
mp_clear(t1);
mp_clear(C);
mp_clear(Q);
mp_clear(S);
mp_clear(Z);
mp_clear(M);
mp_clear(T);
mp_clear(R);
mp_clear(two);
if (res != MP_INIT_E) {
mp_clear(t1);
mp_clear(C);
mp_clear(Q);
mp_clear(S);
mp_clear(Z);
mp_clear(M);
mp_clear(T);
mp_clear(R);
mp_clear(two);
}
#endif
return res;

474
wolfcrypt/test/test.c
View File

@@ -33,14 +33,25 @@
#ifndef NO_CRYPT_TEST
/* only for stack size check */
#ifdef HAVE_STACK_SIZE
#if defined(HAVE_STACK_SIZE) && !defined(HAVE_WOLFCRYPT_TEST_OPTIONS)
#define HAVE_WOLFCRYPT_TEST_OPTIONS
#endif
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
#include <wolfssl/ssl.h>
#define err_sys err_sys_remap /* remap err_sys */
#include <wolfssl/test.h>
#undef err_sys
#endif
#if defined(HAVE_STACK_SIZE_VERBOSE)
#ifdef WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES
static ssize_t max_relative_stack = WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
#else
#define STACK_SIZE_CHECKPOINT(...) (__VA_ARGS__)
static ssize_t max_relative_stack = -1;
#endif
#else
#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) (__VA_ARGS__, 0)
#define STACK_SIZE_INIT()
#endif
@@ -468,14 +479,14 @@ static int err_sys(const char* msg, int es)
EXIT_TEST(-1);
}
#ifndef HAVE_STACK_SIZE
#ifndef HAVE_WOLFCRYPT_TEST_OPTIONS
/* func_args from test.h, so don't have to pull in other stuff */
typedef struct func_args {
int argc;
char** argv;
int return_code;
} func_args;
#endif /* !HAVE_STACK_SIZE */
#endif /* !HAVE_WOLFCRYPT_TEST_OPTIONS */
#ifdef HAVE_FIPS
@@ -529,13 +540,13 @@ static int wolfssl_pb_print(const char* msg, ...)
{
va_list args;
va_start(args, fmt);
STACK_SIZE_CHECKPOINT(printf(fmt, args));
STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, vprintf(fmt, args));
va_end(args);
TEST_SLEEP();
}
#else
/* redirect to printf */
#define test_pass(...) STACK_SIZE_CHECKPOINT(printf(__VA_ARGS__))
#define test_pass(...) { if (STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, printf(__VA_ARGS__)) < 0) { return err_sys("post-test check failed", -1); }}
/* stub the sleep macro */
#define TEST_SLEEP()
#endif
@@ -553,13 +564,32 @@ int wolfcrypt_test(void* args)
printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING);
printf("------------------------------------------------------------------------------\n");
if (args)
if (args) {
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
int ch;
#endif
((func_args*)args)->return_code = -1; /* error state */
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
while ((ch = mygetopt(((func_args*)args)->argc, ((func_args*)args)->argv, "s:")) != -1) {
switch(ch) {
case 's':
#ifdef HAVE_STACK_SIZE_VERBOSE
max_relative_stack = (ssize_t)atoi(myoptarg);
break;
#else
return err_sys("-s (max relative stack size) requires HAVE_STACK_SIZE_VERBOSE.", -1);
#endif
default:
return err_sys("unknown test option.", -1);
}
}
#endif
}
#ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT, gTestMemory, sizeof(gTestMemory),
WOLFMEM_GENERAL, 1) != 0) {
printf("unable to load static memory");
printf("unable to load static memory.\n");
return(EXIT_FAILURE);
}
#endif
@@ -1261,6 +1291,12 @@ initDefaultName();
#ifdef WOLFSSL_ESPIDF
void app_main( )
#else
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
int myoptind = 0;
char* myoptarg = NULL;
#endif
int main(int argc, char** argv)
#endif
{
@@ -7968,10 +8004,18 @@ static int aes_cbc_test(void)
static int aes_test(void)
{
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes enc;
#ifdef WOLFSSL_SMALL_STACK
Aes *enc = (Aes *)XMALLOC(sizeof *enc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#else
Aes enc[1];
#endif
byte cipher[AES_BLOCK_SIZE * 4];
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes dec;
#ifdef WOLFSSL_SMALL_STACK
Aes *dec = (Aes *)XMALLOC(sizeof *dec, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#else
Aes dec[1];
#endif
byte plain [AES_BLOCK_SIZE * 4];
#endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER */
@@ -7991,45 +8035,57 @@ static int aes_test(void)
0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
};
byte key[] = "0123456789abcdef "; /* align */
byte iv[] = "1234567890abcdef "; /* align */
static const byte key[] = "0123456789abcdef "; /* align */
static const byte iv[] = "1234567890abcdef "; /* align */
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
return -5900;
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
return -5901;
#ifdef WOLFSSL_SMALL_STACK
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
if (enc == NULL)
ERROR_OUT(-5948, out);
#endif
ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret != 0)
return -5902;
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
if (dec == NULL)
ERROR_OUT(-5949, out);
#endif
#endif
if (wc_AesInit(enc, HEAP_HINT, devId) != 0)
ERROR_OUT(-5900, out); /* note this error code is used programmatically in cleanup. */
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
ret = wc_AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
if (wc_AesInit(dec, HEAP_HINT, devId) != 0)
ERROR_OUT(-5901, out); /* note this error code is used programmatically in cleanup. */
#endif
ret = wc_AesSetKey(enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret != 0)
return -5903;
ERROR_OUT(-5902, out);
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
ret = wc_AesSetKey(dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(-5903, out);
#endif
XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
ret = wc_AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE);
ret = wc_AesCbcEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5904;
ERROR_OUT(-5904, out);
#ifdef HAVE_AES_DECRYPT
XMEMSET(plain, 0, AES_BLOCK_SIZE * 4);
ret = wc_AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
ret = wc_AesCbcDecrypt(dec, plain, cipher, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5905;
ERROR_OUT(-5905, out);
if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
return -5906;
ERROR_OUT(-5906, out);
#endif /* HAVE_AES_DECRYPT */
if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
return -5907;
ERROR_OUT(-5907, out);
#endif /* WOLFSSL_AES_128 */
#if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT)
@@ -8086,9 +8142,21 @@ static int aes_test(void)
0x65,0x73,0x20,0x4a,0x61,0x63,0x6b,0x20
};
static const byte bigKey[] = "0123456789abcdeffedcba9876543210";
word32 keySz, msgSz;
#ifdef WOLFSSL_SMALL_STACK
byte *bigCipher = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER);
byte *bigPlain = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if ((bigCipher == NULL) ||
(bigPlain == NULL)) {
if (bigCipher != NULL)
XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ERROR_OUT(-5947, out);
}
#else
byte bigCipher[sizeof(bigMsg)];
byte bigPlain[sizeof(bigMsg)];
word32 keySz, msgSz;
#endif
/* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole
* message by AES_BLOCK_SIZE for each size of AES key. */
@@ -8097,33 +8165,53 @@ static int aes_test(void)
msgSz <= sizeof(bigMsg);
msgSz += AES_BLOCK_SIZE) {
XMEMSET(bigCipher, 0, sizeof(bigCipher));
XMEMSET(bigPlain, 0, sizeof(bigPlain));
ret = wc_AesSetKey(&enc, bigKey, keySz, iv, AES_ENCRYPTION);
if (ret != 0)
return -5908;
ret = wc_AesSetKey(&dec, bigKey, keySz, iv, AES_DECRYPTION);
if (ret != 0)
return -5909;
XMEMSET(bigCipher, 0, sizeof(bigMsg));
XMEMSET(bigPlain, 0, sizeof(bigMsg));
ret = wc_AesSetKey(enc, bigKey, keySz, iv, AES_ENCRYPTION);
if (ret != 0) {
ret = -5908;
break;
}
ret = wc_AesSetKey(dec, bigKey, keySz, iv, AES_DECRYPTION);
if (ret != 0) {
ret = -5909;
break;
}
ret = wc_AesCbcEncrypt(&enc, bigCipher, bigMsg, msgSz);
ret = wc_AesCbcEncrypt(enc, bigCipher, bigMsg, msgSz);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5910;
if (ret != 0) {
ret = -5910;
break;
}
ret = wc_AesCbcDecrypt(&dec, bigPlain, bigCipher, msgSz);
ret = wc_AesCbcDecrypt(dec, bigPlain, bigCipher, msgSz);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5911;
if (ret != 0) {
ret = -5911;
break;
}
if (XMEMCMP(bigPlain, bigMsg, msgSz))
return -5912;
if (XMEMCMP(bigPlain, bigMsg, msgSz)) {
ret = -5912;
break;
}
}
if (ret != 0)
break;
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(bigPlain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ret != 0)
goto out;
}
#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
@@ -8148,64 +8236,64 @@ static int aes_test(void)
0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2
};
byte key2[] = {
static const byte key2[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
};
byte iv2[] = {
static const byte iv2[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
ret = wc_AesSetKey(&enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
if (ret != 0)
return -5913;
ERROR_OUT(-5913, out);
XMEMSET(cipher, 0, AES_BLOCK_SIZE * 2);
ret = wc_AesCbcEncrypt(&enc, cipher, msg2, AES_BLOCK_SIZE);
ret = wc_AesCbcEncrypt(enc, cipher, msg2, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5914;
ERROR_OUT(-5914, out);
if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE))
return -5915;
ERROR_OUT(-5915, out);
ret = wc_AesCbcEncrypt(&enc, cipher + AES_BLOCK_SIZE,
ret = wc_AesCbcEncrypt(enc, cipher + AES_BLOCK_SIZE,
msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5916;
ERROR_OUT(-5916, out);
if (XMEMCMP(cipher + AES_BLOCK_SIZE, verify2 + AES_BLOCK_SIZE,
AES_BLOCK_SIZE))
return -5917;
ERROR_OUT(-5917, out);
#if defined(HAVE_AES_DECRYPT)
ret = wc_AesSetKey(&dec, key2, sizeof(key2), iv2, AES_DECRYPTION);
ret = wc_AesSetKey(dec, key2, sizeof(key2), iv2, AES_DECRYPTION);
if (ret != 0)
return -5918;
ERROR_OUT(-5918, out);
XMEMSET(plain, 0, AES_BLOCK_SIZE * 2);
ret = wc_AesCbcDecrypt(&dec, plain, verify2, AES_BLOCK_SIZE);
ret = wc_AesCbcDecrypt(dec, plain, verify2, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5919;
ERROR_OUT(-5919, out);
if (XMEMCMP(plain, msg2, AES_BLOCK_SIZE))
return -5920;
ERROR_OUT(-5920, out);
ret = wc_AesCbcDecrypt(&dec, plain + AES_BLOCK_SIZE,
ret = wc_AesCbcDecrypt(dec, plain + AES_BLOCK_SIZE,
verify2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
return -5921;
ERROR_OUT(-5921, out);
if (XMEMCMP(plain + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE,
AES_BLOCK_SIZE))
return -5922;
ERROR_OUT(-5922, out);
#endif /* HAVE_AES_DECRYPT */
}
@@ -8304,113 +8392,113 @@ static int aes_test(void)
#endif
#ifdef WOLFSSL_AES_128
wc_AesSetKeyDirect(&enc, ctr128Key, sizeof(ctr128Key),
wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr128Key, sizeof(ctr128Key),
wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
ctrIv, AES_ENCRYPTION);
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(ctrPlain));
ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) {
return -5923;
ERROR_OUT(-5923, out);
}
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(ctrPlain));
ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctrPlain));
if (ret != 0) {
return -5924;
ERROR_OUT(-5924, out);
}
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
return -5925;
ERROR_OUT(-5925, out);
if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher)))
return -5926;
ERROR_OUT(-5926, out);
/* let's try with just 9 bytes, non block size test */
wc_AesSetKeyDirect(&enc, ctr128Key, AES_BLOCK_SIZE,
wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE,
ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr128Key, AES_BLOCK_SIZE,
wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE,
ctrIv, AES_ENCRYPTION);
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher));
ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
if (ret != 0) {
return -5927;
ERROR_OUT(-5927, out);
}
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher));
ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
if (ret != 0) {
return -5928;
ERROR_OUT(-5928, out);
}
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
return -5929;
ERROR_OUT(-5929, out);
if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher)))
return -5930;
ERROR_OUT(-5930, out);
/* and an additional 9 bytes to reuse tmp left buffer */
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher));
ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
if (ret != 0) {
return -5931;
ERROR_OUT(-5931, out);
}
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher));
ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
if (ret != 0) {
return -5932;
ERROR_OUT(-5932, out);
}
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
return -5933;
ERROR_OUT(-5933, out);
if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher)))
return -5934;
ERROR_OUT(-5934, out);
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
/* 192 bit key */
wc_AesSetKeyDirect(&enc, ctr192Key, sizeof(ctr192Key),
wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr192Key, sizeof(ctr192Key),
wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
ctrIv, AES_ENCRYPTION);
XMEMSET(plain, 0, sizeof(plain));
ret = wc_AesCtrEncrypt(&enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
ret = wc_AesCtrEncrypt(enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
if (ret != 0) {
return -5935;
ERROR_OUT(-5935, out);
}
if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher)))
return -5936;
ERROR_OUT(-5936, out);
ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain));
ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) {
return -5937;
ERROR_OUT(-5937, out);
}
if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher)))
return -5938;
ERROR_OUT(-5938, out);
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
/* 256 bit key */
wc_AesSetKeyDirect(&enc, ctr256Key, sizeof(ctr256Key),
wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr256Key, sizeof(ctr256Key),
wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
ctrIv, AES_ENCRYPTION);
XMEMSET(plain, 0, sizeof(plain));
ret = wc_AesCtrEncrypt(&enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
ret = wc_AesCtrEncrypt(enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
if (ret != 0) {
return -5939;
ERROR_OUT(-5939, out);
}
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
return -5940;
ERROR_OUT(-5940, out);
ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain));
ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) {
return -5941;
ERROR_OUT(-5941, out);
}
if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher)))
return -5942;
ERROR_OUT(-5942, out);
#endif /* WOLFSSL_AES_256 */
}
#endif /* WOLFSSL_AES_COUNTER */
@@ -8438,77 +8526,101 @@ static int aes_test(void)
};
XMEMSET(cipher, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
if (ret != 0)
return -5943;
wc_AesEncryptDirect(&enc, cipher, niPlain);
ERROR_OUT(-5943, out);
wc_AesEncryptDirect(enc, cipher, niPlain);
if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
return -5944;
ERROR_OUT(-5944, out);
XMEMSET(plain, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
if (ret != 0)
return -5945;
wc_AesDecryptDirect(&dec, plain, niCipher);
ERROR_OUT(-5945, out);
wc_AesDecryptDirect(dec, plain, niCipher);
if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
return -5946;
ERROR_OUT(-5946, out);
}
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
ret = aes_key_size_test();
if (ret != 0)
return ret;
goto out;
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
ret = aes_cbc_test();
if (ret != 0)
return ret;
goto out;
#endif
#if defined(WOLFSSL_AES_XTS)
#ifdef WOLFSSL_AES_128
ret = aes_xts_128_test();
if (ret != 0)
return ret;
goto out;
#endif
#ifdef WOLFSSL_AES_256
ret = aes_xts_256_test();
if (ret != 0)
return ret;
goto out;
#endif
#if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
ret = aes_xts_sector_test();
if (ret != 0)
return ret;
goto out;
#endif
#ifdef WOLFSSL_AES_128
ret = aes_xts_args_test();
if (ret != 0)
return ret;
goto out;
#endif
#endif
#if defined(WOLFSSL_AES_CFB)
ret = aescfb_test();
if (ret != 0)
return ret;
goto out;
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
ret = aescfb1_test();
if (ret != 0)
return ret;
goto out;
ret = aescfb8_test();
if (ret != 0)
return ret;
goto out;
#endif
#endif
out:
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER)
wc_AesFree(&enc);
#ifdef WOLFSSL_SMALL_STACK
if (enc) {
if (ret != -5900) /* note this must match ERRROR_OUT() code
* for wc_AesInit(enc, ...) failure above.
*/
wc_AesFree(enc);
XFREE(enc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
if (ret != -5900)
wc_AesFree(enc);
#endif
(void)cipher;
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
wc_AesFree(&dec);
#ifdef WOLFSSL_SMALL_STACK
if (dec) {
if ((ret != -5900) && (ret != -5901))
/* note these codes must match the ERRROR_OUT() codes for
* wc_AesInit() failures above.
*/
wc_AesFree(dec);
XFREE(dec, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
if ((ret != -5900) && (ret != -5901))
wc_AesFree(dec);
#endif
(void)plain;
#endif
#endif
@@ -27004,17 +27116,16 @@ typedef struct {
} pkcs7AuthEnvelopedVector;
#ifndef WOLFSSL_LINUXKM
static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
byte* rsaPrivKey, word32 rsaPrivKeySz,
byte* eccCert, word32 eccCertSz,
byte* eccPrivKey, word32 eccPrivKeySz)
{
int ret = 0, testSz, i;
int ret = 0, testSz = 0, i;
int envelopedSz, decodedSz;
byte *enveloped;
byte *decoded;
byte *enveloped = NULL;
byte *decoded = NULL;
WC_RNG rng;
PKCS7* pkcs7;
#ifdef PKCS7_OUTPUT_TEST_BUNDLES
@@ -27027,7 +27138,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
};
byte senderNonce[PKCS7_NONCE_SZ + 2];
#ifdef HAVE_ECC
byte senderNonceOid[] =
static const byte senderNonceOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x05 };
@@ -27040,20 +27151,20 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \
defined(WOLFSSL_SHA512)
byte optionalUkm[] = {
static const byte optionalUkm[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
};
#endif /* NO_AES */
#if !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
/* encryption key for kekri recipient types */
byte secretKey[] = {
static const byte secretKey[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
};
/* encryption key identifier */
byte secretKeyId[] = {
static const byte secretKeyId[] = {
0x02,0x02,0x03,0x04
};
#endif
@@ -27062,58 +27173,76 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
!defined(NO_SHA) && defined(WOLFSSL_AES_128)
#ifndef HAVE_FIPS
char password[] = "password";
static const char password[] = "password";
#else
char password[] = "passwordFIPS_MODE";
static const char password[] = "passwordFIPS_MODE";
#endif
byte salt[] = {
static const byte salt[] = {
0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12
};
#endif
const pkcs7AuthEnvelopedVector testVectors[] =
pkcs7AuthEnvelopedVector *testVectors = NULL;
{
#define ADD_PKCS7_TEST_VEC(...) { \
const pkcs7AuthEnvelopedVector vec = __VA_ARGS__; \
testVectors = (pkcs7AuthEnvelopedVector *) \
XREALLOC(testVectors, \
sizeof *testVectors * (testSz + 1), \
HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); \
if (testVectors == NULL) \
ERROR_OUT(-12233, out); \
XMEMCPY(&testVectors[testSz++], &vec, sizeof *testVectors); \
}
/* key transport key encryption technique */
#ifndef NO_RSA
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES128GCM.der"},
0, 0, "pkcs7authEnvelopedDataAES128GCM.der"});
#endif
#ifdef WOLFSSL_AES_192
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES192GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES192GCM.der"},
0, 0, "pkcs7authEnvelopedDataAES192GCM.der"});
#endif
#ifdef WOLFSSL_AES_256
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES256GCM.der"},
0, 0, "pkcs7authEnvelopedDataAES256GCM.der"});
/* test with contentType set to FirmwarePkgData */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, 0, 0,
rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL,
0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL,
0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"},
"pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"});
/* explicitly using SKID for SubjectKeyIdentifier */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_SKID, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0,
0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"},
0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"});
/* explicitly using IssuerAndSerialNumber for SubjectKeyIdentifier */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0,
CMS_ISSUER_AND_SERIAL_NUMBER, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_IANDS.der"},
"pkcs7authEnvelopedDataAES256GCM_IANDS.der"});
#endif
#endif /* NO_AES */
#endif
@@ -27122,72 +27251,80 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#ifdef HAVE_ECC
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP,
dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"},
"pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"});
#endif
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_256)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"});
/* with authenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"});
/* with unauthenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, attribs,
(sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"});
/* with authenticated AND unauthenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"});
/* with authenticated AND unauthenticated attributes AND
* contentType of FirmwarePkgData */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"});
#endif /* NO_SHA256 && WOLFSSL_AES_256 */
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL,
NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"});
/* with optional user keying material (ukm) */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, optionalUkm, sizeof(optionalUkm), 0,
eccPrivKeySz, NULL, 0, NULL, 0, (byte *)optionalUkm, sizeof(optionalUkm), 0,
0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"},
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"});
#endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */
#endif /* NO_AES */
#endif
@@ -27195,35 +27332,38 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
/* kekri (KEKRecipientInfo) recipient types */
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0,
secretKey, sizeof(secretKey), secretKeyId, sizeof(secretKeyId),
(byte *)secretKey, sizeof(secretKey), (byte *)secretKeyId, sizeof(secretKeyId),
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_KEKRI.der"},
"pkcs7authEnvelopedDataAES128GCM_KEKRI.der"});
#endif
#endif
/* pwri (PasswordRecipientInfo) recipient types */
#if !defined(NO_PWDBASED) && !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, password,
(word32)XSTRLEN(password), salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5,
AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"},
NULL, 0, NULL, NULL, 0, NULL, 0, 0, (char *)password,
(word32)XSTRLEN(password), (byte *)salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5,
AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"});
#endif
#endif
#if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128
/* ori (OtherRecipientInfo) recipient types */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0,
"pkcs7authEnvelopedDataAES128GCM_ORI.der"},
"pkcs7authEnvelopedDataAES128GCM_ORI.der"});
#endif
#endif
};
}
enveloped = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
decoded = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -27231,9 +27371,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
ERROR_OUT(-12210, out);
}
testSz = sizeof(testVectors) / sizeof(pkcs7AuthEnvelopedVector);
/* generate senderNonce */
{
#ifndef HAVE_FIPS
@@ -27510,6 +27647,8 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#endif
out:
if (testVectors)
XFREE(testVectors, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (enveloped)
XFREE(enveloped, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (decoded)
@@ -27517,7 +27656,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
return ret;
}
#endif /* ! WOLFSSL_LINUXKM */
static int pkcs7authenveloped_test(void)
{
@@ -27590,12 +27728,10 @@ static int pkcs7authenveloped_test(void)
return -12304;
}
#ifndef WOLFSSL_LINUXKM
ret = pkcs7authenveloped_run_vectors(rsaCert, (word32)rsaCertSz,
rsaPrivKey, (word32)rsaPrivKeySz,
eccCert, (word32)eccCertSz,
eccPrivKey, (word32)eccPrivKeySz);
#endif
#ifndef NO_RSA
XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);

40
wolfssl/test.h
View File

@@ -2049,7 +2049,7 @@ struct stack_size_debug_context {
*
* enable with
*
* CFLAGS='-g -DHAVE_STACK_SIZE_VERBOSE' ./configure --enable-stacksize [...]
* ./configure --enable-stacksize=verbose [...]
*/
static void *debug_stack_size_verbose_shim(struct stack_size_debug_context *shim_args) {
@@ -2123,12 +2123,24 @@ int StackSizeHWMReset(void)
#define STACK_SIZE_CHECKPOINT(...) ({ \
ssize_t HWM = StackSizeHWM_OffsetCorrected(); \
int _ret = (__VA_ARGS__); \
printf("relative stack used = %ld\n", HWM); \
StackSizeHWMReset(); \
_ret; \
__VA_ARGS__; \
printf("relative stack used = %ld\n", HWM); \
StackSizeHWMReset(); \
})
#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) ({ \
ssize_t HWM = StackSizeHWM_OffsetCorrected(); \
__VA_ARGS__; \
printf("relative stack used = %ld\n", HWM); \
int _ret = StackSizeHWMReset(); \
if ((max >= 0) && (HWM > (ssize_t)(max))) { \
printf("relative stack usage at %s L%d exceeds designated max %ld.\n", __FILE__, __LINE__, (ssize_t)(max)); \
_ret = -1; \
} \
_ret; \
})
#ifdef __GNUC__
#define STACK_SIZE_INIT() (void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0))
#endif
@@ -2144,6 +2156,9 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf)
size_t stackSize = 1024*1024;
pthread_attr_t myAttr;
pthread_t threadId;
#ifdef HAVE_STACK_SIZE_VERBOSE
struct stack_size_debug_context shim_args;
#endif
#ifdef PTHREAD_STACK_MIN
if (stackSize < PTHREAD_STACK_MIN)
@@ -2166,15 +2181,12 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf)
#ifdef HAVE_STACK_SIZE_VERBOSE
StackSizeCheck_stackSizeHWM = 0;
{
struct stack_size_debug_context shim_args;
shim_args.myStack = myStack;
shim_args.stackSize = stackSize;
shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM;
shim_args.fn = tf;
shim_args.args = args;
ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args);
}
shim_args.myStack = myStack;
shim_args.stackSize = stackSize;
shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM;
shim_args.fn = tf;
shim_args.args = args;
ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args);
#else
ret = pthread_create(&threadId, &myAttr, tf, args);
#endif