feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3534 from douzzer/linuxkm-cryptonly

Browse Source 
--enable-linuxkm --enable-cryptonly
This commit is contained in:
toddouska
2020-12-14 15:14:54 -08:00
committed by GitHub
parent 428c6b4301 2804cb2521
commit 56e2c0e268
7 changed files with 701 additions and 509 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
configure.ac
View File

@@ -240,8 +240,8 @@ fi
# Single Precision maths implementation # Single Precision maths implementation
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
then then
ENABLED_SP_DEFAULT=small ENABLED_SP_DEFAULT=yes
ENABLED_SP_MATH_ALL_DEFAULT=small ENABLED_SP_MATH_ALL_DEFAULT=yes
else else
ENABLED_SP_DEFAULT=no ENABLED_SP_DEFAULT=no
ENABLED_SP_MATH_ALL_DEFAULT=no ENABLED_SP_MATH_ALL_DEFAULT=no
@@ -2204,26 +2204,14 @@ then
fi fi
# STACK SIZE info for examples # STACK SIZE info for testwolfcrypt and examples
AC_ARG_ENABLE([stacksize], AC_ARG_ENABLE([stacksize],
[AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])], [AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])],
[ ENABLED_STACKSIZE=$enableval ], [ ENABLED_STACKSIZE=$enableval ],
[ ENABLED_STACKSIZE=no ] [ ENABLED_STACKSIZE=no ]
) )
# verbose, per-test stack size info, currently only implemented in testwolfcrypt if test "$ENABLED_STACKSIZE" != "no"
AC_ARG_ENABLE([stacksize-verbose],
[AS_HELP_STRING([--enable-stacksize-verbose],[Enable verbose stack size info on testwolfcrypt (default: disabled)])],
[ ENABLED_STACKSIZE_VERBOSE=$enableval ],
[ ENABLED_STACKSIZE_VERBOSE=no ]
)
if test "$ENABLED_STACKSIZE_VERBOSE" = "yes"
then
ENABLED_STACKSIZE=yes
fi
if test "$ENABLED_STACKSIZE" = "yes"
then then
AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
AC_CHECK_DECL([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) AC_CHECK_DECL([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)])
@@ -2232,13 +2220,14 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE" AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE"
fi fi
if test "$ENABLED_STACKSIZE_VERBOSE" = "yes" if test "$ENABLED_STACKSIZE" = "verbose"
then then
if test "$thread_ls_on" != "yes" if test "$thread_ls_on" != "yes"
then then
AC_MSG_ERROR(stacksize-verbose needs thread-local storage.) AC_MSG_ERROR(stacksize-verbose needs thread-local storage.)
fi fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE_VERBOSE" AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE_VERBOSE"
ENABLED_STACKSIZE=yes
fi fi

28
linuxkm/module_hooks.c
View File

@@ -37,11 +37,20 @@ static int __init wolfssl_init(void)
static int wolfssl_init(void) static int wolfssl_init(void)
#endif #endif
{ {
int ret = wolfSSL_Init(); int ret;
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Init();
if (ret != 0) {
pr_err("wolfCrypt_Init() failed: %s", wc_GetErrorString(ret));
return -ENOTRECOVERABLE;
}
#else
ret = wolfSSL_Init();
if (ret != WOLFSSL_SUCCESS) { if (ret != WOLFSSL_SUCCESS) {
pr_err("wolfSSL_Init() failed: %s", wc_GetErrorString(ret)); pr_err("wolfSSL_Init() failed: %s", wc_GetErrorString(ret));
return -ENOTRECOVERABLE; return -ENOTRECOVERABLE;
} }
#endif
#ifndef NO_CRYPT_TEST #ifndef NO_CRYPT_TEST
ret = wolfcrypt_test(NULL); ret = wolfcrypt_test(NULL);
@@ -50,7 +59,11 @@ static int wolfssl_init(void)
msleep(10); msleep(10);
return -ENOTRECOVERABLE; return -ENOTRECOVERABLE;
} }
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " self-test passed. See https://www.wolfssl.com/ for information.\n"); pr_info("wolfCrypt self-test passed.\n");
#endif
#ifdef WOLFCRYPT_ONLY
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n");
#else #else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n"); pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n");
#endif #endif
@@ -68,11 +81,20 @@ static void __exit wolfssl_exit(void)
static void wolfssl_exit(void) static void wolfssl_exit(void)
#endif #endif
{ {
int ret = wolfSSL_Cleanup(); int ret;
#ifdef WOLFCRYPT_ONLY
ret = wolfCrypt_Cleanup();
if (ret != 0)
pr_err("wolfCrypt_Cleanup() failed: %s", wc_GetErrorString(ret));
else
pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#else
ret = wolfSSL_Cleanup();
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
pr_err("wolfSSL_Cleanup() failed: %s", wc_GetErrorString(ret)); pr_err("wolfSSL_Cleanup() failed: %s", wc_GetErrorString(ret));
else else
pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n"); pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n");
#endif
return; return;
} }

2
src/ssl.c
View File

@@ -46394,7 +46394,7 @@ int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn)
/* return compliant with OpenSSL /* return compliant with OpenSSL
* 1 if BIGNUM is word, 0 else */ * 1 if BIGNUM is word, 0 else */
int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, unsigned long w) int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
{ {
WOLFSSL_MSG("wolfSSL_BN_is_word"); WOLFSSL_MSG("wolfSSL_BN_is_word");

538
wolfcrypt/src/dsa.c
View File

@@ -42,6 +42,11 @@
#include <wolfcrypt/src/misc.c> #include <wolfcrypt/src/misc.c>
#endif #endif
#ifdef _MSC_VER
/* disable for while(0) cases (MSVC bug) */
#pragma warning(disable:4127)
#endif
int wc_InitDsaKey(DsaKey* key) int wc_InitDsaKey(DsaKey* key)
{ {
if (key == NULL) if (key == NULL)
@@ -682,242 +687,244 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
int ret = 0, sz = 0; int ret = 0, sz = 0;
byte* tmp; /* initial output pointer */ byte* tmp; /* initial output pointer */
do {
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME #ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY) if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
#else #else
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY) if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
#endif #endif
{ {
ret = MP_INIT_E; ret = MP_INIT_E;
goto out; break;
} }
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if ((k == NULL) || if ((k == NULL) ||
(kInv == NULL) || (kInv == NULL) ||
(r == NULL) || (r == NULL) ||
(s == NULL) || (s == NULL) ||
(H == NULL) (H == NULL)
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|| (b == NULL) || (b == NULL)
#endif #endif
|| (buffer == NULL)) { || (buffer == NULL)) {
ret = MEMORY_E; ret = MEMORY_E;
goto out; break;
} }
#endif #endif
if (digest == NULL || out == NULL || key == NULL || rng == NULL) { if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
goto out; break;
}
sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
tmp = out;
qMinus1 = kInv;
/* NIST FIPS 186-4: B.2.2
* Per-Message Secret Number Generation by Testing Candidates
* Generate k in range [1, q-1].
* Check that k is less than q-1: range [0, q-2].
* Add 1 to k: range [1, q-1].
*/
if (mp_sub_d(&key->q, 1, qMinus1)) {
ret = MP_SUB_E;
goto out;
}
do {
/* Step 4: generate k */
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
goto out;
} }
/* Step 5 */ sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) { tmp = out;
ret = MP_READ_E; qMinus1 = kInv;
goto out;
}
/* k is a random numnber and it should be less than q-1 /* NIST FIPS 186-4: B.2.2
* if k greater than repeat * Per-Message Secret Number Generation by Testing Candidates
* Generate k in range [1, q-1].
* Check that k is less than q-1: range [0, q-2].
* Add 1 to k: range [1, q-1].
*/ */
/* Step 6 */ if (mp_sub_d(&key->q, 1, qMinus1)) {
} while (mp_cmp(k, qMinus1) != MP_LT); ret = MP_SUB_E;
break;
}
/* Step 7 */ do {
if (mp_add_d(k, 1, k) != MP_OKAY) { /* Step 4: generate k */
ret = MP_MOD_E; if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
goto out; break;
} }
/* Step 5 */
if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) {
ret = MP_READ_E;
break;
}
/* k is a random numnber and it should be less than q-1
* if k greater than repeat
*/
/* Step 6 */
} while (mp_cmp(k, qMinus1) != MP_LT);
if (ret != 0)
break;
/* Step 7 */
if (mp_add_d(k, 1, k) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME #ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
/* inverse k mod q */ /* inverse k mod q */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_INVMOD_E; ret = MP_INVMOD_E;
goto out; break;
}
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
goto out;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
goto out;
}
/* generate H from sha digest */
if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E;
goto out;
}
/* generate s, s = (kInv * (H + x*r)) % q */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
goto out;
}
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
goto out;
}
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
goto out;
}
#else
/* Blinding value
* Generate b in range [1, q-1].
*/
do {
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
goto out;
} }
if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) {
/* generate r, r = (g exp k mod p) mod q */
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
if (mp_mod(r, &key->q, r) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
/* generate H from sha digest */
if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E; ret = MP_READ_E;
goto out; break;
} }
} while (mp_cmp(b, qMinus1) != MP_LT);
if (mp_add_d(b, 1, b) != MP_OKAY) { /* generate s, s = (kInv * (H + x*r)) % q */
ret = MP_MOD_E; if (mp_mul(&key->x, r, s) != MP_OKAY) {
goto out; ret = MP_MUL_E;
} break;
}
/* set H from sha digest */ if (mp_add(s, H, s) != MP_OKAY) {
if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) { ret = MP_ADD_E;
ret = MP_READ_E; break;
goto out; }
}
/* generate r, r = (g exp k mod p) mod q */ if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { ret = MP_MULMOD_E;
ret = MP_EXPTMOD_E; break;
goto out; }
} #else
/* Blinding value
* Generate b in range [1, q-1].
*/
do {
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
break;
}
if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) {
ret = MP_READ_E;
break;
}
} while (mp_cmp(b, qMinus1) != MP_LT);
/* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */ if (ret != 0)
break;
/* k = k.b */ if (mp_add_d(b, 1, b) != MP_OKAY) {
if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) { ret = MP_MOD_E;
ret = MP_MULMOD_E; break;
goto out; }
}
/* kInv = 1/k.b mod q */ /* set H from sha digest */
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_INVMOD_E; ret = MP_READ_E;
goto out; break;
} }
if (mp_mod(r, &key->q, r) != MP_OKAY) { /* generate r, r = (g exp k mod p) mod q */
ret = MP_MOD_E; if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
goto out; ret = MP_EXPTMOD_E;
} break;
}
/* s = x.r */ /* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */
if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MUL_E;
goto out;
}
/* s = x.r/k.b */ /* k = k.b */
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) { if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
/* H = H/k.b */ /* kInv = 1/k.b mod q */
if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) { if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_INVMOD_E;
goto out; break;
} }
/* s = H/k.b + x.r/k.b = (H + x.r)/k.b */ if (mp_mod(r, &key->q, r) != MP_OKAY) {
if (mp_add(s, H, s) != MP_OKAY) { ret = MP_MOD_E;
ret = MP_ADD_E; break;
goto out; }
}
/* s = b.(e + x.r)/k.b = (e + x.r)/k */ /* s = x.r */
if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) { if (mp_mul(&key->x, r, s) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MUL_E;
goto out; break;
} }
/* s = (e + x.r)/k */ /* s = x.r/k.b */
if (mp_mod(s, &key->q, s) != MP_OKAY) { if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
ret = MP_MOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
/* H = H/k.b */
if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* s = H/k.b + x.r/k.b = (H + x.r)/k.b */
if (mp_add(s, H, s) != MP_OKAY) {
ret = MP_ADD_E;
break;
}
/* s = b.(e + x.r)/k.b = (e + x.r)/k */
if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
/* s = (e + x.r)/k */
if (mp_mod(s, &key->q, s) != MP_OKAY) {
ret = MP_MOD_E;
break;
}
#endif #endif
/* detect zero r or s */ /* detect zero r or s */
if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) { if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) {
ret = MP_ZERO_E; ret = MP_ZERO_E;
goto out; break;
}
/* write out */
{
int rSz = mp_unsigned_bin_size(r);
int sSz = mp_unsigned_bin_size(s);
while (rSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */
} }
if (mp_to_unsigned_bin(r, out) != MP_OKAY) /* write out */
ret = MP_TO_E; {
else { int rSz = mp_unsigned_bin_size(r);
out = tmp + DSA_HALF_SIZE; /* advance to s in output */ int sSz = mp_unsigned_bin_size(s);
while (sSz++ < DSA_HALF_SIZE) {
while (rSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */ *out++ = 0x00; /* pad front with zeros */
} }
ret = mp_to_unsigned_bin(s, out);
}
}
out: if (mp_to_unsigned_bin(r, out) != MP_OKAY)
ret = MP_TO_E;
else {
out = tmp + DSA_HALF_SIZE; /* advance to s in output */
while (sSz++ < DSA_HALF_SIZE) {
*out++ = 0x00; /* pad front with zeros */
}
ret = mp_to_unsigned_bin(s, out);
}
}
} while (0);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if (k) { if (k) {
if (ret != MP_INIT_E) { if (ret != MP_INIT_E)
mp_forcezero(k); mp_forcezero(k);
mp_clear(k);
}
XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
} }
if (kInv) { if (kInv) {
if (ret != MP_INIT_E) { if (ret != MP_INIT_E)
mp_forcezero(kInv); mp_forcezero(kInv);
mp_clear(kInv);
}
XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
} }
if (r) { if (r) {
@@ -937,10 +944,8 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
} }
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
if (b) { if (b) {
if (ret != MP_INIT_E) { if (ret != MP_INIT_E)
mp_forcezero(b); mp_forcezero(b);
mp_clear(b);
}
XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
} }
#endif #endif
@@ -955,13 +960,10 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
mp_forcezero(k); mp_forcezero(k);
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
mp_forcezero(b); mp_forcezero(b);
mp_clear(b);
#endif #endif
mp_clear(H); mp_clear(H);
mp_clear(s); mp_clear(s);
mp_clear(r); mp_clear(r);
mp_clear(kInv);
mp_clear(k);
} }
#endif #endif
@@ -989,94 +991,94 @@ int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
#endif #endif
int ret = 0; int ret = 0;
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) { do {
ret = MP_INIT_E; if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
goto out; ret = MP_INIT_E;
} break;
}
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) { if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
goto out; break;
} }
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if ((w == NULL) || if ((w == NULL) ||
(u1 == NULL) || (u1 == NULL) ||
(u2 == NULL) || (u2 == NULL) ||
(v == NULL) || (v == NULL) ||
(r == NULL) || (r == NULL) ||
(s == NULL)) { (s == NULL)) {
ret = MEMORY_E; ret = MEMORY_E;
goto out; break;
} }
#endif #endif
/* set r and s from signature */ /* set r and s from signature */
if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY || if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY ||
mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) { mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) {
ret = MP_READ_E; ret = MP_READ_E;
goto out; break;
} }
/* sanity checks */ /* sanity checks */
if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES ||
mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
ret = MP_ZERO_E; ret = MP_ZERO_E;
goto out; break;
} }
/* put H into u1 from sha digest */ /* put H into u1 from sha digest */
if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) { if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
ret = MP_READ_E; ret = MP_READ_E;
goto out; break;
} }
/* w = s invmod q */ /* w = s invmod q */
if (mp_invmod(s, &key->q, w) != MP_OKAY) { if (mp_invmod(s, &key->q, w) != MP_OKAY) {
ret = MP_INVMOD_E; ret = MP_INVMOD_E;
goto out; break;
} }
/* u1 = (H * w) % q */ /* u1 = (H * w) % q */
if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) { if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
/* u2 = (r * w) % q */ /* u2 = (r * w) % q */
if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) { if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
/* verify v = ((g^u1 * y^u2) mod p) mod q */ /* verify v = ((g^u1 * y^u2) mod p) mod q */
if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) { if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) {
ret = MP_EXPTMOD_E; ret = MP_EXPTMOD_E;
goto out; break;
} }
if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) { if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) {
ret = MP_EXPTMOD_E; ret = MP_EXPTMOD_E;
goto out; break;
} }
if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) { if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
if (mp_mod(v, &key->q, v) != MP_OKAY) { if (mp_mod(v, &key->q, v) != MP_OKAY) {
ret = MP_MULMOD_E; ret = MP_MULMOD_E;
goto out; break;
} }
/* do they match */ /* do they match */
if (mp_cmp(r, v) == MP_EQ) if (mp_cmp(r, v) == MP_EQ)
*answer = 1; *answer = 1;
else else
*answer = 0; *answer = 0;
} while (0);
out:
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if (s) { if (s) {

105
wolfcrypt/src/ecc.c
View File

@@ -6593,8 +6593,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
if (err == MP_OKAY) { if (err == MP_OKAY) {
if ((err = mp_init_multi(v, w, u1, u2, NULL, NULL)) != MP_OKAY) { if ((err = mp_init_multi(v, w, u1, u2, NULL, NULL)) != MP_OKAY) {
err = MEMORY_E; err = MEMORY_E;
} else {
did_init = 1;
} }
did_init = 1;
} }
/* allocate points */ /* allocate points */
@@ -9662,11 +9663,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
{ {
int idx1 = -1, idx2 = -1, err, mpInit = 0; int idx1 = -1, idx2 = -1, err, mpInit = 0;
mp_digit mp; mp_digit mp;
mp_int mu; #ifdef WOLFSSL_SMALL_STACK
mp_int *mu = (mp_int *)XMALLOC(sizeof *mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
err = mp_init(&mu); if (mu == NULL)
if (err != MP_OKAY) return MP_MEM;
#else
mp_int mu[1];
#endif
err = mp_init(mu);
if (err != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return err; return err;
}
#ifndef HAVE_THREAD_LS #ifndef HAVE_THREAD_LS
if (initMutex == 0) { /* extra sanity check if wolfCrypt_Init not called */ if (initMutex == 0) { /* extra sanity check if wolfCrypt_Init not called */
@@ -9674,8 +9686,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
initMutex = 1; initMutex = 1;
} }
if (wc_LockMutex(&ecc_fp_lock) != 0) if (wc_LockMutex(&ecc_fp_lock) != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return BAD_MUTEX_E; return BAD_MUTEX_E;
}
#endif /* HAVE_THREAD_LS */ #endif /* HAVE_THREAD_LS */
/* find point */ /* find point */
@@ -9718,12 +9734,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
if (err == MP_OKAY) { if (err == MP_OKAY) {
mpInit = 1; mpInit = 1;
err = mp_montgomery_calc_normalization(&mu, modulus); err = mp_montgomery_calc_normalization(mu, modulus);
} }
if (err == MP_OKAY) if (err == MP_OKAY)
/* build the LUT */ /* build the LUT */
err = build_lut(idx1, a, modulus, mp, &mu); err = build_lut(idx1, a, modulus, mp, mu);
} }
} }
@@ -9735,13 +9751,13 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
err = mp_montgomery_setup(modulus, &mp); err = mp_montgomery_setup(modulus, &mp);
if (err == MP_OKAY) { if (err == MP_OKAY) {
mpInit = 1; mpInit = 1;
err = mp_montgomery_calc_normalization(&mu, modulus); err = mp_montgomery_calc_normalization(mu, modulus);
} }
} }
if (err == MP_OKAY) if (err == MP_OKAY)
/* build the LUT */ /* build the LUT */
err = build_lut(idx2, a, modulus, mp, &mu); err = build_lut(idx2, a, modulus, mp, mu);
} }
} }
@@ -9763,7 +9779,10 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
#ifndef HAVE_THREAD_LS #ifndef HAVE_THREAD_LS
wc_UnLockMutex(&ecc_fp_lock); wc_UnLockMutex(&ecc_fp_lock);
#endif /* HAVE_THREAD_LS */ #endif /* HAVE_THREAD_LS */
mp_clear(&mu); mp_clear(mu);
#ifdef WOLFSSL_SMALL_STACK
XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER);
#endif
return err; return err;
} }
@@ -10805,7 +10824,17 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
mp_int *T = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); mp_int *T = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
mp_int *R = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); mp_int *R = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
mp_int *two = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); mp_int *two = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
#else
mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1];
#endif
if ((mp_init_multi(t1, C, Q, S, Z, M) != MP_OKAY) ||
(mp_init_multi(T, R, two, NULL, NULL, NULL) != MP_OKAY)) {
res = MP_INIT_E;
goto out;
}
#ifdef WOLFSSL_SMALL_STACK
if ((t1 == NULL) || if ((t1 == NULL) ||
(C == NULL) || (C == NULL) ||
(Q == NULL) || (Q == NULL) ||
@@ -10818,8 +10847,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
res = MP_MEM; res = MP_MEM;
goto out; goto out;
} }
#else
mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1];
#endif #endif
/* first handle the simple cases n = 0 or n = 1 */ /* first handle the simple cases n = 0 or n = 1 */
@@ -10848,13 +10875,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
goto out; goto out;
} }
if ((res = mp_init_multi(t1, C, Q, S, Z, M)) != MP_OKAY)
goto out;
if ((res = mp_init_multi(T, R, two, NULL, NULL, NULL))
!= MP_OKAY)
goto out;
/* SPECIAL CASE: if prime mod 4 == 3 /* SPECIAL CASE: if prime mod 4 == 3
* compute directly: res = n^(prime+1)/4 mod prime * compute directly: res = n^(prime+1)/4 mod prime
* Handbook of Applied Cryptography algorithm 3.36 * Handbook of Applied Cryptography algorithm 3.36
@@ -10989,51 +11009,62 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
if (t1) { if (t1) {
mp_clear(t1); if (res != MP_INIT_E)
mp_clear(t1);
XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (C) { if (C) {
mp_clear(C); if (res != MP_INIT_E)
mp_clear(C);
XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (Q) { if (Q) {
mp_clear(Q); if (res != MP_INIT_E)
mp_clear(Q);
XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (S) { if (S) {
mp_clear(S); if (res != MP_INIT_E)
mp_clear(S);
XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (Z) { if (Z) {
mp_clear(Z); if (res != MP_INIT_E)
mp_clear(Z);
XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (M) { if (M) {
mp_clear(M); if (res != MP_INIT_E)
mp_clear(M);
XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (T) { if (T) {
mp_clear(T); if (res != MP_INIT_E)
mp_clear(T);
XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (R) { if (R) {
mp_clear(R); if (res != MP_INIT_E)
mp_clear(R);
XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
if (two) { if (two) {
mp_clear(two); if (res != MP_INIT_E)
mp_clear(two);
XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER);
} }
#else #else
mp_clear(t1); if (res != MP_INIT_E) {
mp_clear(C); mp_clear(t1);
mp_clear(Q); mp_clear(C);
mp_clear(S); mp_clear(Q);
mp_clear(Z); mp_clear(S);
mp_clear(M); mp_clear(Z);
mp_clear(T); mp_clear(M);
mp_clear(R); mp_clear(T);
mp_clear(two); mp_clear(R);
mp_clear(two);
}
#endif #endif
return res; return res;

474
wolfcrypt/test/test.c
View File

@@ -33,14 +33,25 @@
#ifndef NO_CRYPT_TEST #ifndef NO_CRYPT_TEST
/* only for stack size check */ #if defined(HAVE_STACK_SIZE) && !defined(HAVE_WOLFCRYPT_TEST_OPTIONS)
#ifdef HAVE_STACK_SIZE #define HAVE_WOLFCRYPT_TEST_OPTIONS
#endif
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
#include <wolfssl/ssl.h> #include <wolfssl/ssl.h>
#define err_sys err_sys_remap /* remap err_sys */ #define err_sys err_sys_remap /* remap err_sys */
#include <wolfssl/test.h> #include <wolfssl/test.h>
#undef err_sys #undef err_sys
#endif
#if defined(HAVE_STACK_SIZE_VERBOSE)
#ifdef WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES
static ssize_t max_relative_stack = WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
#else #else
#define STACK_SIZE_CHECKPOINT(...) (__VA_ARGS__) static ssize_t max_relative_stack = -1;
#endif
#else
#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) (__VA_ARGS__, 0)
#define STACK_SIZE_INIT() #define STACK_SIZE_INIT()
#endif #endif
@@ -468,14 +479,14 @@ static int err_sys(const char* msg, int es)
EXIT_TEST(-1); EXIT_TEST(-1);
} }
#ifndef HAVE_STACK_SIZE #ifndef HAVE_WOLFCRYPT_TEST_OPTIONS
/* func_args from test.h, so don't have to pull in other stuff */ /* func_args from test.h, so don't have to pull in other stuff */
typedef struct func_args { typedef struct func_args {
int argc; int argc;
char** argv; char** argv;
int return_code; int return_code;
} func_args; } func_args;
#endif /* !HAVE_STACK_SIZE */ #endif /* !HAVE_WOLFCRYPT_TEST_OPTIONS */
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
@@ -529,13 +540,13 @@ static int wolfssl_pb_print(const char* msg, ...)
{ {
va_list args; va_list args;
va_start(args, fmt); va_start(args, fmt);
STACK_SIZE_CHECKPOINT(printf(fmt, args)); STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, vprintf(fmt, args));
va_end(args); va_end(args);
TEST_SLEEP(); TEST_SLEEP();
} }
#else #else
/* redirect to printf */ /* redirect to printf */
#define test_pass(...) STACK_SIZE_CHECKPOINT(printf(__VA_ARGS__)) #define test_pass(...) { if (STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, printf(__VA_ARGS__)) < 0) { return err_sys("post-test check failed", -1); }}
/* stub the sleep macro */ /* stub the sleep macro */
#define TEST_SLEEP() #define TEST_SLEEP()
#endif #endif
@@ -553,13 +564,32 @@ int wolfcrypt_test(void* args)
printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING); printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING);
printf("------------------------------------------------------------------------------\n"); printf("------------------------------------------------------------------------------\n");
if (args) if (args) {
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
int ch;
#endif
((func_args*)args)->return_code = -1; /* error state */ ((func_args*)args)->return_code = -1; /* error state */
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
while ((ch = mygetopt(((func_args*)args)->argc, ((func_args*)args)->argv, "s:")) != -1) {
switch(ch) {
case 's':
#ifdef HAVE_STACK_SIZE_VERBOSE
max_relative_stack = (ssize_t)atoi(myoptarg);
break;
#else
return err_sys("-s (max relative stack size) requires HAVE_STACK_SIZE_VERBOSE.", -1);
#endif
default:
return err_sys("unknown test option.", -1);
}
}
#endif
}
#ifdef WOLFSSL_STATIC_MEMORY #ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT, gTestMemory, sizeof(gTestMemory), if (wc_LoadStaticMemory(&HEAP_HINT, gTestMemory, sizeof(gTestMemory),
WOLFMEM_GENERAL, 1) != 0) { WOLFMEM_GENERAL, 1) != 0) {
printf("unable to load static memory"); printf("unable to load static memory.\n");
return(EXIT_FAILURE); return(EXIT_FAILURE);
} }
#endif #endif
@@ -1261,6 +1291,12 @@ initDefaultName();
#ifdef WOLFSSL_ESPIDF #ifdef WOLFSSL_ESPIDF
void app_main( ) void app_main( )
#else #else
#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS
int myoptind = 0;
char* myoptarg = NULL;
#endif
int main(int argc, char** argv) int main(int argc, char** argv)
#endif #endif
{ {
@@ -7968,10 +8004,18 @@ static int aes_cbc_test(void)
static int aes_test(void) static int aes_test(void)
{ {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes enc; #ifdef WOLFSSL_SMALL_STACK
Aes *enc = (Aes *)XMALLOC(sizeof *enc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#else
Aes enc[1];
#endif
byte cipher[AES_BLOCK_SIZE * 4]; byte cipher[AES_BLOCK_SIZE * 4];
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
Aes dec; #ifdef WOLFSSL_SMALL_STACK
Aes *dec = (Aes *)XMALLOC(sizeof *dec, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#else
Aes dec[1];
#endif
byte plain [AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4];
#endif #endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER */ #endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER */
@@ -7991,45 +8035,57 @@ static int aes_test(void)
0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
}; };
byte key[] = "0123456789abcdef "; /* align */ static const byte key[] = "0123456789abcdef "; /* align */
byte iv[] = "1234567890abcdef "; /* align */ static const byte iv[] = "1234567890abcdef "; /* align */
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) #ifdef WOLFSSL_SMALL_STACK
return -5900; #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) if (enc == NULL)
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) ERROR_OUT(-5948, out);
return -5901;
#endif #endif
ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
if (ret != 0) if (dec == NULL)
return -5902; ERROR_OUT(-5949, out);
#endif
#endif
if (wc_AesInit(enc, HEAP_HINT, devId) != 0)
ERROR_OUT(-5900, out); /* note this error code is used programmatically in cleanup. */
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
ret = wc_AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); if (wc_AesInit(dec, HEAP_HINT, devId) != 0)
ERROR_OUT(-5901, out); /* note this error code is used programmatically in cleanup. */
#endif
ret = wc_AesSetKey(enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
return -5903; ERROR_OUT(-5902, out);
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
ret = wc_AesSetKey(dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(-5903, out);
#endif #endif
XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4); XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
ret = wc_AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); ret = wc_AesCbcEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5904; ERROR_OUT(-5904, out);
#ifdef HAVE_AES_DECRYPT #ifdef HAVE_AES_DECRYPT
XMEMSET(plain, 0, AES_BLOCK_SIZE * 4); XMEMSET(plain, 0, AES_BLOCK_SIZE * 4);
ret = wc_AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); ret = wc_AesCbcDecrypt(dec, plain, cipher, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5905; ERROR_OUT(-5905, out);
if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
return -5906; ERROR_OUT(-5906, out);
#endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_DECRYPT */
if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
return -5907; ERROR_OUT(-5907, out);
#endif /* WOLFSSL_AES_128 */ #endif /* WOLFSSL_AES_128 */
#if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT) #if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT)
@@ -8086,9 +8142,21 @@ static int aes_test(void)
0x65,0x73,0x20,0x4a,0x61,0x63,0x6b,0x20 0x65,0x73,0x20,0x4a,0x61,0x63,0x6b,0x20
}; };
static const byte bigKey[] = "0123456789abcdeffedcba9876543210"; static const byte bigKey[] = "0123456789abcdeffedcba9876543210";
word32 keySz, msgSz;
#ifdef WOLFSSL_SMALL_STACK
byte *bigCipher = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER);
byte *bigPlain = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if ((bigCipher == NULL) ||
(bigPlain == NULL)) {
if (bigCipher != NULL)
XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ERROR_OUT(-5947, out);
}
#else
byte bigCipher[sizeof(bigMsg)]; byte bigCipher[sizeof(bigMsg)];
byte bigPlain[sizeof(bigMsg)]; byte bigPlain[sizeof(bigMsg)];
word32 keySz, msgSz; #endif
/* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole /* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole
* message by AES_BLOCK_SIZE for each size of AES key. */ * message by AES_BLOCK_SIZE for each size of AES key. */
@@ -8097,33 +8165,53 @@ static int aes_test(void)
msgSz <= sizeof(bigMsg); msgSz <= sizeof(bigMsg);
msgSz += AES_BLOCK_SIZE) { msgSz += AES_BLOCK_SIZE) {
XMEMSET(bigCipher, 0, sizeof(bigCipher)); XMEMSET(bigCipher, 0, sizeof(bigMsg));
XMEMSET(bigPlain, 0, sizeof(bigPlain)); XMEMSET(bigPlain, 0, sizeof(bigMsg));
ret = wc_AesSetKey(&enc, bigKey, keySz, iv, AES_ENCRYPTION); ret = wc_AesSetKey(enc, bigKey, keySz, iv, AES_ENCRYPTION);
if (ret != 0) if (ret != 0) {
return -5908; ret = -5908;
ret = wc_AesSetKey(&dec, bigKey, keySz, iv, AES_DECRYPTION); break;
if (ret != 0) }
return -5909; ret = wc_AesSetKey(dec, bigKey, keySz, iv, AES_DECRYPTION);
if (ret != 0) {
ret = -5909;
break;
}
ret = wc_AesCbcEncrypt(&enc, bigCipher, bigMsg, msgSz); ret = wc_AesCbcEncrypt(enc, bigCipher, bigMsg, msgSz);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0) {
return -5910; ret = -5910;
break;
}
ret = wc_AesCbcDecrypt(&dec, bigPlain, bigCipher, msgSz); ret = wc_AesCbcDecrypt(dec, bigPlain, bigCipher, msgSz);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0) {
return -5911; ret = -5911;
break;
}
if (XMEMCMP(bigPlain, bigMsg, msgSz)) if (XMEMCMP(bigPlain, bigMsg, msgSz)) {
return -5912; ret = -5912;
break;
}
} }
if (ret != 0)
break;
} }
#ifdef WOLFSSL_SMALL_STACK
XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(bigPlain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (ret != 0)
goto out;
} }
#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */ #endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
@@ -8148,64 +8236,64 @@ static int aes_test(void)
0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee,
0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2
}; };
byte key2[] = { static const byte key2[] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
}; };
byte iv2[] = { static const byte iv2[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
}; };
ret = wc_AesSetKey(&enc, key2, sizeof(key2), iv2, AES_ENCRYPTION); ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
return -5913; ERROR_OUT(-5913, out);
XMEMSET(cipher, 0, AES_BLOCK_SIZE * 2); XMEMSET(cipher, 0, AES_BLOCK_SIZE * 2);
ret = wc_AesCbcEncrypt(&enc, cipher, msg2, AES_BLOCK_SIZE); ret = wc_AesCbcEncrypt(enc, cipher, msg2, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5914; ERROR_OUT(-5914, out);
if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE)) if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE))
return -5915; ERROR_OUT(-5915, out);
ret = wc_AesCbcEncrypt(&enc, cipher + AES_BLOCK_SIZE, ret = wc_AesCbcEncrypt(enc, cipher + AES_BLOCK_SIZE,
msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE); msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5916; ERROR_OUT(-5916, out);
if (XMEMCMP(cipher + AES_BLOCK_SIZE, verify2 + AES_BLOCK_SIZE, if (XMEMCMP(cipher + AES_BLOCK_SIZE, verify2 + AES_BLOCK_SIZE,
AES_BLOCK_SIZE)) AES_BLOCK_SIZE))
return -5917; ERROR_OUT(-5917, out);
#if defined(HAVE_AES_DECRYPT) #if defined(HAVE_AES_DECRYPT)
ret = wc_AesSetKey(&dec, key2, sizeof(key2), iv2, AES_DECRYPTION); ret = wc_AesSetKey(dec, key2, sizeof(key2), iv2, AES_DECRYPTION);
if (ret != 0) if (ret != 0)
return -5918; ERROR_OUT(-5918, out);
XMEMSET(plain, 0, AES_BLOCK_SIZE * 2); XMEMSET(plain, 0, AES_BLOCK_SIZE * 2);
ret = wc_AesCbcDecrypt(&dec, plain, verify2, AES_BLOCK_SIZE); ret = wc_AesCbcDecrypt(dec, plain, verify2, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5919; ERROR_OUT(-5919, out);
if (XMEMCMP(plain, msg2, AES_BLOCK_SIZE)) if (XMEMCMP(plain, msg2, AES_BLOCK_SIZE))
return -5920; ERROR_OUT(-5920, out);
ret = wc_AesCbcDecrypt(&dec, plain + AES_BLOCK_SIZE, ret = wc_AesCbcDecrypt(dec, plain + AES_BLOCK_SIZE,
verify2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE); verify2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT) #if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE);
#endif #endif
if (ret != 0) if (ret != 0)
return -5921; ERROR_OUT(-5921, out);
if (XMEMCMP(plain + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE, if (XMEMCMP(plain + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE,
AES_BLOCK_SIZE)) AES_BLOCK_SIZE))
return -5922; ERROR_OUT(-5922, out);
#endif /* HAVE_AES_DECRYPT */ #endif /* HAVE_AES_DECRYPT */
} }
@@ -8304,113 +8392,113 @@ static int aes_test(void)
#endif #endif
#ifdef WOLFSSL_AES_128 #ifdef WOLFSSL_AES_128
wc_AesSetKeyDirect(&enc, ctr128Key, sizeof(ctr128Key), wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr128Key, sizeof(ctr128Key), wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(ctrPlain)); ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) { if (ret != 0) {
return -5923; ERROR_OUT(-5923, out);
} }
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(ctrPlain)); ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctrPlain));
if (ret != 0) { if (ret != 0) {
return -5924; ERROR_OUT(-5924, out);
} }
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain))) if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
return -5925; ERROR_OUT(-5925, out);
if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher))) if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher)))
return -5926; ERROR_OUT(-5926, out);
/* let's try with just 9 bytes, non block size test */ /* let's try with just 9 bytes, non block size test */
wc_AesSetKeyDirect(&enc, ctr128Key, AES_BLOCK_SIZE, wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE,
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr128Key, AES_BLOCK_SIZE, wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE,
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher)); ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
if (ret != 0) { if (ret != 0) {
return -5927; ERROR_OUT(-5927, out);
} }
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher)); ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
if (ret != 0) { if (ret != 0) {
return -5928; ERROR_OUT(-5928, out);
} }
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher))) if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
return -5929; ERROR_OUT(-5929, out);
if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher))) if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher)))
return -5930; ERROR_OUT(-5930, out);
/* and an additional 9 bytes to reuse tmp left buffer */ /* and an additional 9 bytes to reuse tmp left buffer */
ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher)); ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher));
if (ret != 0) { if (ret != 0) {
return -5931; ERROR_OUT(-5931, out);
} }
ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher)); ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher));
if (ret != 0) { if (ret != 0) {
return -5932; ERROR_OUT(-5932, out);
} }
if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher))) if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher)))
return -5933; ERROR_OUT(-5933, out);
if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher))) if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher)))
return -5934; ERROR_OUT(-5934, out);
#endif /* WOLFSSL_AES_128 */ #endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
/* 192 bit key */ /* 192 bit key */
wc_AesSetKeyDirect(&enc, ctr192Key, sizeof(ctr192Key), wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr192Key, sizeof(ctr192Key), wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
XMEMSET(plain, 0, sizeof(plain)); XMEMSET(plain, 0, sizeof(plain));
ret = wc_AesCtrEncrypt(&enc, plain, ctr192Cipher, sizeof(ctr192Cipher)); ret = wc_AesCtrEncrypt(enc, plain, ctr192Cipher, sizeof(ctr192Cipher));
if (ret != 0) { if (ret != 0) {
return -5935; ERROR_OUT(-5935, out);
} }
if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher))) if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher)))
return -5936; ERROR_OUT(-5936, out);
ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain)); ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) { if (ret != 0) {
return -5937; ERROR_OUT(-5937, out);
} }
if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher))) if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher)))
return -5938; ERROR_OUT(-5938, out);
#endif /* WOLFSSL_AES_192 */ #endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
/* 256 bit key */ /* 256 bit key */
wc_AesSetKeyDirect(&enc, ctr256Key, sizeof(ctr256Key), wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
/* Ctr only uses encrypt, even on key setup */ /* Ctr only uses encrypt, even on key setup */
wc_AesSetKeyDirect(&dec, ctr256Key, sizeof(ctr256Key), wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key),
ctrIv, AES_ENCRYPTION); ctrIv, AES_ENCRYPTION);
XMEMSET(plain, 0, sizeof(plain)); XMEMSET(plain, 0, sizeof(plain));
ret = wc_AesCtrEncrypt(&enc, plain, ctr256Cipher, sizeof(ctr256Cipher)); ret = wc_AesCtrEncrypt(enc, plain, ctr256Cipher, sizeof(ctr256Cipher));
if (ret != 0) { if (ret != 0) {
return -5939; ERROR_OUT(-5939, out);
} }
if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain))) if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain)))
return -5940; ERROR_OUT(-5940, out);
ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain)); ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain));
if (ret != 0) { if (ret != 0) {
return -5941; ERROR_OUT(-5941, out);
} }
if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher))) if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher)))
return -5942; ERROR_OUT(-5942, out);
#endif /* WOLFSSL_AES_256 */ #endif /* WOLFSSL_AES_256 */
} }
#endif /* WOLFSSL_AES_COUNTER */ #endif /* WOLFSSL_AES_COUNTER */
@@ -8438,77 +8526,101 @@ static int aes_test(void)
}; };
XMEMSET(cipher, 0, AES_BLOCK_SIZE); XMEMSET(cipher, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
if (ret != 0) if (ret != 0)
return -5943; ERROR_OUT(-5943, out);
wc_AesEncryptDirect(&enc, cipher, niPlain); wc_AesEncryptDirect(enc, cipher, niPlain);
if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
return -5944; ERROR_OUT(-5944, out);
XMEMSET(plain, 0, AES_BLOCK_SIZE); XMEMSET(plain, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
if (ret != 0) if (ret != 0)
return -5945; ERROR_OUT(-5945, out);
wc_AesDecryptDirect(&dec, plain, niCipher); wc_AesDecryptDirect(dec, plain, niCipher);
if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
return -5946; ERROR_OUT(-5946, out);
} }
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */ #endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
ret = aes_key_size_test(); ret = aes_key_size_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
ret = aes_cbc_test(); ret = aes_cbc_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#if defined(WOLFSSL_AES_XTS) #if defined(WOLFSSL_AES_XTS)
#ifdef WOLFSSL_AES_128 #ifdef WOLFSSL_AES_128
ret = aes_xts_128_test(); ret = aes_xts_128_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
ret = aes_xts_256_test(); ret = aes_xts_256_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256) #if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
ret = aes_xts_sector_test(); ret = aes_xts_sector_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#ifdef WOLFSSL_AES_128 #ifdef WOLFSSL_AES_128
ret = aes_xts_args_test(); ret = aes_xts_args_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#endif #endif
#if defined(WOLFSSL_AES_CFB) #if defined(WOLFSSL_AES_CFB)
ret = aescfb_test(); ret = aescfb_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
ret = aescfb1_test(); ret = aescfb1_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
ret = aescfb8_test(); ret = aescfb8_test();
if (ret != 0) if (ret != 0)
return ret; goto out;
#endif #endif
#endif #endif
out:
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER)
wc_AesFree(&enc); #ifdef WOLFSSL_SMALL_STACK
if (enc) {
if (ret != -5900) /* note this must match ERRROR_OUT() code
* for wc_AesInit(enc, ...) failure above.
*/
wc_AesFree(enc);
XFREE(enc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
if (ret != -5900)
wc_AesFree(enc);
#endif
(void)cipher; (void)cipher;
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER)
wc_AesFree(&dec); #ifdef WOLFSSL_SMALL_STACK
if (dec) {
if ((ret != -5900) && (ret != -5901))
/* note these codes must match the ERRROR_OUT() codes for
* wc_AesInit() failures above.
*/
wc_AesFree(dec);
XFREE(dec, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
#else
if ((ret != -5900) && (ret != -5901))
wc_AesFree(dec);
#endif
(void)plain; (void)plain;
#endif #endif
#endif #endif
@@ -27004,17 +27116,16 @@ typedef struct {
} pkcs7AuthEnvelopedVector; } pkcs7AuthEnvelopedVector;
#ifndef WOLFSSL_LINUXKM
static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
byte* rsaPrivKey, word32 rsaPrivKeySz, byte* rsaPrivKey, word32 rsaPrivKeySz,
byte* eccCert, word32 eccCertSz, byte* eccCert, word32 eccCertSz,
byte* eccPrivKey, word32 eccPrivKeySz) byte* eccPrivKey, word32 eccPrivKeySz)
{ {
int ret = 0, testSz, i; int ret = 0, testSz = 0, i;
int envelopedSz, decodedSz; int envelopedSz, decodedSz;
byte *enveloped; byte *enveloped = NULL;
byte *decoded; byte *decoded = NULL;
WC_RNG rng; WC_RNG rng;
PKCS7* pkcs7; PKCS7* pkcs7;
#ifdef PKCS7_OUTPUT_TEST_BUNDLES #ifdef PKCS7_OUTPUT_TEST_BUNDLES
@@ -27027,7 +27138,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
}; };
byte senderNonce[PKCS7_NONCE_SZ + 2]; byte senderNonce[PKCS7_NONCE_SZ + 2];
#ifdef HAVE_ECC #ifdef HAVE_ECC
byte senderNonceOid[] = static const byte senderNonceOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
0x09, 0x05 }; 0x09, 0x05 };
@@ -27040,20 +27151,20 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \ #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \
defined(WOLFSSL_SHA512) defined(WOLFSSL_SHA512)
byte optionalUkm[] = { static const byte optionalUkm[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
}; };
#endif /* NO_AES */ #endif /* NO_AES */
#if !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128) #if !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128)
/* encryption key for kekri recipient types */ /* encryption key for kekri recipient types */
byte secretKey[] = { static const byte secretKey[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
}; };
/* encryption key identifier */ /* encryption key identifier */
byte secretKeyId[] = { static const byte secretKeyId[] = {
0x02,0x02,0x03,0x04 0x02,0x02,0x03,0x04
}; };
#endif #endif
@@ -27062,58 +27173,76 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
!defined(NO_SHA) && defined(WOLFSSL_AES_128) !defined(NO_SHA) && defined(WOLFSSL_AES_128)
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
char password[] = "password"; static const char password[] = "password";
#else #else
char password[] = "passwordFIPS_MODE"; static const char password[] = "passwordFIPS_MODE";
#endif #endif
byte salt[] = { static const byte salt[] = {
0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12
}; };
#endif #endif
const pkcs7AuthEnvelopedVector testVectors[] = pkcs7AuthEnvelopedVector *testVectors = NULL;
{ {
#define ADD_PKCS7_TEST_VEC(...) { \
const pkcs7AuthEnvelopedVector vec = __VA_ARGS__; \
testVectors = (pkcs7AuthEnvelopedVector *) \
XREALLOC(testVectors, \
sizeof *testVectors * (testSz + 1), \
HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); \
if (testVectors == NULL) \
ERROR_OUT(-12233, out); \
XMEMCPY(&testVectors[testSz++], &vec, sizeof *testVectors); \
}
/* key transport key encryption technique */ /* key transport key encryption technique */
#ifndef NO_RSA #ifndef NO_RSA
#if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128 #ifdef WOLFSSL_AES_128
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, rsaCert, rsaCertSz, {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES128GCM.der"}, 0, 0, "pkcs7authEnvelopedDataAES128GCM.der"});
#endif #endif
#ifdef WOLFSSL_AES_192 #ifdef WOLFSSL_AES_192
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES192GCMb, 0, 0, rsaCert, rsaCertSz, {data, (word32)sizeof(data), DATA, AES192GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES192GCM.der"}, 0, 0, "pkcs7authEnvelopedDataAES192GCM.der"});
#endif #endif
#ifdef WOLFSSL_AES_256 #ifdef WOLFSSL_AES_256
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0,
0, 0, "pkcs7authEnvelopedDataAES256GCM.der"}, 0, 0, "pkcs7authEnvelopedDataAES256GCM.der"});
/* test with contentType set to FirmwarePkgData */ /* test with contentType set to FirmwarePkgData */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, 0, 0, {data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, 0, 0,
rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL,
0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"}, "pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"});
/* explicitly using SKID for SubjectKeyIdentifier */ /* explicitly using SKID for SubjectKeyIdentifier */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_SKID, 0, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_SKID, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0,
0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"}, 0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"});
/* explicitly using IssuerAndSerialNumber for SubjectKeyIdentifier */ /* explicitly using IssuerAndSerialNumber for SubjectKeyIdentifier */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz,
rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0,
CMS_ISSUER_AND_SERIAL_NUMBER, 0, NULL, 0, NULL, 0, NULL, NULL, 0, CMS_ISSUER_AND_SERIAL_NUMBER, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_IANDS.der"}, "pkcs7authEnvelopedDataAES256GCM_IANDS.der"});
#endif #endif
#endif /* NO_AES */ #endif /* NO_AES */
#endif #endif
@@ -27122,72 +27251,80 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#ifdef HAVE_ECC #ifdef HAVE_ECC
#if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, {data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP,
dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"}, "pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"});
#endif #endif
#if !defined(NO_SHA256) && defined(WOLFSSL_AES_256) #if !defined(NO_SHA256) && defined(WOLFSSL_AES_256)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0,
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"});
/* with authenticated attributes */ /* with authenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"});
/* with unauthenticated attributes */ /* with unauthenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, attribs, eccPrivKeySz, NULL, 0, attribs,
(sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"});
/* with authenticated AND unauthenticated attributes */ /* with authenticated AND unauthenticated attributes */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"});
/* with authenticated AND unauthenticated attributes AND /* with authenticated AND unauthenticated attributes AND
* contentType of FirmwarePkgData */ * contentType of FirmwarePkgData */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)),
attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0,
NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"});
#endif /* NO_SHA256 && WOLFSSL_AES_256 */ #endif /* NO_SHA256 && WOLFSSL_AES_256 */
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256) #if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL,
NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"});
/* with optional user keying material (ukm) */ /* with optional user keying material (ukm) */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP,
dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey, dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
eccPrivKeySz, NULL, 0, NULL, 0, optionalUkm, sizeof(optionalUkm), 0, eccPrivKeySz, NULL, 0, NULL, 0, (byte *)optionalUkm, sizeof(optionalUkm), 0,
0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"}, "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"});
#endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */ #endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */
#endif /* NO_AES */ #endif /* NO_AES */
#endif #endif
@@ -27195,35 +27332,38 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
/* kekri (KEKRecipientInfo) recipient types */ /* kekri (KEKRecipientInfo) recipient types */
#if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, 0, {data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0,
secretKey, sizeof(secretKey), secretKeyId, sizeof(secretKeyId), (byte *)secretKey, sizeof(secretKey), (byte *)secretKeyId, sizeof(secretKeyId),
NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES128GCM_KEKRI.der"}, "pkcs7authEnvelopedDataAES128GCM_KEKRI.der"});
#endif #endif
#endif #endif
/* pwri (PasswordRecipientInfo) recipient types */ /* pwri (PasswordRecipientInfo) recipient types */
#if !defined(NO_PWDBASED) && !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_PWDBASED) && !defined(NO_AES) && defined(HAVE_AESGCM)
#if !defined(NO_SHA) && defined(WOLFSSL_AES_128) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128)
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0,
NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0,
NULL, 0, NULL, NULL, 0, NULL, 0, 0, password, NULL, 0, NULL, NULL, 0, NULL, 0, 0, (char *)password,
(word32)XSTRLEN(password), salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5, (word32)XSTRLEN(password), (byte *)salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5,
AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"}, AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"});
#endif #endif
#endif #endif
#if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_AES) && defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128 #ifdef WOLFSSL_AES_128
/* ori (OtherRecipientInfo) recipient types */ /* ori (OtherRecipientInfo) recipient types */
ADD_PKCS7_TEST_VEC(
{data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0, {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0,
NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0,
"pkcs7authEnvelopedDataAES128GCM_ORI.der"}, "pkcs7authEnvelopedDataAES128GCM_ORI.der"});
#endif #endif
#endif #endif
}; }
enveloped = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); enveloped = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
decoded = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); decoded = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -27231,9 +27371,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
ERROR_OUT(-12210, out); ERROR_OUT(-12210, out);
} }
testSz = sizeof(testVectors) / sizeof(pkcs7AuthEnvelopedVector);
/* generate senderNonce */ /* generate senderNonce */
{ {
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
@@ -27510,6 +27647,8 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#endif #endif
out: out:
if (testVectors)
XFREE(testVectors, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (enveloped) if (enveloped)
XFREE(enveloped, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(enveloped, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (decoded) if (decoded)
@@ -27517,7 +27656,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
return ret; return ret;
} }
#endif /* ! WOLFSSL_LINUXKM */
static int pkcs7authenveloped_test(void) static int pkcs7authenveloped_test(void)
{ {
@@ -27590,12 +27728,10 @@ static int pkcs7authenveloped_test(void)
return -12304; return -12304;
} }
#ifndef WOLFSSL_LINUXKM
ret = pkcs7authenveloped_run_vectors(rsaCert, (word32)rsaCertSz, ret = pkcs7authenveloped_run_vectors(rsaCert, (word32)rsaCertSz,
rsaPrivKey, (word32)rsaPrivKeySz, rsaPrivKey, (word32)rsaPrivKeySz,
eccCert, (word32)eccCertSz, eccCert, (word32)eccCertSz,
eccPrivKey, (word32)eccPrivKeySz); eccPrivKey, (word32)eccPrivKeySz);
#endif
#ifndef NO_RSA #ifndef NO_RSA
XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);

40
wolfssl/test.h
View File

@@ -2049,7 +2049,7 @@ struct stack_size_debug_context {
* *
* enable with * enable with
* *
* CFLAGS='-g -DHAVE_STACK_SIZE_VERBOSE' ./configure --enable-stacksize [...] * ./configure --enable-stacksize=verbose [...]
*/ */
static void *debug_stack_size_verbose_shim(struct stack_size_debug_context *shim_args) { static void *debug_stack_size_verbose_shim(struct stack_size_debug_context *shim_args) {
@@ -2123,12 +2123,24 @@ int StackSizeHWMReset(void)
#define STACK_SIZE_CHECKPOINT(...) ({ \ #define STACK_SIZE_CHECKPOINT(...) ({ \
ssize_t HWM = StackSizeHWM_OffsetCorrected(); \ ssize_t HWM = StackSizeHWM_OffsetCorrected(); \
int _ret = (__VA_ARGS__); \ __VA_ARGS__; \
printf("relative stack used = %ld\n", HWM); \ printf("relative stack used = %ld\n", HWM); \
StackSizeHWMReset(); \ StackSizeHWMReset(); \
_ret; \
}) })
#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) ({ \
ssize_t HWM = StackSizeHWM_OffsetCorrected(); \
__VA_ARGS__; \
printf("relative stack used = %ld\n", HWM); \
int _ret = StackSizeHWMReset(); \
if ((max >= 0) && (HWM > (ssize_t)(max))) { \
printf("relative stack usage at %s L%d exceeds designated max %ld.\n", __FILE__, __LINE__, (ssize_t)(max)); \
_ret = -1; \
} \
_ret; \
})
#ifdef __GNUC__ #ifdef __GNUC__
#define STACK_SIZE_INIT() (void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0)) #define STACK_SIZE_INIT() (void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0))
#endif #endif
@@ -2144,6 +2156,9 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf)
size_t stackSize = 1024*1024; size_t stackSize = 1024*1024;
pthread_attr_t myAttr; pthread_attr_t myAttr;
pthread_t threadId; pthread_t threadId;
#ifdef HAVE_STACK_SIZE_VERBOSE
struct stack_size_debug_context shim_args;
#endif
#ifdef PTHREAD_STACK_MIN #ifdef PTHREAD_STACK_MIN
if (stackSize < PTHREAD_STACK_MIN) if (stackSize < PTHREAD_STACK_MIN)
@@ -2166,15 +2181,12 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf)
#ifdef HAVE_STACK_SIZE_VERBOSE #ifdef HAVE_STACK_SIZE_VERBOSE
StackSizeCheck_stackSizeHWM = 0; StackSizeCheck_stackSizeHWM = 0;
{ shim_args.myStack = myStack;
struct stack_size_debug_context shim_args; shim_args.stackSize = stackSize;
shim_args.myStack = myStack; shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM;
shim_args.stackSize = stackSize; shim_args.fn = tf;
shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM; shim_args.args = args;
shim_args.fn = tf; ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args);
shim_args.args = args;
ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args);
}
#else #else
ret = pthread_create(&threadId, &myAttr, tf, args); ret = pthread_create(&threadId, &myAttr, tf, args);
#endif #endif